Vinoth Kannan
d1bad881ea
FEATURE: Allow moderators to change topic timestamps ( #7053 )
2019-02-22 14:33:52 +05:30
Gerhard Schlager
b0862bd15d
FIX: Push notifications could fail with UnauthorizedRegistration
...
The webpush gem by default sets the expiration date of the JWT token to exactly 24 hours in the future. That's not really needed because the token isn't reused. And it might cause UnauthorizedRegistration if the server's clock isn't 100% correct, because the maximum allowed value is 24 hours.
2019-02-15 21:12:09 +01:00
Gerhard Schlager
17f1a76570
FIX: Delete push subscription on MismatchSenderId error
...
This should prevent repeated MismatchSenderId warnings when the VAPID keys have changed.
2019-02-15 21:12:09 +01:00
Arpit Jalan
99c6db21e6
FEATURE: allow blocking emojis ( #7011 )
...
https://meta.discourse.org/t/blocking-emojis-wont-work/105853
2019-02-15 20:55:48 +05:30
Régis Hanol
7aecd3c2f5
Update app/services/user_silencer.rb
...
Co-Authored-By: eviltrout <robin.ward@gmail.com>
2019-02-08 08:50:50 -05:00
Robin Ward
bc3efab816
FIX: When disagreeing with a flag that silenced a user, unsilence them
...
Previously it would unhide their post but leave them silenced.
This fix also cleans up some of the helper classes to make it easier
to pass extra data to the silencing code (for example, a link to the
post that caused the user to be silenced.)
This patch also refactors the auto_silence specs to avoid using
stubs.
2019-02-08 08:50:50 -05:00
Gerhard Schlager
1e98929501
FIX: Email domain whitelist prevented user anonymizing
...
FIX: Secondary email addresses were not deleted during anonymizing
2019-01-30 15:14:36 +01:00
David Taylor
aca0b32fda
FEATURE: Allow overriding text size from a different device ( #6955 )
...
This brings the feature in line with the theme selection system
2019-01-28 11:19:50 +00:00
Maja Komel
45f66826ee
PERF: delete potentially large associated tables before user_destroyer.destroy transaction
2019-01-18 16:10:03 +01:00
Guo Xiang Tan
aa2cc4ab31
FIX: Liked notification consolidation has to account for user like frequency setting.
2019-01-17 14:33:23 +08:00
Sam
6079a3e4d0
FEATURE: allow calling user destroyer without a transaction
...
This additional option allows us to destroy a user in "pieces" in cases
where database is very big and stuff tends to time out
2019-01-17 07:56:17 +11:00
Angus McLeod
79eb1b8e16
FIX: Add watching_first_post to NOTIFIABLE_TYPES ( #6887 )
2019-01-16 11:49:15 +00:00
Guo Xiang Tan
e7b49c42c4
FIX: Allow liked notifications consolidation to be disabled.
2019-01-16 16:17:04 +08:00
Guo Xiang Tan
27e2b6575b
FIX: Liked notifications should not be consolidated across multiple users.
2019-01-16 15:01:13 +08:00
Guo Xiang Tan
ebe65577ed
FEATURE: Consolidate likes notifications. ( #6879 )
2019-01-16 10:40:16 +08:00
David Taylor
1ebd3dbbd0
FEATURE: Allow the base font size to be changed on a per-user basis ( #6859 )
2019-01-14 13:21:46 +00:00
Gerhard Schlager
978cc0cfca
FIX: Remove expired subscription for push notifications
...
All other errors get logged, but do not stop the system from sending further push notifications.
2019-01-10 15:41:04 +01:00
Régis Hanol
88e861e895
FIX: prevent error when badge has already been awarded
2019-01-04 15:17:54 +01:00
Régis Hanol
2988d281fc
DEV: group all collapsed notifications
2018-12-24 12:44:50 +01:00
David Taylor
160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator ( #6739 )
...
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
Sam
82e45f5485
FIX: method extraction caused push notifications to include incorrect post
...
Previously the push notification code path was not tested for notification
collapsing. This happens if you get multiple replies to a topic you are
watching.
2018-12-05 16:40:10 +11:00
Régis Hanol
3c9c95ac83
Update Rubocop to 0.60
2018-12-04 10:48:16 +01:00
Sam
aa97f6fdba
FEATURE: disable notifications for small actions that are whispers
...
Previously we would notify on small actions if they were whispers
this inconsistently lead to all sorts of problems including
- collapsed "N replies" after assign
- empty push notifications
New behavior adds an api to explicitly send push notifications as well
if needed: create_notification_alert
2018-12-04 17:54:42 +11:00
David Taylor
208005f9c9
REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
...
Changes to functionality
- Removed syncing of user metadata including gender, location etc.
These are no longer available to standard Facebook applications.
- Removed the remote 'revoke' functionality. No other providers have
it, and it does not appear to be standard practice in other apps.
- The 'facebook_no_email' event is no longer logged. The system can
cope fine with a missing email address.
Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
Arpit Jalan
059e36a6ff
FIX: log name changes only when the name is actually updated
2018-11-30 15:30:46 +05:30
Gerhard Schlager
886ef7251d
REFACTOR: Simplify extraction of mentions
2018-11-27 12:46:02 +01:00
Gerhard Schlager
5640166b27
FIX: Notify only invited users about mentions in PMs
2018-11-26 22:42:56 +01:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. ( #6573 )
2018-11-14 15:03:02 +08:00
Gerhard Schlager
24e5be3f0c
FIX: Relative links in translations should work with subfolder
2018-11-08 23:31:05 +00:00
Robin Ward
242a5fc5ef
Add DiscourseEvents for when users as unsuspended/unsilenced
2018-11-08 16:33:38 -05:00
Bianca Nenciu
2070edf889
FIX: Clarify User.group_locked_trust_level.
...
* Rename User.group_locked_trust_level to User.group_granted_trust_level.
* Remove the column from users table.
2018-11-07 10:27:44 +08:00
Daniel Hollas
cee51672c9
FIX: Strip accents from search query
...
4481836
introduced accent stipping in search_indexer,
but we need to strip it from the query itself as well
TODO in search with diacritics:
- Still need to fix excerpts on search page
- need to support accent stripping in in_topic search
- need to make sure that in:title works correctly
- need to fix "word boldening" in titles
2018-10-23 12:10:33 +11:00
Maja Komel
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Guo Xiang Tan
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
.
2018-10-15 09:43:31 +08:00
Guo Xiang Tan
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
.
We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
Robin Ward
a566ed42ae
FEATURE: Option to disable user presence and profile
...
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Sam
550e108a8c
FEATURE: only export settings that changed via rake task
2018-10-08 11:54:52 +11:00
David Taylor
9bf522f227
FEATURE: Mixed case tagging ( #6454 )
...
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.
- If force_lowercase_tags is disabled, then mixed case tags are allowed.
- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.
- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.
- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.
- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Neil Lalonde
dc1e7bb645
UX: when admin is deleted, make it clear in staff action logs when records belong to a deleted user and show their username in the details
2018-10-02 13:46:54 -04:00
Kyle Zhao
e402394375
FEATURE: auto grant an available title when removing old title
...
* FEATURE: auto grant an available title when removing old title
2018-09-21 12:06:08 +10:00
Vinoth Kannan
9281b72308
FEATURE: Log entity export in staff logs
2018-09-19 03:16:45 +05:30
Régis Hanol
4481836de2
FEATURE: new 'search_ignore_accents' site setting
2018-09-17 10:42:30 +02:00
Régis Hanol
30619c244c
FIX: don't index urls to local files
2018-09-13 18:53:53 +02:00
David Taylor
84fc7abb73
FIX: Allow `rake destroy:topics` to delete topics in sub-categories
2018-09-10 12:52:14 +01:00
Sam
9b7cab589a
FIX: revert diacritic stripping
...
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
James Kiesel
a4001c1ea0
FEATURE: Pop revise modal on post edited notification ( #6287 )
...
* Add revision number to notification url
* Pop modal on route change
* Add semicolon
* Ensure modal pops even when navigating within a topic
* Ensure modal pops when visiting from other page
* Fix eslint errors
* Fix prettier errors
* Add callback for notification item click
* Remove stray revisionUrl function
* Rename to afterRouteComplete
2018-08-24 09:13:07 -04:00
Sam
ac11f8df52
correct regression searching with diacritics
2018-08-24 10:00:51 +10:00
Régis Hanol
c26de01399
Use NFKD normalization instead of NFD
2018-08-24 00:52:53 +02:00
Régis Hanol
bc7b530b0a
FIX: remove diacritics instead of transliterating
2018-08-24 00:38:44 +02:00
Régis Hanol
f4ae53d52b
Return immediately when there's no html to scrub
2018-08-23 18:00:07 +02:00
Régis Hanol
2fcf2b899e
FIX: remove diacritics when tokenizing html for search
2018-08-23 17:13:52 +02:00
Gerhard Schlager
5ed582551a
FIX: SpamRulesEnforcer should use default locale
2018-08-20 15:08:12 +02:00
Bianca Nenciu
975a72ab7a
FEATURE: Make links indexable. ( #6285 )
2018-08-20 10:39:19 +10:00
Osama Sayegh
865cb3feb9
FIX: allow selecting site's default theme from preference
2018-08-10 14:12:02 +03:00
Guo Xiang Tan
919e8db686
FIX: Check for group name availability should skip reserved usernames.
2018-08-01 11:09:33 +08:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Maja Komel
368d4e8eae
FIX: notify staff about whispers in watched categories ( #6128 )
2018-07-21 11:20:21 +02:00
OsamaSayegh
decf1f27cf
FEATURE: Groundwork for user-selectable theme components
...
* Phase 0 for user-selectable theme components
- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Sam
cb824a6b33
DEV: remove all calls to SqlBuilder use DB.build instead
...
