Sam
21f7ac1f25
correct spec, require closing tag for bbcode blocks
2017-06-26 16:51:55 -04:00
Robin Ward
db485ae0da
FIX: Support for skipping redirects on certain domains (like steam)
2017-06-26 15:38:43 -04:00
Sam
8967d50dc2
Clean up sanitization code
...
- remove html table test, this is soon to be deprecated
- move sanitization tests into pretty text.rb
- fix up whitelister so it makes a copy of options
2017-06-26 15:21:47 -04:00
Neil Lalonde
69b2d64334
FIX: letter avatars in quotes on subfolders installs are broken
2017-06-23 17:12:13 -04:00
Sam
814c8804d4
correct text highlighting for no highlight
2017-06-23 14:35:46 -04:00
Sam
b7386958ed
don't leak state into other tests
2017-06-23 12:01:33 -04:00
Sam
234694b50f
Feature: CommonMark support
...
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it
As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.
This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Neil Lalonde
8fd915a11a
Revert "FIX: add path to cookies so sessions on the same domain but different subfolders don't log each other out"
2017-06-21 16:18:24 -04:00
Robin Ward
aaaa93c216
FIX: Full page search was removing advanced search terms
2017-06-21 15:51:15 -04:00
Arpit Jalan
6796de8bf2
FIX: replace site_name with email_prefix in subject when use_site_subject is true
2017-06-21 21:15:49 +05:30
Jakub Macina
aad1c9bef2
Add rspec tests for searching by a filetype.
2017-06-20 21:21:56 +02:00
Neil Lalonde
1716747810
FIX: add path to cookies so sessions on the same domain but different subfolders don't log each other out
2017-06-20 13:30:36 -04:00
Jakub Macina
bf002e0873
Add extraction of image_url for oneboxed images. Fix search by images filter name.
2017-06-19 15:18:02 +02:00
Alberto Aguirre
b24bdc5b20
FIX: discourse_hub_spec stub_request should include query params
2017-06-18 14:40:28 -05:00
Neil Lalonde
c5f42f0e97
fix discourse_hub_spec
2017-06-16 15:31:13 -04:00
Guo Xiang Tan
a6450f7377
REFACTOR: Allow `delete_removed_posts_after` SiteSetting to be bypassed.
2017-06-16 12:27:51 +09:00
Guo Xiang Tan
d82dbd565b
FIX: Remove dependency on `rest-client`.
2017-06-16 09:42:41 +09:00
Neil Lalonde
eb9f306e64
FIX: fail to send email notification if post has img tag with no src attribute
2017-06-15 10:36:19 -04:00
Sam
ac1f84d3e1
SECURITY: theme key should be an anon cache breaker
2017-06-15 09:36:27 -04:00
Joffrey JAFFEUX
f1750be2be
Fixes woman_shrugging name conversion
2017-06-15 08:26:29 +02:00
Neil Lalonde
b98a930364
Merge pull request #4896 from dmacjam/multiple-tags-logical-and-search
...
FEATURE: Advanced search supports logical AND of multiple tags
2017-06-14 14:39:23 -04:00
Joffrey JAFFEUX
95e1843d33
Improves native emoji conversion
2017-06-14 17:42:52 +02:00
Joffrey JAFFEUX
ab6086bce9
Transforms native skin toned emojis to valid names
2017-06-14 15:35:37 +02:00
Robin Ward
009f0921dc
FEATURE: Whitelist hosts for internal crawling
2017-06-13 12:59:54 -04:00
Sam
826f332766
Merge pull request #4901 from jjaffeux/emoji-5.0
...
Emoji next
2017-06-13 11:12:41 -04:00
Robin Ward
a3729b51eb
FIX: Always allow the host the forum is hosted on
2017-06-12 13:22:51 -04:00
Guo Xiang Tan
eab3562864
Merge pull request #4905 from tgxworld/strip-zero-width-chars-from-search-term
...
FIX: Strip zero-width characters from search terms.
2017-06-12 18:01:02 +09:00
Guo Xiang Tan
e888369f51
UX: Don't send emails for discobot notifications.
