Commit Graph

239 Commits

Author SHA1 Message Date
Arpit Jalan 6661cebff8 FIX: do not log duplicate username changes 2017-02-28 01:32:00 +05:30
Arpit Jalan b32d3d66e5 FEATURE: log all username and name changes 2017-02-28 00:23:27 +05:30
Sam 783bac9ff7 less stubbing for better clarity and robustness 2017-02-13 14:34:15 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Robin Ward 496682c442 Merge pull request #4662 from tgxworld/fix_localized_group_name_change
Fix localized group name change
2017-01-26 10:50:00 -05:00
Neil Lalonde 6b93b09404 FIX: when blocking a user results in hiding their posts, only hide posts made in the last 24 hours 2017-01-19 15:56:22 -05:00
Guo Xiang Tan 706b4f6b9f FEATURE: Remap group mentions when group name has been changed. 2017-01-18 13:39:34 +08:00
Robin Ward 86c52c72f6 FIX: Deleting a user was not deleting their directory items 2017-01-16 11:46:52 -05:00
Guo Xiang Tan e3b6f9b8ae FIX: Do not update user stats like counts for private messages. 2017-01-16 11:07:53 +08:00
Guo Xiang Tan 38496985ef Fix syntax error. 2017-01-12 10:03:37 +08:00
Guo Xiang Tan 23d4435af1 Oops. 2017-01-12 09:56:20 +08:00
Guo Xiang Tan 515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00
Neil Lalonde b177827841 more specs for staff action logging 2017-01-11 11:41:21 -05:00
Guo Xiang Tan d10fe51b72 Fix broken specs since all urls will be oneboxed. 2017-01-06 10:05:51 +08:00
Guo Xiang Tan f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Sam d28d8a1f85 FIX: order by op_likes leads to broken browsing 2016-12-27 19:08:54 +11:00
Sam c531f4ded5 remove rails-observers
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.

For example: if we want to upgrade to rails 5 there is no published gem

Internally the usage of observers had quite a few problem.

The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam 019f1a1d06 UserEmailObserver is now removed
no big surprises here was pretty straightforward

after_commit semantics sure are weird though
2016-12-22 16:46:53 +11:00
Sam 2f6a4cc6de remove UserActionObserver, replace with after_save and service
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam 0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan 13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Régis Hanol 6edd3c347c FIX: automatically disable digests when enabling mailing list mode 2016-11-28 15:52:35 +01:00
Guo Xiang Tan f824afb4d3 FEATURE: Allow date_of_field column to be updated. 2016-11-17 15:16:58 +08:00
Sam aaf947356b correct regression where notifications scope is not pushing to push server 2016-10-14 22:52:39 +11:00
Sam f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Sam 3ad8616f44 Merge pull request #4476 from xfalcox/localize-badge-notifications
FIX: Properly localize badge notification on batch grant
2016-10-12 15:16:35 +11:00
Rafael dos Santos Silva 48fa1f141f Add specs for localized notifications on backfilled badges 2016-10-11 19:15:36 -03:00
Sam 89daa43754 FEATURE: remap emojis back for push notifications and desktop alerts 2016-10-11 13:03:48 +11:00
cpradio 6f1c31d777 Add notification level user preference when replying to a topic 2016-09-30 14:58:07 -04:00
Robin Ward c94e6f1b96 Add locale step 2016-09-22 09:52:19 -04:00
Neil Lalonde 06eb256d0a FIX: blocking users should never hide all posts if they are trust level 1 or higher 2016-09-12 11:58:10 -04:00
Sam 340874d345 FIX: post notifications in JSON so we properly support arrays and so on 2016-09-04 15:51:16 +10:00
Sam 4fe52c8cbe FEATURE: backend support for pushing notifications to clients 2016-08-26 12:47:10 +10:00
Arpit Jalan 4a2f0e772c add specs for post ownership change without revision 2016-08-20 01:27:48 +05:30
Robin Ward 4061725a95 FIX: Don't ever grant badges when they're disabled 2016-08-19 15:16:37 -04:00
Robin Ward 3d62e5dd98 SECURITY: XSS issue on Admin users list 2016-08-05 12:01:16 -04:00
Sam 9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Robin Ward c279889191 FIX: Watching First Post in groups was working incorrectly 2016-07-21 15:05:10 -04:00
Robin Ward 09be741820 FIX: Don't alert on new posts in a topic unless it's a new record 2016-07-19 15:57:05 -04:00
Guo Xiang Tan d55da4fe1b Revert "Revert "Update rails.""
This reverts commit 4d27d7e1d3.
2016-07-18 11:00:23 +08:00
Robin Ward 4d27d7e1d3 Revert "Update rails."
This reverts commit 898ec43989.
2016-07-15 16:35:57 -04:00
Guo Xiang Tan 898ec43989 Update rails. 2016-07-15 13:18:30 +08:00
Sam 4161ee210a FEATURE: improved tag and category watching and tracking
- present tags watched on the user prefs page
- automatically watch or unwatch old topics based on watch status

