Commit Graph

1546 Commits

Author SHA1 Message Date
Martin Brennan 7c32411881
FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664)
### General Changes and Duplication

* We now consider a post `with_secure_media?` if it is in a read-restricted category.
* When uploading we now set an upload's secure status straight away.
* When uploading if `SiteSetting.secure_media` is enabled, we do not check to see if the upload already exists using the `sha1` digest of the upload. The `sha1` column of the upload is filled with a `SecureRandom.hex(20)` value which is the same length as `Upload::SHA1_LENGTH`. The `original_sha1` column is filled with the _real_ sha1 digest of the file. 
* Whether an upload `should_be_secure?` is now determined by whether the `access_control_post` is `with_secure_media?` (if there is no access control post then we leave the secure status as is).
* When serializing the upload, we now cook the URL if the upload is secure. This is so it shows up correctly in the composer preview, because we set secure status on upload.

### Viewing Secure Media

* The secure-media-upload URL will take the post that the upload is attached to into account via `Guardian.can_see?` for access permissions
* If there is no `access_control_post` then we just deliver the media. This should be a rare occurrance and shouldn't cause issues as the `access_control_post` is set when `link_post_uploads` is called via `CookedPostProcessor`

### Removed

We no longer do any of these because we do not reuse uploads by sha1 if secure media is enabled.

* We no longer have a way to prevent cross-posting of a secure upload from a private context to a public context.
* We no longer have to set `secure: false` for uploads when uploading for a theme component.
2020-01-16 13:50:27 +10:00
Robin Ward f7a7263164 FIX: Show uncategorized description on categories page 2020-01-03 11:46:18 -05:00
Robin Ward fe7bb62387 FIX: Descriptions were blank for uncategorized in hamburger menu 2020-01-03 11:10:06 -05:00
David Taylor 45c5f56ffc
PERF: Reduce DB queries when serializing ignore/mute information (#8629)
* PERF: Cache ignored and muted user ids in the current_user object
* PERF: Avoid DB queries when checking ignore/mute permission in guardian
2020-01-02 13:04:08 +00:00
Roman Rizzi 16d97573f9
DEV: Improve support for extending flags. (#8619)
- Ensure that the 'notify_moderators' flag is always the last flag when using custom flags.
- Support passign a custom FlagSettings object when replacing flags to reuse existing ones.
2019-12-27 08:41:50 -03:00
Jeff Wong 036a24cf30
FIX: correct user serializer user method for extended serializer (#8590)
A small fix for Basic User Serializers where some downstream serializers do not correctly set user objects. This caused some issues in certain plugins that depend on the user method to return a user.
2019-12-19 09:48:01 -08:00
Dan Ungureanu 069bc70bd4
UX: Improve sub-sub-categories styling in categories list (#8593)
- Using h4 instead of h3 for sub-categories.
- Show category description if it does not have subcategories.
- Implemented equivalent for mobile-view.
- Include description_excerpt in basic serializer. This is needed for
  displaying second-level categories in category list.

Follow-up to 9253cb79e3.
2019-12-19 17:09:45 +02:00
David Taylor 4c9ca24ccf
FEATURE: Hash API keys in the database (#8438)
API keys are now only visible when first created. After that, only the first four characters are stored in the database for identification, along with an sha256 hash of the full key. This makes key usage easier to audit, and ensures attackers would not have access to the live site in the event of a database leak.

This makes the merge lower risk, because we have some time to revert if needed. Once the change is confirmed to be working, we will add a second commit to drop the `key` column.
2019-12-12 11:45:00 +00:00
Martin Brennan 9f4c9bafa1
FIX: Hide old bookmark button on post-menu if SiteSetting.enable_bookmarks_with_reminders
Hide old bookmark post-menu item if the site setting for the new bookmark reminders is enabled and change icon for the new bookmark functionality to the same as the old bookmark button
Fix null @topic_view error in post serializer for post_bookmark, as new posts do not have a @topic_view
2019-12-12 16:28:01 +10:00
David Taylor 1e59371a4f DEV: Remove unused omit_stats variable from user serializer (#8513)
* DEV: Remove unused omit_stats variable from user serializer

This was hard-coded to true in a8b5192efd, and is no longer used anywhere

* Remove attribute declarations
2019-12-12 13:27:23 +11:00
Martin Brennan 6261339da9
Improving bookmarks part 1 (#8466)
Note: All of this functionality is hidden behind a hidden, default false, site setting called `enable_bookmarks_with_reminders`. Also, any feedback on Ember code would be greatly appreciated!

This is part 1 of the bookmark improvements. The next PR will address the backend logic to send reminder notifications for bookmarked posts to users. This PR adds the following functionality:

* We are adding a new `bookmarks` table and `Bookmark` model to make the bookmarks a first-class citizen and to allow attaching reminders to them.
* Posts now have a new button in their actions menu that has the icon of an actual book
* Clicking the button opens the new bookmark modal.
* Both name and the reminder type are optional.
* If you close the modal without doing anything, the bookmark is saved with no reminder.
* If you click the Cancel button, no bookmark is saved at all.
* All of the reminder type tiles are dynamic and the times they show will be based on your user timezone set in your profile (this should already be set for you).
* If for some reason a user does not have their timezone set they will not be able to set a reminder, but they will still be able to create a bookmark.
* A bookmark can be deleted by clicking on the book icon again which will be red if the post is bookmarked.

This PR does NOT do anything to migrate or change existing bookmarks in the form of `PostActions`, the two features live side-by-side here. Also this does nothing to the topic bookmarking.
2019-12-11 14:04:02 +10:00
Krzysztof Kotlarek 81c7d6a462
FIX: Muted tags are respected by TopicTrackingState (#8467)
When the tag is muted and topic contains that tag, we should not mark that message as NEW.

There are 3 possible settings which site admin can set.
remove_muted_tags_from_latest - always
It means that if the topic got at least one muted tag, we should not mark that topic as NEW

remove_muted_tags_from_latest - only muted
Similar to above, however, if at least one tag is not muted, the topic is marked as NEW

remove_muted_tags_from_latest - never
Basically, mute tag setting is ignored and all topics are set as NEW
2019-12-10 09:50:05 +11:00
Mark VanLandingham 14cb386f1e
FEATURE: Featured topic for user profile & card (#8461) 2019-12-09 11:15:47 -08:00
Neil Lalonde 875f0d8fd8
FEATURE: Tag synonyms
This feature adds the ability to define synonyms for tags, and the ability to merge one tag into another while keeping it as a synonym. For example, tags named "js" and "java-script" can be synonyms of "javascript". When searching and creating topics using synonyms, they will be mapped to the base tag.

Along with this change is a new UI found on each tag's page (for example, `/tags/javascript`) where more information about the tag can be shown. It will list the synonyms, which categories it's restricted to (if any), and which tag groups it belongs to (if tag group names are public on the `/tags` page by enabling the "tags listed by group" setting). Staff users will be able to manage tags in this UI, merge tags, and add/remove synonyms.
2019-12-04 13:33:51 -05:00
Vinoth Kannan 400f79cffc FEATURE: add `topic_filtered_posts_count` attribute to web hook post serializer. 2019-12-04 22:52:44 +05:30
Blake Erickson 69213d2ea4 FIX: 500 error for missing badge grouping (#8446)
If a badge grouping happens to have been deleted a 500 error will be
thrown when looking a user's badges.

This fix allows the badge page to still be shown without any errors. The
badge with the missing badge grouping is still displayed.

I'll follow up with a separate pr/commit that will ensure if a badge
grouping is deleted, all badges with that badge_grouping_id will also be
updated.
2019-12-03 18:37:01 +11:00
Martin Brennan f3109a1f25 Add timezone to current_user_serializer (#8448)
* the code to get current user already got their
  user_option record as well, so adding the timezone
  column to the attributes returned should not create
  any additional overhead. this timezone will be very
  useful for getting momentjs dates relative to the
  user's timezone
2019-12-03 18:31:15 +11:00
Robin Ward 7fee3c61de
Support for custom messages and redirects when creating posts (#8434)
* Support for custom messages and redirects when creating posts

When a post/topic is created Discourse serializes a `NewPostResult`
object. Normally this contains a status like `created_post` or
errors describing why the post could not be created.

There are times when a plugin might want to take the inputted post
and do something in the background. In this case, the plugin
can return a custom `message` and `route_to` attribute in the
`NewPostResult`.

If present, the message will be displayed in an alert, and when "Ok" is
clicked the user will be routed to the new URL.

* Destroy the draft in parallel
2019-11-29 09:30:54 -05:00
Jarek Radosz 0911a9202e
FIX: Make sure the suspended status is up to date (#8432)
Continuation of #8206

The returned suspend attribute was overwriting a computed property, which made the user admin page go out of sync.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-11-28 16:46:14 +01:00
David Taylor b6e08c06c5 DEV: Remove unused user_auth_token_log_serializer
Usage was removed in f2331ef07f
2019-11-27 16:50:31 +00:00
Arpit Jalan 2dd47df6d1 FIX: show updated_at for invite sent date. 2019-11-26 13:22:48 +05:30
Dan Ungureanu a992caf741
DEV: Replace magic values (#8398)
Follow-up to 35942f7c7c.
2019-11-25 14:32:19 +02:00
Martin Brennan afb5533581
FEATURE: Add timezone to core user_options (#8380)
* Add timezone to user_options table

* Also migrate existing timezone values from UserCustomField,
  which is where the discourse-calendar plugin is storing them

* Allow user to change their core timezone from Profile

* Auto guess & set timezone on login & invite accept & signup

* Serialize user_options.timezone for group members. this is so discourse-group-timezones can access the core user timezone, as it is being removed in discourse-calendar.

