Sam
6f31d3f0e5
FEATURE: single sign on support
...
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
Neil Lalonde
b696c96a19
Look at the age of a user's first post to determine if the user can be nuked, instead of looking at when the user registered.
2014-02-20 12:29:40 -05:00
Erik Ordway
8fc5c66c55
this needs to go but did not show up in my tests but did on travis
2014-02-11 18:13:24 -08:00
Robin Ward
e511e8a80b
Link to groups from user profile
2014-02-07 10:44:51 -05:00
Sam
93434be16d
SECURITY: reduce moderator rights
...
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Sam
be560d4eb6
Update annotations
2014-02-07 11:07:52 +11:00
Sam
227873df78
FEATURE: proper mailing list mode
...
once enable_mailing_list_mode is enabled any user can elect
to get every post via email unless they opt out of category or topic
2014-02-07 11:07:52 +11:00
Neil Lalonde
c8bc9bd5db
Show discourse logo as system user avatar
2014-01-29 12:29:05 -05:00
Neil Lalonde
7cc5da08fe
Track how many posts a user reads each day in user_visits
2014-01-27 11:20:19 -05:00
Neil Lalonde
ae3b53bb76
Add a page in admin to view trust level 3 requirements for a user. Only shows for users who are currently at trust level 2.
2014-01-22 18:17:45 -05:00
Neil Lalonde
ba74226346
FIX: invited users get clearer messaging when setting a password for the first time
2014-01-21 12:42:26 -05:00
Régis Hanol
129617b415
Lots of bugfixes
...
BUGFIX: navigation bar should always activate the right tab (even when diging into a top period)
BUGFIX: /top pages titles
BUGFIX: no "edit category" button on /top page after visiting a category
BUGFIX: properly hide category columns when there is no children category (on both filter + top pages)
BUGFIX: promises not caught when scrolling down a topic list to load more of them
BUGFIX: CSS on category dropdowns
Updated `top_menu` i18n with available filters
2014-01-18 19:27:25 +01:00
Régis Hanol
c1a66b70bb
BUGFIX: use previous_visit_at instead of last_seen_at to determine the best period to display in the top summary
2014-01-16 01:36:32 +01:00
Neil Lalonde
4f6b208e8d
Posts by trust level 3 users do not have nofollow on their external links.
2014-01-15 11:40:51 -05:00
Régis Hanol
e732aa8a86
BUGFIX: we should not store absolute urls for locally uploaded avatar templates
...
Highly recommended to run: `RAILS_ENV=production bundle exec rake avatars:regenerate` to fix the avatar templates stored in the database.
2014-01-07 17:45:06 +01:00
Neil Lalonde
a897c2b091
Add default_external_links_in_new_tab site setting
2014-01-02 15:27:37 -05:00
Robin Ward
f145060315
Don't employ the "too many replies" if the user is staff, or if they created the topic.
...
See: http://meta.discourse.org/t/what-is-the-point-of-limiting-new-users-to-three-replies-per-topic/11696
2014-01-02 12:57:40 -05:00
DV Suresh
24886c300b
Correct few spelling in the comments
2013-12-21 01:19:22 -06:00
Neil Lalonde
33c6997ded
Move password validation into PasswordValidator
2013-12-19 16:15:47 -05:00
Robin Ward
1cac9fa257
New users can only post `newuser_max_replies_per_topic` times per topic.
2013-12-19 13:45:55 -05:00
Sam
2db3cfb16b
annotate models
2013-12-05 17:40:35 +11:00
Régis Hanol
82b78ec6ba
schemaless avatar urls
2013-11-22 19:18:45 +01:00
Régis Hanol
3cf5a363f7
do not destroy uploads when destroying a user
2013-11-22 18:29:07 +01:00
railsaholic
34bba737ff
Refactor SessionController#create, reduce complexity.
...
Don't compromise readablity
2013-11-15 22:09:03 +05:30
sirMackk
af67284995
User ctrl refactor - breaks up large methods, moves some logic into model
...
Includes missing methods from backup for travis to pass
fix missing code, failing specs
keep params handling in the controller.
2013-11-09 18:44:13 +05:30
Neil Lalonde
0c6f794eb0
Used the term suspended instead of banned.
2013-11-07 13:53:49 -05:00
Neil Lalonde
92a0729937
When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs.
2013-11-01 10:47:26 -04:00
Robin Ward
f7d6ab579c
Merge pull request #1571 from novemberkilo/master
...
