Commit Graph

680 Commits

Author SHA1 Message Date
David Taylor 84fc7abb73 FIX: Allow `rake destroy:topics` to delete topics in sub-categories 2018-09-10 12:52:14 +01:00
Sam 9b7cab589a FIX: revert diacritic stripping
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
James Kiesel a4001c1ea0 FEATURE: Pop revise modal on post edited notification (#6287)
* Add revision number to notification url

* Pop modal on route change

* Add semicolon

* Ensure modal pops even when navigating within a topic

* Ensure modal pops when visiting from other page

* Fix eslint errors

* Fix prettier errors

* Add callback for notification item click

* Remove stray revisionUrl function

* Rename to afterRouteComplete
2018-08-24 09:13:07 -04:00
Sam ac11f8df52 correct regression searching with diacritics 2018-08-24 10:00:51 +10:00
Régis Hanol c26de01399 Use NFKD normalization instead of NFD 2018-08-24 00:52:53 +02:00
Régis Hanol bc7b530b0a FIX: remove diacritics instead of transliterating 2018-08-24 00:38:44 +02:00
Régis Hanol f4ae53d52b Return immediately when there's no html to scrub 2018-08-23 18:00:07 +02:00
Régis Hanol 2fcf2b899e FIX: remove diacritics when tokenizing html for search 2018-08-23 17:13:52 +02:00
Gerhard Schlager 5ed582551a FIX: SpamRulesEnforcer should use default locale 2018-08-20 15:08:12 +02:00
Bianca Nenciu 975a72ab7a FEATURE: Make links indexable. (#6285) 2018-08-20 10:39:19 +10:00
Osama Sayegh 865cb3feb9
FIX: allow selecting site's default theme from preference 2018-08-10 14:12:02 +03:00
Guo Xiang Tan 919e8db686 FIX: Check for group name availability should skip reserved usernames. 2018-08-01 11:09:33 +08:00
David Taylor eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Maja Komel 368d4e8eae FIX: notify staff about whispers in watched categories (#6128) 2018-07-21 11:20:21 +02:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Sam cb824a6b33 DEV: remove all calls to SqlBuilder use DB.build instead
This is part of the migration to mini_sql, SqlBuilder.new is being
deprecated and replaced with DB.build
2018-06-20 17:53:49 +10:00
Sam 5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Arpit Jalan f1d1207725 FIX: improve context when user deletes self 2018-06-18 11:36:22 +05:30
Gerhard Schlager 150ae21489 FEATURE: Log user merge in staff logs 2018-06-11 18:43:56 +02:00
Gerhard Schlager a26889ada2 FIX: Don't delete profile views during user anonymization
There's no need for that and it can take a lot of time.
2018-06-08 15:50:07 +02:00
Gerhard Schlager 4ba910ac54 Update username only after successful user anonymization 2018-06-08 15:50:07 +02:00
Gerhard Schlager 2564a8285d REFACTOR: Run some parts of user anonymizing in background job 2018-06-08 15:50:07 +02:00
Gerhard Schlager cf038cf72a FEATURE: Remove more PII during user anonymizing
Removes
  * invite if the user was invited
  * email tokens
  * incoming emails
  * email log entries
  * raw emails from posts
2018-06-08 15:50:07 +02:00
Guo Xiang Tan ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Sam 89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Arpit Jalan 36f9af4fa4 minor optimizations for post rejected logs 2018-06-02 09:44:55 +05:30
Arpit Jalan 89eca87f16 FEATURE: add staff action log for post rejections 2018-06-01 21:48:27 +05:30
Gerhard Schlager b970b072f6 FIX: User merge should not fail when primary email address is missing
The merge process might move all email addresses of the source user to the target user. Destroying the source user failed in that case.
2018-06-01 16:23:21 +02:00
Régis Hanol f988fa31aa FIX: ensure 'notifications_state' is up to date after creating a notification 2018-05-26 02:09:48 +02:00
Guo Xiang Tan 9d307a9977 FIX: Destroy notifications and sync notifications count in transaction.
* Seeing errors where the user is destroyed right when the call to
  reload is made.
2018-05-25 12:01:36 +08:00
Guo Xiang Tan 755b511b5c PERF: Destroy collapsed notifications in 1 query instead of 3. 2018-05-25 12:01:36 +08:00
Régis Hanol bb8f0087f4 Add a warning when PostAlerter isn't running in sidekiq 2018-05-24 17:52:59 +02:00
Régis Hanol 71f66cd679 FIX: ensure PostAlerter is always run in sidekiq 2018-05-24 17:27:43 +02:00
Guo Xiang Tan 2aad91d4a2 PERF: Don't bloat the Sidekiq queue with `Jobs::SendPushNotification`. 2018-05-24 10:04:09 +08:00
Guo Xiang Tan be49da9105 FIX: Don't silently fail if notification fails to create. 2018-05-24 10:04:09 +08:00
Guo Xiang Tan ad9e0d6bea
Merge pull request #5848 from OsamaSayegh/fix-social-login-groups
FIX: apply automatic group rules when using social login providers
2018-05-23 08:17:42 +08:00
OsamaSayegh f6d412465b FIX: apply automatic group rules when using social login providers 2018-05-23 02:26:07 +03:00
Sam 45f65859c9 improve erraticly failing spec 2018-05-23 08:39:15 +10:00
Régis Hanol 53f8f6095d FEATURE: staff action logs when creating/updating/deleting badges 2018-05-17 18:09:27 +02:00
Guo Xiang Tan 147ea37115 FIX: Missing notification for watching first post users when topic is recategorized.
https://meta.discourse.org/t/not-receiving-notifications-for-announcements/87275/2?u=tgxworld
2018-05-17 16:15:29 +08:00
Régis Hanol b284464a91 FIX: PostOwnerChange should update 'topic.last_poser' 2018-05-16 19:48:04 +02:00
Gerhard Schlager 3464b05e41 FIX: Allow editing post that belongs to deleted topic 2018-05-15 20:50:31 +02:00
Gerhard Schlager 2e1b5bc8d3 FIX: Transaction in UserAnonymizer prevented avatar from updating 2018-05-15 20:47:58 +02:00
Régis Hanol 93ed8d2522
PERF: defer user notifications (#5827) 2018-05-15 09:51:32 +02:00
Gerhard Schlager 49392fb105 FIX: Anonymizing user didn't replace uploaded avatar in posts 2018-05-14 13:20:29 +02:00
Guo Xiang Tan 2eb2f273a8 Refactor of `PushSubscriptionPusher`. 2018-05-09 08:14:14 +08:00
Jeff Wong 7f1f697e97 FIX: de-duplicate push subscriptions - ensure unique user/key 2018-05-08 15:20:39 -07:00
Gerhard Schlager 2e67998319 Improvements for user renaming (#5810)
* FEATURE: Update avatars in posts and revisions when user gets renamed