New watching and tracking logic takes care of handling old topics
(either with or without read state)

When you watch a topic you now watch historically

Also removes confusing warnings from user.
2016-07-08 12:58:30 +10:00
Robin Ward 2005565c9c Server side code for Watching First Post Only 2016-07-07 11:21:50 -04:00
Robin Ward 83e46cc302 FIX: Restrict changing ownership to one topic 2016-06-17 14:20:14 -04:00
Neil Lalonde d62f2b4d67 UX: rename setting num_flags_to_block_new_user to num_spam_flags_to_block_new_user 2016-06-15 13:19:06 -04:00
Neil Lalonde 1c9519636c FEATURE: new users can be blocked from posting if enough TL3 users flag their posts 2016-06-15 10:51:34 -04:00
Robin Ward 0396b14b70
FEATURE: New "First Onebox" badge 2016-04-12 15:31:14 -04:00
Sam 72849e65de FIX: when granting old badges that are bronze, do not notify 2016-04-12 22:08:38 +10:00
Sam a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Sam f9e5c49350 FIX: blue notification instead of green for replies/mentions in PMs 2016-03-22 14:28:14 +11:00
Régis Hanol f15d463eb8 FIX: user 'UserBlocker' when blocking a new user 2016-03-18 12:16:37 +01:00
Sam c2fa314684 test username actually changes 2016-03-18 12:32:09 +11:00
jeremylan 1c7a0cb514 Updated test to check for Site Setting full_name_required
Added context and new test to check for correct user anonymizing depending on full_name_required Site Setting
2016-03-18 09:43:48 +11:00
Sam Saffron e947c3b9ec correct for earlier versions of ruby 2016-03-17 09:25:48 +11:00
Sam Saffron 8577b7e2cc FIX: setting owner on topic should not bump topic 2016-03-17 08:32:56 +11:00
Sam Saffron b300d60086 FIX: when changing owner of last post user list on topic incorrect 2016-03-16 23:49:54 +11:00
Régis Hanol 2747e14b4c FEATURE: hide elided part of incoming emails behind a [details] tag 2016-03-09 18:51:54 +01:00
Neil Lalonde 091e7ef3ca FIX: when a post is edited by someone other than the original author and a mention is added, the mention notification is from the person who edited 2016-03-08 15:26:12 -05:00
Sam af577a5854 FEATURE: like notification frequency of never 2016-03-06 09:12:59 +11:00
Sam Saffron 8b1772ac0f FIX: if user undos like, and relikes notify
FEATURE: roll up likes for notify on all likes
2016-03-04 22:56:27 +11:00
Sam 5a6c34fb8a regression, unable to edit posts 2016-03-03 16:00:14 +11:00
Guo Xiang Tan 9d24a00f2e Merge pull request #4055 from tgxworld/fix_topic_view_not_working_in_redis_readonly
FIX: Topic view not working when Redis is readonly.
2016-03-03 08:48:31 +08:00
Guo Xiang Tan 5f8e20aa1d FIX: Topic view not working when Redis is readonly. 2016-03-03 08:26:45 +08:00
Neil Lalonde c1aea91d63 FEATURE: More digest email frequency options. Digests can be sent as often as every 30 minutes. 2016-03-02 15:43:47 -05:00
Sam Saffron 5f4075a6cf FEATURE: users can select how frequently they are notified on likes
- first time
- first time and daily (default)
- always
2016-03-02 23:16:52 +11:00
Sam Saffron 820a435af8 FEATURE: add "email in-reply-to user option"
We no longer include previous replies as "context", instead
we include and excerpt of the post being replied to at the bottom
of notifications, this information was previously missing.

Users may opt in to emailing previous replies if they wish
or opt out of "in-reply-to" which makes sense in some email clients that
are smarter about displaying a tree of replies.
2016-02-26 00:05:59 +11:00
Guo Xiang Tan e7cfbfeabb FIX: `Array#first` with block will return the first element if nothing matches. 2016-02-24 22:34:40 +08:00
Robert Riemann 9c39647cd2 fix: support for hyphens in group name
The group mention @ORG-team triggers notifications for the group @ORG. This fix changes the RegExp, so that the group name is correctly extracted.

see: https://meta.discourse.org/t/group-mentions-that-begin-with-the-same-characters-may-be-incorrect/39892/12?u=rriemann
2016-02-23 23:55:31 +01:00
Régis Hanol 8d1da9cedd FEATURE: keep original title when sending email notifications about a PM 2016-02-23 01:34:16 +01:00
Sam f0e942f647 PERF: move 3 more option columns out of the user table 2016-02-18 16:57:22 +11:00
Sam 3829c78526 PERF: shift most user options out of the user table
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded

