f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
226ace1643
Update annotations.
2018-02-20 14:28:58 +08:00
f07b1a5c05
FIX: activate user even if email token is already confirmed
2018-02-14 20:44:48 +05:30
f85055d653
FIX: Remove activation link from account approved email ( #5548 )
2018-02-01 14:59:37 +01:00
b784c1eda4
FIX: Remove all notifications of staged user during sign-up
2018-01-25 14:58:43 +01:00
d9515c37b3
FIX: Show message from discobot when staged user signs up
2018-01-25 14:58:43 +01:00
dde0fcc658
FEATURE: Allow sending invites to staged users
2018-01-22 15:37:18 +01:00
6a2bce1931
FIX: Data loss on update of single user_field.
...
https://meta.discourse.org/t/api-data-loss-caused-by-changed-behaviour-of-custom-user-field-update/74990
2017-12-20 16:33:23 +08:00
af3c153687
make robocop 🤖 happy
2017-12-12 11:33:35 +01:00
62a5b174e1
FIX: wasn't able to use the same username when taking over a staged account
2017-12-12 11:26:00 +01:00
4ae1bbaeba
FIX: Only show the full suspension reason on the admin side
2017-12-07 13:27:02 -05:00
daeb7694bc
update annotations
2017-12-05 21:03:20 +05:30
7f2eeaf767
FIX: Password required flag should be cleared whenever clearing the raw password ( #5384 )
2017-12-01 15:19:24 +11:00
1ee48966ca
REVERT: FIX: Password required flag should be cleared whenever clearing the raw password
2017-11-30 16:17:14 +05:30
1776649b4d
FIX: Password required flag should be cleared whenever clearing the raw password
2017-11-30 13:40:18 +05:30
23ee3047bf
FIX: Future date input selector was not respecting timezone
2017-11-28 13:44:24 -05:00
77f90876d3
REFACTOR: Track manual locked user levels separately from groups
2017-11-27 11:23:44 -05:00
b37e40eea9
FEATURE: show read time in last 60 days
2017-11-16 15:46:51 -05:00
9ed16343fc
Remove email column from schema information
2017-11-15 15:45:19 +05:30
971e302ff2
FEATURE: Support an end date for user silencing
2017-11-14 13:20:19 -05:00
1f14350220
Rename "Blocked" to "Silenced"
2017-11-10 14:10:27 -05:00
b3237d37f0
Drop unused email column from users table.
2017-11-07 10:12:33 +08:00
defea6245c
REFACTOR: Always validate email by default.
2017-10-25 13:48:34 +08:00
19f3b81161
Revert "FIX: always trigger the ':user_updated' event"
...
This reverts commit 519b70ea46https://meta.discourse.org/t/creating-a-topic-or-a-post-sends-the-user-updated-webhook/71643
2017-10-23 11:44:22 +08:00
838568cbc3
Refactor flag types for more customization
2017-10-19 13:55:23 -04:00
f73a3cc0d4
Don't include suspended_at or suspended_till unless suspended
2017-10-13 12:17:54 -04:00
d67f0b39ae
Update annotations.
2017-10-06 11:13:01 +08:00
e542884b00
FIX: Incorrect notification state being published.
2017-09-25 13:48:59 +08:00
23b787e0a6
Require dependency otherwise it causes Sidekiq to lock up in development.
2017-09-25 13:48:59 +08:00
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
26c6447161
Fix bugs in profiling scripts leading to incorrect results.
2017-09-13 15:33:59 +08:00
104d97695d
FIX: don't activate un-confirmed email on omniauth authentication ( #5176 )
2017-09-12 17:36:17 +02:00
d7d9923b8e
FIX: display email validation error messages
2017-09-11 13:22:14 -04:00
672b7cb9a5
Require missing dependency.
2017-09-05 09:39:56 +08:00
7786c6c6f2
Remove duplicated scope.
2017-09-05 09:15:06 +08:00
c705159d22
Remove email column from user table
2017-08-29 11:50:56 -04:00
398604ac71
FEATURE: set purge_unactivated_users_grace_period_days to 0 to disable purging unactivated users
2017-08-25 15:20:06 -04:00
1146772deb
Fix: unlinked topic search model ( #5044 )
2017-08-15 11:46:57 -04:00
0bc690ed11
FIX: Staged users are still missing primary email.
2017-08-09 12:03:49 +09:00
519b70ea46
FIX: always trigger the ':user_updated' event
...
We don't always use the UserUpdated class to update a user's record
2017-08-04 18:12:10 +02:00
24e0e000b9
FIX: Always validate presence of user's primary_email.
