1ab91f0474
FIX: preserve github fragment URL
2018-12-19 12:34:47 +05:30
cae5ba7356
FIX: Ensure that multisite s3 uploads are tombstoned correctly ( #6769 )
...
* FIX: Ensure that multisite uploads are tombstoned into the correct paths
* Move multisite specs to spec/multisite/s3_store_spec.rb
2018-12-19 13:32:32 +08:00
6774b64aef
FEATURE: add /conduct as an alias for /guidelines
2018-12-18 16:40:24 -05:00
9c6f77f9da
DEV: Remove the unique_searches column from select query
2018-12-19 02:45:48 +05:30
6080e3a2c0
FIX: Broken spec
2018-12-18 14:55:09 -05:00
662cfc416b
FEATURE: Show a blurry preview when lazy loading images
...
This generates a 10x10 PNG thumbnail for each lightboxed image.
If Image Lazy Loading is enabled (IntersectionObserver API) then
we'll load the low res version when offscreen. As the image scrolls
in we'll swap it for the high res version.
We use a WeakMap to track the old image attributes. It's much less
memory than storing them as `data-*` attributes and swapping them
back and forth all the time.
2018-12-19 01:57:30 +08:00
c279792130
FIX: Allow sending test e-mails to any email address when disable_email is set to non-staff ( #6792 )
2018-12-18 16:12:05 +01:00
825ae86857
FEATURE: Remove full quote only if first paragraph. ( #6793 )
2018-12-18 15:46:20 +01:00
a313b01148
DEV: raise error if search term length is less than required
2018-12-18 20:06:59 +05:30
341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column ( #6791 )
2018-12-18 19:13:46 +05:30
577af81e76
FIX: Font tag resulted in wrong email trimming
2018-12-18 11:40:54 +01:00
37461a6398
FIX: Weird mixture of line breaks resulted in wrong email trimming
2018-12-18 11:40:54 +01:00
98d09c90ac
Current user serializer groups ( ef7f84b follow-up)
2018-12-18 09:05:45 +01:00
5c2e194d01
SECURITY: Users can pick non-avatar uploads.
...
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:38:25 +08:00
899caf35ba
Revert "SECURITY: User could non-avatar uploads."
...
This reverts commit 89581fa301
2018-12-18 13:37:31 +08:00
89581fa301
SECURITY: User could non-avatar uploads.
...
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:35:33 +08:00
d7660dfe40
FIX: Enabling readonly mode should clear anon cache as well.
2018-12-18 11:56:25 +08:00
efcea148eb
DEV: Use destroy! method to raise error if any (#0d3c1cde)
2018-12-18 03:05:43 +05:30
2bdbca3801
DEV: Remove unnecessary `to_not raise_error` from specs
...
Follow-up to 01cdbd3a13
2018-12-17 16:10:10 +01:00
1023003eba
FIX: Strip remote url before import. ( #6762 )
2018-12-17 15:27:49 +01:00
01cdbd3a13
FEATURE: Prohibit S3 bucket reusage
...
This validation makes sure that the s3_upload_bucket and the
s3_backup_bucket have different values. The backup bucket is
allowed to be a subfolder of the upload bucket. The other way
around is forbidden because the backup system searches by
prefix and would return all files stored within the backup
bucket and its subfolders.
2018-12-17 11:35:28 +01:00
1a8ca68ea3
FEATURE: Improve backup stats on admin dashboard
...
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
c0aae16f6b
FIX: Clear anon cache when disabling readonly mode.
...
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
e9ea0102a5
FIX: Consistency about our response for invalid user id in `Admin::UsersController`.
2018-12-15 08:01:35 +08:00
ef0e84e3d9
FIX: clear the site_contact_username setting if the user's staff privileges are revoked
2018-12-14 16:52:44 -05:00
0d3c1cde90
FIX: Use find_by_id method to prevent record not found exception
2018-12-15 03:19:45 +05:30
1960236822
FIX: Suspicious login detection ( #6772 )
2018-12-14 16:30:34 +00:00
9f3e2a9e34
FIX: Only serialize group membership domains for administrators ( #6771 )
2018-12-14 15:47:00 +00:00
b0c2e9bb05
minor changes to default script-src ( #6770 )
...
- add report-sample to force require a sample of the violating code
- do not whitelist GA/GTM's entire domain
2018-12-14 08:17:31 -05:00
03014b0d05
FEATURE: adds security tab to dashboard ( #6768 )
...
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
9f89aadd33
FIX: delete all posts in batches without hijack ( #6747 )
2018-12-14 11:04:18 +01:00
73c776d881
Update wizard updater spec ( dbbadb5c follow-up)
2018-12-13 11:20:01 +01:00
59c56bd20f
DEV: anonymizing should not delete uploads
...
We have another job for upload deletion cause uploads may be shared
2018-12-13 16:43:48 +11:00
7ee9a6a7ec
SECURITY: do not delete avatars uploads when deleting accounts
...
We rely on the clean up uploads job to do this safely
2018-12-13 16:26:07 +11:00
94b8ba4f8f
FIX: remove slow platform detection from server side
...
Historically due to https://meta.discourse.org/t/why-is-discourse-so-slow-on-android/8823
we decreased page sizes of both home page and topic page on android by half.
This was done on the server side and as a side effect and caused page sizes on android
to mismatch between Android and non Android.
Unfortunately about a year ago googlebot started pretending it is Android,
this cause Google to start indexing pages as what android would see. So
it saw double the amount of pages in the index as what exists on desktop.
This in turn caused double the amount of indexing work and a large amount
of broken links on long topics.
This fix removes all special behavior which is no longer needed due to
other performance work in Discourse including raw handlebars on home page
and virtual dom on topic pages.
I tested we do not need this on Blu Advance 5.0 it has 1.3 GHZ mediatec mt6580
This phone retails for around $50 USD.
If we decide long term that we want any hacks like this we will shift them
to the client side. It can just hold data in memory without rendering.
2018-12-13 13:57:05 +11:00
3b76f19668
FIX: invalidating inactive admin emails should mark them as not active
2018-12-12 17:07:49 -05:00
a1db15fead
FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days.
2018-12-12 15:32:38 -05:00
7cac04e1a8
* FEATURE: Adds site setting to let quotes on direct replies.
...
* DEV: Added test.
* FIX: Do not bump topic when removing full quotes.
2018-12-12 15:42:53 +01:00
dbbadb5c35
FEATURE: add short_site_description setting to be included in title tag on homepage
2018-12-12 11:46:58 +01:00
0f734e2ae2
FIX: Return authenticated=true when reconnecting
...
This prevents a registration popup on the client
2018-12-11 17:40:02 +00:00
688755baf2
DEV: Improve specs and handle invalid email token
...
Follow-up to 7977b09025
2018-12-11 18:04:10 +01:00
c7c56af397
FEATURE: Allow connecting associated accounts when two-factor is enabled ( #6754 )
...
Previously the 'reconnect' process was a bit magic - IF you were already logged into discourse, and followed the auth flow, your account would be reconnected and you would be 'logged in again'.
Now, we explicitly check for a reconnect=true parameter when the flow is started, store it in the session, and then only follow the reconnect logic if that variable is present. Setting this parameter also skips the 'logged in again' step, which means reconnect now works with 2fa enabled.
2018-12-11 13:19:00 +00:00
3fedb2ad20
DEV: Style and performance improvements
...
Follow-up from 9db8291
2018-12-11 09:58:20 +00:00
671469bcc7
FIX: URLs containing two # would fail to work
...
Some URLs in browsers are non compliant and contain twos `#` this commit adds
special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 18:03:13 +11:00
7977b09025
FEATURE: Activate users invited via email when invite is redeemed
...
Do not send an activation email to users invited via email. They
already confirmed their email address by clicking the invite link.
Users invited via link will need to confirm their email address before
they can login.
2018-12-11 00:09:53 +01:00
9db829134c
FIX: Use database to persist metadata during social registration ( #6750 )
...
Previously was using the cookie_store, which is limited to 4kb. This caused issues for providers sending large volumes of metadata about a user.
2018-12-10 15:10:06 +00:00
da41a515cd
Add test to check if posts are auto rebaked by PeriodicalUpdates job when gravatar download is disabled
...
follow-up for 8e307e633e
2018-12-10 11:10:57 +11:00
502a0fe778
FIX: support connecting GitHub with existing accounts
2018-12-10 09:27:00 +11:00
160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator ( #6739 )
...
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
9e3143445b
DEV:add uploaded_meta option in category for category meta image ( #6724 )
2018-12-07 16:24:07 +01:00
86f8734bc0
FIX: Prioritize explicit 'connect' over matching by email
...
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
2018-12-07 15:05:51 +00:00
3cad3f9df1
DEV: Add profile fetching support to `ManagedAuthenticator`
2018-12-07 15:05:51 +00:00
f7ce607e5d
FIX: Return 422 instead of 500 for invalid SSO signature ( #6738 )
2018-12-07 15:01:44 +00:00
6c71395bf6
FIX: Only hide shared draft topics from `latest` ( #6737 )
...
Previously we were hiding them from all topic lists, which can result in
topics being "stuck" in an unread state with no easy way to clear them.
2018-12-07 12:44:23 +00:00
41e184280d
FEATURE: Remove full quotes of direct replies. ( #6729 )
2018-12-07 13:07:11 +01:00
5e09398c5b
FIX: Do not serialize user fields unless they are specified for display ( #6736 )
2018-12-07 10:57:28 +00:00
0b1d660876
UX: Make shared drafts behaviour consistent for non-staff users ( #6734 )
...
This makes it easier to diagnose the problem when a public category
is set as the 'shared drafts category'. Doing this is not recommended.
2018-12-06 18:59:29 +00:00
e8f32dd3ba
DEV: Fix extremely rare test failure
...
If this was the first test to run, the Fabricate(:user) would be given
the same ID as the Fabricate.build(:user, id: 1). This works around it.
2018-12-06 13:32:56 +00:00
7ec124fc89
FEATURE: Improved deprecation warnings ( #6722 )
...
* FEATURE: Discourse.deprecate can report version
* Ember counterpart for deprecation
2018-12-06 11:38:01 +00:00
43cfdb1cb9
FIX: Wizard tries harder to find existing Welcome Topic
...
The wizard searches for:
* a topic that with the "is_welcome_topic" custom field
* a topic with the correct slug for the current default locale
* a topic with the correct slug for the English locale
* the oldest globally pinned topic
It gives up if it didn't find any of the above.
2018-12-06 10:27:22 +01:00
27c793a192
FIX: `UserNotificationsHelper#logo_url' to work with S3 based uploads.
...
https://meta.discourse.org/t/digest-logo-not-working/103255
2018-12-06 09:39:08 +08:00
b585f7f336
DEV: Apply code review.
2018-12-05 21:56:18 +01:00
1a4f592749
FIX: Always allow admins upload selectable avatars.
2018-12-05 21:55:23 +01:00
37249c9a32
FIX: Do not reset link counts when post is rebaked
...
This was an indentation mistake introduced in 44eba0b
2018-12-05 18:54:30 +01:00
978f0db109
SECURITY: Require groups to be given when inviting to a restricted category. ( #6715 )
2018-12-05 16:43:07 +01:00
d33d031742
FEATURE: Filter topic and post web hook events by tags ( #6726 )
...
* FEATURE: Filter topic and post web hook events by tags
* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
82e45f5485
FIX: method extraction caused push notifications to include incorrect post
...
Previously the push notification code path was not tested for notification
collapsing. This happens if you get multiple replies to a topic you are
watching.
2018-12-05 16:40:10 +11:00
99117d664c
FEATURE: Multisite support for S3 backup store ( #6700 )
2018-12-05 10:10:39 +08:00
e117deb2ba
FIX: Improve avatar loading, and add tests
...
Follow-up from 4e2cc9c
2018-12-04 15:09:32 +00:00
22001b3c50
DEV: Run tests with default value for `max_consecutive_replies` ( #6723 )
2018-12-04 12:07:27 +00:00
3c9c95ac83
Update Rubocop to 0.60
2018-12-04 10:48:16 +01:00
aa97f6fdba
FEATURE: disable notifications for small actions that are whispers
...
Previously we would notify on small actions if they were whispers
this inconsistently lead to all sorts of problems including
- collapsed "N replies" after assign
- empty push notifications
New behavior adds an api to explicitly send push notifications as well
if needed: create_notification_alert
2018-12-04 17:54:42 +11:00
5c17e46274
FEATURE: allow advanced specification of excerpts for posts
...
Previously users could control excerpt with `<span class='excerpt'>`
in Markdown, this is somewhat limited for plugins that need to define this
across a section. This adds support for DIV as well
2018-12-04 15:13:34 +11:00
9248ad1905
DEV: Enable `Style/SingleLineMethods` and `Style/Semicolon` in Rubocop ( #6717 )
2018-12-04 11:48:13 +08:00
1a4676c6e0
FIX: Fixed tests. ( #6716 )
2018-12-03 17:03:11 +01:00
f8e6a37858
FIX: raise exception when getting dimensions of missing image
...
