Commit Graph

669 Commits

Author SHA1 Message Date
Robin Ward 3b1ef6ebc9 Work in progress: Groups Page 2014-02-07 10:44:51 -05:00
Sam 93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Neil Lalonde 74f1c553e3 FIX: 1868 Security: Dangerous Send 2014-01-27 13:05:51 -05:00
Neil Lalonde 90e195b2e7 More work on trust level 3 requirements page 2014-01-24 11:56:46 -05:00
Sam 2b64118df1 Merge pull request #1782 from ligthyear/group-mention
Allow groups to be used as aliases for user mentions
2014-01-12 14:36:45 -08:00
Robin Ward 852d110f35 Test email is now synchronous and ignores sidekiq queue. 2014-01-09 15:25:25 -05:00
Benjamin Kampmann c743a985a4 Allow groups to be used as aliases for user mention
when configured by the admin a group can be found through the @mentions
feature in both the compose/reply and the private message user-selectors
and once selected the mention will be replaced by the list of users in
the group
2014-01-08 02:36:24 +11:00
Régis Hanol 8d73b7f94d BUGFIX: hide sensitive site settings 2014-01-06 13:03:53 +01:00
Robin Ward 8c8645f158 FIX: Code and Emoticon formatting in HTML emails. 2013-11-28 17:21:14 -05:00
Sam 8339337cd1 strip out docker stuff, put into a plugin 2013-11-13 17:42:31 +11:00
Régis Hanol e9f9d22482 add query parameter to temporarily disable customization 2013-11-12 18:14:22 +01:00
Sam 932c2675a7 work in progress, admin page for upgrades (provides source lives in git) 2013-11-12 16:42:35 +11:00
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde 9c91ddd854 Should have put order on the screened urls results 2013-11-04 16:31:31 -05:00
Neil Lalonde bd9b85f076 Screened Urls page shows results for each domain instead of each url 2013-11-04 16:24:48 -05:00
Neil Lalonde 92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Neil Lalonde 017efdece5 A form to add ip addresses to be blocked or whitelisted 2013-10-24 17:19:10 -04:00
Sam 738a25b732 fix failure in rails 4 mode 2013-10-24 13:40:18 +11:00
Neil Lalonde bf06014a16 Order by creation time by default in screened ip addresses table 2013-10-23 13:01:50 -04:00
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Neil Lalonde 7d582fbee3 Screened ip address can be edited, deleted, and changed to allow or block. 2013-10-22 16:30:46 -04:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Neil Lalonde 13f17b2a5c Add ability to customize css and header for mobile 2013-09-16 12:28:02 -04:00
Neil Lalonde e8ef55c446 Rename StaffActionLog to UserHistory 2013-09-10 22:01:20 -04:00
Neil Lalonde 47add6da70 Log when a site customization is deleted 2013-08-21 12:33:24 -04:00
Neil Lalonde a95303fcd8 Log site customization changes. Use a modal to show staff action log details for site customizations. 2013-08-21 12:33:24 -04:00
Neil Lalonde 3abeb5f793 Staff action logs can be filtered to changes of one site setting 2013-08-20 13:50:51 -04:00
Neil Lalonde 1d030666d8 Log site setting changes and show in admin 2013-08-19 16:58:38 -04:00
Sam a9393e4a7a paging for flag list
corrected reload behavior on flag list
refactored post actions ... extracted flag queries
2013-08-19 21:14:26 +10:00
Neil Lalonde b6285b85d2 Add reject option to pending users page 2013-08-16 11:42:43 -04:00
Neil Lalonde 293361dcd3 Screened URLs list in admin 2013-08-15 10:52:26 -04:00
Neil Lalonde 86647f0a54 Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail. 2013-08-14 16:08:23 -04:00
Neil Lalonde bb492eb8bf Add filtering to staff logs page 2013-08-09 16:59:05 -04:00
Neil Lalonde 90a3bcf6ff Add filter by action to staff logs page 2013-08-09 10:06:59 -04:00
Neil Lalonde 33bddbff85 Use Ember.ListView for staff action logs page 2013-08-09 10:06:58 -04:00
Neil Lalonde 0d44313a4b Use Ember.ListView for blocked emails list 2013-08-09 10:06:58 -04:00
Neil Lalonde 5c8c52482a Add a way to view staff action logs in admin 2013-08-07 16:27:34 -04:00
Neil Lalonde d2fb6ec53f Blocked Emails list in admin 2013-08-07 16:27:34 -04:00
Neil Lalonde 98b58150bb Dashboard calculations are done with an async job now 2013-08-02 18:32:33 -04:00
Neil Lalonde 06140740d0 Version checks: tolerate old version check data that can happen immediately after upgrading but forgetting to restart sidekiq/clockwork. Don't cache version check data along with other dashboard data. 2013-07-30 12:12:04 -04:00
Neil Lalonde 4fd5087f91 Add button to delete a spammer in the flag modal
Add SiteSettings: delete_user_max_age, delete_all_posts_max. Add delete spammer button to admin flags UI
