Guo Xiang Tan
d10fe51b72
Fix broken specs since all urls will be oneboxed.
2017-01-06 10:05:51 +08:00
Guo Xiang Tan
a89f60b85b
Merge pull request #4631 from tgxworld/prevent_users_from_changing_permissions_of_non_real_users
...
FIX: Do not allow admins to meddle with admin and moderation access o…
2017-01-04 09:10:27 +08:00
Robin Ward
cf7774bdd9
FEATURE: Block muted users from sending you PMs
2017-01-03 14:51:53 -05:00
Jeff Atwood
15a0f3cb14
add vertical align to email blockquote avatar img
2017-01-02 13:49:00 -08:00
Arpit Jalan
495a511862
simplify quote markup in emails
2017-01-02 21:37:01 +05:30
Neil Lalonde
477b237e45
FIX: use 'other' instead of 'many' for Ukrainian pluralization until translations are fixed
2016-12-30 11:49:25 -05:00
Guo Xiang Tan
f1beef43a8
Merge pull request #4618 from tgxworld/fix_invalid_emails
...
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Guo Xiang Tan
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
Neil Lalonde
dd4937a493
Version bump to v1.7.0.beta11
2016-12-28 18:14:06 -05:00
Sam
d28d8a1f85
FIX: order by op_likes leads to broken browsing
2016-12-27 19:08:54 +11:00
Sam
2f6a4cc6de
remove UserActionObserver, replace with after_save and service
...
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
Guo Xiang Tan
5d7f3223f0
SECURITY: Users can only bookmark posts which they can see.
2016-12-21 12:01:26 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Régis Hanol
b12b2b1911
change onebox preview key for me consistency
2016-12-20 11:18:47 +01:00
Sam
ea9f7a41af
remove gctools (no longer used) add gctracer for debugging
2016-12-20 15:07:30 +11:00
Régis Hanol
52cd9972bb
FIX: prevent DDoS with lots of _oneboxable_ links
...
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Sam
2b808ad9da
Merge pull request #4609 from joebuhlig/category-topics-wiki
...
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde
a65281d5ea
FIX: better support for featured link topics in summary emails
2016-12-19 17:05:49 -05:00
Neil Lalonde
3256620d5d
FIX: some blank topics and posts in summary email because they're images
2016-12-19 16:21:31 -05:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Robin Ward
e03d5e2140
Reapply Ember 2.10 for good this time!
...
This reverts commit ddd299f4aa
.
2016-12-19 11:19:10 -05:00
Joe Buhlig
87251fded7
FEATURE: Category setting to make all topics wikis
...
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Régis Hanol
c7289f423f
fix letter_avatar spec
2016-12-19 10:00:28 +01:00
Sam
e0ff57ca75
SECURITY: prevent reuse of password reset
2016-12-19 18:00:22 +11:00
Robin Ward
ddd299f4aa
Revert "Revert "Revert Ember 2.10+ for a short while""
...
This reverts commit 76bbc481cb
.
2016-12-16 10:29:30 -05:00
Robin Ward
76bbc481cb
Revert "Revert Ember 2.10+ for a short while"
...
This reverts commit 21682fd60b
.
2016-12-16 09:52:29 -05:00
Sam
6ff309aa80
SECURITY: don't grant same privileges to user_api and api access
...
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
Régis Hanol
197517d55e
FIX: locally uploaded audio & video files should onebox even when the extension is uppercase
2016-12-15 23:21:44 +01:00
Robin Ward
21682fd60b
Revert Ember 2.10+ for a short while
2016-12-15 16:43:38 -05:00
Neil Lalonde
f01f95d62d
FEATURE: new settings to customize some colors in emails
2016-12-15 14:43:53 -05:00
Neil Lalonde
e6361d1228
Version bump to v1.7.0.beta10
2016-12-14 14:57:51 -05:00
Guo Xiang Tan
c80466a801
Merge pull request #4589 from tgxworld/rescue_error
...
FIX: Don't raise error when admin access is invalid.
