d9be4f47e8
SPEC: redirect to original URL after social signup
2018-09-05 03:24:50 +05:30
d8b543bb67
FIX: redirect to original URL after social signup
2018-09-05 01:44:23 +05:30
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
2f5c21e28c
FIX: return a 400 error instead of 500 for null injections
...
Many security scanners like to inject NULL in inputs causing application
to exception out and return a 500
We now handle this exception and render a 400 status back
2018-09-04 12:11:52 +10:00
f33433bf9e
Validation of params should restrict to max int ( #6331 )
...
* FIX: Validation of params should restrict to max int
* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
f5e0356fb2
correct miscellaneous issues with user login history
2018-09-02 17:24:54 +10:00
b3aab1770f
FIX: set old last modified date for invalid avatars
...
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
2018-08-31 17:07:31 +10:00
c6f339a0b5
format json better with spaces in my test
2018-08-30 14:39:40 -06:00
ae532f8548
FIX: return 422 for an invalid group name on category create
2018-08-30 14:28:55 -06:00
103509b9dd
SECURITY: Prevent users from modifying custom fields
2018-08-30 12:59:36 +01:00
72ffabf619
UX: Improve email testing admin tool. ( #6308 )
2018-08-29 23:14:16 +02:00
ebe7835316
FIX: links in rss feeds are sometimes wrong on subfolder installs
2018-08-27 18:05:15 -04:00
2271918be2
FEATURE: Use S3 dualstack endpoints
...
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
2018-08-27 11:22:46 +10:00
82dcc5cbfa
FEATURE: makes reports loadable in bulk ( #6309 )
2018-08-24 15:28:01 +02:00
e0cc29d658
FEATURE: themes and components split
...
* FEATURE: themes and components split
* two seperate methods to switch theme type
* use strict equality operator
2018-08-24 11:30:00 +10:00
29315b73c2
FIX: improve last_modified date returned for avatars
...
instead of hard coding a date:
1. For optimized images use the upload date when on s3
2. For not-found use 10 minutes ago to match the expiry
2018-08-24 09:36:11 +10:00
2711f173dc
FIX: don't allow inviting more than `max_allowed_message_recipients`
...
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows
* add specs for guardian
* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)
Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences
* groups take only 1 slot in PM
* just return if topic is a PM
2018-08-23 14:36:49 +10:00
cdea969c6a
FEATURE: Make initial admins TL1
...
* Match register controller TL to rake admin:create
* Don't promote if trust_level > 1
2018-08-22 15:45:24 +10:00
17dc8f2490
UX: Wizard resends activation email when user exists
2018-08-21 19:13:41 +02:00
2d96160192
FEATURE: improve API error reporting for invalid records
2018-08-21 11:54:34 +10:00
b4f92a05b3
FIX: Load more on groups page does not account for params.
...
https://meta.discourse.org/t/cant-scroll-through-list-of-users-groups-if-more-than-one-page/92259
2018-08-20 17:08:50 +08:00
f5fe58384f
correct regression around file renaming
2018-08-20 16:08:05 +10:00
ce4b12ae59
FIX: if we have not target available do not redirect
2018-08-20 13:10:59 +10:00
d7b1919ead
correct specs
2018-08-20 12:46:14 +10:00
a9e502936f
FIX: Converting PNG to JPEG does not set the correct extension.
2018-08-17 13:09:48 +08:00
f62073a22a
correct regression uploading images
2018-08-16 18:49:08 +10:00
937ab3f213
FIX: Validation of min_posts and max_posts didn't work
2018-08-16 10:36:53 +02:00
796164b58c
FIX: automatically correct bad avatars on access
...
Also start relying on upload extension for optimized images
2018-08-16 16:32:56 +10:00
38c10a3dc2
correct the validator
2018-08-15 14:56:24 +10:00
d4fd19d49a
UX: Replace Google search with Discourse search on not found page
...
* UX: Replace Google search with Discourse search on not found page.
* FIX: Update application_controller_spec.rb.
2018-08-15 11:53:04 +10:00
06f82a7d72
correct exception handling, always do to_i in array
2018-08-15 11:31:42 +10:00
bc47148d35
add validation to exclude_category_ids
2018-08-15 09:53:28 +10:00
12bab65167
FIX: going from /categories to /latest on mobile might break infinite scrolling
2018-08-15 01:22:03 +02:00
ba0e322fd0
FIX: Validation of topic params broke discourse-assign
2018-08-14 18:45:46 +02:00
ad5f502332
FIX: add a basic validator for topic params
...
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
d10c9d7d75
FIX: Missing extensions for non-image uploads due to 2b57239389.
2018-08-13 10:58:55 +08:00
b9072e8292
FEATURE: Add "Reset Bump Date" action to topic admin wrench ( #6246 )
2018-08-10 10:51:03 +10:00
ef4b9f98c1
FEATURE: Allow admins to reply without topic bump
2018-08-10 10:48:30 +10:00
2c4d7225d8
FIX: permalink redirects with subfolder
2018-08-09 11:05:27 -04:00
ed4c0f256e
FIX: check permalinks for deleted topics
...
