e1d358ffbf
FIX: Don't clear the login hint when the system user is saved
2017-02-13 10:54:20 -05:00
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
84af84dc52
prevent inactive & staged users from being automatically added to a group
2017-02-06 17:49:27 +01:00
ec73224b5e
PERF: Remove N+1 query when saving a user.
2017-02-03 15:03:33 +08:00
c01cee4aa6
PERF: N+1 query when saving a user.
2017-01-27 10:53:42 +08:00
86c52c72f6
FIX: Deleting a user was not deleting their directory items
2017-01-16 11:46:52 -05:00
63954c1b33
FIX: Same user record being saved twice causing validation to fail.
2017-01-16 16:41:03 +08:00
ed5fa20b0c
Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
...
This reverts commit 9c40657ba4
2017-01-16 09:44:10 +08:00
980cea7081
FIX: Add length validation for `User#name`.
2017-01-03 13:42:33 +08:00
f1beef43a8
Merge pull request #4618 from tgxworld/fix_invalid_emails
...
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
9c40657ba4
FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level
2016-12-28 17:36:04 -05:00
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
239d06b218
add Likes Recieved to possible stats in summary email
2016-12-12 14:20:25 -05:00
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
f812415c52
Update annotations.
2016-11-24 10:13:03 +08:00
8c6d8c85db
Stop showing first notification prompt once user sees the notification.
2016-11-17 09:44:00 +08:00
98c1e0832c
FIX: Track first notification read using Redis.
2016-11-16 16:20:38 +08:00
16fdcdfc00
FIX: Add conditions on when to show first pm notification.
2016-11-16 14:17:47 +08:00
784366f1a0
FIX: display only 1 trust level badge on user card
...
refactoring graciously provided by @xfalcox
2016-11-14 20:53:24 +00:00
9e69798285
FEATURE: watch first post default site setting
2016-11-10 00:09:52 +05:30
b18439a1e2
Fix build.
2016-11-08 17:00:44 +08:00
a8b7599d4a
FEATURE: Add a radial ping when user's first notification has not been read.
2016-11-08 16:23:12 +08:00
c463cf63d4
FEATURE: Webhook for user creation and approval
2016-09-19 10:12:55 +08:00
25a82e7d22
PERF: only publish notification state if we changed it
...
also publish seen_notification_id so we can tell what is new and what is old
cleanup controller so it correctly checks user
fix bug around clearing notification when people click mark read
2016-09-16 12:02:19 +10:00
9609a47016
Ability to skip email validation via a plugin
2016-09-07 14:05:46 -04:00
90a0327fd2
FIX: Check against reserved usernames should be case insensitive.
2016-08-31 21:53:41 +08:00
416e7e0d1e
FEATURE: basic UI to view user api keys
2016-08-16 17:06:52 +10:00
f8144f07fd
purge 2x the unactivated old users
2016-07-27 03:29:00 -07:00
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
a9207dafa7
FEATURE: configure session time via site setting for all the users ( #4343 )
2016-07-23 02:57:30 +05:30
64bdededd3
Allow plugins that implement OAuth and OAuth2 to show up under associated accounts in the Admin area. ( #4333 )
2016-07-18 09:02:41 +02:00
e4a82cdd85
Merge pull request #4306 from tgxworld/add_discourse_event_trigger_when_user_logs_out
...
FEATURE: Add event trigger when a user is logged out.
2016-07-05 19:50:46 +08:00
59680af329
disable email white/blacklisting for staged users
2016-07-04 16:05:01 +02:00
22ade1f811
FEATURE: Add event trigger when a user is logged out.
2016-07-04 17:20:30 +08:00
487c20959c
FEATURE: max topics/replies per day for new users now starts counting from the first post, not signup date
2016-06-20 16:55:11 -04:00
470da6205c
FIX: staged users should not watch/track/mute categories by default
2016-06-14 16:45:47 +02:00
cb5be1fe8f
Upgrade rspec to 3.4.0.