2017-07-31 11:47:29 +09:00
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
d67fe4c674
FIX: block all emails associated to a user when destroying their record
2017-07-25 17:44:46 +02:00
d0b027d88d
FEATURE: phase 1 of supporting multiple email addresses
2017-07-20 11:22:27 +09:00
69b2d64334
FIX: letter avatars in quotes on subfolders installs are broken
2017-06-23 17:12:13 -04:00
d6c63cc5b2
FIX: user's default group should only be set once
...
Setting a user's default groups based on their email address should only be done once, ie. when they confirm their email address.
Previously we were doing this everytime we'd save a user record 🤷
2017-06-14 19:20:18 +02:00
038454bde2
FIX: always confirm emails when SSO says so
2017-06-08 01:05:33 +02:00
2ee144c27f
FEATURE: Add DiscourseEvent trigger when a user logs in.
...
* Also adds a event trigger when user logs in for the first time.
2017-06-01 17:44:49 +09:00
0954367bf4
FIX: send activation email when accepting invite if password is set
2017-04-15 14:59:50 +05:30
04016f0dec
Support Ruby 2.4.
2017-04-15 12:29:00 +08:00
3d76fb9c2c
FIX: Don't show category options for reports that can't be scoped to a category.
2017-04-13 17:10:55 +08:00
72c16967e6
FIX: Check for reserved usernames before hitting DB.
2017-04-13 11:32:20 +08:00
57788200ec
REFACTOR: Add `User.reserved_username?`.
2017-04-13 10:44:26 +08:00
0d67b507dc
Merge pull request #4788 from davidtaylorhq/user_seen_event
...
Add a user_seen DiscourseEvent for plugins to hook into
2017-04-06 12:32:16 +08:00
5943543ec3
FIX: Improve checks for non-human users.
2017-04-06 11:29:34 +08:00
03373a0e84
Add a user_seen DiscourseEvent for plugins to hook into
2017-03-31 23:30:59 +01:00
4812417192
FIX: do not add user to group based on email domain unless email is confirmed
2017-03-28 15:02:40 +05:30
e8fc8f0bb6
Update annotations.
2017-03-22 14:26:53 +08:00
9f299b6842
Use `after_commit` since `after_save` runs within the transaction as well.
2017-03-16 16:02:34 +08:00
299b92b4d7
Fix broken user created event trigger.
2017-03-16 15:36:27 +08:00
5169ef8814
Fix broken specs.
2017-03-16 15:05:28 +08:00
bf78c228f4
FIX: User created web hook being enqueued before record has been saved.
...
* Improve web hook tests as well.
2017-03-16 14:44:09 +08:00
4d4a1a1552
Add scope for human users.
2017-03-11 14:25:09 +08:00
08ffbf6c61
Use `Time.zone.now` instead.
2017-03-05 11:10:40 +08:00
30909ec54e
Add support for username regex.
2017-03-02 13:53:45 +02:00
cb99f59ec3
reset bounce score when email is successfully changed
2017-02-20 10:37:01 +01:00
3fb50d587d
FIX: invited users and new TL1 users will see their first notification highlighted
2017-02-17 10:30:29 -05:00
0e58e393a1
FIX: === and a better constant, thanks @ZogStriP
2017-02-13 13:14:19 -05:00
e1d358ffbf
FIX: Don't clear the login hint when the system user is saved
2017-02-13 10:54:20 -05:00
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
84af84dc52
prevent inactive & staged users from being automatically added to a group
2017-02-06 17:49:27 +01:00
ec73224b5e
PERF: Remove N+1 query when saving a user.
2017-02-03 15:03:33 +08:00
c01cee4aa6
PERF: N+1 query when saving a user.
2017-01-27 10:53:42 +08:00
86c52c72f6
FIX: Deleting a user was not deleting their directory items
2017-01-16 11:46:52 -05:00
63954c1b33
FIX: Same user record being saved twice causing validation to fail.
2017-01-16 16:41:03 +08:00
ed5fa20b0c
Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
...
This reverts commit 9c40657ba4
2017-01-16 09:44:10 +08:00
980cea7081
FIX: Add length validation for `User#name`.
2017-01-03 13:42:33 +08:00
f1beef43a8
Merge pull request #4618 from tgxworld/fix_invalid_emails
...
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
9c40657ba4
FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level
2016-12-28 17:36:04 -05:00
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
239d06b218
add Likes Recieved to possible stats in summary email
2016-12-12 14:20:25 -05:00
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
f812415c52
Update annotations.
2016-11-24 10:13:03 +08:00
8c6d8c85db
Stop showing first notification prompt once user sees the notification.
2016-11-17 09:44:00 +08:00
98c1e0832c
FIX: Track first notification read using Redis.
2016-11-16 16:20:38 +08:00
16fdcdfc00
FIX: Add conditions on when to show first pm notification.
2016-11-16 14:17:47 +08:00
784366f1a0
FIX: display only 1 trust level badge on user card
...
refactoring graciously provided by @xfalcox
2016-11-14 20:53:24 +00:00
9e69798285
FEATURE: watch first post default site setting
2016-11-10 00:09:52 +05:30
b18439a1e2
Fix build.
