Commit Graph

848 Commits

Author SHA1 Message Date
Régis Hanol 4536b5fe04 added a job to clean up orphan uploads 2013-10-15 11:15:48 +02:00
Sam cf08d2c751 security: when login is required don't return the site node in the preload store 2013-10-15 09:50:49 +11:00
Sam 7df4e4afb9 security fix, anon should not be treated as though they can create anything 2013-10-13 09:54:48 +11:00
Sam e5fbdde56f filter params correctly from error log 2013-10-13 08:07:45 +11:00
Neil Lalonde 3c2c6ab24b Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic. 2013-10-11 13:34:05 -04:00
Robin Ward fee2734aaa Check for custom avatars by default now. 2013-10-11 11:09:53 -04:00
Sam b0465c517e (experimental) added framework for filtering all sorts of internals in discourse and consuming by plugins 2013-10-10 18:45:40 +11:00
Sam 2a948c52a9 this setting needs to be pushed up to 15 so we will be able to nuke new spammer accounts
it is set to max_topics_in_first_day + max_replies_in_first_day
2013-10-10 10:45:27 +11:00
Sam ad2ed5fe51 rate limits for topics and posts on first day
max_topics_in_first_day and max_replies_in_first_day
2013-10-10 10:32:03 +11:00
Rafael George 3a1e1e046b Refactor: Topic#invite_by_email
Extract Topic#email_already_existas_for? and Topic#grant_permission_to_user
Fix failing spec due to missing variable in extracted method
2013-10-09 13:55:02 -04:00
Neil Lalonde bccb37b6f3 When creating a topic, don't select a category by default when allow_uncategorized_topics is false. Also, added category validation on the server to enforce allow_uncategorized_topics. 2013-10-08 14:41:20 -04:00
Sam 094b5eccca bug fixes for user_stat extraction, decrease querying 2013-10-07 15:05:00 +11:00
Sam e18b93026a defer view creation on so updates are not performed when people navigate to topics 2013-10-07 15:04:59 +11:00
Sam 5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Sam Saffron ad93fc959c security issue, anon and logged in users could see the fact that a user sent another user a pm (but could not see the pm itself or title) 2013-10-03 16:48:03 -07:00
Robin Ward 578ef2098b Merge pull request #1488 from cfstras/removeAllowedUser
Allow removing users from private conversations
2013-10-03 08:02:41 -07:00
Claus Strasburger 15a973fd45 Improved private message user removal, locale edit
replaced array iteration with findProperty (will be renamed and aliased to findBy with Ember 1.1)
added modal dialog to verify
catched nil-error on topic.rb
2013-10-02 19:16:43 +02:00
Sam 441010ac65 optimise view count calculation query 2013-10-02 17:08:53 +10:00
Sam 5f8851cb44 Avoid superfluous transaction when saving drafts 2013-10-02 12:17:27 +10:00
Sam f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Robin Ward 3f0c03a20c FIX: Prevent unauthorized list of private message titles. Also remove some unused code. 2013-09-30 14:35:11 -04:00
Sam 5caa7a0e4d improve performance of periodical update job, decrease frequency and shift it by a few minutes 2013-09-30 16:59:16 +10:00
Sam 6fbc5af284 notify_user is not a flag 2013-09-30 15:26:19 +10:00
Régis Hanol cd4cda5b4c allow users to specify thumbnail size 2013-09-27 10:57:31 +02:00
Sam Saffron 085493e35d optimise regular job to avoid touching posts that have not changed 2013-09-19 23:00:42 -07:00
Robin Ward 99b6a62fcb New composer message for people dominating a topic 2013-09-17 14:38:39 -04:00
Neil Lalonde 0fafe124db Add enable_mobile_theme site setting. Uncheck it to disable the mobile theme. 2013-09-17 11:25:37 -04:00
Neil Lalonde b15e629f46 Strip trailing slashes from ScreeningUrl records 2013-09-17 10:26:05 -04:00
Neil Lalonde c845071066 Fix an error with mobile custom header 2013-09-16 12:55:44 -04:00
Neil Lalonde 13f17b2a5c Add ability to customize css and header for mobile 2013-09-16 12:28:02 -04:00
Matthieu Guillemot 3ba1f20674 New site settings to enable/disable the possibility of editing user's nickname or email address 2013-09-14 21:34:21 +09:00
Robin Ward c365bd0070 Notify users posting sequential replies that there's a better way to do it. 2013-09-13 13:49:34 -04:00
Robin Ward 7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward 3fcd331d43 Add records that indicate a user's avatar has been checked 2013-09-12 14:58:20 -04:00
Sam aa26f9b2ad I need to figure out how to make a .try variant that does not call respond_to. 2013-09-12 11:29:44 +10:00
Neil Lalonde bded4b26fa Ask admins to fill in site_description on the dashboard, and send it to the hub 2013-09-11 16:32:49 -04:00
Neil Lalonde 4fa11f159f Add site setting site_description. If filled, it will be used in meta description tag for teh white hat SEO 2013-09-11 15:33:27 -04:00
Robin Ward 06ea8140aa New job (default off) to detect whether users have uploaded custom avatars by contacting Gravatar. 2013-09-11 15:14:18 -04:00
Robin Ward fcff4e80d1 New `user_stats` table to keep track of queried information on a user.