* Annotate user_option with timezone

* Validate timezone values
2019-11-25 10:49:27 +10:00
Vinoth Kannan 3bb7ad4be1
FEATURE: remove support for 'suppress_from_latest' category setting. (#8308) 2019-11-18 12:28:35 +05:30
Jeff Wong 786fcceb62 Return full URLs in review serializer for both post and topic
Return full URLs, this fixes reviewable links to support subfolder
2019-11-14 15:58:21 -08:00
Penar Musaraj 067696df8f DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
Penar Musaraj 6c16d5762c No need for return in last statement of method 2019-11-14 14:32:22 -05:00
Penar Musaraj 59ee89f0b7
UX: Adds +n indicator in PM topic list (#8353)
Shows the number of additional PM recipients in list when there are more than 5.
2019-11-14 14:14:23 -05:00
Krzysztof Kotlarek 6e1fe22a9d
FEATURE: Dismiss new per category (#8330)
Ability to dismiss new topics per category.
2019-11-14 11:16:13 +11:00
Dan Ungureanu 6672dcc985
FIX: Keep emoji images in group bio excerpt (#8329) 2019-11-11 18:42:08 +02:00
Martin Brennan 64b4a7ba45
FIX: Ensure enforce 2FA for staff satisfied by security keys (#8316)
* If a staff user created only a security key as their single 2FA option. they continued to be prompted to create a 2FA option because we only considered this condition satisfied if a TOTP was added.
* The condition is now satisfied if TOTP OR security keys are enabled.
2019-11-08 15:11:53 +10:00
David Taylor 52c5cf33f8
FEATURE: Overhaul of admin API key system (#8284)
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
2019-11-05 14:10:23 +00:00
Neil Lalonde d777844ed6 FEATURE: categories can require topics have a tag from a tag group
In a category's settings, the Tags tab has two new fields to
specify the number of tags that must be added to a topic
from a tag group. When creating a new topic, an error will be
shown to the user if the requirement isn't met.
2019-10-31 16:10:19 -04:00
Mark VanLandingham 4eb54f08b2
FEATURE: Site setting/UI to allow users to set their primary group (#8244)
* FEATURE: Site setting/ui to allow users to set their primary group

* prettier and remove logic from account template

* added 1 to 43 to make web_hook_user_serializer_spec pass
2019-10-28 12:46:27 -05:00
Vinoth Kannan 31577b2131 FEATURE: wiki editors are allowed edit tags for wiki topics.
If a wiki editor's TL is greater than 'min trust level to tag topics' site setting then they can edit the tags for any wiki topic.
2019-10-23 23:35:38 +05:30
romanrizzi e112369bb6 FIX: Exclude image_url from web_hook_topic_view_serializer 2019-10-22 11:53:24 -03:00
Blake Erickson 3201613f13 FEATURE: Include image url in topic serializer
The `image_url` is already included when fetching a list of topics, and
this commit adds it to the individual topic serializer so that it is
available via the api.

See

https://meta.discourse.org/t/single-topic-api-endpoint-should-contain-image-url/131020

for more details.
2019-10-21 22:02:49 -06:00
Blake Erickson ef0fe51e05
FIX: Include user id in notification webhook (#8195)
The payload when receiving a notification webhook is pointless without
knowing which user the notification is for. This fix adds the user_id to
the notification serializer so that when you receive a notification
webhook you can properly identify which user the notification is for.

See

https://meta.discourse.org/t/getting-the-target-user-for-notification-webhook-events/129052?u=blake

for more details.
2019-10-21 16:24:41 -06:00
David Taylor 445a3851d6 FEATURE: Display created and last_used dates for API keys 2019-10-09 14:24:41 +01:00
Mark VanLandingham 057f698e37 FIX: Store user_accuracy_bonus to clarify explanations (#8165)
* FIX: Store user_accuracy_bonus to clarify explanations

* Fixed specs from rounding change

* migration cleanup

* user_accuracy_bonus column not nullable
2019-10-08 09:49:07 -04:00
Dan Ungureanu fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. (#8014)
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
David Taylor d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Krzysztof Kotlarek 427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
Ryan Boder b7ebe574df FEATURE: Add topic and category context to post webhook payload (#8110)
Adds additional fields topic_archetype and category_slug to the post
webhook so that handlers have some context about the post event without
having to call back to the API.

Discussed [here](https://meta.discourse.org/t/webhooks-how-best-to-differentiate-a-pm-from-a-public-post/76363/13).
2019-10-02 11:41:33 +10:00
David Taylor 479fdaaea1
DEV: Allow specifying button class in reviewable action definitions (#8093)
This avoids the need for using `@extend` in SCSS, which can be problematic in plugins

For context, see https://review.discourse.org/t/fix-make-compatible-with-debundled-plugin-css-assets-feature/5297/7
2019-09-18 11:28:59 +01:00
Robin Ward 5bf3a00328 FIX: Ignored flags should not count in your accuracy score 2019-09-17 14:54:20 -04:00
Roman Rizzi 7d5f3c1338 UX/PERF: Update readers count when a post from another user is read. Don't fetch the post data again just to update the count. (#8078) 2019-09-09 11:29:15 +10:00
Robin Ward bde0ef865f
FEATURE: Adds a pop up that shows a more detailed score for reviewables (#8035)
If you click a (?) icon beside the reviewable status a pop up will
appear with expanded informatio that explains how the reviewable got its
score, and how it compares to system thresholds.
2019-09-04 09:56:25 -06:00
Roman Rizzi ebb389ef8a
UX: Read indicator improvements. (#8049)
* The read indicator now shows up when no member has read the last post of the topic (written by a non-member)
* The read indicator works on mobile and receives live updates from message bus
* The icon we display in the topic list was changed
* Added a title to the indicator to indicate its purpose when hovering over it
2019-08-29 12:03:43 -03:00
Roman Rizzi 7c741fa0d6
FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025)
* Revert "Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)""

This reverts commit 36425eb9f0.

* Fix: Show who read only if the attribute is enabled

* PERF: Precalculate the last post  readed by a group member

* Use book-reader icon instear of far-eye

* FIX: update topic groups correctly

* DEV: Tidy up read indicator update on write
2019-08-27 09:09:00 -03:00
David Taylor f2331ef07f
DEV: Stop serializing user_auth_token_logs (#8043)
These are no longer used in the user interface
2019-08-27 13:07:03 +01:00
romanrizzi 36425eb9f0 Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)"
This reverts commit 5dda5c2f7c.
2019-08-20 13:29:22 -03:00
Roman Rizzi 5dda5c2f7c
FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)
* Reenable: "FEATURE: Publish read state on group messages. (#7989)"

This reverts commit 67f5cc1ce8.

* FIX: Read indicator only appears when the group setting is enabled
2019-08-20 11:57:25 -03:00
romanrizzi 67f5cc1ce8 Revert "FEATURE: Publish read state on group messages. (#7989)"
This reverts commit 1630dae2db.
2019-08-20 10:24:34 -03:00
Roman Rizzi 1630dae2db
FEATURE: Publish read state on group messages. (#7989)
* Enable or disable read state based on group attribute

* When read state needs to be published, the minimum unread count is calculated in the topic query. This way, we can know if someone reads the last post

* The option can be enabled/disabled from the UI

* The read indicator will live-updated using message bus

* Show read indicator on every post

* The read indicator now shows read count and can be expanded to see user avatars

* Read count gets updated everytime someone reads a message

* Simplify topic-list read indicator logic

* Unsubscribe from message bus on willDestroyElement, removed unnecesarry values from post-menu, and added a comment to explain where does minimum_unread_count comes from
2019-08-20 09:46:57 -03:00
Dan Ungureanu 0b1146add4
UX: Hide "Create Tag" option if user cannot create tag. (#7723) 2019-08-19 11:40:56 +03:00
Sam Saffron accbbded15 PERF: avoid N+1 on topic view
Serializer is injecting information into cooked and reaching direct to
custom fields that were not preloaded

This amends it so basic post serializer can use the proper interface

That said we should probably follow this up so we don't reach for this
info on every post.
2019-08-19 17:20:56 +10:00
Vinoth Kannan 88359b0f16
FEATURE: add support for group members visibility level (#8004)
There are 5 visibility levels (similar to group visibility)

public (default)
logged-in users
members only
staff
owners

Admins & group owners always have visibility to group members.
2019-08-14 19:00:04 +05:30
Bianca Nenciu ba396a5384
DEV: Use ResultSet with staff action logs. (#7661) 2019-08-13 20:55:05 +03:00
David Taylor d348368ab6
FEATURE: Allow themes to override color transformation variables (#7987)
Theme developers can now add any of the transformed color variables to their color scheme in about.json. For example

```
  "color_schemes": {
    "Light": {
      "primary": "333333",
      "secondary": "ffffff",
      "primary-low": "ff0000"
    }
  },
```

would override the primary-low variable when compiling SCSS for the color scheme. The primary-low variable will also be visible in administrator color palette UI.
2019-08-12 11:02:38 +01:00
Bianca Nenciu b60b2a342f
FIX: Show membership requests link just for group owners. (#7543) 2019-08-06 13:28:22 +03:00
David Taylor 06e757245f FEATURE: Add a test facility to the watched words admin interface 2019-08-02 15:29:12 +01:00
David Taylor 39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Osama Sayegh 13e74151a9
FEATURE: list category moderators on the about page (#7916)
https://meta.discourse.org/t/category-group-review-moderation/116478?u=osama
2019-07-31 16:46:58 +03:00
Neil Lalonde 9656a21fdb
FEATURE: customization of html emails (#7934)
This feature adds the ability to customize the HTML part of all emails using a custom HTML template and optionally some CSS to style it. The CSS will be parsed and converted into inline styles because CSS is poorly supported by email clients. When writing the custom HTML and CSS, be aware of what email clients support. Keep customizations very simple.

Customizations can be added and edited in Admin > Customize > Email Style.

Since the summary email is already heavily styled, there is a setting to disable custom styles for summary emails called "apply custom styles to digest" found in Admin > Settings > Email.

As part of this work, RTL locales are now rendered correctly for all emails.
2019-07-30 15:05:08 -04:00
Robin Ward e47e0af123
FEATURE: Allow viewing of raw emails for reviewable queued posts (#7910)
If a post arrives via email but must be reviewed, we now show an
icon that can be clicked to view the raw contents of the email.

This is useful if Discourse's email parser is acting odd and the user
reviewing the post wants to know what the original contents were before
approving/rejecting the post.
2019-07-19 11:56:14 -04:00
Joffrey JAFFEUX 71bf9ec1b2
FEATURE: opt-in guidance on topics for users without access (#7852)
Co-Authored-By: majakomel <maja.komel@gmail.com>
Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2019-07-04 10:12:39 +02:00
Osama Sayegh 3d64532273 FEATURE: allow disabling theme components (#7812)
This allows you to temporarily disable components without having to remove them from a theme. 

This feature is very handy when doing quick fix engineering.
2019-07-03 18:18:11 +10:00
Osama Sayegh f1c67729de Different fix (#7815) 2019-07-02 11:53:16 +10:00
Sam Saffron 4dcc5f16f1 FEATURE: when under extreme load disable search
The global setting disable_search_queue_threshold
(DISCOURSE_DISABLE_SEARCH_QUEUE_THRESHOLD) which default to 1 second was
added.