2016-11-08 17:00:44 +08:00
a8b7599d4a
FEATURE: Add a radial ping when user's first notification has not been read.
2016-11-08 16:23:12 +08:00
c463cf63d4
FEATURE: Webhook for user creation and approval
2016-09-19 10:12:55 +08:00
25a82e7d22
PERF: only publish notification state if we changed it
...
also publish seen_notification_id so we can tell what is new and what is old
cleanup controller so it correctly checks user
fix bug around clearing notification when people click mark read
2016-09-16 12:02:19 +10:00
9609a47016
Ability to skip email validation via a plugin
2016-09-07 14:05:46 -04:00
90a0327fd2
FIX: Check against reserved usernames should be case insensitive.
2016-08-31 21:53:41 +08:00
416e7e0d1e
FEATURE: basic UI to view user api keys
2016-08-16 17:06:52 +10:00
f8144f07fd
purge 2x the unactivated old users
2016-07-27 03:29:00 -07:00
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
a9207dafa7
FEATURE: configure session time via site setting for all the users ( #4343 )
2016-07-23 02:57:30 +05:30
64bdededd3
Allow plugins that implement OAuth and OAuth2 to show up under associated accounts in the Admin area. ( #4333 )
2016-07-18 09:02:41 +02:00
e4a82cdd85
Merge pull request #4306 from tgxworld/add_discourse_event_trigger_when_user_logs_out
...
FEATURE: Add event trigger when a user is logged out.
2016-07-05 19:50:46 +08:00
59680af329
disable email white/blacklisting for staged users
2016-07-04 16:05:01 +02:00
22ade1f811
FEATURE: Add event trigger when a user is logged out.
2016-07-04 17:20:30 +08:00
487c20959c
FEATURE: max topics/replies per day for new users now starts counting from the first post, not signup date
2016-06-20 16:55:11 -04:00
470da6205c
FIX: staged users should not watch/track/mute categories by default
2016-06-14 16:45:47 +02:00
cb5be1fe8f
Upgrade rspec to 3.4.0.
2016-05-30 11:38:38 +08:00
089b1d164c
annotate models
...
(reminder run RAILS_ENV=test bin/annotate once in a while)
2016-05-30 10:45:32 +10:00
f13470b96b
Use db schema for tags instead of plugin store and custom fields
2016-05-26 14:29:48 -04:00
feffe23cc5
FEATURE: More granular mailing list mode ( #4068 )
...
* Rearrange frontend to account for mailing list mode
* Allow update of user preference for mailing list frequency
* Add mailing list frequency estimate
* Simplify frequency estimate; disable activity summary for mailing list mode
* Remove combined updates
* Add specs for enqueue mailing list mode job
* Write mailing list method for mailer
* Fix linting error
* Account for stale topics
* Add translations for default mailing list setting
* One query for mailing list topics
* Fix failing spec
* WIP
* Flesh out html template
* First pass at text-based mailing list summary
* Add user avatar
* Properly format posts for mailing list
* Move make_all_links_absolute into Email::Styles
* Apply first_seen_at to user
* Send mailing list email summary hourly based on first_seen_at
* Branch and test cleanup
* Use existing mailing list mode estimate
* Fix failing specs
2016-05-21 15:17:54 +02:00
74b3807f60
FEATURE: new bootstrap mode settings for brand new Discourse community ( #4193 )
...
* FEATURE: new bootstrap mode settings for brand new Discourse community
* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
2194ccec6e
slightly better automatic flag reason messages
2016-04-25 23:03:17 +02:00
7d9f2265b9
FIX: improve support for handling emails coming from screened email addresses
2016-04-18 23:01:54 +02:00
de9136a8f2
FIX: bypass TL0-specific validations on posts in a PM
2016-04-18 22:08:42 +02:00
868e70e817
FIX: ensure we only ever enqueue 1 UpdateGravatar job
2016-04-18 12:44:09 +02:00
8fcd359e2a
Revert "FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues"
...
This reverts commit b7c16991f7
2016-04-13 18:30:25 +02:00
b7c16991f7
FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues
...
FIX: Don't queue more than 1 'update_gravatar' job per user
2016-04-13 18:12:28 +02:00
609969bf6f
Remove `has_many :views` from User ( #4150 )
2016-04-08 00:37:10 +02:00
a130cb8305
FEATURE: move more urgent emails notifications to critical queue
...
