Commit Graph

1428 Commits

Author SHA1 Message Date
Neil Lalonde 782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Doug 5e615ef26e Fixed bug that caused substrings of reserved usernames to be treated as reserved. 2015-07-06 23:54:25 -07:00
Robin Ward be664857be Merge pull request #3585 from riking/patch-3
FEATURE: Reserved usernames
2015-07-03 10:02:24 -04:00
Robin Ward 7676c5dfe7 Can add topic templates to categories, prepopulated on compose 2015-07-03 10:01:46 -04:00
Kane York df988a20eb FEATURE: Reserved usernames
A list of usernames that will be blocked from being used to sign up.
2015-07-01 13:50:55 -07:00
Robin Ward 6422d5efbd Use the same component for similar topics as search results. 2015-06-24 15:08:22 -04:00
Robin Ward b4960d48b4 Better support for passing up errors when OmniAuth fails after auth 2015-06-24 12:12:43 -04:00
Régis Hanol f18098fd9b FEATURE: category dropdown in admin reports 2015-06-24 15:19:39 +02:00
Sam b052179ae6 Merge pull request #3163 from rcfox/fix-by-external
Allow periods in the external_id value used in the /users/by-external route.
2015-06-24 13:07:12 +10:00
Sam 65ac5b6475 Merge pull request #3562 from riking/no-index
Add noindex directive on unlisted topics
2015-06-23 15:50:53 +10:00
Robin Ward 76bfd723f6 Merge pull request #3482 from riking/patch-3
Import/Export site customizations
2015-06-22 14:03:07 -04:00
Kane York 2f0bd6294c Add noindex directive on unlisted topics 2015-06-22 11:00:39 -07:00
Régis Hanol efb02ae561 FIX: take into account unlisted banners 2015-06-22 14:08:30 +02:00
Sam 41e427bd2e Work in progress, full page search 2015-06-22 18:09:08 +10:00
Konstantin Ilchenko 131cf643ce FIX: Allow api to send uploads with :url 2015-06-21 14:54:59 +03:00
Robin Ward 4e898c604e UX: Update suggested topics to include topic status + category 2015-06-18 15:53:10 -04:00
Sam f26eee8431 FEATURE: add username to NGINX logs 2015-06-16 17:43:53 +10:00
Arpit Jalan d37c2a2c98 Merge pull request #3550 from techAPJ/patch-1
FIX: new-topic URL should survive login redirection
2015-06-16 07:19:42 +05:30
Sam 690f4a4c37 add X so it shows up at the end of chrome 2015-06-16 10:27:42 +10:00
Sam 9b8b1d0034 FEATURE: add special header that names the action for the request 2015-06-16 09:54:44 +10:00
Régis Hanol 1ac3941130 FEATURE: allow API to upload files synchronously 2015-06-15 16:12:15 +02:00
Arpit Jalan d1632c1dbd FIX: new-topic URL should survive login redirection 2015-06-14 20:24:47 +05:30
Régis Hanol 189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron c58b495e15 SECURITY: Query @usernames in bulk
Otherwise you could add many requests at once while composing.
