Vinoth Kannan
61384c8026
Skip CDN for admin locales since it is login required
2018-01-10 01:24:03 +05:30
Arpit Jalan
672888f526
FIX: handle invalid password reset token
2018-01-09 23:48:17 +05:30
Sam
c9f42506b7
If login is required skip CDN
2018-01-09 17:51:53 +11:00
Sam
6b8320fea6
PERF: use cdn for extra locales
2018-01-09 17:00:42 +11:00
Sam
ea63abf0f7
bypass mini profiler for locales
...
bypass cdn for now
2018-01-09 11:30:59 +11:00
Sam
b0a7ee1aec
FIX: source admin locale from cdn
2018-01-09 10:27:33 +11:00
Sam
8ff5f5f2ef
FIX: cache admin locale file for 24 hours
2018-01-09 10:23:49 +11:00
Joffrey JAFFEUX
642645ba9a
FIX: broken select badge as user title ( #5474 )
...
* FIX: broken select badge as user title
* selected id wasn’t pass to underlying component
* <none> was rendered as an html tag <none></none>
* overriding a badge name wouldn’t work as it was using badge.name and not badge.display_name
* adds a spec to ensure this behavior is correct
2018-01-05 16:58:15 +01:00
Arpit Jalan
ed4b845930
FIX: render error message when backup download fails
2018-01-05 19:46:43 +05:30
Sam
5ad1709dba
PERF: cache service worker for 1 hour
2017-12-28 08:31:01 +11:00
Régis Hanol
f5e170c6b5
FIX: catch all server-side error when uploading a file
...
UX: always show a message to the user whenever an error happens on the server when uploading a file
2017-12-27 16:33:25 +01:00
Sam
3937ff0425
FIX: don't preload json on static routes
2017-12-27 14:33:36 +11:00
Robin Ward
69a90f31fb
FEATURE: Allow Forums to disable the Backups feature
2017-12-21 15:22:04 -05:00
Sam
62a27f9d57
FEATURE: warn if attempting to mention a group with too many members
2017-12-21 16:13:57 +11:00
Régis Hanol
7f69362d9d
FIX: external links in whisper ended up in a white page
...
FIX: clicking a link in a onebox wasn't properly extracting the post_id
2017-12-20 17:55:15 +01:00
Philipp Daniels
6a2bce1931
FIX: Data loss on update of single user_field.
...
https://meta.discourse.org/t/api-data-loss-caused-by-changed-behaviour-of-custom-user-field-update/74990
2017-12-20 16:33:23 +08:00
Arpit Jalan
eab66065d1
FEATURE: search log term details page ( #5445 )
2017-12-20 13:41:31 +11:00
Guo Xiang Tan
97ceebb570
SECURITY: Don't pass email backup token to sidekiq as a parameter.
...
* This exposes the token in the Sidekiq dashboard which can be
viewed by an admin and defeats the purpose of using a token
in the download backup email ink.
2017-12-18 11:25:22 +08:00
Sam
433ef4513b
FEATURE: upload images and fonts in themes via hijack
2017-12-18 10:40:10 +11:00
Sam
5e90abfaea
FIX: use hijack for emoji uploads
2017-12-18 10:31:19 +11:00
Joffrey JAFFEUX
001abfc4cb
Revert "FIX: not permitted theme params when importing theme"
...
This reverts commit 813df1a3fb
.
2017-12-14 11:40:14 +01:00
Joffrey JAFFEUX
041deac67a
Revert "FIX: constant lookup error when exporting theme"
...
This reverts commit 1eda8c50f0
.
2017-12-14 11:40:08 +01:00
Joffrey JAFFEUX
813df1a3fb
FIX: not permitted theme params when importing theme
2017-12-14 11:25:58 +01:00
Joffrey JAFFEUX
1eda8c50f0
FIX: constant lookup error when exporting theme
2017-12-14 11:25:11 +01:00
Guo Xiang Tan
f2565f6c7e
SECURITY: Any group can be invited into a PM.
2017-12-14 14:57:48 +08:00
Sam
14cfce2827
Merge branch 'master' of github.com:discourse/discourse
2017-12-14 17:17:02 +11:00
Sam
96584403cd
SECURITY: prevent staged accounts from changing email
2017-12-14 17:16:49 +11:00
Guo Xiang Tan
34342ad0d8
FIX: `User#user_avatar` may be nil.
2017-12-14 13:23:03 +08:00
Régis Hanol
1b4483c942
FEATURE: Added 'select +below' and 'select +all replies' options to selecting posts
2017-12-13 22:12:06 +01:00
Sam
a393d3bcbb
FIX: ensure staged accounts are always inactive
...
If for any reason active is stored in the user model, clear it out
prior to creating an account
2017-12-13 14:22:16 +11:00
Arpit Jalan
492af81e67
FIX: save registration_ip_address for staged users logging in via social auth
2017-12-12 17:41:16 +05:30
Guo Xiang Tan
e2b64257b3
Fix undefined method for `NilClass` error.
2017-12-12 18:54:29 +08:00
Arpit Jalan
b014540fde
FIX: view was getting rendered twice for rate limiting error
2017-12-12 14:48:58 +05:30
Arpit Jalan
3c230d8f97
FIX: 'redirect_to :back' is deprecated
2017-12-11 12:18:19 +05:30
Robin Ward
74b9828731
FIX: Remove mentions filters from user and groups
...
Additionally return no data if disabled
2017-12-07 16:29:02 -05:00
Arpit Jalan
5003f07b2c
FEATURE: new site setting show_inactive_accounts
2017-12-07 19:22:41 +05:30
Joffrey JAFFEUX
f0ef307d2d
FIX: topic timer offset applied two times
...
timezone offset was calculated and sent from browser to server, it would be applied on utc time generated from '2013-11-22 5:00' format for example and then sent back to browser which would display it thinking it's UTC time using `moment(utc time)` when it's in fact an UTC time we have offseted with the initial user timezone.
This is impossible to automatically test in the current app state. Easiest reproduction is in live browser after setting your timezone to `America/New_York`, when setting a topic timer to later_today, after save, the time under the topic should be off to something roughly equal +1/-1 hour to your timezone offset.
2017-12-07 14:42:58 +01:00
Robin Ward
410994b7f5
FEATURE: Show a button to Staff for "Moderation History" on posts/topics
...
When clicked, it pops up a modal showing a history of moderation actions
taken on the post or topic.
2017-12-05 15:20:20 -05:00
Vinoth Kannan
6e054b2572
FEATURE: Convert HTML to Markdown while pasting in composer
2017-12-05 12:23:39 -05:00
Guo Xiang Tan
e73fbfe265
FIX: `Topic#featured_link_root_domain` extracts URL before parsing.
2017-12-04 10:00:07 +08:00
Arpit Jalan
496cd3b4df
Merge pull request #5385 from techAPJ/search-logs-improvements
...
FEATURE: support search click through tracking for user, category and tags
2017-12-01 12:08:38 +05:30
Arpit Jalan
e3925278e2
FEATURE: support search click through tracking for user, category and tags
...
https://meta.discourse.org/t/search-logs-page/73281/11?u=techapj
This commit adds following features:
- support for tracking click through to user, tag and category
- new filter for search type (header, full page)
This commit also removes "most viewed topic" field from search logs page because we are now tracking multiple click through entities, so topic is not a special entity anymore. This also improves query perf. The query now takes `20.5ms` to runs, as opposed to `655.9ms` previously.