- follow-up on 0eacd45ab1
2018-12-03 10:19:49 -05:00
3f8fa4ad4e
FEATURE: Do not check consecutive replies for original poster. ( #6714 )
2018-12-03 02:32:29 -08:00
503ae1829f
FIX: All multisite upload paths should start with /uploads/default/.. ( #6707 )
2018-12-03 12:04:14 +08:00
6121d11187
FIX: make staff_edit_locks_post work with download_remote_images_to_local
2018-12-03 14:14:59 +11:00
f555582eb2
DEV: add extra diagnostics for intermittent test fail
2018-12-03 11:46:31 +11:00
1073634271
FIX: show generic title when quoting off-topic secure category posts
2018-12-03 09:42:32 +11:00
236c755d62
FIX: do not store key tracking last seen time indefinitely
...
UserStat has some special logic to keep adding time read if repeat calls
are made in intervals less than 100 seconds. This is called regularly
when we update read timings on a topic.
We only need to cache this key in redis for 100 seconds, however previously
we would keep it forever, 1 key per user. This has potential of bloating
a very large amount of keys for no longer active users in redis.
2018-12-03 08:35:26 +11:00
4e010382cc
REFACTOR: Initialize auth providers after `plugin.activate!`
...
Also added some helpful functionality for plugin developers:
- Raises RuntimeException if the auth provider has been registered too late
- Logs use of deprecated parameters
2018-11-30 16:58:18 +00:00
488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP ( #6704 )
...
* FEATURE: allow plugins and themes to extend the default CSP
For plugins:
```
extend_content_security_policy(
script_src: ['https://domain.com/script.js ', 'https://your-cdn.com/ '],
style_src: ['https://domain.com/style.css ']
)
```
For themes and components:
```
extend_content_security_policy:
type: list
default: "script_src:https://domain.com/ |style_src:https://domain.com "
```
* clear CSP base url before each test
we have a test that stubs `Rails.env.development?` to true
* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
208005f9c9
REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
...
Changes to functionality
- Removed syncing of user metadata including gender, location etc.
These are no longer available to standard Facebook applications.
- Removed the remote 'revoke' functionality. No other providers have
it, and it does not appear to be standard practice in other apps.
- The 'facebook_no_email' event is no longer logged. The system can
cope fine with a missing email address.
Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
534e1b1b18
DEV: Introduce Auth::ManagedAuthenticator
...
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00
059e36a6ff
FIX: log name changes only when the name is actually updated
2018-11-30 15:30:46 +05:30
fc0b7c9e26
FIX: incoming email matches the wrong user if null bounce key available in db
2018-11-30 12:29:51 +05:30
c6adf7f032
DEV: correct heisentest
...
After you visit a page in Rails an INFO is logged, this depending on
timing could land in the string or not
This changes the level to WARN which avoids the issue
2018-11-30 15:03:41 +11:00
eecd1a7d8c
FIX: `Jobs::CleanUpUploads` fails when value of upload data_type is an empty string.
2018-11-30 10:46:39 +08:00
ad665b901a
FIX: Refactor commit a8c3ca, add test
2018-11-29 19:12:00 -05:00
0eacd45ab1
FIX: refactor ImageSizer.resize
...
reverts 140d9c2
2018-11-29 15:28:45 -05:00
40f10855c6
FIX: defer flags (only) when handling a flag and deleting replies ( #6702 )
2018-11-29 22:44:18 +05:30
4a8f21d387
FIX: prevent minimum_required_tags on category being set to null ( #6703 )
...
* FIX: prevent minimum_required_tags on category being set to null
* add migration for NOT_NULL constraint for minimum_required_tags
* add specs
2018-11-29 18:10:14 +01:00
ddd260941e
FIX: Fix query selecting users not accepting PMs.
2018-11-29 15:59:30 +08:00
56034c733a
UX: Strip class when link is not oneboxed due to site setting limits.
2018-11-29 14:33:01 +08:00
05a4f3fb51
FEATURE: Multisite support for S3 image stores ( #6689 )
...
* FEATURE: Multisite support for S3 image stores
* Use File.join to concatenate all paths & fix linting on multisite/s3_store_spec.rb
2018-11-29 12:11:48 +08:00
55945ec7c8
FIX: throw error when link in reason for grant badge is an external link ( #6690 )
2018-11-28 18:01:41 +01:00
3ae4c9ab6d
Suppress tar(1)'s output ( #6694 )
2018-11-28 17:32:19 +01:00
bfb3c4d9f9
DEV: create bounce alert earlier if email_log detected from bounce_key
2018-11-28 21:13:06 +05:30
e7b76b319a
FEATURE: Setting for short title used by Android on homescreen
2018-11-28 14:59:30 +01:00
25253dec56
FIX: Get email address from email_log if bounced with verp
...
We can not access mail.final_recipient attr if it bounced with verp
2018-11-28 19:04:09 +05:30
851ef14096
Revert "FIX: do not agree flags by default when deleting posts"
...
This reverts commit cb6fc8057b
2018-11-28 10:21:11 +05:30
7dbf709467
FIX: create whisper post in PMs when bounces with verp and user is staged
2018-11-28 08:24:23 +05:30
654d7996ae
FIX: title was repeating on about page
2018-11-28 08:06:14 +05:30
a1e77aa2ed
FEATURE: Reimplement `SiteSetting.max_oneboxes_per_post`. ( #6668 )
...
Previously, the site setting was only effective on the client side of
things. Once the site setting was been reached, all oneboxes are not
rendered. This commit changes it such that the site setting is respected
both on the client and server side. The first N oneboxes are rendered and
once the limit has been reached, subsequent oneboxes will not be
rendered.
2018-11-27 16:00:31 +08:00
6cb49cd42c
Merge pull request #6671 from techAPJ/destroy-posts-flags
...
FIX: do not agree flags by default when deleting posts
2018-11-27 11:27:23 +05:30
cb6fc8057b
FIX: do not agree flags by default when deleting posts
2018-11-27 10:57:20 +05:30
68bef91dd6
DEV: Minor clean up of specs.
2018-11-27 13:09:58 +08:00
1da265db11
UX: category images have no sizes ( #6662 )
2018-11-27 08:40:06 +08:00
03deda2147
Upgrade to FontAwesome 5 (take two) ( #6673 )
...
* Add missing icons to set
* Revert FA5 revert
This reverts commit 42572ff
2018-11-26 16:49:57 -05:00
5640166b27
FIX: Notify only invited users about mentions in PMs
2018-11-26 22:42:56 +01:00
cedd2118c4
FEATURE: If PM email bounced for staged user then alert in whisper reply ( #6648 )
2018-11-27 00:29:37 +05:30
afcf149c34
FIX: Fix mentions for mixed case group names
2018-11-26 15:34:56 +00:00
482013a1d4
FIX: Group mentions missing after post processing.
2018-11-26 12:57:07 +08:00
57e2f4990d
PERF: Move processing of inline onebox out of V8 context. ( #6658 )
2018-11-26 09:21:38 +08:00
0ee822c550
remove unneeded variable assignment
2018-11-25 23:36:34 +05:30
b5bf182ad5
FIX: validate topic deletion when acting on a flag
2018-11-25 23:24:03 +05:30
a3ed570124
FIX: Fix routes ending in `:username` for usernames containing periods ( #6660 )
2018-11-23 17:41:41 +00:00
c38f7b240b
DEV: Fix build.
2018-11-23 17:34:50 +02:00
172b3bf4d3
FIX: Fix broken theme field URLs. ( #6622 )
2018-11-23 16:11:05 +01:00
f645cb9c14
FEATURE: Use translated name for 'your email has been authenticated by' ( #6649 )
2018-11-22 19:12:04 +00:00
2ef16e9f4e
FIX: Failed to delete post belonging to non-existent topic
2018-11-22 15:08:37 +01:00
a57baeec2a
Fix the build.
2018-11-22 16:37:24 +08:00
28a6cf8228
FIX: Mention lookup should be case insensitive.
2018-11-22 16:32:56 +08:00
3f636b2d19
FIX: Check whether group is mentionable by user when cooking post.
2018-11-22 16:16:33 +08:00
672e95bcb4
FIX: Staged users should not be mentionable.
2018-11-22 15:00:46 +08:00
c5a70eca6e
PERF: Move mention lookups out of the V8 context. ( #6640 )
...
We were looking up each mention one by one without any form of caching and that results
in a problem somewhat similar to an N+1. When we have to do alot of DB
lookups, it also increased the time spent in the V8 context which may
eventually lead to a timeout. The change here makes it such that mention lookups only does a single
DB query per post that happens outside of the V8 context.
2018-11-22 14:28:48 +08:00
596e09aaf9
FIX: Wizard icons step fields have incorrect values.
...
https://meta.discourse.org/t/is-the-wizard-supposed-to-not-let-you-skip-adding-icons/102417
2018-11-22 14:19:36 +08:00
8e32aa1483
FEATURE: show post approvals in Moderation History ( #6643 )
2018-11-22 10:22:23 +08:00
d298f00046
DEV: Improve specs to be more specific about what has changed.
2018-11-22 10:10:07 +08:00
c376670bd2
FIX: a search term containing '& could lead to errors
...
This also makes sure that the search term in front or after special characters isn't ignored.
2018-11-21 22:07:56 +01:00
10cc698df3
FIX: respond with proper error message if user not found
2018-11-21 10:47:37 +05:30
20268385a5
FIX: never attempt to log invalid post numbers
...
Previously in some cases we would queue logging of invalid post numbers
The impact would be we would miss logging an incoming link and would leak
an error.
2018-11-21 11:58:47 +11:00
86255faa08
FEATURE: do not switch to JPEG unless you meet 75k byte savings
...
This also adjusts the algorithm to expect
- 30% saving for JPEG conversion
AND
- Minimum of 75K bytes saved
The reasoning for increase of saving requirements is cause PNG may have been
uploaded unoptimized, 30% saving on PNG is very possible
2018-11-21 11:01:08 +11:00
15e793fd3b
FEATURE: Terms of Service v1.0.0
...
Co-authored-by: Gerhard Schlager <mail@gerhard-schlager.at>
2018-11-21 00:45:16 +01:00
eacbe28f55
FIX: Skip gsub for normalizing whitespaces when text is nil ( #6631 )
2018-11-20 09:12:32 +01:00
1a57be3248
Avoid deprecated site setting logging in `SiteSetting.settings_hash`.
2018-11-20 11:59:38 +08:00
81b3bdaabd
FIX: Remove site settings override for deprecated url site settings.
2018-11-20 11:42:39 +08:00
4459665dee
REFACTOR: use tables instead of custom fields for polls ( #6359 )
...
Co-authored-by: Guo Xiang Tan <tgx_world@hotmail.com>
2018-11-19 14:50:00 +01:00
e860c8b844
FIX: adds support for missing reports from old dashboard ( #6624 )
2018-11-19 12:20:05 +01:00
cf21c7f5aa
DEV: Fix typo in specs.
2018-11-19 15:13:54 +08:00
fe131c5ea2
Fix missing avatars on topic list page.
...
Introduced in b50fab2d72
2018-11-19 14:55:41 +08:00
01dc0abb05
dev, give spec a bit more time waiting on timeout
2018-11-19 16:21:39 +11:00
b50fab2d72
PERF: Fix N+1 for non-staff users when tagging is enabled.
2018-11-19 12:53:58 +08:00
962fbd1ec7
include '/plugins/' directory for script-src and blob for worker-src
...
- plugins may include additional static JS assets
- ACE.js editor register a service worker with a blob for syntax
checking
2018-11-16 16:31:01 -05:00
45f299dfdd
PERF: Try to match users before groups.
...
User mentions are more common than group mentions so
this will allow us to avoid an extra query.
2018-11-16 16:41:20 +08:00
0ac5126a78
FIX: Clear uploads cache on `SiteSetting.refresh!`.
...
This fixes a bug where the return value of uploads site settings
may defer between processes even though we trigger a refresh via
MessageBus.
2018-11-16 11:02:51 +08:00
9e86b425bc
FIX: Job to clean up old URL settings when new setting has been set.
...
Related to 44391ee8ab
2018-11-16 09:33:31 +08:00
055d59373a
CSP: drop 'self' in `script-src` ( #6611 )
2018-11-15 12:14:16 -05:00
c52e68a0c8
FIX: better handling of missing welcome topic in wizard ( #6606 )
2018-11-15 12:20:48 +01:00
8e55e61a2e
Correct spec
2018-11-15 15:42:16 +11:00
e7001f879a
SECURITY: enforce hostname to match discourse hostname
...
This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname
2018-11-15 15:23:06 +11:00
6556a87629
FIX: only check for conflict on edit drafts
...
In some unknown cases non edit drafts are being checked for conflict
2018-11-15 13:14:07 +11:00
5852fe7975
FIX: change 'max_consecutive_replies' default to 3
2018-11-14 22:58:05 +01:00
7bc121a065
allow CSP reports to be sent when header isn't set by Discourse ( #6594 )
2018-11-14 16:23:29 -05:00
c701036034
FIX: reset bump date resets bumped_at to the last regular post in topic ( #6605 )
2018-11-14 18:56:22 +01:00
c78dcde973
FIX: only send originalText when we need to
2018-11-14 17:47:59 +01:00
b6576d9473
FEATURE: Add new setting to force user edit last post. ( #6571 )
2018-11-14 15:48:16 +01:00
d003ae45f9
DEV: Correct typo in users_controller_spec
2018-11-14 14:30:44 +00:00
df111259fe
More URL site settings into a onceoff job.
