Commit Graph

356 Commits

Author SHA1 Message Date
Kyle Zhao 2901691e87 FEATURE: per-category approval settings (#5778)
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
Sam db14e10943 SECURITY: category badges should HTML escape names 2018-06-28 18:15:07 +10:00
Sam 5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Robin Ward fab59c66f0 FIX: Protection against dangling category group records 2018-06-04 15:43:26 -04:00
Guo Xiang Tan 467d91347a Missing specs for `Group`, `Tag`, `Category` and `Flag` web hooks. 2018-05-21 17:29:58 +08:00
Arpit Jalan 9ca6ebe8fe FEATURE: enforce tagging on categories 2018-04-11 07:15:24 +05:30
Vinoth Kannan efb19dbdaf
Merge pull request #5705 from discourse/new_webhooks
FEATURE: Webhook for group and category events
2018-04-02 10:53:21 +05:30
Vinoth Kannan e7407d0adc FEATURE: Webhook for group and category events 2018-03-27 11:53:35 +05:30
Neil Lalonde f2c060bdf2 FEATURE: option for tags in a tag group to be visible only to staff 2018-03-26 17:05:09 -04:00
Robin Ward b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Neil Lalonde 1093dacc03 FIX: bulk importers need to create category description topics 2018-03-07 12:10:22 -05:00
Gerhard Schlager 8e48b339fa Drop unused tables (#5630) 2018-03-05 17:27:30 -05:00
Sam 2c25b9ae12 annotate 2018-03-05 11:06:45 +11:00
Sam 720e1965e3 FEATURE: add category suppress from latest
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.

New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Guo Xiang Tan 226ace1643 Update annotations. 2018-02-20 14:28:58 +08:00
Arpit Jalan daeb7694bc update annotations 2017-12-05 21:03:20 +05:30
Gerhard Schlager 8f6d35aa59 FEATURE: category setting for mailinglist mirror 2017-11-17 15:29:14 +01:00
Guo Xiang Tan d67f0b39ae Update annotations. 2017-10-06 11:13:01 +08:00
Neil Lalonde f5a2ed99b0 FIX: deleting category background images sometimes has no effect 2017-10-04 17:04:37 -04:00
Guo Xiang Tan 77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Guo Xiang Tan bc3e43b496 FIX: Topic timers being incorrectly `trashed!`.
https://meta.discourse.org/t/temporary-timed-closure-of-topic-not-re-opening-topic/67877
2017-08-22 15:23:09 +09:00
Erick Guan 1146772deb Fix: unlinked topic search model (#5044) 2017-08-15 11:46:57 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde 55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
Guo Xiang Tan 04016f0dec Support Ruby 2.4. 2017-04-15 12:29:00 +08:00
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Guo Xiang Tan 34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Arpit Jalan 3378e2d49f FIX: update topic fancy title when updating category name 2017-03-26 12:29:53 +05:30
Neil Lalonde 11ce73b8ed FEATURE: category setting for default top period 2017-03-22 16:54:18 -04:00
Guo Xiang Tan e8fc8f0bb6 Update annotations. 2017-03-22 14:26:53 +08:00
Neil Lalonde 22f197c153 FEATURE: subcategory list style: boxes with featured topics 2017-03-16 11:54:45 -04:00
Neil Lalonde 6d7e968e30 FEATURE: box-style rendering of sub-categories 2017-03-13 15:25:52 -04:00
Neil Lalonde 262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
Sam c531f4ded5 remove rails-observers
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.

For example: if we want to upgrade to rails 5 there is no published gem

Internally the usage of observers had quite a few problem.

