Commit Graph

230 Commits

Author SHA1 Message Date
Guo Xiang Tan 0bc690ed11 FIX: Staged users are still missing primary email. 2017-08-09 12:03:49 +09:00
Régis Hanol 519b70ea46 FIX: always trigger the ':user_updated' event
We don't always use the UserUpdated class to update a user's record
2017-08-04 18:12:10 +02:00
Leo McArdle 836dee1120 FIX: add additional email to tests and clean up resulting mess 2017-07-31 22:27:29 +00:00
Guo Xiang Tan 305b9b2da0 Add spec to ensure that even staged users contain a primary email. 2017-07-31 12:16:08 +09:00
Guo Xiang Tan 24e0e000b9 FIX: Always validate presence of user's primary_email. 2017-07-31 11:47:29 +09:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Sam Saffron 045a2abcec FEATURE: remove the timecop gem
We should only have one way of mocking time, misuse of timecop
was causing build stability issues
2017-07-24 12:11:10 -04:00
Leo McArdle d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Guo Xiang Tan 13f3de4bf6 Nuke all `SiteSetting.stubs` from our codebase. 2017-07-07 15:09:14 +09:00
Régis Hanol d6c63cc5b2 FIX: user's default group should only be set once
Setting a user's default groups based on their email address should only be done once, ie. when they confirm their email address.
Previously we were doing this everytime we'd save a user record 🤷
2017-06-14 19:20:18 +02:00
Guo Xiang Tan bd486100c0 Remove stubs on DiscourseEvent in tests. 2017-06-01 16:21:00 +09:00
Guo Xiang Tan 04016f0dec Support Ruby 2.4. 2017-04-15 12:29:00 +08:00
Guo Xiang Tan 57788200ec REFACTOR: Add `User.reserved_username?`. 2017-04-13 10:44:26 +08:00
Arpit Jalan 4812417192 FIX: do not add user to group based on email domain unless email is confirmed 2017-03-28 15:02:40 +05:30
Guo Xiang Tan 4d4a1a1552 Add scope for human users. 2017-03-11 14:25:09 +08:00
Bianca Nenciu 30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Régis Hanol cb99f59ec3 reset bounce score when email is successfully changed 2017-02-20 10:37:01 +01:00
Neil Lalonde 3fb50d587d FIX: invited users and new TL1 users will see their first notification highlighted 2017-02-17 10:30:29 -05:00
Robin Ward e1d358ffbf FIX: Don't clear the login hint when the system user is saved 2017-02-13 10:54:20 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Régis Hanol 84af84dc52 prevent inactive & staged users from being automatically added to a group 2017-02-06 17:49:27 +01:00
Guo Xiang Tan 63954c1b33 FIX: Same user record being saved twice causing validation to fail. 2017-01-16 16:41:03 +08:00
Guo Xiang Tan ed5fa20b0c Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
This reverts commit 9c40657ba4.

Calling this whenever a user is initialize is hurting us bad
on performance.
2017-01-16 09:44:10 +08:00
Guo Xiang Tan f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Neil Lalonde 9c40657ba4 FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level 2016-12-28 17:36:04 -05:00
Sam 2f6a4cc6de remove UserActionObserver, replace with after_save and service
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Guo Xiang Tan 13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Guo Xiang Tan 8c6d8c85db Stop showing first notification prompt once user sees the notification. 2016-11-17 09:44:00 +08:00
Guo Xiang Tan 98c1e0832c FIX: Track first notification read using Redis. 2016-11-16 16:20:38 +08:00
Guo Xiang Tan 16fdcdfc00 FIX: Add conditions on when to show first pm notification. 2016-11-16 14:17:47 +08:00
Leo McArdle 784366f1a0 FIX: display only 1 trust level badge on user card
refactoring graciously provided by @xfalcox
2016-11-14 20:53:24 +00:00
Arpit Jalan 9e69798285 FEATURE: watch first post default site setting 2016-11-10 00:09:52 +05:30
Guo Xiang Tan b18439a1e2 Fix build. 2016-11-08 17:00:44 +08:00
Guo Xiang Tan a8b7599d4a FEATURE: Add a radial ping when user's first notification has not been read. 2016-11-08 16:23:12 +08:00
cpradio 6f1c31d777 Add notification level user preference when replying to a topic 2016-09-30 14:58:07 -04:00
Erick Guan c463cf63d4 FEATURE: Webhook for user creation and approval 2016-09-19 10:12:55 +08:00
Robin Ward 9609a47016 Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
Guo Xiang Tan 90a0327fd2 FIX: Check against reserved usernames should be case insensitive. 2016-08-31 21:53:41 +08:00
Robin Ward 2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
cpradio 64bdededd3 Allow plugins that implement OAuth and OAuth2 to show up under associated accounts in the Admin area. (#4333) 2016-07-18 09:02:41 +02:00
Sam Saffron 46b34e3c62 FEATURE: remove user option for edit history public
Users can no longer opt-in for "public" edit history
if site owner disables it.

