Commit Graph

666 Commits

Author SHA1 Message Date
Guo Xiang Tan 08ffbf6c61 Use `Time.zone.now` instead. 2017-03-05 11:10:40 +08:00
Bianca Nenciu 30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Régis Hanol cb99f59ec3 reset bounce score when email is successfully changed 2017-02-20 10:37:01 +01:00
Neil Lalonde 3fb50d587d FIX: invited users and new TL1 users will see their first notification highlighted 2017-02-17 10:30:29 -05:00
Robin Ward 0e58e393a1 FIX: === and a better constant, thanks @ZogStriP 2017-02-13 13:14:19 -05:00
Robin Ward e1d358ffbf FIX: Don't clear the login hint when the system user is saved 2017-02-13 10:54:20 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Régis Hanol 84af84dc52 prevent inactive & staged users from being automatically added to a group 2017-02-06 17:49:27 +01:00
Guo Xiang Tan ec73224b5e PERF: Remove N+1 query when saving a user. 2017-02-03 15:03:33 +08:00
Guo Xiang Tan c01cee4aa6 PERF: N+1 query when saving a user. 2017-01-27 10:53:42 +08:00
Robin Ward 86c52c72f6 FIX: Deleting a user was not deleting their directory items 2017-01-16 11:46:52 -05:00
Guo Xiang Tan 63954c1b33 FIX: Same user record being saved twice causing validation to fail. 2017-01-16 16:41:03 +08:00
Guo Xiang Tan ed5fa20b0c Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
This reverts commit 9c40657ba4.

Calling this whenever a user is initialize is hurting us bad
on performance.
2017-01-16 09:44:10 +08:00
Guo Xiang Tan 980cea7081 FIX: Add length validation for `User#name`. 2017-01-03 13:42:33 +08:00
Guo Xiang Tan f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Neil Lalonde 9c40657ba4 FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level 2016-12-28 17:36:04 -05:00
Sam 0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan 13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Neil Lalonde 239d06b218 add Likes Recieved to possible stats in summary email 2016-12-12 14:20:25 -05:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Guo Xiang Tan f812415c52 Update annotations. 2016-11-24 10:13:03 +08:00
Guo Xiang Tan 8c6d8c85db Stop showing first notification prompt once user sees the notification. 2016-11-17 09:44:00 +08:00
Guo Xiang Tan 98c1e0832c FIX: Track first notification read using Redis. 2016-11-16 16:20:38 +08:00
Guo Xiang Tan 16fdcdfc00 FIX: Add conditions on when to show first pm notification. 2016-11-16 14:17:47 +08:00
Leo McArdle 784366f1a0 FIX: display only 1 trust level badge on user card
refactoring graciously provided by @xfalcox
2016-11-14 20:53:24 +00:00
Arpit Jalan 9e69798285 FEATURE: watch first post default site setting 2016-11-10 00:09:52 +05:30
Guo Xiang Tan b18439a1e2 Fix build. 2016-11-08 17:00:44 +08:00
Guo Xiang Tan a8b7599d4a FEATURE: Add a radial ping when user's first notification has not been read. 2016-11-08 16:23:12 +08:00
Erick Guan c463cf63d4 FEATURE: Webhook for user creation and approval 2016-09-19 10:12:55 +08:00
Sam 25a82e7d22 PERF: only publish notification state if we changed it
also publish seen_notification_id so we can tell what is new and what is old
cleanup controller so it correctly checks user
fix bug around clearing notification when people click mark read
2016-09-16 12:02:19 +10:00
Robin Ward 9609a47016 Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
Guo Xiang Tan 90a0327fd2 FIX: Check against reserved usernames should be case insensitive. 2016-08-31 21:53:41 +08:00
Sam 416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Jeff Atwood f8144f07fd purge 2x the unactivated old users 2016-07-27 03:29:00 -07:00
Sam df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
cpradio 64bdededd3 Allow plugins that implement OAuth and OAuth2 to show up under associated accounts in the Admin area. (#4333) 2016-07-18 09:02:41 +02:00
Guo Xiang Tan e4a82cdd85 Merge pull request #4306 from tgxworld/add_discourse_event_trigger_when_user_logs_out
FEATURE: Add event trigger when a user is logged out.
2016-07-05 19:50:46 +08:00
Régis Hanol 59680af329 disable email white/blacklisting for staged users 2016-07-04 16:05:01 +02:00
Guo Xiang Tan 22ade1f811
FEATURE: Add event trigger when a user is logged out. 2016-07-04 17:20:30 +08:00
Neil Lalonde 487c20959c FEATURE: max topics/replies per day for new users now starts counting from the first post, not signup date 2016-06-20 16:55:11 -04:00
Régis Hanol 470da6205c FIX: staged users should not watch/track/mute categories by default 2016-06-14 16:45:47 +02:00
Guo Xiang Tan cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
Sam 089b1d164c annotate models
(reminder run RAILS_ENV=test bin/annotate once in a while)
2016-05-30 10:45:32 +10:00
Neil Lalonde f13470b96b Use db schema for tags instead of plugin store and custom fields 2016-05-26 14:29:48 -04:00
James Kiesel feffe23cc5 FEATURE: More granular mailing list mode (#4068)
* Rearrange frontend to account for mailing list mode