...
* Doing it in a post migration was a bad idea
because the migration will fail if the site
is down while trying to download uploads
which points to the instance. This mainly
affects self-hosters using `discourse_docker`
where `./launcher rebuild` will take the
existing container down.
2018-11-14 20:29:20 +08:00
fce0a0ccc8
FEATURE: Compute distance between logins to generate login alerts. ( #6562 )
2018-11-14 13:26:47 +01:00
f6fb079129
Disable wizard invites step when local_logins are turned off
2018-11-14 13:05:32 +01:00
34e4d82f1a
FEATURE: Report edit conflicts when saving draft. ( #6585 )
2018-11-14 12:56:25 +01:00
861b52b6f3
Fix the build take 2.
2018-11-14 18:07:04 +08:00
72370b9c36
Add deprecation warnings for url based site settings.
2018-11-14 16:09:26 +08:00
44391ee8ab
FEATURE: Upload Site Settings. ( #6573 )
2018-11-14 15:03:02 +08:00
17bc82765b
FEATURE: Log password changes in UserHistory ( #6600 )
2018-11-14 08:32:42 +08:00
38a9bc740d
FIX: change title when primary group changes ( #6602 )
2018-11-14 08:28:41 +08:00
467be59d75
FEATURE: Allow expanded posts to return user custom fields
2018-11-13 12:44:54 -05:00
2374f3e8ac
remove unnecessary expectation lines
2018-11-13 16:52:08 +05:30
d5df1db3c4
DEV: Improve tests to provide better errors when it fails.
2018-11-13 16:48:04 +08:00
e28af0429c
DEV: Improve tests to be more specific.
2018-11-13 15:02:46 +08:00
80ceb57c76
DEV: add API endpoint to destroy_timings only of last post
...
Previously API only allowed you to nuke all timings from a topic,
new API is less punishing and allows you just to remove 1 post.
2018-11-13 16:07:48 +11:00
7b44339529
FIX: Prevent uploads used in site settings from being deleted.
2018-11-13 09:15:16 +08:00
3493ea85cc
remove Logster from CSP whitelist ( #6593 )
...
Logster 1.3 no longer has inline JS and is now CSP compliant
2018-11-13 09:55:57 +11:00
0cb33d2b52
UX: Rename Most Disagreed Flaggers report to "User Flagging Ratio"
2018-11-12 16:23:37 -05:00
dda1824270
Use hijack in inline onebox controller
2018-11-13 02:39:20 +05:30
4f81bb8303
Disallow revision edits with empty raw content
2018-11-12 15:28:38 -05:00
44d95ad5ab
FIX: Cache url data for failed inline oneboxes
2018-11-13 01:44:20 +05:30
d89ffbeffd
FEATURE: Add button to delete unused tags ( #6587 )
...
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
2018-11-12 16:24:34 +00:00
5af9a69a3b
FIX: Do not check for suspicious login when impersonating. ( #6534 )
...
* FIX: Do not check for suspicious login when impersonating.
* DEV: Add 'impersonate' parameter to log_on_user.
2018-11-12 15:34:12 +01:00
012da86a07
FIX user directory time period count ( #6586 )
2018-11-12 15:30:05 +01:00
9c616e0679
FIX: handles not found reports in bulk loading ( #6582 )
2018-11-12 13:47:24 +01:00
7c4d4331bc
FEATURE: Better handling of quotation marks in site text search
...
It also matches 3 dots with the ellipsis symbol.
2018-11-12 13:26:41 +01:00
575d6855ea
DEV: Improve specs for `Validators::UploadValidator`.
2018-11-12 14:11:32 +08:00
e17a13ce19
FEATURE: additional "related messages" section
...
This splits out previous message correspondence from suggeted and instead
has a dedicated section called "related messages"
2018-11-12 13:04:42 +11:00
6b51d84dc5
FIX: Don't enqueue topics if the user can't create them
...
Co-authored-by: Vinoth Kannan <vinothkannan@vinkas.com>
2018-11-09 18:24:28 +01:00
64d9be726f
the protection I placed was in the wrong path moved to /session/sso
...
correct previous commit
2018-11-09 17:18:01 +11:00
3ae4fcd1f7
Improve redirect avoidance for /sso paths
...
e6b3310577
2018-11-09 17:03:58 +11:00
7d52f5869d
Revert "FIX: Don't enqueue topics if the user can't create them"
...
This reverts commit 515e103db6
2018-11-09 15:25:38 +11:00
e6b3310577
FIX: never redirect back to `/sso` it will cause a loop
...
If for any reason our return url is set to `/sso` bypass using it
for login redirect
2018-11-09 14:27:36 +11:00
515e103db6
FIX: Don't enqueue topics if the user can't create them
2018-11-09 06:10:23 +05:30
15991677d4
FIX: ensure we never cache login redirects by mistake
2018-11-09 11:14:35 +11:00
24e5be3f0c
FIX: Relative links in translations should work with subfolder
2018-11-08 23:31:05 +00:00
57f92ac808
Revert "Swtich to regexp for `DbHelper.remap`."
...
Regexp is so much slower.
This reverts commit c3f89e3cd7
2018-11-08 14:20:09 +08:00
c3f89e3cd7
Swtich to regexp for `DbHelper.remap`.
2018-11-08 14:08:38 +08:00
42572ff138
Revert font awesome 5 changes
...
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
9737938a4a
Add option to skip tabels when using `DbHelper.remap`.
2018-11-08 12:29:37 +08:00
09dc922b3b
Fix several FontAwesome 5 issues
...
add missing icons, update SvgSprite methods (to fix ruby 2.4 issues), update whisper icon in composer, fix alignment issues
2018-11-07 22:20:53 -05:00
3365753bd0
PERF: Reduce number of database queries for `DbHelper.remap`
...
* Cuts number of queries from 273 to 89
* Add some specs
* For a table with 500 posts, benchmarks locally shows a runtime
reduction from 0.046929135 to 0.032694705.
2018-11-08 10:54:39 +08:00
0122b8cd8b
Fix random build error
...
Request specs could poison the cache since clear_cache! deletes only today and yesterday from the cache.
2018-11-08 02:51:42 +01:00
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs ( #6557 )
...
* First take on subsetting svg icons
* FontAwesome 5 svg subset WIP
* Include icons from plugins/badges into svg sprite subset
* add svg icon support to themes
* Add spec for SvgSprite
* Misc. SVG icon fixes
* Use FA5 svgs in local-dates plugin
* CSS adjustments, fix SVG icons in group flair
* Use SVG icons in poll plugin
* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
1e64658c25
Fix brittle specs.
2018-11-07 15:02:53 +08:00
0a442e319c
FIX: correct svg handling for images
...
We regressed and optimized images no longer worked with svg
The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
2018-11-07 15:29:26 +11:00
2070edf889
FIX: Clarify User.group_locked_trust_level.
...
* Rename User.group_locked_trust_level to User.group_granted_trust_level.
* Remove the column from users table.
2018-11-07 10:27:44 +08:00
bdb8e9efdb
DEV: Remove mocks from specs.
2018-11-07 09:55:58 +08:00
06b9d8223a
FIX: search within topic not working correctly in CJK
...
We were splitting the term prior to search causing everything to miss
2018-11-07 09:41:55 +11:00
afbdf9c2d2
Merge pull request #6558 from pmusaraj/disallow-flagging-deleted-post
...
FIX: disable flagging hidden posts
2018-11-05 11:05:32 -08:00
7b3432f711
Enforce disabling flagging hidden posts server-side
2018-11-05 10:00:59 -05:00
78954672f9
FIX: uses hex to compare images
...
It prevents some terminals from crashing in case of errors and dumping the whole file content into the terminal.
2018-11-05 09:47:15 -05:00
1ac3e5473a
FIX: don't strip eml attachments from received emails
2018-11-05 09:35:22 +01:00
d84256a876
FEATURE: add Noindex to robots.txt for disallowed routes
...
This strips pages out of indexes that should not exist see:
https://meta.discourse.org/t/pages-listed-in-the-robots-txt-are-crawled-and-indexed-by-google/100309/11?u=sam
2018-11-02 16:39:47 +11:00
f9b36820ef
FIX: only extract script tags with certain types ( #6553 )
...
`script` tags with custom types (e.g. `text/template`) are not executed
by the browser, and should not be extracted into an external theme
JavaScript
2018-11-01 16:01:46 -04:00
ec91450aae
FEATURE: Track how many user flags are agreed/disagreed/ignored
...
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
ceafcbc898
FEATURE: show added date when looking at group members
2018-11-01 15:33:28 +11:00
aa044623bd
FIX: do not create superflous sessions when logged on
...
In some SSO implementations we may want to issue SSO pipelines for
already logged on users
In these cases do not re-log-in a user if they are clearly logged on
2018-11-01 12:54:01 +11:00
fa0e421af3
FIX: Do not leak information about post revisions. ( #6536 )
2018-10-31 14:47:00 +00:00
23423ba112
correct spec and error reporting
...
previous commit misused warn_exception which caused a spec to fail
2018-10-31 13:38:05 +11:00
589e3fcaa0
FIX: return 400 for missing required params ( #6546 )
...
If a required param is missing return a 400 and show a message
displaying which param was missing. Added this to the application
controller so that we don't have to add this logic to every controller
action.
2018-10-31 13:02:48 +11:00
e0ccd36dbe
FEATURE: Suspicious logins report. ( #6544 )
2018-10-30 22:51:58 +00:00
e1e392f15b
DEV: Use DiscourseIpInfo for all IP queries. ( #6482 )
...
* DEV: Use DiscourseIpInfo for all IP queries.
* UX: Use latitude and longitude for more precision.
2018-10-30 22:08:57 +00:00
9933059426
FEATURE: push related PMs to take first 3 slots
...
Previously the related PMs were last meaning you would have to work through
all unread to see them.
Also amends it so it either asks for related by group OR user not both.
2018-10-29 10:47:59 +11:00
2450f178ca
FEATURE: Allow admins to control PWA display mode per user agent
2018-10-26 13:47:22 -03:00
b2585524a9
FEATURE: adds a most disagreed flaggers report
2018-10-26 15:59:04 +02:00
ed9c21e42c
FEATURE: hide muted categories from /categories list ( #6531 )
2018-10-26 11:34:39 +11:00
d17c8df926
Only check for suspicious login for staff members
2018-10-26 00:29:28 +02:00
306d77b54f
FIX: don't use srcset on cropped thumbnails
2018-10-25 16:08:10 +02:00
a6eca28ec6
CSP - extract all other inline JavaScripts ( #6528 )
...
* wizard page inline js
* print topic inline js
* drop JS for preventing double submission
this is the default behavior with Rails' UJS `disable_with` helper
* omniauth complete redirect JS
* account activate inline js
2018-10-25 09:52:01 -04:00
56e0f47bcd
FIX: Do not update `last_seen` for API access
...
This regressed in 2dc3a50
2018-10-25 13:38:57 +01:00
effbef7d0b
UX: Use user locale for locations. ( #6527 )
...
* UX: Use user locale for locations.
* DEV: Added MaxMindDB test data and fixed test.
2018-10-25 10:54:01 +00:00
8e274f7296
UX: bumps the user-api-key version to 3 ( #6526 )
...
* UX: bumps the user-api-key version to 3
* fix spec
2018-10-25 09:46:34 +00:00
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
addf6f6d17
FIX: support comma in 'sso_provider_secrets' site setting
2018-10-24 21:23:18 +02:00
e955a7b49d
Revert "Revert "FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder ( #6523 )""
...
This reverts commit 322b27b6dc
2018-10-24 15:14:01 +11:00
322b27b6dc
Revert "FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder ( #6523 )"
...
This reverts commit 63356d883e
2018-10-24 15:03:58 +11:00
63356d883e
FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder ( #6523 )
2018-10-24 14:34:10 +11:00
5fd94d3211
PERF: limit unread count to 99 in blue circle
...
This revises: e605542c4e
2018-10-24 12:10:27 +11:00
cee51672c9
FIX: Strip accents from search query
...
4481836
2018-10-23 12:10:33 +11:00
b74dd7d379
FIX: stop logging every 404 error when searching for gravatars
2018-10-23 11:43:14 +11:00
adab7a3a48
improve test, also ensure no zero size is generated
2018-10-23 08:50:07 +11:00
bea8d337b2
DEV: ensure resizing test does not raise bad error
...
Current resizing test was showing binary diff in terminal and failing
in latest image magick 7, this fixes both issues
2018-10-23 08:45:06 +11:00
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
3e232412e3
UX: show error when hitting the rate limit on password reset
2018-10-22 19:00:30 +02:00
99b43f281b
FIX: Fix browser detection for Microsoft Edge. ( #6516 )
...
cool!
2018-10-22 23:15:41 +11:00
3377f26eba
FIX: Clean tag before searching for matches
2018-10-22 11:09:06 +01:00
ce0a51665e
FIX: count emoji shortcuts in topic title
...