This is part of the migration to mini_sql, SqlBuilder.new is being
deprecated and replaced with DB.build
2018-06-20 17:53:49 +10:00
Sam
5f64fd0a21
DEV: remove exec_sql and replace with mini_sql
...
Introduce new patterns for direct sql that are safe and fast.
MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API
- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder
See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Arpit Jalan
f1d1207725
FIX: improve context when user deletes self
2018-06-18 11:36:22 +05:30
Gerhard Schlager
150ae21489
FEATURE: Log user merge in staff logs
2018-06-11 18:43:56 +02:00
Gerhard Schlager
a26889ada2
FIX: Don't delete profile views during user anonymization
...
There's no need for that and it can take a lot of time.
2018-06-08 15:50:07 +02:00
Gerhard Schlager
4ba910ac54
Update username only after successful user anonymization
2018-06-08 15:50:07 +02:00
Gerhard Schlager
2564a8285d
REFACTOR: Run some parts of user anonymizing in background job
2018-06-08 15:50:07 +02:00
Gerhard Schlager
cf038cf72a
FEATURE: Remove more PII during user anonymizing
...
Removes
* invite if the user was invited
* email tokens
* incoming emails
* email log entries
* raw emails from posts
2018-06-08 15:50:07 +02:00
Guo Xiang Tan
ad5082d969
Make rubocop happy again.
2018-06-07 13:28:18 +08:00
Sam
89ad2b5900
DEV: Rails 5.2 upgrade and global gem upgrade
...
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated
Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Arpit Jalan
36f9af4fa4
minor optimizations for post rejected logs
2018-06-02 09:44:55 +05:30
Arpit Jalan
89eca87f16
FEATURE: add staff action log for post rejections
2018-06-01 21:48:27 +05:30
Gerhard Schlager
b970b072f6
FIX: User merge should not fail when primary email address is missing
...
The merge process might move all email addresses of the source user to the target user. Destroying the source user failed in that case.
2018-06-01 16:23:21 +02:00
Régis Hanol
f988fa31aa
FIX: ensure 'notifications_state' is up to date after creating a notification
2018-05-26 02:09:48 +02:00
Guo Xiang Tan
9d307a9977
FIX: Destroy notifications and sync notifications count in transaction.
...
* Seeing errors where the user is destroyed right when the call to
reload is made.
2018-05-25 12:01:36 +08:00
Guo Xiang Tan
755b511b5c
PERF: Destroy collapsed notifications in 1 query instead of 3.
2018-05-25 12:01:36 +08:00
Régis Hanol
bb8f0087f4
Add a warning when PostAlerter isn't running in sidekiq
2018-05-24 17:52:59 +02:00
Régis Hanol
71f66cd679
FIX: ensure PostAlerter is always run in sidekiq
2018-05-24 17:27:43 +02:00
Guo Xiang Tan
2aad91d4a2
PERF: Don't bloat the Sidekiq queue with `Jobs::SendPushNotification`.
2018-05-24 10:04:09 +08:00
Guo Xiang Tan
be49da9105
FIX: Don't silently fail if notification fails to create.
2018-05-24 10:04:09 +08:00
Guo Xiang Tan
ad9e0d6bea
Merge pull request #5848 from OsamaSayegh/fix-social-login-groups
...
FIX: apply automatic group rules when using social login providers
2018-05-23 08:17:42 +08:00
OsamaSayegh
f6d412465b
FIX: apply automatic group rules when using social login providers
2018-05-23 02:26:07 +03:00
Sam
45f65859c9
improve erraticly failing spec
2018-05-23 08:39:15 +10:00
Régis Hanol
53f8f6095d
FEATURE: staff action logs when creating/updating/deleting badges
2018-05-17 18:09:27 +02:00
Guo Xiang Tan
147ea37115
FIX: Missing notification for watching first post users when topic is recategorized.
...
https://meta.discourse.org/t/not-receiving-notifications-for-announcements/87275/2?u=tgxworld
2018-05-17 16:15:29 +08:00
Régis Hanol
b284464a91
FIX: PostOwnerChange should update 'topic.last_poser'
2018-05-16 19:48:04 +02:00
Gerhard Schlager
3464b05e41
FIX: Allow editing post that belongs to deleted topic
2018-05-15 20:50:31 +02:00
Gerhard Schlager
2e1b5bc8d3
FIX: Transaction in UserAnonymizer prevented avatar from updating
2018-05-15 20:47:58 +02:00
Régis Hanol
93ed8d2522
PERF: defer user notifications ( #5827 )
2018-05-15 09:51:32 +02:00
Gerhard Schlager
49392fb105
FIX: Anonymizing user didn't replace uploaded avatar in posts
2018-05-14 13:20:29 +02:00
Guo Xiang Tan
2eb2f273a8
Refactor of `PushSubscriptionPusher`.