2016-12-14 17:43:44 +08:00
Guo Xiang Tan
9a800107cb
FIX: Associate category logo and background to uploads record.
2016-12-12 17:37:28 +08:00
Guo Xiang Tan
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
Neil Lalonde
17bc42fe85
FIX: box style category badges in emails, and shrink text and some spacing in summary email
2016-12-09 16:59:54 -05:00
Neil Lalonde
fb2633366a
FIX: featured link topics shouldn't require the same min post length
2016-12-09 15:46:26 -05:00
Neil Lalonde
a4c4f13901
Remove the topic_featured_link_onebox setting. We will always try to onebox a link and add it to the body if topic_featured_link_enabled is enabled.
2016-12-09 13:28:12 -05:00
Sam
846597f563
FIX: staff tags are stripped by non-staff
2016-12-09 17:24:26 +11:00
Sam
02b21a26dd
Merge pull request #4585 from ibnesayeed/urdu-support
...
Add initial Urdu support with RTL direction
2016-12-09 13:01:25 +11:00
Neil Lalonde
ee54e37a1f
Version bump to v1.7.0.beta9
2016-12-07 17:50:43 -05:00
Régis Hanol
f4688f74db
FIX: emoticons stop summary from being updated
2016-12-07 23:05:14 +01:00
Sawood Alam
3f765e0227
Added Urdu locale file for moment.js
2016-12-06 13:55:38 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Régis Hanol
951ef0d949
UX: fix onebox styling in emails
2016-12-05 12:00:04 +01:00
Guo Xiang Tan
4b75ad5110
FIX: Don't raise error when admin access is invalid.
2016-12-05 17:36:45 +08:00
Guo Xiang Tan
22059d4df9
Add Rake task to clean up unused multisite Redis keys.
2016-12-05 11:46:34 +08:00
Guo Xiang Tan
ce36f54dcd
Add rake task to clean up orphane Redis keys when a multisite has been removed.
2016-12-05 11:39:08 +08:00
Sam
39a524aac8
FEATURE: brotli cdn bypass for assets
...
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam
33d0a23d84
Merge branch 'fix_whisper'
2016-12-05 10:01:03 +11:00
Guo Xiang Tan
3971f96aa6
Merge pull request #4536 from fantasticfears/webhooks-edit
...
FIX: missing post and topic edited webhooks
2016-12-02 10:16:19 +01:00
Sam
9b885c039a
Merge branch 'master' into fix_whisper
2016-12-02 17:44:05 +11:00
Sam
c04d4171ff
FIX: whisper no longer experimental
...
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
Régis Hanol
eb453d0f82
the note in a FWed email should be a whisper only in PM and when the author is member of the group
2016-12-01 18:43:56 +01:00
Régis Hanol
62763f025c
FIX: wasn't able to parse FROM email in the embedded email
2016-12-01 18:34:47 +01:00
Erick Guan
8c8549b27b
FIX: missing post and topic edited webhooks
2016-11-30 20:49:45 +01:00
Neil Lalonde
4f8c6b2d83
FIX: error reporting from SystemMessage.create
2016-11-30 13:16:30 -05:00
Guo Xiang Tan
1e7de826dc
FIX: Remove unused code.
2016-11-30 16:39:38 +08:00
Guo Xiang Tan
f794c25f60
FIX: Ensure a Thread is always running.
2016-11-30 16:38:21 +08:00
Guo Xiang Tan
b8441fba27
Merge pull request #4546 from tgxworld/fix_postgresql_failover
...
Fix postgresql failover
2016-11-30 09:36:52 +01:00
Guo Xiang Tan
5200446eb7
Increase Qunit tests timeout on Travis.
2016-11-30 16:35:44 +08:00
Sam
0631a84ca0
Merge pull request #4576 from cpradio/min-posts-search
...