2017-12-01 12:04:55 +05:30
Guo Xiang Tan
f7f743970b
Just use space to prettify SSO verbose error logging.
2017-11-30 15:10:00 +08:00
Régis Hanol
0d34caff85
UX: show error message when no gravatar is associated
2017-11-29 18:09:44 +01:00
Régis Hanol
1218ead355
UX: preloaded gravatar was appearing on the right instead of the left
2017-11-29 18:07:09 +01:00
Guo Xiang Tan
1d8b834301
Merge pull request #5369 from vinothkannans/queued
...
FIX: Error if queued post not found while updating
2017-11-28 17:51:05 +08:00
Guo Xiang Tan
7b8699f3be
FIX: Can't load `service-worker.js` in production.
2017-11-28 15:40:57 +08:00
Jeff Wong
b094894c94
Feature: Add service worker registration method to plugin API
2017-11-28 14:01:41 +08:00
Robin Ward
77f90876d3
REFACTOR: Track manual locked user levels separately from groups
2017-11-27 11:23:44 -05:00
Vinoth Kannan
31aa21b5a4
FIX: Error if queued post not found while updating
2017-11-27 19:25:51 +05:30
Sam
608207b2e5
FEATURE: avatar proxy happens in background
...
This ensures that even if it is slow to download avatars site will
continue to work
Also simplifies hijack pattern
2017-11-27 17:43:24 +11:00
Sam
d5e7691ae9
favicon proxy now uses hijack
2017-11-27 14:51:14 +11:00
Sam
eb428ef54d
FEATURE: uploads are processed a faster
...
Also cleans up API to always return 422 on upload error. (previously returned 200)
Uploads are processed using new hijack pattern
2017-11-27 12:43:35 +11:00
Sam
e0e99d4bbd
PERF: hijack onebox requests so they do not use up a unicorn worker
2017-11-24 15:31:40 +11:00
Sam
49f97d75b7
FIX: make uploads safe for block that can run later
2017-11-23 17:28:18 +11:00
Sam
d43a54e83a
FIX: use current_user.id in onebox instead of param
2017-11-23 15:32:19 +11:00
Régis Hanol
4addc5e329
Add missing contexts when destroying users
2017-11-22 15:43:54 +01:00
Sam
a92f61e926
FIX: allow login required sites access to attachements
2017-11-22 10:50:55 +11:00
Robin Ward
8d98752b57
Allow sites to bootstrap the error page.
...
This will display working dropdowns and such even if the page is a 404.
2017-11-21 16:13:09 -05:00
Robin Ward
628275fc31
FIX: Some badge routes were still working even with badges disabled
2017-11-21 12:22:44 -05:00
Régis Hanol
2d48caffdf
FIX: be more lenient when deleting a custom emoji
2017-11-20 23:50:23 +01:00
Robin Ward
0a9daba627
FIX: Support for long suspension emails
2017-11-20 12:45:46 -05:00
Gerhard Schlager
92a831bae6
FEATURE: user directory returns staged users during search
2017-11-19 01:17:31 +01:00
Gerhard Schlager
8f6d35aa59
FEATURE: category setting for mailinglist mirror
2017-11-17 15:29:14 +01:00
Robin Ward
cef64e8f03
UX: Use `no_ember` styling for omniauth error page
2017-11-15 14:04:26 -05:00
OsamaSayegh
4c4410225e
UX: cap likes 2 ( #5237 )
2017-11-15 11:28:54 +11:00
Arpit Jalan
3831663fea
FEATURE: search logs page ( #5313 )
2017-11-15 11:13:50 +11:00
Robin Ward
971e302ff2
FEATURE: Support an end date for user silencing
2017-11-14 13:20:19 -05:00
Sam
4b42a0abc9
FIX: add error for suspended users attempting to login via sso
2017-11-14 16:52:00 +11:00
Sam
47e4c9bb46
FIX: import/export theme should work with uploads
2017-11-14 16:30:23 +11:00
Sam
dfe9f70747
UX: warn that something must be selected with safe mode
2017-11-13 15:59:51 +11:00
Robin Ward
1f14350220
Rename "Blocked" to "Silenced"
2017-11-10 14:10:27 -05:00
Michael Howell
38b8d68c68
FEATURE: Allow the user to select a custom home page ( #5268 )
...
* Add user_home configuration option
* Use the new user_home preference to actually show the right home page
* Fix trailing whitespace
* Update user_option_serializer.rb
* Fix JavaScript default homepage tests
* Use an object instead of a giant switch
* Remove trailing whitespace
* Make the default `user_home` set to `null` instead of `0`
* Rename user_home to homepage_id
2017-11-10 06:45:19 +11:00
Guo Xiang Tan
ed16cba77f
REFACTOR: Raise error if email token fails to create.
2017-11-08 12:02:33 +08:00
Neil Lalonde
d7880af0bb
FIX: change password form validation should instruct admins to use min password length for admin accounts
2017-11-07 16:14:56 -05:00
Robin Ward
2f0c9793f1
FEATURE: Allow multiple html builders to be registered via plugins
2017-11-03 11:32:32 -04:00
Guo Xiang Tan
d320f4840d
FIX: Unable to invite groups that are not public visible into pms.
...
https://meta.discourse.org/t/inviting-groups-broken-in-head/73346/6
2017-11-03 21:40:33 +08:00
Sam
56412adad5
FEATURE: custom setting for large square site icon
...
This icon is used for android splash screen
2017-11-03 16:19:31 +11:00
Guo Xiang Tan
edf4af608e
FIX: Better match when searching for groups.
2017-11-02 10:20:14 +08:00
Guo Xiang Tan
ab2a5cef38
FIX: Can't edit membership request template on group page.
2017-11-02 08:51:43 +08:00
Rafael dos Santos Silva
3c8b376e4a
FIX: Coalesce properly logos for the mobile manifest
2017-11-01 02:28:09 -02:00
Rafael dos Santos Silva
32b3847d52
FIX: Update mobile logo resolution
...
This makes Discourse compliant with latest Google PWA requirements,
so we get the App Install banner back.
Should bump our Lighthouse PWA Audit score to 11/11.
2017-11-01 01:51:51 -02:00
Robin Ward
076df104dc
FEATURE: Support filtering of groups page by category if in url
2017-10-31 17:50:06 -04:00
Sam
1bd9e64a36
FIX: offline controller regression
2017-10-31 15:44:50 +11:00
Penar Musaraj
bd1616d3d9
Add offline route and service worker to fix Android app install banner ( #5217 )
...
* set up static offline.html route and service worker for Android Web App Banner
* add viewport meta tag to offline view for android app banner
* add i18n support for offline.html pages, cleanup
* fix html syntax, add page title, remove license for service-worker.js
2017-10-31 10:46:48 +11:00
Sam
fab3e25101
FIX: badge selector showing up for anon
2017-10-30 16:21:31 +11:00
Arpit Jalan
33f0d80ed5
UX: better title on search page
2017-10-27 09:13:04 +05:30
Guo Xiang Tan
f1615c2148
Merge pull request #5263 from tgxworld/improve_pattern
...