2015-06-11 13:03:49 -04:00
Robin Ward ae277e28a6 FEATURE: Allow embedding topics without creating them, by id 2015-06-09 16:24:20 -04:00
Sam Saffron e3fa27a01c FEATURE: serialize and update category custom_fields
- send to client
- update from client
2015-06-10 06:13:36 +10:00
Robin Ward 7b6d6b76eb FEATURE: Multiple embeddable hosts
- Also refactors two site settings components into one, with tests
2015-06-09 13:25:43 -04:00
Arpit Jalan 71ee84f848 FEATURE: latest posts RSS feed 2015-06-09 21:45:06 +05:30
Robin Ward 5da5269652 FIX: Bad page title for categories view by google crawler 2015-06-08 12:07:35 -04:00
Arpit Jalan 74141cc475 FIX: send 404 error when unauthorized user tries to download user archive 2015-06-08 11:32:31 +05:30
Sam Saffron 4409a3072d FEATURE: we need admin login always 2015-06-05 18:43:59 +10:00
Régis Hanol 81a699e2b0 better support for mixed content 2015-06-01 17:49:58 +02:00
Sam Saffron 9787cb07aa FIX: when missing a static topic we were returning an error 2015-06-01 11:40:52 +10:00
Sam fc2a08731a FIX: sso_not_approved_url not working correctly 2015-05-30 13:19:07 +10:00
Régis Hanol 80a108e3cf FIX: don't break user avatars route 2015-05-29 19:19:41 +02:00
Régis Hanol acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Régis Hanol 0483f05154 make sure we pass in the user_id when creating avatar thumbnails 2015-05-29 18:11:19 +02:00
Régis Hanol cb025a65e0 FIX: make sure we also save the user_avatar.custom_upload_id 2015-05-29 10:21:41 +02:00
Régis Hanol c3227b69fa FIX: proper support for pixel ratios up to 3 2015-05-29 09:57:54 +02:00
Sam bddbf70697 FIX: order post_actions by date 2015-05-28 16:16:36 +10:00
Sam bb3fb37650 FIX: when uploading same file was pasted into multiple composers 2015-05-28 15:08:54 +10:00
Neil Lalonde ea8cf1a208 FIX: topic auto-close uses the client's time zone 2015-05-27 18:01:46 -04:00
Sam 02fa7448ca FEATURE: custom url to redirect to on account pending approval for sso 2015-05-27 14:06:45 +10:00
Sam a988cd5abe FIX: redirect to CDN avatar for s3 avatars 2015-05-27 12:02:57 +10:00
Sam 918034aa7b remove less useful error reporting 2015-05-27 11:17:28 +10:00
Régis Hanol 992154533f remove debugging letfovers 2015-05-26 20:08:19 +02:00
Régis Hanol 7b03c7dbc4 Merge pull request #3504 from techAPJ/patch-4
FIX: add missing translation keys
2015-05-26 16:08:39 +02:00
Régis Hanol 85d4d3223c FIX: crop avatars on the server instead of the client
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Arpit Jalan d21944a0b6 FIX: add missing translation keys 2015-05-26 19:11:37 +05:30
Sam 147ea002f7 FIX: allow handling for avatars that are not in the set of "resized sizes" 2015-05-26 15:41:50 +10:00
Sam eeda367e70 FIX: should be able to serve optimized image from local if its ... local... 2015-05-26 12:32:52 +10:00
Neil Lalonde eaa1afeaf5 remove Google OpenID auth, since Google doesn't support it anymore 2015-05-25 15:13:44 -04:00
Régis Hanol bb0c2813ac FEATURE: generate (avatar) thumbnails in a background task
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar

PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Sam bcaed90744 fix missing rtl stylesheets 2015-05-23 15:25:05 +10:00
Sam fe46d1dd3b PERF: avoid cookies for all static, public, cached forever assets 2015-05-22 16:15:46 +10:00
Sam 96dbeb8608 fix stylesheet cache to recover if file is on disk 2015-05-22 11:22:12 +10:00
Robin Ward 0ed1c8011c FIX: About page error when `login_required` 2015-05-21 14:37:49 -04:00
Sam a0090a4585 fix incorrect handling of date on "globally enabled" stylesheet. 2015-05-21 17:23:54 +10:00
Sam 44fc8e42dc nginx is stripping ETags, just use last modified instead 2015-05-21 17:05:22 +10:00
Sam 4fbfc6ddbc PERF: missing caching on CSS and Site Customizations 2015-05-21 16:09:23 +10:00