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
0b7ed8ffaf
FEATURE: backend support for user-selectable components
...
* FEATURE: backend support for user-selectable components
* fix problems with previewing default theme
* rename preview_key => preview_theme_id
* omit default theme from child themes dropdown and try a different fix
* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
2b57239389
FIX: Upload's content is the only source of truth for the file type.
2018-08-07 13:15:00 +08:00
6797395bd0
FIX: staff should be allowed to agree and keep post
2018-08-07 10:05:43 +10:00
812add18bd
REFACTOR: Serve auth provider information in the site serializer.
...
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
1f45215537
FEATURE: Drafts view in user profile
...
* add drafts.json endpoint, user profile tab with drafts stream
* improve drafts stream display in user profile
* truncate excerpts in drafts list, better handling for resume draft action
* improve draft stream SQL query, add rspec tests
* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)
* cleanup
* linting fixes
* apply prettier styling to modified files
* add client tests for drafts, includes a fixture for drafts.json
* improvements to code following review
* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix
* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed
* prettier, eslint fixes
* use "username_lower" from users table, added error handling for rejected promises
* adds guardian spec for can_see_drafts, adds improvements following code review
* move DraftsController spec to its own file
* fix failing drafts qunit test, use getOwner instead of deprecated this.container
* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
919e8db686
FIX: Check for group name availability should skip reserved usernames.
2018-08-01 11:09:33 +08:00
1708ff1808
UX: add a route /rules as an alias for /faq and /guidelines
2018-07-26 15:38:08 -04:00
f38942d121
FIX: Destroy session between omniauth callbacks controller tests
2018-07-25 16:33:42 +01:00
1ac643d71c
FIX: Email template for "Queued Posts Reminder" was not found
2018-07-24 17:26:52 +02:00
fad9c2b971
PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table.
2018-07-24 13:51:53 +08:00
ae8b0a517f
PERF: Split skipped email logs into a seperate table.
2018-07-24 13:14:37 +08:00
f4b5eccad3
FIX: categories page crawler view had incorrect URLs
2018-07-23 14:54:41 -04:00
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
a2281fbb19
FEATURE: allows to jump to a date in a topic
2018-07-19 16:00:13 +02:00
6d6e026e3c
FEATURE: selectable avatars
2018-07-18 12:57:43 +02:00
ac0053f491
FEATURE: navigate to first post and auto bump category settings
...
### navigate_to_first_post_after_read setting for categories
When enabled on categories logged on users will return to OP after
reading the entire category. (useful for documentation categories)
### num_auto_bump_daily
Set a number of topics that will automatically bump daily on a category.
- Every 15 minutes we will check if any category has this setting
- Categories with the setting are shuffled
- We exclude pinned, closed, category description and archived topics
- Maximum of 1 topic for the list of categories is bumped till limit reached per category
- We always try to bump oldest first
- Limit is elastic using a RateLimiter that ensures that we only bump N per day
Also some minor organisation on category settings
Froze strings on category.rb
2018-07-16 18:10:35 +10:00
21ebb1cd54
FEATURE: Secondary emails support.
2018-07-16 11:09:49 +08:00
711371e8c8
FIX: Select+below will ask server for post ids on megatopics.
2018-07-13 15:10:39 +08:00
2901691e87
FEATURE: per-category approval settings ( #5778 )
...
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
258e9e35ca
PERF: Make mega topics work without a stream.
...
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld .
2018-07-12 12:46:12 +08:00
decf1f27cf
FEATURE: Groundwork for user-selectable theme components
...
* Phase 0 for user-selectable theme components
- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
0a28181c62
Fix the build take 2.
2018-07-10 11:27:03 +08:00
5374a0e720
Fix the build.
2018-07-10 09:48:57 +08:00
10bc69a62f
FEATURE: Event on topic merge ( #6057 )
2018-07-10 09:28:57 +08:00
9a813210b9
SECURITY: Do not allow authentication with disabled plugin-supplied a… ( #6071 )
...
Do not allow authentication with disabled plugin-supplied auth providers
2018-07-09 14:25:58 +10:00
9948f57a99
REFACTOR: Update test to assert for the right objects.
2018-07-09 09:54:14 +08:00
18f5f646b1
FEATURE: allow selecting a tag when moving posts to a new topic ( #6072 )
2018-07-06 18:21:32 +02:00
e72fd7ae4e
FIX: move crawler blocking into anon cache
...
This refinement of previous fix moves the crawler blocking into
anonymous cache
This ensures we never poison the cache incorrectly when blocking crawlers
2018-07-04 11:14:43 +10:00
7f98ed69cd
FIX: move crawler blocking to app controller
...