* FIX: Replace username in deleted posts when user gets renamed

* FEATURE: Replace username in notifications when user gets renamed

FEATURE: Update mentions and quotes when user gets merged
2018-05-08 10:02:43 -04:00
Guo Xiang Tan fc4fde453d PERF: Remove N+1 query. 2018-05-07 18:21:48 +08:00
Jeff Wong 91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Robin Ward 05dddcb2fd Add an event that is triggered when a user is anonymized 2018-05-02 12:25:29 -04:00
Gerhard Schlager 3be3c50c7e FEATURE: Rename user in mentions and quotes
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2018-05-01 13:49:14 -04:00
Robin Ward e21a4ce1dd FEATURE: Support anonymizing a user's IP addresses 2018-04-30 14:09:03 -04:00
Neil Lalonde f7c4c71409 FIX: title selector needs to flag whether title comes from badge or not 2018-04-26 16:51:11 -04:00
Neil Lalonde bd77795d7a REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-26 13:25:24 -04:00
Sam 6676bbd38b FEATURE: index YouTube titles in search
Previously we omitted the titles for videos that YouTube provided
2018-04-26 15:46:52 +10:00
Gerhard Schlager ec29869350 FIX: Merging users failed when PM was sent to source and target user 2018-04-24 11:08:29 -04:00
Arpit Jalan 0a442977b3 FEATURE: add staff action log for post approvals 2018-04-23 11:28:44 +05:30
Maja Komel 3d99726981 FIX: set notification level when changing post owner (#5616)
FIX: do not notify last post editor if they mention themself
2018-04-16 11:48:06 +02:00
Gerhard Schlager f042a9529b FIX: users shouldn't get notifications about mentions from system users
(unless the mentioned users are participants in a PM with the system user)
2018-04-12 16:19:44 +02:00
Gerhard Schlager 62aacce8f4 FEATURE: Notify flaggers when flagged post is edited by author 2018-04-09 16:45:33 +02:00
Guo Xiang Tan e4a9242ada FIX: Can't upload backup.
* Regression introduced in 142571bba0
2018-04-06 10:14:17 +08:00
Guo Xiang Tan 142571bba0 Remove use of `rescue nil`.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Blake Erickson 31ce955487 Add destroy rake task
Adds several rake tasks to delete users, topics, pm's and site stats so
that you can have a fresh site but maintain site settings and category
structure.
2018-03-30 18:32:21 -06:00
Robin Ward e4298a91b8 Pass `silenced_by` through to DiscourseEvent 2018-03-29 16:44:18 -04:00
Neil Lalonde 73c1d3e7fe FIX: tag notification preferences were being cleared when other preferences were changed 2018-03-29 15:08:32 -04:00
Blake Erickson 9fdf139235 Add tests for Site Settings import/export
- extracted out site settings rake task to a class
- added tests for import and export of site settings
2018-03-23 14:55:17 -06:00
Arpit Jalan d96c1058a2 FEATURE: add staff action log for 'restore topic' 2018-03-21 18:04:13 +05:30
Robin Ward b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Robin Ward 135195363b FIX: Not logging old post contents properly 2018-03-14 15:01:36 -04:00
Robin Ward 65ac80b014 FEATURE: Log Staff edits in Staff Action Logs
Why? Some edits by staff are not tracked. For example, during the grace
period, or via the flags/silence dialog.