REFACTOR: Always validate email by default.
2017-10-26 14:34:09 +08:00
Rafael dos Santos Silva
5d5268a82b
Feature: Group handling
2017-10-25 22:49:17 -02:00
Guo Xiang Tan
defea6245c
REFACTOR: Always validate email by default.
2017-10-25 13:48:34 +08:00
Robin Ward
23dce88f5f
FIX: Removed a line by accident, broke tests
2017-10-23 14:49:14 -04:00
Robin Ward
89a1b34480
FIX: Show the deleted icon if the quote expands a deleted topic
2017-10-23 13:41:41 -04:00
Arpit Jalan
804b4f32f8
better error message when API authentication fails
2017-10-20 20:05:34 +05:30
Guo Xiang Tan
989280a222
FIX: Don't rotate session in reaodnly mode.
2017-10-20 17:15:28 +08:00
Guo Xiang Tan
25c25ae423
FEATURE: Allow user to leave a PM.
2017-10-19 12:32:55 +08:00
Arpit Jalan
f50d447881
FIX: render secure category topics in RSS if the user can view the topics
2017-10-18 14:23:30 +05:30
Neil Lalonde
2db66072d7
SECURITY: signup without verified email using Google auth
2017-10-16 13:51:41 -04:00
Arpit Jalan
a2183c3f1d
SECURITY: verify that inviter can invite new user to a topic
2017-10-09 15:59:41 +05:30
Guo Xiang Tan
a6f2533d38
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 09:04:46 +08:00
Guo Xiang Tan
6fe604b93e
Revert "SECURITY: Fix XSS on unsubscribed page."
...
This reverts commit 190558db9d
.
2017-10-09 09:03:07 +08:00
Guo Xiang Tan
190558db9d
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 08:59:03 +08:00
Guo Xiang Tan
3efde2618d
UX: Do not display non-human users on group page.
...
https://meta.discourse.org/t/members-of-groups-staff/71437
2017-10-06 10:35:40 +08:00
Régis Hanol
4771b0a99f
FIX: user fields in invite signups were broken
2017-10-04 23:04:24 +02:00
Neil Lalonde
1faae3c765
rename forgot_password_strict to hide_email_address_taken
2017-10-03 15:28:31 -04:00
Neil Lalonde
e47f5cedd2
FEATURE: forgot_password_strict setting also prevents reporting that an email address is taken during signup
2017-10-03 15:28:30 -04:00
Régis Hanol
daf1dda700
FIX: username autocomplete in assign modal wasn't working
2017-10-03 12:49:45 +02:00
Guo Xiang Tan
a966f2134c
Merge pull request #5215 from gschlager/email_templates
...
Add specs for EmailTemplatesController
2017-10-03 14:30:19 +08:00
Arpit Jalan
469c6776c6
FIX: exporting admin dashboard reports were broken
...
http://eileencodes.com/posts/actioncontroller-parameters-now-returns-an-object-instead-of-a-hash/
2017-10-02 19:30:23 +05:30
Gerhard Schlager
5bb326a452
Add specs for EmailTemplatesController
2017-10-02 14:53:27 +02:00
Guo Xiang Tan
8140e54675
FIX: More fixes for `Group#mentionable` and `Group#messageable` feature.
2017-10-02 17:45:58 +08:00
Guo Xiang Tan
4e07bbfbbf
FIX: Only allow intergers for page params.
2017-10-02 10:45:54 +08:00
Eleanor Demis
ac04f5e0cc
update response error when deleting tags ( #5213 )
2017-09-30 16:31:32 +02:00
Régis Hanol
f6c484881b
FIX: wasn't able to save watched/tracked/muted categories/tags
2017-09-29 13:09:48 +02:00
Guo Xiang Tan
6baea9948b
Revert "fix the build"
...
This reverts commit 8b74c7d325
.
2017-09-29 08:57:06 +08:00
Régis Hanol
8b74c7d325
fix the build
2017-09-28 15:50:01 +02:00
Régis Hanol
cd6dff58dd
FIX: add user option/profile fields that were not permitted
2017-09-28 14:59:53 +02:00
Guo Xiang Tan
5d53eefcab
Fix broken test.
2017-09-28 16:09:58 +08:00
Guo Xiang Tan
5f1c29e424
FIX: Display json response when `Discourse::InvalidAccess` is raised for
...
non json requests.
2017-09-28 15:31:16 +08:00
Guo Xiang Tan
373fd8990e
PERF: N+1 when generating not found page.
2017-09-28 15:31:16 +08:00
Guo Xiang Tan
4319d8a142
FIX: Missing template error when rendering `topics#show` error message.
2017-09-28 11:06:44 +08:00
Régis Hanol
6a7920ad75
FIX: wasn't able to change default theme
2017-09-27 20:05:31 +02:00
Gerhard Schlager
1a37812625
FIX: show error message when keys are missing in email template
...
FIX: log email template changes in the Staff Log
2017-09-27 13:50:04 +02:00
Guo Xiang Tan
2568312475
FIX: Use exact patht to ensure we always redirect with the right format.
2017-09-27 11:55:06 +08:00
Régis Hanol
af01e62b14
FIX: wasn't allowed to set a user's title anymore
2017-09-26 20:13:24 +02:00
Régis Hanol
28c54b42c5
FIX: wasn't able to update user options anymore
2017-09-26 20:00:10 +02:00
Robin Ward
460ed3c8cf
Revert "Allow `NotFound` to specify an optional `Location` for the resource"
...
This reverts commit 4ae66c9e01
.
2017-09-26 12:58:24 -04:00
Robin Ward
4ae66c9e01
Allow `NotFound` to specify an optional `Location` for the resource
2017-09-26 09:10:18 -04:00
Guo Xiang Tan
6f5051861c
Remove unused option.
2017-09-26 14:47:38 +08:00
Guo Xiang Tan
5d37f8673b
PERF: Only send down suggested payload when loading last chunk.
2017-09-26 14:42:27 +08:00
Robin Ward
d1ebc62065
The ability to display errors on flagging actions.
2017-09-25 12:28:01 -04:00
Robin Ward
09ed2ed749
Add Suspend User to flags page
2017-09-25 12:28:00 -04:00
Robin Ward
6bce3004d9
UX: Nicer selection of suspend duration
2017-09-25 12:28:00 -04:00
Robin Ward
677b016387
Send a suspension message via email to a user
2017-09-25 12:26:41 -04:00
Robin Ward
2a56cf8bb6
Tests + Refactoring for Suspension Modal
2017-09-25 12:26:06 -04:00
Robin Ward
d7c37d9369
Add front end service for staff controls
2017-09-25 12:25:14 -04:00
Robin Ward
5cf50f0034
Adjust flagged posts to use the store
2017-09-25 12:25:14 -04:00
Robin Ward
5e69217793
Add filtering support to flags
2017-09-25 12:25:14 -04:00
Robin Ward
40eba8cd93
FEATURE: View flags grouped by topic
2017-09-25 12:25:14 -04:00
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Régis Hanol
8ed318c4fe
display 'similar to' earlier when composing a post
2017-09-16 01:03:29 +02:00
Régis Hanol
797936d2c5
FIX: don't leak whisper count in user card
2017-09-14 20:08:16 +02:00
Arpit Jalan
4e49b3b140
FIX: do not create new email token if there already exists a confirmed one
2017-09-14 10:52:29 +05:30
Leo McArdle
104d97695d
FIX: don't activate un-confirmed email on omniauth authentication ( #5176 )
2017-09-12 17:36:17 +02:00
Robin Ward
171d9e5aed
SECURITY: Prevent users from updating to blacklisted email domains
2017-09-12 10:11:08 -04:00
Neil Lalonde
d7d9923b8e
FIX: display email validation error messages
2017-09-11 13:22:14 -04:00
Guo Xiang Tan
5d4221fbe1
PERF: Avoid calling expensive `PostGuardian#can_see_post?` multiple times.
