ced7e9a691
FEATURE: control which web crawlers can access using a whitelist or blacklist
2018-03-22 15:41:02 -04:00
448f4afa68
copyedits on login via email link
2018-03-22 04:19:34 -07:00
096c3a0bf8
copyedits on 2 factor auth
2018-03-22 03:39:06 -07:00
337a301a57
missing file in commit
2018-03-22 02:22:25 -07:00
d7c2d2edb8
remove extraneous "click to show" copy
2018-03-22 02:19:57 -07:00
f3b402ffd5
UX: Allow users to filter members on group page.
...
* Only admins are allowed to filter users by email.
2018-03-22 14:02:41 +08:00
1cc0961566
FEATURE: Allow admin to manage group owners on group page.
2018-03-22 12:33:42 +08:00
d96c1058a2
FEATURE: add staff action log for 'restore topic'
2018-03-21 18:04:13 +05:30
6381bc6ce1
Improve description for removing a group member.
2018-03-21 18:37:13 +08:00
be866dbe6e
UX: Allow group owners to manage members from group members page.
2018-03-21 18:22:55 +08:00
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
28baf97a00
Fix duplicated translations.
2018-03-20 19:08:32 +08:00
15bcfcd182
UX: Allow users to filter by different group types on groups page.
2018-03-20 17:38:11 +08:00
4d44024c82
FIX: error when trying to block an IP address. Return a message when IP address matches an existing screened IP address, including ranges.
2018-03-19 14:34:43 -04:00
9de134caa0
Better copy for redirect_warning'
2018-03-19 16:02:07 +01:00
19a93b0e95
UX: Improve groups page on mobile.
2018-03-19 18:48:12 +08:00
41b0fbe001
UX: Indicate user's group membership on groups page.
2018-03-19 18:29:30 +08:00
05ea034490
UX: Allow groups page to be searchable.
2018-03-19 17:16:51 +08:00
f053e4cf37
Merge pull request #5682 from techAPJ/allowed-tags-page
...
FIX: show only allowed tags on PM tags page and display correct count
2018-03-17 08:29:00 +05:30
89f5c90ce0
FIX: show an error page on click tracking error
2018-03-17 00:33:11 +01:00
e9bc763440
FIX: show only allowed tags on PM tags page and display correct count
...
FIX: tags page should link to user profile we are browsing
2018-03-17 00:17:48 +05:30
fe96ef6ed2
UX: Use topic list for displaying group messages on group page.
...
https://meta.discourse.org/t/group-inbox-on-a-groups-page-mockup/71319
2018-03-16 11:56:40 +08:00
a35227918f
UX: Display group topics in a topic list.
2018-03-15 11:37:55 +08:00
f7bd05e534
FEATURE: set 'Retry-After' header for 429 responses ( #5659 )
2018-03-13 23:12:41 +08:00
7d375690c1
Merge pull request #5667 from techAPJ/pm-tags-page
...
FEATURE: replace PM tags dropdown with a dedicated tags page
2018-03-13 13:08:21 +05:30
24338fbbe8
FEATURE: replace PM tags dropdown with a dedicated tags page
2018-03-13 13:06:58 +05:30
65ac80b014
FEATURE: Log Staff edits in Staff Action Logs
...
Why? Some edits by staff are not tracked. For example, during the grace
period, or via the flags/silence dialog.
If a staff member is editing someone else's post, it now goes into the
Staff Action Logs so it can be audited by other staff members.
2018-03-12 13:51:40 -04:00
d75eb23231
Fix typos in server.en.yml ( #5668 )
...
* Fix typos in server.en.yml
* Minor typo correction
Emoji = Emojis
2018-03-12 20:21:04 +08:00
12706c4b29
FEATURE: support markdown rendering for embedded posts
2018-03-11 08:00:48 +05:30
5316b6c6bc
FIX: typo whipser → whisper
2018-03-10 16:53:24 -05:00
800760e353
also watch CSS in unicorn on dev
2018-03-09 17:47:57 +11:00
7c0e6b820e
move key so it does not interfere with other errors
2018-03-09 16:42:11 +11:00
39e679d3cb
FEATURE: allow themes to live in private git repos
...
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
a89f3160a5
Add new config to ensure backup/restore connects to PG directly.
...
* In `pg_dump` 10.3+ and 9.5.12+, in
it does a `SELECT pg_catalog.set_config('search_path', '', false)`
which changes the state of the current connection. This is known
to be problematic with Pgbouncer which reuses connections. As such,
we'll always try to connect directly to PG directly during
the backup/restore process.
2018-03-09 10:28:03 +08:00
5b6e49ae1d
FEATURE: split out max diff to 2 settings
...
