89d41ecb39
Add support for oneboxing twitter videos
2017-03-17 20:49:29 +00:00
ea45cc1293
Request full tweets, since twitter has increased the allowed length
2017-03-17 20:36:53 +00:00
e7c972ac89
FIX: Don't use backticks that take in inputs.
2017-03-17 15:33:51 +08:00
b49bf889f6
SECURITY: Disallow symlinks when restoring uploads.
2017-03-17 14:27:01 +08:00
1a7e954e09
FIX: Store custom emojis as uploads.
...
* Depending on a hardcoded directory was a flawed design
which made it impossible to debug when custom emojis go
missing.
2017-03-14 13:07:18 +08:00
82ca0e368e
FEATURE: stop escaping special chars in title prettify
...
This feature is confusting and just leads to inconsistency
2017-03-13 10:02:20 -04:00
6ebddc42d1
FIX: include children categories when searching a category
2017-03-10 15:58:47 -05:00
16593ae8bf
FEATURE: log reason staff auto blocks a user
2017-03-10 15:45:48 -05:00
20ed11f9a5
We must GC here otherwise we risk not freeing our v8 contexts
2017-03-10 11:36:10 -05:00
b68d08404d
shell to node to avoid high memory usage
2017-03-09 17:05:55 -05:00
ab3faeb0f9
PERF: user mini racer to uglify assets
2017-03-09 16:44:50 -05:00
9cc79363e0
Merge pull request #4744 from tgxworld/feature_seen_unseen_search
...
FEATURE: Search can be scoped to posts that the current user has seen…
2017-03-09 07:11:19 +08:00
00380d84c5
UX: display text & html parts alongside raw email in incoming email modal
2017-03-08 23:15:42 +01:00
a97fe5da13
Version bump to v1.8.0.beta7
2017-03-08 12:22:23 -05:00
c623951306
FEATURE: Search can be scoped to posts that the current user has seen/unseen.
...
https://meta.discourse.org/t/advanced-search-posts-that-i-have-seen/57966
2017-03-09 01:01:33 +08:00
cafe3dafcb
UX: show expand button on internal topic onebox
2017-03-08 21:02:38 +05:30
9e9b497d20
Merge pull request #4742 from davidtaylorhq/patch-1
...
FIX: latest-version tag is shown by git-describe
2017-03-08 08:51:50 -05:00
10ec554d97
Ensure we escape variables passed into our SQL query.
2017-03-08 20:37:59 +08:00
6fd34cede6
FIX: latest-version tag is shown by git-describe
...
Adds the -match "v[0-9]*" parameter to git describe, this means that only version tags will be used.
2017-03-08 11:05:11 +00:00
ee9d621d9c
FIX: surround the FROM alias with " in order to support the @ character
2017-03-07 23:37:21 +01:00
8d80a5d97e
add some explicit scoping to help avoid erratic failure in test
2017-03-07 16:00:51 -05:00
99f4d5082b
FIX: Improve token rotation and increase logging
...
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
dad57fa033
FIX: More errors with non-ascii URLs
2017-03-07 11:21:41 -05:00
5d9daa299a
Only run plugin tests if plugins are loaded.
2017-03-07 16:36:49 +08:00
a28704bcee
FIX: Can't recover a post when its user has been deleted.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
c99f4260c0
Merge pull request #4729 from tgxworld/dont_mark_user_as_valid
...
FIX: Don't mark user as `active` if verified email is different.
2017-03-03 15:57:30 -05:00
bcf634ca85
Merge pull request #4728 from nbianca/username-regex
...
Add support for username regex.
2017-03-03 22:59:23 +08:00
abc4dff0fe
FEATURE: add bumped_before query param for topic list
2017-03-02 15:11:50 -05:00
4dac4c69a6
FEATURE: add `before` topic list filter
2017-03-02 14:54:33 -05:00
872d9eae45
FEATURE: add :all filter for messages
2017-03-02 14:54:33 -05:00
30909ec54e
Add support for username regex.
