fca6738212
BUGFIX: could not see the revisions of a post in a deleted topic
2014-05-12 16:30:10 +02:00
bc3de84ebf
FEATURE: remove bookmark button in activity feed
2014-05-12 09:33:26 +02:00
084ec87850
FEATURE: admins can invite users to groups via the web UI
2014-05-09 18:22:36 +10:00
3f07c1d0a1
Backend support for group invites
2014-05-09 18:22:35 +10:00
a2e2d0e886
Merge pull request #2316 from mutiny/refactor-where-first
...
Refactor `where(...).first` to `find_by(...)`
2014-05-08 09:10:45 +10:00
21e8ae0eca
BUGFIX: the /top page now shows the first non-empty period
2014-05-07 19:04:39 +02:00
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
4371374ba6
FEATURE: support for enabling all upload file types
...
BUGFIX: authorized extensions is now case insensitive
2014-04-29 19:12:35 +02:00
0fc4c47927
Merge pull request #2295 from vikhyat/badge-system
...
Titleable badges
2014-04-29 11:26:51 +10:00
1da59e7e2e
FIX: deactivated users shouldn't be able to log in
2014-04-28 13:46:28 -04:00
b4e037dfb2
Allow badges to be marked as "titleable".
2014-04-28 10:30:38 +05:30
4445b8c3c0
Factor out mocks
2014-04-28 00:34:55 +10:00
feaaf55a0c
Theming: color scheme editing. Unfinished! Doesn't have any effect on css files yet.
2014-04-24 16:49:12 -04:00
05efc8df16
BUGFIX: likes would cause whole post to re-render
2014-04-24 12:42:04 +10:00
af877781b7
Allow admins to choose if groups are visible or not.
2014-04-22 16:43:46 -04:00
a3b2b4baca
FEATURE: custom fields on User
2014-04-22 13:52:13 +10:00
b9ca124756
Support for /my/preferences to automatically redirect to the logged in
...
user.
2014-04-21 11:52:11 -04:00
b2cb4b27a1
Merge pull request #2273 from paully21/development-branch
...
Add blurb of post to search results via API
2014-04-17 21:06:03 +02:00
84d100be85
Add blurb of post to search results via API
2014-04-17 07:58:51 -05:00
3136217fc1
Add badge page.
2014-04-17 01:57:57 +05:30
acfcf0b64e
Add /badges route that lists all defined badges.
2014-04-16 18:42:06 +05:30
de23caa871
Slightly faster badge system specs. (Shaves off ~100ms)
2014-04-16 18:08:10 +05:30
2505d18aa9
FEATURE: support email attachments
2014-04-14 22:55:57 +02:00
1540a3d5e5
Allow changing ownwership of posts by admins
2014-04-08 01:47:42 -07:00
10d0320532
FIX: Allow expanding posts when anonymous, add specs
2014-04-03 11:30:43 -04:00
be06156629
SECURITY: when enabled_local_logins is false users could log in via API
...
thanks @Nicholas Blanco
2014-03-26 15:39:44 +11:00
539890afdf
Let's not show tons of extra information about invites unless you're the
...
person who invited them.
2014-03-21 14:16:11 -04:00
dcaa069bb5
Log badge grant/revoke to the staff actions log.
2014-03-21 11:10:07 +05:30
fe63db7953
Merge pull request #2115 from vikhyat/badge-system
...
Initial badge system implementation
2014-03-17 10:06:37 +11:00
9b26c8584e
Initial badge system implementation.
2014-03-14 21:49:26 +05:30
283dc7dd2d
Trust level 4: add ability to edit any post and see edit history
2014-03-13 10:47:49 -04:00
9ca516e58d
Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.)
2014-03-12 12:39:36 -04:00
dc1d6decf5
Support for removal of old backups automatically via a site setting
2014-03-12 12:24:35 -04:00
363fabd3e7
add tests for ListController.best_period_for
2014-03-12 12:58:41 +01:00
bce4130d39
Merge pull request #2036 from ArmedGuy/profile-backgrounds
...
FEATURE: Profile Backgrounds
2014-03-05 16:00:49 +01:00
98c479c3c4
FEATURE: Profile Backgrounds
...
Shares a modified codebase with avatars called "user_image"
2014-03-05 15:10:44 +01:00
c3eb2025d8
add option to override user attributes from SSO payload
...
add an external_username attribute for username from SSO payload
repair the field name in SingleSignOnRecord migration
move setting of external_username for sso to controller
add settings toggle to override username/email from SSO payload
fix changing of external username after override toggle
complete tests and logic for sso override
add some extra context to username override option
add external_email and external_name to single sign on record
add setting for name override from SSO payload
complete override with stored external_email and external_name
add missing checks to tests
remove an unneeded describe block
break up a monster method for single sign on
fixes for sso attribute override after failed tests
2014-03-04 09:52:21 -08:00
f9cd354a2c
FEATURE: Button to reset new
2014-03-03 15:47:01 -05:00
557af84ae2
FIX: broken spec
2014-02-26 10:52:11 +11:00
50a8d3caae
BUGFIX: sso to send welcome emails
2014-02-26 10:28:03 +11:00
440435f023
FEATURE: SSO to handle return_path automatically
2014-02-26 09:58:30 +11:00
6f31d3f0e5
FEATURE: single sign on support
...
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
d555df28f2
PostsController tests clean up.
2014-02-24 18:14:35 +01:00
1aa27ade17
FEATURE: If you don't select any topics to "Dissmiss Read" it does all
...
by filter.
2014-02-21 15:18:45 -05:00
a07e9f7e71
FEATURE: Bulk `reset read` status.