We trust staff + tl2 and up to perform edits in grace period.
Allow them significantly more edit room in grace period prior to storing
a revision.
editing_grace_period_max_diff_high_trust applies to users with tl2 and up.
So
tl0 / 1 : we store an extra revision if more than 100 chars change
tl2 and up : we store an extra revision if more than 400 chars change
We may tweak these numbers as we go.
2018-03-09 11:58:50 +11:00
55fd18e195
add locale for Tags title
2018-03-08 19:12:03 +05:30
fb77a6eb49
minor copyedit
2018-03-07 14:51:26 -08:00
b5b5b68972
Add proper error message when SCSS variable name is invalid when uploading a theme file
2018-03-07 21:37:22 +01:00
0c8df32903
Update translations, except ur because of errors
2018-03-07 14:11:56 -05:00
4132c37add
increase grace period max diff to 100 chars
2018-03-07 01:45:48 -08:00
e162cd16b6
FEATURE: editing_grace_period_max_diff to force revisions in grace period
...
If a user performs a substantive edit of 20 chars or more during grace period
we will store a revision to track the change
This allows for better auditing of changes that happen during the grace period
2018-03-07 18:34:34 +11:00
2e5c18d130
Merge pull request #5652 from majakomel/add-slovenian-locale
...
Add Slovenian locale files
2018-03-06 15:59:01 -05:00
e2a441ade9
Add Slovenian translations
2018-03-06 20:51:41 +01:00
0134e41286
FEATURE: detect when client thinks user is logged on but is not
...
This cleans up an error condition where UI thinks a user is logged on
but the user is not. If this happens user will be prompted to refresh.
2018-03-06 16:49:31 +11:00
f0d5f83424
FEATURE: limit assets less that non asset paths
...
By default assets can be requested up to 200 times per 10 seconds
from the app, this includes CSS and avatars
2018-03-06 15:20:39 +11:00
95dd5e30c1
Fix minor typo in server.en.yml ( #5649 )
2018-03-05 17:27:51 -05:00
0f66a99eb2
Setting to prevent logging details when anonymizing
2018-03-05 14:38:18 -05:00
282f53f0cd
FEATURE: Theme settings (2) ( #5611 )
...
Allows theme authors to specify custom theme settings for the theme.
Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
31e3bf6d8d
FEATURE: New "Categories and Top" homepage style
...
Select this option if you want to show top topics on the homepage
instead of latest topics.
2018-03-03 14:26:57 -05:00
6a78669ca3
FIX: 'reply by email addresses' site settings should allow email addresses without a 'reply_key' when 'find related post with key' is disabled
2018-03-02 17:53:18 +01:00
d9b4b12694
UX: Display warning message about social logins disabled when 2FA is enabled.
2018-03-02 14:22:52 +08:00
75172024ca
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:27 +11:00
fb75f188ba
FEATURE: Disallow login via omniauth when user has 2FA enabled.
2018-03-01 15:47:07 +08:00
baf1c385eb
UX: when a post is blocked due to a watched word, message includes the word being blocked
2018-02-28 11:22:18 -05:00
48aea2a9fc
backup_frequency copy edit
2018-02-27 15:41:37 -05:00
4010d8d9f9
FEATURE: show "edit message" button on message footer for staff
...
Show "Edit Message" button on personal message footer for staff if PM tagging is enabled.
2018-02-27 14:22:03 +05:30
06891ce51d
FIX: Direct link to group activity page results in 400 error.
...
https://meta.discourse.org/t/following-a-direct-link-to-group-activity-results-in-400-error/81596
2018-02-27 13:43:22 +08:00
66d620f7b1
FEATURE: Trigger topic webhook when topic status is updated.
2018-02-27 11:07:37 +08:00
8c51ac448a
FIX: Missing translation.
2018-02-27 09:37:12 +08:00
3313072957
Remove censored_pattern site setting, which is replaced by watched words
2018-02-26 16:29:27 -05:00
3e1afbedc5
FIX: Missing translation for non-admin when editing a group.
...
https://meta.discourse.org/t/text-glitch-on-group-admin-page/77303
2018-02-26 10:11:18 +08:00
c234a14f0d
Make bootsnap MRI only for now
2018-02-26 10:29:25 +11:00
4791b39773
UX: Add reset password email button when confirming password before enabling 2FA.
2018-02-23 15:37:17 +08:00
66062ed6d9
Add missing default choice for `SiteSetting.google_oauth2_prompt`.
2018-02-23 11:23:08 +08:00
3637f0d3bb
Update copy to reflect that 2FA key should be kept a secret.
2018-02-23 10:40:25 +08:00
e137b7f836
UX: Improve indication of 2FA status in user's preferences.