We need access to site settings in multisite, we do not have access
yet if we attempt to get them in request tracker middleware
2018-07-04 10:30:50 +10:00
982df3c17b
FIX: return status 400 for invalid member params
...
previously error returned was a 500 which is not ideal
and is logged
2018-06-29 10:15:17 +10:00
fd7bb8e656
FIX: Scope the `cn` to the subfolder
2018-06-28 11:03:36 -04:00
ec3e6a81a4
FEATURE: Second factor backup
2018-06-28 10:12:32 +02:00
6bcdc3ba4b
FEATURE: allow author to delete posts irrespective of post_edit_time_limit
2018-06-26 21:43:06 +05:30
7efdccdbc5
FIX: allow staff to remove tags from queued topics
2018-06-26 17:08:40 +05:30
0365806b93
FIX: Properly display error when post action fails to create.
2018-06-20 21:20:23 +08:00
ae5d255f83
FIX: Reference example.com instead of somesite.com in examples
...
* somesite.com actually exists...
* example.com should be used in examples and is harmless to visit
2018-06-19 10:37:24 -04:00
5f86434bf1
DEV: make tests less fragile
2018-06-14 18:31:07 +10:00
8fc08aad09
FEATURE: Update the webmanifest
...
- Remove share target because the spec is changing
- Allow any orientation again because natural is too restrictive
- Use correct file and mime types for the manifest
2018-06-14 00:13:28 -03:00
4a9dadb646
Add test case for topic embed CSS
2018-06-13 16:22:54 +10:00
249a256cd2
Fix build
2018-06-11 09:12:28 +03:00
77f1cdf20e
REFACTOR: admin backups controller specs to requests ( #5953 )
2018-06-11 13:26:24 +08:00
1dbe13886f
REFACTOR: admin site texts controller specs to requests ( #5958 )
2018-06-11 12:59:21 +08:00
4f06d6078b
REFACTOR: admin themes controller specs to requests ( #5954 )
2018-06-11 12:54:16 +08:00
1fe092da0a
REFACTOR: admin badges controller specs to requests ( #5960 )
2018-06-11 12:50:56 +08:00
bf8d392a51
REFACTOR: admin user fields controller specs to requests ( #5961 )
2018-06-11 12:50:21 +08:00
4c8939d530
REFACTOR: admin email controller specs to requests ( #5962 )
2018-06-11 12:50:08 +08:00
c0776884dd
REFACTOR: admin reports controller specs to requests ( #5963 )
2018-06-11 12:49:28 +08:00
da94eaa81d
REFACTOR: admin color schemes controller specs to requests ( #5964 )
2018-06-11 12:48:58 +08:00
767f022b29
REFACTOR: admin screened ip addresses controller specs to requests ( #5965 )
2018-06-11 12:48:34 +08:00
93b1386fb2
REFACTOR: admin site settings controller specs to requests ( #5966 )
2018-06-11 12:48:09 +08:00
325f975ed3
REFACTOR: admin dashboard controller specs to requests ( #5967 )
2018-06-11 12:47:42 +08:00
a4574cf2ca
REFACTOR: admin webhooks controller specs to requests ( #5969 )
2018-06-11 12:47:29 +08:00
a914ec28fc
REFACTOR: admin impersonate controller specs to requests ( #5968 )
2018-06-11 12:47:14 +08:00
d22b552c9b
REFACTOR: admin emojis controller specs to requests ( #5974 )
2018-06-11 12:39:31 +08:00
12b1687e1f
REFACTOR: admin permalinks controller specs to requests ( #5970 )
2018-06-11 12:37:21 +08:00
37c84451ed
REFACTOR: admin staff action logs controller specs to requests ( #5971 )
2018-06-11 12:37:06 +08:00
65241c6778
REFACTOR: admin api controller specs to requests ( #5972 )
2018-06-11 12:35:45 +08:00
2c8a9d36af
REFACTOR: admin versions controller specs to requests ( #5973 )
2018-06-11 12:35:05 +08:00
237559c76f
REFACTOR: admin screened emails controller specs to requests ( #5975 )
2018-06-11 12:33:54 +08:00
f30c2dacb2
REFACTOR: admin screened urls controller specs to requests ( #5976 )
2018-06-11 12:33:38 +08:00
63b2207065
REFACTOR: admin plugins controller specs to requests ( #5977 )
2018-06-11 12:33:07 +08:00
c6fe082fe4
REFACTOR: admin controller specs to requests ( #5978 )
2018-06-11 12:32:55 +08:00
4ac7be1d1c
REFACTOR: admin embeddable hosts controller specs to requests ( #5979 )
2018-06-11 12:32:13 +08:00
062aecd239
REFACTOR: admin embedding controller specs to requests ( #5980 )
2018-06-11 12:31:58 +08:00
f5ad0022f7
REFACTOR: admin users controller specs to requests ( #5946 )
2018-06-08 12:42:06 +08:00
3a8f69c3d2
DEV: Assert for 200 response code to avoid changing magic helper in the future.
