Commit Graph

2346 Commits

Author SHA1 Message Date
Arpit Jalan eab66065d1 FEATURE: search log term details page (#5445) 2017-12-20 13:41:31 +11:00
Guo Xiang Tan 97ceebb570 SECURITY: Don't pass email backup token to sidekiq as a parameter.
* This exposes the token in the Sidekiq dashboard which can be
  viewed by an admin and defeats the purpose of using a token
  in the download backup email ink.
2017-12-18 11:25:22 +08:00
Sam 5e90abfaea FIX: use hijack for emoji uploads 2017-12-18 10:31:19 +11:00
Guo Xiang Tan f2565f6c7e SECURITY: Any group can be invited into a PM. 2017-12-14 14:57:48 +08:00
Sam 96584403cd SECURITY: prevent staged accounts from changing email 2017-12-14 17:16:49 +11:00
Arpit Jalan 492af81e67 FIX: save registration_ip_address for staged users logging in via social auth 2017-12-12 17:41:16 +05:30
Robin Ward 410994b7f5 FEATURE: Show a button to Staff for "Moderation History" on posts/topics
When clicked, it pops up a modal showing a history of moderation actions
taken on the post or topic.
2017-12-05 15:20:20 -05:00
Vinoth Kannan 6e054b2572 FEATURE: Convert HTML to Markdown while pasting in composer 2017-12-05 12:23:39 -05:00
Vinoth Kannan 7f2eeaf767 FIX: Password required flag should be cleared whenever clearing the raw password (#5384) 2017-12-01 15:19:24 +11:00
Guo Xiang Tan 1c2d1682ae
Merge pull request #5328 from tgxworld/reenable_interpolation_keys_check
FIX: Re-enable invalid interpolation keys check and allow default key…
2017-11-30 13:04:54 +08:00
Sam d5e7691ae9 favicon proxy now uses hijack 2017-11-27 14:51:14 +11:00
Guo Xiang Tan 5805979e88 FIX: Re-enable invalid interpolation keys check and allow default keys to be left out of translation overrides.
https://meta.discourse.org/t/bulk-invite-from-file-resets-the-invite-forum-mailer-customized-text/67606/16
2017-11-27 11:00:08 +08:00
Guo Xiang Tan 82222e8d18 Improve specs to test for the right response status. 2017-11-24 09:32:44 +08:00
Robin Ward 628275fc31 FIX: Some badge routes were still working even with badges disabled 2017-11-21 12:22:44 -05:00
Régis Hanol 2d48caffdf FIX: be more lenient when deleting a custom emoji 2017-11-20 23:50:23 +01:00
Gerhard Schlager 41673c322c dear Rubocop, don't be so pedantic ;-) 2017-11-19 12:45:33 +01:00
Gerhard Schlager 92a831bae6 FEATURE: user directory returns staged users during search 2017-11-19 01:17:31 +01:00
Arpit Jalan 3831663fea FEATURE: search logs page (#5313) 2017-11-15 11:13:50 +11:00
Robin Ward 9ebb1412d3 FIX: Brittle, order dependent spec 2017-11-04 09:30:17 -04:00
Guo Xiang Tan d320f4840d FIX: Unable to invite groups that are not public visible into pms.
https://meta.discourse.org/t/inviting-groups-broken-in-head/73346/6
2017-11-03 21:40:33 +08:00
Guo Xiang Tan ab2a5cef38 FIX: Can't edit membership request template on group page. 2017-11-02 08:51:43 +08:00
Arpit Jalan 9586f0bdc9 fix the build - take 2 2017-10-20 21:34:56 +05:30
Guo Xiang Tan a6f2533d38 SECURITY: Fix XSS on unsubscribed page. 2017-10-09 09:04:46 +08:00
Guo Xiang Tan 6fe604b93e Revert "SECURITY: Fix XSS on unsubscribed page."
This reverts commit 190558db9d.
2017-10-09 09:03:07 +08:00
Guo Xiang Tan 190558db9d SECURITY: Fix XSS on unsubscribed page. 2017-10-09 08:59:03 +08:00
Guo Xiang Tan 3efde2618d UX: Do not display non-human users on group page.
https://meta.discourse.org/t/members-of-groups-staff/71437
2017-10-06 10:35:40 +08:00
Neil Lalonde beca02c046 FIX: moderators couldn't see flagged topics list 2017-10-05 14:12:07 -04:00
Neil Lalonde c29334cf23 FEATURE: the hide_email_address_taken setting works with the change email address form in user preferences 2017-10-04 11:41:25 -04:00
Régis Hanol fafe7cc661 remove trailing whitespaces 2017-10-03 13:02:04 +02:00
Régis Hanol daf1dda700 FIX: username autocomplete in assign modal wasn't working 2017-10-03 12:49:45 +02:00
Gerhard Schlager 5bb326a452 Add specs for EmailTemplatesController 2017-10-02 14:53:27 +02:00
Guo Xiang Tan 8140e54675 FIX: More fixes for `Group#mentionable` and `Group#messageable` feature. 2017-10-02 17:45:58 +08:00
Guo Xiang Tan c872225762 Improve `MessageBus.track_publish` to allow filter by channel. 2017-10-02 11:34:57 +08:00
Guo Xiang Tan 4e07bbfbbf FIX: Only allow intergers for page params. 2017-10-02 10:45:54 +08:00
Guo Xiang Tan 4319d8a142 FIX: Missing template error when rendering `topics#show` error message. 2017-09-28 11:06:44 +08:00
Robin Ward d7c37d9369 Add front end service for staff controls 2017-09-25 12:25:14 -04:00
Guo Xiang Tan 77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Leo McArdle 104d97695d FIX: don't activate un-confirmed email on omniauth authentication (#5176) 2017-09-12 17:36:17 +02:00
Guo Xiang Tan 5c1143cd55 Add missing test case for `PostController#timings`. 2017-09-04 16:36:02 +08:00
Bianca Nenciu 6bc74ceb50 Split alias levels in mentionable and messageable levels. (#5065)
* Split alias levels in mentionable and messageable levels.

* Fixed some tests.

* Set messageable level to everyone by default.

* By defaults, groups are not mentionable or messageable.

* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Guo Xiang Tan 41ca527d7a Fix Rubocop error. 2017-08-24 15:28:18 +09:00
Guo Xiang Tan 8779490ce4 Move new controller specs to reqeusts folder. 2017-08-24 12:01:11 +09:00
Sam a9c5d843f7 remove problem spec that does not work properly in rails 4 mode into application controller and correct it 2013-11-11 10:50:48 +11:00
Sam 2843f1cf4b collapse some slow tests 2013-04-22 11:06:10 +10:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00