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
2018-10-22 13:44:05 +05:30
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
2018-10-19 11:53:29 -04:00
fb8231077a
FEATURE: [Experimental] Content Security Policy ( #6504 )
2018-10-19 10:39:22 -04:00
7166d7de9a
FIX: Prevent duplicate tags in tag-choosers ( #6512 )
...
* FIX: Prevent duplicate tags in tag-choosers
This reverts 5685b455685b45
2018-10-19 13:44:43 +01:00
65faff5832
DEV: Improve specs to provide a better error message.
2018-10-19 14:31:17 +08:00
9bfc939692
cleanup so gravatar download failures are consistent
...
previously we would ignore socket error, but this would mean that
there could be conditions where we would keep trying to download
gravatars forever (in an hourly job)
2018-10-19 12:51:55 +11:00
f1ba981ae9
Improve add user to group spec for uppercase usernames
...
Oops forgot to check for this. See previous commit for more details.
2018-10-18 13:32:36 -06:00
93485facaf
FIX: lowercase username for add/rem group members
...
This fix searches for users based on the downcased username so that if
you pass in usernames to add/remove from a group and you don't have the
casing just right it will still find the correct users.
I updated the tests to add a username that has a mix of upper and
lowercase letters to verify this functionality.
2018-10-18 13:17:24 -06:00
3973823a33
FIX: always update 'last_gravatar_download_attempt' when updating gravatar
2018-10-18 11:02:54 +02:00
bbf542da01
DEV: Prefer `<<~` over `<<`.
2018-10-18 14:17:30 +08:00
0f1afad6da
FIX: extracted theme JavaScripts for multisite ( #6502 )
...
* FIX: extracted theme javascripts for multisite
* onceoff to rebake all theme fields
2018-10-18 17:05:34 +11:00
f60b10d090
UX: Warn users if the post that's currently edited has changed. ( #6498 )
2018-10-17 15:35:32 +02:00
501ac4dfa6
DEV: Cleanup properly after user_serializer test
2018-10-17 10:54:22 +01:00
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display ( #6499 )
...
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
42c405a820
FIX: use topic summary for meta description if topic excerpt is blank
2018-10-17 14:13:30 +05:30
19d7543004
FIX: clear color scheme cache when clearing theme cache
2018-10-16 12:00:46 +11:00
b06dccac49
FIX: force enable a user's email_private_messages option when user replies via email ( #6478 )
...
* Enable user email PM when posting to group or replying to topic via email
* remove extra line
* Add test and fix snake_case
* Only reenable email_private_messages for PM replies
2018-10-16 10:51:57 +11:00
005e1f5373
Add Cache-Control header to CORS ( #6490 )
2018-10-16 10:46:55 +11:00
fc94732f88
avoid looking up badge multiple times in spec
2018-10-16 10:42:16 +11:00
c68a456baa
FIX: Do not award badges for links in restricted categories. ( #6492 )
2018-10-16 10:38:59 +11:00
0724948878
fix failing spec when HUB_BASE_URL is present
2018-10-15 15:06:02 -04:00
d166c38ab7
REFACTOR: distributed_cache is moved to the message_bus gem
2018-10-15 15:01:45 -04:00
99d1ded3b3
rename route `/javascripts` to `/theme-javascripts` ( #6495 )
2018-10-15 11:32:52 -04:00
c104256991
FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility
2018-10-15 16:18:29 +02:00
7ac08f936e
FEATURE: Upload tags from CSV ( #6484 )
2018-10-15 09:12:54 +01:00
8fa59f0548
FIX: Can't clean a tag if the given string is frozen.
2018-10-15 14:48:45 +08:00
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
6acdea37c4
DEV: extract inline js when baking theme fields ( #6447 )
...
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields
This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
aa60936115
DEV: Add order to avoid randomly failing test.
2018-10-15 11:42:45 +08:00
5ae4cbcf88
DEV: Clear `ColorScheme.hex_cache` to avoid leaking state.
2018-10-15 11:16:26 +08:00
2ce684b134
DEV: Clear `hex_cache` after each test.
2018-10-15 10:24:46 +08:00
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
2018-10-15 09:43:31 +08:00
057087e0e8
FEATURE: log long running jobs in the defer queue
...
If a job in the defer queue takes longer than 90 seconds log an error
2018-10-12 17:03:47 +11:00
a1c912b630
Return 400 instead of 404 for bad token
2018-10-12 10:51:41 +11:00
048cdfbcfa
FIX: Do not allow revoking the token of current session. ( #6472 )
...
* FIX: Do not allow revoking the token of current session.
* DEV: Add getter of current auth_token from Guardian.
2018-10-12 10:40:48 +11:00
13b3cead06
FEATURE: Allow bulk removing users from a group
...
This change maintains backwards compatibility to allow you to remove a
single user from a group but allows you to specify a comma separated list
of users for bulk removal from a group.
Also it extracts out common functionality for fetching users from params
used in bulk adding users so it can also be used for removing users.
2018-10-11 15:30:54 -06:00
12f132736b
FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value
2018-10-11 15:11:48 -04:00
7a41a783a4
FIX: Don't reply to Unsubscribe email sent to mailing list mirror
2018-10-11 16:09:22 +02:00
6a444eee56
Merge pull request #6476 from vinothkannans/tl4-flag
...
FEATURE: automatically hide non-TL4 posts when flagged by a TL4 user
2018-10-11 17:13:26 +05:30
227a49bb32
FEATURE: automatically hide non-TL4 posts when flagged by a TL4 user
2018-10-11 17:11:46 +05:30
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
2018-10-11 11:08:23 +08:00
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
5039a6c3f1
FIX: Strip null bytes in mail subjects.
2018-10-11 09:46:32 +08:00
59be289084
FIX: Do not add lightbox to onebox images ( #6479 )
2018-10-11 08:57:21 +11:00
a566ed42ae
FEATURE: Option to disable user presence and profile
...
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
4e0533a20b
FIX: Generate Onebox for posts of type moderator_action. ( #6466 )
2018-10-10 18:39:03 +08:00
45f01e637b
FIX: when associating Github account disassociate others
...
There are some cases where an email floats from one GitHub account to another
if this happens just take over the Github mapping record
2018-10-10 15:46:50 +11:00
f26804394a
DEV: Remove the use of stubs on `Rails.logger` in our test suite.
2018-10-10 09:34:50 +08:00
1d26a473e7
FEATURE: Show "Recently used devices" in user preferences ( #6335 )
...
* FEATURE: Added MaxMindDb to resolve IP information.
* FEATURE: Added browser detection based on user agent.
* FEATURE: Added recently used devices in user preferences.
* DEV: Added acceptance test for recently used devices.
* UX: Do not show 'Show more' button if there aren't more tokens.
* DEV: Fix unit tests.
* DEV: Make changes after code review.
* Add more detailed unit tests.
* Improve logging messages.
* Minor coding style fixes.
* DEV: Use DropdownSelectBoxComponent and run Prettier.
* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
1fb1f4c790
FIX: Make error in Discourse Hub more descriptive. ( #6438 )
2018-10-09 22:05:31 +08:00
ac89a728f8
DEV: Remove autospec hacks for social auth providers
...
This was causing erratic test failures. Autospec continues to work after
removing, so this 5-year-old code is no longer needed.
2018-10-09 12:42:57 +01:00
51aba32651
FEATURE: add branch option to remote theme import
...
* FEATURE: add branch option to remote theme import
* FIX: Add missing variable in params
* FIX: Add missing param for import_theme method
* SPEC: Add test methods for branch support in git import
* FIX: Add missing space to scss style
* Do not assume default branch as master
* Change branch field placeholder
* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
2f90c15d7a
Fix random build error
2018-10-09 01:03:05 +02:00
4881fb028f
FIX: allow_uppercase_posts didn't work for topic titles
2018-10-08 23:50:06 +02:00
22187508e3
FEATURE: adds header text/background color to site ( #6462 )
2018-10-08 11:52:57 +02:00
40fa96777d
FEATURE: Post deployment migrations. ( #6406 )
...
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.
The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.
```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```
To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
c0bb04d89d
FIX: convert tag string to array when filtering topic list by tags
2018-10-08 08:56:25 +05:30
1b1ef21481
DEV: Improve `Jobs::CleanUpEmailLogs` specs.
2018-10-08 11:11:20 +08:00
26956bbe1a
FIX: Safari issue with some emojis ( #6456 )
...
https://meta.discourse.org/t/emojis-selected-on-ios-displaying-additional-rectangles/86132/8
2018-10-08 10:32:25 +08:00
550e108a8c
FEATURE: only export settings that changed via rake task
2018-10-08 11:54:52 +11:00
4000dddd32
Merge pull request #6458 from vinothkannans/fix-giphy
...
FIX: Display large/broken image placeholders for image oneboxes
2018-10-07 18:08:54 +05:30
c499872597
FIX: Display large/broken image placeholders for image oneboxes
2018-10-07 17:42:41 +05:30
9bf522f227
FEATURE: Mixed case tagging ( #6454 )
...
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.
- If force_lowercase_tags is disabled, then mixed case tags are allowed.
- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.
- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.
- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.
- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
8430ea927e
FIX: Generate webhook payloads before destroy events ( #6325 )
2018-10-05 16:53:59 +08:00
5b630f3188
FIX: stop logging every time invalid params are sent
...
Previously we were logging warning for invalid encoded params, this can
cause a log flood
2018-10-05 14:33:19 +10:00
3faa022c6f
Merge pull request #6453 from vinothkannans/sso_provider_redirect
...
FIX: redirect users to SSO client URL after social login
2018-10-05 00:34:34 +05:30
ca74246651
FIX: redirect users to SSO client URL after social login
2018-10-05 00:01:08 +05:30
5b56a8cd09
DEV: Merge multiple discourse_tagging_spec files
2018-10-04 15:44:29 +01:00
361ad7ed2b
FEATURE: add indication if incoming email attachment was rejected and inform sender about it ( #6376 )
...
* FEATURE: add indication if incoming email attachment was rejected and inform sender about it
* include errors for rejected attachments in email
* don't send warning email to staged users
* use user object instead of user_id in add_attachments method
2018-10-04 22:08:28 +08:00
b8a1196b6b
Add missing fields to Upload Fabricator ( #6448 )
2018-10-04 22:00:07 +08:00
d43ed4afa2
Remove unused variable.
2018-10-04 13:21:37 +08:00
1907338834
FIX: No longer educate users who are editing
...
A user editing a post will no longer get composer messages that are
meant for new users posting replies and threads. These messages don't
make sense in an edit context at all -- they're usually discussing
making salient replies or topics, or adding avatars. They make even less
sense when a user is an admin attempting to change the default topics
for the first time.
Since these messages actually do make sense for a user when they have a
low post count, though, they're still going to occur. They just occur
when a user is creating new content (and thus, more likely to read the
notice), not during edits.
This is in response to this issue:
https://meta.discourse.org/t/education-message-for-editing-wiki-topic/66682
2018-10-04 13:20:13 +08:00
a651d39b8a
FIX: Display errors in single theme pages ( #6449 )
...
Currently the errors are not well handled. So it breaks the whole UI of admin themes list page.
2018-10-04 02:33:06 +05:30
ad0e768742
FEATURE: add support for responsive images in posts
...
When creating lightboxes we will attempt to create 1.5x and 2x thumbnails
for retina screens, this can be controlled with a new hidden site setting
called responsice_post_image_sizes, if you wish to create 3x images run
SiteSetting.responsive_post_image_sizes = "1|1.5|2|3"
The default should be good for most of the setups as it balances filesize
with quality. 3x thumbs can get big.
2018-10-03 13:44:53 +10:00
dc1e7bb645
UX: when admin is deleted, make it clear in staff action logs when records belong to a deleted user and show their username in the details
2018-10-02 13:46:54 -04:00
34516c72bd
FIX: Recover public actions (likes) when recovering a post ( #6412 )
2018-10-02 11:25:08 -04:00
a515ba8612
FIX: corrects typo and adds a spec for likes report ( #6439 )
...
* FIX: corrects typo and adds a spec for likes report
* save!
2018-10-02 02:27:43 -07:00
e0d7cdac12
UX: Improve error messages for minimum and maximum username lengths.
2018-10-02 13:10:20 +08:00
da9eee5262
FIX: Force enable user PM emails option when user posts to a group by email.
2018-10-02 12:38:10 +08:00
e2770bc1c4
FIX: async reload of locales could result in missing translations
2018-10-01 17:14:36 +02:00
cfa7173da3
FIX: Onceoff job to fix missing user profile backgrounds.
2018-10-01 16:26:40 +08:00
de85bb0a39
FIX: Don't update user_profile URLs unless upload is persisted.
2018-10-01 14:21:39 +08:00
e262a08350
Add `UploadRecovery#recover_user_profile_backgrounds`.
2018-10-01 10:51:54 +08:00
02da022c70
PERF: Quit out of the email job quickly if disabled ( #6423 )
...
This prevents sidekiq from doing a bunch of queries when email is
disabled.
Critical emails are a special case and will be sent.
2018-10-01 01:15:45 +08:00
819f090d6a
move large blobs out of `<head>` ( #6428 )
...
it unnecessarily bloats the section and increases the payload
dramatically for open graph tags.