New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
Sam Saffron 4099823efe FIX: batch badge assigner was not including full info in notification
(missing drilldown link in notification)
2016-02-01 18:27:07 +11:00
Arpit Jalan cf1bd35fc6 FIX: while changing site text, old and new values can be nil 2016-01-18 20:56:14 +05:30
Sam cba76db53b FIX: if people link own post, watchers not notified 2015-12-31 10:51:58 +11:00
Arpit Jalan 4c967d11b4 FEATURE: log site text changes 2015-12-18 19:42:06 +05:30
Guo Xiang Tan 8b6b3cf858 FIX: Admin logging should not log permissions if none has been set. 2015-12-06 15:29:13 +08:00
Andy Waite 3e50313fdc Prepare for separation of RSpec helper files
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`

`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).

For more information:

https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files

In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.

This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.

At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
Sam d1a5d8ea62 FEATURE: show group mentions and topics in groups page 2015-12-01 16:52:43 +11:00
Sam ad3dd161e7 FEATURE: first class group mentions built in
If you allow a group to be mentioned it can be mentioned with the @ symbol.

Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 17:08:43 +11:00
Neil Lalonde 84342ecdef FIX: anonymized user's preferences should have system assigned avatar chosen 2015-11-27 14:37:30 -05:00
Robin Ward d65ec1af2e Rename `ninja_edit_window` to `editing_grace_period` :'( 2015-11-24 14:28:42 -05:00
Guo Xiang Tan d9fe78da20 FIX: Topic#last_posted_at was not being set when changing topic timestamp. 2015-10-20 10:12:52 +08:00
Robin Ward eacd75bcf8 SECURITY: Unread post notifications should respect whispers 2015-10-19 16:32:10 -04:00
Guo Xiang Tan f39b9124b6 FEATURE: Log staff actions for Category changes. 2015-09-18 10:53:08 +08:00
Neil Lalonde 354a3f9638 add test for auth_token being cleared by user anonymizer, which it already does 2015-09-10 11:17:48 -04:00
Sam 262f561a87 FEATURE: relax username rules to allow - and . and leading _
This relaxes our very strict username rules to allow for some long asked for requests

- leading _ is now allowed
- . is allowed except for trailing char and confusing extensions like .gif .json
- dash (-) is now permitted
2015-09-02 12:13:44 +10:00
Arpit Jalan 10b8e43a92 FIX: send new email activation token if the original token expired 2015-08-24 12:00:00 +05:30
Sam 94f05a40de FIX: when destroying users we were leaving drafts behind 2015-08-24 16:05:08 +10:00
Guo Xiang Tan 89f4ebfb36 Fix timestamp comparison in tests.
Follow up to 58190c92e9.
2015-08-22 10:12:02 +08:00
Guo Xiang Tan c7a21b7c23 FEATURE: Allow admin to change timestamp of topic. 2015-08-17 00:00:05 +08:00
Sam 5ee4d3ba8c FIX: log post deletion even if user is deleted. 2015-08-14 13:57:02 +10:00
Sam 5ab7f7e88d FIX: double like notification
If you got a like -> edit/quote/etc -> like you would get a
double notification
2015-06-19 12:31:36 +10:00
Neil Lalonde 3a67c02c7a FIX: change topic creator wasn't removing the topic from the previous creator's activity stream 2015-05-29 17:39:36 -04:00
Sam 1e4c7dfbe7 FIX: invalid plan generation when % in query on badge definition UI 2015-05-28 16:06:22 +10:00
Régis Hanol d4974b7093 FIX: anonymous mode don't work when names are required 2015-05-15 14:20:15 +02:00
Arthur Neves b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec
This conversion is done by Transpec 3.1.0 with the following command:
    transpec

* 424 conversions
    from: obj.should
      to: expect(obj).to

* 325 conversions
    from: == expected
      to: eq(expected)

* 38 conversions
    from: obj.should_not
      to: expect(obj).not_to

* 15 conversions
    from: =~ /pattern/
      to: match(/pattern/)

* 9 conversions
    from: it { should ... }
      to: it { is_expected.to ... }

* 5 conversions
    from: lambda { }.should_not
      to: expect { }.not_to

* 4 conversions
    from: lambda { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should_not
      to: expect { }.not_to

* 1 conversion
    from: === expected
      to: be === expected

* 1 conversion
    from: =~ [1, 2]
      to: match_array([1, 2])

For more details: https://github.com/yujinakayama/transpec#supported-conversions
2015-04-25 11:18:35 -04:00
Robin Ward 151b559e4c FIX: If you delete a user, delete their queued posts as well. 2015-04-24 16:04:44 -04:00
Sam 4bfca12b11 FEATURE: anonymous_account_duration_minutes , cycle anon accounts after N minutes from last post
fixes it so anon users can not like stuff
2015-04-08 12:30:02 +10:00