IT4Change/Ocelot-Social
3
0
Fork 0
mirror of https://github.com/IT4Change/Ocelot-Social.git synced 2025-12-13 07:45:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,982 Commits 5 Branches 2 Tags
Commit Graph

249 Commits

Author SHA1 Message Date
mattwr18
97f31abccd
Merge pull request #905 from Human-Connection/850-api-mapbox-check-place-or-region 
region and place is no longer created twice.
 2019-07-02 12:18:12 -03:00
mattwr18
730c18faec
Merge pull request #935 from Human-Connection/fix_cypher_injection 
Patch cypher injection vulnerability
 2019-07-01 12:30:31 -03:00
Robert Schäfer
4e687a06ea Patch cypher injection vulnerability 
@mattwr18 this patches the vulnerability. However we should never do
string interpolation with user input.
 2019-06-29 13:48:40 +02:00
Matt Rider
9f8720df81 Remove need for third party url upload 
- we can save the file to a variable, it requires a "url" returned
- we can get by returning an empty string
 2019-06-25 12:09:48 -03:00
Matt Rider
145f488556 Merge branch 'master' of github.com:Human-Connection/Human-Connection into 759-teaser-image-create-posts 2019-06-25 09:41:40 -03:00
senderfm
74cbe47485 region and place is no longer created twice. 2019-06-25 07:43:27 +02:00
Matt Rider
c6203ad8eb Refactor CreateComments functionality 
- update apollo cache on successful mutation
- remove global event listener
- avoid refetch Post to update CommentsList
- return comment with its author from resolver
 2019-06-24 18:21:52 -03:00
Matt Rider
b84bd6fbb3 Try with imageUrl 2019-06-24 11:44:03 -03:00
Matt Rider
f551e9a637 Fix failing build due to lorempixel.com being down 2019-06-22 12:01:00 -03:00
Matt Rider
bbeb61e1eb Merge branch 'master' of github.com:Human-Connection/Human-Connection into 759-teaser-image-create-posts 2019-06-21 18:51:34 -03:00
Robert Schäfer
181b4b48e6
Merge pull request #829 from Human-Connection/2019/kw24/fix_imported_img_urls 
🍰 2019/kw24/fix_imported_img_urls
 2019-06-21 23:41:32 +02:00
Matt Rider
be70088dd7 Get imageUpload working for Posts 2019-06-20 17:05:47 -03:00
Robert Schäfer
da30001ba8 Testing mail delivery with a remote SMTP server 2019-06-20 15:54:56 +02:00
Robert Schäfer
1ed338542c Another suggestion by @Tirokk 2019-06-20 15:33:48 +02:00
Robert Schäfer
9ec9034ea5 Fix translatios as suggested by @Tirokk 2019-06-20 15:25:59 +02:00
Robert Schäfer
9dd340c69b Template emails based on postmark-templates 
Credit: https://github.com/wildbit/postmark-templates/