* Allow update of user preference for mailing list frequency

* Add mailing list frequency estimate

* Simplify frequency estimate; disable activity summary for mailing list mode

* Remove combined updates

* Add specs for enqueue mailing list mode job

* Write mailing list method for mailer

* Fix linting error

* Account for stale topics

* Add translations for default mailing list setting

* One query for mailing list topics

* Fix failing spec

* WIP

* Flesh out html template

* First pass at text-based mailing list summary

* Add user avatar

* Properly format posts for mailing list

* Move make_all_links_absolute into Email::Styles

* Apply first_seen_at to user

* Send mailing list email summary hourly based on first_seen_at

* Branch and test cleanup

* Use existing mailing list mode estimate

* Fix failing specs
2016-05-21 15:17:54 +02:00
Arpit Jalan 74b3807f60 FEATURE: new bootstrap mode settings for brand new Discourse community (#4193)
* FEATURE: new bootstrap mode settings for brand new Discourse community

* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
Régis Hanol 2194ccec6e slightly better automatic flag reason messages 2016-04-25 23:03:17 +02:00
Régis Hanol 7d9f2265b9 FIX: improve support for handling emails coming from screened email addresses 2016-04-18 23:01:54 +02:00
Régis Hanol de9136a8f2 FIX: bypass TL0-specific validations on posts in a PM 2016-04-18 22:08:42 +02:00
Régis Hanol 868e70e817 FIX: ensure we only ever enqueue 1 UpdateGravatar job 2016-04-18 12:44:09 +02:00
Régis Hanol 8fcd359e2a Revert "FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues"
This reverts commit b7c16991f7.
2016-04-13 18:30:25 +02:00
Régis Hanol b7c16991f7 FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues
FIX: Don't queue more than 1 'update_gravatar' job per user
2016-04-13 18:12:28 +02:00
James Kiesel 609969bf6f Remove `has_many :views` from User (#4150) 2016-04-08 00:37:10 +02:00
Sam a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Régis Hanol 0bf001ccd7 FIX: badge grant count wasn't filtered to the current user in the user summary 2016-03-30 23:11:00 +02:00
Neil Lalonde 54f8bdd13b FIX: only validate username when changing it 2016-03-29 11:53:21 -04:00
Robin Ward 1006b1ba94 Various Plugin Enhancements and Extension Points 2016-03-11 15:53:37 -05:00
Robin Ward 5771d2aee2 SECURITY: Support for confirm old as well as new email accounts 2016-03-08 14:52:22 -05:00
Sam 32c681c96b annotate models 2016-02-23 10:33:53 +11:00
Sam f0e942f647 PERF: move 3 more option columns out of the user table 2016-02-18 16:57:22 +11:00
Sam 3829c78526 PERF: shift most user options out of the user table
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded

New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
Sam dd6ebde824 FIX: Always ensure notifications are treated as read once clicked
UX: improve messaging so notifications list is far more stable
PERF: improve performance of notifcation lookup queries

- Add feature "SetTransientHeader" that allows shipping info to server
   in the next Ajax request
- remove local storage hack used for notifications
- amend lookupStale to return hydrated objects, move logic into store
- stop magically clearing various notifications (likes, invitee accepted, group_summary, granted badge)
2016-02-15 19:29:47 +11:00
Arpit Jalan eec8436cfe FEATURE: filter admin reports via user group 2016-02-04 11:23:49 +05:30
Sam Saffron a764cc3a42 FEATURE: by default users track a group (as opposed to watch)
FEATURE: a rollup counting number of messages in the group inbox to tracking users
2016-01-27 21:38:33 +11:00
Sam Saffron 7303f8f309 FEATURE: first pass at user summary page 2016-01-20 15:14:25 +11:00
Régis Hanol 3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Sam Saffron c2e45c8377 Update annotate and annotate models 2016-01-11 17:30:56 +11:00
Sam 03ea0bfe22 FEATURE: allow users to archive messages
Messages are now in 3 buckets

- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with

You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly

Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
Sam a8b5192efd FEATURE: User page refactor
Re-organise user page so it is easier to find interesting info
split it into tabs

- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
Régis Hanol 1cde276656 FEATURE: ability to send emails to a group 2015-12-07 17:01:08 +01:00
Sam 88f1a8f0b1 Merge pull request #3821 from mpalmer/letter-avatar-proxy
Proxy letter avatars by default
2015-11-19 20:02:16 +11:00
Régis Hanol 92ba6125c4 FEATURE: new 'automatically_unpin_topics' user preference 2015-11-17 18:21:40 +01:00
Sam Saffron 6dd4bc7d57 FEATURE: support group owner, capable of controlling group membership
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members

Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
Matt Palmer af4a48a67c Use Discourse.current_hostname
Much cleaner.
2015-11-06 14:13:44 +11:00
Matt Palmer c09f345cff Proxy letter avatars by default
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service.  This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).