2018-02-23 10:36:48 +08:00
2e2da3a6e2
Update copy for 2FA.
2018-02-23 10:36:48 +08:00
9b704b21b5
Don't include `client` when false
2018-02-22 21:22:09 -05:00
69af881f7f
New site setting `trusted_users_can_edit_others`
...
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
24d0a7a4c7
Take 2 on f74d6bb605.
...
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
dd26bbe868
Merge pull request #5610 from discourse/pm-tags
...
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
1c790ae6bc
Revert "Add prompt and HD settings to the Google OAuth2 plugin."
...
This reverts commit f74d6bb605
2018-02-22 19:17:02 +01:00
9d0807224b
Don't enqueue topic webhook unless a post has a topic
2018-02-22 14:34:59 +08:00
ef1b82a226
Add missing site setting description.
2018-02-22 13:52:36 +08:00
f74d6bb605
Add prompt and HD settings to the Google OAuth2 plugin.
2018-02-22 12:29:19 +08:00
84867c1c07
Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm
2018-02-22 06:48:34 +05:30
1b04d881c5
UX: Display lock icon in admin user lists when user has 2FA enabled.
2018-02-22 09:00:09 +08:00
6f5acfe783
Login with email/forget password UI refactoring
...
* move button into login modal with social buttons
* adds email link next to login field when filling it
* adds proper validation messages
* improves forgot password flash clearing
* more tests
2018-02-22 08:06:15 +08:00
720e1965e3
FEATURE: add category suppress from latest
...
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.
New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
3ec8b38796
A few more 'private message' strings to update
...
Follow up from a08832bd08
2018-02-21 15:28:26 -05:00
2b509eaa91
Merge branch 'master' into pm-tags
2018-02-21 23:55:59 +05:30
23f7c3607c
Update Twitter login site setting description text
2018-02-21 13:07:33 -05:00
84ce1acfef
FEATURE: Allow staffs to tag PMs
2018-02-21 20:11:46 +05:30
210939de68
FEATURE: Use HTML instead of text for incoming emails by default
2018-02-21 11:14:36 +01:00
8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login
...
Featheredtoast two factor login
2018-02-21 15:00:10 +08:00
14f3594f9f
Review Changes for f4f8a293e7.
2018-02-21 14:55:49 +08:00
ca1a3f37e3
FEATURE: add instrumentation for all external net calls
2018-02-21 15:20:29 +11:00
f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
3ea272f4f1
New setting: minimum trust level to embed images in a post
2018-02-20 20:00:06 -05:00
6c29908ba2
very minor copyedits
2018-02-20 00:44:56 -08:00
73a492f721
minor changes to discourse bench
...
Ruby master is not compatible with bootsnap atm
2018-02-20 14:41:21 +11:00
c419c26f56
FEATURE: new site setting 'max_emojis_in_title'
2018-02-19 18:15:26 +05:30
f3815cd785
FEATURE: New site setting for additional allowed filetypes for staff ( #5364 )
...
* FEATURE: New site setting for additional allowed filetypes for staff
* Problematic variable name
* feedback
* small issues
* fix indentation
* failing tests
* Remove message bus and fix minor issues
* Missed this message bus
2018-02-19 10:44:24 +01:00
5d9d0fcb4f
FEATURE: add setting which adds group name to PM email subject ( #5475 )
2018-02-19 10:20:17 +01:00
d601a6b23c
FIX: Support old Service Worker source file path to avoid routing errors.
2018-02-19 08:04:45 +08:00
790c5facc9
Mailgun typo ( #5593 )
...
mailgun = Mailgun
2018-02-16 01:35:37 -05:00
32ad98161f
Update translations
2018-02-15 16:36:03 -05:00
7af9ed6674
FEATURE: add goanna rendering engine to non crawler list
...
Goanna the fork of Gecko which is used by Pale Moon browser is not a crawler.
2018-02-16 06:30:47 +11:00
28365f8ae5
PERF: Have nginx cache and serve the service worker file.
2018-02-15 10:50:39 +08:00
38f4acd55a
FIX: rate limiter text is confusing, should not say daily
...
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
2018-02-14 15:29:50 +11:00
Neil Lalonde
Jeff Atwood
Guo Xiang Tan
Arpit Jalan
Robin Ward
Régis Hanol
Kyle Zhao
AhmadFCheema
Michael Brown
Sam
Maja Komel
OsamaSayegh
Joshua Rosenfeld
Guo Xiang Tan
Joffrey JAFFEUX
scossar
Geoffrey Challen
Vinoth Kannan
Gerhard Schlager
Jeff Wong
Leo McArdle
SidV