2014-02-21 15:18:45 -05:00
d95887c57d
CHANGE: We now include the `_escaped_fragment_` support by default, but
...
only if the crawler check fails. It is a fallback for non-google search
engines that support the Ajax crawling API.
2014-02-20 17:02:26 -05:00
cfbeba84d2
Adds tests for PostsController#replies.
2014-02-20 17:38:13 +01:00
d443ddd43d
Merge pull request #1922 from joallard/language-toggle
...
Allow users to toggle interface language in their preferences
2014-02-19 18:28:00 +01:00
5e8db5ce14
Adds specs for PostsController#by_number.
2014-02-19 17:41:17 +01:00
18e98851e3
Use lower case group names in URLs
2014-02-18 16:43:19 -05:00
43612e9fde
Merge pull request #1971 from velesin/posts_controller_refactoring
...
Refactors PostsController and adds unit tests.
2014-02-19 08:34:40 +11:00
f19b0b5fe0
Include members count on groups page.
2014-02-18 16:17:04 -05:00
0592420e52
Add a site setting to allow users to toggle I18n.locale
...
It is false by default.
2014-02-18 14:54:00 -05:00
c513725f26
Allow users to toggle interface language in their preferences
2014-02-18 14:53:59 -05:00
5b9a4d3581
Refactors PostsController and adds unit tests.
2014-02-18 17:19:38 +01:00
f12925887c
Drop Rails3 support
2014-02-17 19:42:08 +01:00
566d25ea75
fix typos in posts_controller_spec.
...
fixing 'suceeds' typo.
2014-02-16 12:17:36 -05:00
3f3c9ca7cb
FEATURE: add filters on email logs
2014-02-15 00:50:08 +01:00
b89d328de2
display/preload the logs of the last/current operation
2014-02-13 13:31:14 -08:00
3be1b5569a
backups controller & specs
2014-02-13 13:31:13 -08:00
8344f0d8fd
remove old import/export code
2014-02-13 13:31:13 -08:00
8711762143
Users who have made no more than one post can delete their own accounts from their user preferences page.
2014-02-13 13:52:06 -05:00
669247977b
FEATURE: Show the posts count on the groups page. It seems a bit odd
...
that it uses a new AJAX call, but I wanted to keep the count separate
from the group object itself.
2014-02-12 14:01:36 -05:00
ca17f8a437
FIX: Wrong text. Thanks @riking
2014-02-10 17:36:13 -05:00
b61df08d1b
FEATURE: Admin selector to choose a primary group for a user, display it
...
and apply a CSS class to their posts.
2014-02-10 17:00:15 -05:00
2490837929
Added some specs for the group controller methods
2014-02-07 11:07:23 -05:00
93434be16d
SECURITY: reduce moderator rights
...
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
aff16f372b
FIX: Show a nicer error when a user tries to access a category they
...
can't see.
2014-02-05 15:33:52 -05:00
1dac3cfd64
API endpoint for retrieving the current user
2014-02-05 13:46:24 -05:00
4fb274fb9d
BUGFIX: history link doesn't work on deleted posts
2014-02-04 20:05:50 +01:00
d2974c2a15
BUGFIX: proper handling of top_menu_items
2014-02-03 16:08:00 +01:00
b315a5c28f
Delegate bulk operations to a `TopicsBulkAction` object.
2014-01-30 11:44:29 -05:00
2892153712
REMOVE: Get rid of the `hotness` control for good.
2014-01-29 11:54:34 -05:00
74f1c553e3
FIX: 1868 Security: Dangerous Send
2014-01-27 13:05:51 -05:00
748e1e0748
Allow using the API when Login required site setting is on.
2014-01-24 14:02:49 +01:00
8d2e5041bc
BUGFIX: proper handling of /none subcategory
2014-01-18 19:27:25 +01:00
2b64118df1
Merge pull request #1782 from ligthyear/group-mention
...
Allow groups to be used as aliases for user mentions
2014-01-12 14:36:45 -08:00
52580f09af
Rename favorite to starred everywhere
2014-01-10 14:54:19 -05:00
ca26d6d0d6
FIX: Uncaught promise on link click; fixes broken build
2014-01-09 16:31:26 -05:00
259295d865
Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year.
2014-01-09 11:55:04 -05:00
c743a985a4
Allow groups to be used as aliases for user mention
...
when configured by the admin a group can be found through the @mentions
feature in both the compose/reply and the private message user-selectors
and once selected the mention will be replaced by the list of users in
the group
2014-01-08 02:36:24 +11:00
8d73b7f94d
BUGFIX: hide sensitive site settings
2014-01-06 13:03:53 +01:00
1ffcf39448
Make embedded comments look nicer
2014-01-03 12:52:42 -05:00
4f8aed295a
FEATURE: Embeddable Discourse comments, now with simple-rss instead of feedzirra
2013-12-31 15:01:22 -05:00
62db063e1e
Revert "Support for Embeddable Comments via IFRAME" - it depends on Curl
...
which not every server has. Have to rethink this.
This reverts commit e3e4c62887
2013-12-31 12:52:31 -05:00
e3e4c62887
Support for Embeddable Comments via IFRAME
2013-12-31 12:26:24 -05:00
567d2bd23c
add top page
2013-12-24 00:50:36 +01:00
341adc93a4
Allow categories with null position, which means sort them based on activity. Mix absolutely positioned (position is not null) categories with null position categories.
2013-12-16 15:13:57 -05:00
06e9cbc6cb
FIX: Look up a url without the query string if it couldn't be found with it.
2013-12-13 12:56:20 -05:00
05a3c8090f
Merge pull request #1658 from salbertson/sa-refactor-users-controller-create
...
Refactor UsersController#create
2013-12-12 22:16:50 -08:00
06dd7ffe3c
better revision history
2013-12-12 03:41:34 +01:00
9a24d2651d
Allow category to auto-close topics in X hours instead of days. FIX: the system message that says a topic was automatically closed was only counting in days.