It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png`.
2015-11-06 14:13:44 +11:00
Arpit Jalan a439500bac FIX: do not mark post as spam if the previous flag was disagreed 2015-10-17 01:30:53 +05:30
Régis Hanol fe656fb04d FIX: select appropriate period when redirecting to top 2015-09-21 20:28:20 +02:00
Sam c1ecd6f4ce update annotations 2015-09-18 10:41:10 +10:00
Régis Hanol b9a9a91335 FIX: couldn't set 'never' for the default email digest frequency setting 2015-09-14 10:36:25 +02:00
Sam f948ee9e26 FIX: ensure letter avatar service uses same algorithm 2015-09-14 09:42:21 +10:00
Régis Hanol 93f9dcfcec FIX: don't overwrite custom uploaded avatar when selecting gravatar
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
Régis Hanol 0c58f08207 FIX: profile picture selector 2015-09-11 15:10:56 +02:00
Sam 6437cd0341 FEATURE: add support for generic external avatar services
This changes it so we only ship an avatar template down to the client
it has no magic, all it knows is how to plug in size
2015-09-11 15:10:56 +02:00
Sam 90d49d1497 correct paths used for external service 2015-09-11 13:18:07 +10:00
Régis Hanol 2742602254 FEATURE: support for external letter avatars service 2015-09-11 02:12:40 +02:00
Régis Hanol e43034f08f Revert "FEATURE: SVG letter avatars (based on @eviltrout's spike)"
This reverts commit cd77465788.
2015-09-11 00:23:52 +02:00
Régis Hanol cd77465788 FEATURE: SVG letter avatars (based on @eviltrout's spike) 2015-09-11 00:11:48 +02:00
Sam 335be272ff FEATURE: implement capping of new/unread
We cap new and unread at 2/5th of SiteSetting.max_tracked_new_unread

This dynamic capping is applied under 2 conditions:

1. New capping is applied once every 15 minutes in the periodical job, this effectively ensures that usually even super active sites are capped at 200 new items

2. Unread capping is applied if a user hits max_tracked_new_unread,
  meaning if new + unread == 500, we defer a job that runs within 15 minutes that will cap user at 200 unread

This logic ensures that at worst case a user gets "bad" numbers for 15 minutes and then the system goes ahead and fixes itself up
2015-09-07 12:03:17 +10:00
Sam a54e8f3c5e FEATURE: live refresh notifications as they happen 2015-09-04 13:20:33 +10:00
Régis Hanol 5984b62347 FIX: ensure we remove 'category_users' records when a user is deleted 2015-09-02 20:43:15 +02:00
Robin Ward f9717da28f Merge pull request #3695 from riking/patch-10
FIX: Consider reserved usernames as not 'available'
2015-08-26 10:51:50 -04:00
Sam ea9bc68ee5 PATCH: in some cases this is being turned to a string workaround for now 2015-08-26 16:19:21 +10:00
Kane York 1586886bf9 FIX: Consider reserved usernames as not 'available'
https://meta.discourse.org/t/reserved-usernames-ignored-by-invites/32490
2015-08-25 17:24:07 -07:00
Sam 84fdc655ad correct retry logic 2015-08-24 10:28:38 +10:00
Régis Hanol bef80633b1 FEATURE: global admin override of most of the user preferences 2015-08-21 20:39:21 +02:00
Régis Hanol 49996bcdea FIX: don't suggest name when email is empty 2015-08-20 11:59:28 +02:00
Arpit Jalan eb941475fa FIX: mark invite accepted notification as read 2015-08-13 11:11:54 +05:30
Neil Lalonde 782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Robin Ward b52e5d1536 FIX: `default_avatars` wasn't being used for some server side templates 2015-06-26 13:38:09 -04:00
Régis Hanol 189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron feeb509a97 SECURITY: expire all existing email tokens on password reset 2015-06-06 03:50:06 +10:00
Sam Saffron 4171eb758c SECURITY: expire all existing sessions if user changes passwords 2015-06-06 03:09:19 +10:00
Sam Saffron 83559bbf45 posts read may enter concurrently, retry 2015-06-01 11:55:07 +10:00
Régis Hanol acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Luke Granger-Brown 9f9825bb6b FIX: don't send emails to anonymous users
Also changes behaviour of real to not return anonymous users.