2016-05-30 11:38:38 +08:00
089b1d164c
annotate models
...
(reminder run RAILS_ENV=test bin/annotate once in a while)
2016-05-30 10:45:32 +10:00
f13470b96b
Use db schema for tags instead of plugin store and custom fields
2016-05-26 14:29:48 -04:00
feffe23cc5
FEATURE: More granular mailing list mode ( #4068 )
...
* Rearrange frontend to account for mailing list mode
* Allow update of user preference for mailing list frequency
* Add mailing list frequency estimate
* Simplify frequency estimate; disable activity summary for mailing list mode
* Remove combined updates
* Add specs for enqueue mailing list mode job
* Write mailing list method for mailer
* Fix linting error
* Account for stale topics
* Add translations for default mailing list setting
* One query for mailing list topics
* Fix failing spec
* WIP
* Flesh out html template
* First pass at text-based mailing list summary
* Add user avatar
* Properly format posts for mailing list
* Move make_all_links_absolute into Email::Styles
* Apply first_seen_at to user
* Send mailing list email summary hourly based on first_seen_at
* Branch and test cleanup
* Use existing mailing list mode estimate
* Fix failing specs
2016-05-21 15:17:54 +02:00
74b3807f60
FEATURE: new bootstrap mode settings for brand new Discourse community ( #4193 )
...
* FEATURE: new bootstrap mode settings for brand new Discourse community
* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
2194ccec6e
slightly better automatic flag reason messages
2016-04-25 23:03:17 +02:00
7d9f2265b9
FIX: improve support for handling emails coming from screened email addresses
2016-04-18 23:01:54 +02:00
de9136a8f2
FIX: bypass TL0-specific validations on posts in a PM
2016-04-18 22:08:42 +02:00
868e70e817
FIX: ensure we only ever enqueue 1 UpdateGravatar job
2016-04-18 12:44:09 +02:00
8fcd359e2a
Revert "FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues"
...
This reverts commit b7c16991f7
2016-04-13 18:30:25 +02:00
b7c16991f7
FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues
...
FIX: Don't queue more than 1 'update_gravatar' job per user
2016-04-13 18:12:28 +02:00
609969bf6f
Remove `has_many :views` from User ( #4150 )
2016-04-08 00:37:10 +02:00
a130cb8305
FEATURE: move more urgent emails notifications to critical queue
...
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
0bf001ccd7
FIX: badge grant count wasn't filtered to the current user in the user summary
2016-03-30 23:11:00 +02:00
54f8bdd13b
FIX: only validate username when changing it
2016-03-29 11:53:21 -04:00
1006b1ba94
Various Plugin Enhancements and Extension Points
2016-03-11 15:53:37 -05:00
5771d2aee2
SECURITY: Support for confirm old as well as new email accounts
2016-03-08 14:52:22 -05:00
32c681c96b
annotate models
2016-02-23 10:33:53 +11:00
f0e942f647
PERF: move 3 more option columns out of the user table
2016-02-18 16:57:22 +11:00
3829c78526
PERF: shift most user options out of the user table
...
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded
New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
dd6ebde824
FIX: Always ensure notifications are treated as read once clicked
...
UX: improve messaging so notifications list is far more stable
PERF: improve performance of notifcation lookup queries
- Add feature "SetTransientHeader" that allows shipping info to server
in the next Ajax request
- remove local storage hack used for notifications
- amend lookupStale to return hydrated objects, move logic into store
- stop magically clearing various notifications (likes, invitee accepted, group_summary, granted badge)
2016-02-15 19:29:47 +11:00
eec8436cfe
FEATURE: filter admin reports via user group
2016-02-04 11:23:49 +05:30
a764cc3a42
FEATURE: by default users track a group (as opposed to watch)
...