2013-12-06 16:39:35 -05:00
51eff92170
Refactor UsersController#create
...
* Simplify controller action
* Extract service classes
2013-12-05 10:11:16 -08:00
a9ab98ef9e
Auto-close time can be entered in 3 ways, so a topic can close at any time
2013-11-27 09:52:35 -05:00
981d8f6aea
Signup form: prefill username if Discourse Hub has a match for the email address. Also, fix some bad specs in username_checker_service_spec that were passing...
2013-11-19 14:15:28 -05:00
639394e38a
FIX: Pinned topics within a category weren't working without a refresh
2013-11-18 10:52:01 -05:00
482b752046
add edit reason when editing a post
2013-11-15 23:28:49 +01:00
77b59b54ce
Refactor UsersController#invited
...
* Add test coverage
* Simplify controller action
* Move finder code to Invite class
2013-11-11 13:23:49 -08:00
d65cd0f97e
Merge pull request #1637 from railsaholic/refactor_users_upload_avatar_action
...
Refactor Users#upload_avatar method
2013-11-11 09:59:30 -08:00
58f78e9001
Refactor Users#upload_avatar method
...
Moved avatar file upload to ```AvatarUploadService``` class and
```AvatarUploadPolicy```
Address review comments + require missing file in spec
2013-11-11 23:21:14 +05:30
a9c5d843f7
remove problem spec that does not work properly in rails 4 mode into application controller and correct it
2013-11-11 10:50:48 +11:00
af67284995
User ctrl refactor - breaks up large methods, moves some logic into model
...
Includes missing methods from backup for travis to pass
fix missing code, failing specs
keep params handling in the controller.
2013-11-09 18:44:13 +05:30
6e43372e7c
Merge pull request #1610 from salbertson/sa-refactor-users-update
...
Move logic for updating a user to a service class
2013-11-07 12:29:19 -08:00
0c6f794eb0
Used the term suspended instead of banned.
2013-11-07 13:53:49 -05:00
72bfa4471f
Move logic for updating a user into a service class
2013-11-07 08:39:39 -08:00
de30af9302
Support for inviting to a forum from a user's invite page.
2013-11-06 12:56:50 -05:00
37fd7ab574
pull hotlinked images
2013-11-05 19:07:29 +01:00
ede59a4386
FIX: issue 1538. After upgrading and before a new version check request has been made, dashboard might still say that an update is available.
2013-11-04 12:51:09 -05:00
c0cffca1e6
Test title updating
2013-11-01 13:43:31 -07:00
3cc17ad4cd
Add test coverage for #update
2013-11-01 13:43:31 -07:00
58f96bdfb5
Remove duplication in test setup
2013-11-01 13:43:31 -07:00
2e7696630b
Make #update specs consistent
...
* Use expect syntax
* Avoid lets
* Stub Guardian method used in the controller
2013-11-01 13:43:31 -07:00
ce5ebc3eb5
On sites with login_required enabled, after signup, don't show the /login page again
2013-10-30 16:37:36 -04:00
3d6d7c8abe
SiteSetting to hide regular names from users
2013-10-30 15:45:34 -04:00
6063b52d6a
Support for choosing a destination category when splitting topics.
2013-10-29 15:30:06 -04:00
666264879c
change it so all topics MUST include a category, we store a special uncategorized category to compensate
...
this cleans up a bunch of internals and removes some settings
2013-10-24 12:08:02 +11:00
541620c115
Routes and support for sub-categories
2013-10-23 15:22:49 -04:00
f73a64982a
Raise an error if a `api_username` is supplied and does not match the key
2013-10-23 11:05:49 -04:00
348e2e3ef2
Support for per-user API keys
2013-10-22 17:34:39 -04:00
7d582fbee3
Screened ip address can be edited, deleted, and changed to allow or block.
2013-10-22 16:30:46 -04:00
9b2f821012
Merge pull request #1512 from ScotterC/avatar-from-url
...
Build out a URI Adapter to allow uploading an avatar via a url
2013-10-21 13:17:37 -07:00
cbef844a57
Build out a URI Adapter to allow uploading an avatar via a url
...
Currently only really accessible via the API. The UriAdapter creates a
tempfile from a url and gives a ActionDispatch::HTTP::UploadedFile back
to the controller to process as normal.
This will help a lot in being able to transfer avatar urls from another
app without monkey patching a lot of discourse code.
2013-10-21 14:53:03 -04:00
648b11a0eb
Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address.
2013-10-21 14:50:18 -04:00
7dfa99998f
Remove duplication of action defintion, add missing spec for topics_by, extract out URL construction logic
2013-10-21 08:34:18 +05:30
9106596a9a
add image authorization on upload_avatar
2013-10-12 14:11:44 +02:00
23bf4436f5
FIX: avatar was attached to the user who uploaded it...
2013-10-12 10:55:41 +02:00
c38ba8acdd
add rss links to anonymous homepages
2013-10-11 18:43:29 +02:00
bccb37b6f3
When creating a topic, don't select a category by default when allow_uncategorized_topics is false. Also, added category validation on the server to enforce allow_uncategorized_topics.
2013-10-08 14:41:20 -04:00
e18b93026a
defer view creation on so updates are not performed when people navigate to topics
2013-10-07 15:04:59 +11:00
5bf26ec34e
large refactor, ship a few columns from the user table into user_stats
2013-10-07 15:04:59 +11:00
af96ef2994
FIX: deleting a flagged post issue
...
cf. http://meta.discourse.org/t/deleting-a-flagged-post-issue/10061
The bug was only happening when you were about the delete the first post, which means deleting the entire topic.