This means user counts will no longer include them, and the
mailing list system will ignore them even if they somehow end up
with the feature turned on.
2015-05-11 00:56:34 +01:00
Neil Lalonde 963ebf5963 FIX: if approving a user when must_approve_users is false, don't send an email 2015-05-04 15:30:25 -04:00
Robin Ward 4745eca4ad FIX: Don't abort PurgeInactive if they have posts. Just skip. 2015-05-04 11:37:49 -04:00
Sam 803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Neil Lalonde b2fd69a675 FIX: avatar_template when using relative_url_root 2015-04-28 20:58:46 -04:00
Robin Ward 151b559e4c FIX: If you delete a user, delete their queued posts as well. 2015-04-24 16:04:44 -04:00
Robin Ward 5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Régis Hanol 80b2935e11 FIX: prevent DOS when fixing avatar in quotes 2015-04-24 11:14:10 +02:00
Régis Hanol a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Sam Saffron 296add56e6 correct letter avatar template 2015-04-20 13:07:12 +10:00
Sam 51b747346e PREF: speed up grabbing unread counts 2015-04-17 16:01:20 +10:00
Sam 4bfca12b11 FEATURE: anonymous_account_duration_minutes , cycle anon accounts after N minutes from last post
fixes it so anon users can not like stuff
2015-04-08 12:30:02 +10:00
Neil Lalonde 30b063c08b FEATURE: make full names a required field of user profiles with the full_name_required setting 2015-04-02 17:08:04 -04:00
Régis Hanol 10b8eca9a6 fix the build 2015-03-30 12:48:20 +02:00
Régis Hanol 588667b1e4 FEATURE: fix avatar in quotes when changing avatars 2015-03-30 12:31:10 +02:00
Sam 5aa1272f05 clean up first day user definition and object model 2015-03-26 16:48:36 +11:00
Sam 9834d11503 Staff and TL2 up are immune to newuser checks and not considered new users 2015-03-26 16:04:46 +11:00
Sam 92e371f0b3 FEATURE: civilized mute
Allow user to mute all notifications generated by specific users
2015-03-24 11:55:22 +11:00
Régis Hanol 6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Régis Hanol e74b9ee5da FIX: should not count disagreed flags 2015-02-19 18:11:07 +01:00
Sam 67f404d281 FIX: remove notifications on deleted topics from the stream 2015-02-19 12:40:00 +11:00
Robin Ward 3ce2077aa8 Migrate unsubscribe keys to the database.
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
riking 06f02ce9fc FIX: 🈂️ Allow closing polls in multi-locale sites 2015-02-05 19:55:03 -08:00
Arpit Jalan 6c410ed093 FIX: strip whitespaces from user email 2015-01-30 01:44:24 +05:30
Régis Hanol efd65dcc8c hard match domains for automatic group membership 2015-01-26 23:17:29 +01:00
Régis Hanol 256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
riking 1ab0d6bd82 FEATURE: Log username changes by staff
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
Jason W. May a2b284a0a4 table & model changes for group managers with permission to edit membership 2015-01-15 11:44:42 -08:00
Régis Hanol e20078a9dc PERF: fix performance issue when displaying the user card for admins 2015-01-05 19:49:32 +01:00
Erick Guan 97b3914b70 FIX: use utc time when generate reports; set boundary 2014-12-30 22:43:03 +08:00
Régis Hanol 521226f4c9 FIX: registration fails with timeout on gravatar 2014-12-15 22:10:27 +01:00
Régis Hanol 929ff00741 FIX: use excerpt instead of the summary 2014-12-06 18:48:39 +01:00
Jeff Atwood ea269ccfb2 rename purge_inactive to purge_unactivated 2014-12-02 21:36:25 -08:00
Robin Ward cb0e7a5724 For performance reasons, use `delete_all` when removing a user's email logs 2014-11-28 14:20:43 -05:00
Sam 6bed4e1bf0 add allowed_ips to api_keys
update annotations
2014-11-20 14:53:15 +11:00
Robin Ward 068d22e9b3 Add API support for querying admin reports by date range 2014-11-05 13:11:37 -05:00
cpradio 8f390c979b FEATURE: Mark All as Read button for Notifications page
Added a Mark All as Read button to the top/bottom of the notifications user page
https://meta.discourse.org/t/possibility-to-selectively-or-completely-mark-notifications-as-read/20227