FEATURE: a rollup counting number of messages in the group inbox to tracking users
2016-01-27 21:38:33 +11:00
7303f8f309
FEATURE: first pass at user summary page
2016-01-20 15:14:25 +11:00
3083657358
FEATURE: better email in support
...
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
c2e45c8377
Update annotate and annotate models
2016-01-11 17:30:56 +11:00
03ea0bfe22
FEATURE: allow users to archive messages
...
Messages are now in 3 buckets
- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with
You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly
Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
a8b5192efd
FEATURE: User page refactor
...
Re-organise user page so it is easier to find interesting info
split it into tabs
- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
1cde276656
FEATURE: ability to send emails to a group
2015-12-07 17:01:08 +01:00
88f1a8f0b1
Merge pull request #3821 from mpalmer/letter-avatar-proxy
...
Proxy letter avatars by default
2015-11-19 20:02:16 +11:00
92ba6125c4
FEATURE: new 'automatically_unpin_topics' user preference
2015-11-17 18:21:40 +01:00
6dd4bc7d57
FEATURE: support group owner, capable of controlling group membership
...
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members
Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
af4a48a67c
Use Discourse.current_hostname
...
Much cleaner.
2015-11-06 14:13:44 +11:00
c09f345cff
Proxy letter avatars by default
...
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service. This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).
It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png `.
2015-11-06 14:13:44 +11:00
a439500bac
FIX: do not mark post as spam if the previous flag was disagreed
2015-10-17 01:30:53 +05:30
fe656fb04d
FIX: select appropriate period when redirecting to top
2015-09-21 20:28:20 +02:00
c1ecd6f4ce
update annotations
2015-09-18 10:41:10 +10:00
b9a9a91335
FIX: couldn't set 'never' for the default email digest frequency setting
2015-09-14 10:36:25 +02:00
f948ee9e26
FIX: ensure letter avatar service uses same algorithm
2015-09-14 09:42:21 +10:00
93f9dcfcec
FIX: don't overwrite custom uploaded avatar when selecting gravatar
...
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
0c58f08207
FIX: profile picture selector
2015-09-11 15:10:56 +02:00
6437cd0341
FEATURE: add support for generic external avatar services
...
This changes it so we only ship an avatar template down to the client
it has no magic, all it knows is how to plug in size
2015-09-11 15:10:56 +02:00
90d49d1497
correct paths used for external service
2015-09-11 13:18:07 +10:00
2742602254
FEATURE: support for external letter avatars service
2015-09-11 02:12:40 +02:00
e43034f08f
Revert "FEATURE: SVG letter avatars (based on @eviltrout's spike)"
...
This reverts commit cd77465788
2015-09-11 00:23:52 +02:00
cd77465788
FEATURE: SVG letter avatars (based on @eviltrout's spike)
2015-09-11 00:11:48 +02:00
335be272ff
FEATURE: implement capping of new/unread
...
We cap new and unread at 2/5th of SiteSetting.max_tracked_new_unread
This dynamic capping is applied under 2 conditions:
1. New capping is applied once every 15 minutes in the periodical job, this effectively ensures that usually even super active sites are capped at 200 new items
2. Unread capping is applied if a user hits max_tracked_new_unread,
meaning if new + unread == 500, we defer a job that runs within 15 minutes that will cap user at 200 unread
This logic ensures that at worst case a user gets "bad" numbers for 15 minutes and then the system goes ahead and fixes itself up
2015-09-07 12:03:17 +10:00
a54e8f3c5e
FEATURE: live refresh notifications as they happen
2015-09-04 13:20:33 +10:00
5984b62347
FIX: ensure we remove 'category_users' records when a user is deleted
2015-09-02 20:43:15 +02:00
f9717da28f
Merge pull request #3695 from riking/patch-10
...
