Commit Graph

525 Commits

Author SHA1 Message Date
Neil Lalonde bd9b85f076 Screened Urls page shows results for each domain instead of each url 2013-11-04 16:24:48 -05:00
Robin Ward ae81d78ab9 Merge pull request #1605 from vikhyat/fix-activerecord-associations-collectionproxy-serialization
Fix serialization of ActiveRecord::Associations::CollectionProxy in Rails 4
2013-11-04 07:16:52 -08:00
Vikhyat Korrapati 855ee3b43d Fix ActiveRecord::Associations::CollectionProxy serialization in Rails 4. 2013-11-03 10:41:38 +05:30
Régis Hanol b56b11d96a add qunit to autospec 2013-11-01 23:57:50 +01:00
Neil Lalonde 92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Neil Lalonde ce5ebc3eb5 On sites with login_required enabled, after signup, don't show the /login page again 2013-10-30 16:37:36 -04:00
Robin Ward 3d6d7c8abe SiteSetting to hide regular names from users 2013-10-30 15:45:34 -04:00
Robin Ward 6063b52d6a Support for choosing a destination category when splitting topics. 2013-10-29 15:30:06 -04:00
Manoj 9650dbb97c Refactor topics controller
Refactor: 1) TopicsController to reduce code climate complexity.
2) Topic model, addressed comments

fix typo
2013-10-28 11:42:07 +05:30
Robin Ward f4d9bf9181 Merge pull request #1573 from railsaholic/use_existing_find_by_username_or_email
Utilize already existing method 'find_by_username_or_email'
2013-10-25 12:57:18 -07:00
Neil Lalonde 017efdece5 A form to add ip addresses to be blocked or whitelisted 2013-10-24 17:19:10 -04:00
Robin Ward 61468f6f27 Can assign a parent category to a category. 2013-10-24 17:03:28 -04:00
Manoj 96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Sam b7d3b52e4f basic implementation of per-category new/latest etc filters 2013-10-24 21:05:06 +11:00
Sam 738a25b732 fix failure in rails 4 mode 2013-10-24 13:40:18 +11:00
Sam 666264879c change it so all topics MUST include a category, we store a special uncategorized category to compensate
this cleans up a bunch of internals and removes some settings
2013-10-24 12:08:02 +11:00
Robin Ward 541620c115 Routes and support for sub-categories 2013-10-23 15:22:49 -04:00
Neil Lalonde bf06014a16 Order by creation time by default in screened ip addresses table 2013-10-23 13:01:50 -04:00
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Neil Lalonde 7d582fbee3 Screened ip address can be edited, deleted, and changed to allow or block. 2013-10-22 16:30:46 -04:00
Régis Hanol 26218ce11f RSS feeds should contain only publicly-available posts 2013-10-22 16:30:25 +02:00
Régis Hanol 9b2f821012 Merge pull request #1512 from ScotterC/avatar-from-url
Build out a URI Adapter to allow uploading an avatar via a url
2013-10-21 13:17:37 -07:00
Robin Ward 2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Scott Carleton cbef844a57 Build out a URI Adapter to allow uploading an avatar via a url
Currently only really accessible via the API. The UriAdapter creates a
tempfile from a url and gives a ActionDispatch::HTTP::UploadedFile back
to the controller to process as normal.
This will help a lot in being able to transfer avatar urls from another
app without monkey patching a lot of discourse code.
2013-10-21 14:53:03 -04:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Sam 0f4f593c89 correct broken test 2013-10-21 17:21:35 +11:00
Sam e7a037709f allow ordering categories in the edit category ui 2013-10-21 17:21:34 +11:00
Sam 451a1620f9 Merge pull request #1545 from railsaholic/lists_controller_refactor
Remove duplication of action defintion
2013-10-20 22:19:40 -07:00
Sam 29c8d2ebec oops add security 2013-10-21 15:33:42 +11:00
Sam 6067795780 categories can now be re-ordered 2013-10-21 15:25:20 +11:00
Manoj 7dfa99998f Remove duplication of action defintion, add missing spec for topics_by, extract out URL construction logic 2013-10-21 08:34:18 +05:30
Manoj 868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Sam 1ee49798b2 work in progress wide category list 2013-10-18 11:10:10 +11:00
Sam 3d647a4b41 remove rack cache, it has been causing trouble
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
dbarbera 9106596a9a add image authorization on upload_avatar 2013-10-12 14:11:44 +02:00
Régis Hanol 23bf4436f5 FIX: avatar was attached to the user who uploaded it... 2013-10-12 10:55:41 +02:00
Régis Hanol c38ba8acdd add rss links to anonymous homepages 2013-10-11 18:43:29 +02:00
Sam 939a452293 require dependency was leading to errors in dev 2013-10-09 17:22:41 +11:00
Sam 7993845bfa add current_user_provider so people can override current_user bevior cleanly, see
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Neil Lalonde bccb37b6f3 When creating a topic, don't select a category by default when allow_uncategorized_topics is false. Also, added category validation on the server to enforce allow_uncategorized_topics. 2013-10-08 14:41:20 -04:00
Sam 094b5eccca bug fixes for user_stat extraction, decrease querying 2013-10-07 15:05:00 +11:00
Sam e18b93026a defer view creation on so updates are not performed when people navigate to topics 2013-10-07 15:04:59 +11:00
Robin Ward fc00269b7f Pop up with user information when clicking avatar on topic page 2013-10-03 13:06:30 -04:00
Régis Hanol af96ef2994 FIX: deleting a flagged post issue
cf. http://meta.discourse.org/t/deleting-a-flagged-post-issue/10061