This protection ensures that when the application is unable to keep up with
requests it will simply turn off search till it is not backed up.

To disable this protection set this to 0.
2019-07-02 11:22:01 +10:00
Robin Ward 8c4e16eafd FIX: In reply to would sometimes have a broken link 2019-06-10 11:33:10 -04:00
Arpit Jalan 9acd851b9a FIX: correct link to list of watched words 2019-06-06 20:21:54 +05:30
Robin Ward ea5767e935 FIX: Broken serializer spec with no payload 2019-06-05 12:44:56 -04:00
Robin Ward f1d547c301 FEATURE: Show "in reply to" on the review queue
We now show if a queued or flagged post is a reply to another when in
the review queue. It's especially helpful for queued posts where
normally they are linked to the topic where they are created, and you
have no context about the reply.

Note that this will only apply to new queued posts going forward.
Previously queued posts will not show the "in reply to"
2019-06-05 12:34:41 -04:00
Vinoth Kannan 871fcf1117 PERF: omit user profile and private message stats in web hook serializer. 2019-06-04 08:44:10 +05:30
Guo Xiang Tan 55fd3acea0 Revert "FIX: Undefined method when serializing a user"
This reverts commit 1fbe078ae0.

`UserProfile` is created in a callback after the user has been created.
As such, it should be impossible for a user to not have a blank
`UserProfile`. This was also improved in
4f5c9bb8d3.
2019-06-04 09:30:30 +08:00
Robin Ward 74eaa5e7ec FIX: For API consumption it's easier if the lings are the full URL 2019-05-31 14:04:54 -04:00
David Taylor 03363d03e8 FEATURE: Load theme setting descriptions from theme locale files
Previously theme setting descriptions were defined in the `settings.yml` file like this:
```
setting_name:
  default: "My Default Value"
  description:
    en: "English description"
    fr: "French description"
```

This commit allows developers to store the localised descriptions in the theme locale files instead:
```
en:
  theme_metadata:
    description: Theme Description
    settings:
      setting_name: "The localised description for setting_name"
```
2019-05-31 14:49:59 +01:00
Sam Saffron 3b8819f0ab FEATURE: add support for defer topic functionality
This feature allows end users to "defer" topics by marking them unread

The functionality is default disabled. This also introduces the new site
setting default_other_enable_defer: to enable this by default on new user
accounts.
2019-05-31 15:44:35 +10:00
Bianca Nenciu 8196af165d FIX: Add Chromebook detection. 2019-05-30 16:29:51 +03:00
Blake Erickson 1fbe078ae0 FIX: Undefined method when serializing a user
Apparently is is possible to have a user without a user_profile. This
fix will return nil for any user_profile fields during serialization
(like the after delete web hook) instead of blowing up.
2019-05-23 19:44:55 -06:00
Robin Ward e74cd54fc6 REFACTOR: Replace score bonuses with low/med/high priorities
We removed score from the UX so it makes more sense to have sites set
priorities instead of score bonuses.
2019-05-23 11:54:45 -04:00
Gerhard Schlager 81c329fbb8 FIX: Customizing missing pluralized translations didn't work 2019-05-13 09:36:05 +02:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan 63a3caa516 FIX: Don't display option for users to flag and notify a bot. 2019-05-10 10:05:03 +08:00
Robin Ward b380ed5282 FEATURE: Claim Reviewables by Topic
This is a feature that used to be present in discourse-assign but is
much easier to implement in core. It also allows a topic to be assigned
without it claiming for review and vice versa and allows it to work with
category group reviewers.
2019-05-09 13:40:36 -04:00
Sam Saffron cac80cdc3b DEV: more send -> public_send changes
This is a work in progress commit for more send to public_send conversions

Also adds some comments for cases where we need to keep send
2019-05-07 11:58:06 +10:00
Guo Xiang Tan 152238b4cf DEV: Prefer `public_send` over `send`. 2019-05-07 09:33:21 +08:00
Sam Saffron 9be70a22cd DEV: introduce new API to look up dynamic site setting
This removes all uses of both `send` and `public_send` from consumers of
SiteSetting and instead introduces a `get` helper for dynamic lookup

This leads to much cleaner and safer code long term as we are always explicit
to test that a site setting is really there before sending an arbitrary
string to the class

It also removes a couple of risky stubs from the auth provider test
2019-05-07 11:00:30 +10:00
Robin Ward 31e100530f FEATURE: Flag count in post menu
This change shows a notification number besides the flag icon in the
post menu if there is reviewable content associated with the post.
Additionally, if there is pending stuff to review, the icon has a red
background.

We have also removed the list of links below a post with the flag
status. A reviewer is meant to click the number beside the flag icon to
view the flags. As a consequence of losing those links, we've removed
the ability to undo or ignore flags below a post.
2019-05-06 16:13:31 -04:00
Sam Saffron f8eddd40ad PERF: remove avg_time calculations and regular jobs from posts and topics
After careful analysis of large data-sets it became apparent that avg_time
had no impact whatsoever on "best of" topic scoring. Calculating avg_time
was a very costly operation especially on large databases.

We have some longer term plans of introducing other weighting that is read
time based into our scoring for "best of" and "top" topics, but in the
interim to stop a large amount of work that is not achieving any value we
are removing the jobs.

Column removal will follow once we decide on a new replacement metric.
2019-05-06 15:59:01 +10:00
Robin Ward 99a2a769d4 FIX: Conflict error (version was already used) 2019-05-03 16:36:37 -04:00
Robin Ward 15c9b00307 FEATURE: Show edit indicator on review queue
If a flagged post has edits, show the pencil icon and pop up the history
window when clicked.
2019-05-03 11:21:33 -04:00
Guo Xiang Tan 24347ace10 FIX: Properly associate user_profiles background urls via upload id.
`Upload#url` is more likely and can change from time to time. When it
does changes, we don't want to have to look through multiple tables to
ensure that the URLs are all up to date. Instead, we simply associate
uploads properly to `UserProfile` so that it does not have to replicate
the URLs in the table.
2019-05-02 14:58:24 +08:00
Robin Ward 404b35bd04 FEATURE: Category Reviewable by Group
Allow a group to review content in a particular category.
2019-04-30 15:23:06 -04:00
Dan Ungureanu 57d1dea8a2
FEATURE: Let staff add custom post notices. (#7377) 2019-04-19 17:53:58 +03:00
Maja Komel 1f17d52f55 UX: new layout for groups page, allow changes to automatic group bio (#7350) 2019-04-17 22:44:30 -04:00
Robin Ward cd2e93b598 FIX: Show when a post has been deleted in the flag review queue 2019-04-17 16:14:36 -04:00
Robin Ward 14f9d40e48 FEATURE: Clarify Reviewable User Actions
"Approve" is now "Approve User" and "Delete" is a dropdown with a choice
that allows you to block.
2019-04-17 11:44:17 -04:00
Robin Ward ba6d4b2a8d FIX: Better handling for toggling `must_approve_users`
If you turn it on now, default all users to approved since they were
previously. Also support approving a user that doesn't have a reviewable
record (it will be created first.)

This also includes a refactor to move class method calls to
`DiscourseEvent` into an initializer. Otherwise the load order of
classes makes a difference in the test environment and some settings
might be triggered and others not, randomly.
2019-04-16 15:56:35 -04:00
Robin Ward a5d9afe397 FEATURE: Include a user's pending posts in the topic view
Also includes a refactor to TopicView's serializer which was not
building our attributes using serializers properly.
2019-04-12 14:25:12 -04:00
David Taylor 24ef4f7b2b Remove support for disable_jump_reply user setting (#7359) 2019-04-12 09:03:06 +10:00
David Taylor dc703adad7 FEATURE: Add user preference for title counter mode (#7364) 2019-04-12 09:02:18 +10:00
Robin Ward 331a809738 FEATURE: Display the reason for many reviewable items
Queued Posts and Users will now display a reason why they are in the
review queue.
2019-04-11 12:04:45 -04:00
Dan Ungureanu 47c50d9a95
DEV: Add test for post notices. (#7352) 2019-04-10 22:06:27 +03:00
Roman Rizzi 82e051077d Show link to the original topic when it was deleted (#7319)
* Moved i18n keys to core. We show a links that points to the original topic when it was deleted

* Use link-to since it's more idiomatic
2019-04-10 11:25:45 +02:00
Robin Ward 9ebfdaa356 UX: Unify reviewable scores + history 2019-04-09 16:43:08 -04:00
Robin Ward 692e09d813 FIX: Only show "Approve" button for the admin user if reviewable 2019-04-09 11:14:52 -04:00
Robin Ward 0fc798c2ef UX: Show the score status
If a review review score has been Approved/Rejected/Ignored then show it
2019-04-08 12:08:18 -04:00
Robin Ward a6f283da30 UX: Show tags on flags too 2019-04-05 14:22:45 -04:00
Robin Ward cbc311e4ed UX: Update the reviewable count before the message bus
In certain edge cases, the message bus won't send the message to the
user about the updated review count and it can go out of sync.

This patch synchronizes the review count every time:

1. The user visits the "Needs Review" page

2. Every time the user performs an action
2019-04-05 10:35:38 -04:00
Tarek Khalil 131eba0366 FIX: Hide post replies content for ignored users (#7320) 2019-04-05 16:13:36 +02:00
Neil Lalonde 83996fc8ea FEATURE: ability to restrict some tags to a category while allowing all others
A new checkbox has been added to the Tags tab of the category settings modal
which is used when some tags and/or tag groups are restricted to the category,
and all other unrestricted tags should also be allowed.
Default is the same as the previous behaviour: only allow the specified set of
tags and tag groups in the category.
2019-04-04 16:40:15 -04:00
Robin Ward dd5b8bd85e FIX: Show replies to the post, not the topic
This makes more sense when reviewing. How many people replied to this
objectionable thing?
2019-04-04 15:13:59 -04:00
Robin Ward 9c8cc73c39 UX: Show user fields when reviewing a user 2019-04-04 14:45:40 -04:00
Robin Ward a4ff593506 UX: Slightly improved reviewable user display, plus link to admin if possible 2019-04-03 17:07:48 -04:00
Robin Ward 111a502231 FIX: Deleting Users should work nicely with Reviewable Users
"Rejecting" a user in the queue is equivalent to deleting them, which
would then making it impossible to review rejected users. Now we store
information about the user in the payload so if they are deleted things
still display in the Rejected view.