FEATURE: Add min_post_count search filter
2016-11-29 10:19:33 +11:00
Neil Lalonde
1b393a4013
Version bump to v1.7.0.beta8
2016-11-28 16:07:08 -05:00
cpradio
66ca6d622e
FEATURE: Add min_post_count search filter
2016-11-28 11:43:12 -05:00
Régis Hanol
a03287f2ee
FIX: 'In-Reply-To' header should default to topic_message_id
2016-11-28 14:18:02 +01:00
Arpit Jalan
988aca6d92
FIX: bump opengraph user avatar image to 200px
2016-11-26 23:00:18 +05:30
Régis Hanol
74b6fe8739
FIX: respect RFCs when setting 'In-Reply-To' and 'References' email headers
2016-11-25 23:25:39 +01:00
Sam
bc6ee85850
FIX: stop caching locale cause it bleeds in multisite
2016-11-25 11:35:29 +11:00
Neil Lalonde
36a80871a3
FIX: category_importer was importing public categories so that no one had permission to them, not even staff
2016-11-24 17:12:30 -05:00
Guo Xiang Tan
dd4cab3be2
FIX: Set master to true before forcing slave connections to reconnect.
2016-11-23 14:04:43 +08:00
Guo Xiang Tan
02025207d5
FIX: Make sure Redis fallback don't fall into a permanent readonly state.
2016-11-23 11:31:20 +08:00
Guo Xiang Tan
3909f342f6
FEATURE: Allow options to be set when adding model callbacks.
2016-11-21 10:20:31 +08:00
Arpit Jalan
2d0c99636a
do not add rel noreferrer
2016-11-20 18:19:14 +05:30
Arpit Jalan
7cb76f7333
FIX: add rel noopener and noreferrer in addition to nofollow
2016-11-20 17:07:27 +05:30
Régis Hanol
a0f1090d79
FIX: custom emojis leaking over multisites
2016-11-17 19:35:39 +01:00
Régis Hanol
2125a630d9
FIX: encoding issues with forwarded emails
2016-11-17 12:44:39 +01:00
Guo Xiang Tan
e8a3043129
Spawn a single thread that checks for PostgreSQL fallback.
2016-11-17 13:52:08 +08:00
Régis Hanol
a69f45d0da
FEATURE: new 'always_show_trimmed_content' site setting
2016-11-16 22:06:07 +01:00
Régis Hanol
17f2be9f88
FEATURE: new 'enable_forwarded_email' site setting
2016-11-16 19:42:11 +01:00
Robin Ward
67e2041691
Prevent topic_retriever from retrieving more than once a minute
2016-11-16 12:04:16 -05:00
Robin Ward
0f9e45f283
Allow the loader to understand when files are moved
2016-11-15 11:41:16 -05:00
Guo Xiang Tan
a76d834fd5
Fix invalid command.
2016-11-15 15:24:19 +08:00
Guo Xiang Tan
7e8a975e20
Reduce number of tries when tests time out.
2016-11-15 15:23:53 +08:00
Sam
f4c754b389
FEATURE: split JavaScript application bundle, so plugins live in own file
...
This adds plugin.js and plugin_third_party.js files
2016-11-15 11:43:13 +11:00
Sam
3d76ce1421
FEATURE: SSO support for adding and removing a user to groups
...
Use: add_groups with a comma delimited list to ensure a user is in groups (using group names)
Use: remove_groups with a comma delimited list to ensure a user is removed from groups (using group names)
2016-11-11 16:57:31 +11:00
Arpit Jalan
96f5079006
improve default_categories_watching_first_post copy
2016-11-10 00:15:14 +05:30
Arpit Jalan
9e69798285
FEATURE: watch first post default site setting
2016-11-10 00:09:52 +05:30
Guo Xiang Tan
7a1400cc4b
Remove undefined variable.
2016-11-09 21:06:21 +08:00
Guo Xiang Tan
857986e2c0
FIX: Don't change return value to blank string.
2016-11-09 11:13:56 +08:00
Neil Lalonde
86522a52b7
FEATURE: add censored_pattern setting to censor posts using regex
2016-11-08 16:39:26 -05:00
Régis Hanol
78cd42943f
FEATURE: add 'emoji-custom' class to custom emojis
2016-11-08 16:36:09 +01:00
Sam
a1a7094604
Merge pull request #4539 from tgxworld/use_a_time_task_for_redis_failover
...