2018-09-28 17:28:33 +08:00
70d74f8fc1
FIX: advanced search ordering broken when using tags
2018-09-28 17:27:08 +08:00
5407036ef9
DEV: Run prettier. ( #6420 )
2018-09-21 11:02:23 +00:00
e402394375
FEATURE: auto grant an available title when removing old title
...
* FEATURE: auto grant an available title when removing old title
2018-09-21 12:06:08 +10:00
4bb980b9f7
FEATURE: do not allow moderators to export user list ( #6418 )
2018-09-21 09:07:13 +08:00
1a64b3a487
FIX: Don't try to recover an invalid sha1.
2018-09-20 14:21:57 +08:00
df45e82377
SECURITY: only allow picking of avatars created by self ( #6417 )
...
* SECURITY: only allow picking of avatars created by self
Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
195bd02fce
FIX: Avoid race condition when enqueuing job.
2018-09-20 11:24:01 +08:00
d5442fbf08
FIX: do not send tl1 welcome message when a user has the basic user badge
2018-09-19 12:53:36 -07:00
767f27929d
Rename `Jobs::RecoverPostUploads` to rerun the job take 2.
2018-09-19 22:40:32 +08:00
d403883d16
DEV: Improve specs for 293cf600f0.
2018-09-19 16:03:52 +08:00
5302709343
FIX: in redis readonly raise an exception from DistributedMutex
...
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller
When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb
In redis readonly no thumbnails will be generated
2018-09-19 15:50:58 +10:00
bc7f58191e
FIX: `UploadRecovery` should look at links too.
2018-09-19 11:52:57 +08:00
4a92c5b2d6
`UploadRecovery` should recover attachments too.
2018-09-19 10:44:36 +08:00
9281b72308
FEATURE: Log entity export in staff logs
2018-09-19 03:16:45 +05:30
fadcd36f92
FIX: do not treat ignore_redirects domains as blacklisted
...
This fix prevents domains present in `ignore_redirects` to be treated as
blacklisted domains and makes sure that onboxing happens for those domains.
Issue reported here: https://meta.discourse.org/t/steam-store-oneboxing-no-longer-works/97266
2018-09-18 10:38:02 +05:30
ce6a0a5e9e
FIX: Moving upload to tombstone should update modification time.
...
A upload created a long time ago will be nuked from the tombstone
immediately if it gets deleted.
2018-09-18 10:48:29 +08:00
f2fbf1fdb0
DEV: Basic specs for `TagGroupsController`.
2018-09-18 08:22:03 +08:00
7d6b348d0b
SECURITY: correct XSS on long topic titles
2018-09-18 08:54:44 +10:00
4481836de2
FEATURE: new 'search_ignore_accents' site setting
2018-09-17 10:42:30 +02:00
7a0232249a
extract inline JS that's used to store preloaded data ( #6370 )
2018-09-17 16:31:46 +08:00
7b19ed06c1
reworked specs of existing group behavior
2018-09-17 17:46:43 +10:00
6659417807
FEATURE: match user title when primary group changes
...
When primary group changes and the user's title is the previous primary
group's title, change the title to the new primary group's title
2018-09-17 15:08:39 +10:00
33541c4096
FEATURE: unconditionally omit no-follow for staff
...
Previously TL2 and below staff would have links
no-followed which was never intended
2018-09-17 12:02:20 +10:00
37c5280f73
correct spec
2018-09-17 11:37:01 +10:00
4f46aa1ba3
FEATURE: Add SiteSetting for s3_configure_tombstone_policy
...
Add SiteSetting for s3_configure_tombstone_policy, skip policy generation if turned off (default on)
2018-09-17 10:57:50 +10:00
725d2c0d47
correct spec
2018-09-17 10:54:35 +10:00
173d0d53d5
correct erratic spec
2018-09-17 10:12:00 +10:00
c7d81e2682
FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard
2018-09-17 09:49:53 +10:00
526ffc4966
FIX: error in response body to blocked crawlers, showing 500 Internal Server Error with status of 403
2018-09-14 15:40:20 -04:00
b87a089822
FIX: don't block api requests when whitelisted_crawler_user_agents is set
2018-09-14 15:40:20 -04:00
c3f6b4d966
DEV: Test against real `Upload#url` format.
2018-09-14 13:43:33 +08:00
419b14e58b
FIX: correctly keep stylesheet cache entries
...
The intent from day one was to keep MAX_TO_KEEP stylesheets per target
however the DELETE statement did not perform target filtering
This meant we often deleted the wrong stylesheets from the cache
2018-09-14 12:54:11 +10:00
6a2589353b
Merge pull request #6394 from tgxworld/recover_broken_uploads
...
FIX: Onceoff job to recover missing post uploads.
2018-09-13 18:16:56 -07:00
aa1af9fc22
FIX: Onceoff job to recover missing post uploads.
...
This fixes the regression due to 1f636c445b
2018-09-14 09:04:01 +08:00
fd931b948d
Use a more helpful failure message in spec
2018-09-13 21:31:44 +02:00
30619c244c
FIX: don't index urls to local files
2018-09-13 18:53:53 +02:00
a6502ce879
FIX: ensures errors in report initialization fail nicely ( #6392 )
2018-09-13 17:36:55 +02:00
2ae7d3a118
Merge pull request #6388 from pmusaraj/drafts-second-user-test
...
Add test to ensure a user cannot see drafts stream of another user
2018-09-13 06:53:44 -07:00
d288462abf
Merge pull request #6393 from techAPJ/bad-json
...
FIX: ignore and log bad json values for custom fields
2018-09-13 15:54:01 +05:30
e364547ff7
FIX: ignore and log bad json values for custom fields
2018-09-13 14:26:30 +05:30
0a06b3d977
Accept custom AR relation for `UploadRecovery`.
2018-09-13 16:33:14 +08:00
6c65718301
Include response body when raising an error in `FileHelper#download`.
2018-09-13 15:43:58 +08:00
05a57d4f27
DEV: Clear cache after not before.
...
* Clearing after ensures that state does not leak
to specs in other files.
2018-09-13 14:23:32 +08:00
5eb65ad612
FIX: Do not try to recover invalid `Upload#short_url` in `UploadRecovery`.
2018-09-13 13:59:17 +08:00
1afe7162e1
Fix the build.
2018-09-13 13:41:38 +08:00
d99dd840e4
Add basic test case for `UploadRecovery`.
2018-09-13 13:26:23 +08:00
7f05af5995
cleanup
2018-09-12 13:10:14 -04:00
aa614e393c
return 403 when trying drafts of another user
2018-09-12 13:08:02 -04:00
b8c0a29bec
better test name
2018-09-12 11:09:30 -04:00
11fd18b254
code-styling fixes
2018-09-12 11:06:30 -04:00
3a00c2adeb
add test to ensure that userA cannot see drafts stream of userB
2018-09-12 10:13:20 -04:00
3884e99e88
Add extra protection in `Upload#get_from_url`.
...
In case the extension goes missing from the URL.
2018-09-12 00:12:14 -07:00
b3469bea2d
FIX: Uploads not being linked correctly to posts.
...
Regression due to 1f636c445b
2018-09-11 23:50:23 -07:00
d1984a0b4d
FIX: display a correct error when attempting to agree on a deferred flag
...
Previously we would raise a 500 error if a moderator tried to agree on a
flag another moderator deferred.
This can happen cause the UX for flags does not live refresh as flags
are handled
2018-09-12 13:16:59 +10:00
71185c13b5
Merge pull request #6377 from tgxworld/remove_tif_tiff
...
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
2018-09-12 09:32:32 +08:00
71caf7521d
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
...
https://meta.discourse.org/t/cr2-raw-files-are-being-treated-as-tiff-files/96775/3?u=tgxworld
2018-09-12 09:29:54 +08:00
16bd3f2cf2
FIX: use current user color scheme when filling `theme-color` attribute ( #6384 )
...
* FIX: use current user color scheme when filling `meta` attribute `theme-color`
* update manifest.webmanifest colors
2018-09-12 11:04:58 +10:00
3bb4f4c5ef
Adds test to make sure moderators can't make master keys
...
It wasn't obvious from the code, plus we'd never want this to regress!
2018-09-11 12:02:06 -04:00
1a01385e88
FIX: "false" didn't work as locale_default
2018-09-11 13:42:10 +02:00
85620abb71
DEV: Clear connections after multisite specs.
2018-09-11 10:15:06 +08:00
e64402cb3b
SECURITY: correct edge case when SSO provides unvalidated emails
2018-09-11 08:24:02 +10:00
80eace4268
Merge pull request #6383 from discourse/fix_username_suggester
...
FIX: don't raise an error on integer usernames in user_name_suggester
2018-09-11 00:30:29 +05:30
81c87df18a
FIX: don't raise an error on integer usernames
2018-09-10 22:17:56 +05:30
84fc7abb73
FIX: Allow `rake destroy:topics` to delete topics in sub-categories
2018-09-10 12:52:14 +01:00
df04e69cde
FIX: `S3Helper#list` creates incorrect prefix.
2018-09-10 16:34:40 +08:00
9e77fd8fc3
FIX: wrong category links on subfolder install in rss feed for a category topic list
2018-09-07 10:03:30 -04:00
879067d000
FIX: check admin theme cookie against user selectable
...
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable
this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
797cbf8653
FIX: Remove user fields when anonymizing user
2018-09-07 00:02:56 +02:00
1f636c445b
PERF: Add fast path to find uploads before resorting to `LIKE` query.
...
For a normal upload url
Before
```
Warming up --------------------------------------
264.000 i/100ms
Calculating -------------------------------------
2.754k (± 8.4%) i/s - 13.728k in 5.022066s
```
After
```
Warming up --------------------------------------
341.000 i/100ms
Calculating -------------------------------------
3.435k (±11.6%) i/s - 17.050k in 5.045676s
```
2018-09-06 14:44:24 +08:00
d4b05d7bc5
Always link post to uploads in post process.
...
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
434035f167
FIX: Link post to uploads in `PostCreator`.
...
* This ensures that uploads are linked to their post on creation
instead of a background job which may be delayed if Sidekiq
is facing difficulties.
2018-09-06 11:18:11 +08:00
26082688d1
FIX: Zero is a valid value for the page parameter
2018-09-05 20:43:05 +02:00
f3aef2cc83
FIX: Incorrect/missing extension in short_url fails to map to upload.
...
`Hash#invert` causes us to lose keys if the hash contains similar
values.
2018-09-05 21:48:58 +08:00
2c5d9269a0
FIX: Notifications shouldn't use user locale unless allow_user_locale is enabled
2018-09-05 11:44:28 +02:00
d9c0dc8687
correct prev commit
...
s3. did not exists it is s3-
2018-09-05 16:11:44 +10:00
83e1315e42
FIX: correct urls in uploads table to point at dualstack
...
Last week we added support for dual stack urls but did not remap the
the old records in the uploads and optimized images table
This caused a few minor edge cases worst was that if you rebaked old
images S3 CDN was not repopulated.
2018-09-05 15:58:04 +10:00
b8fc699164
FIX: Detect {{foo}} as interpolation key
2018-09-05 00:47:39 +02:00
d9be4f47e8
SPEC: redirect to original URL after social signup
2018-09-05 03:24:50 +05:30
d8b543bb67
FIX: redirect to original URL after social signup
2018-09-05 01:44:23 +05:30
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
3b337bfc6b
Revert "FIX: Don't rate limit admin and staff constraints when matching routes."
...
This reverts commit 651b50b1a1
2018-09-04 14:27:21 +08:00
19182c0c8f
DEV: Skip fragile tests for now.
2018-09-04 13:58:09 +08:00
651b50b1a1
FIX: Don't rate limit admin and staff constraints when matching routes.
...
* When an error is raised when checking route constraints, we
can only return true/false which either lets the request
through or return a 404 error. Therefore, we just skip
rate limiting here and let the controller handle the
rate limiting.
2018-09-04 13:52:58 +08:00
08b268c5bc
Be more forceful in disconnecting connections during failover.
2018-09-04 10:32:43 +08:00
ad70502ab8
FIX: ignore invalid usernames in incoming link tracker
...
If an incoming link username has NULL in it simply ignore it
2018-09-04 12:28:32 +10:00
8dc1463ab3
Enable `Lint/ShadowingOuterLocalVariable` for Rubocop.
2018-09-04 10:16:42 +08:00
2f5c21e28c
FIX: return a 400 error instead of 500 for null injections
...
Many security scanners like to inject NULL in inputs causing application
to exception out and return a 500
We now handle this exception and render a 400 status back
2018-09-04 12:11:52 +10:00
eeedc3901e
FIX: Replying to deleted post via email should create new reply to topic
2018-09-03 23:06:40 +02:00
24a14af15a
FIX: Respect invalidate_oneboxes option for inline oneboxes
2018-09-03 22:33:43 +05:30
ecf60c0c33
DEV: More attempts at stablizing specs in Travis.
...
Re-enable skipped test because it doesn't fail locally
for me to debug it.
2018-09-03 14:52:15 +08:00
f33433bf9e
Validation of params should restrict to max int ( #6331 )
...
* FIX: Validation of params should restrict to max int
* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains
...
FIX: Ignore OneBox blacklisted domains.
2018-09-03 11:10:52 +08:00
0fac6cdba9
DEV: Better debugging information when test fails.