The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam 0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Joe Buhlig 87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Guo Xiang Tan 4a1340b14e Update annotations. 2016-12-12 22:59:40 +08:00
Guo Xiang Tan 9a800107cb FIX: Associate category logo and background to uploads record. 2016-12-12 17:37:28 +08:00
Régis Hanol f4688f74db FIX: emoticons stop summary from being updated 2016-12-07 23:05:14 +01:00
Guo Xiang Tan f812415c52 Update annotations. 2016-11-24 10:13:03 +08:00
Arpit Jalan 82bdfb9832 FIX: update category permalink if record already exists 2016-11-17 21:58:19 +05:30
Neil Lalonde 9ef1688a76 FEATURE: per-category default topic list sort order 2016-11-01 12:18:41 -04:00
Robin Ward 1f5325e3f0 FIX: Only validate uploaded URLs if they change 2016-09-08 12:06:18 -04:00
Erick Guan 9ce61b4586 FEATURE: Webhooks. 2016-09-05 18:44:00 +08:00
Régis Hanol eb953c0904 FIX: /categories page on mobile 2016-08-19 01:47:00 +02:00
Régis Hanol 6d1d7b7c8f UX: new /categories layout 2016-08-17 23:23:16 +02:00
Robin Ward 2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Robin Ward cf5b756b1a SECURITY: Cross-Site Scripting in Category and Group Settings 2016-07-28 11:57:59 -04:00
Sam 83f80341b3 FIX: topic id cache should be a multi process cache 2016-07-28 10:20:14 +10:00
Neil Lalonde fa9d8bd8bd FIX: category settings shouldn't limit tag input size 2016-07-19 12:30:02 -04:00
Sam 1c964bf730 PERF: cache category topic ids 2016-07-19 12:34:54 +10:00
Robin Ward 2005565c9c Server side code for Watching First Post Only 2016-07-07 11:21:50 -04:00
Régis Hanol 800081f606 FIX: staged users weren't able to reply in restricted categories 2016-06-26 19:25:45 +02:00
Neil Lalonde a49ace0ffb FEATURE: ability to restrict tags to categories using groups 2016-06-07 15:36:20 -04:00
Neil Lalonde f3f6c2f98f FEATURE: tag groups 2016-06-06 14:18:48 -04:00
Neil Lalonde c3ceb6ef7d FIX: tags created from category modal need to be normalized as usual 2016-06-01 17:05:24 -04:00
Neil Lalonde deb93044b4 FEATURE: new tags can be created from the "edit category" modal when defining the set of permitted tags 2016-05-31 17:27:22 -04:00
Neil Lalonde 6796b15857 FEATURE: restrict tags to be used in a category 2016-05-30 16:56:33 -04:00
Arpit Jalan 7151c16c79 FEATURE: create permalink when category slug is changed 2016-04-27 17:34:03 +05:30
Sam 8ba57c0ffd FIX: restrict moderators from creating/editing topics in readonly categories
In the past moderators had blanket access to all categories they were allowed
to see. This tightens down the restriction.
2016-04-13 15:59:38 +10:00
Arpit Jalan ff12b5bf57 FIX: newly created categories were not showing up 2016-03-14 23:17:02 +05:30
Régis Hanol 031146a821 FIX: ensure email in address insn't used it both Groups & Categories 2016-03-08 20:52:04 +01:00
Régis Hanol f7432d8ec9 FEATURE: add support for multiple incoming emails for groups & categories 2016-02-24 19:47:58 +01:00
Sam 32c681c96b annotate models 2016-02-23 10:33:53 +11:00
Guo Xiang Tan a055c37939 Merge pull request #3956 from tgxworld/fix_clashing_slug
FIX: Clashing category slug.
2016-01-18 10:15:13 +08:00
Guo Xiang Tan c60e360c90 FIX: Clashing category slug. 2016-01-13 15:32:29 +08:00
Régis Hanol e2744fc19f FIX: adding the 'contains_messages' column back 2016-01-12 12:06:51 +01:00
Régis Hanol 8049dfdfda CLEANUP: remove 'contains_messages' leftover 💩 2016-01-12 11:29:26 +01:00