2018-05-09 08:14:14 +08:00
Jeff Wong
7f1f697e97
FIX: de-duplicate push subscriptions - ensure unique user/key
2018-05-08 15:20:39 -07:00
Gerhard Schlager
2e67998319
Improvements for user renaming ( #5810 )
...
* FEATURE: Update avatars in posts and revisions when user gets renamed
* FIX: Replace username in deleted posts when user gets renamed
* FEATURE: Replace username in notifications when user gets renamed
FEATURE: Update mentions and quotes when user gets merged
2018-05-08 10:02:43 -04:00
Guo Xiang Tan
fc4fde453d
PERF: Remove N+1 query.
2018-05-07 18:21:48 +08:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android ( #5792 )
...
* Feature: Push notifications for Android
Notification config for desktop and mobile are merged.
Desktop notifications stay as they are for desktop views.
If mobile mode, push notifications are enabled.
Added push notification subscriptions in their own table, rather than through
custom fields.
Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Robin Ward
05dddcb2fd
Add an event that is triggered when a user is anonymized
2018-05-02 12:25:29 -04:00
Gerhard Schlager
3be3c50c7e
FEATURE: Rename user in mentions and quotes
...
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2018-05-01 13:49:14 -04:00
Robin Ward
e21a4ce1dd
FEATURE: Support anonymizing a user's IP addresses
2018-04-30 14:09:03 -04:00
Neil Lalonde
f7c4c71409
FIX: title selector needs to flag whether title comes from badge or not
2018-04-26 16:51:11 -04:00
Neil Lalonde
bd77795d7a
REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges
2018-04-26 13:25:24 -04:00
Sam
6676bbd38b
FEATURE: index YouTube titles in search
...
Previously we omitted the titles for videos that YouTube provided
2018-04-26 15:46:52 +10:00
Gerhard Schlager
ec29869350
FIX: Merging users failed when PM was sent to source and target user
2018-04-24 11:08:29 -04:00
Arpit Jalan
0a442977b3
FEATURE: add staff action log for post approvals
2018-04-23 11:28:44 +05:30
Maja Komel
3d99726981
FIX: set notification level when changing post owner ( #5616 )
...
FIX: do not notify last post editor if they mention themself
2018-04-16 11:48:06 +02:00
Gerhard Schlager
f042a9529b
FIX: users shouldn't get notifications about mentions from system users
...
(unless the mentioned users are participants in a PM with the system user)
2018-04-12 16:19:44 +02:00
Gerhard Schlager
62aacce8f4
FEATURE: Notify flaggers when flagged post is edited by author
2018-04-09 16:45:33 +02:00
Guo Xiang Tan
e4a9242ada
FIX: Can't upload backup.
...
* Regression introduced in 142571bba0
2018-04-06 10:14:17 +08:00
Guo Xiang Tan
142571bba0
Remove use of `rescue nil`.
...
* `rescue nil` is a really bad pattern to use in our code base.
We should rescue errors that we expect the code to throw and
not rescue everything because we're unsure of what errors the
code would throw. This would reduce the amount of pain we face
when debugging why something isn't working as expexted. I've
been bitten countless of times by errors being swallowed as a
result during debugging sessions.
2018-04-02 13:52:51 +08:00
Blake Erickson
31ce955487
Add destroy rake task
...
Adds several rake tasks to delete users, topics, pm's and site stats so
that you can have a fresh site but maintain site settings and category
structure.
2018-03-30 18:32:21 -06:00
Robin Ward
e4298a91b8
Pass `silenced_by` through to DiscourseEvent
2018-03-29 16:44:18 -04:00
Neil Lalonde
73c1d3e7fe
FIX: tag notification preferences were being cleared when other preferences were changed
2018-03-29 15:08:32 -04:00
Blake Erickson
9fdf139235
Add tests for Site Settings import/export
...
- extracted out site settings rake task to a class
- added tests for import and export of site settings
2018-03-23 14:55:17 -06:00
Arpit Jalan
d96c1058a2
FEATURE: add staff action log for 'restore topic'
2018-03-21 18:04:13 +05:30
Robin Ward
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Robin Ward
135195363b
FIX: Not logging old post contents properly
2018-03-14 15:01:36 -04:00
Robin Ward
65ac80b014
FEATURE: Log Staff edits in Staff Action Logs
...
Why? Some edits by staff are not tracked. For example, during the grace
period, or via the flags/silence dialog.
If a staff member is editing someone else's post, it now goes into the
Staff Action Logs so it can be audited by other staff members.
2018-03-12 13:51:40 -04:00
Gerhard Schlager
dc77cce8d9
FIX: Create notifications for mentions in PMs
2018-03-09 11:04:29 +01:00
Gerhard Schlager
07649cd42d
FIX: email_domains_whitelist prevented creation of anonymous users
2018-03-06 18:14:53 +01:00
Robin Ward
0f66a99eb2
Setting to prevent logging details when anonymizing
2018-03-05 14:38:18 -05:00
Guo Xiang Tan
2f65393706
REFACTOR: Use `Topic#private_message?` to reduce duplication.
