f2e7b74d88
FIX: don't return 200s when login is required to paths
...
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
6b04967e2f
FEATURE: Staff members can lock posts
...
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
79eb9d7086
FEATURE: show header search results on search log term details page
2018-01-17 12:47:16 +05:30
d9788a5fb3
missed a spec
2018-01-15 14:51:04 +11:00
49ed382c2a
FIX: return 429 when admin api key is limited on admin route
...
This also handles a general case where exceptions leak out prior to being handled by the application controller
2018-01-12 14:15:26 +11:00
9030d3ef63
FIX: do not create duplicate topics
...
https://meta.discourse.org/t/duplicate-http-https-topics-are-randomly-created/77190
2018-01-04 23:53:52 +05:30
647cf7545d
Fix randomly failing spec.
2018-01-03 14:42:16 +08:00
69a90f31fb
FEATURE: Allow Forums to disable the Backups feature
2017-12-21 15:22:04 -05:00
eab66065d1
FEATURE: search log term details page ( #5445 )
2017-12-20 13:41:31 +11:00
97ceebb570
SECURITY: Don't pass email backup token to sidekiq as a parameter.
...
* This exposes the token in the Sidekiq dashboard which can be
viewed by an admin and defeats the purpose of using a token
in the download backup email ink.
2017-12-18 11:25:22 +08:00
5e90abfaea
FIX: use hijack for emoji uploads
2017-12-18 10:31:19 +11:00
f2565f6c7e
SECURITY: Any group can be invited into a PM.
2017-12-14 14:57:48 +08:00
96584403cd
SECURITY: prevent staged accounts from changing email
2017-12-14 17:16:49 +11:00
492af81e67
FIX: save registration_ip_address for staged users logging in via social auth
2017-12-12 17:41:16 +05:30
410994b7f5
FEATURE: Show a button to Staff for "Moderation History" on posts/topics
...
When clicked, it pops up a modal showing a history of moderation actions
taken on the post or topic.
2017-12-05 15:20:20 -05:00
6e054b2572
FEATURE: Convert HTML to Markdown while pasting in composer
2017-12-05 12:23:39 -05:00
7f2eeaf767
FIX: Password required flag should be cleared whenever clearing the raw password ( #5384 )
2017-12-01 15:19:24 +11:00
1c2d1682ae
Merge pull request #5328 from tgxworld/reenable_interpolation_keys_check
...
FIX: Re-enable invalid interpolation keys check and allow default key…
2017-11-30 13:04:54 +08:00
d5e7691ae9
favicon proxy now uses hijack
2017-11-27 14:51:14 +11:00
5805979e88
FIX: Re-enable invalid interpolation keys check and allow default keys to be left out of translation overrides.
...
https://meta.discourse.org/t/bulk-invite-from-file-resets-the-invite-forum-mailer-customized-text/67606/16
2017-11-27 11:00:08 +08:00
82222e8d18
Improve specs to test for the right response status.
2017-11-24 09:32:44 +08:00
628275fc31
FIX: Some badge routes were still working even with badges disabled
2017-11-21 12:22:44 -05:00
2d48caffdf
FIX: be more lenient when deleting a custom emoji
2017-11-20 23:50:23 +01:00
41673c322c
dear Rubocop, don't be so pedantic ;-)
2017-11-19 12:45:33 +01:00
92a831bae6
FEATURE: user directory returns staged users during search
2017-11-19 01:17:31 +01:00
3831663fea
FEATURE: search logs page ( #5313 )
2017-11-15 11:13:50 +11:00
9ebb1412d3
FIX: Brittle, order dependent spec
2017-11-04 09:30:17 -04:00
d320f4840d
FIX: Unable to invite groups that are not public visible into pms.
...
https://meta.discourse.org/t/inviting-groups-broken-in-head/73346/6
2017-11-03 21:40:33 +08:00
ab2a5cef38
FIX: Can't edit membership request template on group page.
2017-11-02 08:51:43 +08:00
9586f0bdc9
fix the build - take 2
2017-10-20 21:34:56 +05:30
a6f2533d38
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 09:04:46 +08:00
6fe604b93e
Revert "SECURITY: Fix XSS on unsubscribed page."
...
This reverts commit 190558db9d
2017-10-09 09:03:07 +08:00
190558db9d
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 08:59:03 +08:00
3efde2618d
UX: Do not display non-human users on group page.
...
https://meta.discourse.org/t/members-of-groups-staff/71437
2017-10-06 10:35:40 +08:00
beca02c046
FIX: moderators couldn't see flagged topics list
2017-10-05 14:12:07 -04:00
c29334cf23
FEATURE: the hide_email_address_taken setting works with the change email address form in user preferences
2017-10-04 11:41:25 -04:00
fafe7cc661
remove trailing whitespaces
2017-10-03 13:02:04 +02:00
daf1dda700
FIX: username autocomplete in assign modal wasn't working
2017-10-03 12:49:45 +02:00
5bb326a452
Add specs for EmailTemplatesController
2017-10-02 14:53:27 +02:00
8140e54675
FIX: More fixes for `Group#mentionable` and `Group#messageable` feature.
2017-10-02 17:45:58 +08:00
c872225762
Improve `MessageBus.track_publish` to allow filter by channel.
2017-10-02 11:34:57 +08:00
4e07bbfbbf
FIX: Only allow intergers for page params.
2017-10-02 10:45:54 +08:00
4319d8a142
FIX: Missing template error when rendering `topics#show` error message.
2017-09-28 11:06:44 +08:00
d7c37d9369
Add front end service for staff controls
2017-09-25 12:25:14 -04:00
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
104d97695d
FIX: don't activate un-confirmed email on omniauth authentication ( #5176 )
2017-09-12 17:36:17 +02:00
5c1143cd55
Add missing test case for `PostController#timings`.
2017-09-04 16:36:02 +08:00
6bc74ceb50
Split alias levels in mentionable and messageable levels. ( #5065 )
...
* Split alias levels in mentionable and messageable levels.
* Fixed some tests.
* Set messageable level to everyone by default.
* By defaults, groups are not mentionable or messageable.
* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
41ca527d7a
Fix Rubocop error.
2017-08-24 15:28:18 +09:00
8779490ce4
Move new controller specs to reqeusts folder.
2017-08-24 12:01:11 +09:00
Sam
Robin Ward
Arpit Jalan
Guo Xiang Tan
Vinoth Kannan
Guo Xiang Tan
Régis Hanol
Gerhard Schlager
Neil Lalonde
Leo McArdle
Bianca Nenciu