If a staff member is editing someone else's post, it now goes into the
Staff Action Logs so it can be audited by other staff members.
2018-03-12 13:51:40 -04:00
Gerhard Schlager dc77cce8d9 FIX: Create notifications for mentions in PMs 2018-03-09 11:04:29 +01:00
Gerhard Schlager 07649cd42d FIX: email_domains_whitelist prevented creation of anonymous users 2018-03-06 18:14:53 +01:00
Robin Ward 0f66a99eb2 Setting to prevent logging details when anonymizing 2018-03-05 14:38:18 -05:00
Guo Xiang Tan 2f65393706 REFACTOR: Use `Topic#private_message?` to reduce duplication. 2018-03-05 15:39:22 +08:00
Régis Hanol 25d80aabce remove 'puts' 2018-03-02 01:50:24 +01:00
Gerhard Schlager 80e85e0d8f FIX: Sidekiq job has wrong data when post owner changes within transaction 2018-03-01 18:00:18 +01:00
Gerhard Schlager 79590e4bec FIX: Merging users shouldn't add more than 1 secondary email 2018-03-01 17:50:13 +01:00
Gerhard Schlager a7c50039de FIX: Allow changing post owner even when topic validations fail 2018-03-01 17:31:58 +01:00
Gerhard Schlager 7a2183e8ab FEATURE: rake task for merging users 2018-03-01 12:28:12 +01:00
Gerhard Schlager fffd1a6602 FIX: Associated Instagram account was missing at some places 2018-03-01 12:26:40 +01:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Sam 86d12bd44b FEATURE: search within title using in:title
Also