2018-03-05 15:39:22 +08:00
Régis Hanol
25d80aabce
remove 'puts'
2018-03-02 01:50:24 +01:00
Gerhard Schlager
80e85e0d8f
FIX: Sidekiq job has wrong data when post owner changes within transaction
2018-03-01 18:00:18 +01:00
Gerhard Schlager
79590e4bec
FIX: Merging users shouldn't add more than 1 secondary email
2018-03-01 17:50:13 +01:00
Gerhard Schlager
a7c50039de
FIX: Allow changing post owner even when topic validations fail
2018-03-01 17:31:58 +01:00
Gerhard Schlager
7a2183e8ab
FEATURE: rake task for merging users
2018-03-01 12:28:12 +01:00
Gerhard Schlager
fffd1a6602
FIX: Associated Instagram account was missing at some places
2018-03-01 12:26:40 +01:00
Jeff Wong
f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Sam
86d12bd44b
FEATURE: search within title using in:title
...
Also
- Significantly improved search ranking, title is treated most strongly
- Adds tag names to the index
- Run search re-indexer more aggressively
- Re-index topic and all posts on category change
2018-02-20 14:41:21 +11:00
Robin Ward
7348513848
FIX: Include post in staff action logs when silencing a user
2018-02-13 15:59:10 -05:00
Maja Komel
1c27d93dcf
anonymous shadow users are approved on creation if must_approve_users is enabled ( #5569 )
2018-02-13 01:58:38 -05:00
Arpit Jalan
7cda3a37af
rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds'
2018-02-01 13:25:29 +05:30
Arpit Jalan
1f6adbea5c
FEATURE: log private message views
2018-01-29 08:08:08 +05:30
Robin Ward
6b04967e2f
FEATURE: Staff members can lock posts
...
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Sam
060e78e884
PERF: reduce memory usage for post alerter
2018-01-22 17:11:52 +11:00
Robin Ward
a8b46df4bd
More extensibility for custom silence/suspend messages
2018-01-19 11:35:19 -05:00
Neil Lalonde
ec65ae76b9
FIX: don't create new like notifications for deleted topics
2018-01-17 14:36:32 -05:00
Sam
eaca2cb049
bypass loud logging
2018-01-16 15:41:45 +11:00
Sam
38c018a84b
FIX: invalid cache for parent category with limit_suggested_to_category
2018-01-15 16:13:29 +11:00
Sam
5bf116e719
warn if missing user option record
2018-01-12 15:43:56 +11:00
Robin Ward
dd33050e10
Add discourse events for when a user is suspended/silenced
2018-01-11 12:56:45 -05:00
Sam
57a1190b07
FIX: correct issue with search omitting words with multiple dots
...
Previously we used to break up words with dots incorrectly leading to
missing search terms
2017-12-19 16:04:24 +11:00
Régis Hanol
62a5b174e1
FIX: wasn't able to use the same username when taking over a staged account
2017-12-12 11:26:00 +01:00
Robin Ward
77f90876d3
REFACTOR: Track manual locked user levels separately from groups
2017-11-27 11:23:44 -05:00
Robin Ward
0a9daba627
FIX: Support for long suspension emails
2017-11-20 12:45:46 -05:00
Robin Ward
3785429948
FIX: Missing word boundaries when non-regexp
2017-11-17 14:37:31 -05:00
Robin Ward
d755c9c90f
FIX: Allow regular expressions to specify boundaries
2017-11-17 14:13:44 -05:00
Gerhard Schlager
d47fa6653b
do not notify staged users about posts withing mailinglist mirror category
2017-11-17 15:29:14 +01:00
Robin Ward
971e302ff2
FEATURE: Support an end date for user silencing
2017-11-14 13:20:19 -05:00
Robin Ward
1f14350220
Rename "Blocked" to "Silenced"
2017-11-10 14:10:27 -05:00
Neil Lalonde
9dc9ca4ac0
FIX: be consistent with how first posts in topics are counted. do like DirectoryItem.refresh_period :all
2017-11-10 12:18:25 -05:00
Gerhard Schlager
31e2385316
FEATURE: do not send notification emails to users who are included in the To and CC header of an incoming email
2017-11-10 17:44:20 +01:00
Neil Lalonde
16ff2a4715
FIX: topic counts after converting topic to/from public and private
2017-11-09 15:33:44 -05:00
Michael Howell
38b8d68c68
FEATURE: Allow the user to select a custom home page ( #5268 )
...
* Add user_home configuration option
* Use the new user_home preference to actually show the right home page
* Fix trailing whitespace
* Update user_option_serializer.rb
* Fix JavaScript default homepage tests
* Use an object instead of a giant switch
* Remove trailing whitespace
* Make the default `user_home` set to `null` instead of `0`
* Rename user_home to homepage_id
2017-11-10 06:45:19 +11:00
Guo Xiang Tan
19f3b81161
Revert "FIX: always trigger the ':user_updated' event"
...
