Updated deps.
Re-enabled eslint rule no-async-promise-executor.
Updated some codes to follow the said rule.
Though I had to disable the rule in a line at utilsController.js
due to complexity.
I'll give it more thoughts in the future.
Bumped v1 version string.
utilsController.js:
+ /api/stats: Cache invalidation requests will now only store timestamp
of the request instead of purging the cache entirely.
Subsequent requests to the API will no longer attempt to generate stats
if a previous request before it is still generating, since it can
take a while in big sites.
So instead, the cached stats will be returned to them, regardless of
whether it's still valid.
This should avoid "race condition" in sites with multiple admins.
* dashboard.js:
+ Added an appendix into "Delete by names" feature in dashboard to
inform staffs that they can use the feature to delete files by other
users as well.
+ Added comments explaning the need of page.domClick() function.
+ Addition to the change regarding /api/stats route: If there is no
cached stats, but a previous request is still generating, inform
the user about it.
config.sample.js + lolisafe.js:
+ We now support configuring rate limits through config file.
No more hard-coded rate limits.
Don't forget to update your config.js accordingly.
package.json + yarn.lock:
+ Updated dependencies.
* Added Statistics menu to Administration items in dashboard.
* Added /api/stats route.
Imo, my implementation of this whole thing is rather dirty-ish, but hey
as long as it works.
I'll be using lolisafe2 for future devs tbh.
NoJS uploader will now display the original file names in the results.
lolisafe.js will now automaticaly purge Cloudflare's cache of frontend
pages everytime it launches.
Of course this only applies when cacheControl is on in config file.
This sorta makes scripts/cfpurge.js script obsolete.
Added cfpurge.js to scripts directory.
This can be used to purge cache of frontend pages and uploads.
Do "node scripts/cfpurge.js --help" for usage.
Removed "randver" from package.js/scripts.
I've installed randomstring globally instead and just simply do:
randomstring n
Back then I didn't know it could be used that way.
I added the resolution since an issue was reported by Snyk.io.
But I recently noticed that it prevents installation on node 10.x.
I haven't checked whether the resolution is still necessary though.
Also removed .vscode settings.
I plan to add a cleaner way for this later.
Removed "path-complete-extname" module in favor of an in-house solution, utilsController.extname().
For now the function will attempt to preserve multi-archive extensions (.001, .002, and so on), as well as some known tarballs (.tar.gz and the likes).
The function will always return lower case extension. It should be fine, but do keep it in mind.
Added a new yarn script/shortcut, "yarn randver". It's a shortcut to a one-liner node script to generate 10 characters long of a random string using "randomstring" module.
This will be used for version strings in _globals.njk.
* Added an experimental virus scanning feature using ClamAV. This has only been tested with an Ubuntu machine.
* File extensions will now be parsed with path-complete-extname module. This will ensure extensions such as .tar.gz are properly parsed.
Notice: It may take a minute or so to start the safe with virus scanning, as apparently the module takes a while to create the engine. I'm guessing since it'll be loaded to memory? Either way, once the engine is created, everything should work fine. Virus scanning should also not have that much of an impact to the upload time.
* Added Cloudflare purge cache support. Check configuration sample at config.sample.js.
When it's enabled, whenever files are being deleted, it will send a POST request to Cloudflare's API to purge cache of the deleted files.
This adds a new dependency called "snekfetch". It's lightweight though.
* uploadsController.delete() will now wrap uploadsController.bulkDelete() instead.
* Bumped node requirement to >= 8.0.0 (due to async/await).
* Moved ESLint config to .eslintrc.json.
* Moved ESLint ignore to .eslintignore.
* Bumped ESLint's ecmaVersion to 8, although it was probably already automatically set to that before.
* Bugfix line 110 of albumsController.js.
* Change all occurences of loli-safe to lolisafe
Saw that repository was renamed, links were changed, but a lot of files of lolisafe were unchanged. So I followed the links and changed what seemed safe to change. Which turned out to be all occurences.
Also, bumped the copyright.
* Change year in LICENSE
This seems to be the proper format.
* Image fix
It was out of focus.
* Relative image path
Heard on StackOverflow it can be done like this.
* Updated yarn.lock.
* Added resolution for chokidar. This is going to be used by nunjucks if "watch" is set to true. Although we don't really use it, chokidar 1.x has a vulnerability.
I forgot to remove handlebars completely, lmao.
Also updated vscode's settings. Temporarily only using "michelemelluso.code-beautifier" extension to beautify CSS until I find a better alternative.
Thanks to Zephyrrus for the hints about nunjucks, sort of (he did not really give out any specific hints to me, I stalked his fork, lmao).
* Replaced Handlebars with Nunjucks.