2018-09-03 10:55:25 +08:00
182d9a4666
FIX: escape regex chars when searching site texts
2018-09-02 17:25:57 +10:00
f5e0356fb2
correct miscellaneous issues with user login history
2018-09-02 17:24:54 +10:00
60eff9421a
FIX: precompile `desktop_theme` and `mobile_theme` stylesheets
...
required for environments that pre stage docker images and keep old image running during the deploy
2018-08-31 21:23:55 +10:00
5a214a687c
FIX: Exclude `UserAuthToken` and `UserAuthTokenLog` in user webhook.
2018-08-31 17:25:56 +08:00
ae2f00ee73
DEV: Include the thread in the error message.
2018-08-31 17:14:19 +08:00
931cffcebe
FEATURE: Let users see their user auth tokens. ( #6313 )
2018-08-31 10:18:06 +02:00
b3aab1770f
FIX: set old last modified date for invalid avatars
...
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
2018-08-31 17:07:31 +10:00
1866a8e8da
correct invalid spec
2018-08-31 15:06:30 +10:00
e1975e293f
FIX: when uploads are destroyed clear up avatar refs in user table
...
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
9b7cab589a
FIX: revert diacritic stripping
...
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
81b99efc68
DEV: Raise an error if thread doesn't return within expected time.
2018-08-31 09:26:28 +08:00
297e8aaf2e
FIX: Escape regex pattern variable before using it
2018-08-31 03:02:24 +05:30
c6f339a0b5
format json better with spaces in my test
2018-08-30 14:39:40 -06:00
ae532f8548
FIX: return 422 for an invalid group name on category create
2018-08-30 14:28:55 -06:00
103509b9dd
SECURITY: Prevent users from modifying custom fields
2018-08-30 12:59:36 +01:00
9efbf2c49f
FIX: changing component settings should trigger refresh for parent theme CSS ( #6340 )
2018-08-30 20:53:03 +10:00
9c7e029d01
DEV: Attempt to stablize multisite tests.
2018-08-30 17:31:17 +08:00
f0abb4d09a
FIX: Allow user actions to be saved even if the post has nil user
...
This issue made it impossible to delete users if they had flagged a post with nil user
2018-08-30 01:03:32 +01:00
e6970151a6
FEATURE: allow specifying locale via SSO
...
Use:
locale
locale_force_update
To force user locale on users where SiteSetting.allow_user_locale is enabled
Note: If an invalid locale is specified no action will occur
2018-08-30 09:58:03 +10:00
72ffabf619
UX: Improve email testing admin tool. ( #6308 )
2018-08-29 23:14:16 +02:00
b2cf725700
FIX: Don't try to send invite email when invite was deleted
2018-08-29 12:43:12 +02:00
44cf3cf975
FIX: queue heartbeats in readonly modes
...
If sidekiq is paused or Discourse is in readonly continue to queue
heartbeats
If we do not do that then a master process can end up reaping sidekiq
workers and causing various badness
This also impacts restore which can do weird stuff TM in cases like this
2018-08-29 12:36:59 +10:00
740308675b
FEATURE: erode bounce score every time an email is sent
...
Introduces a hidden setting (default is 0.1) that erodes bounce score
every time we send an email. This means that erratic failures are less
painful cause system auto corrects
2018-08-28 17:02:12 +10:00
e25a6e085e
FIX: drop title updates through RSS feeds
...
can create an update loop
2018-08-28 16:25:04 +10:00
9ab1fb7dfc
FEATURE: correctly store width and height on uploads
...
Previously we used width and height for thumbnails, new code ensures
1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions
Also
- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
1826626272
FEATURE: Add Content-Type header to CORS
...
- add Content-Type to Access-Control-Allow-Headers
- update test accordingly
2018-08-28 11:19:38 +10:00
ebe7835316
FIX: links in rss feeds are sometimes wrong on subfolder installs
2018-08-27 18:05:15 -04:00
b6963b8ffb
FIX: Ignore OneBox blacklisted domains.
2018-08-27 20:40:55 +02:00
dc17ae3b2f
correct specs
2018-08-27 14:50:56 +10:00
4205c528d0
FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
...
These site settings are very hard to explain and only applicable for very
specific Discourse setups.
If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".
The setting allows you to extend this to TL4 or any trust level.
Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
2271918be2
FEATURE: Use S3 dualstack endpoints
...
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
2018-08-27 11:22:46 +10:00
020eba4623
FIX: find tags with non-latin names ( #6312 )
2018-08-27 11:05:28 +10:00
faf09bb8c8
Replacing default brown category color
2018-08-24 14:18:14 -04:00
82dcc5cbfa
FEATURE: makes reports loadable in bulk ( #6309 )
2018-08-24 15:28:01 +02:00
a4001c1ea0
FEATURE: Pop revise modal on post edited notification ( #6287 )
...
* Add revision number to notification url
* Pop modal on route change
* Add semicolon
* Ensure modal pops even when navigating within a topic
* Ensure modal pops when visiting from other page
* Fix eslint errors
* Fix prettier errors
* Add callback for notification item click
* Remove stray revisionUrl function
* Rename to afterRouteComplete
2018-08-24 09:13:07 -04:00
932195d828
DEV: Update test case for `TopicEmbed`.
2018-08-24 09:42:12 +08:00
1ba24496ab
Merge pull request #6261 from xrav3nz/fix/topic-embed-import-updates
...
FIX: update TopicEmbed's title and user correctly
2018-08-24 09:32:03 +08:00
e0cc29d658
FEATURE: themes and components split
...
* FEATURE: themes and components split
* two seperate methods to switch theme type
* use strict equality operator
2018-08-24 11:30:00 +10:00
4a552fb967
Merge pull request #6303 from nbianca/user_serializer_spec
...
Add spec for UserSerializer and UserApiKey.
2018-08-24 08:16:11 +08:00
ac11f8df52
correct regression searching with diacritics
2018-08-24 10:00:51 +10:00
29315b73c2
FIX: improve last_modified date returned for avatars
...
instead of hard coding a date:
1. For optimized images use the upload date when on s3
2. For not-found use 10 minutes ago to match the expiry
2018-08-24 09:36:11 +10:00
bc7b530b0a
FIX: remove diacritics instead of transliterating
2018-08-24 00:38:44 +02:00
ff441bc4ca
Add spec for UserSerializer and UserApiKey.
2018-08-23 19:01:02 +02:00
2fcf2b899e
FIX: remove diacritics when tokenizing html for search
2018-08-23 17:13:52 +02:00
7a91df3248
Merge pull request #6290 from techAPJ/latest-full-name
...
UX: show full name on /latest page
2018-08-23 17:34:54 +05:30
1a7cd6648b
UX: show full name on /latest page
2018-08-23 14:41:06 +05:30
dd810b8b05
Merge pull request #6304 from tgxworld/create_functions_in_different_schema
...
FIX: Create `BaseDropper` functions in a different schema.
2018-08-23 15:01:41 +08:00
212ee15804
FIX: Create `BaseDropper` functions in a different schema.
...
https://meta.discourse.org/t/error-when-restore-db-backup/93145/25?u=tgxworld
2018-08-23 12:52:21 +08:00
2711f173dc
FIX: don't allow inviting more than `max_allowed_message_recipients`
...
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows
* add specs for guardian
* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)
Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences
* groups take only 1 slot in PM
* just return if topic is a PM
2018-08-23 14:36:49 +10:00
36a7028f19
FEATURE: Clean up `PostReplyKey` records.
...
* Default retention of 90 days.
2018-08-23 10:40:02 +08:00
f01169d6ff
FIX: don't send email when the post was deleted
2018-08-22 13:13:58 +02:00
cdea969c6a
FEATURE: Make initial admins TL1
...
* Match register controller TL to rake admin:create
* Don't promote if trust_level > 1
2018-08-22 15:45:24 +10:00
272de95175
FIX: client duplicate registration should be cleaned up
...
If for any reason we are unable to correct client id on a user api key
invalidate old keys for client/user
2018-08-22 12:56:49 +10:00
5d96809abd
FIX: improve support for subfolder S3 CDN
2018-08-22 12:31:13 +10:00
f5142861e5
Revert "Revert "FIX: upload URLs from S3 on subfolder installs""
...
This reverts commit 26c96e97e5
2018-08-22 11:31:33 +10:00
26c96e97e5
Revert "FIX: upload URLs from S3 on subfolder installs"
...
This reverts commit 357df2ff4f
2018-08-22 10:51:40 +10:00
357df2ff4f
FIX: upload URLs from S3 on subfolder installs
2018-08-21 14:58:55 -04:00
17dc8f2490
UX: Wizard resends activation email when user exists
2018-08-21 19:13:41 +02:00
d1607a387a
FIX: only allow printable characters in uploads filename
2018-08-21 18:11:01 +02:00
3e436e2daf
FIX: doesn't translate group permission keys
2018-08-21 12:56:56 +02:00
baf413d527
FIX: update TopicEmbed's title and user correctly
2018-08-21 18:31:01 +08:00
7dcc69aef4
DEV: Refactor test to not call private method.
2018-08-21 14:29:58 +08:00
48f499b324
DEV: Refactor some mail receiver related specs.
2018-08-21 14:00:45 +08:00
d104de2a09
Remove line that is no longer required.
2018-08-21 11:48:58 +08:00
8bdf14834b
PERF: Restrict number of skipped email log for `Jobs::UserEmail`.
2018-08-21 11:14:43 +08:00
2c70d3f443
Take 2 on ba6f11c521.
2018-08-21 10:06:36 +08:00
2d96160192
FEATURE: improve API error reporting for invalid records
2018-08-21 11:54:34 +10:00
860c1c3dcd
FEATURE: Automatically expire keys if not used for a configurable amount of time. ( #6264 )
2018-08-20 17:36:14 +02:00
14af90df5b
UX: Stop putting usernames in edit reason when changing post owner
2018-08-20 12:28:04 +02:00
b4f92a05b3
FIX: Load more on groups page does not account for params.
...
https://meta.discourse.org/t/cant-scroll-through-list-of-users-groups-if-more-than-one-page/92259
2018-08-20 17:08:50 +08:00
f5fe58384f
correct regression around file renaming
2018-08-20 16:08:05 +10:00
ce4b12ae59
FIX: if we have not target available do not redirect
2018-08-20 13:10:59 +10:00
d7b1919ead
correct specs
2018-08-20 12:46:14 +10:00
8b5e42ea16
FIX: always test and coerce to image on upload
...
In the past the filename of the origin was used as the source
for the extension of the file when optimizing on upload.
We now use the actual calculated extension based on upload data.
2018-08-20 12:18:59 +10:00
975a72ab7a
FEATURE: Make links indexable. ( #6285 )
2018-08-20 10:39:19 +10:00
a83f662492
FIX: Allow silenced users to like / bookmark, just not flag.
2018-08-17 11:06:18 -04:00
010fe479cb
Fix linting.
2018-08-17 17:34:25 +08:00
16c0ebe8a8
Fix the build.
2018-08-17 16:53:07 +08:00
a26ef7738f
FIX: `FileHelper#download` should return nil if max size is exceeded.
2018-08-17 16:19:59 +08:00
4b7c5ba162
Update `UploadCreator` specs to include cropping code path.
2018-08-17 15:22:12 +08:00
fae8757cd4
FIX: `Guardian#post_can_act?` shouldn't raise an error if user of post has been deleted.
2018-08-17 15:11:30 +08:00
a9e502936f
FIX: Converting PNG to JPEG does not set the correct extension.
2018-08-17 13:09:48 +08:00
93201d8dbe
FIX: don't trigger 'flag_reviewed' when no flags were reviewed
2018-08-16 18:11:29 +02:00
10a3499d68
uses emoji versions for specs ( #6276 )
2018-08-16 13:45:30 +02:00
f62073a22a
correct regression uploading images
2018-08-16 18:49:08 +10:00
937ab3f213
FIX: Validation of min_posts and max_posts didn't work
2018-08-16 10:36:53 +02:00
796164b58c
FIX: automatically correct bad avatars on access
...
Also start relying on upload extension for optimized images
2018-08-16 16:32:56 +10:00
243fc9d0f9
FIX: refreshing auto groups when min_username_length is long
2018-08-15 16:59:56 +10:00
38c10a3dc2
correct the validator
2018-08-15 14:56:24 +10:00
91e0a77a60
FEATURE: silenced users should not be allowed to edit posts
2018-08-15 14:29:36 +10:00
d4fd19d49a
UX: Replace Google search with Discourse search on not found page
...
* UX: Replace Google search with Discourse search on not found page.
* FIX: Update application_controller_spec.rb.
2018-08-15 11:53:04 +10:00
06f82a7d72
correct exception handling, always do to_i in array
2018-08-15 11:31:42 +10:00
bc47148d35
add validation to exclude_category_ids
2018-08-15 09:53:28 +10:00
12bab65167
FIX: going from /categories to /latest on mobile might break infinite scrolling
2018-08-15 01:22:03 +02:00
ba0e322fd0
FIX: Validation of topic params broke discourse-assign
2018-08-14 18:45:46 +02:00
87fa26b6c8
FIX: Silenced users shouldn't be able to act on posts
2018-08-14 11:43:39 -04:00
c358421ca5
FIX: Bulk updating category failed when topic title was too short
2018-08-14 16:37:52 +02:00
216f4c99b0
Correct flaky spec
2018-08-14 12:43:57 +02:00
de92913bf4
FIX: store the topic links using the cooked upload url
2018-08-14 12:23:32 +02:00
ad5f502332
FIX: add a basic validator for topic params
...
