423f2ab228
FIX: Processing incoming email should be done in a background job.
2017-04-24 13:57:28 +08:00
d4111c8676
correct spec
2017-04-20 17:24:21 -04:00
809fbb25ce
FIX: blanking theme field was not properly removing it
2017-04-13 17:24:15 -04:00
3d76fb9c2c
FIX: Don't show category options for reports that can't be scoped to a category.
2017-04-13 17:10:55 +08:00
a3e8c3cd7b
FEATURE: Native theme support
...
This feature introduces the concept of themes. Themes are an evolution
of site customizations.
Themes introduce two very big conceptual changes:
- A theme may include other "child themes", children can include grand
children and so on.
- A theme may specify a color scheme
The change does away with the idea of "enabled" color schemes.
It also adds a bunch of big niceties like
- You can source a theme from a git repo
- History for themes is much improved
- You can only have a single enabled theme. Themes can be selected by
users, if you opt for it.
On a technical level this change comes with a whole bunch of goodies
- All CSS is now compiled using a custom pipeline that uses libsass
see /lib/stylesheet
- There is a single pipeline for css compilation (in the past we used
one for customizations and another one for the rest of the app
- The stylesheet pipeline is now divorced of sprockets, there is no
reliance on sprockets for CSS bundling
- CSS is generated with source maps everywhere (including themes) this
makes debugging much easier
- Our "live reloader" is smarter and avoid a flash of unstyled content
we run a file watcher in "puma" in dev so you no longer need to run
rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
17f2974d0a
SECURITY: Confirm new administrator accounts via email
2017-04-04 15:59:01 -04:00
3ef82bb32c
SECURITY: CSRF vulnerabilities in `Admin::BackupsController`.
2017-03-23 10:29:35 +08:00
1a7e954e09
FIX: Store custom emojis as uploads.
...
* Depending on a hardcoded directory was a flawed design
which made it impossible to debug when custom emojis go
missing.
2017-03-14 13:07:18 +08:00
d5bcc70e9c
FIX: grant trust level when bulk adding users to group
2017-03-06 14:39:53 +05:30
80858bae2c
FEATURE: further restrict downloading of backups
...
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
f51e3b2131
FIX: should not be able to rename a system badge
2017-02-20 14:35:05 +01:00
2dec731da3
SECURITY: correctly validate input when admin searches for screened ips
2017-02-06 16:11:16 -05:00
fbf9172db8
FIX: log backups download/destroy staff action
...
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:53:31 +01:00
515f50e42e
FEATURE: Log admin action when readonly mode is changed.
2017-01-12 09:41:02 +08:00
7c7c233c1c
FIX: Can't update `Groups#allow_membership_requests` in admin.
2016-12-20 15:14:35 +08:00
43ee9f884e
FEATURE: Add `Group#full_name`.
2016-12-13 16:16:26 +08:00
da7009a968
FEATURE: Add request membership button for allowed groups.
2016-12-12 22:48:08 +08:00
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
be5b5f6bea
FEATURE: Public groups.
2016-12-12 17:00:30 +08:00
37b256e7f2
Fix specs.
2016-12-05 17:13:58 +08:00
31acd311e5
FEATURE: Allow group owners to edit group name and avatar flair.
2016-12-05 14:27:46 +08:00
5794f1619d
PERF: Fix N+1 queries when loading groups.
2016-11-26 02:20:26 +08:00
81e2a0099f
FIX: ensure the group 'everyone' is never shown when using a different locale
2016-10-24 10:53:31 +02:00
0d2d8797b6
FIX: Backup validation wasn't escaping hyphens
2016-09-16 15:20:42 -04:00
a04dadf9b4
FIX: Randomly failing specs try 2.
2016-09-16 15:10:37 +08:00
903d1dd326
FIX: Randomly failing specs.
2016-09-16 14:56:59 +08:00
512922d776
SECURITY: Add filename validation for backup uploads.
2016-09-16 11:58:14 +08:00
2251104e32
FEATURE: avatar flair can be font awesome icons
2016-08-26 17:15:37 -04:00
d079f69b7b
FEATURE: add flair to avatars using new settings in the groups admin UI
2016-08-17 15:13:15 -04:00
c6dbaca0dc
SECURITY: disable user entered badge SQL by default
...
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
c626558d36
UX: group pages should not show Messages tab to unauthorised users ( #4318 )
2016-07-09 00:50:04 +05:30
ccf9b70671
When restoring a backup, disable emails.
...
This prevents accidental sending of emails after a restore before
the admin has had a chance to review everything.
2016-06-24 17:15:15 -04:00
a130cb8305
FEATURE: move more urgent emails notifications to critical queue
...
