7b089f7af4
FIX: Don't throw exception if welcome topic cannot be found
2018-08-15 15:50:55 +01:00
38c10a3dc2
correct the validator
2018-08-15 14:56:24 +10:00
91e0a77a60
FEATURE: silenced users should not be allowed to edit posts
2018-08-15 14:29:36 +10:00
06f82a7d72
correct exception handling, always do to_i in array
2018-08-15 11:31:42 +10:00
bc47148d35
add validation to exclude_category_ids
2018-08-15 09:53:28 +10:00
12bab65167
FIX: going from /categories to /latest on mobile might break infinite scrolling
2018-08-15 01:22:03 +02:00
ba0e322fd0
FIX: Validation of topic params broke discourse-assign
2018-08-14 18:45:46 +02:00
87fa26b6c8
FIX: Silenced users shouldn't be able to act on posts
2018-08-14 11:43:39 -04:00
2927294cc6
FIX: Bulk deleting topics should ignore already deleted topics
2018-08-14 16:37:52 +02:00
de92913bf4
FIX: store the topic links using the cooked upload url
2018-08-14 12:23:32 +02:00
ad5f502332
FIX: add a basic validator for topic params
...
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
6cae47aa53
collect extra environment correctly
2018-08-13 16:33:28 +10:00
168ffd8384
FEATURE: group warnings about IP level rate limiting
2018-08-13 14:38:20 +10:00
d10c9d7d75
FIX: Missing extensions for non-image uploads due to 2b57239389.
2018-08-13 10:58:55 +08:00
71a1d75d7e
FIX: disable_2fa fix method selection
...
The previous code resulted in
NameError: undefined local variable or method `totp' for main:Object
I now understand what @tgxworld meant about we should only disable totp when I submitted this before.
This is the kind of Ruby stuff that I still don't understand well,(perhaps this isn't the most Ruby way to do this?) but this does what I think is supposed to happen. And it worked just now.
2018-08-10 14:45:40 -07:00
865cb3feb9
FIX: allow selecting site's default theme from preference
2018-08-10 14:12:02 +03:00
ea8394b080
typo in error message
2018-08-10 11:34:01 +10:00
1fc2597626
better error handling for upload extension fixer
2018-08-10 11:28:22 +10:00
b9072e8292
FEATURE: Add "Reset Bump Date" action to topic admin wrench ( #6246 )
2018-08-10 10:51:03 +10:00
ef4b9f98c1
FEATURE: Allow admins to reply without topic bump
2018-08-10 10:48:30 +10:00
d77dccc636
FIX: user-deleted posts with deferred flags can be destroyed
2018-08-09 14:54:31 -04:00
6ddf7fcd1f
Fix warnings about already initialized constants
2018-08-09 17:29:02 +02:00
5895507153
FEATURE: Ability for plugins to whitelist custom fields for flags
...
You can now call `whitelist_flag_post_custom_field` from your plugins
and those custom fields will be available on the flagged posts
area of the admin section.
2018-08-09 10:49:14 -04:00
ed4c0f256e
FIX: check permalinks for deleted topics
...
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
1ea23b1eae
FIX: Wrong order for `S3Helper#copy_file`.
2018-08-08 15:58:54 +08:00
0879610ffd
Add missing require in `uploads:fix_incorrect_extensions`.
2018-08-08 15:39:37 +08:00
a35f2984e9
FIX: support Arrays with Marshal dump in distributed cache
...
Theme cache uses arrays here
2018-08-08 16:44:56 +10:00
17047806b9
Add a rake task to fix uploads with wrong extension.
2018-08-08 13:15:17 +08:00
0b7ed8ffaf
FEATURE: backend support for user-selectable components
...
* FEATURE: backend support for user-selectable components
* fix problems with previewing default theme
* rename preview_key => preview_theme_id
* omit default theme from child themes dropdown and try a different fix
* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
aafff740d2
Add `FileStore::S3Store#copy_file`.
2018-08-08 11:30:34 +08:00
4e6e4a83df
FIX: subfolder digest emails have incorrect URLs
2018-08-07 16:38:17 -04:00
1fcb5c1b6d
Version bump to v2.1.0.beta4
2018-08-07 12:32:57 -04:00
2b57239389
FIX: Upload's content is the only source of truth for the file type.