This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Guo Xiang Tan e4a82cdd85 Merge pull request #4306 from tgxworld/add_discourse_event_trigger_when_user_logs_out
FEATURE: Add event trigger when a user is logged out.
2016-07-05 19:50:46 +08:00
Régis Hanol 59680af329 disable email white/blacklisting for staged users 2016-07-04 16:05:01 +02:00
Guo Xiang Tan 22ade1f811
FEATURE: Add event trigger when a user is logged out. 2016-07-04 17:20:30 +08:00
Neil Lalonde 487c20959c FEATURE: max topics/replies per day for new users now starts counting from the first post, not signup date 2016-06-20 16:55:11 -04:00
Régis Hanol 470da6205c FIX: staged users should not watch/track/mute categories by default 2016-06-14 16:45:47 +02:00
Guo Xiang Tan cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
James Kiesel feffe23cc5 FEATURE: More granular mailing list mode (#4068)
* Rearrange frontend to account for mailing list mode

* Allow update of user preference for mailing list frequency

* Add mailing list frequency estimate

* Simplify frequency estimate; disable activity summary for mailing list mode

* Remove combined updates

* Add specs for enqueue mailing list mode job

* Write mailing list method for mailer

* Fix linting error

* Account for stale topics

* Add translations for default mailing list setting

* One query for mailing list topics

* Fix failing spec

* WIP

* Flesh out html template

* First pass at text-based mailing list summary

* Add user avatar

* Properly format posts for mailing list

* Move make_all_links_absolute into Email::Styles

* Apply first_seen_at to user

* Send mailing list email summary hourly based on first_seen_at

* Branch and test cleanup

* Use existing mailing list mode estimate

* Fix failing specs
2016-05-21 15:17:54 +02:00
Arpit Jalan 74b3807f60 FEATURE: new bootstrap mode settings for brand new Discourse community (#4193)
* FEATURE: new bootstrap mode settings for brand new Discourse community

* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
Sam a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Robin Ward 1006b1ba94 Various Plugin Enhancements and Extension Points 2016-03-11 15:53:37 -05:00
Neil Lalonde c1aea91d63 FEATURE: More digest email frequency options. Digests can be sent as often as every 30 minutes. 2016-03-02 15:43:47 -05:00
Sam f0e942f647 PERF: move 3 more option columns out of the user table 2016-02-18 16:57:22 +11:00
Sam 3829c78526 PERF: shift most user options out of the user table
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded

New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
Andy Waite 3e50313fdc Prepare for separation of RSpec helper files
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`

`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).

For more information:

https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files

In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.

This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.

At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
Sam 88f1a8f0b1 Merge pull request #3821 from mpalmer/letter-avatar-proxy
Proxy letter avatars by default
2015-11-19 20:02:16 +11:00
Régis Hanol 92ba6125c4 FEATURE: new 'automatically_unpin_topics' user preference 2015-11-17 18:21:40 +01:00
Sam Saffron 6dd4bc7d57 FEATURE: support group owner, capable of controlling group membership
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members

Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
Matt Palmer c09f345cff Proxy letter avatars by default
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service.  This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).