* Replaced all static HTML files with their NJK-equivalent (excluding error pages).
* Renamed "albumDomain" to "homeDomain" in config.sample.js (make sure you update your config.js too).
* Updated dependencies: knex and eslint-plugin-import (dev).
* Updated vscode's settings.json (I may update this again very soon).
* Removed rimraf from dependency. Although really it'll still need to be used by other dependencies, such as eslint and bcrypt, so it'll still have to be downloaded by yarn either way.
* Updated dashboard.css. Added "overflow: hidden" to thumbnail container. Previously potrait thumbnails will be visible outside of their container.
* Removed notice about having "chunks" folder from config.sample.js. Added a line in lolisafe.js to create the folder if it doesn't exist instead.
* Updated bcrypt to v2.0.0. I'm not really sure whatever has changed, but I've tested that it didn't require any additional changes for our current usage.
* Chunks will no longer be saved with their original file's extension. Instead they'll only be saved as plain files named 0, 1, ..., n, without any extension whatsoever. Extension for joined chunks will be read from the original file's name in /api/upload/finishchunks. If the user doesn't pass that data when calling the API, the joined chunks will not have any extension.
* Since rimraf has been removed, uploadsController.actuallyFinishChunks() will now use a combination of fs.unlink() and fs.rmdir(). Promise.all() will be used when running fs.unlink() so that all chunks will be deleted at the same time through multiple instances of async tasks (probably).
* Some other small changes and tweaks in uploadController.js.
* Updated eslint-plugin-import dev dependency.
* Added 2 new ESLint rules: "prefer-const" and "object-shorthand".
* Refactor all JS files to follow the new ESLint rules.
* Refactored all instances of for-i into for-of wherever applicable.
* De loli-safe wherever it's safe to do so.
* Removed bulma tooltip. Sigh, it came from an impulsive decision out of boredom to begin with.
* Chrome extension and GitHub links in home page will now open in new tab.
* File's link in the dashboard's list will still show the full URL in its tooltip, but it will no longer use bulma tooltip extension.
* Fixed information of selected files being cleared when canceling either add to album or bulk delete prompt.
* Add to album prompt will now show how many files are going to be moved.
* Fixed bulk delete failing to reload file list properly when being used while listing an album.
* Added new ESLint rule "quotes" with option "single". I'm pretty sure Standard used to have this as default. I actually liked that back then.
* Switched standard to eslint with eslint-config-standard (and 4 more eslint plugins needed by standard).
* Added "curly" eslint rule with "all" option. I like it.
* Refactored all JS files to apply the new "curly" eslint rule.
* Renewed axios.min.js, dropzone.min.js and sweetalert.min.js. Re-minified and added a small comment stating their version and copyright statement.
* Some buttons in dashboard will now show loading icon whenever they're waiting for response from the server.
* Updated README.md and .gitignore.
* Added new dependency: rimraf. This will be used by chunked upload support to bulk delete temporary chunk files.
* Added chunked uploads support :3
* Updated Dropzone to 5.2.0.
* More improvements to thumbnail view. Delete button will now only appear on hover. Some other details, such as file name, size and album/owner will also appear on hover. Touch devices will have all of those appear always visible by default.
* Image thumbnails will now appear on home page after successful uploads (only for WEBP, JPG, JPEG, BMP, GIF and PNG files). WEBP may not work properly in Firefox though.
* Refactored home.js to use const/let and some other stuff.
* Refactored album view. It will now display properly on mobile screen. Download Album button will also no longer be located at the top right, but right below the subtitle.
* Updated some version strings.
* And maybe some others that I can't remember.
* Properly merged changes from master.
* database/migration.js will now exit after migartion.
* Replaced all instances of createTableIfNotExists() into a combination of hasTable() and createTable() in db.js.
* Self-host all libs (including but not limited to Font Awesome icons). LICENSE files were properly included as well.
* Temporarily disabling error pages.
* Added "start" and "pm2" scripts. To be used with "yarn SCRIPT_NAME" or "npm run SCRIPT_NAME".
* Added container for the tables in dashboard. On narrow screens, such as phones, users will then have the ability to use horizontal scroll on the tables.
* Fixed various resource paths. This should now work properly when not being hosted in root domain (e.i. https://fiery.me/lolisafe/).
* Before checking API, the "Running in ..." button will now say "Loading..." instead.
* Switched ESLint + Aqua to Standard. I'm a big fan of Standard. Updated yarn.lock file too.
* Lots of refactors to follow the rules of Standard.
* Fixed issue with uploading as a not logged in user.
Changed from XMLHttpRequest to Axiios and made every POST call to look for params or json and not pass the values as headers. Token is still a header though