* The photo signing JWT tokens carry more fields to validate against:
* The username the token is assigned to (or '@' for anyone)
* An 'anyone' boolean for widely public images, such as for the chat room
and public profile pages.
* A short filename hash of the image in question (whether a Photo or a
CommentPhoto) - so that the user can't borrow a JWT token from the chat
room and reveal a different picture.
* Refactored where the VisibleAvatarURL function lives, to avoid a cyclic
dependency error.
* Originally: (*models.User).VisibleAvatarURL(other *models.User)
* Now: (pkg/photo).VisibleAvatarURL(user, currentUser *models.User)
* Profile pictures on profile pages now link to the gallery when clicked.
* Admins can no longer automatically see the default profile pic on profile
pages unless they have photo moderator ability.
* Photo view counts are not added when an admin with photo moderator ability
should not have otherwise been able to see the photo.
* Hitting the Like button on a photo will mark it as viewed.
* Move the 'Report' button on the message inbox page, to instead be in
the footer of each DM.
* Improve message reporting behavior to include the content of the
message in the admin report.
* Add a Search page to the forums to filter by user ID and find threads and
replies matching your search terms, with "quoted phrases" and -negation
support.
* On user profile pages, add an "Activity" box showing statistics on their
forum threads/comments, likes given/received, photo counts, etc.
* On the "Newest" and Search page for Forums: show an indicator whenever a
post includes an attached photo.
The following bugs are resolved:
* A blocked user comments on a Photo that you have also commented on
(are subscribed to), and you would be notified about their comment.
* A blocked user comments on a Forum Thread that you are subscribed to,
and you would be notified about their post.
* Comments by blocked users (on photos and forum threads) were visible
to you after you have blocked them.
* Add "Like" buttons to comments and forum posts.
* Make "private" profiles more private (logged-in users see only their profile
pic, display name, and can friend request or message, if they are not approved
friends of the private user)
* Add "logged-out view" visibility setting to profiles: to share a link to your
page on other sites. Opt-in setting - default is login required to view your
public profile page.
* CSRF cookie fix.
* Updated FAQ & Privacy pages.
Finish implementing the basic forum features:
* Pinned threads (admin or board owner only)
* Edit Thread settings when you edit the top-most comment.
* NoReply threads remove all the reply buttons.
* Explicit forums and threads are filtered out unless opted-in (admins
always see them).
* Count the unique members who participated in each forum.
* Get the most recently updated thread to show on forum list page.
* Contact/Report page: handle receiving a comment ID to report on.
Implement Likes & Notifications
* Like buttons added to Photos and Profile Pages. Implemented via simple
vanilla JS (likes.js) to make ajax requests to back-end to like/unlike.
* Notifications: for your photo or profile being liked. If you unlike,
the existing notifications about the like are revoked.
* The notifications appear as an alert number in the nav bar and are read
on the User Dashboard. Click to mark a notification as "read" or click
the "mark all as read" button.
Update DeleteUser to scrub likes, notifications, threads, and comments.