Commit Graph

5747 Commits

Author SHA1 Message Date
Arpit Jalan d76658ff8c FEATURE: new rake task to anonymize all users 2018-10-15 16:19:25 +05:30
Guo Xiang Tan 8fa59f0548 FIX: Can't clean a tag if the given string is frozen. 2018-10-15 14:48:45 +08:00
Maja Komel 27e732a58d FEATURE: allow multiple secrets for Discourse SSO provider
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.

This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Bianca Nenciu d408073fc2 DEV: Update official plugins list
canned replies is now named discourse-canned-replies which keeps our naming consistent
2018-10-15 13:53:21 +11:00
Guo Xiang Tan 84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3.
This reverts commit 3c59106bac.
2018-10-15 09:43:31 +08:00
Joshua Rosenfeld fd58ca1903
remove manually mapping of discourse-logster-rate-limit-checker, repo renamed to match 2018-10-12 15:56:23 -04:00
Joshua Rosenfeld 43a7b08a48
don't run specs on prometheus-alert-receiver for now either 2018-10-12 12:20:49 -04:00
Joshua Rosenfeld ca71815bb2
don't run specs on calendar for now 2018-10-12 12:12:21 -04:00
Neil Lalonde d19fb61f10 Version bump to v2.2.0.beta3 2018-10-12 10:55:45 -04:00
Joshua Rosenfeld 9d4916012a
manually map discourse-perspective too 2018-10-12 10:32:07 -04:00
Joshua Rosenfeld 2cb176f1ed
manually map discourse-logster-rate-limit-checker
also remove obsolete plugins
2018-10-12 10:27:24 -04:00
Joshua Rosenfeld aba4dec27f
Update official plugin list
* Remove duplicate entry
* Add missing plugins
* Update list for new names
2018-10-12 10:12:31 -04:00
Sam 057087e0e8 FEATURE: log long running jobs in the defer queue
If a job in the defer queue takes longer than 90 seconds log an error
2018-10-12 17:03:47 +11:00
Sam a1c912b630 Return 400 instead of 404 for bad token 2018-10-12 10:51:41 +11:00
Bianca Nenciu 048cdfbcfa FIX: Do not allow revoking the token of current session. (#6472)
* FIX: Do not allow revoking the token of current session.

* DEV: Add getter of current auth_token from Guardian.
2018-10-12 10:40:48 +11:00
Gerhard Schlager 7a41a783a4 FIX: Don't reply to Unsubscribe email sent to mailing list mirror 2018-10-11 16:09:22 +02:00
Chris Butler ddbed82bca Exit with an error if there are errors with settings import (#6475)
If the site_settings import has any errors or settings that are not found, this
will cause the task to exit with a non-zero exit code.

This is useful when using this task as part of automated configuration deployment,
where you may not want to continue with the process if a setting fails to
import.
2018-10-11 15:57:57 +08:00
Guo Xiang Tan 3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
This reverts commit c29a4dddc1.

We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Guo Xiang Tan c92bda95e1 Fix the build. 2018-10-11 10:45:01 +08:00
Gerhard Schlager c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
Guo Xiang Tan 5039a6c3f1 FIX: Strip null bytes in mail subjects. 2018-10-11 09:46:32 +08:00
Vinoth Kannan 59be289084 FIX: Do not add lightbox to onebox images (#6479) 2018-10-11 08:57:21 +11:00
Robin Ward a566ed42ae FEATURE: Option to disable user presence and profile
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Bianca Nenciu 4e0533a20b FIX: Generate Onebox for posts of type moderator_action. (#6466) 2018-10-10 18:39:03 +08:00
Guo Xiang Tan 918633aa12 FIX: `upload:migrate_to_s3` rake task not remapping properly. 2018-10-10 15:09:21 +08:00
Sam 45f01e637b FIX: when associating Github account disassociate others
There are some cases where an email floats from one GitHub account to another
if this happens just take over the Github mapping record
2018-10-10 15:46:50 +11:00
Guo Xiang Tan f26804394a DEV: Remove the use of stubs on `Rails.logger` in our test suite. 2018-10-10 09:34:50 +08:00
Sam 9b01e2b855 FIX: maxmind download task does not need environment 2018-10-10 11:16:28 +11:00
Bianca Nenciu 1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335)
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Bianca Nenciu 1fb1f4c790 FIX: Make error in Discourse Hub more descriptive. (#6438) 2018-10-09 22:05:31 +08:00
Erin Kosewic 51aba32651 FEATURE: add branch option to remote theme import
* FEATURE: add branch option to remote theme import

* FIX: Add missing variable in params

* FIX: Add missing param for import_theme method

* SPEC: Add test methods for branch support in git import

* FIX: Add missing space to scss style

* Do not assume default branch as master

* Change branch field placeholder

* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
Guo Xiang Tan 1c9b5e75e7 DEV: Support post deployment migrations for plugins. 2018-10-09 13:11:45 +08:00
Kyle Zhao 8b2a379e4e
DEV: transpile certain ES6 files without producing a module (#6460)
`.js.no-module.es6` files will be transpiled without producing a module.

import/export statements are deliberately not supported, so one would still need to use 
`const module = require('moduleName').default.`
2018-10-09 09:18:23 +08:00
Gerhard Schlager 4881fb028f FIX: allow_uppercase_posts didn't work for topic titles 2018-10-08 23:50:06 +02:00
Guo Xiang Tan 40fa96777d
FEATURE: Post deployment migrations. (#6406)
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.