PERF: Spawn a seperate timer task to check if Redis master is up.
2016-11-08 11:18:54 +11:00
Régis Hanol
9ef724a065
FIX: self-onebox in read protected categories
2016-11-07 18:14:28 +01:00
Guo Xiang Tan
fbbcde1230
FIX: Don't treat master as up if it is still loading data.
2016-11-07 15:28:10 +08:00
Guo Xiang Tan
9375dcb6fe
PERF: Spawn a seperate timer task to check if Redis master is up.
2016-11-07 15:04:28 +08:00
Sam
2ddabc3928
FIX: protect against future regressions of google omniauth
2016-11-07 12:48:00 +11:00
Kiffin Gish
3aa22715af
A new guard for changing post timestamps called can_change_post_timestamps?
2016-11-06 20:14:09 +01:00
Guo Xiang Tan
9fd317306c
FIX: Do not show educational message for PMs.
2016-11-04 17:06:53 +08:00
Régis Hanol
a655e4b092
ensure we allow self oneboxing of login required sites
2016-11-03 22:48:32 +01:00
Régis Hanol
17169b3037
FIX: issues with 'X-MSYS-API' custom header
2016-11-03 02:26:12 +01:00
Neil Lalonde
61069bf378
Version bump to v1.7.0.beta7
2016-11-02 13:47:48 -04:00
Sam
c995fd65be
fix oops
2016-11-02 17:00:24 +11:00
Sam
7e43e73df6
FIX: properly reset all contexts after forking
...
Fixes hang on backup
2016-11-02 13:34:20 +11:00
Neil Lalonde
9ef1688a76
FEATURE: per-category default topic list sort order
2016-11-01 12:18:41 -04:00
Guo Xiang Tan
637c474f4e
PERF: Don't build wizard until we actually load the wizard.
2016-11-01 16:38:20 +08:00
Arpit Jalan
382803cb05
FEATURE: include post image in OpenGraph image tag
2016-10-31 15:11:33 +05:30
Régis Hanol
f8caae0be7
FIX: don't overwrite custom email headers when using mandrill/sparkpost
2016-10-30 11:38:55 +01:00
Régis Hanol
71f940d478
FIX: use metadata to hold the message_id with sparkpost
2016-10-27 19:35:50 +02:00
Sam
497ff76a67
make sure 1 is a string
2016-10-27 18:08:01 +11:00
Sam
3e7190866a
make code a bit safer
2016-10-27 16:50:56 +11:00
Sam
8a477f1857
FEATURE: added X-Discourse-TrackView header
...
This header is set to 1 if the particular request is a tracked page view
2016-10-27 16:48:27 +11:00
Sam
9848e26190
FIX: force secure cookies on session if force https is enabled
2016-10-27 15:15:58 +11:00
Robin Ward
b601120b39
Support for Raw Handlebars and helpers in Ember 1.13
2016-10-26 10:27:57 -04:00
Guo Xiang Tan
49c27d9a88
FEATURE: Add interface in `Plugin::Instance` to register a seedfu fixture.
2016-10-25 14:57:31 +08:00
Régis Hanol
08d53b32ca
let's try loading onebox engines this way
2016-10-25 01:25:44 +02:00
Régis Hanol
70b79328ab
FIX: overwrite onebox's whitelist
2016-10-25 00:21:02 +02:00
Régis Hanol
923db2e559
FIX: download avatar from facebook/twitter in a job in order to prevent hangs when avatars are huge
2016-10-24 17:15:13 +02:00
Régis Hanol
3841cd9a7f
FEATURE: onebox everything by default
...
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
Régis Hanol
2a61cc8c88
FIX: email styling with blacklisted iframes
2016-10-21 12:37:03 +02:00
Régis Hanol
35a79a70c3
FIX: uploading custom avatar was always hidden
2016-10-20 19:53:41 +02:00
Neil Lalonde
b85056f4cd
Version bump to v1.7.0.beta6
2016-10-20 10:49:55 -04:00
Robin Ward
c03d25f170
FEATURE: Configure Admin Account
...