- Significantly improved search ranking, title is treated most strongly
- Adds tag names to the index
- Run search re-indexer more aggressively
- Re-index topic and all posts on category change
2018-02-20 14:41:21 +11:00
Robin Ward 7348513848 FIX: Include post in staff action logs when silencing a user 2018-02-13 15:59:10 -05:00
Maja Komel 1c27d93dcf anonymous shadow users are approved on creation if must_approve_users is enabled (#5569) 2018-02-13 01:58:38 -05:00
Arpit Jalan 7cda3a37af rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds' 2018-02-01 13:25:29 +05:30
Arpit Jalan 1f6adbea5c FEATURE: log private message views 2018-01-29 08:08:08 +05:30
Robin Ward 6b04967e2f FEATURE: Staff members can lock posts
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Sam 060e78e884 PERF: reduce memory usage for post alerter 2018-01-22 17:11:52 +11:00
Robin Ward a8b46df4bd More extensibility for custom silence/suspend messages 2018-01-19 11:35:19 -05:00
Neil Lalonde ec65ae76b9 FIX: don't create new like notifications for deleted topics 2018-01-17 14:36:32 -05:00
Sam eaca2cb049 bypass loud logging 2018-01-16 15:41:45 +11:00
Sam 38c018a84b FIX: invalid cache for parent category with limit_suggested_to_category 2018-01-15 16:13:29 +11:00
Sam 5bf116e719 warn if missing user option record 2018-01-12 15:43:56 +11:00
Robin Ward dd33050e10 Add discourse events for when a user is suspended/silenced 2018-01-11 12:56:45 -05:00
Sam 57a1190b07 FIX: correct issue with search omitting words with multiple dots
Previously we used to break up words with dots incorrectly leading to
missing search terms
2017-12-19 16:04:24 +11:00
Régis Hanol 62a5b174e1 FIX: wasn't able to use the same username when taking over a staged account 2017-12-12 11:26:00 +01:00
Robin Ward 77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Robin Ward 0a9daba627 FIX: Support for long suspension emails 2017-11-20 12:45:46 -05:00
Robin Ward 3785429948 FIX: Missing word boundaries when non-regexp 2017-11-17 14:37:31 -05:00
Robin Ward d755c9c90f FIX: Allow regular expressions to specify boundaries 2017-11-17 14:13:44 -05:00
Gerhard Schlager d47fa6653b do not notify staged users about posts withing mailinglist mirror category 2017-11-17 15:29:14 +01:00
Robin Ward 971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Robin Ward 1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Neil Lalonde 9dc9ca4ac0 FIX: be consistent with how first posts in topics are counted. do like DirectoryItem.refresh_period :all 2017-11-10 12:18:25 -05:00
Gerhard Schlager 31e2385316 FEATURE: do not send notification emails to users who are included in the To and CC header of an incoming email 2017-11-10 17:44:20 +01:00
Neil Lalonde 16ff2a4715 FIX: topic counts after converting topic to/from public and private 2017-11-09 15:33:44 -05:00
Michael Howell 38b8d68c68 FEATURE: Allow the user to select a custom home page (#5268)
* Add user_home configuration option

* Use the new user_home preference to actually show the right home page

* Fix trailing whitespace

* Update user_option_serializer.rb

* Fix JavaScript default homepage tests

* Use an object instead of a giant switch

* Remove trailing whitespace

* Make the default `user_home` set to `null` instead of `0`

* Rename user_home to homepage_id
2017-11-10 06:45:19 +11:00
Guo Xiang Tan 19f3b81161 Revert "FIX: always trigger the ':user_updated' event"
This reverts commit 519b70ea46.

https://meta.discourse.org/t/creating-a-topic-or-a-post-sends-the-user-updated-webhook/71643
2017-10-23 11:44:22 +08:00
Guo Xiang Tan e91a631978 REFACTOR: DRY up code and add better test coverage. 2017-10-23 11:16:14 +08:00
Robin Ward 838568cbc3 Refactor flag types for more customization 2017-10-19 13:55:23 -04:00
Guo Xiang Tan 79de10b212 FEATURE: Allow users to disable new PMs.
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
Neil Lalonde 2db66072d7 SECURITY: signup without verified email using Google auth 2017-10-16 13:51:41 -04:00
Gerhard Schlager c0bb97b5cb FIX: delete staged users when the incoming email is rejected 2017-10-11 16:17:01 +02:00
Régis Hanol 3bdd8f57c1 FIX: invited staged users would sometimes not get notified of replies 2017-10-06 16:37:28 +02:00
Neil Lalonde e47f5cedd2 FEATURE: forgot_password_strict setting also prevents reporting that an email address is taken during signup 2017-10-03 15:28:30 -04:00
Robin Ward 41c3941c4c FEATURE: Support regular expressions for watched words 2017-09-27 15:48:57 -04:00
Robin Ward 7578d8fc44 Add a `DiscourseEvent` for when a topic is closed 2017-09-27 14:00:53 -04:00
Robin Ward 09ed2ed749 Add Suspend User to flags page 2017-09-25 12:28:00 -04:00
Guo Xiang Tan 4e5e7dc736 FIX: Fix ActiveRecord API that was removed in Rails 5.1. 2017-09-25 16:16:37 +08:00
Guo Xiang Tan 23b787e0a6 Require dependency otherwise it causes Sidekiq to lock up in development. 2017-09-25 13:48:59 +08:00
Guo Xiang Tan 77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Gerhard Schlager 87b4246c14 FIX: notify about whispered reply 2017-09-19 15:51:10 +02:00
Robin Ward 9b3b39d8a2 FIX: Users should be able to activate their emails even if unapproved
Note in discourse `active` means "Email is active" - they still can't
login until approved
2017-09-12 15:04:39 -04:00
Guo Xiang Tan b7ac33464f Reduce number of Redis calls. 2017-09-08 20:12:53 +08:00
Sam 50203794e6 FIX: staged users should get emails on must_approve_users sites 2017-08-28 17:32:07 -04:00
Neil Lalonde 2c56f8df7c FEATURE: show tags in search results 2017-08-25 11:52:59 -04:00
Guo Xiang Tan bc3e43b496 FIX: Topic timers being incorrectly `trashed!`.
https://meta.discourse.org/t/temporary-timed-closure-of-topic-not-re-opening-topic/67877
2017-08-22 15:23:09 +09:00
Bianca Nenciu ac8bc04ad7 Set user title from the badge view (#5049)
* title info under notification