Remove notifications property (no longer used)
2014-10-13 06:31:27 -04:00
Sam 0e7be81e60 FIX: badge granted titles were not being revoked when badge was revoked 2014-10-08 10:26:18 +11:00
Sam 37af13f6ea FIX: badge notifications are marked read by the system after opening 2014-10-02 16:08:31 +10:00
Sam 72a28aeb7c FEATURE: always show highest trust level badge in card
FEATURE: fa-user icon for trust level badges
2014-10-02 16:08:31 +10:00
Robin Ward edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
riking bff95a6a97 Rename 'leader' -> 'tl3' 2014-09-30 13:16:34 +10:00
riking c8111ada6e FEATURE: Allow admins to lock users from TL3 promotion/demotion
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
Régis Hanol 7e309a21cf FEATURE: hide emails behind a button for staff members 2014-09-29 22:31:05 +02:00
Sam c248d28c38 FEATURE: display associated accounts in admin user 2014-09-25 16:15:01 +10:00
Régis Hanol 7bc223ef7c FEATURE: improve flags reminder email 2014-09-23 18:37:31 +02:00
riking 2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Robin Ward 334e21a03a Revert "Revert "FEATURE: Can create warnings for users via PM""
This reverts commit 1c7559380c.
2014-09-08 11:11:56 -04:00
Robin Ward 1c7559380c Revert "FEATURE: Can create warnings for users via PM"
This reverts commit b0bfc1f93f.
2014-09-08 10:38:59 -04:00
Robin Ward b0bfc1f93f FEATURE: Can create warnings for users via PM 2014-09-08 10:27:06 -04:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
riking 54484ca18a "FIX": Add error reporting to NotifyMailingListSubscribers
Also skip unactivated users, which may actually fix this
2014-09-03 14:53:05 -07:00
Robin Ward 0ae3c327de Add a message to the staff logs indicating why a user was purged 2014-08-27 16:05:07 -04:00
Sam 414c6d191f FIX: remove nullable dates post upgrade to Rails 4 2014-08-27 15:19:25 +10:00
Neil Lalonde 00c28f2391 Show total likes given. Put likes given/received and flags given/received together. 2014-08-22 15:23:19 -04:00
Neil Lalonde dafc63e3a0 Show how many likes users received in the last 100 days on their admin profile page 2014-08-22 14:37:07 -04:00
Neil Lalonde 5454c1ed24 Updated model anotations 2014-08-22 13:01:44 -04:00
Robin Ward 3235f2c477 FIX: Don't try and delete inactive admins, rare as they may be. 2014-08-19 13:47:01 -04:00
Akshay 3fd784b513 removed useless assignments at some places 2014-08-19 18:10:23 +05:30
Robin Ward ba15a6a9ea PERF: Only delete 100 inactive users at once 2014-08-13 17:56:40 -04:00
Régis Hanol 4c4ce05964 FIX & PERF: vanilla import
PERF: disabled refresh_avatar callback when importing users
PERF: avoid using UsernameSuggester when not needed
FIX: categories wasn't working
FIX: posts from deleted users are now from the system user
2014-08-13 22:20:06 +02:00
Robin Ward 7ed969f0c7 Site Setting to customize how frequently inactive users are purged 2014-08-13 15:11:19 -04:00
Robin Ward 3c6673aceb Purge inactive accounts that are older than 7 days 2014-08-13 14:13:41 -04:00
Sam 22cd259687 FIX: remove faulty "ensure consistency" badge job 2014-08-11 09:21:06 +10:00
Sam b5045a005f PERF: last seen index on users 2014-08-07 13:33:11 +10:00
Sam cb0ecd9ff1 PERF: store topic views in a topic view table
* cut down on storage of the work Topic, 3 times per row (in 2 indexes)
* only store one view per user per topic
* only store one view per ip per topic
2014-08-04 19:07:55 +10:00
Sam e7e70d14da Merge pull request #2591 from BenLubar/benlubar-edit-history-public
add profile option for edit history visibility
2014-07-30 14:09:10 +10:00
Régis Hanol bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
Ben Lubar 44dc4b4a17 add profile option for edit history, visible only when edit history is disabled globally. 2014-07-26 23:04:46 -05:00
Sam 0f9678fe49 FIX: faster update of all badges
Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden

Delta badge grant happens once a minute, backed by redis
2014-07-23 11:46:07 +10:00
Sam bfb37054e8 Badge Grouping work in progress 2014-07-17 16:11:10 +10:00
Neil Lalonde 939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde 01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Sam 59c399c50a FIX: count distinct badges for totals. 2014-07-16 16:21:46 +10:00
Robin Ward f2dd35ab08 Improve the unsubscribe to digest experience. Give a link in case it
fails, provide a different message if you are logged in as a different
user, increase expiry to 2 months from 1 week.
2014-07-15 17:20:59 -04:00
Sam 88469721b9 FEATURE: Allow admins to disable specific badges 2014-07-14 17:40:36 +10:00
Sam 8fcc019ff8 FIX: only allow badge title selection if it exists 2014-07-09 15:31:49 +10:00
Sam 9a9ad9bda8 FEATURE: Badge progress
- Refactor model so it stores backfill query
- Implement autobiographer
- Remove sample badge
- Correct featured badges to only include a badge once
2014-07-03 17:29:44 +10:00
Régis Hanol c0cd109e9d TRIVIAL: code formatting 2014-06-26 19:50:29 +02:00
Andrew Bezzub 386d1e231a move profile_background from User to UserProfile 2014-06-26 12:30:07 -04:00
Sam 56dcd00570 BUGFIX: trust_level_0 group not including trust_level_1
BUGFIX: manual trust level change not adding user to groups
BUGFIX: system not in correct trust level groups
2014-06-17 10:52:02 +10:00
Andrew Bezzub 9ffd173873 move bio to UserProfile from User 2014-06-13 14:55:32 -04:00
Andrew Bezzub 7db31adf35 move website from User to UserProfile 2014-06-06 21:54:32 -07:00
Sam fa6f22dd39 Move letter avatars out of upload system
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Sam 5adc486cef BUGFIX: missing avatars in topic map
Cleanup uneeded column
2014-05-29 14:59:14 +10:00
Sam d9f51961c4 BUGFIX: pick gravatar if it was just downloaded
BUGFIX: don't go rebaking unless all avatars are downloaded
2014-05-28 16:54:21 +10:00
Sam b1d5f4440b Annotate models 2014-05-28 12:30:57 +10:00
Robin Ward 7c22d738b6 FEATURE: Add a location field to a user's profile 2014-05-27 13:54:04 -04:00
Sam 1e28668e9f missed one spot where route changed 2014-05-28 01:09:01 +10:00
Sam 504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam 6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam ff6755f1e5 Merge pull request #2343 from knutaldrin/patch-1
Fix suspended scope
2014-05-23 12:56:32 +10:00
Knut Aldrin Wikström 579f2bf7b8 Fix suspended scope
:non_suspended should check if suspension is <= NOW, else one could end up in neither group.
2014-05-15 15:47:49 +02:00
Vikhyat Korrapati c07244a4e6 Refactor BadgeGranter.update_trust_level_badges! -> update_badges. 2014-05-14 21:01:41 +05:30
Vikhyat Korrapati b144b75565 Add automatically assigned trust level badges. 2014-05-14 20:47:21 +05:30
Sam 34d1668f9f FEATURE: backend for inviting a user to a group 2014-05-09 18:22:35 +10:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol c21d3f41d0 BUGFIX: only redirect new users to top page once
Actually, new users will still be redirected to the top page during the first 30 seconds of their first visit.
2014-05-05 19:00:40 +02:00
Sam f6c22cc299 Merge pull request #2297 from ligthyear/custom-fields
Custom fields for Topic, Category, Post and Group
2014-04-30 13:15:50 +10:00
Benjamin Kampmann 0cf07d41ae Move Concern from lib into app/models. refs #2279 2014-04-29 19:26:43 +02:00
Benjamin Kampmann e6e03a1a96 move custom fields into its own concern 2014-04-29 19:26:42 +02:00
Robin Ward 359d59242e If a new user receives a mention, quote or response to their post, allow
them to continue posting in a topic.
2014-04-29 12:59:14 -04:00
Sam e88e43bfb6 Merge pull request #2279 from fantasticfears/concern
move concerns to the model/concerns
2014-04-28 09:48:33 +10:00
Régis Hanol f8d9fb7bdc Revert "Merge pull request #2284 from jaimeiniesta/patch-1"
This reverts commit a6b88d1e7e, reversing
changes made to 9bee0b6e2d.
2014-04-25 11:40:38 +02:00
Sam a6b88d1e7e Merge pull request #2284 from jaimeiniesta/patch-1
escape gravatar URLs to comply with W3C standards
2014-04-24 12:56:16 +10:00
Sam 05efc8df16 BUGFIX: likes would cause whole post to re-render 2014-04-24 12:42:04 +10:00
Robin Ward af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Sam a3b2b4baca FEATURE: custom fields on User 2014-04-22 13:52:13 +10:00
Jaime Iniesta 6084cb969d escape gravatar URLs to comply with W3C standards
This fixes an HTML validation error due to & not being properly escaped on the gravatar URLs.
2014-04-21 00:46:00 +02:00
Erick Guan 6d45f71254 move concerns to the model/concerns 2014-04-19 12:00:40 +08:00
Vikhyat Korrapati 843023d7c9 Fix user_badges n+1 query. 2014-04-17 21:58:05 +05:30
Vikhyat Korrapati 4c0f85650e Display badge count in the user admin page. 2014-04-16 18:08:10 +05:30
Vikhyat Korrapati e0a4959dc9 Sort featured badges by badge type first, followed by grant count. 2014-04-16 18:08:10 +05:30
Sam 862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol 2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam b0ed9082b3 FEATURE: Hidden site setting for max username length 2014-04-14 12:55:33 +10:00