2018-06-07 16:11:09 +08:00
1e805cfd3e
REFACTOR: composer messages controller specs to requests ( #5940 )
2018-06-07 13:51:52 +08:00
c6c1ef71c1
REFACTOR: inline onebox controller specs to requests
2018-06-07 13:11:45 +08:00
30be1b0d2b
REFACTOR: category hashtags controller specs to requests ( #5936 )
2018-06-07 13:09:23 +08:00
9975f9751e
REFACTOR: metadata controller specs to requests ( #5935 )
2018-06-07 13:08:28 +08:00
1957cb541b
REFACTOR: permalinks controller specs to requests ( #5934 )
2018-06-07 13:08:13 +08:00
f2a5a84f0b
REFACTOR: similar topics controller specs to requests ( #5933 )
2018-06-07 13:07:53 +08:00
37829a521a
REFACTOR: stylesheets controller specs to requests
2018-06-07 13:06:32 +08:00
a8d33603f9
REFACTOR: export CSV controller specs to requests
2018-06-07 13:02:02 +08:00
0124209a96
REFACTOR: site controller specs to requests
2018-06-07 12:58:33 +08:00
3c96ee4b6f
REFACTOR: clicks controller specs to requests ( #5929 )
2018-06-07 12:57:29 +08:00
2688cc6241
REFACTOR: post action users controller specs to requests
2018-06-07 12:55:01 +08:00
e2e566214d
REFACTOR: user avatars controller spec to requests
2018-06-07 12:53:33 +08:00
05c1fe5c8f
REFACTOR: user actions controller specs to requests
2018-06-07 12:52:06 +08:00
7f21892ad0
REFACTOR: finish installation controller specs to requests
2018-06-07 12:49:47 +08:00
5ecaa55e50
REFACTOR: webhooks controller specs to requests
2018-06-07 12:46:29 +08:00
cc82fb33b5
REFACTOR: queued posts controller specs to requests
2018-06-07 12:41:26 +08:00
1b7d46c054
REFACTOR: post actions controller specs to requests
2018-06-07 12:38:17 +08:00
f75d1e958d
REFACTOR: extra locales controller specs to requests
2018-06-07 12:34:39 +08:00
d2880246cd
REFACTOR: steps controller specs to requests
2018-06-07 12:31:13 +08:00
47ddb3a7ca
Merge branch 'wizard-controller' of https://github.com/OsamaSayegh/discourse into OsamaSayegh-wizard-controller
2018-06-07 12:27:48 +08:00
600ff85ecd
REFACTOR: draft controller specs to requests ( #5942 )
2018-06-07 12:24:20 +08:00
f5178ded56
REFACTOR: offline controller spec to requests ( #5943 )
2018-06-07 12:24:05 +08:00
89ad2b5900
DEV: Rails 5.2 upgrade and global gem upgrade
...
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated
Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
d8e641cd98
FIX: avatar_url includes upload_path twice when local storage used
2018-06-06 18:27:30 +05:30
3244fb8959
REFACTOR: wizard controller specs to requests
2018-06-06 12:07:55 +03:00
a83ab01264
REFACTOR: Remove extra param for group mentionable and messableable route.
2018-06-06 09:42:09 +08:00
f8d82f135f
FIX: do not verify group visibility when checking for mentionable/messageable
2018-06-05 16:59:21 +05:30
d3e610eed9
REFACTOR: topic controller (2) specs to requests ( #5911 )
2018-06-05 12:03:49 +08:00
475d944d74
REFACTOR: onebox controller specs to requests ( #5914 )
2018-06-05 11:36:08 +08:00
22fcc04d38
REFACTOR: user badges controller specs to requests ( #5912 )
2018-06-05 10:59:01 +08:00
79dcd79470
REFACTOR: email controller specs to requests ( #5917 )
2018-06-05 10:57:11 +08:00
a508e6a5f6
DEV: Stablize `requests/search_controller_spec`.
2018-06-05 10:07:05 +08:00
bc75cfe4b5
REFACTOR: tags controller specs ( #5908 )
2018-06-04 14:09:14 +08:00
1f8805d3af
REFACTOR: user api keys contoller specs to request
2018-06-04 16:07:53 +10:00
807223deef
REFACTOR: notifications controller specs to requests
2018-06-04 16:06:53 +10:00
e4bdafb550
REFACTOR: categories controller specs to requests ( #5903 )
...
REFACTOR: categories controller specs to requests
2018-06-04 12:04:32 +08:00
e58ed247f2
REFACTOR: uploads controller specs to requests ( #5907 )
2018-06-04 11:13:52 +08:00
cfea837e88
REFACTOR: search controller specs to requests ( #5906 )
2018-06-04 11:12:38 +08:00
9b4a98695e
REFACTOR: list controller specs to requests ( #5902 )
2018-06-04 11:09:59 +08:00
474ff94df3
REFACTOR: convert invites controller specs to requests ( #5898 )
...
REFACTOR: convert invites controller specs to requests
2018-06-01 13:06:08 +08:00
d4848f2d58
REFACTOR: topics controller specs to requests ( #5886 )
...
