Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,357 Commits 236 Branches 500 Tags 870 MiB
Commit Graph

18 Commits

Author SHA1 Message Date
Blake Erickson 73e33ce243 DEV: send url string to FileHelper and refactor another open-uri call 
FileHelper.download requires a string not a URI. I also found another
instance of using open-uri directly and swapped it out to use
FileHelper.

I also updated it to not `read` a file if it comes back nil.

Follow up to: fe01099a38
 2019-11-14 08:25:30 -07:00
Roman Rizzi c63e84dc62
FEATURE: Send a message to new TL2 users and point them to the advanced tutorial (#8335) 
* FEATURE: Send a message to new TL2 users and point them to the advanced tutorial

* DEV: Use a method to find the discobot user
 2019-11-13 18:31:49 -03:00
Robin Ward 7744b636e9 FIX: Handle nil case for avatar, just in case 2019-10-24 14:02:51 -04:00
Robin Ward 2c0efac25e FIX: Broken certificates 2019-10-24 12:39:58 -04:00
Roman Rizzi 835d2be4da
FIX: Rate limit and hijack certificate generation. (#8215) 
To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.
 2019-10-21 13:14:15 -03:00
Krzysztof Kotlarek e2f9b7dd6f FIX: Narrative Bot certificates are ERB templates (#8174) 
There are at least two ways of rendering templates outside of the controller. The first one is Rails way enabled with Rails 5 https://evilmartians.com/chronicles/new-feature-in-rails-5-render-views-outside-of-actions
The downside of this method is that all variables need to be passed as params (I could find a way to pass the whole context)

Another way is to use instance_eval described in Erubi documentation
https://github.com/jeremyevans/erubi#usage - it works perfectly fine, however, I didn't feel very confident about using eval unless necessary.

An additional benefit of using `ApplicationController.render` is that if Rails would change the ERB engine in the future, this code should still work.

If you want to test it on your local, you need to be signed in and then that two URLs are generating certificates:
http://localhost:3000/discobot/certificate.svg?date=Oct+07+2019&type=standard&user_id=1
http://localhost:3000/discobot/certificate.svg?date=Oct+07+2019&type=advanced&user_id=1

Dev: https://dev.discourse.org/t/discourse-narrative-bot-should-not-be-storing-giant-strings/17130
 2019-10-09 17:45:01 +11:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
Guo Xiang Tan 44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
Guo Xiang Tan 038de4e037 FIX: Incorrect title on new user narrative cert. 2018-08-20 11:26:20 +08:00
Guo Xiang Tan ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Guo Xiang Tan 32171ad286 FIX: Invalid logo in discobot's certificate when `SiteSetting.logo_small_url` is blank. 
https://meta.discourse.org/t/broken-image-in-discobot-certificate-with-no-logo-small-url/76594/2
 2017-12-22 09:36:53 +08:00
Guo Xiang Tan ee1b90503c FIX: Error when an invalid date is passed to certificate generator. 
https://meta.discourse.org/t/broken-image-in-discobot-certificate-with-no-logo-small-url/76594/2
 2017-12-22 09:36:52 +08:00
Guo Xiang Tan 0eb7159e51 UX: Discobot advanced tutorial certificate does not work with dark theme. 
https://meta.discourse.org/t/discobot-assets-certificate-svg/65523/11?u=tgxworld
 2017-07-31 15:27:47 +09:00
Guo Xiang Tan 78bb367b0a FIX: Discobot's certificate shouldn't blow up on non 200 response. 
https://meta.discourse.org/t/discobot-assets-certificate-svg/65523/6
 2017-07-14 15:16:29 +09:00
Guo Xiang Tan 716b0235f9 FIX: Use username in bot's certificate. 
* The default name generated can be weird sometimes.
 2017-06-16 10:32:43 +09:00
Neil Lalonde 23dfddbfb4 FIX: narrative bot on subfolder installs 2017-06-01 15:15:34 -04:00
Guo Xiang Tan 144b810d0e Missed a spot when redefining a method. 2017-05-26 13:02:41 +08:00
Guo Xiang Tan 7f0561b621 Merge discourse-narrative-bot into core plugins. 2017-05-24 15:28:34 +08:00