Commit Graph

887 Commits

Author SHA1 Message Date
Ming HU 7803a06e50 Use expect change for groups_controller_spec.rb 2016-10-24 10:32:21 +08:00
Robin Ward 19e2eec219 Allow step 0 to resend the confirmation email 2016-10-21 11:34:19 -04:00
Robin Ward c03d25f170 FEATURE: Configure Admin Account
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.

Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Ming HU dffd8baa91 Remove user from a group by user email 2016-10-18 17:10:47 +08:00
Régis Hanol 3949c24f80 FIX: sparkpost webhooks support 2016-10-17 11:26:49 +02:00
Sam f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Régis Hanol ddcc084d22 Revert "FEATURE: Use the top period default for users who have been inactive or are new" 2016-10-11 17:56:46 +02:00
cpradio 2de50a616d FEATURE: Use the top period default for users who have been inactive or are new 2016-10-11 09:55:15 -04:00
Sam 6031e692f0 Merge pull request #4366 from xfalcox/print
Print Support
2016-10-11 11:47:20 +11:00
Sam 3e513f5c05 Merge pull request #4459 from vibol/master
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Guo Xiang Tan 1302db2683 Skip randomly failing test first. 2016-10-01 05:14:35 +08:00
Robin Ward f62d01ff1b FIX: Clear the session after a reset token was used 2016-09-30 12:20:23 -04:00
Guo Xiang Tan cde18834f8 Fix randomly failing spec. 2016-09-30 05:18:54 +08:00
Vibol Hou c3d60d5d1d Merge remote-tracking branch 'upstream/master' 2016-09-29 02:12:05 -07:00
Guo Xiang Tan 72ccb4e11d FIX: Plugin "admin_js" translations bundle was not fetched. 2016-09-29 04:42:26 +08:00
Vibol Hou 34af73c7cb FEATURE: sparkpost webhook 2016-09-26 22:13:34 -07:00
Rafael dos Santos Silva 0229df4c73 Second review fixes 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva f96fffeb34 Add tests 2016-09-26 20:46:55 -03:00
Robin Ward 7f66cf618c FIX: You should be an admin to do the wizard 2016-09-22 11:12:51 -04:00
Robin Ward 29cf47cfb2 Track steps the user has completed, nag them to finish it. 2016-09-22 09:52:19 -04:00
Robin Ward ef84981e38 Invite Users step 2016-09-22 09:52:19 -04:00
Robin Ward 9f12b571ef Wizard: Server Side Validation + Finished Step 2016-09-22 09:52:19 -04:00
Robin Ward 3a4615c205 Wizard: Step 1 2016-09-22 09:48:58 -04:00
Robin Ward 0471ad393c Scaffold for new Wizard - Rails / Ember / Tests 2016-09-22 09:48:58 -04:00
Robin Ward 6070939daa Support for other i18n bundles 2016-09-22 09:48:58 -04:00
Guo Xiang Tan 9374e5d42d Revert "FIX: don't overwrite category's logo & background URLs"
This reverts commit 641b95f655.
2016-09-22 11:30:19 +08:00
Régis Hanol 641b95f655 FIX: don't overwrite category's logo & background URLs 2016-09-21 22:11:31 +02:00
Robin Ward 2766b2edc3 FIX: Allow redirection for slugs that start with digits 2016-09-19 13:31:19 -04:00
Erick Guan c463cf63d4 FEATURE: Webhook for user creation and approval 2016-09-19 10:12:55 +08:00
cpradio 0d2d8797b6 FIX: Backup validation wasn't escaping hyphens 2016-09-16 15:20:42 -04:00
Guo Xiang Tan a04dadf9b4 FIX: Randomly failing specs try 2. 2016-09-16 15:10:37 +08:00
Guo Xiang Tan 903d1dd326 FIX: Randomly failing specs. 2016-09-16 14:56:59 +08:00
Sam 75f3f7fcbd FEATURE: clean API method for reading a single notification 2016-09-16 16:14:15 +10:00
Guo Xiang Tan 512922d776 SECURITY: Add filename validation for backup uploads. 2016-09-16 11:58:14 +08:00
Robin Ward 2c9a47dda5 FIX: Validate the raw content of posts before enqueuing them 2016-09-12 12:26:49 -04:00
Sam 2d859ba0ed FIX: user api should always be available to staff 2016-09-12 15:42:06 +10:00
Robin Ward e78b7a243e FIX: Don't enqueue posts if the user can't create them (ex: closed) 2016-09-09 12:15:56 -04:00
Sam 1d281e02c7 id is optional if already specified in header 2016-09-02 17:08:46 +10:00
Sam be0fd5b4cc FEATURE: allow user api key revocation for read only keys 2016-09-02 17:04:00 +10:00
Erick Guan 0217973374
FIX: Importing user avatar when new user login by SSO 2016-08-29 20:47:19 +08:00
Neil Lalonde 2251104e32 FEATURE: avatar flair can be font awesome icons 2016-08-26 17:15:37 -04:00
Sam ca79c4b276 stop eating up push_urls 2016-08-26 13:23:06 +10:00
Sam fcdf13f52d add some more testing 2016-08-26 13:18:20 +10:00
Sam a37db9448f correctly return access rights in auth redirect 2016-08-26 13:12:38 +10:00