Régis Hanol b7f8680618 fix build (:fired:) 2015-05-20 17:51:33 +02:00
Régis Hanol bcd98c8f0f FIX: API can provide a URL to create an upload 2015-05-20 17:38:06 +02:00
Régis Hanol c91634c09a FIX: support for async uploads of emojis 2015-05-20 16:45:48 +02:00
Régis Hanol 8d967d9065 FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread 2015-05-20 16:45:48 +02:00
Robin Ward 7d23826cee FIX: Keep around the page when redirecting 2015-05-20 10:16:17 -04:00
Régis Hanol 7d3b7a5657 fix the build 2015-05-20 15:32:31 +02:00
Régis Hanol b44488b618 FIX: keep to old attachment route 2015-05-20 14:55:42 +02:00
Sam e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam 14ab9c45b6 Merge pull request #3470 from ahuling13/expired-nonce-return-status
In the case of an expired nonce, return a 400 status code instead of 500
2015-05-20 12:08:17 +10:00
Sam d1d703718a Merge pull request #3476 from paulkaplan/sso-distrust-email
Add SSO setting to not trust emails automatically
2015-05-20 12:07:14 +10:00
riking d112f39031 Change extension back to .dcstyle.json 2015-05-19 18:35:16 -07:00
Andrew Huling e44ddff9bb Change the expired nonce return status code from 400 to 419. 2015-05-19 13:13:14 -04:00
Régis Hanol 9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
riking fbc06d044f Use .dcstylejson instead of .dcstyle.json 2015-05-16 20:41:35 -07:00
riking 1e53c179a3 FEATURE: Export customizations as JSON files 2015-05-16 20:24:13 -07:00
Ryan Fox 14d2b76354 Merge branch 'master' into fix-by-external
Conflicts:
	app/controllers/users_controller.rb
2015-05-15 19:54:11 -04:00
Paul Kaplan b8a43e153c Use session controller to prevent inactive SSO users 2015-05-15 12:15:06 -05:00
Régis Hanol 93273cd17a Merge pull request #3451 from ossobv/sso_login_unapproved_account
Stop sso login processing after rendering error
2015-05-15 14:33:19 +02:00
Antonin Hildebrand 11852056a8 Add missing events for discourse-hipchat-plugin
https://github.com/binaryage/discourse-hipchat-plugin
2015-05-15 15:52:12 +08:00
Andrew Huling e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Robin Ward 0b65c88003 Upgrade Notifications to fix deprecations and use store 2015-05-11 11:20:45 -04:00
Harm Geerts d9a3e82516 Stop sso login processing after rendering error
This prevents a DoubleRenderError triggered on the redirect_to.
2015-05-11 14:17:32 +02:00
Arpit Jalan fc30b771cf FIX: reply count is off by one 2015-05-11 13:58:53 +05:30
Sam 8277a586bb usage of raise corrected 2015-05-07 11:00:51 +10:00
Sam 77cc087b13 FIX: proper error message when account created is hit with no session 2015-05-07 11:00:22 +10:00
Sam 376b28b0ed FIX: raise a 404 if click tracker gets no url 2015-05-06 11:27:41 +10:00
Sam 0f53fc8328 correct emergency regeneration in the controller 2015-05-06 07:33:32 +10:00
Sam ea670118c1 Add better error handling, correct the location on disk of stylesheet 2015-05-05 23:28:40 +10:00
Sam f58d85edea FEATURE: move stylesheet cache out of the uploads directory 2015-05-05 15:50:13 +10:00
Sam 803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Arpit Jalan 23fd16850a FIX: include youtube link in embedded comments 2015-05-01 18:34:45 +05:30
Robin Ward 16408cee06 Allow Postgres to trigger readonly mode for the site. 2015-04-29 11:49:58 -04:00
Sam 729aaa826b Merge pull request #3404 from techAPJ/patch-1
FEATURE: magic login route for admin when SSO is enabled
2015-04-28 07:47:50 +10:00
Robin Ward ecafbb0a63 Can delete users via the moderation queue 2015-04-27 15:06:20 -04:00
Robin Ward 3cb4554bbb Can refresh queued posts via button 2015-04-27 13:52:54 -04:00
Neil Lalonde cce8693354 FIX: canonical link tag when using relative_url_root 2015-04-27 13:34:22 -04:00
