9375dcb6fe
PERF: Spawn a seperate timer task to check if Redis master is up.
2016-11-07 15:04:28 +08:00
2ddabc3928
FIX: protect against future regressions of google omniauth
2016-11-07 12:48:00 +11:00
9fd317306c
FIX: Do not show educational message for PMs.
2016-11-04 17:06:53 +08:00
a655e4b092
ensure we allow self oneboxing of login required sites
2016-11-03 22:48:32 +01:00
9ef1688a76
FEATURE: per-category default topic list sort order
2016-11-01 12:18:41 -04:00
382803cb05
FEATURE: include post image in OpenGraph image tag
2016-10-31 15:11:33 +05:30
f8caae0be7
FIX: don't overwrite custom email headers when using mandrill/sparkpost
2016-10-30 11:38:55 +01:00
49c27d9a88
FEATURE: Add interface in `Plugin::Instance` to register a seedfu fixture.
2016-10-25 14:57:31 +08:00
01001b167e
fix the build
2016-10-25 01:55:47 +02:00
3841cd9a7f
FEATURE: onebox everything by default
...
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
2a61cc8c88
FIX: email styling with blacklisted iframes
2016-10-21 12:37:03 +02:00
674264726d
FIX: should not be allowed to see users list of people who started a PM
2016-10-19 17:36:35 +11:00
7db33cc512
FIX: Videos and audio files were not associated to the post.
2016-10-18 16:13:39 +08:00
bd1328c189
FIX: show the wizard to developers too
2016-10-14 11:09:55 +02:00
f4f5524190
FEATURE: user API now contains scopes so permission is granular
...
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
89daa43754
FEATURE: remap emojis back for push notifications and desktop alerts
2016-10-11 13:03:48 +11:00
6031e692f0
Merge pull request #4366 from xfalcox/print
...
Print Support
2016-10-11 11:47:20 +11:00
0f0b657182
Merge pull request #4447 from pmusaraj/approve_new_topics_setting
...
FEATURE: add "Approve new topics unless user level" setting
2016-10-11 10:14:28 +11:00
ea1f0683c8
Merge pull request #4477 from cpradio/watching-state-on-reply
...
FEATURE: Add notification level user preference when replying to a topic
2016-10-11 10:05:37 +11:00
8f68a95e56
FIX: trim leading & trailing whitespaces in admin user search
2016-10-10 16:18:57 +02:00
647ee46edf
FIX: don't stem the search term
...
Search for "canned" not working correctly and "butted", "ands" and many more :)
2016-10-07 12:40:57 +11:00
6f1c31d777
Add notification level user preference when replying to a topic
2016-09-30 14:58:07 -04:00
4d8d5613e4
FEATURE: add min_trust_level_to_edit_post
...
add minimum trust level to edit post (default 0)
2016-10-01 02:12:27 +10:00
40b83ebb47
Reset `I18n.locale` in tests.
2016-09-29 13:42:56 +08:00
f96fffeb34
Add tests
2016-09-26 20:46:55 -03:00
df751ed6ec
Merge pull request #4457 from JaredReisinger/github-auth-with-email-whitelist
...
Add support for email whitelist/blacklist to GitHub auth
2016-09-23 09:49:14 +10:00
3c12dd6549
FIX: Consider lazyYT divs as links when extracting
2016-09-22 16:50:24 -04:00
0344388924
added tests and enabled queue when new setting is > 0
2016-09-22 14:51:36 -04:00
2ae7c47a3c
Add support for email whitelist/blacklist to GitHub auth
...
If a site is configured for GitHub logins, _**and**_ has an email domain
whitelist, it's possible to get in a state where a new user is locked to
a non-whitelist email (their GitHub primary) even though they have an
alternate email that's on the whitelist. In all cases, the GitHub
primary email is attempted first so that previously existing behavior
will be the default.
- Add whitelist/blacklist support to GithubAuthenticator (via
EmailValidator)
- Add multiple email support GithubAuthenticator
- Add test specs for GithubAuthenticator
- Add authenticator-agnostic "none of your email addresses are allowed"
error message.