2017-03-02 13:53:45 +02:00
fc0f363973
Run plugin specs as well.
2017-03-02 17:28:35 +08:00
3d347fb9c4
FIX: Don't mark user as `active` if verified email is different.
2017-03-02 14:24:30 +08:00
80858bae2c
FEATURE: further restrict downloading of backups
...
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
d27575176a
Enforce a minimum amount of posters in a topic for `get_a_room`
2017-02-28 16:47:16 -05:00
122fb8025d
FIX: last seen date erroneously updated when browser in background
...
In some cases user may be "last seen" even though browser tab is in
the background or computer is locked
2017-02-28 12:35:10 -05:00
352f98d084
use named param in tag_topic_by_names
2017-02-28 12:08:06 -05:00
292dd8623c
Merge pull request #4622 from dmacjam/master
...
FEATURE: Append tags bulk action for topics
2017-02-28 11:36:58 -05:00
49a0f16ce4
Merge pull request #4723 from mcwumbly/fix-import-scripts
...
FIX: Import scripts were failing to load onebox sanitize config
2017-02-27 16:18:29 -05:00
1e980ad4e6
Merge pull request #4721 from oblakeerickson/sort_admin_users_api
...
FEATURE: Add order logic to admin users controller
2017-02-27 16:13:42 -05:00
e634b37f9a
FIX: from field of emails should be including email_site_title or site title settings
2017-02-27 14:23:07 -05:00
0e6cb752da
Clean up valid order names
...
Add a sortable mappings list to match other endpoints and so that you
don't have to use database column names.
Example: 'created' => 'created_at'
Also cleaned up some of the logic since a lot of it got moved into the
SORTABLE_MAPPING hash.
2017-02-25 11:51:40 -07:00
b188c30925
FIX: Import scripts were failing to load onebox sanitize config
2017-02-25 09:27:42 -08:00
e9d5c3265c
Change param asc to ascending
...
For consistency, change param asc to ascending:
https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649/17?u=oblakeerickson
2017-02-25 09:13:31 -07:00
0a41da6bad
FEATURE: Add order logic to admin users controller
...
Added order and direction parameters for sorting admin user pages. This
commit only includes backend api changes.
https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649
Now you can pass in `order` and `asc` parameters to the
`/admin/users/list/<query>.json` endpoint.
Example:
`/admin/users/list/active.json?&order=post_count` which defaults to desc
and
`/admin/users/list/active.json?order=post_count&asc=true`
2017-02-24 17:11:17 -07:00
ecdae9f863
FIX: i18n integrity specs
...
FIX: check all .yml files in the project for integrity
FIX: ensure localized yamls are compatible with english
2017-02-24 11:35:33 +01:00
a2c04be718
FIX: eradicate I18n fallback issues 💣
...
FIX: client's translation overrides were not working when the current locale was missing a key
FIX: ExtraLocalesController.show was not properly handling multiple translations
FIX: JsLocaleHelper#output_locale was not properly handling multiple translations
FIX: ExtraLocalesController.show's spec which was randomly failing
FIX: JsLocaleHelper#output_locale was muting cached translations hashes
REFACTOR: move 'enableVerboseLocalization' to the 'localization' initializer
REFACTOR: remove unused I18n.js methods (getFallbacks, localize, parseDate, toTime, strftime, toCurrency, toPercentage)
REFACTOR: remove all I18n.pluralizationRules and instead use MessageFormat's pluralization rules
TEST: add tests for localization initializer
TEST: add tests for I18n.js
2017-02-24 11:31:21 +01:00
db9840b672
fix malformed qunit url
...
this removes the space between the query string and the URL
```
$MODULE='Acceptance: Search' rake qunit:test\[20000\]
....
Running: {"module":"Acceptance: Search"}
... http://localhost:60099/qunit?module=Acceptance%3A%20Search 20000
```
The timeout value seems to work fine.