2013-10-02 16:59:57 +02:00
3f0c03a20c
FIX: Prevent unauthorized list of private message titles. Also remove some unused code.
2013-09-30 14:35:11 -04:00
cd4cda5b4c
allow users to specify thumbnail size
2013-09-27 10:57:31 +02:00
3ba1f20674
New site settings to enable/disable the possibility of editing user's nickname or email address
2013-09-14 21:34:21 +09:00
7d9a84b496
New User Education goes through a server side ComposerMessages check. Composer message for users
...
who don't have avatars.
2013-09-13 12:23:53 -04:00
45b838009c
proper content-disposition header when downloading attachments
2013-09-06 19:23:56 +02:00
4a0f3b3ac2
fix user_controller_spec when testing too long usernames
2013-09-05 17:36:53 +02:00
71c1b8b9b9
When deleting a post as staff, ask if you want to delete direct replies too
2013-09-05 11:03:34 -04:00
f157ec1f91
Select +Replies for bulk operations
2013-09-05 11:03:29 -04:00
e15982a476
FIX: convert error in test
2013-08-28 22:06:09 +02:00
9085cec232
Move json hash from users controller to NicknameUnavailable
2013-08-26 15:00:11 +00:00
213ce33af2
Fixed all broken specs
...
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
af356e58d4
work in progress, get specs to work.
2013-08-26 12:59:17 +10:00
f87ba0d88f
Merge pull request #1381 from einarj/test_nickname_hub_registration_failure
...
Added test case for nickname registration failure
2013-08-25 17:12:52 -07:00
d87389b38e
No more rails 4 deprecation warnings
2013-08-25 23:18:11 +02:00
0d22a77c63
Added test case for nickname registration failure
...
* Also made a minor readability change by moving the auth.present? check
* from UsersController#create into #create_third_party_auth_records
* which is the method that relies on the check.
2013-08-25 20:18:07 +00:00
3b9e62e6b9
improved specs for avatar
2013-08-24 22:45:05 +02:00
86012ac579
Fix a case when the wrong topic is loaded because the slug starts with a number
2013-08-22 16:23:46 -04:00
a95303fcd8
Log site customization changes. Use a modal to show staff action log details for site customizations.
2013-08-21 12:33:24 -04:00
1d030666d8
Log site setting changes and show in admin
2013-08-19 16:58:38 -04:00
4af8a9102e
Authenticate with Discourse via OAuth2
...
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
b6285b85d2
Add reject option to pending users page
2013-08-16 11:42:43 -04:00
293361dcd3
Screened URLs list in admin
2013-08-15 10:52:26 -04:00
86647f0a54
Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail.
2013-08-14 16:08:23 -04:00
ed060ed5f1
Change trust level logs the previous trust level
2013-08-13 12:04:28 -04:00
b36c6d7b78
Users cannot change their own username after 3 days since registering. Site setting username_change_period allows you to change the number of days.
2013-08-12 14:55:09 -04:00
5c8c52482a
Add a way to view staff action logs in admin
2013-08-07 16:27:34 -04:00
d2fb6ec53f
Blocked Emails list in admin
2013-08-07 16:27:34 -04:00
1c3804934e
Show the entire history of replies above a post when you expend "in reply to"
2013-08-06 17:43:10 -04:00
c74da0d262
Admins who haven't been approved can log in when must_approve_users is enabled
2013-08-06 16:51:29 -04:00
98b58150bb
Dashboard calculations are done with an async job now
2013-08-02 18:32:33 -04:00
16cd3e2a53
Fix to allow admins to change the case of a someone's username
2013-07-30 16:48:45 -04:00
e25638dab0
add a way to delete posts and topics when deleting a user with UserDestroyer
2013-07-29 15:29:43 -04:00
a8df9778b5
Rename AdminLog to StaffActionLog
2013-07-29 15:29:43 -04:00
4a20d09523
distributed memoizer added to ensure absolute duplicate posts don't get through
...
in case of an absolute dupe just return the memoized post
This works around issues with wordpress being crazy
2013-07-29 12:25:19 +10:00
c28b377494
Don't redirect to arbitrary URLs via link tracker
2013-07-26 12:14:11 -04:00
f99acebdaa
Rails 4 updates
2013-07-24 21:09:18 +02:00
cb5ce3aab9
Merge pull request #1247 from sir-pinecone/strip-spaces-from-login
...
Strip leading/trailing spaces from login
2013-07-24 00:16:55 -07:00
b223cdb493
Strip spaces from group names upon creation
2013-07-24 00:00:17 -04:00
25f8692a79
Strip leading/trailing spaces from login
2013-07-23 23:03:38 -04:00
be9217d4c8
add server-side filesize check on uploads
2013-07-24 00:54:41 +02:00
9ac6c6e2e9
Merge pull request #1233 from sir-pinecone/improve-group-deletion
...
Add confirmation modal to admin group deletion
2013-07-23 00:43:06 -07:00
1f3c5cb656
allow end user to recover a post they delete
...
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
9616767bff
Add confirmation modal to admin group deletion
2013-07-22 02:48:23 -04:00
c2be81a76e
Merge pull request #1199 from ZogStriP/uploads
...
adds the `max_attachment_size_kb` setting
2013-07-16 23:03:42 -07:00
943f88fb88
make specs more robust
2013-07-16 16:18:05 +10:00
352ac9e60c
Finalize read only and post only categories, finished off UI work
2013-07-16 15:46:11 +10:00
ecf17cfebb
work in progress, add fidelity to category group permissions (full, create posts, readonly)
2013-07-16 15:46:11 +10:00
5ce05ff5cb
adds the `max_attachment_size_kb` setting
...
so that we can specify a different max upload size for attachments and images.