2016-09-22 11:31:10 -07:00
14bee641aa
Can choose categories or latest as homepage style
2016-09-22 09:52:19 -04:00
2a0443445b
New step to choose emoji set
2016-09-22 09:52:19 -04:00
2545c2ffa6
Add new welcome message step
2016-09-22 09:52:19 -04:00
b0ee7930e8
Server side support for inviting as a moderator via the wizard
2016-09-22 09:52:19 -04:00
28cd49f02b
Split Logos and Icons into separate steps
2016-09-22 09:52:19 -04:00
4f9a7aa769
FIX: Prompt for the wizard for the first admin who logs in
2016-09-22 09:52:19 -04:00
644bcbc253
Make the site contact a drop down of admin users
2016-09-22 09:52:19 -04:00
74ed2e82ac
UX: Wiggle invalid form elements. Don't allow a site title of Discourse
2016-09-22 09:52:19 -04:00
29cf47cfb2
Track steps the user has completed, nag them to finish it.
2016-09-22 09:52:19 -04:00
ef84981e38
Invite Users step
2016-09-22 09:52:19 -04:00
35b767f6af
Company Name Step which updates the TOS
2016-09-22 09:52:19 -04:00
28b6c300a0
Clean up wizard updater API for better plugin use
2016-09-22 09:52:19 -04:00
e3640ee5f6
Privacy Step
2016-09-22 09:52:19 -04:00
af83c8dc14
Upload Logos Step
2016-09-22 09:52:19 -04:00
c94e6f1b96
Add locale step
2016-09-22 09:52:19 -04:00
3f6e3b9aff
Wizard - Color Scheme Step
2016-09-22 09:52:19 -04:00
9f12b571ef
Wizard: Server Side Validation + Finished Step
2016-09-22 09:52:19 -04:00
3a4615c205
Wizard: Step 1
2016-09-22 09:48:58 -04:00
8dc4329094
FEATURE: optionally get extra profile info from facebook
...
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
c463cf63d4
FEATURE: Webhook for user creation and approval
2016-09-19 10:12:55 +08:00
e46204d195
FIX: allow long words if they contain periods
2016-09-13 09:15:05 +05:30
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
35bc0c943f
More randomly failing specs fixes.
2016-09-05 19:33:03 +08:00
1f70fc9e11
Make sure we reset global in specs.
2016-09-05 18:18:14 +08:00
31d900f7e7
Fix build.
2016-09-05 17:03:41 +08:00
aa1f306894
Properly clean up plugin event in specs..
2016-09-05 16:10:03 +08:00
aabb7a8592
FIX: DiscourseEvent should not be triggered from within the controller.
2016-09-05 15:58:04 +08:00
ec90655c41
FIX: Clean up specs properly.
2016-09-05 15:48:59 +08:00
aa9decf6fd
Remove `DiscourseEvent.clear`.
2016-09-05 15:17:49 +08:00
59640bae3b
FIX: absolute URL for CDN should always be rooted with a protocol
2016-09-05 15:57:46 +10:00
2f39293867
FIX: User enabled readonly mode was not working.
2016-08-25 23:31:59 +08:00
7a81669c18
SECURITY: don't allow re-using the current password during password reset
2016-08-24 12:27:21 -04:00
038eb6f645
FIX: translations with a symbol as key should also be overridable
2016-08-24 11:53:03 +02:00
c3a3aff120
FEATURE: Support for a whitelist for embeddable host paths
2016-08-23 14:56:12 -04:00
4a2f0e772c
add specs for post ownership change without revision
2016-08-20 01:27:48 +05:30
4061725a95
FIX: Don't ever grant badges when they're disabled
2016-08-19 15:16:37 -04:00
3141c179f7
REFACTOR: Get bucket name from S3Helper.
2016-08-19 14:08:37 +08:00
3ea68f8f6c
tweak headers so they can be consumed
2016-08-18 14:38:33 +10:00
7ff1f6cb9d
Allow custom bucket name for `FileStore::S3Store`.
2016-08-16 15:25:42 +08:00
3b792054f2
Merge pull request #4387 from gdpelican/feature/tags-intersection
...
