Commit Graph

5161 Commits

Author SHA1 Message Date
Neil Lalonde 135c803f49 FIX: don't send PM if flagged post is deleted but flags were deferred or cleared 2018-07-26 15:12:31 -04:00
Neil Lalonde a74024b1c9 Version bump to v2.1.0.beta3 2018-07-26 14:16:06 -04:00
David Taylor 467c529920 FIX: Remove return statement from inside block 2018-07-26 15:52:39 +01:00
David Taylor 88241f57a3
FEATURE: allow auth plugins to have a site setting for full screen login 2018-07-26 11:11:16 +01:00
Nick Shearer def2c977ce allow auth plugins to have a site setting for if they should be full screen vs popup window 2018-07-25 19:20:11 -05:00
Régis Hanol f94aeaf6cf SECURITY: force IM decoder based on file extension - part 3 2018-07-25 23:55:06 +02:00
Régis Hanol 800c57c6ab SECURITY: force IM decoder based on file extension - part 2 2018-07-25 23:08:02 +02:00
Régis Hanol 4bf3bf6786 SECURITY: force IM decoder based on file extension 2018-07-25 22:00:04 +02:00
David Taylor 0d0d78841b
FIX: Remove `plugin.enabled?` checks at initialization time (#6166)
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
  - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
  - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.

Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.

I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
  - `post_custom_fields_whitelist`
  - `whitelist_staff_user_custom_field`
  - `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
Joffrey JAFFEUX 796639a797
FIX: makes disk_space computation more resilient (#6172) 2018-07-25 11:04:01 -04:00
David Taylor fa399ce1c5 FEATURE: Add revoke and reconnect functionality for google logins 2018-07-25 16:03:14 +01:00
Joffrey JAFFEUX 578c8e861b
FIX: refreshes disk_space on backup create/destroy (#6169) 2018-07-25 08:26:30 -04:00
David Taylor 776fd0de66 FIX: Filter open-id logins by identifier 2018-07-25 11:47:09 +01:00
Gerhard Schlager 84d14fd8a0 FIX: Don't rely on setting data type read from database 2018-07-25 11:40:59 +02:00
Neil Lalonde 417bcf7d2e add checks for staff and system user before sending flags_agreed_and_post_deleted message 2018-07-24 19:25:11 -04:00
Neil Lalonde fe39cdc90a FEATURE: when a post is deleted because a moderator agreed with flags, send a message to the post author 2018-07-24 17:17:56 -04:00
Robin Ward 7058205f70 FIX: Broken specs 2018-07-24 12:00:34 -04:00
Robin Ward 236243f38a SECURITY: Consider `0.0.0.0` a private IP 2018-07-24 11:16:27 -04:00
Joffrey JAFFEUX 7a3c541077
UX: Preview multiple color schemes in wizard (#6151)
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.

Theme preview windows are shrinked.

Imported default color schemes.

Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
2018-07-24 09:00:20 -04:00
Guo Xiang Tan fa19d3a53c
Merge pull request #6108 from discourse/transaction-sidekiq-fix
Fix notifications for topics moved between categories
2018-07-24 17:44:03 +08:00
David Taylor 20a21b1240 Move into MiniSQLMultisiteConnection, and add test for rollback 2018-07-24 09:41:55 +01:00
Guo Xiang Tan fad9c2b971 PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table. 2018-07-24 13:51:53 +08:00
Guo Xiang Tan ae8b0a517f PERF: Split skipped email logs into a seperate table. 2018-07-24 13:14:37 +08:00
Gerhard Schlager e42038eae2 Rake task called method with wrong arguments 2018-07-24 00:10:09 +02:00
David Taylor eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Guo Xiang Tan b165cfdfbe FIX: Raise a better error in `SiteSettings::TypeSupervisor`. 2018-07-19 16:41:00 +08:00
Arpit Jalan 14a0879658 FIX: allow Twitter videos to go fullscreen 2018-07-19 10:22:36 +05:30
David Taylor 2dc3a50dac FIX: Do not update `last seen` time for suspended users 2018-07-18 16:04:57 +01:00
Régis Hanol 6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Sam 379384ae1e FIX: never block /srv/status which is used for health checks
This route is also very cheap so blocking it is not required

It is still rate limited and so on elsewhere
2018-07-18 12:37:01 +10:00
Guo Xiang Tan 3874d40910 Prepare to drop `EmailLog#topic_id`. 2018-07-18 10:22:24 +08:00
Guo Xiang Tan 1d74ccaaf8 Add compatibility for ImageMagick7. 2018-07-17 15:50:58 +08:00
Arpit Jalan a7ec949e02 make RuboCop happy 2018-07-17 13:15:44 +05:30
Arpit Jalan 7c7509e1bd FEATURE: update TwitterApi for prettifying like/retweet count 2018-07-17 12:59:40 +05:30
Neil Lalonde 7b3ef4d13f FIX: use email color settings consistently in notification emails 2018-07-16 12:30:42 -04:00
Rishabh a6c589d882 FEATURE: Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups (#6045)
- Add custom S3 Endpoints and DigitalOcean Spaces support
- Add Minio support using 'force_path_style' option and fix uploads to custom endpoint
2018-07-16 14:44:55 +10:00
Jay Pfaffman 0ed2834c2d FEATURE: Add users:disable_2factor rake task
https://meta.discourse.org/t/admin-locked-out-of-2fa/92156/2?u=pfaffman
2018-07-16 09:56:55 +08:00
Arpit Jalan b1082924b9 FIX: do not validate topic deletions 2018-07-13 22:53:36 +05:30
Guo Xiang Tan 711371e8c8 FIX: Select+below will ask server for post ids on megatopics. 2018-07-13 15:10:39 +08:00
Guo Xiang Tan c722b07057 FIX: `/t/:topic_id/last` route did not return any posts. 2018-07-13 14:26:10 +08:00
Kyle Zhao 2901691e87 FEATURE: per-category approval settings (#5778)
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
David Taylor 81f9500f5c
FIX: Change megatopic threshold to 10,000 posts 2018-07-12 22:00:53 +01:00
Guo Xiang Tan 258e9e35ca PERF: Make mega topics work without a stream.
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld.
2018-07-12 12:46:12 +08:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Arpit Jalan 536cef86f4 PERF: do not carry post ids in memory when rebaking all posts 2018-07-11 14:34:33 +05:30
Maja Komel 0942e2c795 allow adding tags as a custom subject format for emails (#5846)
allow adding tags as a custom subject format for emails
2018-07-11 12:24:07 +10:00
Neil Lalonde f69b7deb80 FIX: wizard emoji images on subfolder installs 2018-07-10 11:02:22 -04:00
Guo Xiang Tan b4e1388f9b PERF: Drop support for gaps in mega topics.
Based on our current implementation, there isn't a
practical way to determine the gaps of large topics
cheaply. We tried to load the gaps in chunks but felt
that the code becomes too complicated. Note that
megatopics are quite rare in the wild.
2018-07-10 16:27:02 +08:00
Guo Xiang Tan 21f333654c REFACTOR: Reduce dependency on the post stream in `TopicView`.
This will allow us to drop the post stream from the payload for
mega-topics. On smaller topics, the extra query is fast because
of an existing index.
2018-07-10 15:53:00 +08:00
Guo Xiang Tan 4163f9e61e DEV: Better clean up for PostgreSQL failover test. 2018-07-10 09:53:25 +08:00