Sam Saffron c2e45c8377 Update annotate and annotate models 2016-01-11 17:30:56 +11:00
Arpit Jalan bfd21461df FIX: proper regex for category slug validation 2016-01-07 12:06:45 +05:30
Guo Xiang Tan c1dbf5c1c4 FEATURE: Autolinking to category using hashtags. 2016-01-05 00:12:24 +08:00
Sam 6246dd0aa2 PERF: memoize to avoid N+1 query in category page 2015-10-02 12:35:47 +10:00
Sam 55c0f6a20c PERF: avoid method_missing 2015-10-02 12:27:38 +10:00
Sam 181ab89485 PERF: introduce fragment caches in site serializer 2015-09-28 16:50:24 +10:00
Sam aefedfafea PERF: increase caching of category descriptions 2015-09-28 16:50:24 +10:00
Guo Xiang Tan f39b9124b6 FEATURE: Log staff actions for Category changes. 2015-09-18 10:53:08 +08:00
Sam c1ecd6f4ce update annotations 2015-09-18 10:41:10 +10:00
Régis Hanol d34f42d2f7 FIX: hide category column in topic list only when the current category has no children 2015-09-02 23:46:04 +02:00
Sam f533276507 FIX: do not publish all categories when a category changes.
minor fixes to UI, still needs more work for live refresh of category listing
2015-07-10 12:09:43 +10:00
Sam fdbcc31a9c Merge pull request #3461 from fantasticfears/slug
FIX: category custom slug can't be set when generation method is none
2015-05-15 14:59:35 +10:00
Sam e6f73a1c80 PERF: optimise front page category security lookup query 2015-05-14 12:19:22 +10:00
Erick Guan 4c00eef8b5 FIX: category custom slug can't be set when generation method is none 2015-05-13 16:54:19 +08:00
Erick Guan a48dd1cc28 store the slug as the title is, only sanitize the slug
and prettify code
2015-05-05 18:33:16 +08:00
Erick Guan b772ff6e13 FEATURE: add slug geneartion options 2015-05-05 18:08:30 +08:00
Sam 803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Neil Lalonde 1b250f1e01 FIX: crawler pages and RSS had broken links for sites deployed to a subfolder with relative_url_root 2015-04-30 12:46:26 -04:00
Robin Ward 5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Régis Hanol 7b8c7ff3ef FIX: sub-categories with the same name had the same background image 2015-02-12 18:21:07 +01:00
Robin Ward 114cc1c851 FIX: We missed some references to `/category/xyz` in the ruby code base. 2015-01-07 11:47:01 -05:00
Erick Guan 1e166d89ff support setting category slug 2014-12-30 03:14:54 +08:00
Jason W. May 18a00d2dd7 remove commented-out code 2014-12-17 08:59:05 -08:00
Jason W. May efa872e426 optional custom value for category slug (create and update) 2014-12-03 16:23:59 -08:00
Sam 6bed4e1bf0 add allowed_ips to api_keys
update annotations
2014-11-20 14:53:15 +11:00
Sam c98d0a8eb6 Revert "Revert "PERF: use distributed cache for site text and category slugs""
This reverts commit 65e7cd1d1d.
2014-11-12 10:01:41 +11:00
Sam 65e7cd1d1d Revert "PERF: use distributed cache for site text and category slugs"
This reverts commit a97f2eee05.
2014-11-12 10:01:07 +11:00
Sam a97f2eee05 PERF: use distributed cache for site text and category slugs 2014-11-12 09:44:44 +11:00
Sam b2af49251d PERF: remove superflous queries from initial page loads
stop doing expensive work to figure out discourse style sheet
2014-11-11 15:32:44 +11:00
Sam e20e6b4524 PERF: stop using jQuery to sanitize strings 2014-10-22 15:48:18 +11:00
Régis Hanol 5754e8dd0f FEATURE: auto-close topics based on last post 2014-10-10 18:21:44 +02:00
Kamil Bielawski bf679f1626 FIX: destroy CategoryGroup when Category or Group is destroyed 2014-08-31 22:10:38 +02:00
