* feat(chat): server setting to disallow chat from new accounts
* fix(tests): many adjustments to handle chat minimum age
* fix(tests): address issues outside of chat posting
* chore(analytics): add incident logging
* fix(config): allow instant chat for dev purposes
* fix(test): finely age one more user
* fix(test): member not leader
Co-authored-by: SabreCat <sabe@habitica.com>
* create Admin Panel page with initial content from Hall's admin section
* reorganise Admin Panel form and add more accordians
* add lastCron to fields returned by api.getHeroes
* improve timestamps and authentication section
* add party and quest info to Admin Panel, add party to heroAdminFields
* move Admin Panel menu item to top of menu, make invisible to non-admins
* remove code used for displaying all Heroes
* add avatar appearance and drops section in Admin Panel
* allow logged-in user to be the default hero loaded
* add time zones to timestamp/authentication section
* rename Items to Update Items
This will allow a new Items section to be added.
* add read-only Items display with button to copy data to Update Items section
* remove never-used allItemsPaths code that had been copied from Hall
* update tests for the attributes added to heroAdminFields
* supply names for items and also set information for gear/equipment
* remove code that loads subsections of content
We use enough of the content that it's easier to load it all and
access it through the content object, especially when we're looping
through different item types.
* add gear names and set details to Avatar Costume/Battle Gear section
* make the wiki URLs clickable and make minor item format improvements
* add gear sets for Check-In Incentives and animal ears and tails
* add gear set for Gold-Purchasable Quest Lines
Also merges the existing Mystery of the Masterclassers quest set into it.
* fix error with Kickstarter gear set and include wiki link
* improve description of check-in incentive gear set
* fix description of Items section
* fix lint warnings
* update another test for the attributes added to heroAdminFields
* allow "@" to be included when specifying Username to load
* create GetHeroParty API v3 route to fetch a given user's party data
Only some data from the party will be loaded (e.g., not private
data such as name, description).
Includes tests for the route.
See the next commit for front-end changes that use this.
* display data from a given user's party in admin panel
Only some data from the party will be loaded (e.g., not private
data such as name, description).
Also adds support for finding and displaying errors from the
user's data.
* use new error handling method for other sections
- Time zone differences
- Cron bugs
- Privilege removal (mute/block) - not a bug but needs to be highlighted
* redirect non-admin users away from admin-only page (WIP)
This needs more work. Currently, admin users are also redirected
if they access the page by direct URL or after reload.
* clarify source of items from Check-In Incentives and Lunar Battle quests
* replace non-standard form fields with HTML forms
* add user's language, remove unused export blocks
* convert functions to filters: formatDate, formatTimeZone
* improve display of minutes portion of time zone in Admin Panel
* move basic details about user to a new component
* move Timestamp/Cron/Auth/etc details to a new component - WIP, has errors
The automatic expand and error warnings don't reset themselves when
you fetch data for a new user.
* replace non-standard form fields with HTML forms
Most of this was done in 26fdcbbee5
* move Timestamp/Cron/Auth/etc details to a new component (fixed)
* move Avatar and Drops section to a new component
* move Party and Quest section to a new component
* move Contributor Details to new component, add checkbox for admin, add preview
This adds a markdown-enabled preview of the Contributions textarea.
It also removes the code that automatically set contributor.admin
to true when the Tier was above 7.
That feature wasn't secure because the Tier can be accidentally
changed if you scroll while the cursor is over the Tier form field
(we accidentally demoted a Socialite once by doing that and if
we'd scrolled in the other direction we would have given her
admin privileges).
Instead there's now a checkbox for giving moderator-level privileges.
We'll want that anyway when we move to a system of selected
privileges for each admin instead of all admin privileges being
given to all mods/staff.
There's also a commented-out checkbox for giving Bailey CMS
privileges, for when we're ready to use that. The User model doesn't
yet have support for it.
* move Privileges and Gems section to a new component
* rename formatItems to getItemDescription; make other minor fixes
* remove an outdated test description
This "pended" explanation probably wasn't needed after "x" was
removed from "describe" in 2ab76db27c
* add newsPoster Bailey CMS permission to User model and Admin Panel
* move formatDate from mixins to filters
* make lint fixes
* remove development comments from hall.js
I'll be handling the TODO comment and I've left in my "XXX" marker
to remind me
* fix bug in Hall's castItemVal: mounts are null not false
* move Items section to a new component and delete Update Items section
The Update Items section is no longer needed because the new Items
component has in-place editing.
* remove unused imports
* add "secret" field to "Privileges, Gem Balance" section.
Also move the markdownPreview style from contributorDetails.vue to
index.vue since it's used in two components now.
* show non-Standard never-owned Pets and Mounts in Items section
* redirect non-admin users away from admin-only page
This completes the work started in commit a4f9c754ad
It now allows admins to access the page when coming from another
page on the site or from a direct link, including if the admin user
isn't logged in yet.