* create badge-title as component

* display available titles, close button

* remove visual feedback when grant new badge

* Made changes after review.

* Some minor fixes.
2017-08-17 16:32:37 -04:00
Erick Guan 6e59149a77 FIX: rebuild index when engine replaced (#5021) 2017-08-16 07:38:34 -04:00
Sam 6002f2ca4a FIX: not splitting words correctly for search tokenizer 2017-08-14 16:19:39 -04:00
Bianca Nenciu 117417848e Remove like on change of ownership. (#5038) 2017-08-11 09:55:00 +02:00
Régis Hanol 519b70ea46 FIX: always trigger the ':user_updated' event
We don't always use the UserUpdated class to update a user's record
2017-08-04 18:12:10 +02:00
Erick Guan f1eccd113c Replace rmmseg gem for cppjieba_rb since better dictionary (#5006)
* Rename locale to ts config in search module to make it clear

* Replace rmmese-cpp for cppjieba_rb
2017-07-31 15:28:48 -04:00
Guo Xiang Tan 4620dfe92d FEATURE: Add group settngs to allow users to leave a group freely.
https://meta.discourse.org/t/split-join-leave-freely-setting-on-groups/65565
2017-07-28 15:00:25 +09:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Régis Hanol d67fe4c674 FIX: block all emails associated to a user when destroying their record 2017-07-25 17:44:46 +02:00
Leo McArdle ddc0134b48 add DiscourseEvent triggers necessary to update a user's permissions before they're notified 2017-07-21 11:03:54 -04:00
Guo Xiang Tan 7ed9fbb415 FIX: Use default parameter in method. 2017-06-26 11:14:13 +09:00
Régis Hanol a916f6b0c8 remove some warnings with already declared constants 2017-06-22 12:55:58 +02:00
Guo Xiang Tan e888369f51 UX: Don't send emails for discobot notifications. 2017-06-12 17:00:27 +09:00
Sam a7e65d98a9 FIX: mutex to avoid race condition with double notify 2017-05-26 17:04:40 -04:00
Guo Xiang Tan 238a156300 FIX: `TopicTimestampChanger` should not allow timestamps in the future. 2017-05-22 16:03:49 +08:00
Guo Xiang Tan 4382a0bb07 Rename `PostTimestampChanger` -> `TopicTimestampChanger`. 2017-05-22 15:01:33 +08:00
Neil Lalonde 7821400141 FEATURE: staff can set a timer to remind them about a topic 2017-05-16 14:49:50 -04:00
Sam e1dd543a93 FEATURE: allow users to select theme on single device 2017-05-15 12:48:16 -04:00
Sam 2d96a0785d FEATURE: theme selection is now global per-user 2017-05-12 12:41:34 -04:00
Neil Lalonde 55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
Robin Ward f05f1a24d3 Change Anniversary badge to be multiple grant, once per year 2017-04-28 14:22:54 -04:00
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Robin Ward 40cee37bcc FIX: Don't insert topic status messages unless the status changes 2017-04-07 17:10:43 -04:00
Guo Xiang Tan 5943543ec3 FIX: Improve checks for non-human users. 2017-04-06 11:29:34 +08:00
Sam Saffron cd39049262 SECURITY: do not send push notifications to suspended users 2017-04-05 08:28:24 -04:00
Guo Xiang Tan aca972c08b FIX: Skip validations when updating group mentions. 2017-04-04 14:13:18 +08:00
Guo Xiang Tan f4758a4c4d FEATURE: Allow admins to schedule a topic to be published in the future. 2017-04-04 11:16:05 +08:00
Guo Xiang Tan 34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Neil Lalonde 9ae8813a53 FIX: admin user page should show count of all posts, including private messages, so admins can delete them. This bug was making it impossible to delete users. 2017-03-17 17:01:45 -04:00
Guo Xiang Tan bf78c228f4 FIX: User created web hook being enqueued before record has been saved.
* Improve web hook tests as well.
2017-03-16 14:44:09 +08:00
Sam 16593ae8bf FEATURE: log reason staff auto blocks a user 2017-03-10 15:45:48 -05:00
Arpit Jalan d5bcc70e9c FIX: grant trust level when bulk adding users to group 2017-03-06 14:39:53 +05:30
Neil Lalonde 262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
Arpit Jalan e27b1b98d1 FIX: handle new user when logging name change 2017-03-01 13:43:57 +05:30
Guo Xiang Tan 76dd6933d2 Revert "Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."""
This reverts commit e6d75f6844.