The bug was only happening when you were about the delete the first post, which means deleting the entire topic.
2013-10-02 16:59:57 +02:00
Sam af467a1675 404 page had horrible perf, it was using "take" instead of limit.
in such cases EVERY row is materialized and only after the limit is applied.

So ... imagine what happens on a forum with 2,000,000 topics
2013-10-02 13:05:03 +10:00
Robin Ward be0ce08cc2 Ember Upgrade: 1.0 2013-10-01 11:16:27 -04:00
Sam f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Robin Ward 3f0c03a20c FIX: Prevent unauthorized list of private message titles. Also remove some unused code. 2013-09-30 14:35:11 -04:00
Régis Hanol cd4cda5b4c allow users to specify thumbnail size 2013-09-27 10:57:31 +02:00
Neil Lalonde b06f928568 Fix missing provider param message when using Persona 2013-09-23 09:46:25 -07:00
Neil Lalonde 13f17b2a5c Add ability to customize css and header for mobile 2013-09-16 12:28:02 -04:00
Matthieu Guillemot 3ba1f20674 New site settings to enable/disable the possibility of editing user's nickname or email address 2013-09-14 21:34:21 +09:00
Robin Ward 7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Neil Lalonde 4fa11f159f Add site setting site_description. If filled, it will be used in meta description tag for teh white hat SEO 2013-09-11 15:33:27 -04:00
Neil Lalonde fe3693cdef Merge branch 'master' of github.com:discourse/discourse 2013-09-11 10:20:27 -04:00
Sam e26b3662ee drafts were saving but client was failing to parse 2013-09-11 16:18:46 +10:00
Sam efb15af209 not needed, already in private section 2013-09-11 16:18:17 +10:00
Neil Lalonde e8ef55c446 Rename StaffActionLog to UserHistory 2013-09-10 22:01:20 -04:00
Neil Lalonde 48ee89940e Merge pull request #1423 from einarj/nickname_registration_service
Nickname registration service object
2013-09-09 11:37:56 -07:00
Neil Lalonde b73f4e9864 Put category description in meta description tag 2013-09-09 11:38:09 -04:00
Einar Jonsson 724b3aadcf Extracted nickname registration out of the UsersController and into its
own service.
2013-09-09 09:26:50 +00:00
Régis Hanol 45b838009c proper content-disposition header when downloading attachments 2013-09-06 19:23:56 +02:00
Neil Lalonde 45d7765936 Merge branch 'master' into mobile 2013-09-05 15:54:22 -04:00
Robin Ward 71c1b8b9b9 When deleting a post as staff, ask if you want to delete direct replies too 2013-09-05 11:03:34 -04:00
Robin Ward f157ec1f91 Select +Replies for bulk operations 2013-09-05 11:03:29 -04:00
Robin Ward 46efbac40e Add "Unread" filter to messages tab. Rename the other two views. 2013-08-30 12:32:05 -04:00
Emili Parreno ee96fabcba Allow CAS authentication 2013-08-28 14:34:51 +02:00
Sam 61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Neil Lalonde 9efa29e688 Detect whether to use mobile view. Session var mobile_view can override automatic detection. 2013-08-27 14:57:42 -04:00
Neil Lalonde 89265c3a8b FIX: BAD CSRF on login. Don't check csrf in the fake login form since it doesn't actually do anything. 2013-08-27 11:31:14 -04:00
Sam c4a0152dc6 recover from bad CSRF tokens without requiring a hard refresh of the browser 2013-08-27 15:56:12 +10:00
Einar Jonsson 9085cec232 Move json hash from users controller to NicknameUnavailable 2013-08-26 15:00:11 +00:00
Sam afd1a3ac7b yeah ... we should be installing the gem :) 2013-08-26 13:52:15 +10:00
Sam 213ce33af2 Fixed all broken specs