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
0bf001ccd7
FIX: badge grant count wasn't filtered to the current user in the user summary
2016-03-30 23:11:00 +02:00
54f8bdd13b
FIX: only validate username when changing it
2016-03-29 11:53:21 -04:00
1006b1ba94
Various Plugin Enhancements and Extension Points
2016-03-11 15:53:37 -05:00
5771d2aee2
SECURITY: Support for confirm old as well as new email accounts
2016-03-08 14:52:22 -05:00
32c681c96b
annotate models
2016-02-23 10:33:53 +11:00
f0e942f647
PERF: move 3 more option columns out of the user table
2016-02-18 16:57:22 +11:00
3829c78526
PERF: shift most user options out of the user table
...
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded
New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
dd6ebde824
FIX: Always ensure notifications are treated as read once clicked
...
UX: improve messaging so notifications list is far more stable
PERF: improve performance of notifcation lookup queries
- Add feature "SetTransientHeader" that allows shipping info to server
in the next Ajax request
- remove local storage hack used for notifications
- amend lookupStale to return hydrated objects, move logic into store
- stop magically clearing various notifications (likes, invitee accepted, group_summary, granted badge)
2016-02-15 19:29:47 +11:00
eec8436cfe
FEATURE: filter admin reports via user group
2016-02-04 11:23:49 +05:30
a764cc3a42
FEATURE: by default users track a group (as opposed to watch)
...
FEATURE: a rollup counting number of messages in the group inbox to tracking users
2016-01-27 21:38:33 +11:00
7303f8f309
FEATURE: first pass at user summary page
2016-01-20 15:14:25 +11:00
3083657358
FEATURE: better email in support
...
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
c2e45c8377
Update annotate and annotate models
2016-01-11 17:30:56 +11:00
03ea0bfe22
FEATURE: allow users to archive messages
...
Messages are now in 3 buckets
- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with
You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly
Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
a8b5192efd
FEATURE: User page refactor
...
Re-organise user page so it is easier to find interesting info
split it into tabs
- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
1cde276656
FEATURE: ability to send emails to a group
2015-12-07 17:01:08 +01:00
88f1a8f0b1
Merge pull request #3821 from mpalmer/letter-avatar-proxy
...
Proxy letter avatars by default
2015-11-19 20:02:16 +11:00
92ba6125c4
FEATURE: new 'automatically_unpin_topics' user preference
2015-11-17 18:21:40 +01:00
6dd4bc7d57
FEATURE: support group owner, capable of controlling group membership
...
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members
Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
af4a48a67c
Use Discourse.current_hostname
...
Much cleaner.
2015-11-06 14:13:44 +11:00
c09f345cff
Proxy letter avatars by default
...
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service. This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).
It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png `.
2015-11-06 14:13:44 +11:00
a439500bac
FIX: do not mark post as spam if the previous flag was disagreed
2015-10-17 01:30:53 +05:30
fe656fb04d
FIX: select appropriate period when redirecting to top
2015-09-21 20:28:20 +02:00
c1ecd6f4ce
update annotations
2015-09-18 10:41:10 +10:00
b9a9a91335
FIX: couldn't set 'never' for the default email digest frequency setting
2015-09-14 10:36:25 +02:00
f948ee9e26
FIX: ensure letter avatar service uses same algorithm
2015-09-14 09:42:21 +10:00
93f9dcfcec
FIX: don't overwrite custom uploaded avatar when selecting gravatar
...
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
0c58f08207
FIX: profile picture selector
2015-09-11 15:10:56 +02:00
6437cd0341
FEATURE: add support for generic external avatar services
...
This changes it so we only ship an avatar template down to the client
it has no magic, all it knows is how to plug in size
2015-09-11 15:10:56 +02:00
90d49d1497
correct paths used for external service
2015-09-11 13:18:07 +10:00
2742602254
FEATURE: support for external letter avatars service
2015-09-11 02:12:40 +02:00
e43034f08f
Revert "FEATURE: SVG letter avatars (based on @eviltrout's spike)"
...
This reverts commit cd77465788
2015-09-11 00:23:52 +02:00
cd77465788
FEATURE: SVG letter avatars (based on @eviltrout's spike)
2015-09-11 00:11:48 +02:00
335be272ff
FEATURE: implement capping of new/unread
...
We cap new and unread at 2/5th of SiteSetting.max_tracked_new_unread
This dynamic capping is applied under 2 conditions:
1. New capping is applied once every 15 minutes in the periodical job, this effectively ensures that usually even super active sites are capped at 200 new items
2. Unread capping is applied if a user hits max_tracked_new_unread,
meaning if new + unread == 500, we defer a job that runs within 15 minutes that will cap user at 200 unread
This logic ensures that at worst case a user gets "bad" numbers for 15 minutes and then the system goes ahead and fixes itself up
2015-09-07 12:03:17 +10:00
a54e8f3c5e
FEATURE: live refresh notifications as they happen
2015-09-04 13:20:33 +10:00
5984b62347
FIX: ensure we remove 'category_users' records when a user is deleted
2015-09-02 20:43:15 +02:00
f9717da28f
Merge pull request #3695 from riking/patch-10
...