2013-07-16 02:01:36 +02:00
0e504aac9b
FIX: You can reset your password even if logins are required.
2013-07-15 12:12:54 -04:00
6ca5df0a09
Can recover deleted topics. Deleted topics show the first post as deleted in the UI.
2013-07-12 12:09:17 -04:00
b94d26d798
update back-end specs
2013-07-10 22:59:54 +02:00
b7327942af
Add `deleted_by` to `Trashable` tables
2013-07-09 15:46:36 -04:00
ba7a4e9845
Merge pull request #1165 from novemberkilo/feature/log-trust-level-boosts
...
Log all changes of user trust level by an admin
2013-07-09 12:16:08 -07:00
3c38062802
Check for updates: edge cases when the message on the dashboard doesn't make sense.
2013-07-09 14:01:08 -04:00
d98f288aa4
FIX: Recovering a deleted post was not updating a topic's statistics
2013-07-09 12:15:55 -04:00
45d85f4054
If the change doesn't go through, don't log anything
2013-07-08 12:51:35 +02:00
d77ce23de2
Log all changes of user trust level by an admin
2013-07-08 11:53:22 +02:00
91238af6f1
correct failing specs
2013-07-08 12:25:38 +10:00
6cd6484b5e
New mode for Wordpress: Filter ONLY posts liked by moderators
2013-07-05 16:07:24 -04:00
4c90b16681
FIX: Next pages were missing on `<noscript>` content. Also fixed some long standing bugs.
2013-07-05 14:45:54 -04:00
84ce04dfa5
Use POST for send_activation_email action
2013-07-05 12:26:46 -04:00
07ebd20776
Merge pull request #1143 from ahx/fix-cas-email-name-and-improve-authentication-specs
...
Improve the omniauth controller specs. Fix the email provided by CAS. Get name from CAS attributes.
2013-07-04 14:48:52 -07:00
661f2057f7
Improve the omniauth controller specs. Fix the email provided by CAS. Get name from CAS attributes.
...
* Make omniauth controller specs more robust by using shared examples for all authentication providers in controller spec. – Still passing. Yay!
* Return "casuser", instead of "casuser@" when no cas_domainname is configured.
* If no cas_domainname is configured, the CAS authentication would return "casuser@" for the users email field, because it tried to assume the email adress of the CAS user by it's username + cas_domainname.
Now it just returns the username instead of adding an "@" if cas_domainname is not configured.
This especially makes sense on CAS setups where the username equals the users email adress.
The old behaviour, if cas_domainname is configured, was not changed.
* Fetch the email from CAS attributes if provided
If the cas:authenticationSuccess (handled via omniauth-cas) response gives us an email use that.
If not, behave as before (username or username@cas_domainname).
* Fetch the (full) name from CAS attributes if provided
If the CAS response by omniauth provides a [:info][:name] field, prefer this over the uid, because we want the name to be a "Full Name", instead of just a "shortname"
2013-07-04 12:01:39 +02:00
3da37506da
Back end - temporary boosting of trust levels
2013-07-03 10:30:40 +02:00
075ed1ab53
Refactor user blocking code; hide the Block button in admin
2013-07-02 14:42:53 -04:00
5770879472
Refactor: Move Topic Details into better objects, identity map, tests, query string filters
2013-07-02 10:36:46 -04:00
46c6949b6e
Merge pull request #1123 from stephankaag/rails4-new
...
Refactor routes in order to be compatible with Rails 4
2013-07-01 16:07:22 -07:00
e39cc464b1
Refactor routes in order to be compatible with Rails 4
2013-07-01 20:00:06 +02:00
2ccf339437
Removed a debugging "put"
2013-06-28 23:16:13 +02:00
a352b70bfc
Permit changing my own username's case without an error saying it is already taken
2013-06-28 16:21:46 -04:00
b37b6ce664
Minor spec clean-up
2013-06-28 14:43:35 -04:00
2deaf8ef98
Custom Wordpress Serializer and Path, with Specs
2013-06-28 13:56:13 -04:00
1355c1e3b0
Fix links to uncategorized when SiteSetting.uncategorized_name is set
2013-06-27 16:16:06 -04:00
5d6ad8f39c
Show a useful message when a banned user tries to log in
2013-06-27 15:14:42 -04:00
92562c2090
Merge pull request #1057 from house9/list-controller-1
...
refactor list_controller
2013-06-25 17:36:56 -07:00
a86b35c873
Remove the access_password site setting
2013-06-25 15:05:25 -04:00
2e12eb2b62
refactor list_controller
...
- minor refactoring of actions 'category' and 'category_feed'
- fix defect in 'category' where check was for literal
string 'uncategorized' instead of SiteSetting.uncategorized_name
- major refactoring on defined topic actions
2013-06-25 08:29:00 -07:00
06be760257
adds TopMenuItem model which encapsulates top_menu parsing logic
2013-06-24 10:04:18 -07:00
e263bb3c0a
Anons should be able to see post history
2013-06-19 16:43:16 -04:00
5ef6714d48
New site setting: `minimum_topics_similar`, allows you to specify a minimum amount
...
of topics that need to be in the database before it will suggest similar topics as
a user creates a post.
2013-06-19 13:14:24 -04:00
799b402778
fix horribly broken invite code, could lead to inviting the wrong person to a conversation
2013-06-19 10:31:19 +10:00
eea00afb80
tos and privacy urls redirect based on site settings
2013-06-18 10:52:04 -04:00
6ea91b4416
remove useless upload topic direct association
2013-06-17 02:49:33 +02:00
77b218a142
FIX: Do not suggest similar topics from secure categories you can't see.