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
9a5ded48cf
FIX: Return a proper error message when sync sso fails.
2016-03-26 13:30:15 +08:00
bfaa4cdb37
FEATURE: compose a new pre-filled private message to a group via URL
2016-03-03 00:19:06 +05:30
35142847ba
FIX: Prepend the user id before username in admin user routes
2016-02-09 15:14:13 +01:00
b75353c26f
correct specs
2016-01-27 23:40:45 +11:00
d20f6e0cb0
fix test and comment out js test for now
2015-12-20 17:34:15 +11:00
4c967d11b4
FEATURE: log site text changes
2015-12-18 19:42:06 +05:30
15c229195f
FEATURE: notification_level on a per-group basis
2015-12-14 23:17:09 +01:00
578f606a1a
add 'incoming_email' to groups
2015-12-07 12:39:28 +01:00
3e50313fdc
Prepare for separation of RSpec helper files
...
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`
`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).
For more information:
https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files
In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.
This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.
At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
5e93140f85
FEATURE: Can override any translation via an admin interface
2015-11-27 11:35:19 -05:00
6dd4bc7d57
FEATURE: support group owner, capable of controlling group membership
...
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members
Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
fe5264f9e9
filter by username in email digest preview
...
adds a user prompt on the email digest preview page to generate a preview for a particular user
also fixes some broken styling on the page
2015-10-30 18:11:38 +00:00
23371b026d
FIX: Don't raise an error if you try to assign a group that exists
2015-10-28 12:21:54 -04:00
47e25648df
FEATURE: Change user groups in bulk via admin
2015-10-26 15:57:30 -04:00
1bd0f5b015
FEATURE: group can grant a trust level when a user is added
2015-09-01 16:52:12 -04:00
1a82a59f47
fix the build
2015-08-27 22:46:30 +02:00
73624e63c5
FIX: revoke any api keys when suspending an user
2015-08-23 22:33:37 +02:00
d1c69189f3
FEATURE: Can edit category/host relationships for embedding
2015-08-20 15:56:04 -04:00
c0e88724c2
Preserve user-field options when updating user-fields
...
Avoid deleting options of the user-field when no options are
transmitted.
2015-08-17 19:01:20 +02:00
118763df50
FIX: Broken spec
2015-08-10 10:34:40 -04:00
dc8a68fd29
FEATURE: New "Dropdown" user field type
2015-07-28 12:30:21 -04:00
dc90c396f2
FEATURE: manage Permalinks
2015-07-17 01:26:02 +05:30
c91634c09a
FIX: support for async uploads of emojis
2015-05-20 16:45:48 +02:00
b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec
...
This conversion is done by Transpec 3.1.0 with the following command:
transpec
* 424 conversions
from: obj.should
to: expect(obj).to
* 325 conversions
from: == expected
to: eq(expected)
* 38 conversions
from: obj.should_not
to: expect(obj).not_to
* 15 conversions
from: =~ /pattern/
to: match(/pattern/)
* 9 conversions
from: it { should ... }
to: it { is_expected.to ... }
* 5 conversions
from: lambda { }.should_not
to: expect { }.not_to
* 4 conversions
from: lambda { }.should
to: expect { }.to
* 2 conversions
from: -> { }.should
to: expect { }.to
* 2 conversions
from: -> { }.should_not
to: expect { }.not_to
* 1 conversion
from: === expected
to: be === expected
* 1 conversion
from: =~ [1, 2]
to: match_array([1, 2])
For more details: https://github.com/yujinakayama/transpec#supported-conversions
2015-04-25 11:18:35 -04:00
499bed69e2
FIX: show error message if user already exist in group
2015-04-15 14:15:58 +05:30
869d8e25ad
Promotion fails if the user account isn't old enough yet.
2015-04-14 12:14:59 -04:00
75890aed26
FEATURE: allow admins to choose a group as a primary group
...
FEATURE: allow admins to set a default title for a group
2015-04-10 12:17:28 +10:00
89ea125c73
automatic need only be added once to the hash
2015-03-18 17:47:39 +11:00
005b8bf7c3
FIX: When creating a SSO user via sync, do not user the IP address.
2015-02-25 14:41:23 -05:00
1c545d4c1e
Allow adding and removing members of groups by username or id
...
As discussed here: https://meta.discourse.org/t/discourse-gem-group-add/25668/2 .