Régis Hanol 6373de550f update annotations 2014-04-08 17:35:44 +02:00
Sam d71f62a9f9 Merge pull request #2180 from tomciopp/master
More idiomatic approach to finding drafts
2014-04-08 16:46:24 +10:00
Régis Hanol ef24a4c71c FEATURE: add redirect_users_to_top_page site setting (default to true) 2014-03-31 21:53:38 +02:00
Thomas Cioppettini 38882eb1a7 Remove threequals from ruby files 2014-03-26 12:20:41 -07:00
Sam 7e7c4efcc0 FEATURE: on initial boot hint users on how to get admin 2014-03-24 18:03:39 +11:00
Sam 5c148faeb9 annotations were out of date 2014-03-20 15:35:51 +11:00
Sam 02963b03dc BUGFIX: last_seen_at can be nil 2014-03-17 12:42:51 +11:00
Sam fe63db7953 Merge pull request #2115 from vikhyat/badge-system
Initial badge system implementation
2014-03-17 10:06:37 +11:00
Vikhyat Korrapati 9b26c8584e Initial badge system implementation. 2014-03-14 21:49:26 +05:30
Neil Lalonde 9ca516e58d Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.) 2014-03-12 12:39:36 -04:00
Régis Hanol 8214536614 BUGFIX: don't show redirect reason if you aren't redirected
Move the redirect to top page logic server-side and make sure the reason
is not shown when top is not in the navigation menu (top_menu).
2014-03-07 18:58:53 +01:00
Stephen Birarda 4a2dab9c5e allow for custom min_username_length
change constant in user to be global range and not default
2014-03-04 16:37:05 -08:00
Robin Ward 4b61d6af28 BUGFIX: new date was incorrect 2014-03-03 16:11:59 -05:00
Robin Ward 3abe84941f FEATURE: Add `new_since` column to `UserStat` so we can reset the "New"
date.
2014-03-03 15:47:00 -05:00
Sam 6f31d3f0e5 FEATURE: single sign on support
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
Neil Lalonde b696c96a19 Look at the age of a user's first post to determine if the user can be nuked, instead of looking at when the user registered. 2014-02-20 12:29:40 -05:00
Erik Ordway 8fc5c66c55 this needs to go but did not show up in my tests but did on travis 2014-02-11 18:13:24 -08:00
Robin Ward e511e8a80b Link to groups from user profile 2014-02-07 10:44:51 -05:00
Sam 93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Sam be560d4eb6 Update annotations 2014-02-07 11:07:52 +11:00
Sam 227873df78 FEATURE: proper mailing list mode
once enable_mailing_list_mode is enabled any user can elect
to get every post via email unless they opt out of category or topic
2014-02-07 11:07:52 +11:00
Neil Lalonde c8bc9bd5db Show discourse logo as system user avatar 2014-01-29 12:29:05 -05:00
Neil Lalonde 7cc5da08fe Track how many posts a user reads each day in user_visits 2014-01-27 11:20:19 -05:00
Neil Lalonde ae3b53bb76 Add a page in admin to view trust level 3 requirements for a user. Only shows for users who are currently at trust level 2. 2014-01-22 18:17:45 -05:00
Neil Lalonde ba74226346 FIX: invited users get clearer messaging when setting a password for the first time 2014-01-21 12:42:26 -05:00
Régis Hanol 129617b415 Lots of bugfixes
BUGFIX: navigation bar should always activate the right tab (even when diging into a top period)
BUGFIX: /top pages titles
BUGFIX: no "edit category" button on /top page after visiting a category
BUGFIX: properly hide category columns when there is no children category (on both filter + top pages)
BUGFIX: promises not caught when scrolling down a topic list to load more of them
BUGFIX: CSS on category dropdowns
Updated `top_menu` i18n with available filters
2014-01-18 19:27:25 +01:00
Régis Hanol c1a66b70bb BUGFIX: use previous_visit_at instead of last_seen_at to determine the best period to display in the top summary 2014-01-16 01:36:32 +01:00
Neil Lalonde 4f6b208e8d Posts by trust level 3 users do not have nofollow on their external links. 2014-01-15 11:40:51 -05:00
Régis Hanol e732aa8a86 BUGFIX: we should not store absolute urls for locally uploaded avatar templates
Highly recommended to run: `RAILS_ENV=production bundle exec rake avatars:regenerate` to fix the avatar templates stored in the database.
2014-01-07 17:45:06 +01:00
Neil Lalonde a897c2b091 Add default_external_links_in_new_tab site setting 2014-01-02 15:27:37 -05:00
Robin Ward f145060315 Don't employ the "too many replies" if the user is staff, or if they created the topic.
See: http://meta.discourse.org/t/what-is-the-point-of-limiting-new-users-to-three-replies-per-topic/11696
2014-01-02 12:57:40 -05:00
DV Suresh 24886c300b Correct few spelling in the comments 2013-12-21 01:19:22 -06:00
Neil Lalonde 33c6997ded Move password validation into PasswordValidator 2013-12-19 16:15:47 -05:00
Robin Ward 1cac9fa257 New users can only post `newuser_max_replies_per_topic` times per topic. 2013-12-19 13:45:55 -05:00
Sam 2db3cfb16b annotate models 2013-12-05 17:40:35 +11:00
Régis Hanol 82b78ec6ba schemaless avatar urls 2013-11-22 19:18:45 +01:00
Régis Hanol 3cf5a363f7 do not destroy uploads when destroying a user 2013-11-22 18:29:07 +01:00
railsaholic 34bba737ff Refactor SessionController#create, reduce complexity.
Don't compromise readablity
2013-11-15 22:09:03 +05:30
sirMackk af67284995 User ctrl refactor - breaks up large methods, moves some logic into model
Includes missing methods from backup for travis to pass