Neil Lalonde 99d26cef1a FIX: uncategorized counts were always 0. topics_year, topics_month, topics_week, topics_day 2014-08-27 15:58:32 -04:00
Sam 414c6d191f FIX: remove nullable dates post upgrade to Rails 4 2014-08-27 15:19:25 +10:00
Neil Lalonde 5454c1ed24 Updated model anotations 2014-08-22 13:01:44 -04:00
Neil Lalonde 1445ad61da FIX: case-insensitive category lookup when creating topics 2014-08-18 11:07:49 -04:00
Robin Ward 22de2edae7 FIX: Allow a search for a parent slug when a child exists with the same
name.
2014-08-13 15:24:28 -04:00
Robin Ward 74d9293ca9 FIX: Allow duplicate slugs when the parent category is not the same 2014-08-13 14:45:25 -04:00
Neil Lalonde e40e9351f6 FIX: don't allow same category name with different case 2014-08-12 11:40:33 -04:00
Robin Ward 6ba5f715f3 FIX: There was an error renaming the Uncategorized topic 2014-07-25 16:36:34 -04:00
Robin Ward ffa84d9bb4 If you rename a category, also rename the category definition topic. 2014-07-18 13:59:54 -04:00
Neil Lalonde 01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Robin Ward c6df00a5cc FIX: You shouldn't be able to add a parent to `Uncategorized` 2014-07-15 15:19:39 -04:00
Sam 45ca83328d Annotate 2014-07-15 11:29:44 +10:00
Sam 9a9ad9bda8 FEATURE: Badge progress
- Refactor model so it stores backfill query
- Implement autobiographer
- Remove sample badge
- Correct featured badges to only include a badge once
2014-07-03 17:29:44 +10:00
Robin Ward 952426d358 FEATURE: Uploaded images to categories are shown when browsing 2014-06-30 14:14:00 -04:00
Catrin 772a304fc2 dropdown on categorypage 2014-05-29 18:18:27 -04:00
Sam b1d5f4440b Annotate models 2014-05-28 12:30:57 +10:00
Robin Ward 7900c7bd2f Allow multiple subcategories with the same name 2014-05-26 15:33:51 -04:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Benjamin Kampmann 0cf07d41ae Move Concern from lib into app/models. refs #2279 2014-04-29 19:26:43 +02:00
Benjamin Kampmann 2450088c03 Add CustomFields to Post, Category and Group 2014-04-29 19:26:42 +02:00
Erick Guan 6d45f71254 move concerns to the model/concerns 2014-04-19 12:00:40 +08:00
Sam 862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol 6373de550f update annotations 2014-04-08 17:35:44 +02:00
Thomas Cioppettini 38882eb1a7 Remove threequals from ruby files 2014-03-26 12:20:41 -07:00
Neil Lalonde ea86cfd4ef FIX: categories with non-ascii names will have broken next page urls 2014-03-24 13:36:23 -04:00
Sam 5c148faeb9 annotations were out of date 2014-03-20 15:35:51 +11:00
Neil Lalonde a9a8e649ba Oops, and these methods too 2014-03-19 10:36:24 -04:00
Neil Lalonde 986f6e9c2a Oops I meant to delete the old method 2014-03-19 10:35:35 -04:00
Neil Lalonde 3ea477b17d FIX: performance of CategoryDetailedSerializer and Category.update_stats on large databases 2014-03-19 10:14:15 -04:00
Neil Lalonde 5f34a621b5 Revert "Merge pull request #1896 from nickborromeo/category-list" 2014-03-12 16:41:15 -04:00
Régis Hanol bbde2aaa97 Merge pull request #1896 from nickborromeo/category-list
Refactor find_relevant_topics and find_categories
2014-03-12 09:44:41 +01:00
Nick Borromeo 5104c7365f Refactor find_relevant_topics and find_categories
This breaks down two private methods into smaller methods for
readability. This also moves logic into the Category model class.
2014-03-11 22:16:13 -07:00
Benjamin Kampmann 37cea49459 Add Email-In-Per-Category
- allow the configuration of an inbox-email-address per category
 - post emails to that email into that category instead of global