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00
Neil Lalonde e8ef55c446 Rename StaffActionLog to UserHistory 2013-09-10 22:01:20 -04:00
Robin Ward 2319924206 Adds a class that can detect whether a user has uploaded a custom avatar 2013-09-10 15:39:11 -04:00
Sam 162d94aa02 improve secure_category_id query 2013-09-10 14:29:02 +10:00
Neil Lalonde 78c15d5810 Move the unique post key storage code into the Post model 2013-09-09 16:17:31 -04:00
Neil Lalonde eae7e75611 FIX: recover post by a non-staff user fails because the post is not unique. Uniqueness check shouldn't happen when recovering a deleted post. 2013-09-06 11:50:15 -04:00
Sam 641c51367a fix broken build
hack to allow for PMs with no users for flagging needs
2013-09-06 18:03:30 +10:00
Sam 32e3e3f382 update annotations 2013-09-06 17:38:50 +10:00
Sam 2ce4468aa5 rename system_username to site_contact_username , system_user is a special user with -1 id that is only used for certain admin tasks
for example system_user will autoclose stuff if needed, it will delete stubs and be the target for flag pms
2013-09-06 17:28:37 +10:00
Sam 41a1b6942d notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Neil Lalonde cde631cbd1 Change default of notify_mods_when_user_blocked to false 2013-09-05 11:27:24 -04:00
Neil Lalonde d76486a48b Topic can have null user_id when user was nuked 2013-09-04 15:42:24 -04:00
Neil Lalonde 117fc8db58 Change the way nuked users' posts are handled. Allow null in the user_id column of posts. Show these posts in the posts stream. 2013-09-04 15:42:21 -04:00
Robin Ward 1a6170a47c Merge pull request #1407 from einarj/extract_fake_admin_method
Extracted a fake_admin method
2013-09-04 07:59:03 -07:00
Neil Lalonde b47eedba00 Add min_trust_to_create_topic setting to require a certain trust level before users can start new topics 2013-09-03 19:12:22 -04:00
Einar Jonsson e06356ebbe Extracted a fake_admin method 2013-08-30 17:39:31 +00:00
Einar Jonsson 23d8f5fec7 Replaced delegator methods with Forwardable def_delegator in Topic 2013-08-30 09:29:34 +00:00
Robin Ward bbd79aafd1 Revert "Replaced delegator methods with Forwardable def_delegator in Topic"
This reverts commit 3ed037940f.
2013-08-29 11:45:27 -04:00
Einar Jonsson 3ed037940f Replaced delegator methods with Forwardable def_delegator in Topic 2013-08-28 11:25:57 +00:00
Sam 61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Sam dfa5a8a83f annotate models 2013-08-28 10:52:06 +10:00
Einar Jonsson b385cdcc34 Extracted featured_users functionality out of Topic.
* Created a TopicFeatureUsers model
* Topic#featured_user_ids and Topic#feature_topic_users now delegate to
* a TopicFeatureUsers instance to keep demeter happy.