2017-06-12 17:00:27 +09:00
Robin Ward
b5bead1fe3
FIX: Don't use `target=_blank` for local oneboxes
2017-06-09 12:15:36 -04:00
Jakub Macina
76712da166
Add backend code for searching posts with images.
2017-06-09 10:30:21 +02:00
Robin Ward
602e4d0da4
FIX: Return `nil` when the `reply_key` is missing
2017-06-08 14:28:48 -04:00
Guo Xiang Tan
684b05f510
FIX: Strip zero-width characters from search terms.
2017-06-07 18:19:47 +09:00
Robin Ward
53b95f009f
FIX: If HEAD is not supported, try GET. Also set cookies
2017-06-06 13:53:49 -04:00
Jakub Macina
8f7d81fde6
Add rspec test for searching posts with images.
2017-06-06 14:39:53 +02:00
Joffrey JAFFEUX
09d34b7642
emoji images are now v5 not v3
...
TODO: we should not hardcode this
2017-06-05 16:10:36 +02:00
Arpit Jalan
a1ebd67237
Revert "FEATURE: new setting to prioritize open topics in search"
2017-06-03 01:54:35 +05:30
Arpit Jalan
b8a87a0996
FEATURE: new setting to prioritize open topics in search
2017-06-03 00:33:53 +05:30
Jakub Macina
eaec35d230
Fix tag related advanced search tests into one context. Fix dynamic locale and select clause in search by all tags. Fix separator for all tags to plus sign.
2017-06-02 12:39:07 +02:00
Guo Xiang Tan
bd486100c0
Remove stubs on DiscourseEvent in tests.
2017-06-01 16:21:00 +09:00
Jakub Macina
6d1fafaff6
Add rspec tests for advanced search by tags.
2017-05-30 13:01:17 +02:00
Sam
0aed2533ac
Revert unread optimisation, has too many edge cases
2017-05-26 09:04:13 -04:00
Guo Xiang Tan
56f98de7b2
Use webmock to stub external web requests.
2017-05-26 15:19:09 +08:00
Guo Xiang Tan
f8f1548fd4
Revert "FIX: Use Excon to do its own stubbing"
...
This reverts commit 80af54460a
.
2017-05-26 13:04:25 +08:00
Sam
29fac1ac18
PERF: improve performance of unread queries
...
Figuring out what unread topics a user has is a very expensive
operation over time.
Users can easily accumulate 10s of thousands of tracking state rows
(1 for every topic they ever visit)
When figuring out what a user has that is unread we need to join
the tracking state records to the topic table. This can very quickly
lead to cases where you need to scan through the entire topic table.
This commit optimises it so we always keep track of the "first" date
a user has unread topics. Then we can easily filter out all earlier
topics from the join.
We use pg functions, instead of nested queries here to assist the
planner.
2017-05-25 15:07:30 -04:00
Robin Ward
cdbe027c1c
Refactor `FileHelper` to use keyword arguments.
2017-05-24 13:54:26 -04:00
Sam
f12490eae0
FIX: order:latest not working for search within topic
...
FEATURE: use 'l' as a shorthand for order:latest
2017-05-24 11:24:41 -04:00
Robin Ward
3b0cbf7013
FIX: Always allow downloads from CDN
2017-05-23 16:32:54 -04:00
Robin Ward
b81e7be9a1
FEATURE: Rate limit how often we'll crawl a destination IP
2017-05-23 15:03:04 -04:00
Robin Ward
36e477750c
FIX: Use same code path for downloading images
2017-05-23 14:51:30 -04:00
Robin Ward
e5e7a15a85
SECURITY: Never crawl by IP
2017-05-23 13:07:18 -04:00
Robin Ward
93a5fc62bf
FEATURE: A site setting to prevent crawling on private IP blocks
2017-05-23 11:56:06 -04:00
Robin Ward
80af54460a
FIX: Use Excon to do its own stubbing
2017-05-22 18:19:20 -04:00
Robin Ward
b51126dd5e
FIX: Reset the WebMock after before every test
2017-05-22 17:52:31 -04:00
Régis Hanol
9dddb81cf6
FIX: remove memoization on class method used in a job
2017-05-22 23:35:41 +02:00
Blake Erickson
4e8beda332
Merge pull request #4866 from JaredReisinger/admin-user-pagination
...