FIX: Consider reserved usernames as not 'available'
2015-08-26 10:51:50 -04:00
ea9bc68ee5
PATCH: in some cases this is being turned to a string workaround for now
2015-08-26 16:19:21 +10:00
1586886bf9
FIX: Consider reserved usernames as not 'available'
...
https://meta.discourse.org/t/reserved-usernames-ignored-by-invites/32490
2015-08-25 17:24:07 -07:00
84fdc655ad
correct retry logic
2015-08-24 10:28:38 +10:00
bef80633b1
FEATURE: global admin override of most of the user preferences
2015-08-21 20:39:21 +02:00
49996bcdea
FIX: don't suggest name when email is empty
2015-08-20 11:59:28 +02:00
eb941475fa
FIX: mark invite accepted notification as read
2015-08-13 11:11:54 +05:30
782dd13e78
FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section
2015-07-07 14:06:42 -04:00
b52e5d1536
FIX: `default_avatars` wasn't being used for some server side templates
2015-06-26 13:38:09 -04:00
189cb3ff12
FEATURE: move migrate_to_new_scheme into a background job
...
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
feeb509a97
SECURITY: expire all existing email tokens on password reset
2015-06-06 03:50:06 +10:00
4171eb758c
SECURITY: expire all existing sessions if user changes passwords
2015-06-06 03:09:19 +10:00
83559bbf45
posts read may enter concurrently, retry
2015-06-01 11:55:07 +10:00
acafa491b2
user avatar urls/templates refactor
2015-05-29 18:51:17 +02:00
9f9825bb6b
FIX: don't send emails to anonymous users
...
Also changes behaviour of real to not return anonymous users.
This means user counts will no longer include them, and the
mailing list system will ignore them even if they somehow end up
with the feature turned on.
2015-05-11 00:56:34 +01:00
963ebf5963
FIX: if approving a user when must_approve_users is false, don't send an email
2015-05-04 15:30:25 -04:00
4745eca4ad
FIX: Don't abort PurgeInactive if they have posts. Just skip.
2015-05-04 11:37:49 -04:00
803feefd54
MessageBus handles readonly redis now, no need to wrap it
2015-05-04 12:21:00 +10:00
b2fd69a675
FIX: avatar_template when using relative_url_root
2015-04-28 20:58:46 -04:00
151b559e4c
FIX: If you delete a user, delete their queued posts as well.
2015-04-24 16:04:44 -04:00
5b3f99aa50
Don't blow up if Redis switches to READONLY
2015-04-24 14:37:16 -04:00
80b2935e11
FIX: prevent DOS when fixing avatar in quotes
2015-04-24 11:14:10 +02:00
a737090442
- FEATURE: revamped poll plugin
...
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
296add56e6
correct letter avatar template
2015-04-20 13:07:12 +10:00
51b747346e
PREF: speed up grabbing unread counts
2015-04-17 16:01:20 +10:00
4bfca12b11
FEATURE: anonymous_account_duration_minutes , cycle anon accounts after N minutes from last post
...
fixes it so anon users can not like stuff
2015-04-08 12:30:02 +10:00
30b063c08b
FEATURE: make full names a required field of user profiles with the full_name_required setting
2015-04-02 17:08:04 -04:00
10b8eca9a6
fix the build
2015-03-30 12:48:20 +02:00
588667b1e4
FEATURE: fix avatar in quotes when changing avatars
2015-03-30 12:31:10 +02:00
5aa1272f05
clean up first day user definition and object model
2015-03-26 16:48:36 +11:00
9834d11503
Staff and TL2 up are immune to newuser checks and not considered new users
2015-03-26 16:04:46 +11:00
92e371f0b3
FEATURE: civilized mute
...
Allow user to mute all notifications generated by specific users
2015-03-24 11:55:22 +11:00
6cd4330335
FIX: show all deleted posts
2015-03-11 18:07:47 +01:00
608647d02f
FEATURE: Anonymize User. A way to remove a user but keep their topics and posts.
2015-03-10 11:59:08 -04:00
e74b9ee5da
FIX: should not count disagreed flags
2015-02-19 18:11:07 +01:00
67f404d281
FIX: remove notifications on deleted topics from the stream
2015-02-19 12:40:00 +11:00
3ce2077aa8
Migrate unsubscribe keys to the database.
...
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
06f02ce9fc
FIX: 🈂️ Allow closing polls in multi-locale sites
2015-02-05 19:55:03 -08:00
6c410ed093
FIX: strip whitespaces from user email
2015-01-30 01:44:24 +05:30
efd65dcc8c
hard match domains for automatic group membership
2015-01-26 23:17:29 +01:00
256519dddf
FEATURE: automatic group membership based on email address
2015-01-23 18:25:43 +01:00
1ab0d6bd82
FEATURE: Log username changes by staff
...