Arpit Jalan 2932284293 FEATURE: magic login route for admin when SSO is enabled 2015-04-27 22:54:48 +05:30
Robin Ward 3a6efa25f0 Allow ReadOnly to propogate up to the Ember app via Response Header 2015-04-24 14:37:16 -04:00
Robin Ward 5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Neil Lalonde ae028a5bb1 FIX: support for redirects to external url in permalinks table was broken 2015-04-23 16:45:28 -04:00
Régis Hanol a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward 53ca51654d FIX: Avoid cookie overflows by truncating the referer we store in flash 2015-04-22 12:41:49 -04:00
Robin Ward 5bf8c31af4 Users can see their pending posts 2015-04-21 16:44:47 -04:00
Robin Ward 2cdd967188 Adds support for invisible approval queues, which we'll need for Akismet 2015-04-20 17:19:05 -04:00
Neil Lalonde a3b6e3cb97 FIX: permalinks redirects with relative_url_root 2015-04-19 23:36:09 -04:00
Sam Saffron 6d2e651862 Revert "FIX: Missing letter avatars"
This reverts commit 03943554c6.
2015-04-20 06:41:08 +10:00
Sam 72ab1b9714 Merge pull request #3385 from tancnle/each-key-refactor
Replace Hash#keys.each with Hash#each_key for some perf boost
2015-04-20 06:17:27 +10:00
Robin Ward 03943554c6 FIX: Missing letter avatars
cc @zogstrip

It seems that the version string was ammended to return the ImageMagick
version. This caused the guard in the user avatars method to fail as the
versions weren't the same.

I changed it so it is comparing the right version, but I wonder if this
is bad as the controller is no longer using the ImageMagick version. Can
you please review?
2015-04-19 10:48:53 -04:00
Tan Le 9fbc763902 Replace Hash#keys.each with Hash#each_key for some perf boost 2015-04-18 21:53:53 +10:00
Robin Ward 2459f52c71 Merge pull request #3375 from techAPJ/patch-2
FEATURE: invite existing users to private topic
2015-04-16 11:13:42 -04:00
Arpit Jalan 866d1cd8e3 FIX: handle error for duplicate email_in address 2015-04-16 16:23:22 +05:30
Robin Ward 08b4b7b7ff Moderators can edit posts that are queued before they approve/reject 2015-04-15 17:20:34 -04:00
Arpit Jalan d491d4f997 FEATURE: invite existing users to private topic 2015-04-16 00:52:54 +05:30
Robin Ward 0c233e4e25 Interface is wired up for Approving/Rejecting posts 2015-04-15 14:54:37 -04:00
Robin Ward 96d2c5069b Interface for reviewing queued posts 2015-04-15 14:54:37 -04:00
Robin Ward 22ffcba8e6 Convert `Discourse.Post` to ES6 and use Store model
- Includes acceptance tests for composer (post, edit)
- Supports acceptance testing of bootbox
2015-04-15 14:54:36 -04:00
Robin Ward 19a9a8b408 `NewPostManager` determines whether to queue a post or not 2015-04-15 14:54:36 -04:00
Arpit Jalan 499bed69e2 FIX: show error message if user already exist in group 2015-04-15 14:15:58 +05:30
Sam 2a3f71a9a1 SECURITY: log off all existing sessions when resetting password 2015-04-15 08:57:43 +10:00
Robin Ward db4c04d606 FIX: Moderators shouldn't be able to see secure deleted posts 2015-04-13 11:48:31 -04:00
Sam 75890aed26 FEATURE: allow admins to choose a group as a primary group
FEATURE: allow admins to set a default title for a group
2015-04-10 12:17:28 +10:00
Régis Hanol babbbc06d1 FIX: add support for .tgz and .gz backup files 2015-04-07 15:26:47 +02:00
Sam f5d89169e2 FEATURE: initial implemenation of anonymous posting mode 2015-04-07 18:05:31 +10:00
Sam 5d31290dbc FIX: cleanup old letter avatars if needed
FEATURE: use image magick version as a key for letter avatars
2015-04-07 13:03:43 +10:00
Régis Hanol 33879e1311 Merge pull request #3199 from fantasticfears/seo
FEATURE: add microdata prop and more links for crawler
2015-04-06 11:18:34 +02:00
Robin Ward 82124b3222 UX: Login to decide when to show you near the top of the directory
Don't show yourself there if you are close to the top already.
