Commit Graph

687 Commits

Author SHA1 Message Date
Sam Saffron e283e6aea0 FEATURE: allowed_iframes site setting for allowing iframes
This allows you to whitelist custom iframes if needed in posts
2017-09-01 10:15:44 -04:00
Bianca Nenciu bb3a5910d7 Support for sending PMs to email addresses (#4988)
* Added support for sending PMs to email addresses.

* Made changes after review.

* Added settings validator.

* Fixed tests.
2017-08-28 12:07:30 -04:00
Erick Guan 1646bc0031 FIX: fails loud if default setting is not set
Noted:
- `push_api_secret_key` is set in initializer. Shimed with ''
- `default_theme_key` is set in seeding. Shimed with ''
2017-08-15 12:07:25 +02:00
Robin Ward 6ecb7cdff4 UX: Support for `none` style of category badge 2017-08-07 12:49:19 -04:00
Guo Xiang Tan 3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan 439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Robin Ward a3ef814245 UX: Show proper HTML for category preview in site settings 2017-08-04 13:56:27 -04:00
Neil Lalonde d1576298ef add shadowed_by_global to allow_restore 2017-08-03 15:10:11 -04:00
Sam f6bc572fb8 FEATURE: option to enable inline oneboxes for all domains
Also, change to prefer title over open graph which is often way too sparse
2017-08-02 14:27:31 -04:00
Erick Guan 468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Régis Hanol 88ba052446 secure default for the 'find_related_post_with_key' site setting 2017-08-01 00:03:04 +02:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Régis Hanol c7c93e7159 FEATURE: new 'strip image metadata' site setting 2017-07-25 11:48:39 +02:00
Robin Ward 2f8f2aa1dd FEATURE: Whitelists for inline oneboxing 2017-07-21 15:41:47 -04:00
Sam Saffron d0c5205a52 Feature: Change markdown engine to markdown it
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
Robin Ward 6b6ad9391b Clean up job for search logs 2017-07-14 14:30:58 -04:00
Robin Ward 97e211f837 FEATURE: Log Search Queries 2017-07-14 14:30:58 -04:00
Neil Lalonde 3ebd8838af FEATURE: cross-domain tracking for Google universal analytics 2017-07-13 15:21:44 -04:00
Sam 79a084dd58 Revert "remove old markdown engine work-in-progress"
This reverts commit ee470b5317.
2017-07-12 18:10:51 -04:00
Sam Saffron ee470b5317 remove old markdown engine work-in-progress 2017-07-12 17:44:40 -04:00
Jeff Atwood 5be9bee230 safe to default to read only off during backups 2017-07-12 04:52:17 -07:00
Sam d29a0eeedf allow global shadow for new markdown engine 2017-07-10 12:22:15 -04:00
Guo Xiang Tan 2255724637 UX: Add validator for `SiteSetting#sso_overrides_email`. 2017-07-10 10:08:55 +09:00
Arpit Jalan 5b67cd1937 Merge pull request #4956 from techAPJ/pm-recipients
FEATURE: new site setting to limit message recipients
2017-07-06 22:57:33 +05:30
Arpit Jalan 7cffbc8ba8 FEATURE: new site setting to limit message recipients
New site setting `max_allowed_message_recipients` to limit message
recipients