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
a2b284a0a4
table & model changes for group managers with permission to edit membership
2015-01-15 11:44:42 -08:00
e20078a9dc
PERF: fix performance issue when displaying the user card for admins
2015-01-05 19:49:32 +01:00
97b3914b70
FIX: use utc time when generate reports; set boundary
2014-12-30 22:43:03 +08:00
521226f4c9
FIX: registration fails with timeout on gravatar
2014-12-15 22:10:27 +01:00
929ff00741
FIX: use excerpt instead of the summary
2014-12-06 18:48:39 +01:00
ea269ccfb2
rename purge_inactive to purge_unactivated
2014-12-02 21:36:25 -08:00
cb0e7a5724
For performance reasons, use `delete_all` when removing a user's email logs
2014-11-28 14:20:43 -05:00
6bed4e1bf0
add allowed_ips to api_keys
...
update annotations
2014-11-20 14:53:15 +11:00
068d22e9b3
Add API support for querying admin reports by date range
2014-11-05 13:11:37 -05:00
8f390c979b
FEATURE: Mark All as Read button for Notifications page
...
Added a Mark All as Read button to the top/bottom of the notifications user page
https://meta.discourse.org/t/possibility-to-selectively-or-completely-mark-notifications-as-read/20227
Remove notifications property (no longer used)
2014-10-13 06:31:27 -04:00
0e7be81e60
FIX: badge granted titles were not being revoked when badge was revoked
2014-10-08 10:26:18 +11:00
37af13f6ea
FIX: badge notifications are marked read by the system after opening
2014-10-02 16:08:31 +10:00
72a28aeb7c
FEATURE: always show highest trust level badge in card
...
FEATURE: fa-user icon for trust level badges
2014-10-02 16:08:31 +10:00
edb34c178a
FEATURE: Show user fields when the user is signing up
2014-09-30 10:45:18 -04:00
bff95a6a97
Rename 'leader' -> 'tl3'
2014-09-30 13:16:34 +10:00
c8111ada6e
FEATURE: Allow admins to lock users from TL3 promotion/demotion
...
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
7e309a21cf
FEATURE: hide emails behind a button for staff members
2014-09-29 22:31:05 +02:00
c248d28c38
FEATURE: display associated accounts in admin user
2014-09-25 16:15:01 +10:00
7bc223ef7c
FEATURE: improve flags reminder email
2014-09-23 18:37:31 +02:00
2c6d03f87f
SECURITY: Limit passwords to 200 characters
...
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
334e21a03a
Revert "Revert "FEATURE: Can create warnings for users via PM""
...
This reverts commit 1c7559380c
2014-09-08 11:11:56 -04:00
1c7559380c
Revert "FEATURE: Can create warnings for users via PM"
...
This reverts commit b0bfc1f93f
2014-09-08 10:38:59 -04:00
b0bfc1f93f
FEATURE: Can create warnings for users via PM
2014-09-08 10:27:06 -04:00
59d04c0695
Internal renaming of elder,leader,regular,basic to numbers
...
Changed internals so trust levels are referred to with
TrustLevel[1], TrustLevel[2] etc.
This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
54484ca18a
"FIX": Add error reporting to NotifyMailingListSubscribers
...
Also skip unactivated users, which may actually fix this
2014-09-03 14:53:05 -07:00
0ae3c327de
Add a message to the staff logs indicating why a user was purged
2014-08-27 16:05:07 -04:00
414c6d191f
FIX: remove nullable dates post upgrade to Rails 4
2014-08-27 15:19:25 +10:00
00c28f2391
Show total likes given. Put likes given/received and flags given/received together.
2014-08-22 15:23:19 -04:00
dafc63e3a0
Show how many likes users received in the last 100 days on their admin profile page
2014-08-22 14:37:07 -04:00
5454c1ed24
Updated model anotations
2014-08-22 13:01:44 -04:00
3235f2c477
FIX: Don't try and delete inactive admins, rare as they may be.
2014-08-19 13:47:01 -04:00
3fd784b513
removed useless assignments at some places
2014-08-19 18:10:23 +05:30
ba15a6a9ea
PERF: Only delete 100 inactive users at once
2014-08-13 17:56:40 -04:00
4c4ce05964
FIX & PERF: vanilla import
...
PERF: disabled refresh_avatar callback when importing users
PERF: avoid using UsernameSuggester when not needed
FIX: categories wasn't working
FIX: posts from deleted users are now from the system user
2014-08-13 22:20:06 +02:00
7ed969f0c7
Site Setting to customize how frequently inactive users are purged
2014-08-13 15:11:19 -04:00
3c6673aceb
Purge inactive accounts that are older than 7 days
2014-08-13 14:13:41 -04:00
22cd259687
FIX: remove faulty "ensure consistency" badge job
2014-08-11 09:21:06 +10:00
b5045a005f
PERF: last seen index on users
2014-08-07 13:33:11 +10:00
cb0ecd9ff1
PERF: store topic views in a topic view table
...