Refactor User#update_last_seen! and User#update_tracked_topics
2013-10-29 08:28:08 -07:00
Sam
95e936c299
cleanup API for looking up a user by email or username, add specs, fix invalid auto association in open id provider
2013-10-28 16:29:07 +11:00
Manoj
96ae3cdacc
Utilize already existing method 'find_by_username_or_email'
...
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Navin Keswani
6ce80fd148
Refactor User#update_last_seen! and User#update_tracked_topics
2013-10-23 23:27:30 +02:00
Robin Ward
348e2e3ef2
Support for per-user API keys
2013-10-22 17:34:39 -04:00
Robin Ward
2308784713
Merge pull request #1543 from railsaholic/small_users_controller_refactoring
...
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Neil Lalonde
648b11a0eb
Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address.
2013-10-21 14:50:18 -04:00
Manoj
868e4ffe6d
refactor UsersController to reduce complexity
...
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Neil Lalonde
0eaf32db45
Add a message to flags created because of the newuser_spam_host_threshold site setting
2013-10-17 15:08:11 -04:00
Manoj
7c03076c2a
Refactored Topic#limit_topics_per_day to reduce code climate complexity
...
Extracted 1) #apply_per_day_rate_limit_for, method as generic
RateLimiter , 2) #limit_first_day_topics_per_day as a separate method,
3) Added User#added_a_day_ago?, 4) Fixed private methods indentation.
2013-10-16 14:58:18 +05:30
Neil Lalonde
3c2c6ab24b
Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic.
2013-10-11 13:34:05 -04:00
Sam
5bf26ec34e
large refactor, ship a few columns from the user table into user_stats
2013-10-07 15:04:59 +11:00
Sam
441010ac65
optimise view count calculation query
2013-10-02 17:08:53 +10:00
Robin Ward
7d9a84b496
New User Education goes through a server side ComposerMessages check. Composer message for users
...
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward
fcff4e80d1
New `user_stats` table to keep track of queried information on a user.
...
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00
Robin Ward
2319924206
Adds a class that can detect whether a user has uploaded a custom avatar
2013-09-10 15:39:11 -04:00
Sam
162d94aa02
improve secure_category_id query
2013-09-10 14:29:02 +10:00
Sam
41a1b6942d
notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
...
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Neil Lalonde
117fc8db58
Change the way nuked users' posts are handled. Allow null in the user_id column of posts. Show these posts in the posts stream.
2013-09-04 15:42:21 -04:00
Sam
61281a3c81
invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users
2013-08-28 17:18:31 +10:00
Sam
dfa5a8a83f
annotate models
2013-08-28 10:52:06 +10:00
Navin Keswani
d87389b38e
No more rails 4 deprecation warnings
2013-08-25 23:18:11 +02:00
Neil Lalonde
6e79197519
Enum site settings can have translatable names in dropdown. Add setting for how often users get digest emails by default: default_digest_email_frequency.
2013-08-23 17:36:25 -04:00
Sam
472f0684c3
Merge pull request #1345 from salbertson/refactor-find_by_username_or_email
...
Improve test coverage and refactor User.find_by_username_or_email
2013-08-22 17:14:06 -07:00
Neil Lalonde
3b15e2e58e
Banned users are not returned as pending review users
2013-08-22 19:23:49 -04:00
Scott Albertson
1dbe1fb1bc
Refactor User.find_by_username_or_email
...
* Improve test coverage
2013-08-22 09:40:07 -07:00
Sam
c0c929be5a
optimise query that runs every 10 minutes and takes out the user table
2013-08-20 17:40:22 +10:00
Michael Kirk
4af8a9102e
Authenticate with Discourse via OAuth2
...
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol
2119774fb6
FIX: custom avatars in email
2013-08-16 09:58:20 +02:00
Régis Hanol
c9969738bf
FIX: N+1 query for avatars when searching for users
2013-08-16 00:26:49 +02:00
Sam
b55c9e391d
Merge pull request #1333 from fabianoleittes/fix_type_url
...
Fix url not to be nil
2013-08-14 20:04:00 -07:00
Fabiano Leite
4df8babb9a
Fix url not to be nil
2013-08-14 21:55:25 -03:00
Robin Ward
8fa9c51bf4
FIX: New avatar regression with mixed case email addresses.