2013-06-12 13:45:11 -04:00
54d8c963d0
fix tests and allow SE onebox to onebox Meta cause I need that for an post I am writing
2013-06-12 12:23:24 +10:00
a362d62b42
Do not return mail password in EmailController
2013-06-11 16:00:13 -07:00
82b5f57e40
Make it possible to set a site setting to empty string
2013-06-11 14:31:38 -04:00
811a0df68b
Make s3 region site setting a drop down
2013-06-11 14:24:04 -04:00
5ff7e570ac
Add support for enum site settings that render as a dropdown; use a dropdown for default_locale
2013-06-11 11:40:14 -04:00
169125e96d
Fix a case where a random topic with null slug will be rendered instead of 404
2013-06-07 14:30:26 -04:00
b61e10f9ad
All parameters for #create in PostsController pass through strong_parameters.
...
We are now explicitly whitelisting all parameters for Post creation. A nice side-effect is that it cleans up the #create action in PostsController. We can now trust that all parameters entering PostCreator are of a safe scalar type.
2013-06-07 01:29:25 -07:00
93fc0e74bc
Test correct login behavior when pending approval
2013-06-06 18:36:16 -07:00
41b0692543
Show 'waiting approval' and don't send email
...
When 'must approve users' in enabled, we don't want to send an
activation email to users after they sign up. Instead, we will show them
'waiting approval' and not take an action until their account is
approved by an admin.
2013-06-06 18:36:16 -07:00
e7b38fb188
Move duplicated request to helper method
2013-06-06 18:36:16 -07:00
4a182f8bba
Fix spec doc; sends welcome email for active users
2013-06-06 18:36:16 -07:00
a151bfc7ec
Store when a topic was first set to auto-close and report that amount of time when it closes. And do some refactoring.
2013-06-06 17:04:21 -04:00
62041da7e0
Handle /t/only-the-slug urls by trying to find the topic by slug (second try)
2013-06-06 14:41:37 -04:00
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
2ca734c118
Merge pull request #964 from chrishunt/exclusive-club
...
Add 'invite only' site setting
2013-06-05 16:38:47 -07:00
0b97ea6345
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-05 17:47:25 -04:00
acf147ef88
Disable OmniAuth account creation if 'invite only'
2013-06-05 11:11:02 -07:00
d432798ff8
Silently fail if user tries to sneak in
...
When 'invite only' is enabled, there's no way for a user to create an
account unless they try and sneak in by POSTing to /users/. We will
silently fail if this happens.
2013-06-05 11:08:21 -07:00
41528f5d11
Implemented strong_parameters for Upload/UploadsController.
...
The topic_id param is now required using strong_parameters' #require method. If the parameter is missing ActionController::ParameterMissing will be raised instead of Discourse::InvalidParameters.
2013-06-05 00:55:55 -07:00
f50b648844
Implemented strong_parameters for PostAction/PostActionsController.
...
PostActionsController now uses strong_parameters' #require to require certain parameters. ActionController::ParameterMissing is now thrown when a reqired parameter is missing, rather than Discourse::InvalidParameters.
2013-06-05 00:23:51 -07:00
3b245031a4
Implemented strong_parameters for Invite/InvitesController.
...
The email parameter is now required using strong parameters and will throw ActionController::ParameterMissing if it is missing. If the email address is incorrect or invalid, Discourse::InvalidParameters will still be thrown.
2013-06-05 00:04:03 -07:00
130d837952
Implemented strong_parameters for Category/CategoriesController.
...
Category now requires parameters to be permitted by strong_parameters using #require or #permit for mass-assignment. Missing required parameters now throw a ActionController::ParameterMissing execption instead of the Discourse::InvalidParameters execption.
2013-06-04 23:45:25 -07:00
978785720a
Redirect to root after login if no path provided
...
If we do not do this, then people that login from /login will just be
redirected back to the login page. We'd rather have them see the root
path.
2013-06-04 16:10:10 -07:00
92a4828f72
Redirect all controllers to login if required
...
We want to skip the filter for sessions controller so that we can login
and we want to skip the filter for static pages because those should be
visible to visitors.
2013-06-04 16:10:10 -07:00
c4904aacc0
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin.
2013-06-03 16:37:40 -04:00
545dbfc07e
New Feature: Staff can choose to "Take Action" when flagging to immediately reach hiding
...
thresholds.
2013-05-31 17:39:32 -04:00
d23ef1d090
FIX: You could update a topic to have a title that's too short if the TextCleaner
...
removed extra characters. Additionally, updating the title will not return an error
message to the client app if the operation fails (rather than failing silently.)
2013-05-31 15:24:13 -04:00
e0dae88885
remove specs for redirect_to_show, i'll figure out how to do this properly later
2013-05-31 12:10:07 -04:00
5d444be72b
Support incomplete topic urls like /t/just-a-slug; fix error when using route /t/:topic_id/:post_number
2013-05-30 10:39:15 -04:00
73834370a5
work in progress, live unread and new counts
2013-05-30 16:49:57 +10:00
46389754d6
Merge pull request #892 from eriko/cas_support
...
Cas support
2013-05-28 16:13:29 -07:00
c32399a80b
added test condition that fails with latest AM serializer
2013-05-28 10:42:04 +10:00
e1781240a6
Merge branch 'refactoring' of git://github.com/mattvanhorn/discourse
...
Conflicts:
lib/text_sentinel.rb
2013-05-27 10:42:20 -04:00
661ddbb158
introduce strong_parameters
2013-05-27 11:06:09 +10:00
d84ae80074
Simplify user action make it more idiomatic
2013-05-27 10:22:37 +10:00
d7817cf314
extract TopicNotifier class from topic
2013-05-24 13:36:33 -07:00
bd779834e5
Use search context for filtering search results by current category or user
2013-05-24 14:04:26 -04:00
1575ce7b10
add cas support with a few tests
2013-05-23 13:40:50 -07:00
b9a310f4b1
Search Refactor: Let's use a class to keep track of our state rather
...
than passing params everywhere. Also make the private API private.