This reverts commit 519b70ea46
.
https://meta.discourse.org/t/creating-a-topic-or-a-post-sends-the-user-updated-webhook/71643
2017-10-23 11:44:22 +08:00
Guo Xiang Tan
e91a631978
REFACTOR: DRY up code and add better test coverage.
2017-10-23 11:16:14 +08:00
Robin Ward
838568cbc3
Refactor flag types for more customization
2017-10-19 13:55:23 -04:00
Guo Xiang Tan
79de10b212
FEATURE: Allow users to disable new PMs.
...
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
Neil Lalonde
2db66072d7
SECURITY: signup without verified email using Google auth
2017-10-16 13:51:41 -04:00
Gerhard Schlager
c0bb97b5cb
FIX: delete staged users when the incoming email is rejected
2017-10-11 16:17:01 +02:00
Régis Hanol
3bdd8f57c1
FIX: invited staged users would sometimes not get notified of replies
2017-10-06 16:37:28 +02:00
Neil Lalonde
e47f5cedd2
FEATURE: forgot_password_strict setting also prevents reporting that an email address is taken during signup
2017-10-03 15:28:30 -04:00
Robin Ward
41c3941c4c
FEATURE: Support regular expressions for watched words
2017-09-27 15:48:57 -04:00
Robin Ward
7578d8fc44
Add a `DiscourseEvent` for when a topic is closed
2017-09-27 14:00:53 -04:00
Robin Ward
09ed2ed749
Add Suspend User to flags page
2017-09-25 12:28:00 -04:00
Guo Xiang Tan
4e5e7dc736
FIX: Fix ActiveRecord API that was removed in Rails 5.1.
2017-09-25 16:16:37 +08:00
Guo Xiang Tan
23b787e0a6
Require dependency otherwise it causes Sidekiq to lock up in development.
2017-09-25 13:48:59 +08:00
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Gerhard Schlager
87b4246c14
FIX: notify about whispered reply
2017-09-19 15:51:10 +02:00
Robin Ward
9b3b39d8a2
FIX: Users should be able to activate their emails even if unapproved
...
Note in discourse `active` means "Email is active" - they still can't
login until approved
2017-09-12 15:04:39 -04:00
Guo Xiang Tan
b7ac33464f
Reduce number of Redis calls.
2017-09-08 20:12:53 +08:00
Sam
50203794e6
FIX: staged users should get emails on must_approve_users sites
2017-08-28 17:32:07 -04:00
Neil Lalonde
2c56f8df7c
FEATURE: show tags in search results
2017-08-25 11:52:59 -04:00
Guo Xiang Tan
bc3e43b496
FIX: Topic timers being incorrectly `trashed!`.
...
https://meta.discourse.org/t/temporary-timed-closure-of-topic-not-re-opening-topic/67877
2017-08-22 15:23:09 +09:00
Bianca Nenciu
ac8bc04ad7
Set user title from the badge view ( #5049 )
...
* title info under notification
* create badge-title as component
* display available titles, close button
* remove visual feedback when grant new badge
* Made changes after review.
* Some minor fixes.
2017-08-17 16:32:37 -04:00
Erick Guan
6e59149a77
FIX: rebuild index when engine replaced ( #5021 )
2017-08-16 07:38:34 -04:00
Sam
6002f2ca4a
FIX: not splitting words correctly for search tokenizer
2017-08-14 16:19:39 -04:00
Bianca Nenciu
117417848e
Remove like on change of ownership. ( #5038 )
2017-08-11 09:55:00 +02:00
Régis Hanol
519b70ea46
FIX: always trigger the ':user_updated' event
...
We don't always use the UserUpdated class to update a user's record
2017-08-04 18:12:10 +02:00
Erick Guan
f1eccd113c
Replace rmmseg gem for cppjieba_rb since better dictionary ( #5006 )
...
* Rename locale to ts config in search module to make it clear
* Replace rmmese-cpp for cppjieba_rb
2017-07-31 15:28:48 -04:00
Guo Xiang Tan
4620dfe92d
FEATURE: Add group settngs to allow users to leave a group freely.
...
https://meta.discourse.org/t/split-join-leave-freely-setting-on-groups/65565
2017-07-28 15:00:25 +09:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Neil Lalonde
24cb950432
FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block
2017-07-26 11:01:09 -04:00
Régis Hanol
d67fe4c674
FIX: block all emails associated to a user when destroying their record
2017-07-25 17:44:46 +02:00
Leo McArdle
ddc0134b48
add DiscourseEvent triggers necessary to update a user's permissions before they're notified
2017-07-21 11:03:54 -04:00
Guo Xiang Tan
7ed9fbb415
FIX: Use default parameter in method.
2017-06-26 11:14:13 +09:00
Régis Hanol
a916f6b0c8
remove some warnings with already declared constants
2017-06-22 12:55:58 +02:00
Guo Xiang Tan
e888369f51
UX: Don't send emails for discobot notifications.