* cut down on storage of the work Topic, 3 times per row (in 2 indexes)
* only store one view per user per topic
* only store one view per ip per topic
2014-08-04 19:07:55 +10:00
e7e70d14da
Merge pull request #2591 from BenLubar/benlubar-edit-history-public
...
add profile option for edit history visibility
2014-07-30 14:09:10 +10:00
bddffa7f9a
FEATURE: flag dispositions normalization
...
All flags should end up in one of the three dispositions
- Agree
- Disagree
- Defer
In the administration area, the *active* flags section displays 4 buttons
- Agree (hide post + send PM)
- Disagree
- Defer
- Delete
Clicking "Delete" will open a modal that offer to
- Delete Post & Defer Flags
- Delete Post & Agree with Flags
- Delete Spammer (if available)
When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.
If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.
The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).
FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
44dc4b4a17
add profile option for edit history, visible only when edit history is disabled globally.
2014-07-26 23:04:46 -05:00
0f9678fe49
FIX: faster update of all badges
...
Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden
Delta badge grant happens once a minute, backed by redis
2014-07-23 11:46:07 +10:00
bfb37054e8
Badge Grouping work in progress
2014-07-17 16:11:10 +10:00
939e8505a9
Remove hub username integration
2014-07-16 12:25:24 -04:00
01a68f8cc7
Emails are case insensitive
2014-07-16 10:22:01 -04:00
59c399c50a
FIX: count distinct badges for totals.
2014-07-16 16:21:46 +10:00
f2dd35ab08
Improve the unsubscribe to digest experience. Give a link in case it
...
fails, provide a different message if you are logged in as a different
user, increase expiry to 2 months from 1 week.
2014-07-15 17:20:59 -04:00
88469721b9
FEATURE: Allow admins to disable specific badges
2014-07-14 17:40:36 +10:00
8fcc019ff8
FIX: only allow badge title selection if it exists
2014-07-09 15:31:49 +10:00
9a9ad9bda8
FEATURE: Badge progress
...
- Refactor model so it stores backfill query
- Implement autobiographer
- Remove sample badge
- Correct featured badges to only include a badge once
2014-07-03 17:29:44 +10:00
c0cd109e9d
TRIVIAL: code formatting
2014-06-26 19:50:29 +02:00
386d1e231a
move profile_background from User to UserProfile
2014-06-26 12:30:07 -04:00
56dcd00570
BUGFIX: trust_level_0 group not including trust_level_1
...
BUGFIX: manual trust level change not adding user to groups
BUGFIX: system not in correct trust level groups
2014-06-17 10:52:02 +10:00
9ffd173873
move bio to UserProfile from User
2014-06-13 14:55:32 -04:00
7db31adf35
move website from User to UserProfile
2014-06-06 21:54:32 -07:00
fa6f22dd39
Move letter avatars out of upload system
...
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
5adc486cef
BUGFIX: missing avatars in topic map
...
Cleanup uneeded column
2014-05-29 14:59:14 +10:00
d9f51961c4
BUGFIX: pick gravatar if it was just downloaded
...
BUGFIX: don't go rebaking unless all avatars are downloaded
2014-05-28 16:54:21 +10:00
b1d5f4440b
Annotate models
2014-05-28 12:30:57 +10:00
7c22d738b6
FEATURE: Add a location field to a user's profile
2014-05-27 13:54:04 -04:00
1e28668e9f
missed one spot where route changed
2014-05-28 01:09:01 +10:00
504cfcff96
Fix specs for avatars
...
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
6c1c8be794
Work in progress, keeping avatars locally
...
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)
user can then pick which they want.
2014-05-27 10:08:03 +10:00
ff6755f1e5
Merge pull request #2343 from knutaldrin/patch-1
...
Fix suspended scope
2014-05-23 12:56:32 +10:00
579f2bf7b8
Fix suspended scope
...
:non_suspended should check if suspension is <= NOW, else one could end up in neither group.
2014-05-15 15:47:49 +02:00
c07244a4e6
Refactor BadgeGranter.update_trust_level_badges! -> update_badges.
2014-05-14 21:01:41 +05:30
b144b75565
Add automatically assigned trust level badges.
2014-05-14 20:47:21 +05:30
34d1668f9f
FEATURE: backend for inviting a user to a group
2014-05-09 18:22:35 +10:00
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
c21d3f41d0
BUGFIX: only redirect new users to top page once
...
Actually, new users will still be redirected to the top page during the first 30 seconds of their first visit.