2013-05-22 15:22:06 -04:00
c4d8085fc5
remove moderator status posts from best feed
2013-05-22 15:04:53 +10:00
a80ec535a3
Support for "Select All / Deselect All" while selecting posts to merge / delete.
2013-05-16 16:50:38 -04:00
d554a59102
Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
...
to the same host enough tiles, they will not be able to post the same link again.
Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
9828c87525
Topic Auto-Close: admins and mods can set a topic to automatically close after a number of days
2013-05-13 12:53:52 -04:00
b6bf95e741
speed up startup (avoid loading some gems on startup)
...
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
98d9f174ae
fix spec
2013-05-13 11:07:22 +10:00
cf01c98d81
Experimental: Interface to Move Posts to an Existing Topic
2013-05-10 14:55:51 -04:00
942f168ab6
UI still a tad rough, but we have a first pass of secure categories
2013-05-10 16:47:47 +10:00
0f0fd281a8
group progress, never email banned users
2013-05-09 11:34:58 +10:00
6b536dcde5
work in progress ... groups
2013-05-08 15:20:38 +10:00
e9fc272db7
remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
...
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
017ee7c2da
FIX: [security bug] XHR check bypass
2013-04-30 02:34:19 +02:00
057b4768e6
strip whitespace when changing e-mail addresses
...
Fixes #778 .
2013-04-27 23:03:06 -04:00
37867af1bb
track incoming links, amend share link to include user
...
fix pm styling
2013-04-24 18:05:35 +10:00
b64a4100fa
change "visitor" trust level to "new user"
...
I blame me for this mistake.. visitor means other stuff in practice. New
User is correct meaning.
2013-04-17 16:11:24 -07:00
b24c1a1ad9
better consistency around email case sensitivity
2013-04-15 02:20:33 +02:00
3dcb1905e3
Refactor user controller, create action, mostly.
...
The gist of the commit are a few improvements in the
create action, where:
* long boolean statemenst have been wrapped in smaller more readable
methods.
* the 3rd party user info creation has been extracted (still in controller)
* a small helper method for creating a new user from params (to reduce
visual clutter)
* specs have been added where I came across untested methods/branches
Other changes are more trivial like formatting and whitespace fixes.
Hope this helps. Regards.
2013-04-13 00:53:59 +02:00
651cfba93f
Add ability to destroy a user with 0 posts
2013-04-12 16:53:00 -04:00
c5cf8be864
auto replace rules in titles
2013-04-10 11:00:50 +02:00
1692350336
added some tests for uploads
2013-04-07 17:52:46 +02:00
a14f62766e
Replace MultisiteI18n hack with SiteContent and admin editing.
2013-04-05 16:48:15 -04:00
fa1ba6791b
Work in Progress: Content Editing in Admin Section
2013-04-04 17:26:22 -04:00
7105349f1f
FIX: accessing a topic with a 'page' parameter
2013-04-04 00:12:27 +02:00
738789f336
Admins can't lock themselves out of a site by setting approval.
2013-04-03 12:23:28 -04:00
2b120ef886
add UploadsController specs
2013-04-03 01:17:17 +02:00
25073e873f
Fetch the list of problems more frequently on the admin dashboard
2013-03-29 15:48:26 -04:00
1668b5eab2
FIX: allows the selection of the default landing tab
2013-03-28 14:01:13 +01:00
36269cfbaa
Rename 'popular' to 'latest'. First stab at 'Hot' tab.
2013-03-27 16:21:23 -04:00
c57ec611e1
basic api support
2013-03-25 18:04:46 -07:00
5dfb04e4b3
Convert a lot of :a => b to a: b and bring peace to the world
2013-03-25 05:07:36 +05:30
ee5213be5f
Fixes regression with video embeds
2013-03-21 20:53:12 -04:00
babcfe6234
Cache oneboxes in Redis now instead of postgres.
2013-03-21 13:11:54 -04:00
62c60540be
pull moderator into own column, rename trust levels
2013-03-19 21:06:11 -07:00
59fc3bfac4
PostDestroyer to replace callbacks for destroying
2013-03-18 17:55:11 -04:00
76d8df6ac6
Merge pull request #462 from kubabrecka/colorpicker3
...
implement color picking from predefined set for category badges + option to change foreground color
2013-03-15 13:43:59 -07:00
ad082cea70
Big commit:
...
- Support for a popup that shows similar topics
- Cleaned up a lot of Javascript
- Cleaned up use of Promises
2013-03-15 14:35:33 -04:00
6c4d9ecfdc
Use one request to fetch dashboard report data and check version
2013-03-14 18:26:26 -04:00
8784c55188
implement color picking from predefined set for category badges + option to change foreground color
2013-03-14 14:16:57 +01:00
fb573b917f
Merge pull request #390 from ZogStriP/min-search-term-length-site-setting
...
added the min-search-term-length site setting
2013-03-08 06:58:45 -08:00
2ebe0336ae
On signup, handle duplicate key errors on email and username better
2013-03-07 14:56:55 -05:00
f8d8272406
Cleaned up TopicUserSpec, introduces clearing of pinned topics
2013-03-07 12:19:25 -05:00
5703d6c730
added the min-search-term-length site setting
2013-03-07 16:52:01 +01:00
c123e40638
Merge pull request #373 from alxndr/master
...
Raise 404 from Admin::UsersController#show if no user found
2013-03-06 09:17:47 -08:00
83f89b5c55
Fix check if you're up to date in javascript
2013-03-06 10:34:29 -05:00
c4f1cb0d7b
Raise 404 from Admin::UsersController#show if no user found
...