The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.

```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```

To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
Kyle Zhao 9bbc1ae7b2 FIX: raise if staged user creation failed (#6461) 2018-10-08 15:45:23 +08:00
Arpit Jalan c0bb04d89d FIX: convert tag string to array when filtering topic list by tags 2018-10-08 08:56:25 +05:30
Penar Musaraj 26956bbe1a FIX: Safari issue with some emojis (#6456)
https://meta.discourse.org/t/emojis-selected-on-ios-displaying-additional-rectangles/86132/8
2018-10-08 10:32:25 +08:00
Vinoth Kannan 4000dddd32
Merge pull request #6458 from vinothkannans/fix-giphy
FIX: Display large/broken image placeholders for image oneboxes
2018-10-07 18:08:54 +05:30
Vinoth Kannan c499872597 FIX: Display large/broken image placeholders for image oneboxes 2018-10-07 17:42:41 +05:30
David Taylor 9bf522f227
FEATURE: Mixed case tagging (#6454)
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.

- If force_lowercase_tags is disabled, then mixed case tags are allowed.

- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.

- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.

- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.

- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Vinoth Kannan 8430ea927e FIX: Generate webhook payloads before destroy events (#6325) 2018-10-05 16:53:59 +08:00
Sam 5b630f3188 FIX: stop logging every time invalid params are sent
Previously we were logging warning for invalid encoded params, this can
cause a log flood
2018-10-05 14:33:19 +10:00
Guo Xiang Tan 77c293f82d Prefer `Process.clock_gettime` over `Time.now`. 2018-10-05 10:25:52 +08:00
Maja Komel 361ad7ed2b FEATURE: add indication if incoming email attachment was rejected and inform sender about it (#6376)
* FEATURE: add indication if incoming email attachment was rejected and inform sender about it

* include errors for rejected attachments in email

* don't send warning email to staged users

* use user object instead of user_id in add_attachments method
2018-10-04 22:08:28 +08:00
Rishabh Nambiar 943f017a17 Mark discourse-perspective-api as an official plugin 2018-10-04 14:34:22 +05:30
Lucas Nicodemus 1907338834 FIX: No longer educate users who are editing
A user editing a post will no longer get composer messages that are
meant for new users posting replies and threads. These messages don't
make sense in an edit context at all -- they're usually discussing
making salient replies or topics, or adding avatars. They make even less
sense when a user is an admin attempting to change the default topics
for the first time.

Since these messages actually do make sense for a user when they have a
low post count, though, they're still going to occur. They just occur
when a user is creating new content (and thus, more likely to read the
notice), not during edits.

This is in response to this issue:
https://meta.discourse.org/t/education-message-for-editing-wiki-topic/66682
2018-10-04 13:20:13 +08:00
Jeff Wong 632ca42db9 FIX: edit checks for editing posts with no topic 2018-10-03 18:34:47 -07:00
Penar Musaraj dc8a16b43b
Use Yarn to manage dependencies, cleanup unused bootstrap libs (#6436) 2018-10-03 10:15:43 -04:00
Guo Xiang Tan 13dde44c72 FIX: Limit concurrent `assets:precompile` to number of available cores. 2018-10-03 16:46:21 +08:00
Sam eba3117e08 Missed one spot where url needed cooking 2018-10-03 15:06:37 +10:00
Sam ad0e768742 FEATURE: add support for responsive images in posts
When creating lightboxes we will attempt to create 1.5x and 2x thumbnails
for retina screens, this can be controlled with a new hidden site setting
called responsice_post_image_sizes, if you wish to create 3x images run

SiteSetting.responsive_post_image_sizes = "1|1.5|2|3"


The default should be good for most of the setups as it balances filesize
with quality. 3x thumbs can get big.
2018-10-03 13:44:53 +10:00
Penar Musaraj 34516c72bd
FIX: Recover public actions (likes) when recovering a post (#6412) 2018-10-02 11:25:08 -04:00
Guo Xiang Tan 3b1e13e4ab Remove unecessary code. 2018-10-02 15:24:12 +08:00
Bianca Nenciu e0d7cdac12 UX: Improve error messages for minimum and maximum username lengths. 2018-10-02 13:10:20 +08:00
Penar Musaraj da9eee5262 FIX: Force enable user PM emails option when user posts to a group by email. 2018-10-02 12:38:10 +08:00
Gerhard Schlager e2770bc1c4 FIX: async reload of locales could result in missing translations 2018-10-01 17:14:36 +02:00
Guo Xiang Tan ac52d8d3c7 Fix `UploadRecovery` from S3 fails with bucket name containing sub-folder. 2018-10-01 19:03:02 +08:00
Guo Xiang Tan a3dbe3685e Fix the build. 2018-10-01 16:42:38 +08:00
Guo Xiang Tan de85bb0a39 FIX: Don't update user_profile URLs unless upload is persisted. 2018-10-01 14:21:39 +08:00
Guo Xiang Tan e262a08350 Add `UploadRecovery#recover_user_profile_backgrounds`. 2018-10-01 10:51:54 +08:00
Penar Musaraj 70d74f8fc1 FIX: advanced search ordering broken when using tags 2018-09-28 17:27:08 +08:00
Bianca Nenciu 5407036ef9 DEV: Run prettier. (#6420) 2018-09-21 11:02:23 +00:00
Arpit Jalan 2e02a28ab4 FIX: do not revise post if post revision is not present 2018-09-21 14:08:58 +05:30
Kyle Zhao 4bb980b9f7
FEATURE: do not allow moderators to export user list (#6418) 2018-09-21 09:07:13 +08:00
Guo Xiang Tan 1a64b3a487 FIX: Don't try to recover an invalid sha1. 2018-09-20 14:21:57 +08:00
Sam df45e82377 SECURITY: only allow picking of avatars created by self (#6417)
* SECURITY: only allow picking of avatars created by self

Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
Sam e0be5145cf FIX: correct readonly timeout
So it only applies in readonly mode
2018-09-20 15:15:46 +10:00
Jeff Wong d5442fbf08 FIX: do not send tl1 welcome message when a user has the basic user badge 2018-09-19 12:53:36 -07:00
Gerhard Schlager 469a2c36ed FIX: Always unpause Sidekiq after backup and restore
* Logs exceptions during the cleanup phase, but doesn't stop executing subsequent cleanup tasks.