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
664186a2a4
DEV: Remove stub to make test more reliable.
2018-08-13 14:48:46 +08:00
d10c9d7d75
FIX: Missing extensions for non-image uploads due to 2b57239389.
2018-08-13 10:58:55 +08:00
b73950692b
FIX: Parsing non-existent feed should not fail
2018-08-10 18:37:14 +02:00
865cb3feb9
FIX: allow selecting site's default theme from preference
2018-08-10 14:12:02 +03:00
2b2612d0f5
correct flaky spec
...
after(:all) and before(:all) are to be avoided, state can leak
2018-08-10 16:08:07 +10:00
093c3510e6
Rework moderators activity query ( #6230 )
...
* Order rows in query
* Don't increment revisions when moderator revises their own post
2018-08-10 10:51:31 +10:00
b9072e8292
FEATURE: Add "Reset Bump Date" action to topic admin wrench ( #6246 )
2018-08-10 10:51:03 +10:00
6db623ef6b
UX: Improve category filtering and include subcategories
...
* category_filtering
1. report_top_referred_topics
2. report_top_traffic_sources
3. report_post_edit
* category_filtering with subcategory topics
1. report_top_referred_topics
2. report_top_traffic_sources
3. report_post_edit
4. report_posts
5. report_topics
6. report_topics_with_no_response
* category_filtering tests (without subcategory topics)
1. report_posts
2. report_topics_with_no_response
* subcategory topics tests `in_category_and_subcategories` in `topic_spec.rb`
1. `in_category_and_subcategories` in `topic_spec.rb`
2. topics, posts, flags and topics_with_no_response in `report_spec.rb`
2018-08-10 10:50:05 +10:00
ef4b9f98c1
FEATURE: Allow admins to reply without topic bump
2018-08-10 10:48:30 +10:00
3cd4dc0f5f
Allow users with group_locked_trust_level to be promoted to tl3 ( #6249 )
2018-08-10 10:42:23 +10:00
0d5ebcb21d
fix flaky specs ( #6255 )
2018-08-10 10:38:36 +10:00
d77dccc636
FIX: user-deleted posts with deferred flags can be destroyed
2018-08-09 14:54:31 -04:00
2c4d7225d8
FIX: permalink redirects with subfolder
2018-08-09 11:05:27 -04:00
ed4c0f256e
FIX: check permalinks for deleted topics
...
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
ba6f11c521
PERF: Only log the first skipped email when user exceeds daily limit.
...
https://meta.discourse.org/t/cleaning-up-e-mail-logs/39132
2018-08-08 16:25:00 +08:00
1ea23b1eae
FIX: Wrong order for `S3Helper#copy_file`.
2018-08-08 15:58:54 +08:00
a35f2984e9
FIX: support Arrays with Marshal dump in distributed cache
...
Theme cache uses arrays here
2018-08-08 16:44:56 +10:00
0b7ed8ffaf
FEATURE: backend support for user-selectable components
...
* FEATURE: backend support for user-selectable components
* fix problems with previewing default theme
* rename preview_key => preview_theme_id
* omit default theme from child themes dropdown and try a different fix
* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
aafff740d2
Add `FileStore::S3Store#copy_file`.
2018-08-08 11:30:34 +08:00
4e6e4a83df
FIX: subfolder digest emails have incorrect URLs
2018-08-07 16:38:17 -04:00
aa9a9a5a72
FIX: Include auth_providers for anonymous users when login_required
2018-08-07 09:24:16 +01:00
2b57239389
FIX: Upload's content is the only source of truth for the file type.
2018-08-07 13:15:00 +08:00
d1860a4f7d
DEV: Fix test to use an actual PNG instead of a GIF.
2018-08-07 12:02:35 +08:00
6797395bd0
FIX: staff should be allowed to agree and keep post
2018-08-07 10:05:43 +10:00
812add18bd
REFACTOR: Serve auth provider information in the site serializer.
...
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
4e11811321
FIX: `UserAvatar#update_gravatar!` does not update `User#uploaded_avatar`.
...
https://meta.discourse.org/t/missing-user-profile-pictures/93844/4
2018-08-06 13:29:44 +08:00
18b396ad56
FEATURE: add link to see new commits when updates are available for themes ( #6233 )
...
* FEATURE: add link to see new commits when updates are available for themes
* shorten regexp
2018-08-06 15:29:15 +10:00
bf4d98e89d
FIX: always store topic links using the upload url
2018-08-04 01:29:32 +02:00
066010db7d
FEATURE: introduces list/compact_list components
2018-08-03 16:41:37 -04:00
ac2513b0f2
FEATURE: automatic PM when a user's email is revoked
2018-08-03 16:39:22 +02:00
280c318c49
FEATURE: allow ruby tags in Markdown
2018-08-03 11:47:36 +10:00
880462a41c
FEATURE: display out of date themes on admin dashboard
...
* FEATURE: disaply out of date themes on admin dashboard
* Update copy
2018-08-03 09:53:48 +10:00
c81bad3232
Merge pull request #6232 from OsamaSayegh/message-email-short-reply
...
UX: better rejection message when reply via email is too short
2018-08-02 14:25:04 -07:00
a157dfd418
UX: better rejection message when reply via email is too short
2018-08-02 22:43:53 +03:00
0b3d51a8bc
FEATURE: whitelist lang attribute
2018-08-02 16:53:08 +10:00
4a872823e7
Improvements to user drafts ( #6226 )
...
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels
* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
1a0ffc5ace
FEATURE: Added method to get multiple values at once from PluginStore. ( #6225 )
2018-08-01 18:42:40 +02:00
f4ca105498
FIX: Moving posts to existing topic didn't update topic metadata
2018-08-01 18:05:43 +02:00
b829452c75
Merge pull request #6209 from discourse/mini_scheduler
...
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
499ed469b0
FIX: disk_space refresh is now on demand
2018-08-01 10:06:20 -04:00
a115aae45f
Use rchardet instead of charlock_holmes gem
2018-08-01 10:41:20 +02:00
5d421fb946
FIX: Try respecting charset in HTTP header of RSS feed
2018-08-01 10:41:20 +02:00
ff942ed2f3
FIX: Try detecting encoding of RSS feed
2018-08-01 10:41:20 +02:00
1f45215537
FEATURE: Drafts view in user profile
...
* add drafts.json endpoint, user profile tab with drafts stream
* improve drafts stream display in user profile
* truncate excerpts in drafts list, better handling for resume draft action
* improve draft stream SQL query, add rspec tests
* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)
* cleanup
* linting fixes
* apply prettier styling to modified files
* add client tests for drafts, includes a fixture for drafts.json
* improvements to code following review
* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix
* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed
* prettier, eslint fixes
* use "username_lower" from users table, added error handling for rejected promises
* adds guardian spec for can_see_drafts, adds improvements following code review
* move DraftsController spec to its own file
* fix failing drafts qunit test, use getOwner instead of deprecated this.container
* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
849f0d00f6
FEATURE: adds revision_count to moderators_activity ( #6218 )
...
Co-Authored-By: Simon Cossar <scossar@users.noreply.github.com>
2018-07-31 23:40:45 -04:00
919e8db686
FIX: Check for group name availability should skip reserved usernames.
2018-08-01 11:09:33 +08:00
2b2a506a7b
FIX: makes dashboard more resilient to errors ( #6217 )
...
This commit is an attempt to limit cases where the dashboard will generate a full exception page and also make it easier to track the error.
2018-07-31 21:23:28 -04:00
8299fe0947
fix report spec ( #6214 )
2018-07-31 18:15:14 -04:00
6aee22b88f
FIX: Onebox images are not downloaded locally without css class
2018-08-01 02:51:02 +05:30
4ad7ce70ce
REFACTOR: extract scheduler to the mini_scheduler gem
2018-07-31 17:12:55 -04:00
afe3b00c0f
FIX: use hidden setting for max export file size
2018-07-31 11:25:28 +05:30
50df2d7241
FIX: Should not include regular categories in top_category_ids array
2018-07-30 16:06:36 +05:30
87537b679c
Drop `reply_key`, `skipped` and `skipped_reason` from `email_logs`.
2018-07-30 11:39:28 +08:00
b94633e844
FIX: `FileHelper` should prioritize response content-type.
...
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
2018-07-30 10:54:36 +08:00
5f1fd0019b
FEATURE: Allow revoke and connect for GitHub logins
2018-07-27 17:18:53 +01:00
6296f63804
FEATURE: Revoke and connect for Yahoo logins
2018-07-27 16:20:47 +01:00
9c72c00206
FEATURE: Revoke and reconnect for Twitter logins
2018-07-27 12:28:51 +01:00
dac29b5ebc
UX: Display only top categories in hamburger menu ( #6146 )
2018-07-27 12:11:07 +05:30
6f9a91cbd5
Merge pull request #6175 from vinothkannans/post_approval_webhook
...
FEATURE: Webhook for post approval events
2018-07-27 10:50:49 +08:00
313cd9940d
starts refactoring report spec
2018-07-26 19:24:18 -04:00
1708ff1808
UX: add a route /rules as an alias for /faq and /guidelines
2018-07-26 15:38:08 -04:00
135c803f49
FIX: don't send PM if flagged post is deleted but flags were deferred or cleared
2018-07-26 15:12:31 -04:00
af5b88f8e2
Rename approval web hook event type to queued post
2018-07-26 10:29:38 +05:30
f8b367cc9c
Fix the build.
2018-07-26 10:17:51 +08:00
30242972d3
Add spec for 4bf3bf6786.
2018-07-26 09:16:14 +08:00
4bf3bf6786
SECURITY: force IM decoder based on file extension
2018-07-25 22:00:04 +02:00
5059dad8f0
FEATURE: Webhook for post approval events
2018-07-25 23:43:19 +05:30
f38942d121
FIX: Destroy session between omniauth callbacks controller tests
2018-07-25 16:33:42 +01:00
796639a797
FIX: makes disk_space computation more resilient ( #6172 )
2018-07-25 11:04:01 -04:00
fa399ce1c5
FEATURE: Add revoke and reconnect functionality for google logins
2018-07-25 16:03:14 +01:00
84d14fd8a0
FIX: Don't rely on setting data type read from database
2018-07-25 11:40:59 +02:00
417bcf7d2e
add checks for staff and system user before sending flags_agreed_and_post_deleted message
2018-07-24 19:25:11 -04:00
fe39cdc90a
FEATURE: when a post is deleted because a moderator agreed with flags, send a message to the post author
2018-07-24 17:17:56 -04:00
7058205f70
FIX: Broken specs
2018-07-24 12:00:34 -04:00
1ac643d71c
FIX: Email template for "Queued Posts Reminder" was not found
2018-07-24 17:26:52 +02:00
236243f38a
SECURITY: Consider `0.0.0.0` a private IP
2018-07-24 11:16:27 -04:00
7a3c541077
UX: Preview multiple color schemes in wizard ( #6151 )
...
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.
Theme preview windows are shrinked.
Imported default color schemes.
Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
2018-07-24 09:00:20 -04:00
abddb48260
Rubocop fix
2018-07-24 10:49:20 +01:00
fa19d3a53c
Merge pull request #6108 from discourse/transaction-sidekiq-fix
...
Fix notifications for topics moved between categories
2018-07-24 17:44:03 +08:00
20a21b1240
Move into MiniSQLMultisiteConnection, and add test for rollback
2018-07-24 09:41:55 +01:00
7a2bf8e368
Fix invalid query syntax when `CategoryCustomField#value` is blank.
2018-07-24 14:48:27 +08:00
fad9c2b971
PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table.
2018-07-24 13:51:53 +08:00
ae8b0a517f
PERF: Split skipped email logs into a seperate table.
2018-07-24 13:14:37 +08:00
dd9d815178
FIX: Add User Api Key headers to CORS
...
- add User-Api-Key and User-Api-Client-Id to Access-Control-Allow-Headers
- update test
2018-07-24 10:28:23 +10:00
f4b5eccad3
FIX: categories page crawler view had incorrect URLs
2018-07-23 14:54:41 -04:00
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
32062864d3
FIX: removes system from user to user report ( #6144 )
2018-07-23 10:33:12 -04:00
d7b5a374c2
Fix indentation
2018-07-23 10:42:15 +01:00
84ab825e41
FEATURE: Webhook for user destroyed event ( #6124 )
2018-07-23 13:19:49 +05:30
f8e9190617
FEATURE: Retry web hook when it is failed
2018-07-23 10:12:04 +08:00
06323f9c89
FIX: takes old dashboard out of caching job
2018-07-21 12:42:03 -04:00
368d4e8eae
FIX: notify staff about whispers in watched categories ( #6128 )
2018-07-21 11:20:21 +02:00
b4ef7dfe9a
DEV: Make spec less brittle.