...
Before
```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
50: 19
75: 19
90: 21
99: 27
topic:
50: 56
75: 62
90: 64
99: 99
timings:
load_rails: 1262
ruby-version: 2.4.1-p111
rss_kb: 198432
pss_kb: 136612
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_9877: 327892
pss_kb_9877: 263671
rss_kb_9946: 325468
pss_kb_9946: 261671
rss_kb_10153: 326456
pss_kb_10153: 262657
```
After
```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
50: 18
75: 18
90: 20
99: 28
topic:
50: 41
75: 42
90: 46
99: 49
timings:
load_rails: 1201
ruby-version: 2.4.1-p111
rss_kb: 187936
pss_kb: 123596
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_26478: 342360
pss_kb_26478: 276696
rss_kb_26547: 340368
pss_kb_26547: 275930
rss_kb_26747: 338964
pss_kb_26747: 274466
```
2017-09-08 14:07:24 +08:00
Guo Xiang Tan
4d840d10db
PERF: Reduce number of Redis hits per requests.
2017-09-07 13:34:27 +08:00
Guo Xiang Tan
8463b676df
Revert "Activate mini-profiler when in profiling env."
...
This reverts commit d61109388c
.
2017-09-06 11:26:03 +08:00
Guo Xiang Tan
d61109388c
Activate mini-profiler when in profiling env.
2017-09-06 11:19:20 +08:00
Guo Xiang Tan
5c1143cd55
Add missing test case for `PostController#timings`.
2017-09-04 16:36:02 +08:00
Sam
9f0f086b3e
FEATURE: allow API to mark accounts as approved on creation
2017-08-28 15:36:46 -04:00
Bianca Nenciu
6bc74ceb50
Split alias levels in mentionable and messageable levels. ( #5065 )
...
* Split alias levels in mentionable and messageable levels.
* Fixed some tests.
* Set messageable level to everyone by default.
* By defaults, groups are not mentionable or messageable.
* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Bianca Nenciu
bb3a5910d7
Support for sending PMs to email addresses ( #4988 )
...
* Added support for sending PMs to email addresses.
* Made changes after review.
* Added settings validator.
* Fixed tests.
2017-08-28 12:07:30 -04:00
Guo Xiang Tan
4b4169c8fd
Merge pull request #5053 from fantasticfears/session-controller
...
Spec for local auth check
2017-08-24 09:42:54 +09:00
Guo Xiang Tan
91d3929f52
Merge pull request #5078 from lelelelemon/master
...
change count>0 to exists
2017-08-24 09:24:42 +09:00
junwen yang
8124f26a6e
change count>0 to exists
2017-08-23 22:54:51 +00:00
Sam
8dfb1be4d1
FEATURE: unlisted *only* means not listed in topic lists
...
Remove security by obscurity feature that tries for exact slug match
If you need to hide a topic from users either move to a secure category
or convert to a PM
2017-08-22 17:53:54 -04:00
Sam
d7a2584c6e
FEATURE: image uploads now have short urls
...
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Sam
2f0c6c99e0
FIX: ip lookup not working
...
Also add a powered by line so it is clear this makes an external service call
2017-08-21 14:18:49 -04:00
Mudasir Raza
84c83afd35
Allow optional import_mode param for posts in api ( #4952 )
2017-08-17 07:53:04 -04:00
Erick Guan
c7a101476e
Spec for local auth check
2017-08-16 11:01:00 +02:00
Guo Xiang Tan
b77aa29e71
Merge pull request #5013 from LeoMcA/alternate-emails-phase-1.5
...
FIX: add additional email to tests and clean up resulting mess
2017-08-16 16:19:28 +09:00
Kyle Zhao
c3249f6e93
FEATURE: add full editing access to queued posts ( #5047 )
...
For pending new topics: the body of the post, title, categories
and the tags are editable.
For pending new replies: only the body is applicable and thus
editable
DISCUSSION: https://meta.discourse.org/t/66754
2017-08-15 12:44:05 -04:00
Régis Hanol
4f09a5a7a5
Add 'Post.permitted_create_params' to allow plugins to add new params when creating a post
2017-08-12 04:10:45 +02:00
Arpit Jalan
bf2c35aa99
FEATURE: add RSS feed for badge pages
2017-08-09 13:43:49 +05:30
Guo Xiang Tan
898c6ba037
Merge pull request #5033 from tgxworld/reason_when_requesting_to_join_a_group
...
FEATURE: Force user to enter reason when requesting for group members…
2017-08-09 15:54:21 +09:00
Guo Xiang Tan
a9613163b5
FEATURE: Force user to enter reason when requesting for group membership.
2017-08-09 15:45:28 +09:00
Arpit Jalan
e36a20660d
FIX: handle topics without excerpt for meta description tag
2017-08-08 22:17:05 +05:30
Régis Hanol
d182f0f2d1
Add support for preloaded custom_fields on Group
2017-08-08 15:45:27 +02:00
Robin Ward
2e4b3e9b06
Don't include all html builders on client and server side
2017-08-07 11:29:35 -04:00
Guo Xiang Tan
3f24ed2b3e
Can't revert due to incompatibility of new site setting types.
...
Revert "Revert "FEATURE: Site settings defaults per locale""
This reverts commit 439fe8ba24
.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24
Revert "FEATURE: Site settings defaults per locale"
...
This reverts commit 468a8fcd20
.
2017-08-07 10:31:50 +09:00
Régis Hanol
3c0de22bf0
FIX: wasn't able to remove a user's primary group
2017-08-04 18:13:20 +02:00
Erick Guan
468a8fcd20
FEATURE: Site settings defaults per locale
...
This change-set allows setting different defaults for different locales.
It also:
- Adds extensive testing around site setting validation
- raises deprecation error if site setting has the default property based on env
- relocated site settings for dev and tests in the initializer
- deprecated client_setting in the site setting's loading process
- ensure it raises when a enum site setting being set
- default_locale is promoted to `required` category.
- fixes incorrect default setting and validation
- fixes ensure type check for site settings
- creates a benchmark for site setting
- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Guo Xiang Tan
33e22cf598
Add back `Admin::GroupsController#index` route for now.
...
* The endpoint is being used by discourse_api.