Add pagination to /admin/users/list API
2017-05-22 15:12:59 -06:00
Robin Ward
d4b16b487e
FIX: Another onebox head request
2017-05-22 17:00:19 -04:00
Robin Ward
a8d1e44943
FIX: Onebox will do a HEAD request first for redirects
2017-05-22 16:52:26 -04:00
Robin Ward
4c690f7089
Use `FinalDestination` to ensure public redirects for onebox
2017-05-22 16:42:49 -04:00
Robin Ward
b23fc2bf84
Helper to find the final destination for a URL
2017-05-22 15:52:41 -04:00
Régis Hanol
a7f337fa93
FIX: CDN wasn't properly applied to category background images when using S3
2017-05-22 18:37:01 +02:00
Robin Ward
28f486cb7a
FIX: Regular users shouldn't be able to invite to PMs if disabled
2017-05-19 12:57:21 -04:00
Régis Hanol
4fb335f1f0
FIX: don't process the same incoming email more than once
2017-05-18 16:43:07 +02:00
Régis Hanol
a1b8a3b52b
FIX: supports bare <li> when converting html to markdown
2017-05-17 15:05:11 +02:00
Jared Reisinger
645f648ea7
Merge remote-tracking branch 'upstream/master' into admin-user-pagination
2017-05-16 13:36:47 -07:00
Neil Lalonde
7821400141
FEATURE: staff can set a timer to remind them about a topic
2017-05-16 14:49:50 -04:00
Robin Ward
dd0cb6a117
FIX: Add missing test
2017-05-15 16:57:09 -04:00
Jared Reisinger
1dcd61fa34
Add pagination to /admin/users/list API
...
Prior to this, only the first 100 active/new/etc. users were available
via the `/admin/users/list` API. This change adds support for a
`page=#` querystring parameter so that *all* of the users can be
retrieved. Requests for pages past the last user result in an
empty-list response; requests for negative pages (or zero) just return
the first page.
Added tests to cover pagination.
2017-05-12 13:28:35 -07:00
Robin Ward
1fb08d24d9
FIX: Latest onebox adds more attributes to links for security
2017-05-12 15:49:56 -04:00
Neil Lalonde
8b9799507c
fix deploy problems due to renamed table
2017-05-12 15:17:25 -04:00
Sam
47ce674798
PERF: bypass wizard check after 15 topics are created
2017-05-12 10:18:43 -04:00
Neil Lalonde
55b61e9bea
rename topic_status_update to topic_timer
2017-05-11 18:27:53 -04:00
Sam
52ae63d5d7
FIX: when searching PMs also search group PMs
...
Users belonging to a group could not search for PMs unless explicitly added
to the PM unless admin
2017-05-11 15:59:03 -04:00
Sam
9b84cd832c
confirm in:private works for non staff
2017-05-11 15:06:45 -04:00
Robin Ward
b57b635d30
FIX: Extract `div` tags within `span`s
2017-05-09 12:33:54 -04:00
Robin Ward
addc85cd08
FIX: Don't let users edit wiki posts unless they can reply
2017-05-08 16:23:11 -04:00
Robin Ward
009e120e13
FIX: Don't raise an error when the img attribute cannot be found
2017-05-08 15:35:31 -04:00
Robin Ward
96c59c5b82
FIX: Don't notify or return flags on system users
2017-05-08 13:13:35 -04:00
Sam
7a15b44ac3
rename on_remove, on_drop
2017-05-04 14:03:17 -04:00
Sam
6a6eed4ed2
DEV: column dropper class for cleaner removal of superflous columns
...