* display memberCount for party
* add secret.text field to Contributor Details
This is in addition to showing it in the Privileges section because
the secret text could be about either troublesome behaviour or
contributions.
* allow user to be loaded into Admin Panel via a URL
This includes:
- router config has a child route for the admin panel with a
Username/ID as a parameter
- loadHero code moved from top-level index page into a new
"user support" index page
- links in the Hall changed to point to admin panel route
- admin panel link added to admin section of user profile modal
* keep list of known titles on their own lines
* sort heroFields alphabetically
No actual changes.
* return all flags for use in Admin Panel and fix Hall tests for flags
Future Admin Panel changes will display more flags.
NB 'flags' wasn't in the tests before, even though two optional
flags were being fetched.
The tests weren't failing because the test users hadn't been given
data for those optional flags.
The primary reason for this change now is to fix the tests.
* show part of the API Token in the Admin Panel
* send full hero object into cronAndAuth.vue
This is a prelude to allowing this component to change the hero.
* split heroAdminFields string into two: one for fetching data and one for showing it
This is because apiToken must be fetched but not shown,
while apiTokenObscured is calculated (not fetched) and shown.
* let admin change a user's API Token
* restore sanity
* remove code to show obscured version of API Token
It will return with tighter permissions for viewing it.
* add Custom Day Start time (CDS) to Timestamps, Time Zone... section
* commit lint's automatic fixes - one for admin-panel changes in hall.js
The other fixes aren't related to this PR but I figured they may
as well go live.
* apply fixes from paglias's comments, excluding style/CSS changesd
The comments that this PR fixes start at
https://github.com/HabitRPG/habitica/pull/12035#pullrequestreview-500422316
Style fixes will be in a future commit.
* fix styles/CSS
* allow profile modal to close when using admin panel link
Also removes an empty components block.
* prevent Admin Panel being used without new userSupport privilege
Also adds initial support for other contributor.priv privileges
and changes Debug Menu to add userSupport privilege
* don't do this: this.hero = { ...hero };
* enhance quest error messages
* redirect to admin-panel home page when using "Save and Clear Data"
The user's ID / name is still in the form for easy refetching.
* create ensurePriv function, use in api.getHeroParty
* fix lint problems and integration tests
* add page title to top-level Admin Panel
Also add more details to a router comment (consistent with a similar
comment) in case it helps anyone.
* fix tests
* display Moderation Notes above Contributions
* lint fix
* remove placeholder code for new privileges
I had planned to have each of these implemented in stages, but
paglias wanted it all done at once. I'm afraid that's too big a
project for me to take on in a single PR so I'm cancelling
the plans for adjusting the privileges.
* Improve permission handling
* Don't report timezone error on first day
* fix lint error
* .
* Fix lint error
* fix failing tests
* Fix more tests
* .
* ..
* ...
* fix(admin): always include permissions when querying user
also remove unnecessary failing test case
* permission improvements
* show transactions in admin panel
* fix lint errors
* fix permission check
* fix(panel): missing mixin, handle empty perms object
Co-authored-by: Alys <alice.harris@oldgods.net>
Co-authored-by: SabreCat <sabe@habitica.com>
* upgrade helmet to version 4
* deps(short-uuid): upgrade to version 4, closes#12573
* deps(slack): upgrade to version 4
* deps(slack): upgrade to version 5, closes#11442
* deps(amplitude): upgrade to latest version use api v2
* fix tests
* slack tests: return promise
* refactor slack setup for tests
* fix slack unit tests
* Added the "Allow banned words" checkbox to create/update guild forms
Added the "Allow banned words" checkbox to guild create/update forms which are only visible to Admins
* Updated create/update group API to include bannedWordsAllowed property
Added logic to set bannedWordsAllowed depending on conditions
* Updated word banning logic to use bannedWordsAllowed guild value instead
Updated word banning logic to use bannedWordsAllowed guild value and deleted hardcoded guild file & import
* Updated banned words test
* Pull Request amends
Removed the setting of bannedWordsAllowed during group creation
Added v-once to elements
Updated existing test and added tests related to bannedWordsAllowed functionality
* Small amend
* Small amend
Removed leftover code that was left during testing
* move existing tests for chatRevoked users to 'mute user' describe block
* give consistent names to chatRevoked tests and use const not let
* improve methods for restoring chat permissions to test users
* add tests for shadow-muting and define constants for flag-related numbers
* update user profile URLs and reverse private/public 'if' statements
* implement shadow muting in the API and schemas
* add interface for mods to turn shadow muting on/off for a user
- checkbox in the Hall
- icon in the user's profile
* mark chat posts as being shadow muted (marking is visible to mods only)
* convert Admin Tools in profile from icons to text; make crown icon a toggle
* move logic for displaying flag count to a computed property
* prevent chat notifications for shadow-muted posts
* Added mute end date
* Added indefinite mute for users using slurs
* Fixed user reload. Added no longer muted message. Added format for date
* Fixed lint
* remove duplicate module.exports statement
* remove commented-out footer in Slack slur notification
There's no need for anything to replace this footer.