* Notifies the user at the end of the cleanup phase, so that the log contains possible errors during that phase.
2018-09-19 20:35:43 +02:00
Guo Xiang Tan 293cf600f0 FIX: Use a tmp file in `UploadRecovery` for local store. 2018-09-19 15:47:15 +08:00
Sam e0e6dae6a7 minor cleanup to previous commit from code review 2018-09-19 16:07:29 +10:00
Sam 5302709343 FIX: in redis readonly raise an exception from DistributedMutex
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller

When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb

In redis readonly no thumbnails will be generated
2018-09-19 15:50:58 +10:00
Guo Xiang Tan bc7f58191e FIX: `UploadRecovery` should look at links too. 2018-09-19 11:52:57 +08:00
Guo Xiang Tan 4a92c5b2d6 `UploadRecovery` should recover attachments too. 2018-09-19 10:44:36 +08:00
Guo Xiang Tan 5a9b029014 Improve error messaging in `SocketServer`. 2018-09-19 09:11:10 +08:00
Arpit Jalan fadcd36f92 FIX: do not treat ignore_redirects domains as blacklisted
This fix prevents domains present in `ignore_redirects` to be treated as
blacklisted domains and makes sure that onboxing happens for those domains.
Issue reported here: https://meta.discourse.org/t/steam-store-oneboxing-no-longer-works/97266
2018-09-18 10:38:02 +05:30
Guo Xiang Tan ce6a0a5e9e FIX: Moving upload to tombstone should update modification time.
A upload created a long time ago will be nuked from the tombstone
immediately if it gets deleted.
2018-09-18 10:48:29 +08:00
Sam 0e9841b995 SECURITY: remove admin memory diagnostics routes 2018-09-18 08:35:09 +10:00
Régis Hanol 4481836de2 FEATURE: new 'search_ignore_accents' site setting 2018-09-17 10:42:30 +02:00
Guo Xiang Tan b71af05d62 Backward compatibility for dropping functions in `ColumnDropper`.
https://meta.discourse.org/t/launcher-rebuild-error-pg-error-schema-discourse-functions-does-not-exist/96209
2018-09-17 14:46:05 +08:00
Rishabh 4f46aa1ba3 FEATURE: Add SiteSetting for s3_configure_tombstone_policy
Add SiteSetting for s3_configure_tombstone_policy, skip policy generation if turned off (default on)
2018-09-17 10:57:50 +10:00
OsamaSayegh c7d81e2682 FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard 2018-09-17 09:49:53 +10:00
Neil Lalonde 526ffc4966 FIX: error in response body to blocked crawlers, showing 500 Internal Server Error with status of 403 2018-09-14 15:40:20 -04:00
Neil Lalonde b87a089822 FIX: don't block api requests when whitelisted_crawler_user_agents is set 2018-09-14 15:40:20 -04:00
Neil Lalonde 81dc36ba16 Version bump to v2.2.0.beta2 2018-09-14 11:43:35 -04:00
Guo Xiang Tan f2363650c9
Merge pull request #6395 from discourse/plugin-migrations
DEV: apply plugin migrations when testing in Travis and Docker
2018-09-13 06:51:30 -07:00
David Taylor b8c0e77908 DEV: apply plugin migrations when testing in Travis and Docker
In `RAILS_ENV=test`, plugins are not loaded by default. Therefore we need to explicitly specify `LOAD_PLUGINS=1` when we want to apply plugin migrations.
2018-09-13 12:39:54 +01:00
Guo Xiang Tan 529e4018f0 DEV: Avoid using `send` and make the method public instead. 2018-09-13 16:34:32 +08:00
Guo Xiang Tan 0a06b3d977 Accept custom AR relation for `UploadRecovery`. 2018-09-13 16:33:14 +08:00
Guo Xiang Tan 6c65718301 Include response body when raising an error in `FileHelper#download`. 2018-09-13 15:43:58 +08:00
Guo Xiang Tan 5eb65ad612 FIX: Do not try to recover invalid `Upload#short_url` in `UploadRecovery`. 2018-09-13 13:59:17 +08:00
Guo Xiang Tan d99dd840e4 Add basic test case for `UploadRecovery`. 2018-09-13 13:26:23 +08:00
Guo Xiang Tan a3b3b0810d Rescue errors when running dry run for `UploadRecovery`. 2018-09-13 11:57:51 +08:00
Guo Xiang Tan 4dc25ad201 Fix s3 recovery from tombstone in `UploadRecovery`. 2018-09-13 09:19:45 +08:00
David Taylor 9461c99210 DEV: Add travis_fold to termination stage 2018-09-12 18:59:48 +01:00
David Taylor 26bd67a865 DEV: Add travis_fold statements to docker_test 2018-09-12 17:52:58 +01:00
Guo Xiang Tan 24c55bd613 Add dry run option to `UploadRecovery`. 2018-09-12 21:53:01 +08:00
Guo Xiang Tan 2cc48cfd06 Fix incorrect variable. 2018-09-12 02:06:14 -07:00
Guo Xiang Tan c053f8ccf6 New rake task `uploads:recover`. 2018-09-12 01:52:30 -07:00
Guo Xiang Tan 6d01e0aa04 DEV: Print the error class in `uploads:list_posts_with_broken_images`. 2018-09-12 01:06:51 -07:00
Guo Xiang Tan 71185c13b5
Merge pull request #6377 from tgxworld/remove_tif_tiff
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
2018-09-12 09:32:32 +08:00
Guo Xiang Tan 71caf7521d Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
https://meta.discourse.org/t/cr2-raw-files-are-being-treated-as-tiff-files/96775/3?u=tgxworld
2018-09-12 09:29:54 +08:00
Guo Xiang Tan e1b16e445e Rename `FileHelper.is_image?` -> `FileHelper.is_supported_image?`. 2018-09-12 09:22:28 +08:00
Guo Xiang Tan d59e635a77 Rename `FileHelper.images` to `FileHelper.supported_images`. 2018-09-12 09:22:28 +08:00
Kyle Zhao f1cb431968 FIX: rescue ActiveRecord::RecordInvalid in find_or_create_by_safe! (#6385)
AR uniqueness validation could raise ActiveRecord::RecordInvalid
2018-09-12 11:03:12 +10:00
Gerhard Schlager 1a01385e88 FIX: "false" didn't work as locale_default 2018-09-11 13:42:10 +02:00
Neil Lalonde b3b9ac3b19 Version bump to v2.2.0.beta1 2018-09-10 19:43:15 -04:00
Rishabh 80eace4268
Merge pull request #6383 from discourse/fix_username_suggester
FIX: don't raise an error on integer usernames in user_name_suggester
2018-09-11 00:30:29 +05:30
Rishabh Nambiar 81c87df18a FIX: don't raise an error on integer usernames 2018-09-10 22:17:56 +05:30
Blake Erickson 1d41f3c3fb
Merge pull request #6380 from discourse/rake-destroy-sub-category
FIX: Allow `rake destroy:topics` to delete topics in sub-categories
2018-09-10 10:26:04 -06:00
Guo Xiang Tan 94ff428571 Pass the right value to rake task. 2018-09-10 20:07:28 +08:00
David Taylor 84fc7abb73 FIX: Allow `rake destroy:topics` to delete topics in sub-categories 2018-09-10 12:52:14 +01:00
Guo Xiang Tan 4a966c639d DEV: Update `uploads:list_posts_with_broken_images` to recover from tombstone. 2018-09-10 17:01:41 +08:00