Also fixes issues during deploy cause target column was renamed in
theme_fields
2017-05-04 10:15:41 -04:00
Guo Xiang Tan
4101db8b36
FIX: Invalid creation of `Theme` in wizard builder.
2017-05-04 11:44:23 +08:00
Régis Hanol
bf322281e3
Improve handling of inlined images in incoming emails
2017-05-03 23:02:02 +02:00
Régis Hanol
768c63c103
Add 'keep_cid_imgs' option to HTML to Markdown converter to improve incoming email parsing
2017-05-03 23:01:55 +02:00
Régis Hanol
e38014772b
FIX: skip hidden <img> (no tracking for you)
2017-05-03 19:40:34 +02:00
Régis Hanol
c8044c6956
FIX: skip hidden nodes when converting from HTML to Markdown
2017-05-03 19:34:03 +02:00
Régis Hanol
bff36de130
FIX: HtmlToMarkdown should not convert empty/bad <img> tags
2017-05-03 18:29:25 +02:00
Régis Hanol
c880af8120
FIX: properly trim whitespaces (including those pesky html entities)
2017-05-03 18:04:31 +02:00
Sam
342ef5f81a
FEATURE: out-of-the-box dark/light user selectable themes
2017-05-03 11:31:33 -04:00
Régis Hanol
edbf12622b
FIX: HtmlToMarkdown should not convert empty/bad <a> tags
2017-05-03 16:42:37 +02:00
Sam
946f25098f
Refactor theme fields so they support custom theme defined vars
...
This paves the way to allowing themes to specify uploads and so on.
2017-05-02 16:02:14 -04:00
Sam
ba9339b8d7
FIX: missing image-url helper
2017-05-01 15:32:02 -04:00
Robin Ward
b99aedeccc
Merge pull request #4838 from vinothkannans/fix/read
...
FIX: 'read' filter in top menu showing new topics
2017-05-01 11:21:13 -04:00
Claus Strasburger
e9bb9a167b
Fix reply-by-mail for 8-bit transfer encodings
...
The mail class seems to handle mails sent with Content-Transfer-Encoding: 8bit
somewhat weirdly: It decodes them (to utf-8), changes the raw source to base64,
and does not modify the Content-Type:charset= header.
This leads to Discourse trying the message encoding (in my example ISO-8859-1)
first, and if that does not contain any unparseable characters, it uses that.
Sadly, in ISO-8859-1, every byte sequence is valid.
Fix this by always trying to decode as UTF-8 first. The probability of someone
using another encoding that cleanly (but wrongly) decodes as UTF-8 should be
fairly low.
2017-04-30 23:30:40 +02:00
Vinoth Kannan
1241660c2c
FIX: 'read' filter in top menu showing new topics
2017-04-29 14:37:45 +05:30
Régis Hanol
aba76bace6
add support to keep img tags when converting to html
2017-04-28 22:14:46 +02:00
Régis Hanol
51ee49aad2
FIX: properly support HTML document when converting to markdown
2017-04-28 22:02:20 +02:00
Régis Hanol
0ec15af970
restore the 'incoming_email_prefer_html' site setting
2017-04-27 14:31:11 +02:00
Guo Xiang Tan
59b906ab0d
FEATURE: Disable minimum post length check when in PM with non human users.
...
https://meta.discourse.org/t/discourse-narrative-bot-beta-feedback/58621/65?u=tgxworld
2017-04-27 16:00:22 +08:00
Régis Hanol
b76674f640
FEATURE: convert incoming emails in HTML to markdown
...
- remove incoming_email_prefer_html site setting
- remove HtmlCleaner class
2017-04-26 16:49:06 +02:00
Guo Xiang Tan
aef89c4850
REFACTOR: Load `Post` records in batches when destroying stubs.
2017-04-25 10:19:21 +08:00
Régis Hanol
d5630d6160
HtmlToMarkdown library
...
Small library to transform HTML to Discourse-flavored markdown (mostly used for imports)
2017-04-24 22:01:41 +02:00
Arpit Jalan
dad2024094
FIX: do not impose default min/max validation on hidden site setting
2017-04-22 12:08:39 +05:30
Sam
b077335a30
make stat socket much more robust
2017-04-21 17:12:29 -04:00
Arpit Jalan
b0151ab66a
Merge pull request #4826 from techAPJ/site-setting-max-value
...