2017-02-24 10:19:34 +11:00
f68540b022
Increase QUnit timeouts to allow on slower envs
2017-02-23 19:21:06 -03:00
ea1007e954
FEATURE: add support for same site cookies
...
Defaults to Lax, can be disabled or set to Strict.
Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
ad435da377
fix typo
2017-02-23 10:58:53 -05:00
b7d2edc7dc
FIX: allow some auth token misses prior to clearing cookie
...
It appears that in some cases ios queues up requests up front
and "releases" them when tab gets focus, this allows for a certain
number of cookie misses for this case. Otherwise you get logged off.
2017-02-22 12:37:11 -05:00
213a496203
FIX: show all staff events related to the target user
2017-02-22 13:31:40 +05:30
b32f33b3f0
FIX: allow staff members to send PMs when enable_private_messages is disabled
2017-02-22 11:32:09 +05:30
046cbad10b
FEATURE: add a button on admin user page that links to action log
2017-02-21 21:38:37 +05:30
476ae57af3
FEATURE: primary group class on avatars in topic list
2017-02-20 15:55:10 -05:00
4a2f13348a
ADD: Append tags bulk action for topics
2017-02-20 18:14:32 +01:00
3ce3abef8f
FIX: add Content-Disposition and Content-Type headers when downloading attachments
2017-02-20 15:59:01 +01:00
9baf89a901
Remove database vacuum task from Discourse.
2017-02-20 09:02:38 +08:00
cfc0cc936f
FIX: Get a room wasn't enforcing sequential properly
2017-02-19 16:00:28 -05:00
1935f624b8
FEATURE: reset active record cache in sidekiq if needed
...
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
7a85469c4c
SECURITY: inactive/suspended accounts should be banned from api
...
Also fixes edge cases around users presenting multiple credentials
2017-02-17 11:03:09 -05:00
040e10a627
reduce duplication
2017-02-15 17:27:10 -05:00
74d4209d24
FEATURE: allow plugins to register custom topic list filters
2017-02-15 15:25:43 -05:00
c085e8f85f
Version bump to v1.8.0.beta6
2017-02-14 17:40:44 -05:00
6a271a7695
Increase Qunit tests timeout on Docker tests
2017-02-14 16:09:14 -02:00
dacfdd4dc8
use chars as opposed to split
2017-02-14 09:40:15 -05:00
8feb94e13f
FIX: password validator was being too strict
2017-02-14 09:18:04 -05:00
d88562e72b
Revert "use RFC-complient signature separator dash-dash-space"
2017-02-14 14:58:08 +01:00
53d8d126a4
Version bump to v1.8.0.beta5
2017-02-13 16:46:08 -05:00
0ab96a7691
FEATURE: add hidden setting for verbose auth token logging
...
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
94e1105af7
fix unique char counting in password validator
2017-02-10 10:38:17 -05:00
bcd4513963
use RFC-complient signature separator dash-dash-space
...
currently, Discourse uses '---' in its notifications to
separate the signature with unsubscribe links etc. from
the body of the message.
The RFC standard defines '-- '.
https://www.ietf.org/rfc/rfc3676.txt (4.3)
The problem has been discussed in:
https://meta.discourse.org/t/previous-replies-separator-is-not-rfc-compliant/39410
And an incomplete fix has been added a year ago:
86819f08c3
2017-02-10 11:46:02 +01:00
1bcb835446
FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting
2017-02-09 15:00:22 -05:00
91d09ebc08
post ids are always an integer
2017-02-08 23:46:11 +01:00
e9e88a010f
FIX: find replied-to post even when incoming email doesn't have a reply key
2017-02-08 21:38:52 +01:00
5a4c393231
UX: Include the username and link of the user for get_a_room
2017-02-08 15:27:07 -05:00
5a8bbe663a
FEATURE: include most popular tag in page title for webcrawlers of tagged uncategorized topics
2017-02-07 16:55:42 -05:00
df8f365d99
FEATURE: improve search so it searches sub categories by default
...