2017-08-03 00:24:23 +09:00
Matt Palmer
67882ec37d
Hunt-and-kill a few more mis-encoded params
...
https://meta.discourse.org/t/tags-does-not-work-with-cyrillic/67217/6?u=mpalmer
2017-08-01 18:03:44 +10:00
Matt Palmer
7ee861f457
FIX: Return a UTF-8 string in tag notifications
...
https://meta.discourse.org/t/tags-does-not-work-with-cyrillic/67217
2017-08-01 16:27:52 +10:00
Neil Lalonde
fa3c240e8b
Merge pull request #4981 from dmacjam/fix_limited_search_results
...
FIX: limited search results
2017-07-31 20:23:57 -04:00
Leo McArdle
836dee1120
FIX: add additional email to tests and clean up resulting mess
2017-07-31 22:27:29 +00:00
Neil Lalonde
7c1d7fb423
Merge branch 'master' into fix_limited_search_results
2017-07-31 15:55:31 -04:00
Arpit Jalan
6c997b65d9
optimize enqueuing activation email code
2017-07-31 22:57:39 +05:30
Arpit Jalan
0b01d0e95d
FIX: staff cannot manually activate accounts after 48 hours has elapsed
...
https://meta.discourse.org/t/staff-cannot-manually-activate-invited-accounts-after-48-hours-has-elapsed/66292/14?u=techapj
2017-07-31 22:24:09 +05:30
Arpit Jalan
2e2b5e28aa
FIX: add slight delay when enqueuing activation email
2017-07-31 16:52:07 +05:30
Guo Xiang Tan
4620dfe92d
FEATURE: Add group settngs to allow users to leave a group freely.
...
https://meta.discourse.org/t/split-join-leave-freely-setting-on-groups/65565
2017-07-28 15:00:25 +09:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Robin Ward
5cfc2d8972
Run wizard specs in docker:test
2017-07-27 11:29:18 -04:00
Guo Xiang Tan
2442bba131
UX: Better group creation workflow.
...
* Owners and users can now be added to a group during creation.
https://meta.discourse.org/t/you-cannot-allow-membership-requests-without-any-owners/64760/3
2017-07-27 16:12:42 +09:00
Neil Lalonde
24cb950432
FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block
2017-07-26 11:01:09 -04:00
Guo Xiang Tan
b59dfb86f4
UX: Include group name in email when group is invited to a PM.
...
https://meta.discourse.org/t/xyz-invited-you-to-a-message-but-really-invited-a-group-im-in/65996
2017-07-26 15:51:44 +09:00
Guo Xiang Tan
e3ac6585bd
FIX: Search by topic_id should not be restricted by `SiteSetting.min_search_term_length`.
2017-07-26 09:52:39 +09:00
Guo Xiang Tan
6c0a29698b
Fix JS tests failing when running in `RAILS_ENV=test`.
...
Fixes the following error:
```
phantomjs /home/tgxworld/work/discourse/vendor/assets/javascripts/run-qunit.js http://localhost:60099/qunit
2017-07-25 16:27:41 +0900: Rack app error handling request { GET /stylesheets/desktop.css }
<Errno::ENOENT: No such file or directory @ rb_sysopen - /home/tgxworld/work/discourse/tmp/stylesheet-cache/desktop.css>
/home/tgxworld/work/discourse/app/controllers/stylesheets_controller.rb:65:in `write'
/home/tgxworld/work/discourse/app/controllers/stylesheets_controller.rb:65:in `show_resource'
/home/tgxworld/work/discourse/app/controllers/stylesheets_controller.rb:9:in `show'
```
2017-07-25 16:31:31 +09:00
Guo Xiang Tan
1b0750d7ef
Merge pull request #4983 from tgxworld/group_owners_can_invite_users_to_groups
...
Group owners can invite users to groups
2017-07-24 16:21:19 +09:00
Leo McArdle
407a23663d
FEATURE: send rejection email for unrecognized errors
2017-07-21 18:26:52 +01:00
Guo Xiang Tan
2a17f1ccd7
FIX: Group owners should be able to invite users to their groups.
...
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Robin Ward
3882722195
FEATURE: Inline (Mini) Oneboxing
...
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Jakub Macina
e5ee4ccc48
Add pagination and checking for more results to search.
2017-07-20 18:12:34 +02:00
Régis Hanol
bf6c3b7017
FIX: don't error out when an unsubscribe key isn't associated to a user anymore
2017-07-20 12:24:24 +02:00
Leo McArdle
d0b027d88d
FEATURE: phase 1 of supporting multiple email addresses
2017-07-20 11:22:27 +09:00
Robin Ward
cdb3706025
Track clicks on topics in search results
2017-07-17 15:42:32 -04:00
Robin Ward
97e211f837
FEATURE: Log Search Queries
2017-07-14 14:30:58 -04:00
Robin Ward
f1a6449e4b
SECURITY: Remove disposable invite feature
2017-07-07 20:24:39 -04:00
Sam
340a3ee5cb
correct spec to handle not null visibility_level
2017-07-03 16:03:26 -04:00
Sam
845170bd6b
FEATURE: add support for group visibility level
...
There are 4 visibility levels
- public (default)
- members only
- staff
- owners
Note, admins and group owners ALWAYS have visibility to groups
Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
Arpit Jalan
72c92b0f4e
FIX: include canonical meta tag on category pages
2017-07-03 13:25:22 +05:30
Arpit Jalan
e7b9b1312e
FEATURE: remove all invites
...
https://meta.discourse.org/t/remove-all-invitations-button-for-the-admin-panel/65207
2017-06-29 22:30:10 +05:30
Guo Xiang Tan
7b35c55a1e
FIX: Display Google search form when 404 page is rendered by Ember.
2017-06-29 14:37:24 +09:00
Régis Hanol
a9c0df0b58
FIX: always try to convert PNG to JPG when pasting an image
2017-06-23 12:13:48 +02:00
Robin Ward
ae7734707e
REFACTOR: Merge different templates from rendering user stream items
2017-06-20 15:45:41 -04:00
Guo Xiang Tan
b5ec241716
FIX: Validate interpolation keys used in translation overrides.
...
https://meta.discourse.org/t/discobot-translation-missing-error/64429/6?u=tgxworld
2017-06-16 08:54:48 +09:00
Guo Xiang Tan
b5249fb4ca
FIX: Send request membership PM to last 5 active group owner.
2017-06-15 11:37:09 +08:00
Arpit Jalan
34996b4eff
FIX: show invite validation error message in response
2017-06-13 22:41:53 +05:30
Régis Hanol
5d63a7f4a6
FIX: pull hotlinked images even when they have no extension
2017-06-13 13:27:05 +02:00
Guo Xiang Tan
a5d3abc9b6
FIX: Create group membership request on behalf of user.
2017-06-13 17:49:21 +09:00
Régis Hanol
54e8fb0d89
FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting
2017-06-12 22:41:29 +02:00
Robin Ward
2ff850d446
FIX: If forcing a refresh, don't return a onebox preview
2017-06-12 14:05:59 -04:00
Neil Lalonde
0b41046238
don't force SiteSetting.title into meta title tag
2017-06-12 13:50:50 -04:00
Arpit Jalan
b9c94aa234
FEATURE: add required user fields to invite accept form
...
UX: make "accept invitation" page consistent with sign up modal
2017-06-12 20:43:07 +05:30
Guo Xiang Tan
5994c85ea9
FIX: Raise the right error when email params is missing.
