Commit Graph

494 Commits

Author SHA1 Message Date
Robin Ward bc53d48bd7 Renaming site contents to site text 2014-09-24 16:08:14 -04:00
Sam 58eabb03e5 FEATURE: api support for arbitrary unlinked assets
admins can set retain periods for assets
2014-09-23 16:50:17 +10:00
Sam d1f6aba71f fix test 2014-09-23 09:55:30 +10:00
Sam 9428ad779f FIX: send content length with backups 2014-09-23 09:25:53 +10:00
Sam 8c74255cbb FIX: 404 if we try to navigate to a non-existant page 2014-09-22 17:08:11 +10:00
Robin Ward c16b8364ab FIX: Support ember app routing to topics with only slugs 2014-09-17 11:18:59 -04:00
riking 2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Robin Ward eb512f07a7 FIX: Spec failures for feeds related to enabling categories as default
page for anons when latest is deleted.
2014-09-11 15:30:41 -04:00
Régis Hanol e56fcf0c43 FEATURE: add 'rebake post' in post wrench menu 2014-09-11 16:04:40 +02:00
Sam aa21969d99 fix incorrect spec 2014-09-11 11:31:31 +10:00
riking 69bc552054 FEATURE: Actually show more notifications
The "Show more notifications..." link in the notifications dropdown now
links to /my/notifications, which is a historical view of all
notifications you have recieved.

Notification history is loaded in blocks of 60 at a time.

Admins can see others' notification history. (This was requested for
'debugging purposes', though that's what impersonation is for, IMO.)
2014-09-09 16:29:08 -07:00
Régis Hanol eb34ecfc0c FEATURE: new 'prevent anons from download files' site setting 2014-09-09 18:41:13 +02:00
Robin Ward 334e21a03a Revert "Revert "FEATURE: Can create warnings for users via PM""
This reverts commit 1c7559380c.
2014-09-08 11:11:56 -04:00
Robin Ward 1c7559380c Revert "FEATURE: Can create warnings for users via PM"
This reverts commit b0bfc1f93f.
2014-09-08 10:38:59 -04:00
Robin Ward b0bfc1f93f FEATURE: Can create warnings for users via PM 2014-09-08 10:27:06 -04:00
Neil Lalonde ca5f361d0a FEATURE: restrict admin access based on IP address 2014-09-05 12:06:01 -04:00
Sam e3f7d2a3ac remove elder terminology in specs 2014-09-05 16:55:48 +10:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Jeff Atwood fcca64c0cf rename site settings for trust levels as numbers 2014-09-04 13:16:51 -07:00
Sam 0ade9bafff FIX: highlight in yellow, not blue
FEATURE: highlight in title
2014-09-04 15:01:13 +10:00
Robin Ward 1e281a909e FIX: Prevent duplicate flags after undoing on the server side too. 2014-09-03 14:43:07 -04:00
Sam 9c29c1c072 FEATURE: highlight search results 2014-09-03 17:09:01 +10:00
Sam 4f09d552ed FEATURE: increase search expansion to 50 results
refactor search code to deal with proper objects
use proper serializers, test the controllers
2014-09-03 12:13:25 +10:00
Neil Lalonde 6b41c6b335 add permalinks route constraint 2014-08-29 11:28:16 -04:00
Sam 163bbb1d3a comment out test till fixed 2014-08-29 17:27:28 +10:00
Robin Ward 85c6eb9b08 SECURITY: Only redirect to our host by path on the login action 2014-08-28 17:45:13 -04:00