2013-08-14 13:05:57 -04:00
Régis Hanol
4866f4d8f5
FIX: N+1 query for avatars
2013-08-14 15:25:05 +02:00
Régis Hanol
5ca187ba57
only the host part of an email address is case insensitive
2013-08-14 19:31:35 +02:00
Régis Hanol
c867b67a0b
custom avatar support
2013-08-13 22:08:29 +02:00
Robin Ward
6452962f36
FIX: Notification counters were being updated incorrectly.
2013-08-09 12:12:56 -04:00
Neil Lalonde
5f8a130277
Add BlockedEmail, to block signups based on email. Track stats of how many times each email address is blocked, and last time it was blocked. Move email validation out of User model and into EmailValidator. Signup form remembers which email addresses have failed and shows validation error on email field.
2013-07-29 15:29:43 -04:00
Doug Alcorn
35a2bb7919
Parameterize the PBKDF2 algorithm in application config
...
http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
2013-07-22 21:36:01 -04:00
Sam
ecf17cfebb
work in progress, add fidelity to category group permissions (full, create posts, readonly)
2013-07-16 15:46:11 +10:00
Sam
1aef6de4b0
automatically approve invited users on forum where moderators must approve (keep in mind only moderators can invite)
...
speed up specs a touch
allow invite controller to accept an email in absence of user (cleans up API)
2013-07-11 11:22:00 +10:00
Neil Lalonde
9b0f63627b
Add blocked users count to dashboard
2013-07-08 12:44:13 -04:00
Juan de Dios Herrero
27b038cd40
Refactored username validations to avoid repeated code
2013-07-07 13:05:18 +02:00
Juan de Dios Herrero
e4fc6e02ed
Added discourse hub nickname operations simplify and avoid repeated code
2013-07-07 12:40:35 +02:00
Stephan Kaag
89b621d31a
Refactor update_all statements in order to prevent deprecation warnings in Rails 4
2013-07-02 18:36:47 +02:00
Neil Lalonde
a352b70bfc
Permit changing my own username's case without an error saying it is already taken
2013-06-28 16:21:46 -04:00
Sam
6b82f1047a
that date there is on purpose for date boundries
2013-06-28 16:08:48 +10:00
Sam
1ec12fc808
this spec is just refusing to work on jenkins
2013-06-28 16:07:36 +10:00
Sam
3c67cf8acd
remove timecop, specs were failing and we can avoid it here anyway
2013-06-28 15:14:44 +10:00
Neil Lalonde
8e50b49cf1
Try to fix specs that are failing in jenkins
2013-06-27 17:23:06 -04:00
Neil Lalonde
b1d0f30379
Fix AdminUser bulkApprove; add a way to approve a user without sending them the welcome email for cases when must_approve_users is enabled and there are existing users
2013-06-26 13:24:30 -04:00
Dmitriy Budnik
d12288de49
adding a missing User association
2013-06-24 17:08:49 +03:00
Sam
298949a343
missing dependency
2013-06-23 14:32:46 +10:00
Sam
4a8a663a67
flagging workflow changes per http://meta.discourse.org/t/we-need-an-archive-flag-notification-button/7450
2013-06-20 17:42:15 +10:00
Sam
799b402778
fix horribly broken invite code, could lead to inviting the wrong person to a conversation
2013-06-19 10:31:19 +10:00
Régis Hanol
454636abf1
annotate models
2013-06-17 02:49:34 +02:00
Juan de Dios Herrero
36fe8fbc6d
Added role scopes to roleable
2013-06-07 18:26:06 +02:00
Juan de Dios Herrero
1b92d9d7f8
Added roleable module for User model
2013-06-07 12:33:48 +02:00
Chris Hunt
f6ce985121
Send activation email after user approved
2013-06-06 18:37:25 -07:00
Robin Ward
bac03a3369
Merge pull request #975 from jd-erreape/username_refactor
...
[WIP] Refactored user_name suggestion methods into a module
2013-06-06 08:12:29 -07:00
Juan de Dios Herrero
96d23ddd8d
Refactored user_name suggestion methods into a module to reduce the complexity of User model
2013-06-06 16:40:10 +02:00
Ian Christian Myers
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Neil Lalonde
b55182b983
Use PostDestroyer when deleting all of a user's posts; deleting a post removes its flags and resets its flag counts
2013-06-05 16:05:13 -04:00
Robin Ward
dfba2b6e0a
FIX: Strip links from google indexed bios when the users are new.