* REFACTOR: topics controller specs to requests
2018-05-31 22:45:32 +08:00
7fc8a36529
DEV: Take 2 Queue jobs in tests by default.
...
On my machine this cuts the time taken to run our test suite
from ~11mins to ~9mins.
2018-05-31 16:23:23 +08:00
56e9ff6853
Revert "DEV: Queue jobs in tests by default."
...
Too risky for now
This reverts commit be28154d3b
2018-05-31 15:34:46 +08:00
be28154d3b
DEV: Queue jobs in tests by default.
2018-05-31 14:45:47 +08:00
95f9b72351
FIX: Update activation email route was returning a generic json error.
2018-05-31 14:19:43 +08:00
4e21a031df
Remove trailing whitespace
2018-05-31 12:31:46 +10:00
23e3a68592
REFACTOR: session controller specs to requests
2018-05-31 12:31:46 +10:00
21e9315416
FIX: Use user account email instead of auth email when totp is enabled.
...
https://meta.discourse.org/t/github-2fa-flow-broken/88674
2018-05-30 12:15:12 +08:00
123a22e6d8
DEV: Clean up omniauth after mocking.
2018-05-28 15:12:54 +08:00
a081771950
Merge pull request #5872 from OsamaSayegh/users-controller-specs-to-request
...
REFACTOR: users contollers specs => request specs
2018-05-28 13:32:37 +08:00
0347c97520
tgxworld feedback
2018-05-28 06:20:47 +03:00
4195c7c9ea
FEATURE: Ability to clear a user's penalty history
...
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
2018-05-25 12:54:22 -04:00
bac0482061
REFACTOR: users contollers specs => request specs
2018-05-25 05:04:25 +03:00
3db1032bfd
FIX: not found page shouldn't include the Google search form for sites with login_required enabled
2018-05-23 16:59:02 -04:00
609804f5ef
REFACTOR: merge posts controller specs into request specs
2018-05-23 08:53:46 +10:00
450a600721
REFACTOR: about & badge controllers => requests
2018-05-22 13:45:13 +10:00
788ca1f112
FIX: stop adding email to unsubscribe url
...
Instead of adding email to unsubscribe url store it in redis for 1 hour
rate limit calls to unsubscribe endpoint to ensure there is no risk of
bloating redis
Also move controller to request specs
2018-05-22 09:07:03 +10:00
b7b08b4173
Fix regression introduced in 2ceb107074.
2018-05-21 13:26:23 +08:00
2ceb107074
Refactor tests to use the json extension instead of headers.
2018-05-21 09:49:46 +08:00
9f422c93f6
FIX: restrict updates on `confirm_old_email` email templates
2018-05-19 12:19:59 +05:30
9532d9a555
FIX: handle invalid tags
2018-05-17 19:33:12 +05:30
131b7f5da5
make 🤖 rubocop happy
2018-05-16 16:35:04 +02:00
3cd4c82c49
Allow parameters for group and username filters on directory ( #5815 )
2018-05-16 16:20:17 +02:00
37232fcb58
FIX: staff members should see all tags
2018-05-13 17:50:21 +02:00
2eb2f273a8
Refactor of `PushSubscriptionPusher`.
2018-05-09 08:14:14 +08:00
7f1f697e97
FIX: de-duplicate push subscriptions - ensure unique user/key
2018-05-08 15:20:39 -07:00
52db0b31c1
FIX: Automatically add user to groups after updating email address
2018-05-08 21:27:22 +02:00
83245aa508
FIX: better handling of invite links after they are redeemed
...
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
21007a4a8d
Rewrite push notifications controller specs as request specs.
...
* Improve assertions to test for the outcome we expected instead
of just asserting for a 200 response.
* Remove duplicated assertion.
2018-05-07 15:40:46 +08:00
aa0d32231c
FIX: Incorrect query when removing a group owner.
...
https://meta.discourse.org/t/group-rename-and-group-owners-removal-problems/85596
2018-05-07 13:57:00 +08:00
a5172a37e0
Allow staff members to enable safe mode, even if disabled
2018-04-25 11:49:57 -04:00
146a6c3592
FIX: exclude topics from latest in /categories on refresh
...
When you hit refresh on categories page it would not supress correctly
2018-04-24 11:07:26 -04:00
fd14ee4797
FEATURE: Allow safe mode to be disabled
2018-04-24 11:03:33 -04:00
9eabf7c02c
Fix randomly failing specs due to SearchLog cache.
2018-04-23 10:10:10 +08:00
70d181bff8
FIX: Better error message in `GroupsController#add_members`.
...
https://meta.discourse.org/t/cant-add-members-to-a-group/85738?u=tgxworld
2018-04-20 10:28:52 +08:00
3d7dbdedc0
FEATURE: An API to help sites build robots.txt files programatically
...
This is mainly useful for subfolder sites, who need to expose their
robots.txt contents to a parent site.