FIX: all basic integer settings should have min & max value validation
2017-04-21 20:21:10 +05:30
Sam
52306c393a
FEATURE: basic implementation of stats socket
2017-04-21 10:24:43 -04:00
cpradio
20c2c66dd4
FEATURE: Add normal as a preference for topic subscription state when replying to a topic
2017-04-20 22:33:10 -04:00
Arpit Jalan
9eff4f0807
FIX: all basic integer settings should have max value validation
2017-04-21 07:09:41 +05:30
Sam
e119c6e01e
FIX: embedded comments not working when theme is missing
2017-04-20 10:31:33 -04:00
Robin Ward
1363988cd7
Support for an HTML builder that can create dynamic HTML
2017-04-17 17:32:55 -04:00
Guo Xiang Tan
04016f0dec
Support Ruby 2.4.
2017-04-15 12:29:00 +08:00
Sam
a3e8c3cd7b
FEATURE: Native theme support
...
This feature introduces the concept of themes. Themes are an evolution
of site customizations.
Themes introduce two very big conceptual changes:
- A theme may include other "child themes", children can include grand
children and so on.
- A theme may specify a color scheme
The change does away with the idea of "enabled" color schemes.
It also adds a bunch of big niceties like
- You can source a theme from a git repo
- History for themes is much improved
- You can only have a single enabled theme. Themes can be selected by
users, if you opt for it.
On a technical level this change comes with a whole bunch of goodies
- All CSS is now compiled using a custom pipeline that uses libsass
see /lib/stylesheet
- There is a single pipeline for css compilation (in the past we used
one for customizations and another one for the rest of the app
- The stylesheet pipeline is now divorced of sprockets, there is no
reliance on sprockets for CSS bundling
- CSS is generated with source maps everywhere (including themes) this
makes debugging much easier
- Our "live reloader" is smarter and avoid a flash of unstyled content
we run a file watcher in "puma" in dev so you no longer need to run
rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Guo Xiang Tan
24d3c77d19
Fix the build.
2017-04-12 10:38:17 -04:00
Guo Xiang Tan
3861bd2793
FIX: Quotes should be ignored when parsing for onebox source.
2017-04-11 15:22:21 +08:00
Guo Xiang Tan
0a4c30bce3
FIX: Handle cases where `alt` and `title` tag is blank when parsing excerpt.
2017-04-11 14:18:27 +08:00
Guo Xiang Tan
e49f3a408e
FEATURE: Add option for `ExcerptParser` to keep onebox source.
2017-04-10 16:11:58 +08:00
Robin Ward
17f2974d0a
SECURITY: Confirm new administrator accounts via email
2017-04-04 15:59:01 -04:00
Guo Xiang Tan
f4758a4c4d
FEATURE: Allow admins to schedule a topic to be published in the future.
2017-04-04 11:16:05 +08:00
Guo Xiang Tan
34b7bee568
FEATURE: Allow admin to auto reopen at topic.
...
* This commit also introduces a `TopicStatusUpdate`
model to support other forms of deferred topic
status update in the future.
2017-03-31 11:14:18 +08:00
Robin Ward
14410b71fb
Convert server side paths to use `/u/`
2017-03-30 10:23:24 -04:00
Yana Agun Siswanto
cd2d2f16e5
Allow to order search results by the topic creation date
...
based on: https://meta.discourse.org/t/allow-to-order-search-results-by-the-topic-creation-date/38544
2017-03-30 01:18:38 +07:00
Arpit Jalan
8bf12502bd
Merge pull request #4780 from techAPJ/send-statistics
...