 - Adds UI for configuration
 - Adds Documentation for configuration
 - Adds Tests for new feature
2014-02-28 16:53:58 +01:00
Robin Ward 3151f59bc9 REFACTOR: We don't cache the json for the Site model anymore, so let's
rename and remove the methods leftover from that.
2014-02-24 14:25:37 -05:00
Stephan Kaag f12925887c Drop Rails3 support 2014-02-17 19:42:08 +01:00
Sam 23af46a66c Merge pull request #1960 from verg/subcategory-search-links
Fix subcategories links from search
2014-02-17 10:33:35 +11:00
verg f723f11443 Fix subcategories links from search 2014-02-16 12:49:20 -05:00
Robin Ward f73a3f252a FIX: Don't allow parent categories to be deleted. Also, remove
duplicated logic and rely on the server response for `can_delete`
status.
2014-02-12 17:24:25 -05:00
Nick Borromeo b51bebb200 Extract queries to keep logic in the Categories Model
This creates two methods in the Category model. This moves the model
logic to the model and just calls the Category class methods in
ListController.

This also adds tests for the two methods created in the Category
model. The motivation for this refactor is the code climate score of the
this class and readability of the code.

 Please enter the commit message for your changes. Lines starting
2014-02-08 14:10:48 -08:00
Sam be560d4eb6 Update annotations 2014-02-07 11:07:52 +11:00
Neil Lalonde 14018ec07c FIX: topic and post counts on /categories page should include sub-categories 2014-02-05 18:39:49 -05:00
Robin Ward 2892153712 REMOVE: Get rid of the `hotness` control for good. 2014-01-29 11:54:34 -05:00
Neil Lalonde 89908cdb47 Admins don't see uncategorized on /categories if it has no topics and allow_uncategorized_topics is false 2014-01-15 14:11:36 -05:00
verg 8a830fb8e3 Prevent deleting 'uncategorized' category 2013-12-31 11:22:44 -06:00
Neil Lalonde 341adc93a4 Allow categories with null position, which means sort them based on activity. Mix absolutely positioned (position is not null) categories with null position categories. 2013-12-16 15:13:57 -05:00
Neil Lalonde 1145e4bfd9 Fix topics_year, topics_month, topics_week for uncategorized category 2013-12-13 16:17:06 -05:00
Neil Lalonde 49c3482464 Show topic and post counts by day/week/month/year on categories page 2013-12-13 15:37:45 -05:00
Neil Lalonde 9a24d2651d Allow category to auto-close topics in X hours instead of days. FIX: the system message that says a topic was automatically closed was only counting in days. 2013-12-06 16:39:35 -05:00
Sam 2db3cfb16b annotate models 2013-12-05 17:40:35 +11:00
Neil Lalonde abed146cc7 FIX: Category description topics shouldn't auto-close 2013-12-04 10:31:25 -05:00
Robin Ward 01b768392a Remove `default_scope` 2013-11-06 16:56:49 -05:00
Robin Ward 914b723b97 Category dropdown should be in the `position` order 2013-11-06 15:50:47 -05:00
Robin Ward b93ca1089e List subcategories on categories page 2013-10-31 18:02:24 -04:00
Robin Ward 61468f6f27 Can assign a parent category to a category. 2013-10-24 17:03:28 -04:00
Sam 24d732b12a regressions post merge 2013-10-24 12:25:20 +11:00
Sam 666264879c change it so all topics MUST include a category, we store a special uncategorized category to compensate
this cleans up a bunch of internals and removes some settings
2013-10-24 12:08:02 +11:00
Robin Ward c814fc16a3 Database structure to support sub categories 2013-10-23 15:22:49 -04:00
Sam 614f45d003 correct topic and category counting query
revive old styling that was stripped
2013-10-21 10:20:16 +11:00
Sam 5f74cb6bf9 category is not "positionable" 2013-10-18 18:09:30 +11:00
Sam 1ee49798b2 work in progress wide category list 2013-10-18 11:10:10 +11:00
Sam 7bf96ee690 naive implementation of post_count on categories 2013-10-18 11:10:10 +11:00
Sam 7df4e4afb9 security fix, anon should not be treated as though they can create anything 2013-10-13 09:54:48 +11:00
Navin Keswani d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Navin 9ab2471a92 Fix rails4 deprecation warnings
That appear when running topic_spec.rb
2013-08-15 17:52:18 +02:00
Neil Lalonde 882c1524f7 Strip trailing and leading spaces from category names 2013-07-30 16:48:45 -04:00
Stephan Kaag 0e3b8fbb24 Remove some calls to `all`. They are not required, and Rails4 raises warnings about them. 2013-07-22 20:44:11 +02:00
Sam 352ac9e60c Finalize read only and post only categories, finished off UI work 2013-07-16 15:46:11 +10:00
Sam ecf17cfebb work in progress, add fidelity to category group permissions (full, create posts, readonly) 2013-07-16 15:46:11 +10:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Ian Christian Myers 130d837952 Implemented strong_parameters for Category/CategoriesController.
Category now requires parameters to be permitted by strong_parameters using #require or #permit for mass-assignment. Missing required parameters now throw a ActionController::ParameterMissing execption instead of the Discourse::InvalidParameters execption.
2013-06-04 23:45:25 -07:00
Sam 870e59883b secure the links on the topic pages, eliminated deleted topics as well. 2013-06-05 16:10:26 +10:00
Sam d2c1eb090e Merge pull request #921 from nirnanaaa/postgres-truefalse
removed t's and f's from models
2013-05-30 21:38:26 -07:00
Neil Lalonde b82a5dfd56 Move logic to reject slugs that are just numbers into the slug module 2013-05-30 11:54:02 -04:00
Neil Lalonde 7d5c313456 Don't allow category slugs that are numbers 2013-05-30 11:09:09 -04:00
Sam e93b7a3b20 more progress towards live unread and new counts, unread message implemented, still to implement delete messages 2013-05-30 16:49:57 +10:00
nirnanaaa 364113a4d5 removed t and f 's from group model
removed t and f 's from user model as mentioned in #919

