This adds any OAuth login buttons to the invite signup page, stores the invite code for the flow duration, and associates the new user with it once successfully registered.
It enables invite-only instances with OAuth-based registration.
This acknowledges "too many connections" and "max user connections"
errors in MySQL and propagates the error up the chain so we can notify
the user and return the correct HTTP code.
- Export the func
- Remove commented-out code
- Use log, not fmt for debug messages
- Remove named return parameters
- Use standard var naming schemes
- Fix spacing in queries and remove unnecessary chars
this changed the CLI flag to use the username instead of the userID
leaving the underlying database function as is.
also now posts are all deleted with no option to skip as this is likely
never needed.
CLI only but backend supports calls from app.db.DeleteAccount already
takes --delete-account user_id_number with optional --posts to also
delete posts. if --posts is omitted all user posts will be updated to
anonymous posts
- update error messages to be correct
- move suspended message into template and include for other pages
- check suspended status on all relevant pages and show message if
logged in user is suspended.
- fix possible nil pointer error
- remove changes to db schema files
- add version comment to migration
- add UserStatus type with UserActive and UserSuspended
- change database table to use status column instead of suspended
- update toggle suspended handler to be toggle status in prep for
possible future inclusion of further user statuses
this adds a new page with instructions for sharing user invites
if a user clicks the link for one of their own invite codes they are
directed to a page with clear instructions for it's use.
if a user clicks another users link they are redirectec to their account
settings witha flash telling them they do not need to register.
This renders all requests for that user's posts, collections and related
ActivityPub endpoints with 404 responses.
While suspended, users may not create or edit posts or collections.
User status is listed in the admin user page
Admin view of user details shows status and now has a button to activate
or suspend a user.
GetCollections and GetPublishableCollections now take a hostname
parameter to allow setting the collecion hostname.
All collections used in memory now have their hostname set.
instead of updating it later. This is more correct behavior, prevents an
additional query, and ensures that potential collection-creation when
claiming posts also respects the default (which it didn't before).
Ref T675
This fixes a bug that occurred only when publishing via API and
authenticating via token (rather than cookie).
Previously, the instance's hostname wouldn't be added to the Collection
that got passed around after retrieving the owned post, meaning an
incomplete URL was returned in the API response, and federation failed due
to the missing host.
Previously, you could create a post with a title but no body, e.g. by
publishing via email. This would still show the post on a blog, but
would give a 410 Gone page when trying to access the page.
This issue originally reported on the forum:
https://discuss.write.as/t/removing-post-unpublished-by-author-post/725
This solves the error 500 on the /api/me endpoint.
Replace token search query `=` with `LIKE` to fix sqlite complaining about
no valid tokens. Also checked with MySQL and it still works after the change.
This solves the error 500 on the /api/me endpoint.
Replace token search query `=` with `LIKE` to fix sqlite complaining about
no valid tokens. Also checked with MySQL and it still works after the change.
This solves the error 500 on the /api/me endpoint.
Replace token search query `=` with `LIKE` to fix sqlite complaining about
no valid tokens. Also checked with MySQL and it still works after the change.
Now admins can choose a title for their About and Privacy pages; now
editable through the instance page editor.
This adds `title` and `content_type` fields to the `appcontent` table,
requiring a migration by running `writefreely --migrate`
The content_type field specifies that items we're currently storing in
this table are all "page"s; queries for fetching these have been updated
to filter for this type. In the future, this field will be used to
indicate when an item is a stylesheet (ref T563) or other supported
type.
Ref T566
This adds a "Pages" section to the admin part of the site, and enables
admins to edit the pre-defined About and Privacy pages there, instead of
on the dashboard itself.
It also restructures how these pages get sent around in the backend and
lays the groundwork for dynamically adding static pages. The backend
changes were made with more customization in mind, such as an
instance-wide custom stylesheet (T563).
Ref T566
Previously when looking up an invite ID that doesn't exist, the database
call wouldn't communicate its non-existence in a standard way --
returning a nil object and nil error. Now the database call returns a
404 error, so handlers can show the correct page.