FEATURE: Send anonymized usage statistics to Discourse if "Discourse Hub" can't reach the site
2017-03-28 10:02:05 +05:30
Arpit Jalan
f3cd5f61c5
FEATURE: Send anonymized usage statistics to Discourse if Discourse Hub can't reach the site
2017-03-28 09:07:23 +05:30
Régis Hanol
dd1cc23caf
fix randomly failing specs
2017-03-27 22:47:41 +02:00
Arpit Jalan
3449339fea
FIX: admin locales were not getting converted to message format
2017-03-25 01:12:23 +05:30
Guo Xiang Tan
b87c5eb1b6
Fix randomly failing spec.
2017-03-24 15:46:42 +08:00
Arpit Jalan
1853a4852c
FIX: use email prefix only in subject
2017-03-21 20:29:57 +05:30
Guo Xiang Tan
5169ef8814
Fix broken specs.
2017-03-16 15:05:28 +08:00
Guo Xiang Tan
6312b8b7e4
Fix failing specs.
2017-03-14 14:58:22 +08:00
Guo Xiang Tan
1a7e954e09
FIX: Store custom emojis as uploads.
...
* Depending on a hardcoded directory was a flawed design
which made it impossible to debug when custom emojis go
missing.
2017-03-14 13:07:18 +08:00
Sam
82ca0e368e
FEATURE: stop escaping special chars in title prettify
...
This feature is confusting and just leads to inconsistency
2017-03-13 10:02:20 -04:00
Sam
6ebddc42d1
FIX: include children categories when searching a category
2017-03-10 15:58:47 -05:00
Guo Xiang Tan
c623951306
FEATURE: Search can be scoped to posts that the current user has seen/unseen.
...
https://meta.discourse.org/t/advanced-search-posts-that-i-have-seen/57966
2017-03-09 01:01:33 +08:00
Régis Hanol
ee9d621d9c
FIX: surround the FROM alias with " in order to support the @ character
2017-03-07 23:37:21 +01:00
Sam
99f4d5082b
FIX: Improve token rotation and increase logging
...
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
Neil Lalonde
0661cebbcf
fix intermittent failing spec
2017-03-07 11:59:05 -05:00
Guo Xiang Tan
a28704bcee
FIX: Can't recover a post when its user has been deleted.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
Guo Xiang Tan
76dd6933d2
Revert "Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."""
...
This reverts commit e6d75f6844
.
This is why we should not be pushing directly to master.
2017-03-01 10:16:59 +08:00
Robin Ward
d27575176a
Enforce a minimum amount of posters in a topic for `get_a_room`
2017-02-28 16:47:16 -05:00
Sam
122fb8025d
FIX: last seen date erroneously updated when browser in background
...
In some cases user may be "last seen" even though browser tab is in
the background or computer is locked
2017-02-28 12:35:10 -05:00
Neil Lalonde
292dd8623c
Merge pull request #4622 from dmacjam/master
...
FEATURE: Append tags bulk action for topics
2017-02-28 11:36:58 -05:00
Guo Xiang Tan
e6d75f6844
Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email.""
...
This reverts commit 0e3def7d2b
.
2017-02-28 11:27:14 +08:00
Sam
1e980ad4e6
Merge pull request #4721 from oblakeerickson/sort_admin_users_api
...
FEATURE: Add order logic to admin users controller
2017-02-27 16:13:42 -05:00
Neil Lalonde
e634b37f9a
FIX: from field of emails should be including email_site_title or site title settings
2017-02-27 14:23:07 -05:00
Robin Ward
0e3def7d2b
Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."
...
This reverts commit 1060239e2d
.
2017-02-27 13:19:26 -05:00
jomaxro
f5673fbd47
Remove references to elder
...
The use of the TL4 name Elder was changed in 2014 to Leader. The spec function was changed to `:trust_level_4`, but the it statement was not changed.
2017-02-26 17:40:42 -07:00
Blake Erickson
0e6cb752da
Clean up valid order names
...
Add a sortable mappings list to match other endpoints and so that you
don't have to use database column names.
Example: 'created' => 'created_at'
Also cleaned up some of the logic since a lot of it got moved into the
SORTABLE_MAPPING hash.
2017-02-25 11:51:40 -07:00
Blake Erickson
e9d5c3265c
Change param asc to ascending
...