* swap order of flag actions to put most critical first
This causes moderators to be notified before the flagged message's flagCount is incremented, because if something happens to prevent the flagGroupMessage Promise from resolving, we still want to mods to see the notification.
* limit chat message flagging ability for new players
Players who created accounts less than three days ago can flag posts
but that does not contribute to the posts' flagCount. This prevents
a troll from maliciously hiding innocent messages by creating new
accounts to flag them.
* add tests
* fix other tests
* Began moving group chat to separate model
* Fixed lint issue
* Updated delete chat with new model
* Updated flag chat to support model
* Updated like chat to use model
* Fixed duplicate code and chat messages
* Added note about concat chat
* Updated clear flags to user new model
* Updated more chat checks when loading get group
* Fixed spell test and back save
* Moved get chat to json method
* Updated flagging with new chat model
* Added missing await
* Fixed chat user styles. Fixed spell group test
* Added new model to quest chat and group plan chat
* Removed extra timestamps. Added limit check for group plans
* Updated tests
* Synced id fields
* Fixed id creation
* Add meta and fixed tests
* Fixed group quest accept test
* Updated puppeteer
* Added migration
* Export vars
* Updated comments
* remove removePunctuationFromString function from test code
It's not needed now that the test banned words don't contain underscores.
* prevent tests accidentally throwing messageGroupChatSpam
This commit makes the user for most tests have contributor tiers so
that the user can't trigger the messageGroupChatSpam error message
(for posting messages too quickly).
This is useful when some of the tests fail due to broken code
because that makes more messages be posted than expected. If the user
doesn't have tiers, the messageGroupChatSpam error message would be
triggered, which gives misleading information about the test failure.
* add tests for banned swear and slur words posted in mixed case
* allow banned word error message to show bad words in the same case the user typed them
* stop using randomly-chosen real banned words in tests
The test modified in this commit had been using real banned words,
which meant that those words were being displayed to the contributors
when the test failed.
NB the 'check all banned words are matched' test also uses the real
banned words but the test failure messages don't show the words.
* improve translatability of bannedWordUsed error message
* Added cache for user styles on chat
* Added loading on new message and other minor checks
* Added null checks
* Updated chat tests
* Added costume preference to chat
* Removed single profile cacheing for new chat messages
* Remove owned gear from cache
* Updated stats to only use buffs
* Added initial bailey api
* wip
* implement new panel header
* Fixed lint
* add ability to mark notification as seen
* add notification count, remove top badge from user and add ability to mark multiple notifications as seen
* add support dismissall and mark all as read
* do not dismiss actionable notif
* mark as seen when menu is opened instead of closed
* implement ordering, list of actionable notifications
* add groups messages and fix badges count
* add notifications for received cards
* send card received notification to target not sender
* rename notificaion field
* fix integration tests
* mark cards notifications as read and update tests
* add mystery items notifications
* add unallocated stats points notifications
* fix linting
* simplify code
* refactoring and fixes
* fix dropdown opening
* start splitting notifications into their own component
* add notifications for inbox messages
* fix unit tests
* fix default buttons styles
* add initial bailey support
* add title and tests to new stuff notification
* add notification if a group task needs more work
* add tests and fixes for marking a task as needing more work
* make sure user._v is updated
* remove console.log
* notification: hover status and margins
* start styling notifications, add separate files and basic functionalities
* fix tests
* start adding mystery items notification
* wip card notification
* fix cards text
* initial implementation inbox messages
* initial implementation group messages
* disable inbox notifications until mobile is ready
* wip group chat messages
* finish mystery and card notifications
* add bailey notification and fix a lot of stuff
* start adding guilds and parties invitations
* misc invitation fixes
* fix lint issues
* remove old code and add key to notifications
* fix tests
* remove unused code
* add link for public guilds invite
* starts to implement needs work notification design and feature
* fixes to needs work, add group task approved notification
* finish needs work feature
* lots of fixes
* implement quest notification
* bailey fixes and static page
* routing fixes
* fixes # this.$store.dispatch(guilds:join, {groupId: group.id, type: party});
* read notifications on click
* chat notifications
* fix tests for chat notifications
* fix chat notification test
* fix tests
* fix tests (again)
* try awaiting
* remove only
* more sleep
* add bailey tests
* fix icons alignment
* fix issue with multiple points notifications
* remove merge code
* fix rejecting guild invitation
* make remove area bigger
* fix error with notifications and add migration
* fix migration
* fix typos
* add cleanup migration too
* notifications empty state, new counter color, fix marking messages as seen in guilds
* fixes
* add image and install correct packages
* fix mongoose version
* update bailey
* typo
* make sure chat is marked as read after other requests
* Remove flag from system messages, throw an error if system messages are flagged
* Modify unflag system message test to check if flagging a system message throws an error
* Move email from nconf to top