[Fixes #353 ]
2013-03-05 14:02:23 -08:00
e4277757c4
Fix onebox loading on every keystroke after a request fails.
2013-03-05 14:06:39 -05:00
51f6ae69c9
Check when logging in whether a auth provider is enabled, including specs
2013-03-04 13:44:41 -05:00
d410f043a9
Merge pull request #290 from alxndr/category-rss
...
RSS for topics in a category
2013-03-01 12:01:26 -08:00
7c68224763
Merge pull request #309 from goshakkk/enums
...
Introduce Enum
2013-03-01 11:34:48 -08:00
d2596c3c4c
Remove unusued site_settings, show checkbox in UI for boolean values, remove restrict_access
...
boolean to avoid locking yourself out by setting access_password to empty string. Minor
UI tweaks.
2013-03-01 14:27:41 -05:00
0c99dea153
introduce Enum
2013-03-01 21:16:36 +03:00
fd240c1967
RSS for topics in a category
...
Creates a new route for category RSS
2013-03-01 09:52:59 -08:00
dc8e1196fd
Code to support EmberJS + Discourse Tutorial feature: Admin Reports
2013-02-27 22:40:36 -05:00
8855a0bfbe
RSS of a topic via new route
...
Adds TopicView#recent_posts; Post#by_newest, #with_user, #author_readable; User#readable_name
Autodiscovery tag in topic show HTML.
2013-02-26 14:54:17 -08:00
1221c393a3
Merge branch 'whitespace-cleanese' of git://github.com/goshakkk/discourse
...
Conflicts:
lib/oneboxer.rb
lib/oneboxer/whitelist.rb
spec/controllers/robots_txt_controller_spec.rb
2013-02-26 10:42:49 -05:00
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
79c19233bc
corrected spec labels
2013-02-25 23:58:16 +01:00
3e6641c07e
Unsign auth token cookies per discussion on #215
2013-02-23 13:40:21 -05:00
532b1f5450
Can edit category descriptions, they show up in a `title` attribute
2013-02-22 13:43:47 -05:00
ff3e012034
Add a link that allows you to send activation email again
2013-02-22 11:49:58 -05:00
5616fdc475
Sign the auth token cookie and make it httpOnly
2013-02-20 17:24:19 -05:00
c0371ff427
Add version checking that shows on the admin dashboard
2013-02-19 15:20:49 -05:00
37b0c168bf
Support non-english topic titles
2013-02-14 17:13:03 -05:00
5d4efa9100
Support for non-english categories
2013-02-14 16:51:48 -05:00
b9457197c0
First stab at new user education - configurable messages that pop up on a user's first
...
few posts/topics.
2013-02-14 15:33:51 -05:00
39eab7c425
Replace mentions of mothership with discourse_hub
2013-02-14 12:57:26 -05:00
80bec6efc9
Adds grant and revoke moderation buttons so admins can make users moderators
2013-02-14 01:12:23 +00:00
824b09389f
Don't allow signups without a password
2013-02-12 15:42:16 -05:00
f3dc93a0db
WIP, a very nice refactoring of TopicsController#show
2013-02-11 17:54:56 -05:00
c18b85873f
Prevent login until email is confirmed
2013-02-11 11:18:37 -05:00
c50a9e4d01
added support for disabling indexing by google using SiteSetting.allow_index_in_robots_txt = false
2013-02-11 11:02:57 +11:00
03a798b202
Can clear flags on deleted posts if you're a moderator
2013-02-08 19:07:29 -05:00
7c11c3fe0f
Can edit deleted posts.
2013-02-08 17:49:15 -05:00
ce7088f081
check_username api now returns correct error message for invalid lengths etc
2013-02-08 14:12:48 -05:00
79dfccf717
Username validation in signup and username change forms
2013-02-07 18:23:52 -05:00
63c0fdda44
Merge pull request #57 from blowmage/user_search_refactor
...
Refactor UserController#search_users
2013-02-07 12:38:39 -08:00
084a873b91
Give regular users a delete button. If they click it, their post will be revised to
...
say it was deleted.
2013-02-07 15:14:23 -05:00
d72c26ff92
Refactor UserSearch tests
2013-02-07 09:35:38 -07:00
e41b6537f9
Remove expectation of term case
2013-02-07 09:35:38 -07:00
0136727595
Add test coverage for UsersController#search_users
2013-02-07 09:34:06 -07:00
7d7d8c7d4f
Merge branch 'master' of github.com:discourse/discourse
2013-02-06 20:59:07 -05:00
40da901e5d
Introduction of TextSentinel to enforce title and body quality.
2013-02-06 20:53:34 -05:00
471c61fd69
Add honeypot and challenge to signup form
2013-02-06 19:25:36 -05:00
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00
Régis Hanol
Sam
Louis Rose
Neil Lalonde
Vikhyat Korrapati
Robin Ward
paully21
riking
Johan Jatko
Stephen Birarda
Wojciech Zawistowski
Jonathan Allard
Stephan Kaag
Christian Ramón
slainer68
Benjamin Kampmann
Scott Albertson
railsaholic
sirMackk
Scott Carleton
dbarbera
Matthieu Guillemot
Emili Parreno
Einar Jonsson
Navin Keswani
Michael Kirk
Michael Campagnaro
Michael Campagnaro
Navin
Andreas Haller
Jesse House
Chris Hunt
Ian Christian Myers
Matt Van Horn
Erik Ordway
Jonathan Roes
Jeff Atwood
Philipp Weissensteiner
Karan Misra
Kuba Brecka
Regis Hanol
Alexander
Gosha Arinich
tms
Ismael Abreu
Grant Ammons
Mike Moore