Neil Lalonde 14890a6002 FEATURE: add a way to map arbitrary urls to a topic, post, or category. Useful for sites that have migrated to Discourse and want to redirect from their old site to Discourse with 301 redirects. 2014-08-28 15:58:24 -04:00
Robin Ward 8a6c4234fc FIX: Re-enable searching for topic by id when using the split topic
interface.
2014-08-28 15:42:29 -04:00
Robin Ward c9262a8390 FIX: Resend activation email was busted 2014-08-28 12:07:13 -04:00
Robin Ward 8d68e67fc5 Merge pull request #2693 from riking/sorted_badges
Fix the tests
2014-08-25 16:10:37 -04:00
riking 7317c6ed6a Fix tests for new route 2014-08-25 13:07:22 -07:00
Robin Ward ed125975a1 SECURITY: Prefix session key and validate token format. 2014-08-25 15:31:49 -04:00
Régis Hanol d7f8146a17 FIX the build 2014-08-20 19:20:29 +02:00
Neil Lalonde d273374f1a FIX: before nuking a user, do a real count of posts instead of relying on user_stat record 2014-08-18 12:07:29 -04:00
Sam e0a82d3088 FIX: rate limit password reset email 2014-08-18 10:55:30 +10:00
Arpit Jalan d0736a06b6 FEATURE: export user list 2014-08-15 01:46:57 +05:30
Régis Hanol 6201b82a67 FIX: keep the post_number parameter when redirecting to proper slug 2014-08-13 22:19:41 +02:00
Robin Ward 9a1580244a FIX: Don't show profile pages for inactive users and don't show them in
search results.
2014-08-13 13:30:25 -04:00
Sam f4b2a83f29 remove broken spec 2014-08-08 09:15:52 +10:00
Régis Hanol 3ae1ebdfc3 FIX: use PostDestroyer when deleting/recovering a topic 2014-08-07 19:12:35 +02:00
Arpit Jalan 262d4b2fa6 add test for email parameter fix 2014-08-06 20:36:06 +05:30
Sam cb0ecd9ff1 PERF: store topic views in a topic view table
* cut down on storage of the work Topic, 3 times per row (in 2 indexes)
* only store one view per user per topic
* only store one view per ip per topic
2014-08-04 19:07:55 +10:00
Sam 0920c4bea6 PERF: reduce storage requirements for incoming links
Only store incoming links for topics.
2014-08-04 11:06:48 +10:00
Sam 5a3466a6c3 FIX: keep correct ordering on admin badges 2014-07-30 08:46:59 +10:00
Robin Ward 2096861d79 FIX: Response is no longer forbidden with JSON errors for changing trust
level.
2014-07-29 16:10:04 -04:00
Robin Ward 7cc4a157f6 Merge pull request #2603 from techAPJ/patch-1
FEATURE: allow staff to send multiple invites to same email
2014-07-29 14:58:39 -04:00
Arpit Jalan f571abfaaf FEATURE: allow staff to send multiple invites to same email 2014-07-30 00:13:11 +05:30
Sam c96a84456d FIX: broken tests 2014-07-29 16:36:52 +10:00
Régis Hanol bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
Sam 1a6aa07611 FEATURE: editable badge groups 2014-07-27 18:22:01 +10:00
Régis Hanol 3d6e2713d1 BUGFIX: login was broken when login was required 2014-07-26 23:16:08 +02:00
Neil Lalonde 5a33e6f00c Move FAQ, Terms of Service, and Privacy Policy into topics in the Staff category. First post of those topics will be rendered on their respective pages. Site settings and content are not used for these documents anymore. Translations of the default text is moved into the standard YML files. 2014-07-25 14:41:20 -04:00
Sam 0f9678fe49 FIX: faster update of all badges
Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden

Delta badge grant happens once a minute, backed by redis
2014-07-23 11:46:07 +10:00
Robin Ward fb8dda7f42 FIX: We should use `category_id` instead of `category_name` to perform
operations, now that the subcategory names are not unique.
2014-07-16 15:40:35 -04:00
Régis Hanol 7dcf2a2c4f FEATURE: show the user's flagged/deleted posts 2014-07-16 21:04:55 +02:00
Neil Lalonde 939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde 01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Robin Ward f2dd35ab08 Improve the unsubscribe to digest experience. Give a link in case it
fails, provide a different message if you are logged in as a different
user, increase expiry to 2 months from 1 week.
2014-07-15 17:20:59 -04:00
Robin Ward 6d7531f690 Merge pull request #2542 from techAPJ/patch-1
FEATURE: topic support in disposable invites
2014-07-15 15:15:19 -04:00
Robin Ward 4f416bf6ce Check honeypot/challenge value on activation too 2014-07-15 14:07:35 -04:00
Arpit Jalan 8862a881f8 FEATURE: topic support in disposable invites 2014-07-15 23:11:06 +05:30
Neil Lalonde 766196af87 FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations 2014-07-14 15:42:22 -04:00
Robin Ward cce7cf8c85 FEATURE: Require Javascript to activate an account via email link 2014-07-14 12:26:10 -04:00
Robin Ward c12780eb2b Merge pull request #2538 from techAPJ/patch-1
FEATURE: disposable invite tokens
2014-07-14 12:13:44 -04:00
Arpit Jalan 575b5e3d13 FEATURE: disposable invite tokens 2014-07-14 21:30:46 +05:30
Régis Hanol b5c57fa947 FIX: don't mess with fixtures when running the specs 2014-07-14 17:34:23 +02:00
Sam 88469721b9 FEATURE: Allow admins to disable specific badges 2014-07-14 17:40:36 +10:00
Sam 6618358586 FIX: dupe protection is API only now
make optional later on (was introduced for wordpress plugin)
2014-07-14 15:59:58 +10:00
riking 783454ebe1 Fix /p/post/user route not saving referrals
Make user id optional for /p/id/uid
Add /posts/id/raw route for debugging failed post processing
2014-07-11 14:44:07 -07:00
Sam 8fcc019ff8 FIX: only allow badge title selection if it exists 2014-07-09 15:31:49 +10:00
Régis Hanol 59b5ba7c0f BUGFIX: IP lookup wasn't working when using HTTPS
REFACTOR: the ip locator into a ip-lookup component
2014-07-07 22:18:18 +02:00
Sam 7909ca2a17 fix spec 2014-07-05 09:13:53 +10:00
Sam 5a0aed2bfa FIX: regression, forgot password broken
also... mocks were invented by the devil
2014-07-02 13:06:55 +10:00
Robin Ward e22688a204 FEATURE: Can upload images to categories 2014-06-30 14:14:00 -04:00
Robin Ward 9000c358d1 REFACTOR: Use common path for RESTful `DELETE` action from upload image
component
2014-06-30 14:13:59 -04:00
Robin Ward 4088fba4f2 REFACTOR: Convert profile background uploader to be an ember component 2014-06-30 14:13:59 -04:00
Andrew Bezzub 386d1e231a move profile_background from User to UserProfile 2014-06-26 12:30:07 -04:00
Robin Ward 8a4e96645c FEATURE: Can click to expand hidden posts to see the good stuff! 2014-06-20 17:07:12 -04:00
Vikhyat Korrapati 41ecba1b77 Mark badge notification as read when the notification is clicked. 2014-06-19 16:56:19 +05:30
Vikhyat Korrapati 67a2b2598d Cosmetic changes. 2014-06-19 16:56:18 +05:30
Robin Ward 60cb5ea6a9 FIX: If a user is deleted, don't break embedded comments for admins. 2014-06-18 17:39:36 -04:00
Neil Lalonde ad2bd11d6e Add a way to get user based on sso external id 2014-06-18 14:40:25 -04:00
Régis Hanol 30611c343c ensures only one banner topic at all time 2014-06-18 20:05:18 +02:00
Régis Hanol 5238a95efb add make/remove banner topic actions 2014-06-18 20:05:18 +02:00
Sam 9007d96466 Merge pull request #2425 from vikhyat/read-notifications-silently
Allow reading notifications without marking them as read
2014-06-18 08:09:07 +10:00
Vikhyat Korrapati 9b89b1466f Allow reading notifications without marking them as read. 2014-06-17 23:34:04 +05:30
riking 6e698315d6 Allow all /my URLs
Previously, URLs like /my/activity/posts were denied. This change allows those URLs.
2014-06-14 10:58:20 -07:00
Sam 76166567fb Use the cheap Defer queue as opposed to sidekiq for view tracking. 2014-06-12 11:29:29 +10:00
Sam 03087679f0 FEATURE: Support custom preferences for users, injected by plugins 2014-06-11 15:50:37 +10:00
Arpit Jalan 727184641e FEATURE: Bulk Invite 2014-06-09 01:43:39 +05:30
Régis Hanol 0df666277d BUGFIXES: properly deal with bookmarks and deleted posts
BUGFIX: removing a bookmark from the activity feed was busted for deleted posts
BUGFIX: delete associated user actions when deleting a post
2014-06-04 17:41:11 +02:00
Sam 106838b92b Correct invalid spec 2014-05-30 14:48:07 +10:00
Sam fe594f5d1e Merge pull request #2372 from vikhyat/badge-system
Multiple grant badges
2014-05-30 10:18:00 +10:00
Neil Lalonde e6841d0849 FIX: user avatar urls need to be absolute in wordpress api 2014-05-29 17:19:49 -04:00
Vikhyat Korrapati a79bf11edb Admin badge creation bug fixes. 2014-05-27 09:03:55 +05:30
Sam 504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam 6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam 67db561429 BUGFIX: missed a key rename
BUGFIX: API spec not enabling CSRF
2014-05-23 08:43:19 +10:00
Sam cf254000cf Revert "Revert "BUGFIX: improve error messages for invalid API keys""
This reverts commit e9afe28586.
2014-05-23 08:43:19 +10:00
Neil Lalonde e9afe28586 Revert "BUGFIX: improve error messages for invalid API keys" 2014-05-22 14:55:36 -04:00