Also we distinguish now if a user has been found and if not. The
password reset link brings us directly to the last step in the flow.
 2019-06-20 01:29:50 +02:00
Robert Schäfer
61ad100bfb Get rid of unnecessary .env var - document it 2019-06-20 00:09:26 +02:00
Robert Schäfer
3f5e9a21cc Disable SEND_MAILS for local development and test 
.. but enable it by default for `docker-compose.override.yml`. If the developer
uses `docker-compose` we can safely assume that a local smtp server for
development is running.
 2019-06-19 15:03:38 +02:00
Ulf Gebhardt
7613ddfc04
lint fixes 2019-06-19 13:36:14 +02:00
Ulf Gebhardt
65471efb0d
removed fixImageUrls reference 2019-06-19 13:08:51 +02:00
Robert Schäfer
29b910cfb7 Really basic passwordReset flow works 2019-06-18 23:28:06 +02:00
Robert Schäfer
ba185bcb65 Refactor backend 2019-06-18 19:03:59 +02:00
Ulf Gebhardt
8984df9371
lint fixes 2019-06-18 17:43:00 +02:00
Ulf Gebhardt
98dbf801ab
Merge branch 'master' into 2019/kw24/fix_imported_img_urls 
# Conflicts:
#	backend/src/middleware/fixImageUrlsMiddleware.js
#	backend/src/middleware/fixImageUrlsMiddleware.spec.js
 2019-06-17 13:24:29 +02:00
Robert Schäfer
5a806ca99e Remove duplicate test case 2019-06-17 12:24:14 +02:00
Robert Schäfer
c9ea956f85 Test+Implement resetPassword 2019-06-16 23:32:16 +02:00
Robert Schäfer
145a8d8bf6 Check invalid email 
Sending a mail with further instructions even if the email is invalid
seems to be a good practice: A potential attacker will not now if a user
has an account under that email address. If a user does not remember the
email address, but has control over the other mail account, she will get
feedback that this mail account is incorrect.
 2019-06-15 23:01:34 +02:00
Robert Schäfer
c7ee0c8121 Implement tests for requestPasswordReset 2019-06-15 16:22:28 +02:00
Robert Schäfer
e44ed7d281 Start writing a resolver for requestPasswordReset 2019-06-15 15:42:17 +02:00
mattwr18
dd627535e4
Merge pull request #795 from Human-Connection/781-language-of-contribution 
Create Posts with a specified language, or fallback
 2019-06-14 13:53:22 -03:00
Matt Rider
1c10e0863f Merge branch 'master' of github.com:Human-Connection/Human-Connection into 781-language-of-contribution 2019-06-14 13:31:39 -03:00
Matt Rider
664a8b327f Merge branch 'master' of github.com:Human-Connection/Human-Connection into 404-delete-user-account-and-data 2019-06-14 11:37:45 -03:00
Ulf Gebhardt
794bb08f14
removed reference for fixImageUrls middleware 2019-06-14 14:04:15 +02:00
Ulf Gebhardt
89d630b1eb
removed fixImageUrlsMiddleware 2019-06-14 14:03:37 +02:00
Robert Schäfer
eb4b05e431 Add relevant permissions to let cypress tests pass 2019-06-14 10:14:48 +02:00
Robert Schäfer
fc4e9f40b3 Whitelist queries/mutations, fix backend tests 2019-06-13 23:29:29 +02:00
Matt Rider
8a214a4007 Merge branch 'master' of github.com:Human-Connection/Human-Connection into 781-language-of-contribution 2019-06-13 17:30:24 -03:00
Matt Rider
589fb16c51 Merge branch 'master' of github.com:Human-Connection/Human-Connection into 404-delete-user-account-and-data 2019-06-13 14:59:23 -03:00
Robert Schäfer
113cf04c60 Fix build 2019-06-13 00:26:20 +02:00
Robert Schäfer
4166936e5f Fix #800 
Ok, so apparently all we have to do is to remove the `/api` prefix from
fixImageUrlMiddleware. I guess that's just a leftover.
 2019-06-12 23:27:43 +02:00
Matt Rider
40aaa151dd Merge branch 'master' of github.com:Human-Connection/Human-Connection into 781-language-of-contribution 2019-06-12 16:42:40 -03:00
Matt Rider
70567857e8 Merge branch 'master' of github.com:Human-Connection/Human-Connection into 404-delete-user-account-and-data 2019-06-12 15:51:38 -03:00
Matt Rider
d15857d240 Set user's posts/comments' delete attribute to true 
- favor over actually deleting the node so that the comments will appear as anonymous and not lose the context of the conversation
- the post will not appear, but for admin it will be accessible
- follow @roschaefer `PR` review
 2019-06-12 15:27:57 -03:00
Robert Schäfer
c2bcc9f595
Merge pull request #754 from Human-Connection/402-userprofil-tab-click-function 
402 userprofil tab click function
 2019-06-12 10:24:41 +02:00
Robert Schäfer
54c7c204c2 Run yarn run lint --fix 2019-06-11 23:10:26 +02:00
Matt Rider
4407d6648a Add component tests, translations 2019-06-11 15:47:10 -03:00
Robert Schäfer
d1364e4aed Merge remote-tracking branch 'origin/master' into 402-userprofil-tab-click-function 2019-06-11 17:41:17 +02:00
Matt Rider
5986ab2070 Create Posts with a specified language, or fallback 2019-06-10 17:12:00 -03:00
Matt Rider
409b626425 Merge branch 'master' of github.com:Human-Connection/Human-Connection into 404-delete-user-account-and-data 2019-06-07 19:11:21 -03:00
Matt Rider
7bbf870d8d Clean up of backend tests 
- changed variable name, remove unneeded beforeEach
 2019-06-07 16:03:02 -03:00