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
554d15fdd4
Add extra spec for topic_query
2016-08-15 15:42:06 -04:00
0433163866
FEATURE: Support subfolders in `SiteSetting.s3_backup_bucket`.
2016-08-15 16:14:51 +08:00
fc095acaaa
Feature: User API key support (server side implementation)
...
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
aa5de3c40a
FEATURE: Support subfolders in S3 bucket name.
...
This commit also fixes a bug where s3 uploads are not
moved to a tombstone folder when removed.
2016-08-15 13:07:41 +08:00
3378ee223f
FIX: Incorrect path being passed to `S3Store#remove_file`.
2016-08-15 11:35:30 +08:00
aef954784a
FIX: `nofollow` was being added during post processing when it shouldn't
2016-08-12 15:35:13 -04:00
7e73b933c7
First pass
2016-08-12 15:28:46 -04:00
7e165d031b
FIX: Short terms will be searched for if at least one is long enough
2016-08-11 11:53:14 -04:00
6075debc90
Add specs to hidding settings when shadowed by a global.
2016-08-11 16:04:45 +08:00
11afb20772
SECURITY: Escape HTML in filename.
2016-08-11 11:27:12 +08:00
6288d4c995
FIX: Revised post not updated correctly when merging posts.
2016-08-11 09:01:54 +08:00
fc311dbe3b
FEATURE: An option to search more recent posts for very large sites.
...
On very large forums searching posts can be slow, so this commit
introduces the ability to try and search only the most recent posts
first, and then going for a larger breadth search if there aren't
enough results.
Enable `search_prefer_recent_posts` and you can customize how many
recent posts to filter with `search_recent_posts_size`
2016-08-10 15:43:42 -04:00
e55e2aff94
FIX: FirstReplyByEmail badge wasn't granted
...
DEPRECATED: PostProcess badge trigger
2016-08-10 19:24:01 +02:00
cc366d5a60
FIX: Search in non-english should have a smaller minimum
2016-08-09 15:20:28 -04:00
28436a604a
FIX: Prevent tricking the search from ignoring minimum lengths
2016-08-09 14:49:46 -04:00
5cc8bb535b
SECURITY: do cookie auth rate limiting earlier
2016-08-09 10:02:18 +10:00
51322a46b3
FEATURE: retry processing incoming emails on rate limit
2016-08-08 22:28:27 +02:00
f10c4682cd
FIX: muted tags showing in latest topic list
2016-08-04 11:54:48 -04:00
b08ab829b8
added 'X-Auto-Response-Suppress' email header (props to elijah)
2016-08-03 11:02:07 +02:00
2891f230d1
SECURITY: Make sure uploaded_urls have corresponding upload records
2016-07-28 13:54:17 -04:00
dc1a830d3d
SECURITY: SQL Injection in Admin List Active Users
2016-07-28 11:42:06 -04:00
16a383ea1e
SECURITY: limit bad cookie auth attempts
...
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
8cbd585e20
FEATURE: Allow staff users to merge posts.
2016-07-27 12:04:14 +08:00
2a4006fe0c
Add `YandexBot` to our list of crawlers
2016-07-26 13:21:37 -04:00
b5fbff947b
FIX: don't expire old sessions when logging in
2016-07-26 11:37:41 +10:00
1379bd5053
fix all v=2 spec / test errors for emoji
2016-07-25 15:53:48 -07:00
12ecf8624a
FIX: tokenize words with dots correctly
...
hello.world is now tokenized as "hello.world" and "world" that way the word
"world" will find the post with "hello.world"
2016-07-25 16:26:33 +10:00
e01802a13b
FIX: strip quote from search term when searching within topic
2016-07-25 15:06:25 +10:00
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
12dc511fea
PERF: make score calculator cheaper when site has long topics
2016-07-22 09:48:44 +10:00
7c092b0fe0
FEATURE: add filter to show topics that have not been tagged
2016-07-20 16:21:51 -04:00
Guo Xiang Tan
Sam
Régis Hanol
Neil Lalonde
Arpit Jalan
cpradio
Rafael dos Santos Silva
Robin Ward
pmusaraj
Jared Reisinger
Erick Guan
James Kiesel
Andre Pereira
Jeff Atwood