2014-05-05 19:00:40 +02:00
f6c22cc299
Merge pull request #2297 from ligthyear/custom-fields
...
Custom fields for Topic, Category, Post and Group
2014-04-30 13:15:50 +10:00
0cf07d41ae
Move Concern from lib into app/models. refs #2279
2014-04-29 19:26:43 +02:00
e6e03a1a96
move custom fields into its own concern
2014-04-29 19:26:42 +02:00
359d59242e
If a new user receives a mention, quote or response to their post, allow
...
them to continue posting in a topic.
2014-04-29 12:59:14 -04:00
e88e43bfb6
Merge pull request #2279 from fantasticfears/concern
...
move concerns to the model/concerns
2014-04-28 09:48:33 +10:00
f8d9fb7bdc
Revert "Merge pull request #2284 from jaimeiniesta/patch-1"
...
This reverts commit a6b88d1e7e9bee0b6e2d
2014-04-25 11:40:38 +02:00
a6b88d1e7e
Merge pull request #2284 from jaimeiniesta/patch-1
...
escape gravatar URLs to comply with W3C standards
2014-04-24 12:56:16 +10:00
05efc8df16
BUGFIX: likes would cause whole post to re-render
2014-04-24 12:42:04 +10:00
af877781b7
Allow admins to choose if groups are visible or not.
2014-04-22 16:43:46 -04:00
a3b2b4baca
FEATURE: custom fields on User
2014-04-22 13:52:13 +10:00
6084cb969d
escape gravatar URLs to comply with W3C standards
...
This fixes an HTML validation error due to & not being properly escaped on the gravatar URLs.
2014-04-21 00:46:00 +02:00
6d45f71254
move concerns to the model/concerns
2014-04-19 12:00:40 +08:00
843023d7c9
Fix user_badges n+1 query.
2014-04-17 21:58:05 +05:30
4c0f85650e
Display badge count in the user admin page.
2014-04-16 18:08:10 +05:30
e0a4959dc9
Sort featured badges by badge type first, followed by grant count.
2014-04-16 18:08:10 +05:30
862a6696c0
Correct annotations
...
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
2505d18aa9
FEATURE: support email attachments
2014-04-14 22:55:57 +02:00
b0ed9082b3
FEATURE: Hidden site setting for max username length
2014-04-14 12:55:33 +10:00
6373de550f
update annotations
2014-04-08 17:35:44 +02:00
d71f62a9f9
Merge pull request #2180 from tomciopp/master
...
More idiomatic approach to finding drafts
2014-04-08 16:46:24 +10:00
ef24a4c71c
FEATURE: add redirect_users_to_top_page site setting (default to true)
2014-03-31 21:53:38 +02:00
38882eb1a7
Remove threequals from ruby files
2014-03-26 12:20:41 -07:00
7e7c4efcc0
FEATURE: on initial boot hint users on how to get admin
2014-03-24 18:03:39 +11:00
5c148faeb9
annotations were out of date
2014-03-20 15:35:51 +11:00
02963b03dc
BUGFIX: last_seen_at can be nil
2014-03-17 12:42:51 +11:00
fe63db7953
Merge pull request #2115 from vikhyat/badge-system
...
Initial badge system implementation
2014-03-17 10:06:37 +11:00
9b26c8584e
Initial badge system implementation.
2014-03-14 21:49:26 +05:30
9ca516e58d
Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.)
2014-03-12 12:39:36 -04:00
8214536614
BUGFIX: don't show redirect reason if you aren't redirected
...
Move the redirect to top page logic server-side and make sure the reason
is not shown when top is not in the navigation menu (top_menu).
2014-03-07 18:58:53 +01:00
4a2dab9c5e
allow for custom min_username_length
...
change constant in user to be global range and not default
2014-03-04 16:37:05 -08:00
4b61d6af28
BUGFIX: new date was incorrect
2014-03-03 16:11:59 -05:00
3abe84941f
FEATURE: Add `new_since` column to `UserStat` so we can reset the "New"
...
date.
2014-03-03 15:47:00 -05:00
6f31d3f0e5
FEATURE: single sign on support
...
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
Jeff Wong
Guo Xiang Tan
Arpit Jalan
Joshua Rosenfeld
Gerhard Schlager
Philipp Daniels
Régis Hanol
Robin Ward
Vinoth Kannan
Neil Lalonde
Vinoth Kanan
Leo McArdle
Sam
Erick Guan
Guo Xiang Tan
David Taylor
Bianca Nenciu
Jeff Atwood
cpradio
James Kiesel
Matt Palmer
Kane York
Luke Granger-Brown
Jason W. May
cpradio
Akshay
Ben Lubar
Andrew Bezzub
Knut Aldrin Wikström
Vikhyat Korrapati
Louis Rose
Benjamin Kampmann
Jaime Iniesta
Thomas Cioppettini
Stephen Birarda