If you want an exact category match use `category:=howto` or `#=howto"
2017-02-07 15:53:37 -05:00
02bb7beaaf
FIX: don't put attachments on the CDN when 'prevent anons from downloading files' is enabled
2017-02-07 18:06:44 +01:00
f34907b523
Merge pull request #4681 from vietqhoang/feature/add-user-title-to-sso-payload
...
FEATURE: Add user title to SSO payload
2017-02-07 10:25:32 -05:00
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
ba115480ba
FIX: wasn't extracting links to quoted posts
2017-02-06 14:45:04 +01:00
ceee2a509a
remove warning of previously defined constant when running the specs
2017-02-05 19:07:18 +01:00
f1e7bca3c9
FEATURE: Warn a user when they're replying to the same user too much
2017-02-03 17:00:54 -05:00
dc2171960b
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:01:23 +05:30
82555ca761
FIX: mail threading wasn't working properly in Mac Mail
2017-02-01 23:02:41 +01:00
f932cb51f3
FIX: stop stripping local onebox links from tracker
...
When a onebox was made to a local topic it was not tracked using link
tracker
2017-02-01 14:21:01 -05:00
c725225f69
FIX: log message when revoking email with too many bounces
2017-02-01 16:53:24 +01:00
40164ccd4a
Add user title to SSO payload
2017-01-31 16:42:27 -08:00
25516874b5
FIX: Escape regexp chars in `SiteSetting.censored_words`.
2017-01-31 10:14:51 +08:00
8fc7420f83
FIX: prevent huge custom emojis in emails
2017-01-30 18:06:48 +01:00
19f7beaa2c
FIX: topic links were getting dropped when post is rebaked
2017-01-30 14:55:53 +05:30
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
0a1d05c3b2
Version bump to v1.8.0.beta4
2017-01-26 17:38:06 -05:00
8923e407fe
Version bump to v1.8.0.beta3
2017-01-26 13:34:01 -05:00
061c3dd6c1
typo
2017-01-25 22:46:05 +05:30
89d7ddd803
FEATURE: new rake task to delete a word/string from all the posts
2017-01-25 22:33:39 +05:30
bc4f443fde
typo
2017-01-25 21:23:25 +05:30
ba21ef34e5
Fix broken emojis.
2017-01-24 16:17:30 +08:00
80e573e794
FIX: support removing all occurences of a word/string
2017-01-24 12:52:38 +05:30
e27ca3019b
FEATURE: posts:remap task now supports removing all occurences of a word
2017-01-24 12:00:57 +05:30
eafd0a7497
Bye bye bygbug.
2017-01-24 14:07:55 +08:00
ce07da1d8b
UX: Only display the words that fails censored words validations.
2017-01-24 13:11:05 +08:00
9c9e0f5eca
FIX: Move the middleware
2017-01-18 18:22:03 -05:00
fffa285dbf
Insert middleware in production mode if enabled
2017-01-18 18:05:56 -05:00
61d4c1203e
FEATURE: group avatar flair shows on topic participants list, and participant avatars can have custom styles
2017-01-18 11:38:00 -05:00
01c8974c36
typo
2017-01-18 20:10:49 +05:30
e3b6f9b8ae
FIX: Do not update user stats like counts for private messages.
2017-01-16 11:07:53 +08:00
adb73180f7
FEATURE: Let plugins register themes easily
2017-01-13 11:50:52 -05:00
d49473757e
Version bump to v1.8.0.beta2
2017-01-13 11:39:52 -05:00
04ae3539d0
FEATURE: Better error message when incoming e-mail is missing a Date: header
2017-01-13 11:05:00 +11:00
499a83270a
FIX: don't onebox to IP addresses
2017-01-12 22:35:33 +01:00
dfb633fde3
remove 'already initialized constant' warning
2017-01-11 11:03:36 +01:00
cdd550e947
Use a different Redis key when PG failover sets site to readonly mode.