Guo Xiang Tan df04e69cde FIX: `S3Helper#list` creates incorrect prefix. 2018-09-10 16:34:40 +08:00
Guo Xiang Tan 68572b8afc Print error messages on why upload fails to save. 2018-09-10 16:02:13 +08:00
Guo Xiang Tan 0aca80e92a Fixes to `uploads:list_posts_with_broken_images`. 2018-09-10 15:16:29 +08:00
Guo Xiang Tan 8496537590 Add `RECOVER_FROM_S3` to `uploads:list_posts_with_broken_images` rake task. 2018-09-10 15:14:30 +08:00
Joshua Rosenfeld afaa722c32
sort official plugin list, remove duplicate entry
`discourse-sitemap` was listed twice, sorted list to help avoid duplication
2018-09-09 13:41:26 -04:00
Sam 879067d000 FIX: check admin theme cookie against user selectable
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable

this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
Gerhard Schlager 3dea48f1d9 Resetting miniracer context results in segfault 2018-09-07 00:19:23 +02:00
Gerhard Schlager f13c34aaed Adds a check for invalid message formats to rake i18n:check 2018-09-06 17:27:17 +02:00
Gerhard Schlager 3c09026fe4 Minor improvements to rake i18n:check 2018-09-06 16:54:30 +02:00
Guo Xiang Tan d4b05d7bc5 Always link post to uploads in post process.
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
Guo Xiang Tan 434035f167 FIX: Link post to uploads in `PostCreator`.
* This ensures that uploads are linked to their post on creation
  instead of a background job which may be delayed if Sidekiq
  is facing difficulties.
2018-09-06 11:18:11 +08:00
Gerhard Schlager 26082688d1 FIX: Zero is a valid value for the page parameter 2018-09-05 20:43:05 +02:00
Guo Xiang Tan f3aef2cc83 FIX: Incorrect/missing extension in short_url fails to map to upload.
`Hash#invert` causes us to lose keys if the hash contains similar
values.
2018-09-05 21:48:58 +08:00
Guo Xiang Tan 72834f19ff DEV: Add rake tasks to list posts with broken images. 2018-09-05 16:54:15 +08:00
Gerhard Schlager f4956f79a5 Make Rubocop happy 2018-09-05 01:04:43 +02:00
Gerhard Schlager 6658a6601c Remove unused rake task 2018-09-05 00:47:39 +02:00
Gerhard Schlager 0d8c72d8c4 DEV: Add rake task to check locale files for errors 2018-09-05 00:47:39 +02:00
Gerhard Schlager b8fc699164 FIX: Detect {{foo}} as interpolation key 2018-09-05 00:47:39 +02:00
Vinoth Kannan d8b543bb67 FIX: redirect to original URL after social signup 2018-09-05 01:44:23 +05:30
David Taylor 4382fb5fac DEV: Allow plugins to whitelist specific user custom_fields for editing (#6358) 2018-09-04 20:45:36 +10:00
Guo Xiang Tan d1af89e3b3 DEV: Extract global admin api rate limiting into a dedicated method.
* We have a use case for overriding the rate limiting logic in a
  plugin.
2018-09-04 16:37:54 +08:00
Guo Xiang Tan 3b337bfc6b Revert "FIX: Don't rate limit admin and staff constraints when matching routes."
This reverts commit 651b50b1a1.
2018-09-04 14:27:21 +08:00
Guo Xiang Tan 651b50b1a1 FIX: Don't rate limit admin and staff constraints when matching routes.
* When an error is raised when checking route constraints, we
  can only return true/false which either lets the request
  through or return a 404 error. Therefore, we just skip
  rate limiting here and let the controller handle the
  rate limiting.
2018-09-04 13:52:58 +08:00
Guo Xiang Tan 08b268c5bc Be more forceful in disconnecting connections during failover. 2018-09-04 10:32:43 +08:00
Guo Xiang Tan 8dc1463ab3 Enable `Lint/ShadowingOuterLocalVariable` for Rubocop. 2018-09-04 10:16:42 +08:00
Gerhard Schlager eeedc3901e FIX: Replying to deleted post via email should create new reply to topic 2018-09-03 23:06:40 +02:00
Vinoth Kannan 24a14af15a FIX: Respect invalidate_oneboxes option for inline oneboxes 2018-09-03 22:33:43 +05:30
Gerhard Schlager f33433bf9e Validation of params should restrict to max int (#6331)
* FIX: Validation of params should restrict to max int

* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
Guo Xiang Tan 747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains
FIX: Ignore OneBox blacklisted domains.
2018-09-03 11:10:52 +08:00
Guo Xiang Tan 45f092a49d Extract `badge_posts` view management logic into a service object.
* Avoid defininig a global constant and method.

Fixes https://github.com/discourse/discourse/pull/6318
2018-09-03 09:51:35 +08:00
Maja Komel 182d9a4666 FIX: escape regex chars when searching site texts 2018-09-02 17:25:57 +10:00
Osama Sayegh 60eff9421a FIX: precompile `desktop_theme` and `mobile_theme` stylesheets
required for environments that pre stage docker images and keep old image running during the deploy
2018-08-31 21:23:55 +10:00
Sam 9b7cab589a FIX: revert diacritic stripping
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
Vinoth Kannan 297e8aaf2e FIX: Escape regex pattern variable before using it 2018-08-31 03:02:24 +05:30
Neil Lalonde 4b6381367e add support for Excon connection options in hub requests 2018-08-30 15:57:11 -04:00
Neil Lalonde 415201e1b4 Version bump to v2.1.0.beta6 2018-08-30 10:53:20 -04:00
Joffrey JAFFEUX 2dfb097dd9
DEV: plugin generator support for spec/test/controller/routes (#6344) 2018-08-30 16:38:25 +02:00
Joffrey JAFFEUX 90e67b671b
DEV: support for settings/locales in plugin generator (#6341) 2018-08-30 14:12:06 +02:00
Osama Sayegh 9efbf2c49f FIX: changing component settings should trigger refresh for parent theme CSS (#6340) 2018-08-30 20:53:03 +10:00
Joffrey JAFFEUX d40d241e72
DEV: adds --help --no-help options to plugin generator (#6338)
help will add helpful comments in the various generated files
2018-08-30 12:16:37 +02:00
Joffrey JAFFEUX acc96abe1a
DEV: plugin generator will now ask for github username (#6337) 2018-08-30 12:03:30 +02:00
Guo Xiang Tan 492b6dc306 DEV: `yarn exec` doesn't do what I think it does. 2018-08-30 15:55:36 +08:00
Sam e6970151a6 FEATURE: allow specifying locale via SSO
Use:

locale
locale_force_update

To force user locale on users where SiteSetting.allow_user_locale is enabled

Note: If an invalid locale is specified no action will occur
2018-08-30 09:58:03 +10:00
Joffrey JAFFEUX 06f18b0e9f
typo 2018-08-29 13:51:16 +02:00
Joffrey JAFFEUX ef36fdfb64
