Robin Ward
1bab15c757
FEATURE: A site setting for a minimum TL to post links
2018-02-06 18:07:58 -05:00
Arpit Jalan
25ec077eca
rename 'min_private_message_{post/title}_length' to 'min_personal_message_{post/title}_length'
2018-02-01 13:25:29 +05:30
Gerhard Schlager
2a22b90538
SECURITY: email domain whitelist could be bypassed
2018-01-17 21:45:32 +01:00
Arpit Jalan
1208254961
FIX: validate presence of 'top menu' setting
2018-01-17 01:43:53 +05:30
Guo Xiang Tan
805d1c25d3
Merge pull request #5451 from tgxworld/treat_non_ascii_urls_as_valid
...
Treat non-ascii URLs in `UrlValidator`.
2017-12-27 14:14:20 +08:00
Arpit Jalan
ef4c6c67ba
fix the build
2017-12-23 14:42:40 +05:30
Arpit Jalan
0514ac4ee2
FIX: verify presence of 'sso url' before enabling 'enable sso'
2017-12-23 13:30:49 +05:30
Guo Xiang Tan
4b51871f6a
Treat non-ascii URLs in `UrlValidator`.
2017-12-21 14:22:55 +08:00
Guo Xiang Tan
6ecf37c482
Improve URL validation to check for a valid host.
...
Parsing a URL with `URI` is not sufficient as the following cases
are considered valid:
URI.parse("http://https://google.com ")
=> #<URI::HTTP http://https//google.com >
2017-12-21 13:50:15 +08:00
Vinoth Kannan
7f2eeaf767
FIX: Password required flag should be cleared whenever clearing the raw password ( #5384 )
2017-12-01 15:19:24 +11:00
Gerhard Schlager
4dc4bc70c8
FIX: ignore_by_title should match case-insensitive
2017-11-12 01:43:18 +01:00
Neil Lalonde
ddbd1d5ab8
allow regex options on username site settings
2017-10-04 15:08:51 -04:00
Gerhard Schlager
7f50380221
FIX: respect email domain whitelist/blacklist when creating staged users
2017-10-03 16:36:08 +02:00
Sam
a4e3e081c9
correct spec
2017-08-24 10:40:14 -04:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Guo Xiang Tan
2255724637
UX: Add validator for `SiteSetting#sso_overrides_email`.
2017-07-10 10:08:55 +09:00
Guo Xiang Tan
13f3de4bf6
Nuke all `SiteSetting.stubs` from our codebase.
2017-07-07 15:09:14 +09:00
Guo Xiang Tan
59b906ab0d
FEATURE: Disable minimum post length check when in PM with non human users.
...
https://meta.discourse.org/t/discourse-narrative-bot-beta-feedback/58621/65?u=tgxworld
2017-04-27 16:00:22 +08:00
Arpit Jalan
dad2024094
FIX: do not impose default min/max validation on hidden site setting
2017-04-22 12:08:39 +05:30
Arpit Jalan
9eff4f0807
FIX: all basic integer settings should have max value validation
2017-04-21 07:09:41 +05:30
jomaxro
f5673fbd47
Remove references to elder
...
The use of the TL4 name Elder was changed in 2014 to Leader. The spec function was changed to `:trust_level_4`, but the it statement was not changed.
2017-02-26 17:40:42 -07:00
Jeff Atwood
9b263a0559
increase req min unique pw chars from 5 to 6
2017-02-16 17:06:19 -08:00
Sam
8feb94e13f
FIX: password validator was being too strict
2017-02-14 09:18:04 -05:00
Neil Lalonde
94e1105af7
fix unique char counting in password validator
2017-02-10 10:38:17 -05:00
Neil Lalonde
1bcb835446
FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting
2017-02-09 15:00:22 -05:00
Guo Xiang Tan
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Neil Lalonde
86522a52b7
FEATURE: add censored_pattern setting to censor posts using regex
2016-11-08 16:39:26 -05:00
Neil Lalonde
7a81669c18
SECURITY: don't allow re-using the current password during password reset
2016-08-24 12:27:21 -04:00
Régis Hanol
59680af329
disable email white/blacklisting for staged users
2016-07-04 16:05:01 +02:00
Régis Hanol
de9136a8f2
FIX: bypass TL0-specific validations on posts in a PM
2016-04-18 22:08:42 +02:00
Régis Hanol
20ce7f29e0
FEATURE: new 'manual_polling_enabled' site setting
2016-03-16 22:28:01 +01:00
Arpit Jalan
50e65634d7
FEATURE: new setting min_admin_password_length and better default
2016-03-02 14:43:26 +05:30
Régis Hanol
8944d62aa6
add validator for the 'reply_by_email_enabled' site setting
2016-02-09 23:35:40 +01:00
Arpit Jalan
99c4252ba6
FEATURE: Staff should be exempt from user mention limit
2016-02-01 21:19:56 +05:30
Andy Waite
3e50313fdc
Prepare for separation of RSpec helper files
...
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`
`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).
For more information:
https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files
In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.
This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.
At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
Régis Hanol
5b9594277a
skip most post validations for staged accounts
2015-12-01 10:40:23 +01:00
Régis Hanol
7c694139ec
trust staged accounts when validating posts
2015-11-30 19:08:35 +01:00
Sam
69ad0358c2
FIX: incorrect logic in email blocker
...
if mail.com was blocked, email.com was automatically blocked
2015-06-15 11:28:50 +10:00
Arpit Jalan
b7ac8448c6
Improve IP blocking error message
2015-06-02 07:48:26 +05:30
Arpit Jalan
6bf680882c
Better error message when new registration limit from an IP address is reached
2015-06-01 10:16:25 +05:30
Neil Lalonde
30b063c08b
FEATURE: make full names a required field of user profiles with the full_name_required setting
2015-04-02 17:08:04 -04:00
Neil Lalonde
c04b214910
FEATURE: don't allow username and email to be the same
2015-02-27 13:47:43 -05:00
Neil Lalonde
cf81b3f86d
FEATURE: don't allow username and password to be the same
2015-02-25 12:00:13 -05:00
Régis Hanol
f7d2fc0524
FEATURE: 'reply by email address' validator
...
Prevent infinite email loophole when the 'reply_by_email_address' site setting is the same as the 'notification_email'.
2015-02-06 12:08:37 +01:00
Luciano Sousa
0fd98b56d8
few components with rspec3 syntax
2015-01-09 13:34:37 -03:00
Régis Hanol
7641d88224
FEATURE: new 'maximum new user accounts per registration IP' site setting
2014-11-17 12:04:29 +01:00
Neil Lalonde
443caaa8f7
FIX: don't let admins skip post validations, unless it's faq, tos, or privacy
2014-08-01 14:53:35 -04:00
Neil Lalonde
e1be478ef4
FIX: admins bypass some post validations. This allows them to edit legal docs even if those docs are longer than max post length, for example.
2014-07-28 16:40:14 -04:00
Neil Lalonde
3eb65885d1
Add validation of string site settings with regex, and min and max lengths
2014-06-18 11:15:40 -04:00