2018-08-07 13:15:00 +08:00
4b000f5d12
FIX: do not use `lib` for requires
...
this breaks loading the app from arbitrary dirs
2018-08-07 11:04:29 +10:00
ffc8c52bf5
FIX: store welcome topic id in custom field
2018-08-06 23:46:03 +05:30
812add18bd
REFACTOR: Serve auth provider information in the site serializer.
...
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
0cd9e2acb9
fix build
2018-08-04 01:56:26 +02:00
066010db7d
FEATURE: introduces list/compact_list components
2018-08-03 16:41:37 -04:00
ac2513b0f2
FEATURE: automatic PM when a user's email is revoked
2018-08-03 16:39:22 +02:00
c81bad3232
Merge pull request #6232 from OsamaSayegh/message-email-short-reply
...
UX: better rejection message when reply via email is too short
2018-08-02 14:25:04 -07:00
a157dfd418
UX: better rejection message when reply via email is too short
2018-08-02 22:43:53 +03:00
14bbd5d167
FIX: use the right URL when downloading the file from S3
2018-08-02 10:04:41 +02:00
4a872823e7
Improvements to user drafts ( #6226 )
...
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels
* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
0f1137dafa
FIX: 'migrate_from_s3' rake task wasn't handling short urls
2018-08-01 22:58:46 +02:00
059862ed46
Mark discord auth plugin official
2018-08-01 09:33:14 -07:00
b829452c75
Merge pull request #6209 from discourse/mini_scheduler
...
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
0b9437cee7
FIX: more resilient/consistent dashboard caching ( #6223 )
2018-08-01 09:45:50 -04:00
a115aae45f
Use rchardet instead of charlock_holmes gem
2018-08-01 10:41:20 +02:00
ff942ed2f3
FIX: Try detecting encoding of RSS feed
2018-08-01 10:41:20 +02:00
1f45215537
FEATURE: Drafts view in user profile
...
* add drafts.json endpoint, user profile tab with drafts stream
* improve drafts stream display in user profile
* truncate excerpts in drafts list, better handling for resume draft action
* improve draft stream SQL query, add rspec tests
* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)
* cleanup
* linting fixes
* apply prettier styling to modified files
* add client tests for drafts, includes a fixture for drafts.json
* improvements to code following review
* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix
* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed
* prettier, eslint fixes
* use "username_lower" from users table, added error handling for rejected promises
* adds guardian spec for can_see_drafts, adds improvements following code review
* move DraftsController spec to its own file
* fix failing drafts qunit test, use getOwner instead of deprecated this.container
* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
6aee22b88f
FIX: Onebox images are not downloaded locally without css class
2018-08-01 02:51:02 +05:30
4ad7ce70ce
REFACTOR: extract scheduler to the mini_scheduler gem
2018-07-31 17:12:55 -04:00
afe3b00c0f
FIX: use hidden setting for max export file size
2018-07-31 11:25:28 +05:30
f0c203a5cf
clean up previous commit
2018-07-31 14:50:02 +10:00
b55d9e63a0
Rake mail test debugging ( #6171 )
...
* FEATURE: rake emails:test add debugging
* Oops! Remove safety code
* more language tweaks
2018-07-31 14:45:59 +10:00
fd29ecb91a
UX: include a flag reason in the post-deleted-by-staff-because-of-flags message
2018-07-30 16:45:46 -04:00
8f1db615db
FIX: don't break restore if function does not exist
2018-07-30 22:11:38 +02:00
17b851cf08
FEATURE: show last updated date for wiki topics
2018-07-30 20:27:49 +05:30
6566b2f11a
FEATURE: Allow revoke and connect for Instagram logins
2018-07-30 14:38:53 +01:00
dfcb2a0d42
FEATURE: include published_time in metadata
2018-07-30 17:09:56 +05:30
8d1acbd4c2
DEV: Include specific authenticator name in warning message
2018-07-30 11:33:48 +01:00
b94633e844
FIX: `FileHelper` should prioritize response content-type.
...
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
2018-07-30 10:54:36 +08:00
5f1fd0019b
FEATURE: Allow revoke and connect for GitHub logins
2018-07-27 17:18:53 +01:00
6296f63804
FEATURE: Revoke and connect for Yahoo logins
2018-07-27 16:20:47 +01:00
9c72c00206
FEATURE: Revoke and reconnect for Twitter logins
2018-07-27 12:28:51 +01:00
c74dd2fa08
FIX: welcome topic should not be a private message
2018-07-27 15:15:13 +05:30
6740631fdb
TEMPFIX: Fix broken restores.