2018-04-16 15:43:20 -04:00
a1ef455c78
SECURITY: do not show private topic title on /unsubscribed page
2018-04-16 10:35:57 +05:30
3632b8d8d6
FEATURE: provide extra signal about content age to crawlers
...
Adds Last-Modified field to help teach crawlers not to crawl old content
2018-04-13 14:58:33 +10:00
df7970a6f6
prefix the robots.txt rules with the directory when using subfolder
2018-04-11 22:05:02 +02:00
d9d86577ff
FIX: Staff users are not affected by `enable_group_directory` site setting.
2018-04-10 09:22:01 +08:00
c82b2dcc24
Remove admin group management pages.
2018-04-09 15:14:50 +08:00
4111f17f64
add missing test for rel next/prev
2018-04-09 15:01:16 +10:00
0623785f69
FIX: Prevent group owners from editing admin only settings.
2018-04-06 11:44:58 +08:00
3a7b696703
FEATURE: allow for setting crawl delay per user agent
...
Also moved to default crawl delay bing so no more than a req every 5 seconds is allowed
New site settings:
"slow_down_crawler_user_agents" - list of crawlers that will be slowed down
"slow_down_crawler_rate" - how many seconds to wait between requests
Not enforced server side yet
2018-04-06 10:15:23 +10:00
e36e9de28a
Allow admin to view logs of automatic groups.
2018-04-05 16:31:55 +08:00
8760c4d68c
Fix `GroupsController#group_params` to allow more group attributes to be updated.
2018-04-05 13:53:00 +08:00
434cbc649f
FEATURE: Webhook for tag events
2018-04-04 17:49:20 +05:30
efb19dbdaf
Merge pull request #5705 from discourse/new_webhooks
...
FEATURE: Webhook for group and category events
2018-04-02 10:53:21 +05:30
52e75eaee9
UX: Tweaks to group pages.
2018-03-29 17:04:48 +08:00
21ae49ab92
Simplify log in for request specs.
2018-03-28 11:32:47 +08:00
7311023a52
Merge pull request #5700 from discourse/crawl-block
...
FEATURE: control web crawlers access with white/blacklist
2018-03-27 15:06:03 -04:00
62edf3c401
Add spec test for authComplete param carry-forward
2018-03-27 18:04:40 +05:30
7edab1c0b9
UX: Add `groups/custom/new` route for admins to create a new group.
2018-03-27 17:39:05 +08:00
558914b986
Fix random spec errors
2018-03-27 11:14:06 +02:00
e7407d0adc
FEATURE: Webhook for group and category events
2018-03-27 11:53:35 +05:30
2ecd234e27
UX: Consolidation group manangement into a single tab.
2018-03-27 13:34:46 +08:00
dcd1d422d1
UX: Allow admins to set users as owners while adding users.
...
https://meta.discourse.org/t/adding-owners-members-ux-is-inconsistent-and-misleading/58084/9
2018-03-26 17:33:50 +08:00
35745166b5
UX: New group membership management workflow.
...
https://meta.discourse.org/t/adding-owners-members-ux-is-inconsistent-and-misleading/58084
2018-03-26 16:15:02 +08:00
5f19ad9507
FIX: allow destination categories to be set if not at first
2018-03-23 11:33:02 -04:00
38af67eb73
Update the destination category id when a user changes it
2018-03-23 11:12:56 -04:00
27bde6bc11
Fix the build.
2018-03-23 11:43:32 +08:00
ced7e9a691
FEATURE: control which web crawlers can access using a whitelist or blacklist
2018-03-22 15:41:02 -04:00
f3b402ffd5
UX: Allow users to filter members on group page.
...
* Only admins are allowed to filter users by email.
2018-03-22 14:02:41 +08:00
a23509cbf3
UX: Limit the number of group names displayed on user page.
2018-03-21 16:38:33 +08:00
9f216ac182
FIX: Infinite loading more on groups page.
2018-03-21 09:25:42 +08:00
2baff71518
Improve specs.
2018-03-21 08:33:06 +08:00
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
15bcfcd182
UX: Allow users to filter by different group types on groups page.
2018-03-20 17:38:11 +08:00
41b0fbe001
UX: Indicate user's group membership on groups page.
2018-03-19 18:29:30 +08:00
05ea034490
UX: Allow groups page to be searchable.
2018-03-19 17:16:51 +08:00
0522aabaab
UX: Allow user_count on groups page to be sortable.
2018-03-19 16:15:13 +08:00
e9bc763440
FIX: show only allowed tags on PM tags page and display correct count
...
FIX: tags page should link to user profile we are browsing
2018-03-17 00:17:48 +05:30
fe96ef6ed2
UX: Use topic list for displaying group messages on group page.
...
https://meta.discourse.org/t/group-inbox-on-a-groups-page-mockup/71319
2018-03-16 11:56:40 +08:00
a35227918f
UX: Display group topics in a topic list.
2018-03-15 11:37:55 +08:00
7d375690c1
Merge pull request #5667 from techAPJ/pm-tags-page
...