2017-06-12 17:48:32 +09:00
Arpit Jalan
6e37f09b19
UX: add email to '/email/unsubscribed' page
2017-06-10 09:51:12 +05:30
Régis Hanol
038454bde2
FIX: always confirm emails when SSO says so
2017-06-08 01:05:33 +02:00
Robin Ward
54bb2a6bc2
FIX: Don't redirect to wizard when resetting password
2017-06-07 12:36:52 -04:00
Guo Xiang Tan
2cad739262
FIX: Better error message when username change fails.
...
https://meta.discourse.org/t/500-error-on-username-edit/64064
2017-06-07 10:45:53 +09:00
Sam
b4060778d9
FIX: you should always be allowed to see actions you created
2017-06-02 14:24:06 -04:00
Guo Xiang Tan
2ee144c27f
FEATURE: Add DiscourseEvent trigger when a user logs in.
...
* Also adds a event trigger when user logs in for the first time.
2017-06-01 17:44:49 +09:00
Sam
607998af33
FEATURE: dropdown to filter staff action logs
2017-05-30 11:25:42 -04:00
Arpit Jalan
d2c2139da8
FEATURE: require name when accepting invite if 'full name required' setting is enabled
2017-05-29 21:46:43 +05:30
Robin Ward
b584264d82
FIX: Don't show "resend email" option when user approval is on
2017-05-25 15:29:05 -04:00
Sam
29fac1ac18
PERF: improve performance of unread queries
...
Figuring out what unread topics a user has is a very expensive
operation over time.
Users can easily accumulate 10s of thousands of tracking state rows
(1 for every topic they ever visit)
When figuring out what a user has that is unread we need to join
the tracking state records to the topic table. This can very quickly
lead to cases where you need to scan through the entire topic table.
This commit optimises it so we always keep track of the "first" date
a user has unread topics. Then we can easily filter out all earlier
topics from the join.
We use pg functions, instead of nested queries here to assist the
planner.
2017-05-25 15:07:30 -04:00
Robin Ward
6eb6c25816
FIX: Keep the flash when redirecting for login_required
2017-05-25 14:10:15 -04:00
Robin Ward
ca965f83c3
Revert "FIX: If login is required, redirect to the `/login` route instead of root"
...
This reverts commit 8a8dec550b
.
2017-05-25 14:04:28 -04:00
Robin Ward
8a8dec550b
FIX: If login is required, redirect to the `/login` route instead of root
2017-05-25 13:35:15 -04:00
Robin Ward
cdbe027c1c
Refactor `FileHelper` to use keyword arguments.
2017-05-24 13:54:26 -04:00
Sam
d0f84aa14e
FIX: missing to_i which breaks selector component for anon
2017-05-24 11:39:10 -04:00
Guo Xiang Tan
238a156300
FIX: `TopicTimestampChanger` should not allow timestamps in the future.
2017-05-22 16:03:49 +08:00
Guo Xiang Tan
4382a0bb07
Rename `PostTimestampChanger` -> `TopicTimestampChanger`.
2017-05-22 15:01:33 +08:00
Robin Ward
908433a7a0
SECURITY: Validate the `entity` when downloading a CSV
2017-05-19 16:00:51 -04:00
Guo Xiang Tan
8ab9f30bbd
FIX: User can't remove bookmark from a deleted post.
2017-05-19 12:25:12 +08:00
Arpit Jalan
1fd8e426f2
FIX: better uploads error page
2017-05-18 23:29:37 +05:30
Régis Hanol
13e489b4ca
replace the upload type whitelist with a sanitizer
2017-05-18 12:13:13 +02:00
Sam
2a5a01af2e
improve error on theme upload, add gif to allowed uploads
2017-05-17 16:29:09 -04:00
Neil Lalonde
a0f03936ff
FIX: saving invisible primary group field that you don't belong to
2017-05-17 12:46:50 -04:00
Sam
e1dd543a93
FEATURE: allow users to select theme on single device
2017-05-15 12:48:16 -04:00
Sam
2d96a0785d
FEATURE: theme selection is now global per-user
2017-05-12 12:41:34 -04:00
Neil Lalonde
55b61e9bea
rename topic_status_update to topic_timer
2017-05-11 18:27:53 -04:00
Pat David
18de62b015
Add get_embeddable_css_class to assist multi-site embed styling
...
If present, pass embeddable_host.class_name to view for inclusion
on the <html> element as a class for targeted styling.
2017-05-11 15:16:16 -04:00
Pat David
4bf8548dc5
Add embed class name setup for embeddable hosts
2017-05-11 15:16:16 -04:00
Régis Hanol
9641d2413d
REFACTOR: upload workflow creation into UploadCreator
...
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Sam
04b5516bf2
improve upload functionality
2017-05-10 15:47:11 -04:00
Sam
bc0b9af576
FEATURE: support uploads for themes
...
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Sam Saffron
c2829dce22
FIX: base sql vanishes after badge creation
2017-05-09 09:25:57 -04:00
Robin Ward
afe04b8bbb
FIX: Possible 500 error if category saved incorrectly
2017-05-08 15:17:58 -04:00
Arpit Jalan
e89d0a6b20
FIX: importing a theme via file was broken
2017-05-08 12:03:24 +05:30
Robin Ward
777f1f0f47
FIX: Return a 404 if the auth session is not present
2017-05-04 15:35:24 -04:00
Robin Ward
1768c45a33
FIX: If we can't proxy to a CDN due to HTTP error, render blank
2017-05-04 12:42:46 -04:00
Robin Ward
57a2042ef6
FIX: Quiet server side errors for requesting json for account-created
2017-05-04 12:30:13 -04:00
Guo Xiang Tan
3eb920e2b0
Merge pull request #4841 from fantasticfears/webhook-ping
...
add event name for ping webhooks in the header
2017-05-04 04:54:40 +08:00
Robin Ward
81190f5d66
FIX: Redirect away from `account-created` if you're logged in
2017-05-03 11:18:01 -04:00
Robin Ward
12fb20fe1b
FEATURE: Allow users to resend/update email from confirmation page
2017-05-03 11:18:01 -04:00
Robin Ward
b381372184
Use Ember.js for the `/u/account-created` path so we can add controls
2017-05-03 11:18:01 -04:00
Sam
946f25098f
Refactor theme fields so they support custom theme defined vars
...
This paves the way to allowing themes to specify uploads and so on.
2017-05-02 16:02:14 -04:00
Arpit Jalan
77a8cae094
FIX: rescue specific errors on invite failure
2017-05-02 15:13:33 +05:30
Erick Guan
9f8a917d65
add event name for ping webhooks in the header
2017-05-02 08:13:23 +02:00
Neil Lalonde
0722ffadf1
Remove site settings enforce_global_nicknames and discourse_org_access_key
2017-05-01 14:53:16 -04:00
Guo Xiang Tan
304ace926e
FIX: Raise right response when post_action does not exist.
2017-04-27 17:29:53 +08:00
Guo Xiang Tan
e4b9f72f9e
FIX: Force the right encoding when handling email.