DEV: rails generator to create plugin skeleton (#6332)
rails g plugin --help
rails g plugin DiscourseRacoon --author joffrey
2018-08-29 13:32:41 +02:00
Dax74 5f51ef27e7
Added sitemap plugin in the official list 2018-08-29 10:58:26 +02:00
Guo Xiang Tan 720726ea68 Use `yarn exec` when running eslint and prettier. 2018-08-29 11:03:42 +08:00
Sam 44cf3cf975 FIX: queue heartbeats in readonly modes
If sidekiq is paused or Discourse is in readonly continue to queue
heartbeats

If we do not do that then a master process can end up reaping sidekiq
workers and causing various badness

This also impacts restore which can do weird stuff TM in cases like this
2018-08-29 12:36:59 +10:00
Sam 9ab1fb7dfc FEATURE: correctly store width and height on uploads
Previously we used width and height for thumbnails, new code ensures

1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
 by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions

Also

- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
Neil Lalonde ebe7835316 FIX: links in rss feeds are sometimes wrong on subfolder installs 2018-08-27 18:05:15 -04:00
Bianca Nenciu b6963b8ffb FIX: Ignore OneBox blacklisted domains. 2018-08-27 20:40:55 +02:00
Sam 4205c528d0 FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
These site settings are very hard to explain and only applicable for very
specific Discourse setups.

If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".

The setting allows you to extend this to TL4 or any trust level.

Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
Maja Komel 020eba4623 FIX: find tags with non-latin names (#6312) 2018-08-27 11:05:28 +10:00
Sam 47e6b8b318 discourse etiquette is an official plugin 2018-08-27 10:03:49 +10:00
Sam ac11f8df52 correct regression searching with diacritics 2018-08-24 10:00:51 +10:00
Gerhard Schlager 6588a45880 Make Rubocop happy 2018-08-23 15:09:20 +02:00
Gerhard Schlager 409ee66839 Add optional "ignore_case" parameter to posts:remap rake task 2018-08-23 14:49:17 +02:00
Arpit Jalan 7a91df3248
Merge pull request #6290 from techAPJ/latest-full-name
UX: show full name on /latest page
2018-08-23 17:34:54 +05:30
Arpit Jalan 1a7cd6648b UX: show full name on /latest page 2018-08-23 14:41:06 +05:30
Guo Xiang Tan dd810b8b05
Merge pull request #6304 from tgxworld/create_functions_in_different_schema
FIX: Create `BaseDropper` functions in a different schema.
2018-08-23 15:01:41 +08:00
Sam 6ee352510a Correctly handle exception 2018-08-23 16:27:00 +10:00
Sam cbd9045c6b FIX: avoid race condition creating posts
in some cases the distributed mutex was not protecting us
and transactions would fail
2018-08-23 15:11:06 +10:00
Guo Xiang Tan 212ee15804 FIX: Create `BaseDropper` functions in a different schema.
https://meta.discourse.org/t/error-when-restore-db-backup/93145/25?u=tgxworld
2018-08-23 12:52:21 +08:00
Osama Sayegh 2711f173dc FIX: don't allow inviting more than `max_allowed_message_recipients`
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows

* add specs for guardian

* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)

Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences

* groups take only 1 slot in PM

* just return if topic is a PM
2018-08-23 14:36:49 +10:00
Guo Xiang Tan 36a7028f19 FEATURE: Clean up `PostReplyKey` records.
* Default retention of 90 days.
2018-08-23 10:40:02 +08:00
Régis Hanol f01169d6ff FIX: don't send email when the post was deleted 2018-08-22 13:13:58 +02:00
Sam d3b4f24ced DEV: correct watcher for controller specs 2018-08-22 14:35:57 +10:00
Sam 272de95175 FIX: client duplicate registration should be cleaned up
If for any reason we are unable to correct client id on a user api key
invalidate old keys for client/user
2018-08-22 12:56:49 +10:00
Sam 5d96809abd FIX: improve support for subfolder S3 CDN 2018-08-22 12:31:13 +10:00
Sam f5142861e5 Revert "Revert "FIX: upload URLs from S3 on subfolder installs""
This reverts commit 26c96e97e5.

We have no choice but to run this code
2018-08-22 11:31:33 +10:00
Sam 26c96e97e5 Revert "FIX: upload URLs from S3 on subfolder installs"
This reverts commit 357df2ff4f.
2018-08-22 10:51:40 +10:00
Robin Ward 410b0f591f FIX: Flagged Post custom fields were not respecting type 2018-08-21 15:33:15 -04:00
Neil Lalonde 357df2ff4f FIX: upload URLs from S3 on subfolder installs 2018-08-21 14:58:55 -04:00
Régis Hanol d1607a387a FIX: only allow printable characters in uploads filename 2018-08-21 18:11:01 +02:00
Neil Lalonde e94b5b4d78 Version bump to v2.1.0.beta5 2018-08-21 11:54:23 -04:00
Guo Xiang Tan 0f07494b12
Merge pull request #6259 from pfaffman/patch-2
FIX: disable_2fa fix method selection
2018-08-21 17:29:42 +08:00
Guo Xiang Tan 791ddb8630 PERF: Memoize `EmailReceiver#sent_to_mailinglist_mirror?`. 2018-08-21 15:44:47 +08:00
Guo Xiang Tan 7dcc69aef4 DEV: Refactor test to not call private method. 2018-08-21 14:29:58 +08:00
Sam 57d04200a1 Add Rails 6 note here 2018-08-21 11:09:10 +10:00
Sam ca5a6f0a9d FIX: handle concurrently creating post reply keys
In some very rare conditions this would be called concurrently and fail
2018-08-21 10:59:18 +10:00
Sam 8fa5dd4a1f FEATURE: discourse-checklist is now an official plugin 2018-08-21 10:44:40 +10:00
Bianca Nenciu 860c1c3dcd FEATURE: Automatically expire keys if not used for a configurable amount of time. (#6264) 2018-08-20 17:36:14 +02:00
Neil Lalonde ac40fede66 Revert "FIX: subfolder support for S3 CDN" 2018-08-20 10:30:44 -04:00
Neil Lalonde 0b8f6d3637 FIX: subfolder support for S3 CDN 2018-08-20 10:22:03 -04:00
Sam f5fe58384f correct regression around file renaming 2018-08-20 16:08:05 +10:00
Sam d7b1919ead correct specs 2018-08-20 12:46:14 +10:00
Sam 8b5e42ea16 FIX: always test and coerce to image on upload
In the past the filename of the origin was used as the source
for the extension of the file when optimizing on upload.

We now use the actual calculated extension based on upload data.
2018-08-20 12:18:59 +10:00
Robin Ward a83f662492 FIX: Allow silenced users to like / bookmark, just not flag. 2018-08-17 11:06:18 -04:00
