Commit Graph

63 Commits

Author SHA1 Message Date
Neil Lalonde f44bd4ec28 Don't allow sending private messages to suspended users. Emails to suspended users should tell them how to respond, since they can't. 2014-05-06 15:01:27 -04:00
Neil Lalonde 7993c27ce5 Also allow system_user to send pm's even if enable_private_messages is disabled 2014-04-25 14:52:57 -04:00
Neil Lalonde ee8bbadfe8 Allow contact user to send private messages even if enable_private_messages is false 2014-04-23 17:00:22 -04:00
Robin Ward 84da39f5dc FIX: Admins should always be able to see groups so they can edit them. 2014-04-23 15:15:46 -04:00
Robin Ward af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Robin Ward 539890afdf Let's not show tons of extra information about invites unless you're the
person who invited them.
2014-03-21 14:16:11 -04:00
Neil Lalonde 2c725e2779 FEATURE: Trust level 4 abilities: pin/unpin, close, archive, make invisible, split/merge topic 2014-03-17 14:50:28 -04:00
Forest Carlisle e904b2faad Adding name to the list of uneditable items in preferences UI
* If enable_names,  enable_sso, and sso_overrides_name settings are true.
  * Added serialization of can_edit_name so the UI has access to the right.
2014-03-13 13:26:40 -07:00
Régis Hanol fd1c824187 Revert "Merge pull request #2116 from LessonPlanet/disable-name-edit-for-sso"
This reverts commit 91aa21671a, reversing
changes made to f19596af0d.
2014-03-13 18:17:59 +01:00
Neil Lalonde 283dc7dd2d Trust level 4: add ability to edit any post and see edit history 2014-03-13 10:47:49 -04:00
Forest Carlisle e8c7c6fab7 Adding name to the list of uneditable items in preferences UI
* If enable_names,  enable_sso, and sso_overrides_name settings are true.
2014-03-12 17:09:53 -07:00
Neil Lalonde 2838e1c3b5 FIX: don't show option to flag with notify_user to trust level 0 users. they can't send private messages. 2014-03-10 11:48:40 -04:00
Douglas Browne a1e70ac57e Added spec for SSO override username/email changes 2014-03-09 21:38:36 -04:00
Neil Lalonde b696c96a19 Look at the age of a user's first post to determine if the user can be nuked, instead of looking at when the user registered. 2014-02-20 12:29:40 -05:00
Neil Lalonde 8711762143 Users who have made no more than one post can delete their own accounts from their user preferences page. 2014-02-13 13:52:06 -05:00
Sam 81a4b4d97e Merge pull request #1939 from lukemelia/patch-1
Fixed typo in test name
2014-02-13 17:15:49 +11:00
Robin Ward f73a3f252a FIX: Don't allow parent categories to be deleted. Also, remove
duplicated logic and rely on the server response for `can_delete`
status.
2014-02-12 17:24:25 -05:00
Luke Melia e4ff06baad Fixed typo in test name 2014-02-12 15:24:44 -05:00
Sam 93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Robin Ward 8c29ed870e Non-staff users may not delete their posts in archived topics. 2014-01-17 17:42:12 -05:00
Neil Lalonde 7c8ea8c166 Trust level 3 users can edit topic titles and change category 2014-01-16 11:59:26 -05:00
Neil Lalonde 259295d865 Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year. 2014-01-09 11:55:04 -05:00
verg 8a830fb8e3 Prevent deleting 'uncategorized' category 2013-12-31 11:22:44 -06:00
Jithu Gopal 9584ecb295 fixing gender sensitive pronouns 2013-12-03 10:19:54 +05:30
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Robin Ward de30af9302 Support for inviting to a forum from a user's invite page. 2013-11-06 12:56:50 -05:00
Sam 666264879c change it so all topics MUST include a category, we store a special uncategorized category to compensate
this cleans up a bunch of internals and removes some settings
2013-10-24 12:08:02 +11:00
Matthieu Guillemot 3ba1f20674 New site settings to enable/disable the possibility of editing user's nickname or email address 2013-09-14 21:34:21 +09:00
Sam 5b08f73561 give god rights of impersonation to developers, must be edited into the production.rb config file 2013-09-05 10:27:34 +10:00
Neil Lalonde b47eedba00 Add min_trust_to_create_topic setting to require a certain trust level before users can start new topics 2013-09-03 19:12:22 -04:00
Neil Lalonde 663adde90e Users can change their own username at any time if they have no posts 2013-08-23 11:23:00 -04:00
Régis Hanol c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Neil Lalonde b8a1e21dbd Delete all posts is allowed for the same amount of time as delete user 2013-08-13 11:11:05 -04:00
Neil Lalonde b36c6d7b78 Users cannot change their own username after 3 days since registering. Site setting username_change_period allows you to change the number of days. 2013-08-12 14:55:09 -04:00
Neil Lalonde 4fd5087f91 Add button to delete a spammer in the flag modal
Add SiteSettings: delete_user_max_age, delete_all_posts_max. Add delete spammer button to admin flags UI
Moderators can delete users too
2013-07-29 15:29:44 -04:00
Neil Lalonde e25638dab0 add a way to delete posts and topics when deleting a user with UserDestroyer 2013-07-29 15:29:43 -04:00
Sam 7b1f9928e4 staff can change trust levels 2013-07-23 09:13:48 +10:00
Sam 1f3c5cb656 allow end user to recover a post they delete
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Sam 352ac9e60c Finalize read only and post only categories, finished off UI work 2013-07-16 15:46:11 +10:00
Sam ecf17cfebb work in progress, add fidelity to category group permissions (full, create posts, readonly) 2013-07-16 15:46:11 +10:00
Robin Ward 6ca5df0a09 Can recover deleted topics. Deleted topics show the first post as deleted in the UI. 2013-07-12 12:09:17 -04:00
Robin Ward 19c169540c Staff can enter and view deleted topics 2013-07-11 16:39:35 -04:00
Neil Lalonde 7977deb3bf Don't allow editing of title and category of an archived topic 2013-07-09 16:54:46 -04:00
Robin Ward b7327942af Add `deleted_by` to `Trashable` tables 2013-07-09 15:46:36 -04:00
Neil Lalonde b2d300fe0b Add ability to give users a title. Show them under usernames beside posts. Needs love from a designer. 2013-06-25 18:39:20 -04:00
Sam e53aa45f54 I think this is more correct, admins/mods should always be able to invite 2013-06-21 16:35:27 +10:00
Neil Lalonde c4904aacc0 Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-06-03 16:37:40 -04:00
Matt Van Horn 872995db57 refactor guardian class for clarity & correctness
introduce NullUser to avoid type-checking
DRY up code
reduce number of multiple returns
remove some redundant/impossible logic branches
add pending test for possible bug
add test & fix for ability to flag archived posts
add #secure_category? method to topic class
Fix bug that prevented flagging of archived topics
Rename NullUser to AnonymousUser
DRY up can_<action>? methods
Fix some ownership logic, and a test, for Guardian
2013-05-22 01:09:34 -07:00
Sam b5eff93a9d update message bus to support per client filtering
start work on user_tracking_state
fix can_ban? in guardian
expose protected scopes on topic_query we need
move guardian spec to use build as opposed to creating topics / posts / users
start work on user tracking spec
2013-05-21 16:39:51 +10:00
Sam 4f328e3e45 +x on files makes no sense unless they really are executable
rails in the script dir makes no sense, use binstubs or bundler instead
2013-05-09 17:35:15 +10:00