Commit Graph

2707 Commits

Author SHA1 Message Date
Sam f947e3c6cc FIX: always serve new avatar for previous version
Previously we killed caching on old avatars cause we kept serving blank
this meant we would front many more avatar requests after a version change

This change ensures all old avatars do not cause a flood of requests on the
server
2019-01-08 19:51:33 +11:00
Arpit Jalan e0bc82657b FIX: better accept invite flow when user is invited via a link 2019-01-07 14:22:08 +05:30
cfitz 19d7545318 FEATURE: Make auth_redirect param options on user_api_keys
This is a possible solution for https://meta.discourse.org/t/user-api-keys-specification/48536/19
This allows for user-api-key requests to not require a redirect url.
Instead, the encypted payload will just be displayed after creation  ( which can be copied
pasted into an env for a CLI, for example  )

Also: Show instructions when creating user-api-key w/out redirect

This adds a view to show instructions when requesting a user-api-key
without a redirect. It adds a erb template and json format.
Also adds a i18n user_api_key.instructions for server.en.yml
2019-01-04 14:46:18 +11:00
Vinoth Kannan 385829d7be FEATURE: Display error message when category restriction is applied for tags 2019-01-04 00:29:13 +05:30
Arpit Jalan bea7a8a4d1 FIX: show accurate error message based on invite token validity 2019-01-03 07:46:05 +05:30
Sam 14911d50a1 DEV: improve comment explaining need for favicon proxy 2019-01-02 13:15:20 +11:00
Arpit Jalan 70fdc10365
FEATURE: move posts to new/existing PM (#6802) 2018-12-31 17:17:22 +05:30
Saurabh Patel 0fca3205b5 FIX: show error msg on grant badge if message available from backend (#6801) 2018-12-31 10:46:39 +01:00
Joffrey JAFFEUX 1d62d3df6f
FIX: remove storage_stats from the list of reports, too specific (#6817) 2018-12-27 22:21:08 +01:00
Vinoth Kannan 2b006c0429 FEATURE: Invalidate broken images cache on Rebuild HTML action 2018-12-26 23:22:07 +05:30
David Taylor 7feabd9e49 PERF: Eradicate N+1 queries from the theme admin page 2018-12-21 11:03:58 +02:00
Vinoth Kannan e7e4074856 FIX: raises an error if q param is empty in search page 2018-12-20 21:43:14 +05:30
Arpit Jalan 1ea0cbece8 FIX: skip adding sso diagnostics if sso object is nil 2018-12-19 20:55:35 +05:30
Joffrey JAFFEUX e655e1863f
UX: Adding reports dashboard tab, new layout, report descriptions (#6790)
Co-Authored-By: Kris  <shout@k-ris.com>
2018-12-19 14:44:43 +01:00
Maja Komel 2fcbbead45 FIX: move sso provider into its own class so it doesn't interfere with sso client (#6767) 2018-12-19 10:22:10 +01:00
Neil Lalonde 6774b64aef FEATURE: add /conduct as an alias for /guidelines 2018-12-18 16:40:24 -05:00
Rishabh c279792130 FIX: Allow sending test e-mails to any email address when disable_email is set to non-staff (#6792) 2018-12-18 16:12:05 +01:00
Vinoth Kannan a313b01148 DEV: raise error if search term length is less than required 2018-12-18 20:06:59 +05:30
Gerhard Schlager 1a8ca68ea3 FEATURE: Improve backup stats on admin dashboard
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
Guo Xiang Tan e9ea0102a5 FIX: Consistency about our response for invalid user id in `Admin::UsersController`. 2018-12-15 08:01:35 +08:00
Joffrey JAFFEUX 03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel 9f89aadd33 FIX: delete all posts in batches without hijack (#6747) 2018-12-14 11:04:18 +01:00
Sam 94b8ba4f8f FIX: remove slow platform detection from server side
Historically due to https://meta.discourse.org/t/why-is-discourse-so-slow-on-android/8823
we decreased page sizes of both home page and topic page on android by half.

This was done on the server side and as a side effect and caused page sizes on android
to mismatch between Android and non Android.

Unfortunately about a year ago googlebot started pretending it is Android,
this cause Google to start indexing pages as what android would see. So
it saw double the amount of pages in the index as what exists on desktop.
This in turn caused double the amount of indexing work and a large amount
of broken links on long topics.

This fix removes all special behavior which is no longer needed due to
other performance work in Discourse including raw handlebars on home page
and virtual dom on topic pages.

I tested we do not need this on Blu Advance 5.0 it has 1.3 GHZ mediatec mt6580
This phone retails for around $50 USD.