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam b52aba15e0 major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-26 12:59:17 +10:00
Sam 90dddb4395 store honeypot challenge in redis for extra security 2013-08-26 12:55:13 +10:00
Sam c4a2e62a95 Merge pull request #1378 from justin808/justin808_cc
Lower Complexity of UsersController
2013-08-25 17:14:39 -07:00
Einar Jonsson 0d22a77c63 Added test case for nickname registration failure
* Also made a minor readability change by moving the auth.present? check
* from UsersController#create into #create_third_party_auth_records
* which is the method that relies on the check.
2013-08-25 20:18:07 +00:00
Robin Ward b32e87c929 Merge pull request #1377 from ZogStriP/avatar-work
Improved specs for avatar + added a warning whenever the uploaded image is not a square
2013-08-25 07:30:34 -07:00
Robin Ward b74754e673 Merge pull request #1371 from einarj/cleanup_user_registration
Extracted nickname registration into a private controller method
2013-08-25 07:30:10 -07:00
Robin Ward e1efde6707 Merge pull request #1376 from gcapizzi/lists_controller_refactoring
ListController refactoring
2013-08-25 07:29:35 -07:00
Justin Gordon 464595df5c Lower Complexity of UsersController
https://codeclimate.com/github/discourse/discourse/UsersController#method-complexity
2013-08-24 22:57:12 -10:00
Robin Ward c0b051c9f6 Show Private Messages pill as a topic list rather than individual messages. 2013-08-24 16:58:16 -04:00
Régis Hanol 3b9e62e6b9 improved specs for avatar 2013-08-24 22:45:05 +02:00
Giuseppe Capizzi 6f19cb7252 Extract ListController#list_target_user 2013-08-24 19:38:02 +02:00
Einar Jonsson 84987cd835 Extracted nickname registration into a private controller method 2013-08-23 09:46:33 +00:00
Neil Lalonde 86012ac579 Fix a case when the wrong topic is loaded because the slug starts with a number 2013-08-22 16:23:46 -04:00
Sam d7596840e5 only staff should be able to see bookmarks and favs of other users
ensure that when they click on them they see the correct topics (topics for user they are looking at, not current user)
2013-08-22 09:18:54 +10:00
Neil Lalonde 47add6da70 Log when a site customization is deleted 2013-08-21 12:33:24 -04:00
Neil Lalonde a95303fcd8 Log site customization changes. Use a modal to show staff action log details for site customizations. 2013-08-21 12:33:24 -04:00
Einar Jonsson 916a3f33f2 Refactored user activation business logic out of UsersController and
into a UserActivator class.
2013-08-21 09:22:34 +00:00
Neil Lalonde 3abeb5f793 Staff action logs can be filtered to changes of one site setting 2013-08-20 13:50:51 -04:00
Sam df2b0b47bd Merge pull request #1360 from michaelkirk/feature/oauth2
not recording Oauth2 user email
2013-08-19 14:57:05 -07:00
Neil Lalonde 1d030666d8 Log site setting changes and show in admin 2013-08-19 16:58:38 -04:00
Michael Kirk 9e8d8870f5 fixed: record Oauth2 user email 2013-08-19 11:21:27 -07:00
Sam a9393e4a7a paging for flag list
corrected reload behavior on flag list
refactored post actions ... extracted flag queries
2013-08-19 21:14:26 +10:00
Michael Kirk 4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol ea6e73076b change your avatar in a modal 2013-08-17 00:35:29 +02:00
Neil Lalonde b6285b85d2 Add reject option to pending users page 2013-08-16 11:42:43 -04:00
Neil Lalonde 293361dcd3 Screened URLs list in admin 2013-08-15 10:52:26 -04:00