It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png`.
2015-11-06 14:13:44 +11:00
Arpit Jalan a439500bac FIX: do not mark post as spam if the previous flag was disagreed 2015-10-17 01:30:53 +05:30
Arpit Jalan b60bceba36 fix the build 2015-10-14 19:20:30 +05:30
Régis Hanol fe656fb04d FIX: select appropriate period when redirecting to top 2015-09-21 20:28:20 +02:00
Sam 83efde79f0 specs to account for new default letter avatar location 2015-09-15 13:25:15 +10:00
Sam 262f561a87 FEATURE: relax username rules to allow - and . and leading _
This relaxes our very strict username rules to allow for some long asked for requests

- leading _ is now allowed
- . is allowed except for trailing char and confusing extensions like .gif .json
- dash (-) is now permitted
2015-09-02 12:13:44 +10:00
Régis Hanol bef80633b1 FEATURE: global admin override of most of the user preferences 2015-08-21 20:39:21 +02:00
Neil Lalonde 782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Sam Saffron feeb509a97 SECURITY: expire all existing email tokens on password reset 2015-06-06 03:50:06 +10:00
Sam Saffron 4171eb758c SECURITY: expire all existing sessions if user changes passwords 2015-06-06 03:09:19 +10:00
Régis Hanol acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Arpit Jalan 220b9c5abe FIX: match subdomain with email domain blacklist 2015-05-13 21:02:02 +05:30
Neil Lalonde 963ebf5963 FIX: if approving a user when must_approve_users is false, don't send an email 2015-05-04 15:30:25 -04:00
Robin Ward 151b559e4c FIX: If you delete a user, delete their queued posts as well. 2015-04-24 16:04:44 -04:00
Régis Hanol a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Sam Saffron 296add56e6 correct letter avatar template 2015-04-20 13:07:12 +10:00
Sam 5aa1272f05 clean up first day user definition and object model 2015-03-26 16:48:36 +11:00
Sam 9834d11503 Staff and TL2 up are immune to newuser checks and not considered new users 2015-03-26 16:04:46 +11:00
Régis Hanol 6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Régis Hanol e74b9ee5da FIX: should not count disagreed flags 2015-02-19 18:11:07 +01:00
Robin Ward 3ce2077aa8 Migrate unsubscribe keys to the database.
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
Arpit Jalan 6c410ed093 FIX: strip whitespaces from user email 2015-01-30 01:44:24 +05:30
Arpit Jalan 58f46137d6 FIX: allow developer emails to bypass email blacklist/whitelist restriction 2015-01-30 00:10:03 +05:30
Régis Hanol 256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
Jason W. May a2b284a0a4 table & model changes for group managers with permission to edit membership 2015-01-15 11:44:42 -08:00
Luciano Sousa b3d769ff4f Update rspec syntax to v3
update rspec syntax to v3

change syntax to rspec v3

oops. fix typo

mailers classes with rspec3 syntax

helpers with rspec3 syntax

jobs with rspec3 syntax

serializers with rspec3 syntax

views with rspec3 syntax

support to rspec3 syntax

category spec with rspec3 syntax
2015-01-05 11:59:30 -03:00
Erick Guan 97b3914b70 FIX: use utc time when generate reports; set boundary 2014-12-30 22:43:03 +08:00
Régis Hanol 521226f4c9 FIX: registration fails with timeout on gravatar 2014-12-15 22:10:27 +01:00
Jeff Atwood ea269ccfb2 rename purge_inactive to purge_unactivated 2014-12-02 21:36:25 -08:00
Jason W. May bdc7947cd6 rspec expect...to deprecations 2014-10-31 10:44:26 -07:00
Régis Hanol ada750b384 fixed some more deprecations. 20 to go 2014-10-29 16:06:50 +01:00
Régis Hanol de76b512c1 fix most deprecations in the specs (still some left) 2014-09-25 17:44:48 +02:00
Sam c248d28c38 FEATURE: display associated accounts in admin user 2014-09-25 16:15:01 +10:00
riking 2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Robin Ward 3c6673aceb Purge inactive accounts that are older than 7 days 2014-08-13 14:13:41 -04:00
Robin Ward 9a1580244a FIX: Don't show profile pages for inactive users and don't show them in
search results.
2014-08-13 13:30:25 -04:00
Neil Lalonde 939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde 01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Andrew Bezzub 9ffd173873 move bio to UserProfile from User 2014-06-13 14:55:32 -04:00