Moderators can delete users too
2013-07-29 15:29:44 -04:00
Neil Lalonde e076158789 Add ip_address, email, and context to staff_action_logs table. Context should usually be the url from which the staff member performed the action, but could be any string that describes what the staff member was doing when the action was performed. 2013-07-29 15:29:43 -04:00
Neil Lalonde 5f3e9131ed Deleting a user from admin user page has the option to also block signups from the same email address 2013-07-29 15:29:43 -04:00
Neil Lalonde e25638dab0 add a way to delete posts and topics when deleting a user with UserDestroyer 2013-07-29 15:29:43 -04:00
Neil Lalonde a8df9778b5 Rename AdminLog to StaffActionLog 2013-07-29 15:29:43 -04:00
Michael Campagnaro aa7e96c0fa Fix auto-group refresh response so that ajax callback runs 2013-07-26 19:47:32 -04:00
Sam 880dd53f48 Merge pull request #1249 from sir-pinecone/strip-spaces-from-group
Strip spaces from group names upon creation
2013-07-24 00:15:53 -07:00
Michael Campagnaro 867ce0310c display group validation errors in alert modal 2013-07-24 00:42:44 -04:00
Michael Campagnaro b223cdb493 Strip spaces from group names upon creation 2013-07-24 00:00:17 -04:00
Sam 9ac6c6e2e9 Merge pull request #1233 from sir-pinecone/improve-group-deletion
Add confirmation modal to admin group deletion
2013-07-23 00:43:06 -07:00
Stephan Kaag 0e3b8fbb24 Remove some calls to `all`. They are not required, and Rails4 raises warnings about them. 2013-07-22 20:44:11 +02:00
Michael Campagnaro 9616767bff Add confirmation modal to admin group deletion 2013-07-22 02:48:23 -04:00
Navin d77ce23de2 Log all changes of user trust level by an admin 2013-07-08 11:53:22 +02:00
Sam 91238af6f1 correct failing specs 2013-07-08 12:25:38 +10:00
Navin 3da37506da Back end - temporary boosting of trust levels 2013-07-03 10:30:40 +02:00
Neil Lalonde 075ed1ab53 Refactor user blocking code; hide the Block button in admin 2013-07-02 14:42:53 -04:00
Robin Ward 89f182899f Support for custom Privacy Policies 2013-06-26 10:59:36 -04:00
Robin Ward 8e6a903f9b Merge pull request #1046 from house9/admin-user-index-2
extract Admin::UsersController#index to its own query class
2013-06-20 07:52:22 -07:00
Sam 4a8a663a67 flagging workflow changes per http://meta.discourse.org/t/we-need-an-archive-flag-notification-button/7450 2013-06-20 17:42:15 +10:00
Jesse House e0ff74ead0 extract Admin::UsersController#index to its own query class
- move query to its own class
- use postgres ILIKE case insensitive
- removed duplicated list of trust levels
2013-06-19 13:48:45 -07:00
Sam 799b402778 fix horribly broken invite code, could lead to inviting the wrong person to a conversation 2013-06-19 10:31:19 +10:00
Sam 80c03b7b1e case sensitive where it should not be 2013-06-17 15:47:18 +10:00
Sam 0052e78bfe render error when people attempt to save an invalid group name
hide controls when we showing an automatic group
2013-06-17 13:43:06 +10:00
Sam b97d186cb5 automatic groups should not allow you to muck with the listed users in the group 2013-06-17 12:54:25 +10:00
Sam dbfd40da84 order group member by username, bump up max count to 200 for now 2013-06-17 12:02:48 +10:00
Chris Hunt a362d62b42 Do not return mail password in EmailController 2013-06-11 16:00:13 -07:00
Neil Lalonde 82b5f57e40 Make it possible to set a site setting to empty string 2013-06-11 14:31:38 -04:00
Robin Ward 93bbe190c0 Moved Email components into a module 2013-06-10 15:34:10 -04:00
Robin Ward 8f32aed944 Only use HTML templates for the digest email. 2013-06-06 15:08:56 -04:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Robin Ward 0b97ea6345 Better HTML emails, smarter email digests, new email section in admin with digest preview 2013-06-05 17:47:25 -04:00
Neil Lalonde 2259e97d42 Add a count of blocked users on the dashboard 2013-06-04 11:53:19 -04:00
Neil Lalonde c4904aacc0 Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-06-03 16:37:40 -04:00
Robin Ward 830b93a16b Reduced complexity of admin flags controller, split up into methods, moved reports into model. 2013-05-29 16:49:34 -04:00
Robin Ward 3037e9adf6 FIX: Clearing flags wasn't making topics visible again. 2013-05-24 16:03:20 -04:00
Neil Lalonde 21b4b8d5d5 Expire dashboard data when you upgrade to a new discourse version. Version check data was being cached and causing confusion to people who upgraded. 2013-05-14 16:17:25 -04:00
Sam a27046bacd fix cache hole 2013-05-13 11:09:03 +10:00