Guo Xiang Tan 16c0ebe8a8 Fix the build. 2018-08-17 16:53:07 +08:00
Guo Xiang Tan a26ef7738f FIX: `FileHelper#download` should return nil if max size is exceeded. 2018-08-17 16:19:59 +08:00
Guo Xiang Tan be89f593f9 DEV: Include caller in error message for `Discourse#execute_command`. 2018-08-17 16:17:07 +08:00
Guo Xiang Tan fae8757cd4 FIX: `Guardian#post_can_act?` shouldn't raise an error if user of post has been deleted. 2018-08-17 15:11:30 +08:00
Sam 70155f0923 DEV: decrease log level of compile failures
We do not need to report his in logs, our failure mode is fine here.
2018-08-17 17:10:02 +10:00
Guo Xiang Tan a9e502936f FIX: Converting PNG to JPEG does not set the correct extension. 2018-08-17 13:09:48 +08:00
Gerhard Schlager 802ad0dc61 Add rake task for updating static pages 2018-08-16 19:51:20 +02:00
Régis Hanol 98898ff4b3 FIX: raise an exception when 'downsize'git st fails 2018-08-16 19:20:07 +02:00
Joffrey JAFFEUX 3fbf7b164d
FEATURE: emoji 11.0 "recently added" update (#6275)
Adds support for emojis in the http://www.unicode.org/emoji/charts-11.0/emoji-released.html list
2018-08-16 11:59:45 +02:00
Gerhard Schlager 937ab3f213 FIX: Validation of min_posts and max_posts didn't work 2018-08-16 10:36:53 +02:00
Arpit Jalan 8e3b685aa4 make rubocop happy 2018-08-16 14:03:46 +05:30
Arpit Jalan df55e5bac4 optimize categories:create_definition task 2018-08-16 14:00:07 +05:30
Arpit Jalan 78e14abb32 new rake task to bulk tag all topics in a category 2018-08-16 13:56:57 +05:30
Arpit Jalan 777055f960 new rake task to create category definition 2018-08-16 13:50:52 +05:30
Sam 796164b58c FIX: automatically correct bad avatars on access
Also start relying on upload extension for optimized images
2018-08-16 16:32:56 +10:00
Guo Xiang Tan 33f4aa2835 Fix `migrate_to_s3` rake task, `File#close!` is not a valid method. 2018-08-16 13:26:58 +08:00
Neil Lalonde ac3b0f0164 REFACTOR: move remap out of script into a class 2018-08-15 12:37:52 -04:00
David Taylor 7b089f7af4 FIX: Don't throw exception if welcome topic cannot be found 2018-08-15 15:50:55 +01:00
Sam 38c10a3dc2 correct the validator 2018-08-15 14:56:24 +10:00
Sam 91e0a77a60 FEATURE: silenced users should not be allowed to edit posts 2018-08-15 14:29:36 +10:00
Sam 06f82a7d72 correct exception handling, always do to_i in array 2018-08-15 11:31:42 +10:00
Sam bc47148d35 add validation to exclude_category_ids 2018-08-15 09:53:28 +10:00
Régis Hanol 12bab65167 FIX: going from /categories to /latest on mobile might break infinite scrolling 2018-08-15 01:22:03 +02:00
Gerhard Schlager ba0e322fd0 FIX: Validation of topic params broke discourse-assign 2018-08-14 18:45:46 +02:00
Robin Ward 87fa26b6c8 FIX: Silenced users shouldn't be able to act on posts 2018-08-14 11:43:39 -04:00
Gerhard Schlager 2927294cc6 FIX: Bulk deleting topics should ignore already deleted topics 2018-08-14 16:37:52 +02:00
Régis Hanol de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Sam ad5f502332 FIX: add a basic validator for topic params
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
Sam 6cae47aa53 collect extra environment correctly 2018-08-13 16:33:28 +10:00
Sam 168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Guo Xiang Tan d10c9d7d75 FIX: Missing extensions for non-image uploads due to 2b57239389. 2018-08-13 10:58:55 +08:00
Jay Pfaffman 71a1d75d7e
FIX: disable_2fa fix method selection
The previous code resulted in

    NameError: undefined local variable or method `totp' for main:Object

I now understand what @tgxworld meant about we should only disable totp when I submitted this before.

This is the kind of Ruby stuff that I still don't understand well,(perhaps this isn't the most Ruby way to do this?) but this does what I think is supposed to happen. And it worked just now.
2018-08-10 14:45:40 -07:00
Osama Sayegh 865cb3feb9
FIX: allow selecting site's default theme from preference 2018-08-10 14:12:02 +03:00
Sam ea8394b080 typo in error message 2018-08-10 11:34:01 +10:00
Sam 1fc2597626 better error handling for upload extension fixer 2018-08-10 11:28:22 +10:00
Gerhard Schlager b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Gerhard Schlager ef4b9f98c1 FEATURE: Allow admins to reply without topic bump 2018-08-10 10:48:30 +10:00
Neil Lalonde d77dccc636 FIX: user-deleted posts with deferred flags can be destroyed 2018-08-09 14:54:31 -04:00
Gerhard Schlager 6ddf7fcd1f Fix warnings about already initialized constants 2018-08-09 17:29:02 +02:00
Robin Ward 5895507153 FEATURE: Ability for plugins to whitelist custom fields for flags
You can now call `whitelist_flag_post_custom_field` from your plugins
and those custom fields will be available on the flagged posts
area of the admin section.
2018-08-09 10:49:14 -04:00
Sam ed4c0f256e FIX: check permalinks for deleted topics
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
Guo Xiang Tan 1ea23b1eae FIX: Wrong order for `S3Helper#copy_file`. 2018-08-08 15:58:54 +08:00
Guo Xiang Tan 0879610ffd Add missing require in `uploads:fix_incorrect_extensions`. 2018-08-08 15:39:37 +08:00
Sam a35f2984e9 FIX: support Arrays with Marshal dump in distributed cache
Theme cache uses arrays here
2018-08-08 16:44:56 +10:00
Guo Xiang Tan 17047806b9 Add a rake task to fix uploads with wrong extension. 2018-08-08 13:15:17 +08:00
Osama Sayegh 0b7ed8ffaf FEATURE: backend support for user-selectable components
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
Guo Xiang Tan aafff740d2 Add `FileStore::S3Store#copy_file`. 2018-08-08 11:30:34 +08:00
Neil Lalonde 4e6e4a83df FIX: subfolder digest emails have incorrect URLs 2018-08-07 16:38:17 -04:00
Neil Lalonde 1fcb5c1b6d Version bump to v2.1.0.beta4 2018-08-07 12:32:57 -04:00
Guo Xiang Tan 2b57239389 FIX: Upload's content is the only source of truth for the file type. 2018-08-07 13:15:00 +08:00
Sam 4b000f5d12 FIX: do not use `lib` for requires
this breaks loading the app from arbitrary dirs
2018-08-07 11:04:29 +10:00
Arpit Jalan ffc8c52bf5 FIX: store welcome topic id in custom field 2018-08-06 23:46:03 +05:30