2013-06-05 15:28:10 -04:00
Robin Ward
4392a17b54
Strip out links when displaying a new user's bio
2013-06-04 12:06:25 -04:00
Neil Lalonde
2259e97d42
Add a count of blocked users on the dashboard
2013-06-04 11:53:19 -04:00
Sam
d2c1eb090e
Merge pull request #921 from nirnanaaa/postgres-truefalse
...
removed t's and f's from models
2013-05-30 21:38:26 -07:00
Sam
e93b7a3b20
more progress towards live unread and new counts, unread message implemented, still to implement delete messages
2013-05-30 16:49:57 +10:00
Sam
33ff87bf44
work in progress, live unread / new counters
2013-05-30 16:49:57 +10:00
nirnanaaa
364113a4d5
removed t and f 's from group model
...
removed t and f 's from user model as mentioned in #919
removed t's and f's from category model
2013-05-29 22:10:43 +02:00
Sam
46389754d6
Merge pull request #892 from eriko/cas_support
...
Cas support
2013-05-28 16:13:29 -07:00
Sam
ca2dee52db
moved comments to the bottom, they are way less intrusive there
2013-05-24 12:48:32 +10:00
Sam
2cd95bc649
lets try out annotations
2013-05-24 12:35:14 +10:00
Erik Ordway
1575ce7b10
add cas support with a few tests
2013-05-23 13:40:50 -07:00
Robin Ward
7a31630837
Search Refactor: Remove some manual SQL, make search data tables more idomatic Rails/AR
2013-05-22 16:31:13 -04:00
Robin Ward
27828c5ec2
Merge pull request #871 from avdi/refactoring-with-josh-and-avdi
...
Various refactorings towards Ruby/Rails idiom from Josh Susser and Avdi Grimm
2013-05-21 07:18:50 -07:00
Leonard Garvey
b16705be0d
Clean up update_visit_record!
...
update_visit_record! appears to add user_visit record if one
doesn't exist and days_visited is simply a counter for the number
of visit records.
2013-05-18 16:02:06 +10:00
Leonard Garvey
32f4dfd2fb
DRY up the user model slightly
...
regular? is just the inverse of staff?
2013-05-18 16:00:35 +10:00
Josh Susser and Avdi Grimm
2acc80d192
Various idiomatic User refactorings.
2013-05-17 15:44:35 -04:00
Robin Ward
d554a59102
Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
...
to the same host enough tiles, they will not be able to post the same link again.
Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam
eb71e9de24
opening move, don't get rid of green notification till the pm is read
...
TODO a way to list all unread PMs
2013-05-16 16:37:47 +10:00
Sam
b6bf95e741
speed up startup (avoid loading some gems on startup)
...
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam
942f168ab6
UI still a tad rough, but we have a first pass of secure categories
2013-05-10 16:47:47 +10:00
Neil Lalonde
f35a44aeae
Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account
2013-05-08 10:10:47 -04:00
Sam
e9fc272db7
remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
...
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam
be1ab8b275
automatic group infrustructure
2013-05-06 14:49:56 +10:00
Sam
5ec52bd2e9
:s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff
2013-05-02 17:22:27 +10:00
Sam
e4a76812a6
this is a slightly round about way of making our self oneboxes sane
...
shrunk avatar to 60px, added global whitelisting
2013-05-01 16:38:13 +10:00
Sam
5cfcdc7ef0
backend for secure categories mostly done (todo pm groups)
2013-04-29 16:33:43 +10:00
Neil Lalonde
75cfcbfa4f
Need to require email in user.rb because specs can start failing when running guard
2013-04-18 14:27:04 -04:00
Régis Hanol
b24c1a1ad9
better consistency around email case sensitivity
2013-04-15 02:20:33 +02:00
Philipp Weissensteiner
3dcb1905e3
Refactor user controller, create action, mostly.
...
The gist of the commit are a few improvements in the
create action, where:
* long boolean statemenst have been wrapped in smaller more readable
methods.
* the 3rd party user info creation has been extracted (still in controller)
* a small helper method for creating a new user from params (to reduce
visual clutter)
* specs have been added where I came across untested methods/branches
Other changes are more trivial like formatting and whitespace fixes.
Hope this helps. Regards.