2017-04-27 16:51:54 +08:00
Arpit Jalan
b755279cf0
remove unneeded code
2017-04-27 08:47:47 +05:30
Arpit Jalan
e3f82140d8
more readable code for filtering username/email when bulk adding to group
2017-04-27 08:43:28 +05:30
Arpit Jalan
b41d96fac1
FIX: properly initialize hashes
2017-04-27 02:56:14 +05:30
Arpit Jalan
285c167fae
FEATURE: provide more details when performing a bulk add to group
2017-04-27 01:37:51 +05:30
Guo Xiang Tan
6f7c6b0fd0
FIX: Incorrect error raised.
2017-04-25 09:59:01 +08:00
Guo Xiang Tan
423f2ab228
FIX: Processing incoming email should be done in a background job.
2017-04-24 13:57:28 +08:00
Sam
7a9eee1b71
FEATURE: default notification level for group messages
...
also fixes it so staff can amend other user's group notification level
2017-04-20 15:47:35 -04:00
Arpit Jalan
ea26c56631
FIX: redirect to login page for anonymous user when profiles are hidden
2017-04-20 13:00:45 +05:30
Robin Ward
8b8ee2ad61
Pass a context in when using a HTML builder
2017-04-18 12:35:35 -04:00
Arpit Jalan
1c23aedccf
FIX: always send password reset email when accepting invite if password is not set
2017-04-18 14:37:06 +05:30
Robin Ward
1363988cd7
Support for an HTML builder that can create dynamic HTML
2017-04-17 17:32:55 -04:00
Sam
86904e9cd6
FIX: better error handling for theme import
2017-04-17 16:55:53 -04:00
Arpit Jalan
0954367bf4
FIX: send activation email when accepting invite if password is set
2017-04-15 14:59:50 +05:30
Guo Xiang Tan
04016f0dec
Support Ruby 2.4.
2017-04-15 12:29:00 +08:00
Sam
ed2e62f845
correct environment handling for test mode
2017-04-14 14:00:46 -04:00
Sam
def7348777
FIX: display custom sections with default theme
...
also cleans up mechanism for previewing themes, cleans up naming,
gets rid of old janky "preview_style", secures local theme key
2017-04-14 13:35:12 -04:00
Arpit Jalan
ef093b1610
Merge pull request #4807 from techAPJ/email-token-social
...
FIX: confirm email token for user created via social login
2017-04-13 16:18:15 +05:30
Guo Xiang Tan
3d76fb9c2c
FIX: Don't show category options for reports that can't be scoped to a category.
2017-04-13 17:10:55 +08:00
Arpit Jalan
7fb17b83c4
FIX: confirm email token for user created via social login
2017-04-13 14:15:32 +05:30
Guo Xiang Tan
ee449b0dd5
Improve SSO verbose log when user record is invalid.
2017-04-13 11:39:26 +08:00
Guo Xiang Tan
57788200ec
REFACTOR: Add `User.reserved_username?`.
2017-04-13 10:44:26 +08:00
Sam
a3e8c3cd7b
FEATURE: Native theme support
...
This feature introduces the concept of themes. Themes are an evolution
of site customizations.
Themes introduce two very big conceptual changes:
- A theme may include other "child themes", children can include grand
children and so on.
- A theme may specify a color scheme
The change does away with the idea of "enabled" color schemes.
It also adds a bunch of big niceties like
- You can source a theme from a git repo
- History for themes is much improved
- You can only have a single enabled theme. Themes can be selected by
users, if you opt for it.
On a technical level this change comes with a whole bunch of goodies
- All CSS is now compiled using a custom pipeline that uses libsass
see /lib/stylesheet
- There is a single pipeline for css compilation (in the past we used
one for customizations and another one for the rest of the app
- The stylesheet pipeline is now divorced of sprockets, there is no
reliance on sprockets for CSS bundling
- CSS is generated with source maps everywhere (including themes) this
makes debugging much easier
- Our "live reloader" is smarter and avoid a flash of unstyled content
we run a file watcher in "puma" in dev so you no longer need to run
rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Sam Saffron
0013a23dc1
SECURITY: prefer render plain/html to render text where possible
2017-04-10 08:01:42 -04:00
Guo Xiang Tan
9663a74445
FIX: Ensure `username` param is valid in `NotificationsController`.
2017-04-07 17:32:52 +08:00
Régis Hanol
93556bb950
Merge pull request #4793 from rcgordon/smtp-fast-rejection
...
Added an API to ask if an incoming email should be dropped at the SMTP level.
2017-04-07 09:59:52 +02:00
Neil Lalonde
708f65f740
FIX: web crawlers getting 404 on category pages
2017-04-06 14:52:06 -04:00
Ryan C. Gordon
888d1512ec
Corrected indentation.
2017-04-06 01:49:34 -04:00
Aashaka Shah
402eaaa773
FEATURE: add og tags to metadata in individual badges page
2017-04-06 09:32:53 +05:30
Guo Xiang Tan
5943543ec3
FIX: Improve checks for non-human users.
2017-04-06 11:29:34 +08:00
Ryan C. Gordon
c51af13338
smtp_should_reject API: use better approach to find user email.
2017-04-05 23:10:36 -04:00
Ryan C. Gordon
a51c191a66
Make Email::Receiver.check_address() into a class method.
2017-04-05 23:10:36 -04:00
Ryan C. Gordon
e15d11df18
Added an API to ask if an incoming email should be dropped at the SMTP level.
...
This lets an SMTP server optionally decide if it should reject a mail without
passing it on to Discourse at all, possibly before even reading the
email's payload, to prevent spam-induced backscatter and save resources.
This just does the bare minimum sanity checking that could prevent obvious
backscatter. For legit errors from legit users, Discourse will still send a
much more pleasant reply email.
2017-04-05 23:10:36 -04:00
Robin Ward
40ab2e5667
FEATURE: Let users update their emails before confirming
...
This allows users who entered a typo or invalid email address when
signing up an opportunity to fix it and resending the confirmation
email to that address.
2017-04-05 16:44:49 -04:00
Robin Ward
3839206317
FIX: Return JSON errors for `by-external` if JSON requested
2017-04-04 16:22:14 -04:00
Robin Ward
17f2974d0a
SECURITY: Confirm new administrator accounts via email
2017-04-04 15:59:01 -04:00
Guo Xiang Tan
406d721f11
Fix `NilClass` error in `UsersController`.
2017-04-04 14:17:45 +08:00
Guo Xiang Tan
f4758a4c4d
FEATURE: Allow admins to schedule a topic to be published in the future.
2017-04-04 11:16:05 +08:00
Guo Xiang Tan
0bbad5040a
`topic-status-info` component wasn't updated when topic is closed/opened.
2017-03-31 15:58:26 +08:00
Guo Xiang Tan
b6e9871b4b
Update `Topic#closed` client side when closing/opening a topic temporarily.
2017-03-31 15:05:00 +08:00
Guo Xiang Tan
34b7bee568
FEATURE: Allow admin to auto reopen at topic.
...
* This commit also introduces a `TopicStatusUpdate`
model to support other forms of deferred topic
status update in the future.
2017-03-31 11:14:18 +08:00
Robin Ward
14410b71fb
Convert server side paths to use `/u/`
2017-03-30 10:23:24 -04:00
Guo Xiang Tan
a818fa9831
FIX: Show stats of the last 30 days be default for admin reports.