For consistency, change param asc to ascending:
https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649/17?u=oblakeerickson
2017-02-25 09:13:31 -07:00
Blake Erickson
0a41da6bad
FEATURE: Add order logic to admin users controller
...
Added order and direction parameters for sorting admin user pages. This
commit only includes backend api changes.
https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649
Now you can pass in `order` and `asc` parameters to the
`/admin/users/list/<query>.json` endpoint.
Example:
`/admin/users/list/active.json?&order=post_count` which defaults to desc
and
`/admin/users/list/active.json?order=post_count&asc=true`
2017-02-24 17:11:17 -07:00
Régis Hanol
a2c04be718
FIX: eradicate I18n fallback issues 💣
...
FIX: client's translation overrides were not working when the current locale was missing a key
FIX: ExtraLocalesController.show was not properly handling multiple translations
FIX: JsLocaleHelper#output_locale was not properly handling multiple translations
FIX: ExtraLocalesController.show's spec which was randomly failing
FIX: JsLocaleHelper#output_locale was muting cached translations hashes
REFACTOR: move 'enableVerboseLocalization' to the 'localization' initializer
REFACTOR: remove unused I18n.js methods (getFallbacks, localize, parseDate, toTime, strftime, toCurrency, toPercentage)
REFACTOR: remove all I18n.pluralizationRules and instead use MessageFormat's pluralization rules
TEST: add tests for localization initializer
TEST: add tests for I18n.js
2017-02-24 11:31:21 +01:00
Guo Xiang Tan
1060239e2d
SECURITY: Ensure oAuth authenticated email is the same as created user's email.
2017-02-24 13:13:10 +08:00
Guo Xiang Tan
0847b4258a
Revert "SECURITY: Ensure that user has been authenticated."
...
This reverts commit fbe51d68a7
.
Changing the commit message to correctly reflect what we're actually
fixing.
2017-02-24 13:12:29 +08:00
Guo Xiang Tan
fbe51d68a7
SECURITY: Ensure that user has been authenticated.
2017-02-24 10:47:48 +08:00
Sam
ea1007e954
FEATURE: add support for same site cookies
...
Defaults to Lax, can be disabled or set to Strict.
Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
Sam Saffron
b7d2edc7dc
FIX: allow some auth token misses prior to clearing cookie
...
It appears that in some cases ios queues up requests up front
and "releases" them when tab gets focus, this allows for a certain
number of cookie misses for this case. Otherwise you get logged off.
2017-02-22 12:37:11 -05:00
Arpit Jalan
213a496203
FIX: show all staff events related to the target user
2017-02-22 13:31:40 +05:30
Arpit Jalan
b32f33b3f0
FIX: allow staff members to send PMs when enable_private_messages is disabled
2017-02-22 11:32:09 +05:30
Arpit Jalan
046cbad10b
FEATURE: add a button on admin user page that links to action log
2017-02-21 21:38:37 +05:30
Jakub Macina
4a2f13348a
ADD: Append tags bulk action for topics
2017-02-20 18:14:32 +01:00
Sam
7a85469c4c
SECURITY: inactive/suspended accounts should be banned from api
...
Also fixes edge cases around users presenting multiple credentials
2017-02-17 11:03:09 -05:00
Jeff Atwood
9b263a0559
increase req min unique pw chars from 5 to 6
2017-02-16 17:06:19 -08:00
Sam
74d4209d24
FEATURE: allow plugins to register custom topic list filters
2017-02-15 15:25:43 -05:00
Sam
8feb94e13f
FIX: password validator was being too strict
2017-02-14 09:18:04 -05:00
Neil Lalonde
94e1105af7
fix unique char counting in password validator
2017-02-10 10:38:17 -05:00
Neil Lalonde
1bcb835446
FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting
2017-02-09 15:00:22 -05:00
Robin Ward
9fe4427071
Clean up `get_a_room` following review
2017-02-08 12:24:26 -05:00
Neil Lalonde
5a8bbe663a
FEATURE: include most popular tag in page title for webcrawlers of tagged uncategorized topics
2017-02-07 16:55:42 -05:00
Sam Saffron
df8f365d99
FEATURE: improve search so it searches sub categories by default
...