fix missing code, failing specs

keep params handling in the controller.
2013-11-09 18:44:13 +05:30
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde 92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Robin Ward f7d6ab579c Merge pull request #1571 from novemberkilo/master
Refactor User#update_last_seen! and User#update_tracked_topics
2013-10-29 08:28:08 -07:00
Sam 95e936c299 cleanup API for looking up a user by email or username, add specs, fix invalid auto association in open id provider 2013-10-28 16:29:07 +11:00
Manoj 96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Navin Keswani 6ce80fd148 Refactor User#update_last_seen! and User#update_tracked_topics 2013-10-23 23:27:30 +02:00
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Robin Ward 2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Manoj 868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Neil Lalonde 0eaf32db45 Add a message to flags created because of the newuser_spam_host_threshold site setting 2013-10-17 15:08:11 -04:00
Manoj 7c03076c2a Refactored Topic#limit_topics_per_day to reduce code climate complexity
Extracted  1) #apply_per_day_rate_limit_for, method as generic
RateLimiter , 2) #limit_first_day_topics_per_day as a separate method,
3) Added User#added_a_day_ago?, 4) Fixed private methods indentation.
2013-10-16 14:58:18 +05:30
Neil Lalonde 3c2c6ab24b Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic. 2013-10-11 13:34:05 -04:00
Sam 5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Sam 441010ac65 optimise view count calculation query 2013-10-02 17:08:53 +10:00
Robin Ward 7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward fcff4e80d1 New `user_stats` table to keep track of queried information on a user.
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00
Robin Ward 2319924206 Adds a class that can detect whether a user has uploaded a custom avatar 2013-09-10 15:39:11 -04:00
Sam 162d94aa02 improve secure_category_id query 2013-09-10 14:29:02 +10:00
Sam 41a1b6942d notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Neil Lalonde 117fc8db58 Change the way nuked users' posts are handled. Allow null in the user_id column of posts. Show these posts in the posts stream. 2013-09-04 15:42:21 -04:00
Sam 61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Sam dfa5a8a83f annotate models 2013-08-28 10:52:06 +10:00
Navin Keswani d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Neil Lalonde 6e79197519 Enum site settings can have translatable names in dropdown. Add setting for how often users get digest emails by default: default_digest_email_frequency. 2013-08-23 17:36:25 -04:00
Sam 472f0684c3 Merge pull request #1345 from salbertson/refactor-find_by_username_or_email
Improve test coverage and refactor User.find_by_username_or_email
2013-08-22 17:14:06 -07:00
Neil Lalonde 3b15e2e58e Banned users are not returned as pending review users 2013-08-22 19:23:49 -04:00
Scott Albertson 1dbe1fb1bc Refactor User.find_by_username_or_email
* Improve test coverage
2013-08-22 09:40:07 -07:00
Sam c0c929be5a optimise query that runs every 10 minutes and takes out the user table 2013-08-20 17:40:22 +10:00
Michael Kirk 4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol 2119774fb6 FIX: custom avatars in email 2013-08-16 09:58:20 +02:00
Régis Hanol c9969738bf FIX: N+1 query for avatars when searching for users 2013-08-16 00:26:49 +02:00
Sam b55c9e391d Merge pull request #1333 from fabianoleittes/fix_type_url
Fix url not to be nil
2013-08-14 20:04:00 -07:00
Fabiano Leite 4df8babb9a Fix url not to be nil 2013-08-14 21:55:25 -03:00
Robin Ward 8fa9c51bf4 FIX: New avatar regression with mixed case email addresses. 2013-08-14 13:05:57 -04:00
Régis Hanol 4866f4d8f5 FIX: N+1 query for avatars 2013-08-14 15:25:05 +02:00
Régis Hanol 5ca187ba57 only the host part of an email address is case insensitive 2013-08-14 19:31:35 +02:00
Régis Hanol c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Robin Ward 6452962f36 FIX: Notification counters were being updated incorrectly. 2013-08-09 12:12:56 -04:00