This is why we should not be pushing directly to master.
2017-03-01 10:16:59 +08:00
Guo Xiang Tan e6d75f6844 Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email.""
This reverts commit 0e3def7d2b.
2017-02-28 11:27:14 +08:00
Arpit Jalan 6661cebff8 FIX: do not log duplicate username changes 2017-02-28 01:32:00 +05:30
Arpit Jalan b32d3d66e5 FEATURE: log all username and name changes 2017-02-28 00:23:27 +05:30
Robin Ward 0e3def7d2b Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."
This reverts commit 1060239e2d.
2017-02-27 13:19:26 -05:00
Guo Xiang Tan 1060239e2d SECURITY: Ensure oAuth authenticated email is the same as created user's email. 2017-02-24 13:13:10 +08:00
Guo Xiang Tan 0847b4258a Revert "SECURITY: Ensure that user has been authenticated."
This reverts commit fbe51d68a7.

Changing the commit message to correctly reflect what we're actually
fixing.
2017-02-24 13:12:29 +08:00
Guo Xiang Tan fbe51d68a7 SECURITY: Ensure that user has been authenticated. 2017-02-24 10:47:48 +08:00
Robin Ward 496682c442 Merge pull request #4662 from tgxworld/fix_localized_group_name_change
Fix localized group name change
2017-01-26 10:50:00 -05:00
Neil Lalonde 6b93b09404 FIX: when blocking a user results in hiding their posts, only hide posts made in the last 24 hours 2017-01-19 15:56:22 -05:00
Guo Xiang Tan 706b4f6b9f FEATURE: Remap group mentions when group name has been changed. 2017-01-18 13:39:34 +08:00
Régis Hanol fbf9172db8 FIX: log backups download/destroy staff action
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:53:31 +01:00
Guo Xiang Tan 515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00
Robin Ward 6c3426d266 Let's not notify for trust levels on Staff, either 2017-01-11 11:25:04 -05:00
Neil Lalonde 98bd58df61 Don't show email of deleted users in staff action logs 2017-01-10 17:25:36 -05:00
Neil Lalonde fc0a0a76a4 Add more info in staff action logs for blocking a user, and add logging for lock trust level, activate, and deactive user 2017-01-10 17:25:36 -05:00
Robin Ward 7341b0d03c Don't give notifications to admins for trust level notifications 2017-01-10 12:18:48 -05:00
Guo Xiang Tan d10fe51b72 Fix broken specs since all urls will be oneboxed. 2017-01-06 10:05:51 +08:00
Régis Hanol cbcb9363f4 fix the build 2017-01-04 14:23:21 +01:00
Sam c531f4ded5 remove rails-observers
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.

For example: if we want to upgrade to rails 5 there is no published gem

Internally the usage of observers had quite a few problem.

The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam 019f1a1d06 UserEmailObserver is now removed
no big surprises here was pretty straightforward

