Gerhard Schlager
32784ad11a
FIX: Disable multipart backup uploads to S3
...
Multipart upload from within the browser result in corrupt files on S3.
2018-12-18 16:01:15 +01:00
Gerhard Schlager
081aa6ad2b
UX: Use new FA5 icons on Backups tab
2018-12-18 16:01:14 +01:00
Gerhard Schlager
86546bb5c6
DEV: Use locale fallback even in development mode
...
Making dev behave differently than prod is a bad idea.
2018-12-18 16:01:14 +01:00
Bianca Nenciu
825ae86857
FEATURE: Remove full quote only if first paragraph. ( #6793 )
2018-12-18 15:46:20 +01:00
Vinoth Kannan
a313b01148
DEV: raise error if search term length is less than required
2018-12-18 20:06:59 +05:30
Vinoth Kannan
341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column ( #6791 )
2018-12-18 19:13:46 +05:30
Gerhard Schlager
577af81e76
FIX: Font tag resulted in wrong email trimming
2018-12-18 11:40:54 +01:00
Gerhard Schlager
37461a6398
FIX: Weird mixture of line breaks resulted in wrong email trimming
2018-12-18 11:40:54 +01:00
Maja Komel
98d09c90ac
Current user serializer groups ( ef7f84b
follow-up)
2018-12-18 09:05:45 +01:00
Guo Xiang Tan
5c2e194d01
SECURITY: Users can pick non-avatar uploads.
...
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:38:25 +08:00
Guo Xiang Tan
899caf35ba
Revert "SECURITY: User could non-avatar uploads."
...
This reverts commit 89581fa301
.
2018-12-18 13:37:31 +08:00
Guo Xiang Tan
89581fa301
SECURITY: User could non-avatar uploads.
...
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:35:33 +08:00
Guo Xiang Tan
d7660dfe40
FIX: Enabling readonly mode should clear anon cache as well.
2018-12-18 11:56:25 +08:00
Sam Saffron
abbbcb2622
DEV: allow creating users with random passwords via rake
...
Use: `RANDOM_PASSWORD=1 bin/rake admin:create`
Handy in conjunction with dev mode /session/username/become.
2018-12-18 11:43:16 +08:00
Jeff Atwood
f67cc2a540
minor copyedit
2018-12-17 19:31:02 -08:00
Kris
2a518c88d0
Prevent bullet badge from shrinking/growing as flex item
2018-12-17 21:05:32 -05:00
Kris
7d7b6baab9
Topic-list category width restriction no longer needed
2018-12-17 21:01:04 -05:00
Vinoth Kannan
efcea148eb
DEV: Use destroy! method to raise error if any (#0d3c1cde)
2018-12-18 03:05:43 +05:30
Vinoth Kannan
ece44a44f8
UX: Change default date range of dashboard trending search report to a month
2018-12-18 03:00:30 +05:30
Gerhard Schlager
2bdbca3801
DEV: Remove unnecessary `to_not raise_error` from specs
...
Follow-up to 01cdbd3a13
2018-12-17 16:10:10 +01:00
Bianca Nenciu
5bda4d26b4
FIX: Rescue errors in job. ( #6745 )
2018-12-17 15:28:57 +01:00
Bianca Nenciu
f0027961c7
FIX: Properly reset controller of admin-user-index. ( #6760 )
2018-12-17 15:28:29 +01:00
Bianca Nenciu
1023003eba
FIX: Strip remote url before import. ( #6762 )
2018-12-17 15:27:49 +01:00
Joffrey JAFFEUX
22cea9ce90
FIX: adusts select-kit position even if not expanded ( #6785 )
2018-12-17 12:29:51 +01:00
Joffrey JAFFEUX
6ee3900791
FIX: ensures nothing is triggering rendering loop in after render ( #6784 )
2018-12-17 12:15:03 +01:00
Gerhard Schlager
01cdbd3a13
FEATURE: Prohibit S3 bucket reusage
...
This validation makes sure that the s3_upload_bucket and the
s3_backup_bucket have different values. The backup bucket is
allowed to be a subfolder of the upload bucket. The other way
around is forbidden because the backup system searches by
prefix and would return all files stored within the backup
bucket and its subfolders.
2018-12-17 11:35:28 +01:00
Gerhard Schlager
1a8ca68ea3
FEATURE: Improve backup stats on admin dashboard
...
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
Maja Komel
040ddec63d
Fix avatar flair styles
2018-12-17 10:44:34 +01:00
Guo Xiang Tan
c0aae16f6b
FIX: Clear anon cache when disabling readonly mode.
...
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
Guo Xiang Tan
9e795b9d90
Follow up to 704a122656
.
2018-12-17 16:39:46 +08:00
Guo Xiang Tan
e75ad37aaf
FIX: Switch recently readonly mdoe cache to a `DistributedCache`.
...
A per process cache is hard to reason about. During PostgreSQL
failovers. The site may bounce in and out of readonly mode depending on
which server and process that a request hits.
2018-12-17 13:28:36 +08:00
Guo Xiang Tan
704a122656
Remove Ruby warning due to assignment in conditional.
2018-12-17 13:08:12 +08:00
Saurabh Patel
ed1a309fe4
FIX: use new key for delete topic to make it lowercased as all other buttons label around it ( #6778 )
2018-12-17 10:55:19 +08:00
Gerhard Schlager
7e1f20b07f
FIX: Create CORS rule on S3 only before a backup upload
2018-12-17 00:15:37 +01:00
Joffrey JAFFEUX
d803dfc14a
FIX: makes more resilient select-kit positioning ( #6776 )
2018-12-15 16:23:23 +01:00
Kris
6213e020e6
Improving usercard badge alignment
2018-12-14 22:16:18 -05:00
Guo Xiang Tan
e9ea0102a5
FIX: Consistency about our response for invalid user id in `Admin::UsersController`.
2018-12-15 08:01:35 +08:00
Neil Lalonde
ef0e84e3d9
FIX: clear the site_contact_username setting if the user's staff privileges are revoked
2018-12-14 16:52:44 -05:00
Vinoth Kannan
0d3c1cde90
FIX: Use find_by_id method to prevent record not found exception
2018-12-15 03:19:45 +05:30
David Taylor
430083019d
UX: Improve dashboard report title copy
...
Make capitalization consistent, and slightly improve clarity of two headings
2018-12-14 17:37:07 +00:00
Neil Lalonde
4ddaceda1a
Version bump to v2.2.0.beta6
2018-12-14 12:21:55 -05:00
David Taylor
1960236822
FIX: Suspicious login detection ( #6772 )
2018-12-14 16:30:34 +00:00
David Taylor
77fe57f923
FEATURE: Rake task to list users which have been staff in the past month
2018-12-14 16:29:12 +00:00
David Taylor
9f3e2a9e34
FIX: Only serialize group membership domains for administrators ( #6771 )
2018-12-14 15:47:00 +00:00
Penar Musaraj
a19f69590a
DEV: add "topic-list-before-relative-date" plugin outlet
2018-12-14 10:39:22 -05:00
Neil Lalonde
124ae46763
Update translations
2018-12-14 10:34:12 -05:00
Kris
2f70bd83a3
Increase contrast of pinned excerpt for dark themes
2018-12-14 10:04:44 -05:00
Kyle Zhao
b0c2e9bb05
minor changes to default script-src ( #6770 )
...
- add report-sample to force require a sample of the violating code
- do not whitelist GA/GTM's entire domain
2018-12-14 08:17:31 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard ( #6768 )
...
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel
9f89aadd33
FIX: delete all posts in batches without hijack ( #6747 )
2018-12-14 11:04:18 +01:00