David Taylor 812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Régis Hanol 0cd9e2acb9 fix build 2018-08-04 01:56:26 +02:00
Joffrey JAFFEUX 066010db7d
FEATURE: introduces list/compact_list components 2018-08-03 16:41:37 -04:00
Régis Hanol ac2513b0f2 FEATURE: automatic PM when a user's email is revoked 2018-08-03 16:39:22 +02:00
Jeff Atwood c81bad3232
Merge pull request #6232 from OsamaSayegh/message-email-short-reply
UX: better rejection message when reply via email is too short
2018-08-02 14:25:04 -07:00
OsamaSayegh a157dfd418 UX: better rejection message when reply via email is too short 2018-08-02 22:43:53 +03:00
Régis Hanol 14bbd5d167 FIX: use the right URL when downloading the file from S3 2018-08-02 10:04:41 +02:00
Penar Musaraj 4a872823e7 Improvements to user drafts (#6226)
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels

* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
Régis Hanol 0f1137dafa FIX: 'migrate_from_s3' rake task wasn't handling short urls 2018-08-01 22:58:46 +02:00
Jeff Wong 059862ed46 Mark discord auth plugin official 2018-08-01 09:33:14 -07:00
Neil Lalonde b829452c75
Merge pull request #6209 from discourse/mini_scheduler
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
Joffrey JAFFEUX 0b9437cee7
FIX: more resilient/consistent dashboard caching (#6223) 2018-08-01 09:45:50 -04:00
Gerhard Schlager a115aae45f Use rchardet instead of charlock_holmes gem 2018-08-01 10:41:20 +02:00
Gerhard Schlager ff942ed2f3 FIX: Try detecting encoding of RSS feed 2018-08-01 10:41:20 +02:00
Penar Musaraj 1f45215537 FEATURE: Drafts view in user profile
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Vinoth Kannan 6aee22b88f FIX: Onebox images are not downloaded locally without css class 2018-08-01 02:51:02 +05:30
Neil Lalonde 4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
Arpit Jalan afe3b00c0f FIX: use hidden setting for max export file size 2018-07-31 11:25:28 +05:30
Sam f0c203a5cf clean up previous commit 2018-07-31 14:50:02 +10:00
Jay Pfaffman b55d9e63a0 Rake mail test debugging (#6171)
* FEATURE: rake emails:test add debugging

* Oops! Remove safety code

* more language tweaks
2018-07-31 14:45:59 +10:00
Neil Lalonde fd29ecb91a UX: include a flag reason in the post-deleted-by-staff-because-of-flags message 2018-07-30 16:45:46 -04:00
Régis Hanol 8f1db615db FIX: don't break restore if function does not exist 2018-07-30 22:11:38 +02:00
Arpit Jalan 17b851cf08 FEATURE: show last updated date for wiki topics 2018-07-30 20:27:49 +05:30
David Taylor 6566b2f11a FEATURE: Allow revoke and connect for Instagram logins 2018-07-30 14:38:53 +01:00
Arpit Jalan dfcb2a0d42 FEATURE: include published_time in metadata 2018-07-30 17:09:56 +05:30
David Taylor 8d1acbd4c2 DEV: Include specific authenticator name in warning message 2018-07-30 11:33:48 +01:00
Guo Xiang Tan b94633e844 FIX: `FileHelper` should prioritize response content-type.
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
2018-07-30 10:54:36 +08:00
David Taylor 5f1fd0019b FEATURE: Allow revoke and connect for GitHub logins 2018-07-27 17:18:53 +01:00
David Taylor 6296f63804 FEATURE: Revoke and connect for Yahoo logins 2018-07-27 16:20:47 +01:00
David Taylor 9c72c00206 FEATURE: Revoke and reconnect for Twitter logins 2018-07-27 12:28:51 +01:00
Arpit Jalan c74dd2fa08 FIX: welcome topic should not be a private message 2018-07-27 15:15:13 +05:30
Guo Xiang Tan 6740631fdb TEMPFIX: Fix broken restores. 2018-07-27 12:48:16 +08:00
Neil Lalonde 135c803f49 FIX: don't send PM if flagged post is deleted but flags were deferred or cleared 2018-07-26 15:12:31 -04:00
Neil Lalonde a74024b1c9 Version bump to v2.1.0.beta3 2018-07-26 14:16:06 -04:00
David Taylor 467c529920 FIX: Remove return statement from inside block 2018-07-26 15:52:39 +01:00
David Taylor 88241f57a3
FEATURE: allow auth plugins to have a site setting for full screen login 2018-07-26 11:11:16 +01:00
Nick Shearer def2c977ce allow auth plugins to have a site setting for if they should be full screen vs popup window 2018-07-25 19:20:11 -05:00
Régis Hanol f94aeaf6cf SECURITY: force IM decoder based on file extension - part 3 2018-07-25 23:55:06 +02:00
Régis Hanol 800c57c6ab SECURITY: force IM decoder based on file extension - part 2 2018-07-25 23:08:02 +02:00
Régis Hanol 4bf3bf6786 SECURITY: force IM decoder based on file extension 2018-07-25 22:00:04 +02:00
David Taylor 0d0d78841b
FIX: Remove `plugin.enabled?` checks at initialization time (#6166)
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
  - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
  - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.

Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.

I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
  - `post_custom_fields_whitelist`
  - `whitelist_staff_user_custom_field`
  - `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
Joffrey JAFFEUX 796639a797
FIX: makes disk_space computation more resilient (#6172) 2018-07-25 11:04:01 -04:00
David Taylor fa399ce1c5 FEATURE: Add revoke and reconnect functionality for google logins 2018-07-25 16:03:14 +01:00
Joffrey JAFFEUX 578c8e861b
FIX: refreshes disk_space on backup create/destroy (#6169) 2018-07-25 08:26:30 -04:00
David Taylor 776fd0de66 FIX: Filter open-id logins by identifier 2018-07-25 11:47:09 +01:00
Gerhard Schlager 84d14fd8a0 FIX: Don't rely on setting data type read from database 2018-07-25 11:40:59 +02:00
Neil Lalonde 417bcf7d2e add checks for staff and system user before sending flags_agreed_and_post_deleted message 2018-07-24 19:25:11 -04:00
Neil Lalonde fe39cdc90a FEATURE: when a post is deleted because a moderator agreed with flags, send a message to the post author 2018-07-24 17:17:56 -04:00
Robin Ward 7058205f70 FIX: Broken specs 2018-07-24 12:00:34 -04:00
Robin Ward 236243f38a SECURITY: Consider `0.0.0.0` a private IP 2018-07-24 11:16:27 -04:00
Joffrey JAFFEUX 7a3c541077
UX: Preview multiple color schemes in wizard (#6151)
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.

Theme preview windows are shrinked.

Imported default color schemes.

Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
2018-07-24 09:00:20 -04:00
Guo Xiang Tan fa19d3a53c
Merge pull request #6108 from discourse/transaction-sidekiq-fix
Fix notifications for topics moved between categories
2018-07-24 17:44:03 +08:00
David Taylor 20a21b1240 Move into MiniSQLMultisiteConnection, and add test for rollback 2018-07-24 09:41:55 +01:00
Guo Xiang Tan fad9c2b971 PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table. 2018-07-24 13:51:53 +08:00
Guo Xiang Tan ae8b0a517f PERF: Split skipped email logs into a seperate table. 2018-07-24 13:14:37 +08:00
Gerhard Schlager e42038eae2 Rake task called method with wrong arguments 2018-07-24 00:10:09 +02:00
David Taylor eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Guo Xiang Tan b165cfdfbe FIX: Raise a better error in `SiteSettings::TypeSupervisor`. 2018-07-19 16:41:00 +08:00
Arpit Jalan 14a0879658 FIX: allow Twitter videos to go fullscreen 2018-07-19 10:22:36 +05:30
David Taylor 2dc3a50dac FIX: Do not update `last seen` time for suspended users 2018-07-18 16:04:57 +01:00
Régis Hanol 6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Sam 379384ae1e FIX: never block /srv/status which is used for health checks
This route is also very cheap so blocking it is not required

It is still rate limited and so on elsewhere
2018-07-18 12:37:01 +10:00
Guo Xiang Tan 3874d40910 Prepare to drop `EmailLog#topic_id`. 2018-07-18 10:22:24 +08:00
Guo Xiang Tan 1d74ccaaf8 Add compatibility for ImageMagick7. 2018-07-17 15:50:58 +08:00
Arpit Jalan a7ec949e02 make RuboCop happy 2018-07-17 13:15:44 +05:30
Arpit Jalan 7c7509e1bd FEATURE: update TwitterApi for prettifying like/retweet count 2018-07-17 12:59:40 +05:30
Neil Lalonde 7b3ef4d13f FIX: use email color settings consistently in notification emails 2018-07-16 12:30:42 -04:00
Rishabh a6c589d882 FEATURE: Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups (#6045)
- Add custom S3 Endpoints and DigitalOcean Spaces support
- Add Minio support using 'force_path_style' option and fix uploads to custom endpoint
2018-07-16 14:44:55 +10:00
Jay Pfaffman 0ed2834c2d FEATURE: Add users:disable_2factor rake task
https://meta.discourse.org/t/admin-locked-out-of-2fa/92156/2?u=pfaffman
2018-07-16 09:56:55 +08:00
Arpit Jalan b1082924b9 FIX: do not validate topic deletions 2018-07-13 22:53:36 +05:30
Guo Xiang Tan 711371e8c8 FIX: Select+below will ask server for post ids on megatopics. 2018-07-13 15:10:39 +08:00
Guo Xiang Tan c722b07057 FIX: `/t/:topic_id/last` route did not return any posts. 2018-07-13 14:26:10 +08:00
Kyle Zhao 2901691e87 FEATURE: per-category approval settings (#5778)
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
David Taylor 81f9500f5c
FIX: Change megatopic threshold to 10,000 posts 2018-07-12 22:00:53 +01:00
Guo Xiang Tan 258e9e35ca PERF: Make mega topics work without a stream.
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld.
2018-07-12 12:46:12 +08:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Arpit Jalan 536cef86f4 PERF: do not carry post ids in memory when rebaking all posts 2018-07-11 14:34:33 +05:30
Maja Komel 0942e2c795 allow adding tags as a custom subject format for emails (#5846)
allow adding tags as a custom subject format for emails
2018-07-11 12:24:07 +10:00
Neil Lalonde f69b7deb80 FIX: wizard emoji images on subfolder installs 2018-07-10 11:02:22 -04:00
Guo Xiang Tan b4e1388f9b PERF: Drop support for gaps in mega topics.
Based on our current implementation, there isn't a
practical way to determine the gaps of large topics
cheaply. We tried to load the gaps in chunks but felt
that the code becomes too complicated. Note that
megatopics are quite rare in the wild.
2018-07-10 16:27:02 +08:00
Guo Xiang Tan 21f333654c REFACTOR: Reduce dependency on the post stream in `TopicView`.
This will allow us to drop the post stream from the payload for
mega-topics. On smaller topics, the extra query is fast because
of an existing index.
2018-07-10 15:53:00 +08:00
Guo Xiang Tan 4163f9e61e DEV: Better clean up for PostgreSQL failover test. 2018-07-10 09:53:25 +08:00
Guo Xiang Tan 96aca6d7e6
Remove legacy vote post action code. (#6009) 2018-07-09 16:54:18 +08:00
Guo Xiang Tan 72a3457379 Bump `discourse_image_optim` which uses a global timeout.
Our previous solution has the timeout set at the worker level
which means the total timeout would be X timeout secs * N number of
workers.
2018-07-09 10:30:18 +08:00
Andrew Schleifer dba22bbde2 rollback changes
This reverts:
* 1baba84c438e "fix s3 subfolders harder"
* ea5e57938edf "fix test for absolute_base_url change"
2018-07-06 17:16:40 -05:00
Andrew Schleifer 52e9f49ec1 fix s3 subfolders harder
specifically, include the folder in absolute_base_url
2018-07-06 16:28:40 -05:00
Guo Xiang Tan 59a2767de8 Ensure that we restore the site setting in posts:rebake rake task. 2018-07-06 16:22:54 +08:00
Neil Lalonde eabc8f7fbd
Merge pull request #6023 from misaka4e21/only-staff-can-create-tag
FEATURE: Support disabling tag creation for non-staff users.
2018-07-05 11:12:44 -04:00
Neil Lalonde 92000bc8a0 FEATURE: add a rake task to recalculate user stats post_count and topic_count 2018-07-05 10:38:46 -04:00
Patrick Gansterer 28dd7fb562 FEATURE: Create hidden posts for received spam emails (#6010)
* Add possibility to add hidden posts with PostCreator

* FEATURE: Create hidden posts for received spam emails

Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
Sam 7b26f5086b PERF: we have no use for topic percent rank
Prepare to remove this column
2018-07-05 15:10:19 +10:00
Régis Hanol 272646c1df FIX: only show the sequential replies warning for regular posts 2018-07-04 22:51:19 +02:00
Régis Hanol 8a53941fe0 FIX: less aggressive gmail eliding 2018-07-04 20:04:46 +02:00
Régis Hanol 448e2fe1a2 FIX: properly delete files in the download cache 2018-07-04 18:18:39 +02:00
Neil Lalonde f134701c7b FIX: user topic and post counts can become negative when staff deletes posts in personal messages 2018-07-04 09:31:16 -04:00
Arpit Jalan 7590128d38 fix typo 2018-07-04 12:01:15 +05:30