2015-04-02 14:51:49 -04:00
Régis Hanol 1ec73b5ba0 FIX: use 'request.remote_ip' instead of 'request.ip' for better consistency 2015-04-02 16:24:27 +02:00
Robin Ward 28864e74bc FIX: Don't show the filter title on the default route 2015-03-30 11:40:44 -04:00
Sam 586cca352d move memory diagnostics into lib, so it can be reused elsewhere 2015-03-30 10:14:42 +11:00
Robin Ward 2cc5858163 Add site setting to disable User Directory, include restricted info 2015-03-26 11:26:19 -04:00
Robin Ward 33e35930b0 FIX: Server error when no results on user directory while logged in 2015-03-25 11:18:46 -04:00
Robin Ward 8fd339b994 Include the current user at the top AND in the user directory 2015-03-24 16:19:15 -04:00
Robin Ward e3eaa7fa75 FIX: In long topics, filtering button was not always showing in card 2015-03-24 12:33:50 -04:00
Sam bb20f64cb2 use standard error so its easier to catch 2015-03-23 12:20:50 +11:00
Robin Ward 6d38005a22 Allow staff to change uneditable user fields 2015-03-20 15:18:43 -04:00
Robin Ward 051a2a3d14 FEATURE: Can search the user directory by name 2015-03-19 18:07:48 -04:00
Robin Ward 1931850151 UX: Always show the current user at the top of the directory 2015-03-19 15:32:23 -04:00
Robin Ward ae695d6438 UX: Show two lines per user on directory 2015-03-19 14:53:52 -04:00
Robin Ward 7ef306cd3b A bunch of tweaks to the Users directory
- Move user directory from `/directory` to `/users/`
- Defaults to 'weekly' time period
- Don't include deleted topics/posts in the results
- Move heart icon to header instead of on each row
- "Users" instead of "Users found"
2015-03-19 12:29:38 -04:00
Régis Hanol df3b1f6968 FIX: editing a post wasn't showing error messages from the server 2015-03-19 12:25:15 +01:00
Robin Ward 3d2d224312 FEATURE: User Directory, with sorting and time period filter 2015-03-18 15:20:34 -04:00
Erick Guan c955907f60 FEATURE: add microdata prop and more links for crawler
- add microdata based on schema.org
- add breadcrumb on the top of topic
- add navigations link on the bottom of every pages
- add category description on the category list
2015-03-16 22:52:10 +08:00
Régis Hanol 424a3b042a FEATURE: unified UI for pinning/banner topics
REFACTOR: ES6ified all the modals
2015-03-14 01:18:05 +01:00
Sam a82530012a FEATURE: Allow selection of highlight js languages
PERF: stop loading highlight js on load

To get latest highlight js run bin/rake highlightjs:update
2015-03-13 16:18:59 +11:00
Régis Hanol 6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Robin Ward 3ad12d44f3 Use a mixin for the `path` function to DRY it up 2015-03-09 15:24:16 -04:00
Régis Hanol fc962eb378 FEATURE: automatic daily roll-up for screened IP addresses 2015-03-09 18:55:17 +01:00
Sam f5af4768eb FEATURE: add clean support for running Discourse in a subfolder
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
riking cab92f947c FEATURE: All preload data available under /site/
This will be essential for entirely local Discourse clients.
2015-03-04 20:49:03 -08:00