If you want an exact category match use `category:=howto` or `#=howto"
2017-02-07 15:53:37 -05:00
Régis Hanol
02bb7beaaf
FIX: don't put attachments on the CDN when 'prevent anons from downloading files' is enabled
2017-02-07 18:06:44 +01:00
Sam
ff49f72ad9
FEATURE: per client user tokens
...
Revamped system for managing authentication tokens.
- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes
New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.
Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Régis Hanol
ba115480ba
FIX: wasn't extracting links to quoted posts
2017-02-06 14:45:04 +01:00
Robin Ward
f1e7bca3c9
FEATURE: Warn a user when they're replying to the same user too much
2017-02-03 17:00:54 -05:00
Arpit Jalan
dc2171960b
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:01:23 +05:30
Régis Hanol
82555ca761
FIX: mail threading wasn't working properly in Mac Mail
2017-02-01 23:02:41 +01:00
Régis Hanol
8fc7420f83
FIX: prevent huge custom emojis in emails
2017-01-30 18:06:48 +01:00
Arpit Jalan
19f7beaa2c
FIX: topic links were getting dropped when post is rebaked
2017-01-30 14:55:53 +05:30
Leo McArdle
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
Jeff Atwood
521ced38c5
fix spec for default email title
2017-01-19 14:01:51 -08:00
Régis Hanol
07660ecedb
bump onebox
2017-01-19 00:28:37 +01:00
Robin Ward
adb73180f7
FEATURE: Let plugins register themes easily
2017-01-13 11:50:52 -05:00
Régis Hanol
499a83270a
FIX: don't onebox to IP addresses
2017-01-12 22:35:33 +01:00
Guo Xiang Tan
1758af9a1d
FIX: Perform emoji unescape for topic titles in quotes.
2017-01-11 17:23:13 +08:00
Guo Xiang Tan
cdd550e947
Use a different Redis key when PG failover sets site to readonly mode.
2017-01-11 16:38:49 +08:00
Régis Hanol
185dcb2ca1
handle emails with localized headers 😠
2017-01-09 22:59:30 +01:00
Guo Xiang Tan
58f3a2e9a9
Fix randomly failing spec.
2017-01-06 15:25:49 +08:00
Guo Xiang Tan
f473a119ff
Remove unnecessary stub.
2017-01-06 08:53:30 +08:00
Guo Xiang Tan
a89f60b85b
Merge pull request #4631 from tgxworld/prevent_users_from_changing_permissions_of_non_real_users
...
FIX: Do not allow admins to meddle with admin and moderation access o…
2017-01-04 09:10:27 +08:00
Robin Ward
cf7774bdd9
FEATURE: Block muted users from sending you PMs
2017-01-03 14:51:53 -05:00
Arpit Jalan
495a511862
simplify quote markup in emails
2017-01-02 21:37:01 +05:30
Guo Xiang Tan
f1beef43a8
Merge pull request #4618 from tgxworld/fix_invalid_emails
...
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Guo Xiang Tan
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
Sam
c531f4ded5
remove rails-observers
...
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.
For example: if we want to upgrade to rails 5 there is no published gem
Internally the usage of observers had quite a few problem.
The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam
2f6a4cc6de
remove UserActionObserver, replace with after_save and service
...
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
Guo Xiang Tan
5d7f3223f0
SECURITY: Users can only bookmark posts which they can see.
2016-12-21 12:01:26 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Sam
2b808ad9da
Merge pull request #4609 from joebuhlig/category-topics-wiki
...
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Joe Buhlig
87251fded7
FEATURE: Category setting to make all topics wikis
...
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Sam
e0ff57ca75
SECURITY: prevent reuse of password reset
2016-12-19 18:00:22 +11:00
Sam
6ff309aa80
SECURITY: don't grant same privileges to user_api and api access
...
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00