Secondly, if a user is destroyed outside of the review queue, it will
now automatically "Reject" that queue item.
2019-04-03 16:42:39 -04:00
Robin Ward 62956003c3 FEATURE: Allow users to customize bonuses for reviewable types
A new settings section in the review queue allows admins to specify that
certain types of flags should be weighted higher than others.
2019-04-03 11:18:34 -04:00
Robin Ward af04318aff FIX: Allow us to serialize reviewables with deleted topics 2019-04-02 09:36:49 -04:00
Robin Ward 6470c85fda UX: Link directly to the post, not to the topic 2019-04-01 14:29:14 -04:00
Robin Ward b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
David Taylor 0d3531c2f1 FEATURE: Allow auth providers to define specific icons
Previously we relied on the provider name matching the name of the icon. Now icon names are explicitly set. Plugin providers which do not define an icon will get the default "sign-in-alt" icon
2019-03-27 13:25:04 +00:00
Bianca Nenciu a9798f0c47
FEATURE: Add page for all group membership requests. (#6909) 2019-03-27 13:30:59 +02:00
Tarek Khalil ef2362a30f
FEATURE: Introducing new UI for changing User's notification levels (#7248)
* FEATURE: Introducing new UI for tracking User's ignored or muted states
2019-03-27 09:41:50 +00:00
Gerhard Schlager 4f04ae5692 FIX: Failed to show details about some bounced emails
Bounces sent to reply_by_email_address could not be found.
2019-03-26 18:00:27 +01:00
Gerhard Schlager de011b53b5 UX: Hide link to incoming email when there is no bounce key
For example, webhooks mark email log entries as bounced without there ever being an incoming email.
2019-03-26 18:00:27 +01:00
Vinoth Kannan b8bd031648 FIX: Always include custom fields in CategorySerializer
even if it is empty
2019-03-25 07:59:56 +05:30
Maja Komel 34730a0b16 UX: show if webhook is disabled (#7217)
+ show in staff logs when webhook is created/updated/destroyed
2019-03-21 16:13:09 +01:00
Tarek Khalil 1dd0fa0c4e
REFACTOR: Move redundant ignored user check into guardian (#7219)
* REFACTOR: Move redundant ignored user check into guardian
2019-03-20 19:55:46 +00:00
Tarek Khalil 5852e86226 FEATURE: Only allow TL2 Users to ignore other users (#7212) 2019-03-20 15:02:33 +01:00
Dan Ungureanu f2c6a160e5
DEV: Fix build.
Follow-up to eed1c9e0e3.
2019-03-20 12:45:00 +02:00
Tarek Khalil 3b59ff0d02 [FEATURE] Disallow ignoring self, admins or moderators users (#7202) 2019-03-20 11:18:46 +01:00
Dan Ungureanu eed1c9e0e3
FIX: Do not show post notices for bots. 2019-03-20 11:58:02 +02:00
Guo Xiang Tan 03c6b22c62 PERF: Reduce number of queries and size of payload when searching.
1. Remove `cooked` becaused only the blurb is used on the client side to
display search results.
2. Remove `ignored` because the result is not used in anyway when
searching for pots.
2019-03-20 14:40:39 +08:00
Bianca Nenciu 50e9a66e89 FIX: Improve UX for second factor enforcement. (#7207) 2019-03-20 15:40:25 +11:00
Guo Xiang Tan 5e410dc5e0
FEATURE: Ability to exclude category from search results. (#7194)
This commit also adds `Category#search_priority` which sets the ground
work to enable prioritizing of posts for certain categories when searching.
2019-03-18 15:25:45 +08:00
Vinoth Kannan 4477938ea7 DEV: Option to preload category custom fields for site serializer 2019-03-16 17:18:57 +05:30
Penar Musaraj 9334d2f4f7
FEATURE: add more granular user option levels for email notifications (#7143)
Migrates email user options to a new data structure, where `email_always`, `email_direct` and `email_private_messages` are replace by

* `email_messages_level`, with options: `always`, `only_when_away` and `never` (defaults to `always`)
* `email_level`, with options: `always`, `only_when_away` and `never` (defaults to `only_when_away`)
2019-03-15 10:55:11 -04:00
Guo Xiang Tan c5808a8a25 PERF: N+1 queries admin users pages. 2019-03-15 15:09:44 +08:00
Tarek Khalil 6f6dea87f3
FIX: optimise querying Post's serializer ignored attribute (#7169) 2019-03-14 12:10:53 +00:00
Dan Ungureanu 476d0050ab
FIX: Disable notices for posts by anonymous. 2019-03-13 00:20:19 +02:00
Dan Ungureanu 7310ee3ef1 FEATURE: Add more control over post notices. (#7148) 2019-03-13 08:06:28 +11:00
Bianca Nenciu e6c2faf186 FIX: Disable 'Create Topic' button if tag is staff-only. (#6984)
* FIX: Disable 'Create Topic' button if tag is staff-only.

* FIX: Staff-only tags should always return 404.
2019-03-12 19:23:36 +11:00
Dan Ungureanu ceec11a153
FIX: Make post notices invisible to poster. 2019-03-11 12:07:19 +02:00
Dan Ungureanu b28b418363
FIX: Various improvements to post notices.
- Notices are visible only by poster and trust level 2+ users.
- Notices are not generated for non-human or staged users.
- Notices are deleted when post is deleted.
2019-03-11 11:19:58 +02:00
Guo Xiang Tan 88355884c9 Exclude post_notice_* from web hook post payload. 2019-03-11 11:04:17 +08:00
Dan Ungureanu 35942f7c7c
FEATURE: Special call-out for new / returning posters. (#7115) 2019-03-08 10:48:35 +02:00
Tarek Khalil b58eea1fcb
FEATURE: Hide ignored user's Original Post content (#7113)
* FEATURE: Hide ignored user's Original Post content
2019-03-06 09:20:45 +00:00
Tarek Khalil 190b19f3c2
FEATURE: Add ignored user list to the User's preference page (#7107)
* FEATURE: Add ignored user list to the User's preference page

## Why?

Part of: https://meta.discourse.org/t/ability-to-ignore-a-user/110254

We want to add list of Ignored users under or along with the muted users preferences section.
This way Users can find and update their list of ignored users.

## UI


![gif](https://user-images.githubusercontent.com/45508821/53746179-8e9b3c00-3e98-11e9-9e90-94b8520896a6.gif)

## Open questions

Two of many options to represent a list of ignored users is that we can:

1. We can represent the ignored user list as a table with the ability to `un-ignore` but NOT to add new ignored users.
2. We can keep it functioning as the `muted user list` where you can `un-ignore` or `ignore` users.
2019-03-05 14:47:51 +00:00
Gerhard Schlager ccb48bef75 UX: Make Uncategorized category less confusing
* Adds warnings to the "Edit Category" dialog
* Doesn't hide the "Security" tab on the "Edit Category" dialog anymore. Instead, it shows an explanation why permissions can't be changed.
* Makes the category name translatable
* Hides the category name from the edit dialog (it can be customized by overriding the translation)
* Creates a translation override if the category has been renamed in the past
2019-03-05 14:42:41 +01:00
Joffrey JAFFEUX dc4001370c
FEATURE: displays groups in menu search (#7090) 2019-03-04 10:30:09 +01:00
Penar Musaraj 64a3d63ddc DEV: Rename some icons with deprecated names 2019-02-28 13:03:14 -05:00
Tarek Khalil 986cc8a0fb FEATURE: Introduce Ignore user (#7072) 2019-02-27 14:49:07 +01:00
Guo Xiang Tan 58b0e945bd
UX: Lightbox support for image uploader. (#7034) 2019-02-21 10:13:37 +08:00
Sam f8b70f4ca3 FIX: unable to create new categories
Previous attempt at 70adb940 missed the critical "everyone" group from
staff, leading to a case where staff was no longer able to create categories
2019-02-15 10:24:29 +11:00
Bianca Nenciu 70adb94008 SECURITY: Do not leak private group names. (#7008) 2019-02-14 15:35:58 +01:00
Gerhard Schlager cbedb6a1ac FEATURE: Hidden site setting to always include topic excerpt 2019-02-07 22:45:21 +01:00
David Taylor a3b47c1dd1 FEATURE: Allow string theme settings to display with multiple lines
To use, add `textarea: true` to the theme settings.yml. For example:

```
my_setting:
  default: "some string"
  textarea: true
```
2019-02-05 14:14:53 +00:00
David Taylor aca0b32fda
FEATURE: Allow overriding text size from a different device (#6955)
This brings the feature in line with the theme selection system
2019-01-28 11:19:50 +00:00
David Taylor a48731e359
FEATURE: Support additional metadata in theme about.json (#6944)
New `about.json` fields (all optional):
 - `authors`: An arbitrary string describing the theme authors
 - `theme_version`: An arbitrary string describing the theme version
 - `minimum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.
 - `maximum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.

A localized description for a theme can be provided in the language files under the `theme_metadata.description` key

The admin UI has been re-arranged to display this new information, and give more prominence to the remote theme options.
2019-01-25 14:19:01 +00:00
David Taylor afd449089f
FEATURE: Import and export themes in a .tar.gz format (#6916) 2019-01-23 14:40:21 +00:00
David Taylor 2e59a37687
FEATURE: List unused theme components (#6924) 2019-01-23 09:20:13 +00:00
Gerhard Schlager 457e6c7b37 FIX: Mods weren't able to see emails in admin user list 2019-01-18 15:37:30 +01:00
David Taylor 880311dd4d
FEATURE: Support for localized themes (#6848)
- Themes can supply translation files in a format like `/locales/{locale}.yml`. These files should be valid YAML, with a single top level key equal to the locale being defined. For now these can only be defined using the `discourse_theme` CLI, importing a `.tar.gz`, or from a GIT repository.

- Fallback is handled on a global level (if the locale is not defined in the theme), as well as on individual keys (if some keys are missing from the selected interface language).

- Administrators can override individual keys on a per-theme basis in the /admin/customize/themes user interface.