2013-04-13 00:53:59 +02:00
Neil Lalonde
651cfba93f
Add ability to destroy a user with 0 posts
2013-04-12 16:53:00 -04:00
Sam
5273657537
a method called "adding_user_record" is annoying me. 5 lines of code replaced with 2
2013-04-05 17:53:39 +11:00
Sam
ea8d69fbd6
fix my broken test
2013-04-05 17:47:54 +11:00
Sam
a2cca2540e
some minimal site settings diags
...
fix issue where days_visited was totally out of sync
2013-04-05 17:47:54 +11:00
Sam
a7f92ec0c1
topic reply count resync for each new post
2013-04-05 17:47:54 +11:00
Neil Lalonde
bb18b6cb9b
Dashboard: split out private messages from topic and post counts; re-enable report_spec because I think I fixed it...
2013-04-03 13:26:09 -04:00
Philipp Weissensteiner
c34f476b31
Improve suggest_username method in user.rb
...
The suggest_username method showed up on codeclimate
so I thought I'd give it some love and make it more readable.
In the process removed trailing whitespaces and had to fix a
terrible spelling error :)
2013-03-31 19:01:11 +02:00
Gosha Arinich
bdfa9b0508
create the User.admins and User.moderators scopes
2013-03-29 09:52:09 +03:00
Sam Bauch
77e3434d81
added email whitelist SiteSetting feature to replicate email blacklist. email_validator method now also uses the regex method for both the whitelist and blacklist.
2013-03-22 14:49:42 -04:00
Sam
62c60540be
pull moderator into own column, rename trust levels
2013-03-19 21:06:11 -07:00
Sam
2a047df4f1
cache reply_to_user_id in post to eliminate a very nasty n+1 query
2013-03-19 16:54:23 -07:00
Sam
1cd26a7dcf
oops
2013-03-18 23:44:21 -07:00
Sam
dd03f44968
optimise
2013-03-18 23:18:15 -07:00
Neil Lalonde
d9cdde9aa7
Add user counts for each trust level to admin dashboard
2013-03-15 18:09:02 -04:00
Sam
e62bb9922e
exceptions are BAD
...
the old code wacked on 10ms to every home page request, for no real reason.
2013-03-10 19:11:33 -07:00
Neil Lalonde
8927432a93
Add stats to the admin dashboard
2013-03-09 15:34:27 -05:00
Sam
325e28c3c8
wrong conditional
2013-03-08 17:24:54 -08:00
Robin Ward
4c7b0a42b5
Oops escape everything but image urls
2013-03-08 16:17:56 -05:00
Robin Ward
908bba8c13
First stab at oneboxing of meta.discourse.org
2013-03-08 15:59:12 -05:00
Robin Ward
d1d4530efd
User Profile enhancements:
...
- Added PreloadStore support to avoid duplicate requests
- preliminary SEO
- Support for opengraph/twitter cards
2013-03-08 15:04:37 -05:00
Robin Ward
f8d8272406
Cleaned up TopicUserSpec, introduces clearing of pinned topics
2013-03-07 12:19:25 -05:00
Robin Ward
6a63178411
Merge pull request #377 from kubabrecka/typos5
...
various typos in comments
2013-03-06 09:14:16 -08:00
Sam Saffron
8f56a09e82
PBKDF2 gem is trouble, removing and hand coding for now
2013-03-06 23:12:16 +11:00
Kuba Brecka
dc62136642
various typos in comments
2013-03-06 08:52:24 +01:00
Régis Hanol
239cbd2d58
enforce coding convention
...
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Gosha Arinich
0c99dea153
introduce Enum
2013-03-01 21:16:36 +03:00
Robin Ward
b66b17bf19
Merge pull request #300 from goshakkk/cleanup
...
Minor cleanup, using AR querying DSL over raw SQL in some places
2013-03-01 07:52:34 -08:00
Kirill Pimenov
a168dc915e
Secure gravatar
2013-03-01 00:58:36 +04:00
Gosha Arinich
6e5399d544
minor cleanup, using AR querying DSL over raw SQL in some places
2013-02-28 21:54:12 +03:00
Gosha Arinich
d2f3c829db
refactor User and TrustLevel a bit
...
* rename `User#password_required` to `User#password_required!`
* emails with "i" @ something are a special case as well
* get rid of `self.` and returns where possible
* prefer "unless a" instead of "if !a"
* `unread_notifications` without manually iterating
* introduce `User#moderator?`
* introduce `TrustLevel#valid_key?`, `TrustLevel#compare`, and
`TrustLevel#level_key`
2013-02-28 19:15:54 +03:00
Robin Ward
cf867a35ff
Merge pull request #271 from goshakkk/topic-refactor
...
Refactor Topic
2013-02-27 10:32:44 -08:00