2017-01-11 16:38:49 +08:00
42c39ab38e
Don't display email addresses in staff action logs for revoked email
2017-01-10 17:51:22 -05:00
e84fcc7d74
Staff action logs explain when system is deleting a post because author marked it to be deleted
2017-01-10 17:25:36 -05:00
b60bc47a4c
Plugins can register providers for global settings
2017-01-09 17:18:58 -05:00
185dcb2ca1
handle emails with localized headers 😠
2017-01-09 22:59:30 +01:00
3b74c0e3b8
FIX: Don't allow formatting in titles when quoting other topics
2017-01-09 14:53:04 -05:00
c2a85440b6
Merge pull request #4640 from krainboltgreene/patch-1
...
Allow for a custom hub server
2017-01-09 10:40:11 -05:00
429b02a5d5
oops fix specs.
2017-01-09 17:08:24 +08:00
3d21ccd4a5
FIX: Add validation to disallow censored words in topic title.
2017-01-09 16:55:41 +08:00
393f49f224
Allow for a custom hub server
2017-01-06 14:54:38 -08:00
e0bbe331df
Version bump to v1.8.0.beta1
2017-01-06 16:10:39 -05:00
98c62bccb5
FIX: mark forwarded email as read by the forwarder
...
FIX: 'Re:' prefix is mostly used for replies and not forwarded emails
2017-01-06 15:33:55 +01:00
1cb09aec49
FIX: Suppress error when acccess is invalid.
2017-01-06 13:18:04 +08:00
d10fe51b72
Fix broken specs since all urls will be oneboxed.
2017-01-06 10:05:51 +08:00
a89f60b85b
Merge pull request #4631 from tgxworld/prevent_users_from_changing_permissions_of_non_real_users
...
FIX: Do not allow admins to meddle with admin and moderation access o…
2017-01-04 09:10:27 +08:00
cf7774bdd9
FEATURE: Block muted users from sending you PMs
2017-01-03 14:51:53 -05:00
15a0f3cb14
add vertical align to email blockquote avatar img
2017-01-02 13:49:00 -08:00
495a511862
simplify quote markup in emails
2017-01-02 21:37:01 +05:30
477b237e45
FIX: use 'other' instead of 'many' for Ukrainian pluralization until translations are fixed
2016-12-30 11:49:25 -05:00
f1beef43a8
Merge pull request #4618 from tgxworld/fix_invalid_emails
...
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
dd4937a493
Version bump to v1.7.0.beta11
2016-12-28 18:14:06 -05:00
d28d8a1f85
FIX: order by op_likes leads to broken browsing
2016-12-27 19:08:54 +11:00
2f6a4cc6de
remove UserActionObserver, replace with after_save and service
...
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
5d7f3223f0
SECURITY: Users can only bookmark posts which they can see.
2016-12-21 12:01:26 +08:00
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
b12b2b1911
change onebox preview key for me consistency
2016-12-20 11:18:47 +01:00
ea9f7a41af
remove gctools (no longer used) add gctracer for debugging
2016-12-20 15:07:30 +11:00
52cd9972bb
FIX: prevent DDoS with lots of _oneboxable_ links
...
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
2b808ad9da
Merge pull request #4609 from joebuhlig/category-topics-wiki
...
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
a65281d5ea
FIX: better support for featured link topics in summary emails
2016-12-19 17:05:49 -05:00
3256620d5d
FIX: some blank topics and posts in summary email because they're images
2016-12-19 16:21:31 -05:00
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
e03d5e2140
Reapply Ember 2.10 for good this time!
...
This reverts commit ddd299f4aa
2016-12-19 11:19:10 -05:00
David Taylor
Guo Xiang Tan
Sam
Régis Hanol
Neil Lalonde
Arpit Jalan
Robin Ward
Bianca Nenciu
Blake Erickson
David McClure
Rimian Perkins
Rafael dos Santos Silva
Jakub Macina
Robert Riemann
Viet Hoang
Rimian Perkins
Leo McArdle
Matt Palmer
Kurtis Rainbolt-Greene
Jeff Atwood