If we decide long term that we want any hacks like this we will shift them
to the client side. It can just hold data in memory without rendering.
2018-12-13 13:57:05 +11:00
Maja Komel dbbadb5c35 FEATURE: add short_site_description setting to be included in title tag on homepage 2018-12-12 11:46:58 +01:00
Guo Xiang Tan 86926f4aee DEV: Let `create!` handle the check for persistence.
This is unlikely to fail but we want to know when it does.
2018-12-12 08:36:13 +08:00
David Taylor 0f734e2ae2 FIX: Return authenticated=true when reconnecting
This prevents a registration popup on the client
2018-12-11 17:40:02 +00:00
Gerhard Schlager 688755baf2 DEV: Improve specs and handle invalid email token
Follow-up to 7977b09025
2018-12-11 18:04:10 +01:00
David Taylor c7c56af397
FEATURE: Allow connecting associated accounts when two-factor is enabled (#6754)
Previously the 'reconnect' process was a bit magic - IF you were already logged into discourse, and followed the auth flow, your account would be reconnected and you would be 'logged in again'.

Now, we explicitly check for a reconnect=true parameter when the flow is started, store it in the session, and then only follow the reconnect logic if that variable is present. Setting this parameter also skips the 'logged in again' step, which means reconnect now works with 2fa enabled.
2018-12-11 13:19:00 +00:00
Gerhard Schlager 7977b09025 FEATURE: Activate users invited via email when invite is redeemed
Do not send an activation email to users invited via email. They
already confirmed their email address by clicking the invite link.
Users invited via link will need to confirm their email address before
they can login.
2018-12-11 00:09:53 +01:00
Rafael dos Santos Silva efec2db859 FEATURE: Web Share Target Support
This adds a **very basic** support for share to Discourse.

Currently, this is only supported in Android + Chrome 71+.

After installing a Discourse site to the Home Screen, you will be
able to share from anywhere in the OS to the Discourse site.

Discourse will use the title and text from the share event.
2018-12-07 13:48:09 -02:00
Saurabh Patel 9e3143445b DEV:add uploaded_meta option in category for category meta image (#6724) 2018-12-07 16:24:07 +01:00
David Taylor f7ce607e5d
FIX: Return 422 instead of 500 for invalid SSO signature (#6738) 2018-12-07 15:01:44 +00:00
Maja Komel 1d649e147b FEATURE: show avatar flair on group, badges and directory pages (#6732) 2018-12-06 12:18:52 +01:00
Bianca Nenciu 56890efd7a FEATURE: Add 'Advanced Test' for admin panel. 2018-12-05 21:56:18 +01:00
Bianca Nenciu 1a4f592749 FIX: Always allow admins upload selectable avatars. 2018-12-05 21:55:23 +01:00
Guo Xiang Tan 978f0db109 SECURITY: Require groups to be given when inviting to a restricted category. (#6715) 2018-12-05 16:43:07 +01:00
Vinoth Kannan d33d031742
FEATURE: Filter topic and post web hook events by tags (#6726)
* FEATURE: Filter topic and post web hook events by tags

* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
Régis Hanol 3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
Arpit Jalan 40f10855c6
FIX: defer flags (only) when handling a flag and deleting replies (#6702) 2018-11-29 22:44:18 +05:30
Maja Komel 4a8f21d387 FIX: prevent minimum_required_tags on category being set to null (#6703)
* FIX: prevent minimum_required_tags on category being set to null

* add migration for NOT_NULL constraint for minimum_required_tags

* add specs
2018-11-29 18:10:14 +01:00
Saurabh Patel 55945ec7c8 FIX: throw error when link in reason for grant badge is an external link (#6690) 2018-11-28 18:01:41 +01:00
Gerhard Schlager e7b76b319a FEATURE: Setting for short title used by Android on homescreen 2018-11-28 14:59:30 +01:00
Arpit Jalan 851ef14096 Revert "FIX: do not agree flags by default when deleting posts"
This reverts commit cb6fc8057b.
2018-11-28 10:21:11 +05:30
Arpit Jalan bdb1268528 FIX: static page title should be consistent on client side and server side 2018-11-27 22:03:52 +05:30
Arpit Jalan 6cb49cd42c
Merge pull request #6671 from techAPJ/destroy-posts-flags
FIX: do not agree flags by default when deleting posts
2018-11-27 11:27:23 +05:30
Arpit Jalan cb6fc8057b FIX: do not agree flags by default when deleting posts 2018-11-27 10:57:20 +05:30
Penar Musaraj 03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Arpit Jalan b5bf182ad5 FIX: validate topic deletion when acting on a flag 2018-11-25 23:24:03 +05:30
Guo Xiang Tan a1888b301b DEV: Don't require login for QUit test path. 2018-11-23 13:50:19 +08:00
Arpit Jalan 60941f214c FIX: remove unneeded keys from failed response 2018-11-22 14:59:50 +05:30