FIX: Consider reserved usernames as not 'available'
2015-08-26 10:51:50 -04:00
ea9bc68ee5
PATCH: in some cases this is being turned to a string workaround for now
2015-08-26 16:19:21 +10:00
1586886bf9
FIX: Consider reserved usernames as not 'available'
...
https://meta.discourse.org/t/reserved-usernames-ignored-by-invites/32490
2015-08-25 17:24:07 -07:00
84fdc655ad
correct retry logic
2015-08-24 10:28:38 +10:00
bef80633b1
FEATURE: global admin override of most of the user preferences
2015-08-21 20:39:21 +02:00
49996bcdea
FIX: don't suggest name when email is empty
2015-08-20 11:59:28 +02:00
eb941475fa
FIX: mark invite accepted notification as read
2015-08-13 11:11:54 +05:30
782dd13e78
FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section
2015-07-07 14:06:42 -04:00
b52e5d1536
FIX: `default_avatars` wasn't being used for some server side templates
2015-06-26 13:38:09 -04:00
189cb3ff12
FEATURE: move migrate_to_new_scheme into a background job
...
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
feeb509a97
SECURITY: expire all existing email tokens on password reset
2015-06-06 03:50:06 +10:00
4171eb758c
SECURITY: expire all existing sessions if user changes passwords
2015-06-06 03:09:19 +10:00
83559bbf45
posts read may enter concurrently, retry
2015-06-01 11:55:07 +10:00
acafa491b2
user avatar urls/templates refactor
2015-05-29 18:51:17 +02:00
9f9825bb6b
FIX: don't send emails to anonymous users
...
Also changes behaviour of real to not return anonymous users.
This means user counts will no longer include them, and the
mailing list system will ignore them even if they somehow end up
with the feature turned on.
2015-05-11 00:56:34 +01:00
963ebf5963
FIX: if approving a user when must_approve_users is false, don't send an email
2015-05-04 15:30:25 -04:00
4745eca4ad
FIX: Don't abort PurgeInactive if they have posts. Just skip.
2015-05-04 11:37:49 -04:00
803feefd54
MessageBus handles readonly redis now, no need to wrap it
2015-05-04 12:21:00 +10:00
b2fd69a675
FIX: avatar_template when using relative_url_root
2015-04-28 20:58:46 -04:00
151b559e4c
FIX: If you delete a user, delete their queued posts as well.
2015-04-24 16:04:44 -04:00
5b3f99aa50
Don't blow up if Redis switches to READONLY
2015-04-24 14:37:16 -04:00
80b2935e11
FIX: prevent DOS when fixing avatar in quotes
2015-04-24 11:14:10 +02:00
a737090442
- FEATURE: revamped poll plugin
...
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
296add56e6
correct letter avatar template
2015-04-20 13:07:12 +10:00
51b747346e
PREF: speed up grabbing unread counts
2015-04-17 16:01:20 +10:00
4bfca12b11
FEATURE: anonymous_account_duration_minutes , cycle anon accounts after N minutes from last post
...
fixes it so anon users can not like stuff
2015-04-08 12:30:02 +10:00
30b063c08b
FEATURE: make full names a required field of user profiles with the full_name_required setting
2015-04-02 17:08:04 -04:00
10b8eca9a6
fix the build
2015-03-30 12:48:20 +02:00
588667b1e4
FEATURE: fix avatar in quotes when changing avatars
2015-03-30 12:31:10 +02:00
5aa1272f05
clean up first day user definition and object model
2015-03-26 16:48:36 +11:00
9834d11503
Staff and TL2 up are immune to newuser checks and not considered new users
2015-03-26 16:04:46 +11:00
92e371f0b3
FEATURE: civilized mute
...
Allow user to mute all notifications generated by specific users
2015-03-24 11:55:22 +11:00
6cd4330335
FIX: show all deleted posts
2015-03-11 18:07:47 +01:00
608647d02f
FEATURE: Anonymize User. A way to remove a user but keep their topics and posts.