- Theme developers should access defined translations using the new theme prefix variables:
  JavaScript: `I18n.t(themePrefix("my_translation_key"))`
  Handlebars: `{{theme-i18n "my_translation_key"}}` or `{{i18n (theme-prefix "my_translation_key")}}`

- To design for backwards compatibility, theme developers can check for the presence of the `themePrefix` variable in JavaScript

- As part of this, the old `{{themeSetting.setting_name}}` syntax is deprecated in favour of `{{theme-setting "setting_name"}}`
2019-01-17 11:46:11 +00:00
Arpit Jalan c4422fdc13 UX: sort admins and moderators by last seen date on /about page
UX: only show active admins and moderators on /about page
2019-01-15 17:26:11 +05:30
David Taylor 1ebd3dbbd0
FEATURE: Allow the base font size to be changed on a per-user basis (#6859) 2019-01-14 13:21:46 +00:00
Arpit Jalan 08d21cc758 FIX: do not show full name on summary page unless the setting is enabled 2019-01-14 07:00:44 +05:30
Arpit Jalan 5e0f9eadb8
FIX: show user avatar on User summary page (#6872) 2019-01-11 23:39:06 +05:30
Robin Ward dbe42068a2 REFACTOR: Move option to return emails into the serializer
This makes more sense than having the guardian take an accessor.
The logic belongs in the Serializer, where the JSON is calculated.

Also removed some of the DRYness in the spec. It's fewer lines
and made it easier to test the option on the serializer.
2019-01-11 11:17:23 -05:00
Guo Xiang Tan d10694150e Revert "FIX: Partial reply key search in email sent logs."
This reverts commit e9b2018bc8.
2019-01-10 10:05:56 +08:00
Saurabh Patel b63b399799 DEV: remove uploaded_meta_id column from category (#6725)
* DEV: remove uploaded_meta_id column from category

* remove uploaded_meta part
2019-01-10 09:37:21 +08:00
Guo Xiang Tan e9b2018bc8 FIX: Partial reply key search in email sent logs.
Follow up to c85b9c6ed3
2019-01-10 09:25:14 +08:00
David Taylor 7feabd9e49 PERF: Eradicate N+1 queries from the theme admin page 2018-12-21 11:03:58 +02:00
Bianca Nenciu a06d310855 DEV: Refactor location string builders. (#6794) 2018-12-20 10:23:05 +01:00
Maja Komel 0ce5f05b2a FIX: hide emails on admin user list for moderators (#6781) 2018-12-19 10:24:57 +01:00
Vinoth Kannan 341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column (#6791) 2018-12-18 19:13:46 +05:30
Maja Komel 98d09c90ac Current user serializer groups (ef7f84b follow-up) 2018-12-18 09:05:45 +01:00
David Taylor 9f3e2a9e34
FIX: Only serialize group membership domains for administrators (#6771) 2018-12-14 15:47:00 +00:00
Maja Komel ef7f84b59b Add groups to current user serializer (#6748) 2018-12-10 16:23:29 +01:00
Saurabh Patel 9e3143445b DEV:add uploaded_meta option in category for category meta image (#6724) 2018-12-07 16:24:07 +01:00
David Taylor 5e09398c5b
FIX: Do not serialize user fields unless they are specified for display (#6736) 2018-12-07 10:57:28 +00:00
Maja Komel 1d649e147b FEATURE: show avatar flair on group, badges and directory pages (#6732) 2018-12-06 12:18:52 +01:00
Gerhard Schlager 43cfdb1cb9 FIX: Wizard tries harder to find existing Welcome Topic
The wizard searches for:

* a topic that with the "is_welcome_topic" custom field
* a topic with the correct slug for the current default locale
* a topic with the correct slug for the English locale
* the oldest globally pinned topic

It gives up if it didn't find any of the above.
2018-12-06 10:27:22 +01:00
Vinoth Kannan d33d031742
FEATURE: Filter topic and post web hook events by tags (#6726)
* FEATURE: Filter topic and post web hook events by tags

* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
Vinoth Kannan 1da265db11 UX: category images have no sizes (#6662) 2018-11-27 08:40:06 +08:00
Gerhard Schlager 2ef16e9f4e FIX: Failed to delete post belonging to non-existent topic 2018-11-22 15:08:37 +01:00
Sam 20268385a5 FIX: never attempt to log invalid post numbers
Previously in some cases we would queue logging of invalid post numbers

The impact would be we would miss logging an incoming link and would leak
an error.
2018-11-21 11:58:47 +11:00
Guo Xiang Tan fe131c5ea2 Fix missing avatars on topic list page.
Introduced in b50fab2d72
2018-11-19 14:55:41 +08:00
Guo Xiang Tan b50fab2d72 PERF: Fix N+1 for non-staff users when tagging is enabled. 2018-11-19 12:53:58 +08:00
Joffrey JAFFEUX 1730e0bc73
UX: shows a save changes for intermediate steps (#6612) 2018-11-15 20:44:19 +01:00
Robin Ward ea075fa4f7 FIX: Don't hide information from the card that is visible in the topic
It doesn't make sense to show less information on the card than already
visible.
2018-11-14 09:56:31 -05:00
Penar Musaraj f6fb079129 Disable wizard invites step when local_logins are turned off 2018-11-14 13:05:32 +01:00
Robin Ward 467be59d75 FEATURE: Allow expanded posts to return user custom fields 2018-11-13 12:44:54 -05:00
Sam e17a13ce19 FEATURE: additional "related messages" section
This splits out previous message correspondence from suggeted and instead
has a dedicated section called "related messages"
2018-11-12 13:04:42 +11:00
Gerhard Schlager 24e5be3f0c FIX: Relative links in translations should work with subfolder 2018-11-08 23:31:05 +00:00
Robin Ward ec91450aae FEATURE: Track how many user flags are agreed/disagreed/ignored
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
Sam ceafcbc898 FEATURE: show added date when looking at group members 2018-11-01 15:33:28 +11:00
Bianca Nenciu fa0e421af3 FIX: Do not leak information about post revisions. (#6536) 2018-10-31 14:47:00 +00:00
Sam 32b1f34910 PERF: avoid DNS lookups when getting IP info
Also cleans up interface in DiscourseIpInfo
grew cache to 2000 entries
2018-10-31 12:38:57 +11:00
Bianca Nenciu effbef7d0b UX: Use user locale for locations. (#6527)
* UX: Use user locale for locations.

* DEV: Added MaxMindDB test data and fixed test.
2018-10-25 10:54:01 +00:00
Guo Xiang Tan 84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3.
This reverts commit 3c59106bac.
2018-10-15 09:43:31 +08:00
Bianca Nenciu 048cdfbcfa FIX: Do not allow revoking the token of current session. (#6472)
* FIX: Do not allow revoking the token of current session.

* DEV: Add getter of current auth_token from Guardian.
2018-10-12 10:40:48 +11:00
Guo Xiang Tan 3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
This reverts commit c29a4dddc1.

We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
Robin Ward a566ed42ae FEATURE: Option to disable user presence and profile
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Bianca Nenciu 1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335)
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Vinoth Kannan a651d39b8a
FIX: Display errors in single theme pages (#6449)
Currently the errors are not well handled. So it breaks the whole UI of admin themes list page.
2018-10-04 02:33:06 +05:30
Joffrey JAFFEUX e51c676135 refactors trending search report to use SearchLog 2018-09-17 10:19:40 +10:00
OsamaSayegh c7d81e2682 FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard 2018-09-17 09:49:53 +10:00
Guo Xiang Tan 7256b3bf68 REFACTOR: Use `UserAuthTokenLogSerializer` instead of conditionals. 2018-09-03 10:44:22 +08:00
Bianca Nenciu f5e0356fb2 correct miscellaneous issues with user login history 2018-09-02 17:24:54 +10:00
Bianca Nenciu 39414068ff FIX: User agent browser detection (#6352) 2018-08-31 14:49:38 +02:00
Guo Xiang Tan 5a214a687c FIX: Exclude `UserAuthToken` and `UserAuthTokenLog` in user webhook. 2018-08-31 17:25:56 +08:00
Bianca Nenciu 931cffcebe FEATURE: Let users see their user auth tokens. (#6313) 2018-08-31 10:18:06 +02:00
Sam 9ab1fb7dfc FEATURE: correctly store width and height on uploads
Previously we used width and height for thumbnails, new code ensures

1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
 by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions

Also

- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
Sam 4205c528d0 FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
These site settings are very hard to explain and only applicable for very
specific Discourse setups.

If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".

The setting allows you to extend this to TL4 or any trust level.

Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
Osama Sayegh e0cc29d658 FEATURE: themes and components split
* FEATURE: themes and components split

* two seperate methods to switch theme type

* use strict equality operator
2018-08-24 11:30:00 +10:00
Arpit Jalan 7a91df3248
Merge pull request #6290 from techAPJ/latest-full-name
UX: show full name on /latest page
2018-08-23 17:34:54 +05:30
Arpit Jalan 1a7cd6648b UX: show full name on /latest page 2018-08-23 14:41:06 +05:30
Régis Hanol 3e436e2daf FIX: doesn't translate group permission keys 2018-08-21 12:56:56 +02:00
Gerhard Schlager 96d1ea03e7 Sorting is hard. This should really fix user profiles. 2018-08-20 18:56:21 +02:00
Gerhard Schlager 209ed105f9 FIX: User profiles didn't work when API keys exist 2018-08-20 18:21:40 +02:00
Bianca Nenciu 860c1c3dcd FEATURE: Automatically expire keys if not used for a configurable amount of time. (#6264) 2018-08-20 17:36:14 +02:00
Régis Hanol de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Kyle Zhao 983dba37ce FIX: use BasicUserSerializer for user_badge.granted_by (#6266)
BasicUserSerializer contains enough information for the badges page,
while UserSerializer issues ~100 SQL queries on the fly when serializing
the field without preloading.
2018-08-14 08:11:14 +10:00
Leo McArdle 9b04921616 FIX: don't require auth providers to set full_screen_login_setting 2018-08-06 10:24:39 +01:00
David Taylor 812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Osama Sayegh 18b396ad56 FEATURE: add link to see new commits when updates are available for themes (#6233)
* FEATURE: add link to see new commits when updates are available for themes

* shorten regexp
2018-08-06 15:29:15 +10:00
Joffrey JAFFEUX 066010db7d
FEATURE: introduces list/compact_list components 2018-08-03 16:41:37 -04:00
Penar Musaraj 1f45215537 FEATURE: Drafts view in user profile
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Vinoth Kannan ece3cb73df Rename humburger_menu_categories_count site setting to header_dropdown_category_count 2018-07-31 09:12:30 +05:30
Vinoth Kannan 50df2d7241 FIX: Should not include regular categories in top_category_ids array 2018-07-30 16:06:36 +05:30
Vinoth Kannan 78d91b1daf
UX: Changes in top categories of hamburger menu (#6200) 2018-07-30 14:13:00 +05:30
Vinoth Kannan dac29b5ebc
UX: Display only top categories in hamburger menu (#6146) 2018-07-27 12:11:07 +05:30
Guo Xiang Tan fad9c2b971 PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table. 2018-07-24 13:51:53 +08:00
Guo Xiang Tan ae8b0a517f PERF: Split skipped email logs into a seperate table. 2018-07-24 13:14:37 +08:00
David Taylor eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Neil Lalonde afc94ac9e4 FEATURE: add a Top Categories section to the user summary page, showing the categories in which a user has the most activity 2018-07-18 16:39:16 -04:00
Sam ac0053f491 FEATURE: navigate to first post and auto bump category settings
### navigate_to_first_post_after_read setting for categories

When enabled on categories logged on users will return to OP after
reading the entire category. (useful for documentation categories)

### num_auto_bump_daily

Set a number of topics that will automatically bump daily on a category.