...
* `1.month.ago + 1.month` uses the calendar month for calculations
such that `1.month.ago` from the 30th of March 2017 will give
us the 28th of February 2017. Adding one month ahead from
28th February 2017 will be 28th of March 2017.
2017-03-30 09:48:10 +08:00
Arpit Jalan
f3cd5f61c5
FEATURE: Send anonymized usage statistics to Discourse if Discourse Hub can't reach the site
2017-03-28 09:07:23 +05:30
Neil Lalonde
11ce73b8ed
FEATURE: category setting for default top period
2017-03-22 16:54:18 -04:00
Sam
8e5e3b5af8
FIX: sso provider require return_sso_url
2017-03-22 09:08:38 -04:00
Robin Ward
874e8900af
Display email address in SSO error message.
2017-03-21 15:37:46 -04:00
Robin Ward
aeaf5075bf
Custom errors for when Email is invalid via SSO
2017-03-21 15:23:38 -04:00
Robin Ward
52d78294cc
Render a layout when there's an SSO error
2017-03-21 15:23:38 -04:00
Arpit Jalan
82c0f5f587
Merge pull request #4767 from techAPJ/activate-account
...
FIX: send activation email if user have unconfirmed email address
2017-03-21 09:44:23 +05:30
Arpit Jalan
7c3ae50dcd
FIX: send activation email if user have unconfirmed email
2017-03-21 09:41:50 +05:30
Sam Saffron
b94c7b4902
missing disposition
2017-03-20 17:07:32 -04:00
Sam
652b2d7199
remove redundent header setting
2017-03-20 16:08:18 -04:00
Sam
c106ca6778
FEATURE: fallback asset path for multi host setups
2017-03-20 15:59:17 -04:00
Guo Xiang Tan
1d4993a185
FIX: Sync user's notification channel before preloaded current user data.
...
This is to fix the problem where a newly created user would not
receive live updates for the first notification if the notification
is published before the client has subscribed to the channel.
2017-03-20 17:17:21 +08:00
Robin Ward
f5f54c1b77
Merge pull request #4764 from tgxworld/nuke_backticks
...
FIX: Don't use backticks that take in inputs.
2017-03-17 15:40:23 -04:00
Guo Xiang Tan
e7c972ac89
FIX: Don't use backticks that take in inputs.
2017-03-17 15:33:51 +08:00
Victor van Poppelen
9e60f9f093
JSON API parsing error on CSRF exception: single quotes in ['BAD CSRF'] is invalid JSON:
...
https://meta.discourse.org/t/json-api-parsing-error-single-quotes-used-for-errors-like-bad-csrf/58869
2017-03-16 16:47:18 -07:00
Guo Xiang Tan
bbc85e1e29
Merge pull request #4750 from discourse/group_login_registration_flow
...
FEATURE: Redirect to groups page and apply group actions upon login/s…
2017-03-16 09:50:56 +08:00
Guo Xiang Tan
ca965bb455
FEATURE: Redirect to groups page after login/registration flow.
2017-03-16 09:48:51 +08:00
Guo Xiang Tan
1a7e954e09
FIX: Store custom emojis as uploads.
...
* Depending on a hardcoded directory was a flawed design
which made it impossible to debug when custom emojis go
missing.
2017-03-14 13:07:18 +08:00
Neil Lalonde
6d7e968e30
FEATURE: box-style rendering of sub-categories
2017-03-13 15:25:52 -04:00
Sam
a690121805
SECURITY: always allow staff to resend activation mails
2017-03-13 10:32:24 -04:00
Sam
1a745ca16a
else @user makes no sense :)
2017-03-13 10:22:23 -04:00
Guo Xiang Tan
9364d8ce71
FIX: Store user's id instead for sending activation email.
...
* Email and username are both allowed to be used for logging in.
Therefore, it is easier to just store the user's id rather than
to store the username and email in the session.
2017-03-13 20:24:55 +08:00
Guo Xiang Tan
7ebfa3c901
SECURITY: Only allow users to resend activation email with a valid session.
...
* Improve error when an active user tries to request for an activation email.
2017-03-13 19:35:29 +08:00
Arpit Jalan
848120c098
FEATURE: RSS feed for top page period filters
2017-03-13 15:23:46 +05:30
Sam
f13367cecd
FIX: latest + category not respecting homepage category suppression
2017-03-10 15:17:51 -05:00
Sam
bc1a6ccb90
Merge pull request #4741 from tgxworld/allow_bookmark_removal
...
FIX: Allow user to remove bookmark from posts as long as bookmark is …
2017-03-10 12:49:20 -05:00
Arpit Jalan
f7e7ca3937
FEATURE: anonymized site statistics
2017-03-10 18:50:26 +05:30
Régis Hanol
00380d84c5
UX: display text & html parts alongside raw email in incoming email modal
2017-03-08 23:15:42 +01:00
Arpit Jalan
801b5838e1
FIX: do not show faq/guidelines page to anonymous users for private forums
2017-03-08 16:00:49 +05:30
Arpit Jalan
090236b15b
FIX: do not show about page to anonymous users for private forums
2017-03-08 13:15:44 +05:30
Guo Xiang Tan
689dd16be0
FIX: Allow user to remove bookmark from posts as long as bookmark is present.
...
https://meta.discourse.org/t/bookmark-issue-when-access-to-topic-is-lost-pms/51993
2017-03-08 13:53:49 +08:00
Neil Lalonde
d95e4102c1
FIX: tags created in secured categories should not be forbidden outside those categories
2017-03-07 11:46:46 -05:00
Rafael dos Santos Silva
c3477cd40d
Merge pull request #4716 from discourse/bounced_emails_details
...
FEATURE: Allow checking the raw response of a bounced email
2017-03-06 13:30:19 -03:00
Guo Xiang Tan
477eb0591e
FIX: Posts in a deleted topic couldn't be moved.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436/4
2017-03-06 14:56:20 +08:00
Sam
c99f4260c0
Merge pull request #4729 from tgxworld/dont_mark_user_as_valid
...
FIX: Don't mark user as `active` if verified email is different.
2017-03-03 15:57:30 -05:00
Neil Lalonde
6aab8cb331
FEATURE: new category setting for whether to show latest topics or top topics by default
2017-03-03 11:30:44 -05:00
Rafael dos Santos Silva
aac4a4ed94
Handle invalid parameters and missing bounced emails
2017-03-02 20:37:28 -03:00
Neil Lalonde
ca20cb9941
FEATURE: subcategories can be discovered by web crawlers on page 1 of the parent category topics list
2017-03-02 15:06:56 -05:00
Guo Xiang Tan
3d347fb9c4
FIX: Don't mark user as `active` if verified email is different.
2017-03-02 14:24:30 +08:00
Sam
dbfea9b5b0
correct refactor
2017-03-01 18:26:26 -05:00
Sam
c79b146283
FEATURE: make list controller a bit more extensible
2017-03-01 16:41:09 -05:00
Neil Lalonde
262016604d
FEATURE: each category can control how many topics to show on categories page
2017-03-01 15:12:57 -05:00
Blake Erickson
80858bae2c
FEATURE: further restrict downloading of backups
...
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00