2017-06-12 17:00:27 +09:00
Sam
a7e65d98a9
FIX: mutex to avoid race condition with double notify
2017-05-26 17:04:40 -04:00
Guo Xiang Tan
238a156300
FIX: `TopicTimestampChanger` should not allow timestamps in the future.
2017-05-22 16:03:49 +08:00
Guo Xiang Tan
4382a0bb07
Rename `PostTimestampChanger` -> `TopicTimestampChanger`.
2017-05-22 15:01:33 +08:00
Neil Lalonde
7821400141
FEATURE: staff can set a timer to remind them about a topic
2017-05-16 14:49:50 -04:00
Sam
e1dd543a93
FEATURE: allow users to select theme on single device
2017-05-15 12:48:16 -04:00
Sam
2d96a0785d
FEATURE: theme selection is now global per-user
2017-05-12 12:41:34 -04:00
Neil Lalonde
55b61e9bea
rename topic_status_update to topic_timer
2017-05-11 18:27:53 -04:00
Robin Ward
f05f1a24d3
Change Anniversary badge to be multiple grant, once per year
2017-04-28 14:22:54 -04:00
Sam
a3e8c3cd7b
FEATURE: Native theme support
...
This feature introduces the concept of themes. Themes are an evolution
of site customizations.
Themes introduce two very big conceptual changes:
- A theme may include other "child themes", children can include grand
children and so on.
- A theme may specify a color scheme
The change does away with the idea of "enabled" color schemes.
It also adds a bunch of big niceties like
- You can source a theme from a git repo
- History for themes is much improved
- You can only have a single enabled theme. Themes can be selected by
users, if you opt for it.
On a technical level this change comes with a whole bunch of goodies
- All CSS is now compiled using a custom pipeline that uses libsass
see /lib/stylesheet
- There is a single pipeline for css compilation (in the past we used
one for customizations and another one for the rest of the app
- The stylesheet pipeline is now divorced of sprockets, there is no
reliance on sprockets for CSS bundling
- CSS is generated with source maps everywhere (including themes) this
makes debugging much easier
- Our "live reloader" is smarter and avoid a flash of unstyled content
we run a file watcher in "puma" in dev so you no longer need to run
rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Robin Ward
40cee37bcc
FIX: Don't insert topic status messages unless the status changes
2017-04-07 17:10:43 -04:00
Guo Xiang Tan
5943543ec3
FIX: Improve checks for non-human users.
2017-04-06 11:29:34 +08:00
Sam Saffron
cd39049262
SECURITY: do not send push notifications to suspended users
2017-04-05 08:28:24 -04:00
Guo Xiang Tan
aca972c08b
FIX: Skip validations when updating group mentions.
2017-04-04 14:13:18 +08:00
Guo Xiang Tan
f4758a4c4d
FEATURE: Allow admins to schedule a topic to be published in the future.
2017-04-04 11:16:05 +08:00
Guo Xiang Tan
34b7bee568
FEATURE: Allow admin to auto reopen at topic.
...
* This commit also introduces a `TopicStatusUpdate`
model to support other forms of deferred topic
status update in the future.
2017-03-31 11:14:18 +08:00
Neil Lalonde
9ae8813a53
FIX: admin user page should show count of all posts, including private messages, so admins can delete them. This bug was making it impossible to delete users.
2017-03-17 17:01:45 -04:00
Guo Xiang Tan
bf78c228f4
FIX: User created web hook being enqueued before record has been saved.
...
* Improve web hook tests as well.
2017-03-16 14:44:09 +08:00
Sam
16593ae8bf
FEATURE: log reason staff auto blocks a user
2017-03-10 15:45:48 -05:00
Arpit Jalan
d5bcc70e9c
FIX: grant trust level when bulk adding users to group
2017-03-06 14:39:53 +05:30
Neil Lalonde
262016604d
FEATURE: each category can control how many topics to show on categories page
2017-03-01 15:12:57 -05:00
Arpit Jalan
e27b1b98d1
FIX: handle new user when logging name change
2017-03-01 13:43:57 +05:30
Guo Xiang Tan
76dd6933d2
Revert "Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."""
...
This reverts commit e6d75f6844
.
This is why we should not be pushing directly to master.
2017-03-01 10:16:59 +08:00
Guo Xiang Tan
e6d75f6844
Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email.""
...
This reverts commit 0e3def7d2b
.
2017-02-28 11:27:14 +08:00
Arpit Jalan
6661cebff8
FIX: do not log duplicate username changes
2017-02-28 01:32:00 +05:30
Arpit Jalan
b32d3d66e5
FEATURE: log all username and name changes
2017-02-28 00:23:27 +05:30
Robin Ward
0e3def7d2b
Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."
...
This reverts commit 1060239e2d
.
2017-02-27 13:19:26 -05:00
Guo Xiang Tan
1060239e2d
SECURITY: Ensure oAuth authenticated email is the same as created user's email.
2017-02-24 13:13:10 +08:00
Guo Xiang Tan
0847b4258a
Revert "SECURITY: Ensure that user has been authenticated."