Sam 5280b3a01b more group progress, UI getting there, controller mostly done
changed it so notify moderators goes to the moderators group
allow admins to grant self moderation and revoke self moderation
2013-05-09 17:37:34 +10:00
Sam 0f0fd281a8 group progress, never email banned users 2013-05-09 11:34:58 +10:00
Neil Lalonde f35a44aeae Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account 2013-05-08 10:10:47 -04:00
Sam 6b536dcde5 work in progress ... groups 2013-05-08 15:20:38 +10:00
Sam be1ab8b275 automatic group infrustructure 2013-05-06 14:49:56 +10:00
Sam 5ec52bd2e9 :s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff 2013-05-02 17:22:27 +10:00
Sam 65cd00cf25 moderators now have teeth, more at http://meta.discourse.org/t/moderator-permission-set/6307/5
allow pms to be targetted at groups
2013-05-02 15:15:53 +10:00
Neil Lalonde 06e5083950 Dashboard links to list of admins and moderators; Move a bunch of ember routes into one file: admin_users_list_routes.js 2013-04-23 12:07:58 -04:00
Neil Lalonde fe1b979c65 Admin Dashboard: click numbers in Users per Trust Level table to see a list of the users 2013-04-23 10:41:40 -04:00
Sam 4cea92c4e9 work in progress add support for groups 2013-04-19 10:34:39 +10:00
Sam 2bdb53261b don't treat notify user as a flag 2013-04-15 13:09:52 +10:00
Neil Lalonde 651cfba93f Add ability to destroy a user with 0 posts 2013-04-12 16:53:00 -04:00
Régis Hanol 41b7f741d0 extract hard-coded strings 2013-04-07 18:14:50 +02:00
Sam a2cca2540e some minimal site settings diags
fix issue where days_visited was totally out of sync
2013-04-05 17:47:54 +11:00
Robin Ward fa1ba6791b Work in Progress: Content Editing in Admin Section 2013-04-04 17:26:22 -04:00
Neil Lalonde 25073e873f Fetch the list of problems more frequently on the admin dashboard 2013-03-29 15:48:26 -04:00
Sam c57ec611e1 basic api support 2013-03-25 18:04:46 -07:00
buddhamagnet baef69d08c add render nothing to refresh_browsers method 2013-03-23 21:37:37 +00:00
Sarah Vessels 54c7b1ab63 Use consistent new-style hashes in render calls *twitch* 2013-03-22 14:08:11 -04:00
Neil Lalonde c3c25b894a Cache dashboard data in the controller, not the report model 2013-03-20 13:54:32 -04:00
Neil Lalonde 1e4dd3ea0c Start detecting install problems and report them on the admin dashboard. This commit adds check for Rails.env 2013-03-20 12:00:52 -04:00
Sam 62c60540be pull moderator into own column, rename trust levels 2013-03-19 21:06:11 -07:00
Neil Lalonde 50b04b2209 Add email counts to admin dashboard 2013-03-18 10:08:09 -04:00
Neil Lalonde 6a99d12784 Add likes to admin dashboard 2013-03-18 10:08:08 -04:00
Neil Lalonde d9cdde9aa7 Add user counts for each trust level to admin dashboard 2013-03-15 18:09:02 -04:00
Neil Lalonde 8983df9856 Show current user count for now, not at different points in time 2013-03-15 18:09:01 -04:00
Neil Lalonde 6c4d9ecfdc Use one request to fetch dashboard report data and check version 2013-03-14 18:26:26 -04:00
Alexander c4f1cb0d7b Raise 404 from Admin::UsersController#show if no user found
[Fixes #353]
2013-03-05 14:02:23 -08:00
Régis Hanol 239cbd2d58 enforce coding convention
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Gosha Arinich 0c99dea153 introduce Enum 2013-03-01 21:16:36 +03:00
Robin Ward dc8e1196fd Code to support EmberJS + Discourse Tutorial feature: Admin Reports 2013-02-27 22:40:36 -05:00
Gosha Arinich 12d664a610 refactor Topic
* move finding by username/email to User
* make SiteSetting return a range of possible post title lengths
* remove unnecessary conditions
2013-02-26 19:27:59 +03:00
Neil Lalonde c0371ff427 Add version checking that shows on the admin dashboard 2013-02-19 15:20:49 -05:00
Neil Lalonde 39eab7c425 Replace mentions of mothership with discourse_hub 2013-02-14 12:57:26 -05:00
Ismael Abreu 80bec6efc9 Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-14 01:12:23 +00:00
Sam Saffron 8250586306 add to_date so its more explicit 2013-02-11 09:11:02 +11:00
Kuba Brecka d0c1d94918 fix user listing and search on non-US locale 2013-02-10 12:18:11 +01:00
Jakub Arnold 61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Sam Saffron 85973ce6b0 added delete all posts button
wired up the ability to enable all themes
2013-02-07 18:11:56 +11:00
Sam Saffron 7cdf1266ad remove unused var 2013-02-07 12:32:29 +11:00
Sam Saffron 6f2f7b0589 flagging work, we should be clearing from the mod menu if a topic or post is deleted 2013-02-06 12:13:41 +11:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00