RE: 1.10.0 Breaking Changes

Hi,
I think I have discovered another breaking change that you didn't mention, though it is probably super-niche.

This commit: https://github.com/NodeBB/NodeBB/commit/ec91ef1c644044bba44198b031913655e784b4bb
broke our custom SSO plugin. The result was that after successfully logging in our external identity provider and being redirected to our Forum's callback endpoint, I was ending up not logged in (the button in the header still said "Log in") and stuck on /register/complete roadblock. It looked like our Passport strategy verify callback, that parses output from the identity provider and fetches user data via OAuth2 was not invoked at all.

It turns out that the changes in this commit don't play well together with passport-oauth2 (https://github.com/jaredhanson/passport-oauth2) internal ability to protect against CSRF (which we were using). This strategy was already using state parameter to pass its own CSRF token. I don't have more time to investigate but I suspect things shipwrecked when NodeBB overwrote the state parameter with its own CSRF token.

Turning off passport-oauth2 internal CSRF protection (by removing state: true from its options) fixed the issue.

0 julianlam committed to NodeBB/NodeBB

closes #6553

@baris I've added some debug code in the place you mentioned. Having opened two browsers, each connected to a different NodeBB instance I see the following behaviour:

• there's a lot of keys being cleared all the time
• among them, if I modify widgets I see widgets:global being cleared but only on the instance that initiated the change.
• the second instance shows no sign of clearing widgets:global (and the change obviously is not visible on it)
• this is consistent for any other change - navbar changes, profile edits...

So the question is: should I not be seeing the same cache key being cleared on both instances?

[UPDATE]
This looks interesting:

PUBSUB CHANNELS
*2
$27
db:0:adapter_key-request#/#
$28
db:0:adapter_key-response#/#

I see no pubsub_channel in our Redis instance...

[UPDATE 2]
It all seems clear to me now. In https://github.com/NodeBB/NodeBB/commit/e85aabbe74d7838185d0b102bf37a20c1a1b62a1 a logic was added that looks at isCluster to determine whether initialize "real" pub/sub mechanism or a "fake" local only. In our scenario we have instances running on separate machines and each instance is running just one NodeBB process. Therefore isCluster is false as determined by process.env.isCluster = ports.length > 1; in loader.js:118.

I am fixing this temporarily in our codebase by reversing the if...else if...else..if so that is does not look at isCluster in src/pubsub.js because I am not sure if "faking" or "forcing" NodeBB to recognize our scenario as clustered is correct and would not have any side-effects.

Advices?

To clarify, the code after my fix looks like this:

	var pubsub;

	if (nconf.get('redis')) {
		pubsub = require('./database/redis/pubsub');
	} else if (nconf.get('mongo')) {
		pubsub = require('./database/mongo/pubsub');
	} else {
		var EventEmitter = require('events');
		pubsub = new EventEmitter();
		pubsub.publish = pubsub.emit.bind(pubsub);
	}

Feel free to borrow it if it looks okay to you. It works for us

0 BenLubar committed to NodeBB/NodeBB

Allow running as a cluster without Redis (#6233)

* [database/*] Allow databases other than Redis to provide pubsub for clustering if Redis is not present

* [pubsub] Delay messages sent before the database is ready until the database is ready.

* [pubsub] Restore old behavior of not using the database in non-clustered NodeBB instances.

See comment: https://github.com/NodeBB/NodeBB/pull/6233#issuecomment-357814968

Ok. Still being able to reproduce - this time I've added a new item to navigation bar and it did not show up for users that are directed to second instance. Restarting both instances (i.e. forcefully clearing local caches) did the trick. Definitely something's off here. I guess I need to play around with console.log tomorrow and try to figure out what broke down.

Will try to work on this on Monday. We'll see if I'm still able to reproduce.
Thanks.

Hi,

We have a procedure to let users know about scheduled maintenance by adding a global widget with appropriate info:

After the upgrade is compete we have simply ticked "Hide from anonymous users" and "Hide from registered users". This effectively hid it for everyone. At least in the past. Now, after upgrading to 1.9.0 the widget persists no matter what I do. It does not respond to edits of the content (it is reflected in ACP but not on the Forums pages).

I even removed the widget completely:

It is still there, informing about past maintenance

Opera forums

How can I get rid of the damn thing? Any ideas what's wrong?

Thanks!

[EDIT]
Further intel: We have two instances behind a load balancer. It seems like the changes to widgets are not synchronized... By removing "session stickiness" cookie I was able to access the second instance and indeed the stubborn widget was still present there in ACP. Removing it helped. The widget is gone. Now the question is: why wasn't two instances synchronized? Aren't widgets stored in database? Isn't Redis pub-sub mechanism supposed to sync the all instances in any case?
Definitely something's off here...

https://github.com/NodeBB/NodeBB/issues/4804 - seems like this will be released in 1.7.2

huegelc created this issue in NodeBB/NodeBB

closed Feature request: merge topics #4804

Thanks! Pulling right now

[EDIT] Seems to have solved it!

Hi!

After today upgrade to 1.7.0 we observe a significant increase in errors leading to process dying and being restarted.
Seems to always be preceded by this stacktrace:

23/11 14:30:39 [94] - error: TypeError: Cannot read property 'disabled' of undefined
at /home/app/nodebb/src/controllers/composer.js:22:25
at nextTask (/home/app/nodebb/node_modules/async/dist/async.js:5297:14)
at next (/home/app/nodebb/node_modules/async/dist/async.js:5304:9)
at /home/app/nodebb/node_modules/async/dist/async.js:906:16
at /home/app/nodebb/node_modules/nodebb-plugin-composer-default/library.js:160:12
at /home/app/nodebb/node_modules/async/dist/async.js:3861:9
at /home/app/nodebb/node_modules/async/dist/async.js:421:16
at iterateeCallback (/home/app/nodebb/node_modules/async/dist/async.js:928:24)
at /home/app/nodebb/node_modules/async/dist/async.js:906:16
at Immediate.<anonymous> (/home/app/nodebb/node_modules/async/dist/async.js:3858:13)
at runCallback (timers.js:676:20)
at tryOnImmediate (timers.js:645:5)
at processImmediate [as _immediateCallback] (timers.js:617:5)

Would you care to take a look? Thanks!