after_commit semantics sure are weird though
2016-12-22 16:46:53 +11:00
Sam 2f6a4cc6de remove UserActionObserver, replace with after_save and service
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam 0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan 69330f8bc2 Add user_updated event to webhooks. 2016-12-13 11:26:26 +08:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Régis Hanol 6edd3c347c FIX: automatically disable digests when enabling mailing list mode 2016-11-28 15:52:35 +01:00
Guo Xiang Tan f824afb4d3 FEATURE: Allow date_of_field column to be updated. 2016-11-17 15:16:58 +08:00
Guo Xiang Tan 95c6e97587 Ensure we don't run `$redis.keys` in production. 2016-11-15 23:23:41 +08:00
Sam aaf947356b correct regression where notifications scope is not pushing to push server 2016-10-14 22:52:39 +11:00
Sam f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Sam 3ad8616f44 Merge pull request #4476 from xfalcox/localize-badge-notifications
FIX: Properly localize badge notification on batch grant
2016-10-12 15:16:35 +11:00
Rafael dos Santos Silva c5b94878ac We need this variable later 2016-10-11 19:14:32 -03:00
Sam 89daa43754 FEATURE: remap emojis back for push notifications and desktop alerts 2016-10-11 13:03:48 +11:00
cpradio 6f1c31d777 Add notification level user preference when replying to a topic 2016-09-30 14:58:07 -04:00
Rafael dos Santos Silva 9a502c73c9 FIX: Properly localize badge notification on batch grant 2016-09-29 18:55:41 -03:00
Robin Ward 29cf47cfb2 Track steps the user has completed, nag them to finish it. 2016-09-22 09:52:19 -04:00
Robin Ward c94e6f1b96 Add locale step 2016-09-22 09:52:19 -04:00
Neil Lalonde 06eb256d0a FIX: blocking users should never hide all posts if they are trust level 1 or higher 2016-09-12 11:58:10 -04:00
Robin Ward 9609a47016 Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
Sam 4fe52c8cbe FEATURE: backend support for pushing notifications to clients 2016-08-26 12:47:10 +10:00
Robin Ward 4061725a95 FIX: Don't ever grant badges when they're disabled 2016-08-19 15:16:37 -04:00
Arpit Jalan a590f35982 FEATURE: allow changing post owners without creating post revision 2016-08-19 23:34:21 +05:30
Régis Hanol e55e2aff94 FIX: FirstReplyByEmail badge wasn't granted
DEPRECATED: PostProcess badge trigger
2016-08-10 19:24:01 +02:00
Robin Ward 3d62e5dd98 SECURITY: XSS issue on Admin users list 2016-08-05 12:01:16 -04:00
Robin Ward 429f27ec96 SECURITY: Avoid mass assignment on user create 2016-08-05 11:57:13 -04:00
Sam 9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Régis Hanol b0f7e4ba00 FEATURE: deactive users after too many bounces 2016-07-25 18:57:06 +02:00
Robin Ward b2289d733f List the "Watching First Post" tags on preferences 2016-07-22 16:16:45 -04:00
Robin Ward c279889191 FIX: Watching First Post in groups was working incorrectly 2016-07-21 15:05:10 -04:00
Robin Ward 09be741820 FIX: Don't alert on new posts in a topic unless it's a new record 2016-07-19 15:57:05 -04:00
Sam Saffron 46b34e3c62 FEATURE: remove user option for edit history public
Users can no longer opt-in for "public" edit history
if site owner disables it.

This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Sam f1b1b0da14 FEATURE: show watched first post in user page 2016-07-08 14:08:10 +10:00
Sam 4161ee210a FEATURE: improved tag and category watching and tracking
- present tags watched on the user prefs page
- automatically watch or unwatch old topics based on watch status

New watching and tracking logic takes care of handling old topics
(either with or without read state)

When you watch a topic you now watch historically

Also removes confusing warnings from user.
2016-07-08 12:58:30 +10:00
Robin Ward 2005565c9c Server side code for Watching First Post Only 2016-07-07 11:21:50 -04:00
Sam 92daf44daf correct random suggested topic selection 2016-07-04 10:34:54 +10:00
Guo Xiang Tan 9fc0b8607c
Add event trigger for post notification alert. 2016-07-01 00:12:07 +08:00
Robin Ward 83e46cc302 FIX: Restrict changing ownership to one topic 2016-06-17 14:20:14 -04:00
Neil Lalonde d62f2b4d67 UX: rename setting num_flags_to_block_new_user to num_spam_flags_to_block_new_user 2016-06-15 13:19:06 -04:00
Neil Lalonde 1c9519636c FEATURE: new users can be blocked from posting if enough TL3 users flag their posts 2016-06-15 10:51:34 -04:00
Régis Hanol 367954057b should have been 'deleted_topic' 2016-06-15 14:45:18 +02:00
Régis Hanol ed4634dc34 FIX: don't error out when deleting a topic with no user 2016-06-15 14:41:08 +02:00
Régis Hanol ca1a532cf5 show 'revoke_email' in staff action logs 2016-06-06 22:58:09 +02:00
Guo Xiang Tan 57c56b68f8
FIX: Incorrect attribute. 2016-06-06 14:32:53 +08:00
James Kiesel feffe23cc5 FEATURE: More granular mailing list mode (#4068)
* Rearrange frontend to account for mailing list mode