2018-07-27 12:48:16 +08:00
135c803f49
FIX: don't send PM if flagged post is deleted but flags were deferred or cleared
2018-07-26 15:12:31 -04:00
a74024b1c9
Version bump to v2.1.0.beta3
2018-07-26 14:16:06 -04:00
467c529920
FIX: Remove return statement from inside block
2018-07-26 15:52:39 +01:00
88241f57a3
FEATURE: allow auth plugins to have a site setting for full screen login
2018-07-26 11:11:16 +01:00
def2c977ce
allow auth plugins to have a site setting for if they should be full screen vs popup window
2018-07-25 19:20:11 -05:00
f94aeaf6cf
SECURITY: force IM decoder based on file extension - part 3
2018-07-25 23:55:06 +02:00
800c57c6ab
SECURITY: force IM decoder based on file extension - part 2
2018-07-25 23:08:02 +02:00
4bf3bf6786
SECURITY: force IM decoder based on file extension
2018-07-25 22:00:04 +02:00
0d0d78841b
FIX: Remove `plugin.enabled?` checks at initialization time ( #6166 )
...
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
- An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
- In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.
Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.
I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
- `post_custom_fields_whitelist`
- `whitelist_staff_user_custom_field`
- `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
796639a797
FIX: makes disk_space computation more resilient ( #6172 )
2018-07-25 11:04:01 -04:00
fa399ce1c5
FEATURE: Add revoke and reconnect functionality for google logins
2018-07-25 16:03:14 +01:00
578c8e861b
FIX: refreshes disk_space on backup create/destroy ( #6169 )
2018-07-25 08:26:30 -04:00
776fd0de66
FIX: Filter open-id logins by identifier
2018-07-25 11:47:09 +01:00
84d14fd8a0
FIX: Don't rely on setting data type read from database
2018-07-25 11:40:59 +02:00
417bcf7d2e
add checks for staff and system user before sending flags_agreed_and_post_deleted message
2018-07-24 19:25:11 -04:00
fe39cdc90a
FEATURE: when a post is deleted because a moderator agreed with flags, send a message to the post author
2018-07-24 17:17:56 -04:00
7058205f70
FIX: Broken specs
2018-07-24 12:00:34 -04:00
236243f38a
SECURITY: Consider `0.0.0.0` a private IP
2018-07-24 11:16:27 -04:00
7a3c541077
UX: Preview multiple color schemes in wizard ( #6151 )
...
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.
Theme preview windows are shrinked.
Imported default color schemes.
Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
2018-07-24 09:00:20 -04:00
fa19d3a53c
Merge pull request #6108 from discourse/transaction-sidekiq-fix
...
Fix notifications for topics moved between categories
2018-07-24 17:44:03 +08:00
20a21b1240
Move into MiniSQLMultisiteConnection, and add test for rollback
2018-07-24 09:41:55 +01:00
fad9c2b971
PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table.
2018-07-24 13:51:53 +08:00
ae8b0a517f
PERF: Split skipped email logs into a seperate table.
2018-07-24 13:14:37 +08:00
e42038eae2
Rake task called method with wrong arguments
2018-07-24 00:10:09 +02:00
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
b165cfdfbe
FIX: Raise a better error in `SiteSettings::TypeSupervisor`.
2018-07-19 16:41:00 +08:00
14a0879658
FIX: allow Twitter videos to go fullscreen
2018-07-19 10:22:36 +05:30
2dc3a50dac
FIX: Do not update `last seen` time for suspended users
2018-07-18 16:04:57 +01:00
6d6e026e3c
FEATURE: selectable avatars
2018-07-18 12:57:43 +02:00
379384ae1e
FIX: never block /srv/status which is used for health checks
...
This route is also very cheap so blocking it is not required
It is still rate limited and so on elsewhere
2018-07-18 12:37:01 +10:00
3874d40910
Prepare to drop `EmailLog#topic_id`.
2018-07-18 10:22:24 +08:00
1d74ccaaf8
Add compatibility for ImageMagick7.
2018-07-17 15:50:58 +08:00
a7ec949e02
make RuboCop happy
2018-07-17 13:15:44 +05:30
David Taylor
Sam
Régis Hanol
Gerhard Schlager
Robin Ward
Guo Xiang Tan
Jay Pfaffman
Osama Sayegh
Neil Lalonde
Arpit Jalan
Joffrey JAFFEUX
Jeff Atwood
Penar Musaraj
Jeff Wong
Vinoth Kannan
Jay Pfaffman
Nick Shearer
Guo Xiang Tan