2013-08-27 09:10:50 +00:00
Sam 83d8bcdc27 revert non queuing of emails 2013-08-27 11:52:28 +10:00
Sam f4bda8f1ba revert change of defaults for twitter and facebook enabled 2013-08-26 17:36:08 +10:00
Sam 322b5c236c queue emails right away if a user is not online, no point waiting. 2013-08-26 14:55:35 +10:00
Sam 818bf1355d PluginStore for plugin specific bits of storage
Amended plugin interfaces so they work with the vk sample
2013-08-26 12:59:17 +10:00
Sam 2eb55b74e4 twitter and facebook are broken unless configure, so default off please 2013-08-26 12:59:17 +10:00
Sam e0c99196a8 Merge pull request #1383 from ZogStriP/add-max-image-height-site-setting
add max_image_height site setting
2013-08-25 17:11:48 -07:00
Régis Hanol 32f717420d add max_image_height site setting 2013-08-26 00:24:24 +02:00
Navin Keswani d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Robin Ward e9663e5338 Merge pull request #1332 from locks/user_email_observer
User email observer (Code Climate improvements)
2013-08-24 08:34:11 -07:00
Ricardo Mendes 37f4022f73 Refactors UserEmailObserver to improve Code Climate score
- Extracts certain logic to private methods and remove unnecessary
comments
- Extracts email enqueueing methods into a separate class
- Fix specs involving UserEmailObserver to call #after_commit instead
of the specific methods
2013-08-24 12:21:39 +01:00
Jeff Atwood edbaafdd7b default relative dates to 30 days vs 14 2013-08-23 23:28:51 -07:00
Neil Lalonde 6e79197519 Enum site settings can have translatable names in dropdown. Add setting for how often users get digest emails by default: default_digest_email_frequency. 2013-08-23 17:36:25 -04:00
Régis Hanol 43a8bff652 add a site setting for allowing animated avatars 2013-08-23 18:55:02 +02:00
Sam 472f0684c3 Merge pull request #1345 from salbertson/refactor-find_by_username_or_email
Improve test coverage and refactor User.find_by_username_or_email
2013-08-22 17:14:06 -07:00
Neil Lalonde 3b15e2e58e Banned users are not returned as pending review users 2013-08-22 19:23:49 -04:00
Neil Lalonde 25e0c3eac1 Log IP addresses with screened emails and urls 2013-08-22 19:04:35 -04:00
Scott Albertson 1dbe1fb1bc Refactor User.find_by_username_or_email
* Improve test coverage
2013-08-22 09:40:07 -07:00
Neil Lalonde 24617dd776 Show empty categories with descriptions to everyone 2013-08-22 11:55:20 -04:00
Sam d7596840e5 only staff should be able to see bookmarks and favs of other users
ensure that when they click on them they see the correct topics (topics for user they are looking at, not current user)
2013-08-22 09:18:54 +10:00
Neil Lalonde 47add6da70 Log when a site customization is deleted 2013-08-21 12:33:24 -04:00
Neil Lalonde a95303fcd8 Log site customization changes. Use a modal to show staff action log details for site customizations. 2013-08-21 12:33:24 -04:00
Robin Ward 7f69a58439 Replace Markdown parser. 2013-08-21 10:10:57 -04:00
Neil Lalonde 3abeb5f793 Staff action logs can be filtered to changes of one site setting 2013-08-20 13:50:51 -04:00
Sam c0c929be5a optimise query that runs every 10 minutes and takes out the user table 2013-08-20 17:40:22 +10:00
Sam f4d833da27 fix onebox exception, if oneboxes fail on save we log a warning to the log 2013-08-20 11:38:10 +10:00
Neil Lalonde 1d030666d8 Log site setting changes and show in admin 2013-08-19 16:58:38 -04:00
Neil Lalonde 7eaedb84e1 Add notify_mods_when_user_blocked site setting to control whether moderators get a message when someone is automatically blocked 2013-08-19 12:00:48 -04:00
Sam a9393e4a7a paging for flag list
corrected reload behavior on flag list
refactored post actions ... extracted flag queries
2013-08-19 21:14:26 +10:00
Sam 3b34ab8cab Merge branch 'master' of github.com:discourse/discourse 2013-08-18 21:35:29 +10:00
Sam 82ca61f150 Merge pull request #1350 from michaelkirk/feature/oauth2
Feature/oauth2
2013-08-18 17:01:01 -07:00
Sam 1cab98bf78 Merge pull request #1336 from novemberkilo/master
First pass at fixing rails4 deprecation warnings
2013-08-18 16:59:07 -07:00
Sam 3f5b5f1581 Merge branch 'master' of github.com:discourse/discourse 2013-08-18 21:30:14 +10:00
Michael Kirk 4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Neil Lalonde baff59d752 Send email to contact_email when a new version of Discourse is found. Disable with the new_version_emails setting. 2013-08-16 17:28:36 -04:00
Régis Hanol 2119774fb6 FIX: custom avatars in email 2013-08-16 09:58:20 +02:00
Sam c314a1862f add todo 2013-08-16 17:04:30 +10:00
Régis Hanol c9969738bf FIX: N+1 query for avatars when searching for users 2013-08-16 00:26:49 +02:00
Neil Lalonde 8a96c4c0f6 Fix uncategorized topics not being shown on categories page 2013-08-15 15:18:04 -04:00
Navin 9ab2471a92 Fix rails4 deprecation warnings
That appear when running topic_spec.rb
2013-08-15 17:52:18 +02:00
Sam ee95d7df9c trigger observers, wow this is all very complicated and full of duct tape 2013-08-15 13:54:48 +10:00