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.
Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Sam
674264726d
FIX: should not be allowed to see users list of people who started a PM
2016-10-19 17:36:35 +11:00
Guo Xiang Tan
7db33cc512
FIX: Videos and audio files were not associated to the post.
2016-10-18 16:13:39 +08:00
Neil Lalonde
3b9a1410f8
report errors from the populate.thor tool
2016-10-17 14:01:37 -04:00
Régis Hanol
93dfc87b99
FIX: always set the 'content_type' when storing a file on S3
2016-10-17 19:16:29 +02:00
Régis Hanol
0862ad406d
FIX: pull twitter's avatar & profile when signing up
2016-10-17 15:43:40 +02:00
Régis Hanol
3949c24f80
FIX: sparkpost webhooks support
2016-10-17 11:26:49 +02:00
Sam
b246f1a694
FEATURE: set secure flag on _t cookie if https is forced
2016-10-17 12:11:49 +11:00
Neil Lalonde
2dfc0ddf81
loosen restrictions on chars in tags
2016-10-14 15:29:47 -04:00
Régis Hanol
bd1328c189
FIX: show the wizard to developers too
2016-10-14 11:09:55 +02:00
Sam
f4f5524190
FEATURE: user API now contains scopes so permission is granular
...
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Régis Hanol
9dd1f7b5b6
pull avatar, bio & location from Twitter
2016-10-13 10:49:51 +02:00
Neil Lalonde
0328141e05
FIX: prevent creation of tags with invalid characters
2016-10-12 15:44:36 -04:00
Rafael dos Santos Silva
41d2620d06
Add some styling to print redux version
2016-10-12 14:00:05 -03:00
Sam
89daa43754
FEATURE: remap emojis back for push notifications and desktop alerts
2016-10-11 13:03:48 +11:00
Sam
6031e692f0
Merge pull request #4366 from xfalcox/print
...
Print Support
2016-10-11 11:47:20 +11:00
Sam
aaec05e36a
FIX: stop asking for bio from facebook, it is deprecated
2016-10-11 10:56:07 +11:00
Sam
0f0b657182
Merge pull request #4447 from pmusaraj/approve_new_topics_setting
...
FEATURE: add "Approve new topics unless user level" setting
2016-10-11 10:14:28 +11:00
Sam
ea1f0683c8
Merge pull request #4477 from cpradio/watching-state-on-reply
...
FEATURE: Add notification level user preference when replying to a topic
2016-10-11 10:05:37 +11:00
Régis Hanol
8f68a95e56
FIX: trim leading & trailing whitespaces in admin user search
2016-10-10 16:18:57 +02:00
Sam
3e513f5c05
Merge pull request #4459 from vibol/master
...
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Sam Saffron
647ee46edf
FIX: don't stem the search term
...
Search for "canned" not working correctly and "butted", "ands" and many more :)
2016-10-07 12:40:57 +11:00
Arpit Jalan
20c9c60dea
FEATURE: support multisite configuration for search:reindex task
2016-10-01 08:54:15 +02:00
cpradio
6f1c31d777
Add notification level user preference when replying to a topic
2016-09-30 14:58:07 -04:00
Sam Saffron
4d8d5613e4
FEATURE: add min_trust_level_to_edit_post
...
add minimum trust level to edit post (default 0)
2016-10-01 02:12:27 +10:00
Guo Xiang Tan
ccd75cf987
FIX: Ensure that the right locale exists before merging.
2016-09-30 15:01:42 +08:00
Vibol Hou
c3d60d5d1d
Merge remote-tracking branch 'upstream/master'
2016-09-29 02:12:05 -07:00
Guo Xiang Tan
72ccb4e11d
FIX: Plugin "admin_js" translations bundle was not fetched.
2016-09-29 04:42:26 +08:00