- Every 15 minutes we will check if any category has this setting
- Categories with the setting are shuffled
- We exclude pinned, closed, category description and archived topics
- Maximum of 1 topic for the list of categories is bumped till limit reached per category
- We always try to bump oldest first
- Limit is elastic using a RateLimiter that ensures that we only bump N per day

Also some minor organisation on category settings

Froze strings on category.rb
2018-07-16 18:10:35 +10:00
Leo McArdle 21ebb1cd54 FEATURE: Secondary emails support. 2018-07-16 11:09:49 +08:00
Guo Xiang Tan 258e9e35ca PERF: Make mega topics work without a stream.
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld.
2018-07-12 12:46:12 +08:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Maja Komel cb89797e9a FEATURE: shows remaining backup codes in user preferences 2018-07-04 10:45:42 +02:00
Guo Xiang Tan 969e79d7c6 PERF: Do not calculate gaps for `TopicViewPostsSerializer`.
The client doesn't use the gaps results when loading new posts.
2018-07-02 14:01:50 +08:00
Maja Komel ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Guo Xiang Tan cfa7898c2d Rename `TopicView#last_read_post_id` to `TopicView#filtered_post_id`. 2018-06-27 12:33:57 +08:00
Guo Xiang Tan cb69888758 PERF: Don't pluck all the columns just to retrieve a single value. 2018-06-27 11:41:35 +08:00
Guo Xiang Tan 0b6a2e9d1f Remove force summary mode for megatopics for now.
The logic is too hairy and we can't reliably determine
when to force summary mode. Work is underway to improve
perf for megatopics so this will not be required
eventually.
2018-06-26 12:49:06 +08:00
Guo Xiang Tan bad6a5142c PERF: Don't include entire post stream when we're loading more posts. 2018-06-22 10:49:03 +08:00
Guo Xiang Tan 68388dfd25 Fix the build. 2018-06-21 15:57:59 +08:00
Guo Xiang Tan 9a7a079f4d Force summary mode when user enters at the top of megalodoon topics. 2018-06-21 15:18:52 +08:00
Sam 5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Robin Ward 4a4406de8c FIX: Properly avoid n+1 query on flagged posts
This code was in here previously but some columns were included that
were not used.
2018-06-14 09:46:52 -04:00
Arpit Jalan 94ae89f61f FIX: properly retrieve user custom fields 2018-06-14 07:33:25 +05:30
Robin Ward fd54c92a52 FEATURE: New site setting, whitelisted_link_domains
If provided, users who normally couldn't post links (say, due to a
low trust level), can post links to those specific hosts.
2018-06-13 16:11:22 -04:00
Robin Ward ae728702a6 Revert "Revert "Preload custom user fields when viewing flag queue""
This reverts commit 1bb12ee1b6.
2018-06-13 11:44:13 -04:00
Jeff Wong 3d1ff8e0ad FIX: correct group membership on cards for admins 2018-06-12 14:57:26 -07:00
Joshua Rosenfeld 1bb12ee1b6 Revert "Preload custom user fields when viewing flag queue"
This reverts commit 5bd1c5cc95.
2018-06-12 16:46:31 -04:00
Robin Ward 5bd1c5cc95 Preload custom user fields when viewing flag queue 2018-06-12 16:17:22 -04:00
Arpit Jalan 59a8471308 FIX: do not show SSO external_email to moderators 2018-06-12 14:20:44 +05:30
Guo Xiang Tan ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Robin Ward c658fb6e31 Move some display logic out of model, upgrade old code patterns 2018-05-25 12:54:22 -04:00
Guo Xiang Tan cba3942850 Refactor `WebHookFlagSerializer`. 2018-05-21 17:29:58 +08:00
Guo Xiang Tan f0024f5ec7 Inherit from `BasicGroupSerializer` for `WebHookGroupSerializer`. 2018-05-21 17:29:58 +08:00
Guo Xiang Tan 00c6b078e3 Trim `WebHookUserSerializer`. 2018-05-21 17:29:58 +08:00
Guo Xiang Tan 60e7b13f59 Trim `WebHookPostSerializer` further. 2018-05-21 17:29:58 +08:00
Guo Xiang Tan 3ff0074e9d Trim `WebHookTopicSerializer` further. 2018-05-21 17:29:58 +08:00
David Taylor c168639be2 Add plugin outlet in admin theme list (#5837)
This will be used by discourse-theme-creator to add avatars next to each theme.
2018-05-18 10:09:21 +02:00
Guo Xiang Tan 416d19af27 FIX: Wrong target user displayed for user actions in activity stream.
https://meta.discourse.org/t/wrong-assigned-username-in-activity-list/73816
2018-05-18 11:28:13 +08:00
Guo Xiang Tan b74c108c09 UX: Display group tabs in user's messages tab for non-staff as well.
https://meta.discourse.org/t/group-inboxes-in-user-messages/86787
2018-05-17 18:10:17 +08:00
Guo Xiang Tan 565fa1f60e Fix regression introduced in 8cf0f51eb2. 2018-05-16 14:26:03 +08:00
Guo Xiang Tan 8cf0f51eb2 UX: Display site settings shortcut for `poll` and `discourse-nginx-performance-report`.
https://meta.discourse.org/t/improving-admin-plugins/84585/29?u=tgxworld
2018-05-08 10:34:32 +08:00
Misaka 0x4e21 ff6be3c2e3 FEATURE: add profile_background fields into SSO (#5701)
Add profile_background and card_background fields into Discourse SSO.
2018-05-07 10:03:26 +02:00
Neil Lalonde bd77795d7a REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-26 13:25:24 -04:00
Robin Ward 456e40a709 FIX: Don't allow a user to become TL3 if they've ever been penalized
Previously the code would only check if they were *currently* suspended
or silenced.
2018-04-24 15:15:32 -04:00
Neil Lalonde 70f2c5d3fd FEATURE: move staff tags setting to tag group settings 2018-04-20 15:34:23 -04:00
Régis Hanol 74b812593c FIX: localize everyone group name in default category permissions 2018-04-19 11:14:18 +02:00
Guo Xiang Tan 2d9d77d390 Fix the build. 2018-04-17 18:16:53 +08:00
Guo Xiang Tan 64a45b0980 FIX: Missing `Group#bio_raw` attribute for group owners.
https://meta.discourse.org/t/group-description-does-not-load-in-editor-for-owners-who-are-not-staff/85345
2018-04-17 15:57:52 +08:00
Arpit Jalan a16b616861 FEATURE: webhook for flag events 2018-04-13 07:47:58 +05:30
Arpit Jalan 9ca6ebe8fe FEATURE: enforce tagging on categories 2018-04-11 07:15:24 +05:30
Vinoth Kannan 4822b77b49 Exclude available_groups from category web hooks 2018-04-10 16:46:22 +05:30
Vinoth Kannan 96867743c8 Exclude suggested topics from topic view web hook 2018-04-10 16:38:48 +05:30
Guo Xiang Tan 2ddcdf8704 UX: Add an icon to indicate if a plugin is official.
https://meta.discourse.org/t/improving-admin-plugins/84585
2018-04-06 10:54:58 +08:00
Guo Xiang Tan 142571bba0 Remove use of `rescue nil`.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Vinoth Kannan efb19dbdaf
Merge pull request #5705 from discourse/new_webhooks
FEATURE: Webhook for group and category events
2018-04-02 10:53:21 +05:30
Robin Ward eab64710ff FIX: Shared draft performance fix + missing avatars 2018-03-28 16:11:43 -04:00
Robin Ward 4b5977aa6a Revert "PERF: Don't join on shared drafts unless you have to"
This reverts commit efedd9745f.
2018-03-28 15:35:13 -04:00
Robin Ward efedd9745f PERF: Don't join on shared drafts unless you have to 2018-03-28 13:57:39 -04:00
Vinoth Kannan dc33f2d071 Add new web hook serializers 2018-03-28 17:40:29 +05:30
Neil Lalonde f2c060bdf2 FEATURE: option for tags in a tag group to be visible only to staff 2018-03-26 17:05:09 -04:00
Régis Hanol c5c1d8e180 Add support for the '/p/:post_id' route on the client-side 2018-03-24 02:44:39 +01:00
Robin Ward b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Guo Xiang Tan 41b0fbe001 UX: Indicate user's group membership on groups page. 2018-03-19 18:29:30 +08:00
Arpit Jalan 24338fbbe8 FEATURE: replace PM tags dropdown with a dedicated tags page 2018-03-13 13:06:58 +05:30
Arpit Jalan 0c2be8b775
Merge pull request #5655 from techAPJ/pm-tags-dropdown
FEATURE: filter personal messages by tags
2018-03-08 16:30:38 +05:30
Arpit Jalan c29660c8f1 FEATURE: filter personal messages by tags 2018-03-08 14:42:07 +05:30
Simon Cossar 88fdc926d1 Move external_id from UserSerializer to CurrentUserSerializer (#5658) 2018-03-07 22:54:31 -05:00
OsamaSayegh 282f53f0cd FEATURE: Theme settings (2) (#5611)
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
scossar 51544047dc Add external_id to User Serializer 2018-02-28 10:13:27 +08:00
Guo Xiang Tan 519026a31f Trim attributes that are not useful from `WebHookTopicViewSerializer`. 2018-02-27 11:28:31 +08:00
Vinoth Kannan 43f0884660 PERF: Remove N+1 queries on topic list page. 2018-02-23 20:05:51 +05:30
Guo Xiang Tan dd26bbe868
Merge pull request #5610 from discourse/pm-tags
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
Vinoth Kannan 7cbda949f1 REFACTOR: New spec tests and code improvement 2018-02-22 20:27:02 +05:30
Guo Xiang Tan 1b04d881c5 UX: Display lock icon in admin user lists when user has 2FA enabled. 2018-02-22 09:00:09 +08:00
Sam 720e1965e3 FEATURE: add category suppress from latest
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.