Neil Lalonde d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Sam a25a8115e8 FEATURE: support HEAD request to /user-api-key/new
This allows us to cleanly sniff to find if it exists
2016-08-17 09:58:19 +10:00
Sam 416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Neil Lalonde 3b792054f2 Merge pull request #4387 from gdpelican/feature/tags-intersection
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
James Kiesel 037e9bb7b8 Support any number of tag intersections 2016-08-15 15:30:17 -04:00
Sam fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
James Kiesel 7e73b933c7 First pass 2016-08-12 15:28:46 -04:00
Sam 7e4503dd99 FEATURE: basic info route for all sites, even ones that require login
This information is public in meta tags already on home page, providing a
route allows consumers to check it way more cheaply
2016-08-12 17:10:35 +10:00
Sam afaba56de3 FEATURE: missing API endpoint for topic tracking states 2016-08-12 17:10:35 +10:00
Robin Ward 429f27ec96 SECURITY: Avoid mass assignment on user create 2016-08-05 11:57:13 -04:00
Neil Lalonde 5f67cd7b45 FIX: tag input detects when a tag is not allowed and won't offer to create it anyway 2016-08-03 13:18:56 -04:00
Régis Hanol 681f566a66 FIX: staff members should be able to see raw email of deleted posts 2016-08-01 23:55:22 +02:00
Neil Lalonde 82e170d6a6 FIX: 404 when filtering by category, no sub-category, and a tag 2016-07-28 16:19:03 -04:00
Robin Ward 2f8ab8cd30 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 11:38:12 -04:00
Sam c6dbaca0dc SECURITY: disable user entered badge SQL by default
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Sam cb3afd11b4 SECURITY: limit route access when using external avatars 2016-07-28 09:00:43 +10:00
Arpit Jalan c626558d36 UX: group pages should not show Messages tab to unauthorised users (#4318) 2016-07-09 00:50:04 +05:30
Robin Ward 1eb64151f6 User interface for watching first post 2016-07-07 11:21:50 -04:00
Robin Ward ccf9b70671 When restoring a backup, disable emails.
This prevents accidental sending of emails after a restore before
the admin has had a chance to review everything.
2016-06-24 17:15:15 -04:00
Sam 8866169879 FEATURE: can invite/revoke groups on private messages 2016-06-20 16:29:27 +10:00
Sam dd1a184955 Correct mailing list mode unsubscribe 2016-06-17 11:57:23 +10:00
Sam 852860de66 FEATURE: simpler and friendlier unsubscribe workflow
- All unsubscribes go to the exact same page
- You may unsubscribe from watching a category on that page
- You no longer need to be logged in to unsubscribe from a topic
- Simplified footer on emails
2016-06-17 11:28:49 +10:00
Régis Hanol 49f8a2baa7 FEATURE: support for mandrill webhooks 2016-06-13 12:32:14 +02:00
Sam 3015030fe2 FIX: unlisted topics do not get "slug auto correct" logic 2016-06-10 10:53:26 +10:00
Régis Hanol 214e25f1b5 use proper 'Message-Id' field 2016-06-09 00:33:13 +02:00
Régis Hanol 3e3538d603 loosen security a bit on mailgun's webhook 2016-06-08 22:38:38 +02:00
Robin Ward 431179dd25 FEATURE: Prompt users when they are entering duplicate links 2016-06-07 14:47:22 -04:00
Robin Ward 6aaa484baa REFACTOR: Move composer messages to store 2016-06-07 14:47:22 -04:00
Jeff Atwood cc66bff730 we forgot to update the mailgun tests 2016-06-06 16:55:24 -07:00
Régis Hanol fe595f1653 FEATURE: mailjet webhook 2016-06-06 19:47:45 +02:00
Régis Hanol 9704603fab FEATURE: sendgrid webhooks 2016-06-01 21:48:06 +02:00
Régis Hanol 116efffdaa FEATURE: webhooks support for mailgun 2016-05-30 17:11:17 +02:00
Guo Xiang Tan cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
Arpit Jalan f387dfe226 FIX: mixed case group mentions were not getting highligted in composer 2016-05-22 18:32:49 +05:30
Robin Ward 49a6d0b789
FIX: Don't bother with negative offsets 2016-05-09 16:33:55 -04:00
Arpit Jalan 82daf93eb3 Merge pull request #4206 from techAPJ/convert-topic
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-04 01:33:15 +05:30
Robin Ward b061ba5c52
FIX: Broken spec. Stupid mocking. 2016-05-03 15:30:48 -04:00
Arpit Jalan acfb540952 FEATURE: move a topic from PM to regular topic or vice versa 2016-05-02 21:34:05 +05:30
Arpit Jalan 74b3807f60 FEATURE: new bootstrap mode settings for brand new Discourse community (#4193)
* FEATURE: new bootstrap mode settings for brand new Discourse community

* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
Sam 9e50f36c50 Merge pull request #4137 from cpradio/add-warning-to-flag
FEATURE: Add warning input to flag dialog when notifying a user
2016-04-15 16:23:22 +10:00
Régis Hanol 379bfac36d Merge pull request #4010 from riking/patch-sitelinks
FEATURE: Add /search discovery
2016-04-14 10:35:13 +02:00
Sam 22b2f5285c FIX: extract links in post processor
when oneboxes are not cached or are refreshed they can introduce new
links, these links must be extracted otherwise you can not follow them
2016-04-12 12:28:18 +10:00
cpradio a5cd557906 Simplify setting the top_page_default_timeframe SiteSetting (#4149) 2016-04-07 18:06:54 +02:00
Sam a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Sam 8ec7fd84fd FEATURE: prioritize sidekiq jobs
This commit introduces 3 queues for sidekiq

"critical" for urgent jobs (weighted at 4x weight)
"default" for standard jobs(weighted at 2x weight)
"low" for less important jobs


"critical jobs"

Reset Password emails has been seperated to its own job
Heartbeat which is required to keep sidekiq running
Test email which needs to return real quick


"low priority jobs"

Notify mailing list
Pull hotlinked images
Update gravatar

"default"

All the rest

Note: for people running sidekiq from command line use

bin/sidekiq -q critical,4 -q default,2 -q low
2016-04-07 12:56:43 +10:00
Régis Hanol 2b9e8e5a7d Merge pull request #4147 from cpradio/default_top_timeframe
FIX: Use default top setting when user is return or enough data exists for Top Page Results
2016-04-06 18:33:56 +02:00
cpradio c5bb1d1cfe Return default top setting as part of best_periods_for to see if it can be used 2016-04-05 14:27:18 -04:00
Régis Hanol d402a45781 FIX: hitting '/t/:id/posts.json' should return the first page of posts 2016-04-05 19:12:14 +02:00
cpradio 95fa340601 Added spec tests 2016-04-03 19:44:14 -04:00
Arpit Jalan 41208b99a1 FEATURE: RSS feed for user posts and topics 2016-03-31 20:24:05 +05:30
Kane York f2ddd44712 FEATURE: Add /search discovery
The opensearch.xml results in a "site search engine" being added to
Chrome, while the sitelinks search tag results in "Search this website"
being added to Google Search.
2016-03-28 15:07:59 -07:00
Guo Xiang Tan 9a5ded48cf FIX: Return a proper error message when sync sso fails. 2016-03-26 13:30:15 +08:00
Robin Ward 4180e207c3 FIX: Crazy large ids should not raise exceptions 2016-03-23 12:13:47 -04:00
Arpit Jalan 34469e725b FEATURE: separate API endpoints for public and private posts 2016-03-21 18:21:15 +05:30
Arpit Jalan bd83cf7f4c FEATURE: add group posts and mentions RSS 2016-03-18 22:29:10 +05:30
Robin Ward 1fba835d4f FIX: Use a logging table for daily likes given. Use it for badges. 2016-03-18 11:18:54 -04:00