2015-03-10 11:59:08 -04:00
e74b9ee5da
FIX: should not count disagreed flags
2015-02-19 18:11:07 +01:00
67f404d281
FIX: remove notifications on deleted topics from the stream
2015-02-19 12:40:00 +11:00
3ce2077aa8
Migrate unsubscribe keys to the database.
...
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
06f02ce9fc
FIX: 🈂️ Allow closing polls in multi-locale sites
2015-02-05 19:55:03 -08:00
6c410ed093
FIX: strip whitespaces from user email
2015-01-30 01:44:24 +05:30
efd65dcc8c
hard match domains for automatic group membership
2015-01-26 23:17:29 +01:00
256519dddf
FEATURE: automatic group membership based on email address
2015-01-23 18:25:43 +01:00
1ab0d6bd82
FEATURE: Log username changes by staff
...
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
a2b284a0a4
table & model changes for group managers with permission to edit membership
2015-01-15 11:44:42 -08:00
e20078a9dc
PERF: fix performance issue when displaying the user card for admins
2015-01-05 19:49:32 +01:00
97b3914b70
FIX: use utc time when generate reports; set boundary
2014-12-30 22:43:03 +08:00
521226f4c9
FIX: registration fails with timeout on gravatar
2014-12-15 22:10:27 +01:00
929ff00741
FIX: use excerpt instead of the summary
2014-12-06 18:48:39 +01:00
ea269ccfb2
rename purge_inactive to purge_unactivated
2014-12-02 21:36:25 -08:00
cb0e7a5724
For performance reasons, use `delete_all` when removing a user's email logs
2014-11-28 14:20:43 -05:00
6bed4e1bf0
add allowed_ips to api_keys
...
update annotations
2014-11-20 14:53:15 +11:00
068d22e9b3
Add API support for querying admin reports by date range
2014-11-05 13:11:37 -05:00
8f390c979b
FEATURE: Mark All as Read button for Notifications page
...
Added a Mark All as Read button to the top/bottom of the notifications user page
https://meta.discourse.org/t/possibility-to-selectively-or-completely-mark-notifications-as-read/20227
Remove notifications property (no longer used)
2014-10-13 06:31:27 -04:00
0e7be81e60
FIX: badge granted titles were not being revoked when badge was revoked
2014-10-08 10:26:18 +11:00
37af13f6ea
FIX: badge notifications are marked read by the system after opening
2014-10-02 16:08:31 +10:00
72a28aeb7c
FEATURE: always show highest trust level badge in card
...
FEATURE: fa-user icon for trust level badges
2014-10-02 16:08:31 +10:00
edb34c178a
FEATURE: Show user fields when the user is signing up
2014-09-30 10:45:18 -04:00
bff95a6a97
Rename 'leader' -> 'tl3'
2014-09-30 13:16:34 +10:00
c8111ada6e
FEATURE: Allow admins to lock users from TL3 promotion/demotion
...
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
7e309a21cf
FEATURE: hide emails behind a button for staff members
2014-09-29 22:31:05 +02:00
c248d28c38
FEATURE: display associated accounts in admin user
2014-09-25 16:15:01 +10:00
7bc223ef7c
FEATURE: improve flags reminder email
2014-09-23 18:37:31 +02:00
2c6d03f87f
SECURITY: Limit passwords to 200 characters
...
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
334e21a03a
Revert "Revert "FEATURE: Can create warnings for users via PM""
...
This reverts commit 1c7559380c
2014-09-08 11:11:56 -04:00
1c7559380c
Revert "FEATURE: Can create warnings for users via PM"
...
This reverts commit b0bfc1f93f
2014-09-08 10:38:59 -04:00
Robin Ward
Sam
Régis Hanol
Guo Xiang Tan
Neil Lalonde
Leo McArdle
Arpit Jalan
Erick Guan
Jeff Atwood
cpradio
James Kiesel
Matt Palmer
Kane York
Luke Granger-Brown
Jason W. May
cpradio