FEATURE: replace PM tags dropdown with a dedicated tags page
2018-03-13 13:08:21 +05:30
24338fbbe8
FEATURE: replace PM tags dropdown with a dedicated tags page
2018-03-13 13:06:58 +05:30
2ad2ed2eb2
FIX: Couldn't move a topic into the uncategorized category.
2018-03-13 10:20:47 +08:00
aac7796124
FIX: do not show tags with 0 count on /tags page
2018-03-09 20:57:31 +05:30
c29660c8f1
FEATURE: filter personal messages by tags
2018-03-08 14:42:07 +05:30
0134e41286
FEATURE: detect when client thinks user is logged on but is not
...
This cleans up an error condition where UI thinks a user is logged on
but the user is not. If this happens user will be prompted to refresh.
2018-03-06 16:49:31 +11:00
31e3bf6d8d
FEATURE: New "Categories and Top" homepage style
...
Select this option if you want to show top topics on the homepage
instead of latest topics.
2018-03-03 14:26:57 -05:00
939180efa8
FIX: Missing 2FA guards when sso is enabled or when local login is disabled.
2018-03-02 10:39:10 +08:00
5c93d07d2a
Remove duplication of params in tests.
2018-03-02 09:25:46 +08:00
75172024ca
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:27 +11:00
fb75f188ba
FEATURE: Disallow login via omniauth when user has 2FA enabled.
2018-03-01 15:47:07 +08:00
0fabf80dca
Migrate controller type specs to request types for omniauth.
2018-03-01 15:33:00 +08:00
06891ce51d
FIX: Direct link to group activity page results in 400 error.
...
https://meta.discourse.org/t/following-a-direct-link-to-group-activity-results-in-400-error/81596
2018-02-27 13:43:22 +08:00
c64f09b6b7
REFACTOR: Simplify and DRY `Group#invite`.
2018-02-26 11:59:07 +08:00
0559a4736a
FIX: don't double request when downloading a file
2018-02-24 12:35:57 +01:00
dd26bbe868
Merge pull request #5610 from discourse/pm-tags
...
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
7cbda949f1
REFACTOR: New spec tests and code improvement
2018-02-22 20:27:02 +05:30
76a2fc3d07
UX: Add og metadata for groups.
...
https://meta.discourse.org/t/onebox-for-groups/79155
2018-02-22 15:03:41 +08:00
720e1965e3
FEATURE: add category suppress from latest
...
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.
New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
b16471edfb
FIX: Invalid token error incorrectly displayed on email login page.
2018-02-21 15:46:53 +08:00
14f3594f9f
Review Changes for f4f8a293e7.
2018-02-21 14:55:49 +08:00
f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
03b3e57a44
FEATURE: login by a link from email
...
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
f2e7b74d88
FIX: don't return 200s when login is required to paths
...
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
6b04967e2f
FEATURE: Staff members can lock posts
...
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
79eb9d7086
FEATURE: show header search results on search log term details page
2018-01-17 12:47:16 +05:30
d9788a5fb3
missed a spec
2018-01-15 14:51:04 +11:00
49ed382c2a
FIX: return 429 when admin api key is limited on admin route
...
This also handles a general case where exceptions leak out prior to being handled by the application controller
2018-01-12 14:15:26 +11:00
9030d3ef63
FIX: do not create duplicate topics
...
https://meta.discourse.org/t/duplicate-http-https-topics-are-randomly-created/77190
2018-01-04 23:53:52 +05:30
647cf7545d
Fix randomly failing spec.
2018-01-03 14:42:16 +08:00
69a90f31fb
FEATURE: Allow Forums to disable the Backups feature
2017-12-21 15:22:04 -05:00
eab66065d1
FEATURE: search log term details page ( #5445 )
2017-12-20 13:41:31 +11:00
97ceebb570
SECURITY: Don't pass email backup token to sidekiq as a parameter.
...
* This exposes the token in the Sidekiq dashboard which can be
viewed by an admin and defeats the purpose of using a token
in the download backup email ink.
2017-12-18 11:25:22 +08:00
5e90abfaea
FIX: use hijack for emoji uploads
2017-12-18 10:31:19 +11:00
f2565f6c7e
SECURITY: Any group can be invited into a PM.
2017-12-14 14:57:48 +08:00
96584403cd
SECURITY: prevent staged accounts from changing email
2017-12-14 17:16:49 +11:00
492af81e67
FIX: save registration_ip_address for staged users logging in via social auth
2017-12-12 17:41:16 +05:30
410994b7f5
FEATURE: Show a button to Staff for "Moderation History" on posts/topics
...
When clicked, it pops up a modal showing a history of moderation actions
taken on the post or topic.
2017-12-05 15:20:20 -05:00
6e054b2572
FEATURE: Convert HTML to Markdown while pasting in composer
2017-12-05 12:23:39 -05:00
7f2eeaf767
FIX: Password required flag should be cleared whenever clearing the raw password ( #5384 )
2017-12-01 15:19:24 +11:00
1c2d1682ae
Merge pull request #5328 from tgxworld/reenable_interpolation_keys_check
...