New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Vinoth Kannan 2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Vinoth Kannan 84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Vinoth Kannan 1446753fd2 FIX: Include deleted topics in the post serializer 2018-02-21 14:31:52 +05:30
Guo Xiang Tan 14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward dedeb2deb8 FIX: Don't show the link button in the composer if linking is disabled 2018-02-08 12:56:10 -05:00
Régis Hanol c6fac68ccd FIX: don't blow up on badly encoding incoming email body 2018-01-30 23:47:58 +01:00
Robin Ward 6b04967e2f FEATURE: Staff members can lock posts
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Neil Lalonde 179ecee11e FIX: featured links are 'undefined' in suggested topics 2018-01-25 14:40:07 -05:00
Guo Xiang Tan 80c41a0e59
Merge pull request #5510 from discourse/add-posts-count-to-web-hook-post-serializer
Feature: add topic posts count to webhook post serializer
2018-01-23 07:46:59 +08:00
scossar 841a988454 Return 0 if there is no topic associated with the post 2018-01-22 09:54:11 -08:00
Kyle Zhao 83c549bd31 FEATURE: grant badges in post admin wrench (#5498)
* FEATURE: grant badges in post admin wrench

* only grant manually grantable badges

* extract GrantBadgeController mixin
2018-01-22 14:10:53 +11:00
Sam 47058b29d3 FEATURE: emit external_id field with user webhook 2018-01-22 10:09:26 +11:00
scossar 2646eb5e1d Add topic.posts_count to web_hook_posts_serializer 2018-01-17 10:40:21 -08:00
Neil Lalonde 298ee26908 FIX: when deleting a tag, the warning modal has the wrong topic count 2018-01-12 16:35:27 -05:00
Neil Lalonde ad58a1743b rename topic_list.tags to topic_list.top_tags 2018-01-12 16:35:27 -05:00
Arpit Jalan 7ca2e6a80c fix the build 2018-01-03 17:35:36 +05:30
Arpit Jalan 06e509057e FIX: handle missing user records 2018-01-03 17:18:13 +05:30
Sam 081959227d FIX: unicode titles missing when visiting topic from topic list 2017-12-21 15:20:47 +11:00
Sam e756d02088 FIX: create topic keyboard shortcut not checking permissions 2017-12-21 11:23:57 +11:00
Joffrey JAFFEUX 041deac67a Revert "FIX: constant lookup error when exporting theme"
This reverts commit 1eda8c50f0.
2017-12-14 11:40:08 +01:00
Joffrey JAFFEUX 1eda8c50f0
FIX: constant lookup error when exporting theme 2017-12-14 11:25:11 +01:00
Sam 9d925f6b26 FIX: correctly count participants when more than 24
Also cuts out one query for the normal case
2017-12-13 17:19:42 +11:00
Robin Ward 4ae1bbaeba FIX: Only show the full suspension reason on the admin side 2017-12-07 13:27:02 -05:00
Arpit Jalan 496cd3b4df
Merge pull request #5385 from techAPJ/search-logs-improvements
FEATURE: support search click through tracking for user, category and tags
2017-12-01 12:08:38 +05:30
Arpit Jalan e3925278e2 FEATURE: support search click through tracking for user, category and tags
https://meta.discourse.org/t/search-logs-page/73281/11?u=techapj

This commit adds following features:

- support for tracking click through to user, tag and category
- new filter for search type (header, full page)

This commit also removes "most viewed topic" field from search logs page because we are now tracking multiple click through entities, so topic is not a special entity anymore. This also improves query perf. The query now takes `20.5ms` to runs, as opposed to `655.9ms` previously.
2017-12-01 12:04:55 +05:30
Guo Xiang Tan 9fbe1436b6 UX: Replace heuristic solution root domain extraction for topic featured link. 2017-11-29 21:52:41 +08:00
Guo Xiang Tan 8491c5fba5 UX: Replace heuristic solution for extracting root domain. 2017-11-29 16:26:46 +08:00
Neil Lalonde c22f202e10 FIX: missing likes count on top topics in user summary 2017-11-27 13:42:16 -05:00
Robin Ward 77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Neil Lalonde 39d7745dc5 UX: show staged users' email addresses to staff without requiring a button press 2017-11-24 16:11:34 -05:00
Neil Lalonde 3f58b18dab FEATURE: user card shows staff if a user is staged and lets them check the email address 2017-11-23 16:38:11 -05:00
Guo Xiang Tan f7642e076d REFACTOR: Avoid duplicated logic on server and client. 2017-11-21 17:10:04 +08:00
Neil Lalonde 6dda87c49b FEATURE: show topics viewed on user summary 2017-11-17 17:53:30 -05:00
Neil Lalonde 7c6f991313 REFACTOR: remove AgeWord calls from serializers and do it in javascript 2017-11-17 17:53:30 -05:00
Gerhard Schlager 8f6d35aa59 FEATURE: category setting for mailinglist mirror 2017-11-17 15:29:14 +01:00
Neil Lalonde b37e40eea9 FEATURE: show read time in last 60 days 2017-11-16 15:46:51 -05:00
Sam 813e21d0e8 FIX: current user serializer consistently returns {} for custom_fields
Resolves: #5210
2017-11-15 11:55:37 +11:00
Arpit Jalan 3831663fea FEATURE: search logs page (#5313) 2017-11-15 11:13:50 +11:00
Robin Ward 971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Sam 47e4c9bb46 FIX: import/export theme should work with uploads 2017-11-14 16:30:23 +11:00
Neil Lalonde bd8f8ea1f9 FIX: don't show Create Topic button on full search page to users who can't create topics 2017-11-10 15:39:04 -05:00
Robin Ward 1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Michael Howell 38b8d68c68 FEATURE: Allow the user to select a custom home page (#5268)
* Add user_home configuration option

* Use the new user_home preference to actually show the right home page

* Fix trailing whitespace

* Update user_option_serializer.rb

* Fix JavaScript default homepage tests

* Use an object instead of a giant switch

* Remove trailing whitespace

* Make the default `user_home` set to `null` instead of `0`

* Rename user_home to homepage_id
2017-11-10 06:45:19 +11:00
Neil Lalonde 2aadc42662 FEATURE: show read time on user cards 2017-11-08 15:25:56 -05:00
Sam fab3e25101 FIX: badge selector showing up for anon 2017-10-30 16:21:31 +11:00
Guo Xiang Tan ddd07773da FIX: Don't hardcode the path into translations. 2017-10-30 12:47:34 +08:00
Robin Ward a9f718fe57 FIX: Custom flags didn't work when flagging a topic 2017-10-19 14:27:38 -04:00
Robin Ward 838568cbc3 Refactor flag types for more customization 2017-10-19 13:55:23 -04:00
Guo Xiang Tan 25c25ae423 FEATURE: Allow user to leave a PM. 2017-10-19 12:32:55 +08:00
Guo Xiang Tan 79de10b212 FEATURE: Allow users to disable new PMs.
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
Robin Ward 30bb3b4a86 Include category for summary topics 2017-10-13 16:29:56 -04:00
Robin Ward f73a3cc0d4 Don't include suspended_at or suspended_till unless suspended 2017-10-13 12:17:54 -04:00
Guo Xiang Tan b0557c6692 UX: Allow users to remove a remind me topic timer. 2017-10-05 11:50:08 +08:00
Guo Xiang Tan 91c5f928c2 FIX: `Group#mentionable` and `Group#messageable` not fully working. 2017-10-02 16:50:58 +08:00
OsamaSayegh 79f3d299a1 Don't allow category definition topics to be converted to PMs (#5216) 2017-10-02 10:04:58 +02:00
Robin Ward 41c3941c4c FEATURE: Support regular expressions for watched words 2017-09-27 15:48:57 -04:00
Arpit Jalan 6700aed8ab fix typo 2017-09-27 22:17:19 +05:30
Guo Xiang Tan 5d37f8673b PERF: Only send down suggested payload when loading last chunk. 2017-09-26 14:42:27 +08:00
Robin Ward 6bce3004d9 UX: Nicer selection of suspend duration 2017-09-25 12:28:00 -04:00
Robin Ward 561fa7d0cd FEATURE: Site Setting to hide suspension reason on the public profile 2017-09-25 12:25:14 -04:00
Robin Ward 40eba8cd93 FEATURE: View flags grouped by topic 2017-09-25 12:25:14 -04:00
Régis Hanol 7aa0d044de FIX: link to sub-categories in group activity feed wasn't working 2017-09-13 23:14:46 +02:00
Régis Hanol a6fc42753c FIX: don't include last_wiki_edit when there's no revision 2017-09-13 17:46:58 +02:00
Régis Hanol 0096ee40da FIX: only show participants the user can see 2017-09-13 17:14:03 +02:00
Régis Hanol 85ef3696de UX: show date of last edit on wiki topics 2017-09-12 15:37:47 +02:00
Guo Xiang Tan 51e1c0b6ce Revert "FIX: Move check to right serializer."
This reverts commit 793f933b6b.
2017-09-12 18:11:08 +08:00
Guo Xiang Tan 793f933b6b FIX: Move check to right serializer. 2017-09-12 17:52:13 +08:00
Guo Xiang Tan 5d4221fbe1 PERF: Avoid calling expensive `PostGuardian#can_see_post?` multiple times.
Before

```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
  50: 19
  75: 19
  90: 21
  99: 27
topic:
  50: 56
  75: 62
  90: 64
  99: 99
timings:
  load_rails: 1262
ruby-version: 2.4.1-p111
rss_kb: 198432
pss_kb: 136612
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_9877: 327892
pss_kb_9877: 263671
rss_kb_9946: 325468
pss_kb_9946: 261671
rss_kb_10153: 326456
pss_kb_10153: 262657
```

After

```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
  50: 18
  75: 18
  90: 20
  99: 28
topic:
  50: 41
  75: 42
  90: 46
  99: 49
timings:
  load_rails: 1201
ruby-version: 2.4.1-p111
rss_kb: 187936
pss_kb: 123596
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_26478: 342360
pss_kb_26478: 276696
rss_kb_26547: 340368
pss_kb_26547: 275930
rss_kb_26747: 338964
pss_kb_26747: 274466
```
2017-09-08 14:07:24 +08:00
Bianca Nenciu 6bc74ceb50 Split alias levels in mentionable and messageable levels. (#5065)
* Split alias levels in mentionable and messageable levels.