removed t's and f's from category model
2013-05-29 22:10:43 +02:00
Robin Ward 560fb15d8a Include pinned topics in category list.
- removes an (n+1) query for user data
- supports the preload store for the data to avoid a second request
- fix a bug where uncategorizes was reporting (0, 0, 0) for topics by week, month, year
2013-05-28 15:36:16 -04:00
Victor Cruz Dueñas bca006feca removed unnecesary method 2013-05-24 18:03:02 +02:00
Sam ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam 2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Robin Ward 7a31630837 Search Refactor: Remove some manual SQL, make search data tables more idomatic Rails/AR 2013-05-22 16:31:13 -04:00
Robin Ward 27828c5ec2 Merge pull request #871 from avdi/refactoring-with-josh-and-avdi
Various refactorings towards Ruby/Rails idiom from Josh Susser and Avdi Grimm
2013-05-21 07:18:50 -07:00
Josh Susser and Avdi Grimm 5659b66729 Refactor select().map() to use pluck.
Remove a method already provided by ActiveRecord.
2013-05-17 15:11:37 -04:00
Lee Machin dadb7eaa23 fix crash caused by incorrect query in scope
setting all categories to be secured led to a blank screen on all pages

use stabby lambda for consistency in class

make the test a little more concise

- move the local assignments into let blocks for
reusability

- remove calls to `to_a`, which aren't needed

- use 'be_empty' instead of '[]' to be consistent
with the other matchers in the test

add a test for the `secured` scope with multiple
secured categories
2013-05-15 22:26:52 +01:00
Sam b6bf95e741 speed up startup (avoid loading some gems on startup)
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam 942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Sam 4f328e3e45 +x on files makes no sense unless they really are executable
rails in the script dir makes no sense, use binstubs or bundler instead
2013-05-09 17:35:15 +10:00
Sam 5cfcdc7ef0 backend for secure categories mostly done (todo pm groups) 2013-04-29 16:33:43 +10:00
Sam 4d9dc82be0 bug fix 2013-04-24 14:39:31 +10:00
Neil Lalonde c0f3c47196 Use message bus to broadcast addition and removal of categories 2013-04-10 15:53:36 -04:00
Robin Ward 79c986dd92 Fix issue with duplicate slugs 2013-04-01 12:26:51 -04:00
Kuba Brecka d50b5e1fd8 make sure Category.topic_count is consistent with week/year stats 2013-03-31 13:22:05 +02:00
Robin Ward 36269cfbaa Rename 'popular' to 'latest'. First stab at 'Hot' tab. 2013-03-27 16:21:23 -04:00
Régis Hanol 3bf6625aa4 displays a message when a failure happen while creating a new category 2013-03-14 22:25:55 +01:00
Robin Ward 8c02d2f48d Robin sucks at merging! This fixes a n+1 query. 2013-03-08 16:48:56 -05:00
Robin Ward b8fd734d0e Merge branch 'refactor-category' of git://github.com/goshakkk/discourse
Conflicts:
	app/models/category.rb
2013-03-08 10:49:25 -05:00
Sam d6ca23a75b remove N+1 queries 2013-03-08 05:34:19 -08:00
Robin Ward 052887c296 Category Topics are no longer invisible, they are pinned. 2013-03-07 12:46:23 -05:00
Gosha Arinich a1825fece9 refactor Category
* move callback bodies to separate methods (easier to test)
2013-03-05 21:09:13 +03:00
Gosha Arinich 6e5399d544 minor cleanup, using AR querying DSL over raw SQL in some places 2013-02-28 21:54:12 +03:00