...
This reverts commit fbe51d68a7
.
Changing the commit message to correctly reflect what we're actually
fixing.
2017-02-24 13:12:29 +08:00
Guo Xiang Tan
fbe51d68a7
SECURITY: Ensure that user has been authenticated.
2017-02-24 10:47:48 +08:00
Robin Ward
496682c442
Merge pull request #4662 from tgxworld/fix_localized_group_name_change
...
Fix localized group name change
2017-01-26 10:50:00 -05:00
Neil Lalonde
6b93b09404
FIX: when blocking a user results in hiding their posts, only hide posts made in the last 24 hours
2017-01-19 15:56:22 -05:00
Guo Xiang Tan
706b4f6b9f
FEATURE: Remap group mentions when group name has been changed.
2017-01-18 13:39:34 +08:00
Régis Hanol
fbf9172db8
FIX: log backups download/destroy staff action
...
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:53:31 +01:00
Guo Xiang Tan
515f50e42e
FEATURE: Log admin action when readonly mode is changed.
2017-01-12 09:41:02 +08:00
Robin Ward
6c3426d266
Let's not notify for trust levels on Staff, either
2017-01-11 11:25:04 -05:00
Neil Lalonde
98bd58df61
Don't show email of deleted users in staff action logs
2017-01-10 17:25:36 -05:00
Neil Lalonde
fc0a0a76a4
Add more info in staff action logs for blocking a user, and add logging for lock trust level, activate, and deactive user
2017-01-10 17:25:36 -05:00
Robin Ward
7341b0d03c
Don't give notifications to admins for trust level notifications
2017-01-10 12:18:48 -05:00
Guo Xiang Tan
d10fe51b72
Fix broken specs since all urls will be oneboxed.
2017-01-06 10:05:51 +08:00
Régis Hanol
cbcb9363f4
fix the build
2017-01-04 14:23:21 +01:00
Sam
c531f4ded5
remove rails-observers
...
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.
For example: if we want to upgrade to rails 5 there is no published gem
Internally the usage of observers had quite a few problem.
The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam
019f1a1d06
UserEmailObserver is now removed
...
no big surprises here was pretty straightforward
after_commit semantics sure are weird though
2016-12-22 16:46:53 +11:00
Sam
2f6a4cc6de
remove UserActionObserver, replace with after_save and service
...
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan
69330f8bc2
Add user_updated event to webhooks.
2016-12-13 11:26:26 +08:00
Guo Xiang Tan
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
Régis Hanol
6edd3c347c
FIX: automatically disable digests when enabling mailing list mode
2016-11-28 15:52:35 +01:00
Guo Xiang Tan
f824afb4d3
FEATURE: Allow date_of_field column to be updated.
2016-11-17 15:16:58 +08:00
Guo Xiang Tan
95c6e97587
Ensure we don't run `$redis.keys` in production.
2016-11-15 23:23:41 +08:00
Sam
aaf947356b
correct regression where notifications scope is not pushing to push server
2016-10-14 22:52:39 +11:00
Sam
f4f5524190
FEATURE: user API now contains scopes so permission is granular
...
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Sam
3ad8616f44
Merge pull request #4476 from xfalcox/localize-badge-notifications
...
FIX: Properly localize badge notification on batch grant
2016-10-12 15:16:35 +11:00
Rafael dos Santos Silva
c5b94878ac
We need this variable later
2016-10-11 19:14:32 -03:00
Sam
89daa43754
FEATURE: remap emojis back for push notifications and desktop alerts
2016-10-11 13:03:48 +11:00
cpradio
6f1c31d777
Add notification level user preference when replying to a topic
2016-09-30 14:58:07 -04:00
Rafael dos Santos Silva
9a502c73c9
FIX: Properly localize badge notification on batch grant
2016-09-29 18:55:41 -03:00
Robin Ward
29cf47cfb2
Track steps the user has completed, nag them to finish it.
2016-09-22 09:52:19 -04:00
Robin Ward
c94e6f1b96
Add locale step
2016-09-22 09:52:19 -04:00
Neil Lalonde
06eb256d0a
FIX: blocking users should never hide all posts if they are trust level 1 or higher
2016-09-12 11:58:10 -04:00
Robin Ward
9609a47016
Ability to skip email validation via a plugin
2016-09-07 14:05:46 -04:00
Sam
4fe52c8cbe
FEATURE: backend support for pushing notifications to clients
2016-08-26 12:47:10 +10:00
Robin Ward
4061725a95
FIX: Don't ever grant badges when they're disabled
2016-08-19 15:16:37 -04:00
Arpit Jalan
a590f35982
FEATURE: allow changing post owners without creating post revision
2016-08-19 23:34:21 +05:30
Régis Hanol
e55e2aff94
FIX: FirstReplyByEmail badge wasn't granted
...
DEPRECATED: PostProcess badge trigger
2016-08-10 19:24:01 +02:00