* Fixed some tests.

* Set messageable level to everyone by default.

* By defaults, groups are not mentionable or messageable.

* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Bianca Nenciu bb3a5910d7 Support for sending PMs to email addresses (#4988)
* Added support for sending PMs to email addresses.

* Made changes after review.

* Added settings validator.

* Fixed tests.
2017-08-28 12:07:30 -04:00
Neil Lalonde 2c56f8df7c FEATURE: show tags in search results 2017-08-25 11:52:59 -04:00
Guo Xiang Tan 0531ef2e20 Fix calling `exists?` on Arrays. 2017-08-24 09:56:07 +09:00
Guo Xiang Tan 91d3929f52 Merge pull request #5078 from lelelelemon/master
change count>0 to exists
2017-08-24 09:24:42 +09:00
junwen yang 8124f26a6e change count>0 to exists 2017-08-23 22:54:51 +00:00
Sam d7a2584c6e FEATURE: image uploads now have short urls
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Régis Hanol 75e4f7f896 Shorten some very long lines
Prevent warnings from already defined constants when reloading
2017-08-12 04:18:04 +02:00
Régis Hanol 19b7658dc3 Add 'primary_group_name' to CurrentUserSerializer 2017-08-12 04:05:16 +02:00
Guo Xiang Tan a9613163b5 FEATURE: Force user to enter reason when requesting for group membership. 2017-08-09 15:45:28 +09:00
Leo McArdle a7b7fe335f FIX: allow an admin to click on blank errors (#5027)
* FIX: allow an admin to click on blank errors

* i18nlize strings

* what would a rails master do?
2017-08-04 20:04:26 +02:00
Neil Lalonde 7c1d7fb423 Merge branch 'master' into fix_limited_search_results 2017-07-31 15:55:31 -04:00
Guo Xiang Tan 4620dfe92d FEATURE: Add group settngs to allow users to leave a group freely.
https://meta.discourse.org/t/split-join-leave-freely-setting-on-groups/65565
2017-07-28 15:00:25 +09:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Guo Xiang Tan 75374c76b3 UX: Display button to message group on group page.
https://meta.discourse.org/t/make-it-easier-to-send-a-message-to-groups/65065
2017-07-27 17:51:25 +09:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan 1b0750d7ef Merge pull request #4983 from tgxworld/group_owners_can_invite_users_to_groups
Group owners can invite users to groups
2017-07-24 16:21:19 +09:00
Robin Ward 574681dc47 FIX: Show emoji in inline oneboxes 2017-07-21 14:24:48 -04:00
Guo Xiang Tan 2a17f1ccd7 FIX: Group owners should be able to invite users to their groups.
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Jakub Macina 7b40de5ac4 Add attribute to grouped search results for more available posts. 2017-07-20 18:07:13 +02:00
Robin Ward cdb3706025 Track clicks on topics in search results 2017-07-17 15:42:32 -04:00
Robin Ward 21e02d6969 Include the `search_log_id` in search results 2017-07-17 12:10:32 -04:00
Arpit Jalan c243861b17 FIX: do not show "Send Activation Email" button if `must_approve_users` setting is enabled
https://meta.discourse.org/t/error-when-pressing-send-activitation-email-when-must-approve-users-setting-is-enabled/65408
2017-07-04 14:00:50 +05:30
Sam 845170bd6b FEATURE: add support for group visibility level
There are 4 visibility levels

- public (default)
- members only
- staff
- owners

Note, admins and group owners ALWAYS have visibility to groups

Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
Arpit Jalan aa1a68b979 UX: do not show "Message" button on user's own profile page/card 2017-06-29 14:27:00 +05:30
Robin Ward 287cb4bfc5 FEATURE: Allow truncated group posts to be expanded 2017-06-21 12:56:38 -04:00
Robin Ward a289ae67e1 FEATURE: Expand truncated posts in the user stream 2017-06-20 15:45:41 -04:00
Robin Ward ae7734707e REFACTOR: Merge different templates from rendering user stream items 2017-06-20 15:45:41 -04:00
Guo Xiang Tan 684b05f510 FIX: Strip zero-width characters from search terms. 2017-06-07 18:19:47 +09:00
Neil Lalonde 6aa0823bf4 FIX: lounge category security settings won't be reset after an upgrade 2017-06-06 16:57:21 -04:00
Arpit Jalan a10c939775 FIX: do not show website name on TL0 profile 2017-06-04 18:30:28 +05:30
Guo Xiang Tan 2302493c64 PERF: N+1 query in search when plugin loads custom fields in `TopicListItemSerializer`. 2017-05-31 09:54:10 +09:00
Sam 607998af33 FEATURE: dropdown to filter staff action logs 2017-05-30 11:25:42 -04:00
Neil Lalonde 0a8e16d049 UX: show short flag descriptions in the flag modal on mobile 2017-05-19 15:35:10 -04:00
Sam 6ddd8d9166 FIX: when entering topics "tracking" would not be set
There was a timing issue when subscribing to messages for topics.

Old flow:

- We generate JSON for topic
- We subscribe to messages for topic

New flow:

- We keep track of last id in the topic message bus channel
- We generate JSON
- We subscribe to messages for topic starting at saved message id

This ensures that there is complete overlap for message consumption
and that there are no cases where an update may go missing due to timing
2017-05-16 15:04:21 -04:00
Neil Lalonde 7821400141 FEATURE: staff can set a timer to remind them about a topic 2017-05-16 14:49:50 -04:00
Sam be8dd403df FEATURE: use fancy title in notifications 2017-05-15 15:38:30 -04:00
Sam e1dd543a93 FEATURE: allow users to select theme on single device 2017-05-15 12:48:16 -04:00
Sam 2d96a0785d FEATURE: theme selection is now global per-user 2017-05-12 12:41:34 -04:00
Sam ee71786057 PERF: we do not need to ship down the total number of unread
Total number of unread notification from the beginning of time
is not an interesting number
2017-05-12 11:11:38 -04:00
Neil Lalonde 55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
Pat David 4bf8548dc5 Add embed class name setup for embeddable hosts 2017-05-11 15:16:16 -04:00
Sam bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Guo Xiang Tan 2b21e5ea7e UX: Display translated group name for automatic groups. 2017-05-05 14:34:47 +08:00
Sam 4ebbad991e FIX: properly clean up related color schemes on delete 2017-05-04 14:03:17 -04:00
Sam 946f25098f Refactor theme fields so they support custom theme defined vars
This paves the way to allowing themes to specify uploads and so on.
2017-05-02 16:02:14 -04:00
Guo Xiang Tan 59b906ab0d FEATURE: Disable minimum post length check when in PM with non human users.
https://meta.discourse.org/t/discourse-narrative-bot-beta-feedback/58621/65?u=tgxworld
2017-04-27 16:00:22 +08:00
Guo Xiang Tan 8b2e3bf5f1 FIX: Topic title should be included in post webhook payload. 2017-04-21 10:04:21 +08:00
Sam 7a9eee1b71 FEATURE: default notification level for group messages
also fixes it so staff can amend other user's group notification level
2017-04-20 15:47:35 -04:00
Arpit Jalan 5d9d2cf287 FIX: do not explicitly show email of flagger / flagged user 2017-04-20 22:09:30 +05:30
Sam 7eabb90b71 FEATURE: added error messages for bad theme CSS / JS 2017-04-19 16:46:46 -04:00
Sam 5e3a0846f7 FEATURE: allow themes to share color schemes 2017-04-17 15:56:24 -04:00
Sam 679b6548e6 FIX: order child themes by name 2017-04-13 10:51:44 -04:00
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Arpit Jalan 30a8c5cca2 FIX: render emoji in topic title 2017-04-12 10:38:17 -04:00
Régis Hanol d1c79372d7 fix permalinks serializer with subfolder setups 2017-04-05 18:45:01 +02:00
Guo Xiang Tan f4758a4c4d FEATURE: Allow admins to schedule a topic to be published in the future. 2017-04-04 11:16:05 +08:00
Guo Xiang Tan 34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Guo Xiang Tan 7c17966171 FEATURE: Include email in `User` webhook.
https://meta.discourse.org/t/should-the-email-address-of-a-new-user-be-included-in-the-webhook/59255
2017-03-25 08:23:01 +08:00
Neil Lalonde 11ce73b8ed FEATURE: category setting for default top period 2017-03-22 16:54:18 -04:00
Neil Lalonde 9ae8813a53 FIX: admin user page should show count of all posts, including private messages, so admins can delete them. This bug was making it impossible to delete users. 2017-03-17 17:01:45 -04:00
Erick Guan cfbfea0596 FEATURE: Allow easier customization to the web hook event serialization. 2017-03-16 10:09:05 +08:00
Neil Lalonde 6d7e968e30 FEATURE: box-style rendering of sub-categories 2017-03-13 15:25:52 -04:00
Neil Lalonde 6aab8cb331 FEATURE: new category setting for whether to show latest topics or top topics by default 2017-03-03 11:30:44 -05:00
Guo Xiang Tan 442bef2df9 Merge pull request #4706 from gsambrotta/add-name-search-dropbox
FEATURE: Add user name in search results
2017-03-02 15:22:15 +08:00
Neil Lalonde 262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
giorgia d308638a18 create searchResultUserSerializer, display name next to username in search results 2017-03-01 13:11:01 +01:00
Neil Lalonde a702330ccd FEATURE: make show_subcategory_list a per-category setting 2017-02-22 11:42:36 -05:00
Arpit Jalan 046cbad10b FEATURE: add a button on admin user page that links to action log 2017-02-21 21:38:37 +05:30
Neil Lalonde 476ae57af3 FEATURE: primary group class on avatars in topic list 2017-02-20 15:55:10 -05:00
Arpit Jalan dc2171960b FIX: allow existing users to be invited to topic/message when must_approve_users is enabled 2017-02-03 13:01:23 +05:30
Guo Xiang Tan 156a00af47 UX: Show edit button on post revision modal as long as user can edit. 2017-01-27 10:49:17 +08:00
Guo Xiang Tan ee396edd9c Add edit post button to post revision modal for wiki-ed posts. 2017-01-25 14:36:00 +08:00
Neil Lalonde 61d4c1203e FEATURE: group avatar flair shows on topic participants list, and participant avatars can have custom styles 2017-01-18 11:38:00 -05:00
Claas Augner ad86d4a3e3
FIX: Translate titles of email templates 2017-01-05 01:26:38 +01:00