2015-02-25 14:52:13 +00:00
ca5730018a
FIX: SSO code should respect IP address filters
2015-02-23 16:01:46 -05:00
c4e427cf73
FEATURE: filter screened IP addresses
2015-02-10 19:38:59 +01:00
8d46de4819
Add a spec for the new plugins controller
2015-02-10 12:35:53 -05:00
e8323fa534
FIX: removing a group from a user was not removing primary group
2015-02-09 16:03:09 +11:00
f7f5e39f75
FIX: Minor Admin bug with a setting when creating a new group
2015-01-23 20:31:48 +01:00
256519dddf
FEATURE: automatic group membership based on email address
2015-01-23 18:25:43 +01:00
e300945879
FEATURE: split group admin in 2 tabs (custom & automatic)
...
FIX: clear the user-selector when adding new members
2015-01-21 20:52:48 +01:00
bc73238c8f
controllers with rspec3 syntax
2015-01-09 14:04:02 -03:00
060cda7772
FIX: proper handling of group memberships
2015-01-05 18:51:45 +01:00
4c166942ad
FEATURE: Invite admin api has an optional param send_email which can prevent sending an email to the invited user. The api will return the password reset url so that the caller can send an email with it instead.
2015-01-02 15:48:54 -05:00
bfbc49ef6f
FIX: log only 1 'show email' record
2014-12-29 11:50:36 +01:00
9932bea7ce
FEATURE: default emoji override
2014-12-25 17:58:15 +01:00
bb152a5b3f
FEATURE: download user posts archive
2014-12-24 15:13:48 +05:30
45dbdb6896
FEATURE: custom emojis
2014-12-23 01:12:26 +01:00
1d0eccf710
Have activate user return json
...
- Change activate user from admin controller to return json
- Test that it returns json
- Remove unnessary test from log_out spec
This commit was created so that when you activate a user through the api
it returns a json response.
2014-12-08 11:16:57 -07:00
bdc92eec70
Have log_out method return json.
...
This commit helps improve the discourse_api experience so that we can
check the json response if it was a success or not. This commit also
checks that a 404 is sent instead of a 500 if a bad user_id is passed
in.
2014-12-01 06:03:25 -07:00
5b90ceb71d
FEATURE: rolls up 1.2.*.* IP ranges when number of entries > 10
2014-11-27 19:29:30 +01:00
7b0ae702e7
FEATURE: log a new staff action when rolling up banned IP addresses
2014-11-24 19:48:54 +01:00
1023191315
FEATURE: roll up function for 123.456.789.* ranges
2014-11-24 17:25:48 +01:00
1c498eb491
FEATURE: API endpoint for inviting an admin
2014-11-24 15:42:56 +11:00
6f8119ebb8
Merge branch 'master' into group-admin-incremental
2014-11-21 10:04:05 -08:00
b8d806ee07
FEATURE: delete all accounts from this IP in the IP lookup modal
2014-11-20 19:59:20 +01:00
50de22801f
API addition: HTTP PATCH support for /groups/xxx: incremental membership changes
2014-11-20 09:29:56 -08:00
aebf36c356
remove /download from csv file url
2014-11-20 00:34:38 +05:30
efc4109902
update specs to remove deprecation warnings
2014-11-07 06:05:44 -08:00
bb2d538194
FEATURE: log impersonations
2014-11-06 10:58:47 +01:00
068d22e9b3
Add API support for querying admin reports by date range
2014-11-05 13:11:37 -05:00
b09ad87098
FIX: add 'show emails' button from moderators in user admin section
2014-11-03 12:46:08 +01:00
7d6d8bd0a3
FEATURE: admin end point to sync sso /admin/users/sync_sso
...
Must be admin to invoke (api is fine too), uses same sso payload nonce is ignored
2014-10-28 11:25:21 +11:00
f9a8f6d6ce
FEATURE: Support for a `required` setting on user fields.
2014-10-08 15:10:19 -04:00
381814fd5d
Adds support for a description to user fields.
2014-10-02 15:56:52 -04:00
4bcd4e05b8
correct spec
2014-09-30 13:16:34 +10:00
0fc0533134
FEATURE: Admin interface for adding custom fields for users
2014-09-25 16:17:51 -04:00
de76b512c1
fix most deprecations in the specs (still some left)
2014-09-25 17:44:48 +02:00
bc53d48bd7
Renaming site contents to site text
2014-09-24 16:08:14 -04:00
d1f6aba71f
fix test
2014-09-23 09:55:30 +10:00
9428ad779f
FIX: send content length with backups
2014-09-23 09:25:53 +10:00
Guo Xiang Tan
Sam
Robin Ward
Arpit Jalan
Blake Erickson
Régis Hanol
cpradio
Neil Lalonde
Erick Guan
Andy Waite
Leo McArdle
Jonathan Brachthaeuser
Arthur Neves
Dan Singerman
Luciano Sousa
Jason W. May
David McClure