* Allow update of user preference for mailing list frequency

* Add mailing list frequency estimate

* Simplify frequency estimate; disable activity summary for mailing list mode

* Remove combined updates

* Add specs for enqueue mailing list mode job

* Write mailing list method for mailer

* Fix linting error

* Account for stale topics

* Add translations for default mailing list setting

* One query for mailing list topics

* Fix failing spec

* WIP

* Flesh out html template

* First pass at text-based mailing list summary

* Add user avatar

* Properly format posts for mailing list

* Move make_all_links_absolute into Email::Styles

* Apply first_seen_at to user

* Send mailing list email summary hourly based on first_seen_at

* Branch and test cleanup

* Use existing mailing list mode estimate

* Fix failing specs
2016-05-21 15:17:54 +02:00
Arpit Jalan 26964a72ca FIX: editing user title was deleting location 2016-05-03 22:25:43 +05:30
Régis Hanol 8e611ec7a1 FEATURE: handle bounced emails 2016-05-02 23:15:32 +02:00
Régis Hanol 2194ccec6e slightly better automatic flag reason messages 2016-04-25 23:03:17 +02:00
Sam 72849e65de FIX: when granting old badges that are bronze, do not notify 2016-04-12 22:08:38 +10:00
Arpit Jalan 8da446c8bc FIX: do not raise error if topic not found while logging 2016-04-11 09:32:37 +05:30
Robin Ward 526573074c Add one off job to grant the emoji badge retroactively 2016-04-07 13:49:44 -04:00
Guo Xiang Tan fe54ece35e Merge pull request #4114 from tgxworld/better_logging_for_backfilling_badges
FIX: Better logging when badges fail to backfill.
2016-04-07 13:31:50 +08:00
Sam a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Robin Ward c30d327b77 FEATURE: Two new badges - First Emoji and First Mention 2016-04-05 15:17:41 -04:00
Guo Xiang Tan 6f16896a2c FIX: Better logging when badges fail to backfill. 2016-03-24 10:10:53 +08:00
Sam f9e5c49350 FIX: blue notification instead of green for replies/mentions in PMs 2016-03-22 14:28:14 +11:00
Régis Hanol f15d463eb8 FIX: user 'UserBlocker' when blocking a new user 2016-03-18 12:16:37 +01:00
Sam 180888c020 Merge pull request #4087 from jeremylan/bug_40489
Fixed anonymizer when 'full name required' setting is on
2016-03-18 12:29:51 +11:00
Neil Lalonde 213950e4cf FEATURE: add option to include topics from trust level 0 users in digest emails 2016-03-17 17:35:23 -04:00
jeremylan d95728dd16 Fixed anonymizer when 'full name required' setting is on
When the setting 'full name required' is on the anonymizer was trying to set the user name to nil and this caused the user name and email to remain not anonymized.
Now in this scenario the user name is set to the anonimized username and the email is anonymized correctly.
2016-03-17 17:50:04 +11:00
Neil Lalonde 091e7ef3ca FIX: when a post is edited by someone other than the original author and a mention is added, the mention notification is from the person who edited 2016-03-08 15:26:12 -05:00
Régis Hanol 74e4251aff FIX: collapse 'replied', 'quoted' and 'posted' to the same notification 2016-03-07 21:56:33 +01:00
Sam af577a5854 FEATURE: like notification frequency of never 2016-03-06 09:12:59 +11:00
Sam Saffron 8b1772ac0f FIX: if user undos like, and relikes notify
FEATURE: roll up likes for notify on all likes
2016-03-04 22:56:27 +11:00
Arpit Jalan 36f82aa68c FEATURE: enforce admin password validation when signing up via developer email 2016-03-04 00:28:47 +05:30
Sam 5a6c34fb8a regression, unable to edit posts 2016-03-03 16:00:14 +11:00
Guo Xiang Tan 9d24a00f2e Merge pull request #4055 from tgxworld/fix_topic_view_not_working_in_redis_readonly
FIX: Topic view not working when Redis is readonly.
2016-03-03 08:48:31 +08:00
Guo Xiang Tan 5f8e20aa1d FIX: Topic view not working when Redis is readonly. 2016-03-03 08:26:45 +08:00