FIX: Re-enable invalid interpolation keys check and allow default key…
2017-11-30 13:04:54 +08:00
d5e7691ae9
favicon proxy now uses hijack
2017-11-27 14:51:14 +11:00
5805979e88
FIX: Re-enable invalid interpolation keys check and allow default keys to be left out of translation overrides.
...
https://meta.discourse.org/t/bulk-invite-from-file-resets-the-invite-forum-mailer-customized-text/67606/16
2017-11-27 11:00:08 +08:00
82222e8d18
Improve specs to test for the right response status.
2017-11-24 09:32:44 +08:00
628275fc31
FIX: Some badge routes were still working even with badges disabled
2017-11-21 12:22:44 -05:00
2d48caffdf
FIX: be more lenient when deleting a custom emoji
2017-11-20 23:50:23 +01:00
41673c322c
dear Rubocop, don't be so pedantic ;-)
2017-11-19 12:45:33 +01:00
92a831bae6
FEATURE: user directory returns staged users during search
2017-11-19 01:17:31 +01:00
3831663fea
FEATURE: search logs page ( #5313 )
2017-11-15 11:13:50 +11:00
9ebb1412d3
FIX: Brittle, order dependent spec
2017-11-04 09:30:17 -04:00
d320f4840d
FIX: Unable to invite groups that are not public visible into pms.
...
https://meta.discourse.org/t/inviting-groups-broken-in-head/73346/6
2017-11-03 21:40:33 +08:00
ab2a5cef38
FIX: Can't edit membership request template on group page.
2017-11-02 08:51:43 +08:00
9586f0bdc9
fix the build - take 2
2017-10-20 21:34:56 +05:30
a6f2533d38
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 09:04:46 +08:00
6fe604b93e
Revert "SECURITY: Fix XSS on unsubscribed page."
...
This reverts commit 190558db9d
2017-10-09 09:03:07 +08:00
190558db9d
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 08:59:03 +08:00
3efde2618d
UX: Do not display non-human users on group page.
...
https://meta.discourse.org/t/members-of-groups-staff/71437
2017-10-06 10:35:40 +08:00
beca02c046
FIX: moderators couldn't see flagged topics list
2017-10-05 14:12:07 -04:00
c29334cf23
FEATURE: the hide_email_address_taken setting works with the change email address form in user preferences
2017-10-04 11:41:25 -04:00
fafe7cc661
remove trailing whitespaces
2017-10-03 13:02:04 +02:00
daf1dda700
FIX: username autocomplete in assign modal wasn't working
2017-10-03 12:49:45 +02:00
5bb326a452
Add specs for EmailTemplatesController
2017-10-02 14:53:27 +02:00
8140e54675
FIX: More fixes for `Group#mentionable` and `Group#messageable` feature.
2017-10-02 17:45:58 +08:00
c872225762
Improve `MessageBus.track_publish` to allow filter by channel.
2017-10-02 11:34:57 +08:00
4e07bbfbbf
FIX: Only allow intergers for page params.
2017-10-02 10:45:54 +08:00
4319d8a142
FIX: Missing template error when rendering `topics#show` error message.
2017-09-28 11:06:44 +08:00
d7c37d9369
Add front end service for staff controls
2017-09-25 12:25:14 -04:00
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
104d97695d
FIX: don't activate un-confirmed email on omniauth authentication ( #5176 )
2017-09-12 17:36:17 +02:00
5c1143cd55
Add missing test case for `PostController#timings`.
2017-09-04 16:36:02 +08:00
6bc74ceb50
Split alias levels in mentionable and messageable levels. ( #5065 )
...
* Split alias levels in mentionable and messageable levels.
* Fixed some tests.
* Set messageable level to everyone by default.
* By defaults, groups are not mentionable or messageable.
* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
41ca527d7a
Fix Rubocop error.
2017-08-24 15:28:18 +09:00
8779490ce4
Move new controller specs to reqeusts folder.
2017-08-24 12:01:11 +09:00
a9c5d843f7
remove problem spec that does not work properly in rails 4 mode into application controller and correct it
2013-11-11 10:50:48 +11:00
2843f1cf4b
collapse some slow tests
2013-04-22 11:06:10 +10:00
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00
Vinoth Kannan
David Taylor
Sam
Gerhard Schlager
Bianca Nenciu
Blake Erickson
Neil Lalonde
Raul Tambre
Joffrey JAFFEUX
Osama Sayegh
James Kiesel
Guo Xiang Tan
Misaka 0x4e21
Régis Hanol
Penar Musaraj
Leo McArdle
Kyle Zhao
Jordan Seanor
Maja Komel
Robin Ward
Arpit Jalan
Michael Brown
Rafael dos Santos Silva
Guo Xiang Tan
Joe Buhlig
Jeff Wong
Erick Guan
Vinoth Kannan
Gosha Arinich