Commit Graph

30 Commits

Author SHA1 Message Date
Roman Rizzi 10565e4623
SECURITY: Safely decompress files. (#8124)
* FEATURE: Adds an extra protection layer when decompressing files.

* Rename exporter/importer to zip importer. Update old locale

* Added a new composite class to decompress a file with multiple strategies

* Set max file size inside a site setting

* Ensure that file is deleted after compression

* Sanitize path and files before compressing/decompressing
2019-10-03 10:19:35 -03:00
Sam Saffron 55ee9abecb DEV: clean up dependencies in spec
Follow up on zeitwork we needed to be a bit more explicit about a few
dependencies internally.

On certain orders the test suite could fail.
2019-10-02 14:50:54 +10:00
Sam Saffron 3f6af54fe1 DEV: minor fixes related to zeitwerk
A couple of specs stopped working post zeitwerk. Adding missing require
corrected inheritance to avoid a circular ref.
2019-10-02 14:28:18 +10:00
Krzysztof Kotlarek 427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
romanrizzi c4be8541f6 FIX: use uniq instead of uniq! when checking for uncompressed root path. Use rails naming convention for ZipUtils 2019-07-23 07:57:50 -03:00
Roman Rizzi f5c707c97a
FEATURE: Gz to zip for exports (#7889)
* Revert "Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)""

This reverts commit f89bd55576.

* Replace .tar.zip with .zip
2019-07-18 09:34:48 -03:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan 152238b4cf DEV: Prefer `public_send` over `send`. 2019-05-07 09:33:21 +08:00
Guo Xiang Tan 8dc1463ab3 Enable `Lint/ShadowingOuterLocalVariable` for Rubocop. 2018-09-04 10:16:42 +08:00
Guo Xiang Tan 142571bba0 Remove use of `rescue nil`.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Sam 720e1965e3 FEATURE: add category suppress from latest
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.

New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Neil Lalonde 594efa37b6 add some output to category and topic importer 2018-01-24 12:33:47 -05:00
Neil Lalonde f274a5234f FIX: topic and category exporters were only exporting users who created the first post 2018-01-16 12:51:53 -05:00
Vinoth Kanan d9823f69c6 FEATURE: Option to export multiple categories using export_category method 2017-11-11 19:11:16 +05:30
Arpit Jalan 5849bae9df FIX: rescue error when importing category structure 2017-11-01 22:21:37 +05:30
Vinoth Kannan a00af4d85a FEATURE: Rake task to export and import category structure 2017-11-01 17:17:05 +05:30
Neil Lalonde 214fdad155 FEATURE: category and topic importer can support data from different sources using IMPORT_SOURCE 2017-10-23 14:01:57 -04:00
Vinoth Kannan f176d114f2 FIX: with_email method won't support hash param (#5236) 2017-10-13 11:49:02 +02:00
Bianca Nenciu 6bc74ceb50 Split alias levels in mentionable and messageable levels. (#5065)
* Split alias levels in mentionable and messageable levels.

* Fixed some tests.

* Set messageable level to everyone by default.

* By defaults, groups are not mentionable or messageable.

* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Leo McArdle d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Joe Buhlig 87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Guo Xiang Tan 9a800107cb FIX: Associate category logo and background to uploads record. 2016-12-12 17:37:28 +08:00
Neil Lalonde 36a80871a3 FIX: category_importer was importing public categories so that no one had permission to them, not even staff 2016-11-24 17:12:30 -05:00
Neil Lalonde eb87cffa13 FEATURE: Category/topic importer skips objects that it has already imported. 2016-02-23 12:19:08 -05:00
Erik Bernhardson 48cb386d58 Take filename to write to as optional parameter to export_category
My discourse instance will be making regular automated public backups
of specific categories. It's preferred to be able to directly control
the path and filename of the output, rather than letting discourse
choose for me. This was already mostly supported, a filename parameter
just needed to be passed through the cli app.
2016-02-12 22:02:29 -08:00
Neil Lalonde 0d611ed8cb FIX: group import/export bugs in category exporter 2016-02-02 16:06:19 -05:00
Neil Lalonde 9331dfa63c category export: export img src with absolute urls so pull_hotlink_image can move it over later 2016-01-28 15:45:28 -05:00
Neil Lalonde 3053c1ebd8 category export: include category permissions and custom groups 2016-01-28 15:17:18 -05:00
Neil Lalonde 58610d15a1 FEATURE: export/import topics and categories from one Discourse site to another. (Early-access alpha greenlight. More to do...) 2016-01-26 19:57:54 -05:00