2018-07-21 09:13:11 +08:00
7cf6c2825e
Merge pull request #6106 from OsamaSayegh/watch-when-splitting
...
FIX: topic owner should watch the new topic when moving posts to a new topic
2018-07-20 15:18:59 +08:00
69450750d1
shorter method name and better specs
2018-07-20 10:13:27 +03:00
1a78e12f4e
FEATURE: part 2 of dashboard improvements
...
- moderation tab
- sorting/pagination
- improved third party reports support
- trending charts
- better perf
- many fixes
- refactoring
- new reports
Co-Authored-By: Simon Cossar <scossar@users.noreply.github.com>
2018-07-19 14:33:11 -04:00
a2281fbb19
FEATURE: allows to jump to a date in a topic
2018-07-19 16:00:13 +02:00
a9ebad3f6c
FIX: do not add a moderator post when post is flagged via direct message ( #6100 )
2018-07-18 23:18:14 +02:00
32db976156
FIX: Stop race condition when topic notification jobs are scheduled during a database transaction
...
This was not picked up by tests because scheduled jobs are run immediately
and in the current thread (and therefore the current database transaction).
This particular case sometimes occurs inside multiple nested transactions,
so simply moving the offending line outside of the transaction is not enough.
Implemented TransactionHelper, which allows us to use `TransactionHelper.after_commit`
to define code to be run after the current transaction has been committed.
2018-07-18 22:04:43 +01:00
afc94ac9e4
FEATURE: add a Top Categories section to the user summary page, showing the categories in which a user has the most activity
2018-07-18 16:39:16 -04:00
2dc3a50dac
FIX: Do not update `last seen` time for suspended users
2018-07-18 16:04:57 +01:00
547b571d84
FIX: topic owner should watch the new topic when moving posts to a new topic
2018-07-18 15:23:32 +03:00
6d6e026e3c
FEATURE: selectable avatars
2018-07-18 12:57:43 +02:00
b068a8a771
Fix the build.
2018-07-18 14:03:27 +08:00
7da22e395b
FIX: do not show links with 0 click on topic map
2018-07-18 10:50:01 +05:30
281538ae61
FIX: theme JS should only run when needed global objects exist ( #6098 )
2018-07-18 15:13:47 +10:00
0c159f17b7
skip failing spec
2018-07-18 14:43:06 +10:00
379384ae1e
FIX: never block /srv/status which is used for health checks
...
This route is also very cheap so blocking it is not required
It is still rate limited and so on elsewhere
2018-07-18 12:37:01 +10:00
3874d40910
Prepare to drop `EmailLog#topic_id`.
2018-07-18 10:22:24 +08:00
02628883d2
FEATURE: adjust autobump system
...
- We spread out bumping through the day, if you are bumping
4 topics then a topic will be bumped every 6 hours
- We add a small, bumping action at the bottom of the post to
denote a topic got bumped
2018-07-18 10:17:33 +10:00
202b839208
Fix the build.
2018-07-17 17:20:57 +08:00
d839a42bf9
Skip imagemagick tests on Travis.
2018-07-17 17:11:05 +08:00
3553375dd2
PERF: Store `EmailLog#reply_key` as `uuid` data type.
2018-07-17 17:05:42 +08:00
1d74ccaaf8
Add compatibility for ImageMagick7.
2018-07-17 15:50:58 +08:00
91266cdabb
correct auto bump topic logic
2018-07-17 09:33:33 +10:00
c0c263405a
PERF: Store `EmailLog#bounce_key` as `uuid` data type. ( #6093 )
...
PERF: Store `EmailLog#bounce_key` as `uuid` data type.
2018-07-16 20:05:54 +08:00
ac0053f491
FEATURE: navigate to first post and auto bump category settings
...
### navigate_to_first_post_after_read setting for categories
When enabled on categories logged on users will return to OP after
reading the entire category. (useful for documentation categories)
### num_auto_bump_daily
Set a number of topics that will automatically bump daily on a category.
- Every 15 minutes we will check if any category has this setting
- Categories with the setting are shuffled
- We exclude pinned, closed, category description and archived topics
- Maximum of 1 topic for the list of categories is bumped till limit reached per category
- We always try to bump oldest first
- Limit is elastic using a RateLimiter that ensures that we only bump N per day
Also some minor organisation on category settings
Froze strings on category.rb
2018-07-16 18:10:35 +10:00
21ebb1cd54
FEATURE: Secondary emails support.
2018-07-16 11:09:49 +08:00
b1082924b9
FIX: do not validate topic deletions
2018-07-13 22:53:36 +05:30
711371e8c8
FIX: Select+below will ask server for post ids on megatopics.
2018-07-13 15:10:39 +08:00
c722b07057
FIX: `/t/:topic_id/last` route did not return any posts.
2018-07-13 14:26:10 +08:00
2901691e87
FEATURE: per-category approval settings ( #5778 )
...
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
79ba418edd
DEV: Don't join on a thread forever.
2018-07-12 15:46:07 +08:00
258e9e35ca
PERF: Make mega topics work without a stream.
...
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld .
2018-07-12 12:46:12 +08:00
decf1f27cf
FEATURE: Groundwork for user-selectable theme components
...
* Phase 0 for user-selectable theme components
- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
0942e2c795
allow adding tags as a custom subject format for emails ( #5846 )
...
allow adding tags as a custom subject format for emails
2018-07-11 12:24:07 +10:00
bdf3da8f80
DEV: Raise an error if any test finishes with more than 1 busy AR connection.
2018-07-11 09:54:01 +08:00
f2cc05c6c6
FIX: ignore self-quotes from the same post when saving ( #6082 )
2018-07-10 16:17:28 +08:00
0a28181c62
Fix the build take 2.
2018-07-10 11:27:03 +08:00
4163f9e61e
DEV: Better clean up for PostgreSQL failover test.
2018-07-10 09:53:25 +08:00
5374a0e720
Fix the build.
2018-07-10 09:48:57 +08:00
10bc69a62f
FEATURE: Event on topic merge ( #6057 )
2018-07-10 09:28:57 +08:00
4172e1dd52
FIX: Rename `User#usernames` that clashes with `Group#name`. ( #6069 )
2018-07-09 16:54:57 +08:00
96aca6d7e6
Remove legacy vote post action code. ( #6009 )
2018-07-09 16:54:18 +08:00
9a813210b9
SECURITY: Do not allow authentication with disabled plugin-supplied a… ( #6071 )
...
Do not allow authentication with disabled plugin-supplied auth providers
2018-07-09 14:25:58 +10:00
9948f57a99
REFACTOR: Update test to assert for the right objects.
2018-07-09 09:54:14 +08:00
dba22bbde2
rollback changes
...
This reverts:
* 1baba84c438e "fix s3 subfolders harder"
* ea5e57938edf "fix test for absolute_base_url change"
2018-07-06 17:16:40 -05:00
f8b90226cb
fix test for absolute_base_url change
2018-07-06 17:08:18 -05:00
52e9f49ec1
fix s3 subfolders harder
...
specifically, include the folder in absolute_base_url
2018-07-06 16:28:40 -05:00
18f5f646b1
FEATURE: allow selecting a tag when moving posts to a new topic ( #6072 )
2018-07-06 18:21:32 +02:00
7163bf9323
FIX: `Upload.get_from_url` not respective subfolder in s3 bucket names.
2018-07-06 11:37:11 +08:00
211981ef23
add specs for min_trust_to_create_tag set to staff and admin
2018-07-05 11:39:32 -04:00
28dd7fb562
FEATURE: Create hidden posts for received spam emails ( #6010 )
...
* Add possibility to add hidden posts with PostCreator
* FEATURE: Create hidden posts for received spam emails
Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
0408e87e00
remove uneeded specs
2018-07-05 15:34:58 +10:00
b54ba4c952
FIX: mentions broken after adding an <abbr> tag
...
A previous shortcut used was not allowing for <abbr and other tags starting with a
If <abbr> appeared anywhere in the text all mentions would fail to link
2018-07-05 09:27:11 +10:00
272646c1df
FIX: only show the sequential replies warning for regular posts
2018-07-04 22:51:19 +02:00
8a53941fe0
FIX: less aggressive gmail eliding
2018-07-04 20:04:46 +02:00
24882ce1a5
make rubocop happy
2018-07-04 09:42:31 -04:00
f134701c7b
FIX: user topic and post counts can become negative when staff deletes posts in personal messages
2018-07-04 09:31:16 -04:00
e72fd7ae4e
FIX: move crawler blocking into anon cache
...
This refinement of previous fix moves the crawler blocking into
anonymous cache
This ensures we never poison the cache incorrectly when blocking crawlers
2018-07-04 11:14:43 +10:00
7f98ed69cd
FIX: move crawler blocking to app controller
...
We need access to site settings in multisite, we do not have access
yet if we attempt to get them in request tracker middleware
2018-07-04 10:30:50 +10:00
e8a6323bea
remove crawler blocking until multisite support
2018-07-03 17:54:45 -04:00
c3129444ea
FIX: allow multiple secondary emails
2018-07-03 18:21:35 +08:00
b71cf6d422
FEATURE: Add search not operator for tags.
2018-07-03 15:57:34 +08:00
d7f6d37a98
refactor: promotion spec
2018-07-02 16:23:45 -07:00
969e79d7c6
PERF: Do not calculate gaps for `TopicViewPostsSerializer`.
...
The client doesn't use the gaps results when loading new posts.
2018-07-02 14:01:50 +08:00
7550e9ff95
FIX: purge unactivated users with a message from non-human users
2018-06-29 13:03:04 +05:30
25cfc98b67
Fix 'asscoiated' typo
...
I know that **Naming is CRITICAL** and that **Refactoring only NOT welcome**.
But since I spotted this (consistent) typo and the change does not affect any
functionality -- I checked the presence of "asscoiated" in the code base, I
guess the first rule trumps the second one.
It also gave me a false pretext to bypass my reluctance to use Google forms and
sign de CLA. Typos hurt the eye.
2018-06-29 11:10:05 +10:00
982df3c17b
FIX: return status 400 for invalid member params
...
previously error returned was a 500 which is not ideal
and is logged
2018-06-29 10:15:17 +10:00
fd7bb8e656
FIX: Scope the `cn` to the subfolder
2018-06-28 11:03:36 -04:00
db14e10943
SECURITY: category badges should HTML escape names
2018-06-28 18:15:07 +10:00
ec3e6a81a4
FEATURE: Second factor backup
2018-06-28 10:12:32 +02:00
cfa7898c2d
Rename `TopicView#last_read_post_id` to `TopicView#filtered_post_id`.
2018-06-27 12:33:57 +08:00
cb69888758
PERF: Don't pluck all the columns just to retrieve a single value.
2018-06-27 11:41:35 +08:00
6bcdc3ba4b
FEATURE: allow author to delete posts irrespective of post_edit_time_limit
2018-06-26 21:43:06 +05:30
7efdccdbc5
FIX: allow staff to remove tags from queued topics
2018-06-26 17:08:40 +05:30
49ffc1eb61
Revert "PERF: Send down gaps as the relevant posts load instead of front loading."
...
This reverts commit 4c3352528e
2018-06-26 12:54:14 +08:00
4c3352528e
PERF: Send down gaps as the relevant posts load instead of front loading.
2018-06-26 12:49:06 +08:00
0b6a2e9d1f
Remove force summary mode for megatopics for now.
...
The logic is too hairy and we can't reliably determine
when to force summary mode. Work is underway to improve
perf for megatopics so this will not be required
eventually.
2018-06-26 12:49:06 +08:00
50192de046
Fix the specs
2018-06-25 16:18:07 +10:00
93e60a59f5
Added rspec test
2018-06-25 16:18:07 +10:00
4644d777bd
FEATURE: add website field to SSO
2018-06-25 16:09:39 +10:00
41f76a74f8
FEATURE: send message when a user reaches tl1
2018-06-22 13:20:00 -07:00
f69356e628
FIX: Users can't "show all posts" in forced summary topics.
2018-06-22 11:32:45 +08:00
bad6a5142c
PERF: Don't include entire post stream when we're loading more posts.
2018-06-22 10:49:03 +08:00
bc52bdfa12
Feature: unconditionally consider TL0 users as "first day" users
2018-06-21 10:53:08 -07:00
Arpit Jalan
Rishabh
Neil Lalonde
Vinoth Kannan
Robin Ward
Bianca Nenciu
Gerhard Schlager
Maja Komel
Guo Xiang Tan
David Taylor
Kyle Zhao
Joffrey JAFFEUX
Sam
Saurabh Patel
Xiao Guan
Bianca Nenciu
Guo Xiang Tan
Régis Hanol
Penar Musaraj
Drew Stephens
Kyle E. Mitchell
Leo McArdle
Jeff Atwood
Blake Erickson
Rafael dos Santos Silva
Daniel Hollas
Davide Porrovecchio
Erin Kosewic
Paul Trippett
Lucas Nicodemus
Jeff Wong
Rishabh
OsamaSayegh
Raul Tambre
Kris
James Kiesel
Misaka 0x4e21
Simon Cossar
Dan Ungureanu
Leo McArdle
Jordan Seanor
Andrew Schleifer
Patrick Gansterer
Kasia Bułat
hellekin
Ernesto Serrano
David Lee