https://meta.discourse.org/t/one-of-my-users-just-group-messaged-100-other-user-with-a-spam-offer/65612/7?u=techapj
2017-07-06 22:52:49 +05:30
Robin Ward 4f66083121 Allow version_checks to be shadowed by global 2017-07-06 10:41:53 -04:00
Sam fbb5600c8e expose enable_experimental_markdown_it
expose the site setting that enables the CommonMark engine
2017-06-28 16:51:49 -04:00
Sam 4c5109ff5b FEATURE: site setting for Markdown typographer
It ships anyway with markdown.it so we might as well expose it
2017-06-27 16:50:13 -04:00
Sam e6cc07fc43 FEATURE: twitter is the new default emoji set 2017-06-26 16:51:55 -04:00
Sam 234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Leo McArdle 5e0efb3410 FEATURE: setting to only use the key when finding the related post of an email reply
this fixes email-in threading problems when using a SMTP server which modifies the message_id
header, like Amazon SES
2017-06-19 12:22:44 +01:00
Robin Ward 009f0921dc FEATURE: Whitelist hosts for internal crawling 2017-06-13 12:59:54 -04:00
Guo Xiang Tan c5caa9cf71 Revert "FIX: Disable request membership button if user does not have sufficient trust level."
This reverts commit 5f441a2614.
2017-06-13 17:49:21 +09:00
Régis Hanol 54e8fb0d89 FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting 2017-06-12 22:41:29 +02:00
Arpit Jalan a1ebd67237 Revert "FEATURE: new setting to prioritize open topics in search" 2017-06-03 01:54:35 +05:30
Arpit Jalan b8a87a0996 FEATURE: new setting to prioritize open topics in search 2017-06-03 00:33:53 +05:30
Guo Xiang Tan 5f441a2614 FIX: Disable request membership button if user does not have sufficient trust level. 2017-06-02 16:06:25 +09:00
Arpit Jalan 796a2967af hide invites_per_page site setting 2017-05-24 11:30:43 +05:30
Robin Ward 93a5fc62bf FEATURE: A site setting to prevent crawling on private IP blocks 2017-05-23 11:56:06 -04:00
Sam 2a5a01af2e improve error on theme upload, add gif to allowed uploads 2017-05-17 16:29:09 -04:00
Sam 47ce674798 PERF: bypass wizard check after 15 topics are created 2017-05-12 10:18:43 -04:00
Régis Hanol 9641d2413d REFACTOR: upload workflow creation into UploadCreator
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Sam bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Robin Ward 4db76796b9 FEATURE: Setting to poll feeds more frequently 2017-05-10 14:30:12 -04:00
Robin Ward 57a2042ef6 FIX: Quiet server side errors for requesting json for account-created 2017-05-04 12:30:13 -04:00
Régis Hanol 1706036f2b Allow a `post_edit_time_limit` of up to 1 year 2017-05-03 16:06:55 +02:00
Neil Lalonde 0722ffadf1 Remove site settings enforce_global_nicknames and discourse_org_access_key 2017-05-01 14:53:16 -04:00
Jeff Atwood a26483bfd6 missed a file again 2017-04-27 16:39:27 -07:00
Jeff Atwood 52007222fc more realistic maximum password values 2017-04-27 16:38:50 -07:00
Régis Hanol 0ec15af970 restore the 'incoming_email_prefer_html' site setting 2017-04-27 14:31:11 +02:00
Robin Ward bf9c4a7828 FEATURE: secure_email site setting to prevent data going out in email 2017-04-26 13:05:56 -04:00
Régis Hanol b76674f640 FEATURE: convert incoming emails in HTML to markdown
- remove incoming_email_prefer_html site setting
- remove HtmlCleaner class
2017-04-26 16:49:06 +02:00
Arpit Jalan 6bafb74e67 raise max value for max_image_size_kb to 102400 2017-04-25 15:22:35 +05:30
Arpit Jalan 4e0b18544e FIX: sane max value for max_image_size_kb & max_attachment_size_kb setting 2017-04-25 15:16:33 +05:30
Arpit Jalan 9eff4f0807 FIX: all basic integer settings should have max value validation 2017-04-21 07:09:41 +05:30
Arpit Jalan c9c7ec799f FIX: add minimum value for invites_per_page setting 2017-04-14 17:58:18 +05:30
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Régis Hanol 2d9b31b147 allow 'max_image_megapixels' up to 150MB 2017-04-11 07:44:10 +02:00
Arpit Jalan ac051d70ef FIX: use enum values for trust level settings 2017-04-03 14:23:48 +05:30
Guo Xiang Tan ed577fbff8 FEATURE: Pause a topic instead of permanently closing when flag threshold is reached. 2017-03-31 14:35:05 +08:00
Arpit Jalan 8bf12502bd Merge pull request #4780 from techAPJ/send-statistics
FEATURE: Send anonymized usage statistics to Discourse if "Discourse Hub" can't reach the site
2017-03-28 10:02:05 +05:30
Arpit Jalan f3cd5f61c5 FEATURE: Send anonymized usage statistics to Discourse if Discourse Hub can't reach the site 2017-03-28 09:07:23 +05:30
Erick Guan e3e3a04cd2 enable_noscript_support is not used anymore 2017-03-27 11:09:50 +02:00
Arpit Jalan f7e7ca3937 FEATURE: anonymized site statistics 2017-03-10 18:50:26 +05:30
Arpit Jalan b2cfad5f47 Minimum password length should be 8 2017-03-05 14:38:37 +05:30
Neil Lalonde 262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
Arpit Jalan 877957ae88 Merge pull request #4715 from techAPJ/login-per-ip
FEATURE: new site setting for max logins per ip per hour/minute
2017-02-27 18:24:53 +05:30
Arpit Jalan cba51e1c38 FEATURE: new site setting for max logins per ip per hour/minute 2017-02-27 16:58:03 +05:30
Sam ea1007e954 FEATURE: add support for same site cookies
Defaults to Lax, can be disabled or set to Strict.

Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
Neil Lalonde a702330ccd FEATURE: make show_subcategory_list a per-category setting 2017-02-22 11:42:36 -05:00
Guo Xiang Tan 9baf89a901 Remove database vacuum task from Discourse. 2017-02-20 09:02:38 +08:00
Jeff Atwood 9b263a0559 increase req min unique pw chars from 5 to 6 2017-02-16 17:06:19 -08:00
Sam 0ab96a7691 FEATURE: add hidden setting for verbose auth token logging
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
Neil Lalonde 1bcb835446 FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting 2017-02-09 15:00:22 -05:00
Régis Hanol f07b4b310a should not have renamed this setting in 460665895c 2017-02-08 18:11:34 +01:00
Jeff Atwood fcfaa71e85 copyedit on "get a room" 2017-02-04 12:04:15 -08:00
Robin Ward f1e7bca3c9 FEATURE: Warn a user when they're replying to the same user too much 2017-02-03 17:00:54 -05:00
Arpit Jalan 1d2dceda32 FIX: add max value validation for settings containing days 2017-01-27 17:54:41 +05:30
Arpit Jalan 74a46dce68 FIX: set max value for purge_unactivated_users_grace_period_days setting 2017-01-27 14:22:13 +05:30
Régis Hanol 887e9af84f FEATURE: new 'max_image_megapixels' site setting 2017-01-11 23:37:12 +01:00
Jeff Atwood 0303047446 SECURITY: disallow csv as default upload file type 2017-01-10 13:24:10 -08:00
Rafael dos Santos Silva d7c8c2d5e3 FEATURE: Opt-in native Discourse app install banner on Android/iOS 2017-01-03 15:50:45 -02:00
Jeff Atwood aad01a9f27 strengthen TL3 flag-based block of new users 2016-12-31 13:37:31 -08:00
Arpit Jalan d72cbcb2a4 FEATURE: new setting to validate user website 2016-12-26 21:29:27 +05:30
Guo Xiang Tan 8551d821a0 FEATURE: Add site setting to disable group directory. 2016-12-22 14:14:22 +08:00
Guo Xiang Tan 1df8c7a4b6 Revert "Don't vacuum for a long time until we fix it"
This reverts commit 88712bc548.
2016-12-20 09:10:08 +08:00
Robin Ward e03d5e2140 Reapply Ember 2.10 for good this time!
This reverts commit ddd299f4aa.
2016-12-19 11:19:10 -05:00
Sam eb2db23b40 FEATURE: remove email_token_grace_period_hours
The site setting email_token_grace_period_hours just causes confusion and
should not be used anyway.

Out of the box, tokens stop working once confirmed, no need to add complexity here
2016-12-19 17:15:20 +11:00
Robin Ward ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while""
This reverts commit 76bbc481cb.
2016-12-16 10:29:30 -05:00
Robin Ward 76bbc481cb Revert "Revert Ember 2.10+ for a short while"
This reverts commit 21682fd60b.
2016-12-16 09:52:29 -05:00
Sam 61eb134181 FEATURE: setting to allow arbitrary redirects from sso origin
if sso_allows_all_return_paths is set to true you can redirect off-site from sso success
2016-12-16 13:37:44 +11:00
Robin Ward 21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Neil Lalonde f01f95d62d FEATURE: new settings to customize some colors in emails 2016-12-15 14:43:53 -05:00
Neil Lalonde 24d2973108 enable featured links by default 2016-12-09 16:08:17 -05:00
Neil Lalonde 5da52780e4 Default off for show_topic_featured_link_in_digest 2016-12-09 13:49:47 -05:00
Neil Lalonde a62b028e16 Remove the open_topic_featured_link_in_external_window setting. Use the user preference. 2016-12-09 13:48:29 -05:00
Neil Lalonde a4c4f13901 Remove the topic_featured_link_onebox setting. We will always try to onebox a link and add it to the body if topic_featured_link_enabled is enabled. 2016-12-09 13:28:12 -05:00
Erick Guan 52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Arpit Jalan ce974da9e5 FIX: simplify CSV file upload 2016-12-05 14:09:08 +05:30
Sam 96183dbf6b remove unused site setting, not really needed any more 2016-12-05 13:57:35 +11:00