Allow regular (non-admin) users access to the Manage Forums page so they can
create and manage their own forums.
Things that were already working:
* The admin forum page was already anticipating regular LoginRequired credential
* Users only see their owned forums, while admins can see and manage ALL forums
Improvements made to the Forum Admin page:
* Change the title color from admin-red to user-blue.
* Add ability to search (filter) and sort the forums.
Other changes:
* Turn the Forum tab bar into a reusable component.
The nonshy website is changing the policy on profile pictures. From August 30,
the square cropped avatar images will need to be publicly viewable to everyone.
This implements the first pass of the rollout:
* Add the Public Avatar Consent Page which explains the change to users and
asks for their acknowledgement. The link is available from their User Settings
page, near their Certification Photo link.
* When users (with non-public avatars) accept the change: their square cropped
avatar will become visible to everybody, instead of showing a placeholder
avatar.
* Users can change their mind and opt back out, which will again show the
placeholder avatar.
* The Certification Required middleware will automatically enforce the consent
page once the scheduled go-live date arrives.
Next steps are:
1. Post an announcement on the forum about the upcoming change and link users
to the consent form if they want to check it out early.
2. Update the nonshy site to add banners to places like the User Dashboard for
users who will be affected by the change, to link them to the forum post
and the consent page.
* Add an Alt Text field for users to describe their photos for accessibility.
* Alt texts appear on mouse over on Gallery pages, in the lightbox modal (on
mouse over or by clicking the ALT button that appears), and in a box on the
permalink page below the photo caption.
* Max length of Alt Text is 5,000 characters.
* Fix a bug with the right-click blocker not working on the lightbox modal.
* Add the PollVotes table and associated logic.
* Multiple choice polls supported.
* Expiring and non-expiring polls.
* Icons and badges on the forum pages to show posts with polls
* Bugfix: non-explicit users getting SQL errors on Newest Posts page.
Got initial Poll table and UI started:
* Polls can be attached to any NEW forum post (can't edit poll details
after creation)
* Max 100 options (theoretically unlimited), expiration time.
* UI: shows radio button list on posts having a poll, no submit handler
yet created.
The photo upload limit for user profiles is raised from 24 to 100.
The bug about Filesize not saving to the database for Photos and
CommentPhotos (storing zeroes in the DB) has been fixed. Run the
`nonshy backfill filesizes` to populate your existing database.
* Add a "Newest" tab to the Forums landing page to order ALL forum posts
(comments) by most recent, paginated.
* Add a "Views" cooldown in Redis: viewing the same post multiple times
within 1 hour doesn't ++ the view count with every page load, per user
per thread ID.
* Update the paginators to handle unlimited numbers of pages: shows max
7 page buttons with your current page towards the middle.
* General ability to jump to the "last page" of anything: use a negative
page size like ?page=-1 and it acts like the last page.
* Add "Like" buttons to comments and forum posts.
* Make "private" profiles more private (logged-in users see only their profile
pic, display name, and can friend request or message, if they are not approved
friends of the private user)
* Add "logged-out view" visibility setting to profiles: to share a link to your
page on other sites. Opt-in setting - default is login required to view your
public profile page.
* CSRF cookie fix.
* Updated FAQ & Privacy pages.
* Add photo upload quotas.
* Non-certified users can upload few photos; certified users more
* Fix foreign key issues around deleting user profile photos for psql
* Add "forgot password" workflow.
* Add ability to change user email address (confirmation link sent)
* Add ability to change user's password.
* Add rate limiter to deter brute force login attempts.
* Add user deep delete functionality (delete account).
* Ping user LastLoginAt every 8 hours for long-lived session cookies.
* Add age filters to user search page.
* Add sort options to user search (last login, created, username/name)
* Add the user photo gallery for profile pages. Paginated, grid or full (blog
style) view options. In grid view clicking a photo opens a large modal to
see it; full view already shows large photos.
* Edit page: can also re-crop and set an existing pic to be your profile pic.
* Delete page: remove photos from the DB and hard drive.
* Photos are cleaned up from disk when not needed, e.g. during a re-crop the
old cropped photo is removed before the new one replaces it.
* Fixed bug with cropping pictures.