Arpit Jalan
003b03d939
allow staff to delete user if posts are 5 or less irrespective of delete_user_max_post_age
2018-03-05 23:31:29 +05:30
Robin Ward
cd6c5fc5fb
FIX: Disable "Make Personal Message" if they are disabled
2018-03-02 20:28:39 -05:00
Sam
75172024ca
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:27 +11:00
Guo Xiang Tan
e7a7356986
Remove ancient votes code that is no longer used.
2018-02-28 14:37:22 +08:00
Guo Xiang Tan
902c5d11cf
FIX: Don't allow other flag actions after `notify_moderator` has happened.
...
https://meta.discourse.org/t/receiving-sorry-an-error-has-occurred-during-flagging-step-of-discobot-tutorial/77233/5
2018-02-28 11:27:56 +08:00
Robin Ward
69af881f7f
New site setting `trusted_users_can_edit_others`
...
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Vinoth Kannan
84867c1c07
Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm
2018-02-22 06:48:34 +05:30
Vinoth Kannan
2b509eaa91
Merge branch 'master' into pm-tags
2018-02-21 23:55:59 +05:30
Vinoth Kannan
84ce1acfef
FEATURE: Allow staffs to tag PMs
2018-02-21 20:11:46 +05:30
Jeff Wong
f4f8a293e7
FEATURE: Implement 2factor login TOTP
...
implemented review items.
Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator
add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests
add qunit tests - password reset, preferences
fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.
Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP
add two factor to email signin link
rate limit if second factor token present
add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward
b4aa0b096e
FIX: Couldn't like staff when `allow_flagging_staff` was set
2018-02-14 15:46:04 -05:00
Robin Ward
4dfe659189
Rename `allow staff flags` to `allow flagging staff`
2018-02-12 15:27:26 -05:00
Robin Ward
6287631745
FEATURE: New site setting, `allow staff flags`, false by default
...
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
Guo Xiang Tan
932a1a1187
Remove use of deprecated site setting.
2018-02-12 14:26:22 +08:00
Robin Ward
dedeb2deb8
FIX: Don't show the link button in the composer if linking is disabled
2018-02-08 12:56:10 -05:00
Robin Ward
b2b6dc68a6
FEATURE: a setting to customize the minimum TL to flag a post
2018-02-06 17:12:27 -05:00
Robin Ward
2f19588311
FIX: If personal messages are disabled, don't show messages for groups
2018-02-02 16:35:54 -05:00
Arpit Jalan
ff0376a80b
rename 'enable_private_messages' to 'enable_personal_messages'
2018-02-01 13:25:29 +05:30
Robin Ward
9721fb7573
Linting
2018-01-26 14:35:04 -05:00
Robin Ward
6b04967e2f
FEATURE: Staff members can lock posts
...
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Robin Ward
782d75069e
FIX: UX improvements for system messages when PMs are disabled
2018-01-23 13:12:11 -05:00
Robin Ward
1f14350220
Rename "Blocked" to "Silenced"
2017-11-10 14:10:27 -05:00
Neil Lalonde
9dc9ca4ac0
FIX: be consistent with how first posts in topics are counted. do like DirectoryItem.refresh_period :all
2017-11-10 12:18:25 -05:00
Neil Lalonde
fb5b9b6d06
FIX: don't offer the "Something Else" flag reason to TL0 users since they don't have permission to send private messages
2017-10-24 11:47:42 -04:00
Robin Ward
838568cbc3
Refactor flag types for more customization
2017-10-19 13:55:23 -04:00
Guo Xiang Tan
25c25ae423
FEATURE: Allow user to leave a PM.
2017-10-19 12:32:55 +08:00
OsamaSayegh
79f3d299a1
Don't allow category definition topics to be converted to PMs ( #5216 )
2017-10-02 10:04:58 +02:00
Robin Ward
561fa7d0cd
FEATURE: Site Setting to hide suspension reason on the public profile
2017-09-25 12:25:14 -04:00
Guo Xiang Tan
5d4221fbe1
PERF: Avoid calling expensive `PostGuardian#can_see_post?` multiple times.
...
Before
```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
50: 19
75: 19
90: 21
99: 27
topic:
50: 56
75: 62
90: 64
99: 99
timings:
load_rails: 1262
ruby-version: 2.4.1-p111
rss_kb: 198432
pss_kb: 136612
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_9877: 327892
pss_kb_9877: 263671
rss_kb_9946: 325468
pss_kb_9946: 261671
rss_kb_10153: 326456
pss_kb_10153: 262657
```
After
```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
50: 18
75: 18
90: 20
99: 28
topic:
50: 41
75: 42
90: 46
99: 49
timings:
load_rails: 1201
ruby-version: 2.4.1-p111
rss_kb: 187936
pss_kb: 123596
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_26478: 342360
pss_kb_26478: 276696
rss_kb_26547: 340368
pss_kb_26547: 275930
rss_kb_26747: 338964
pss_kb_26747: 274466
```
2017-09-08 14:07:24 +08:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Robin Ward
addc85cd08
FIX: Don't let users edit wiki posts unless they can reply
2017-05-08 16:23:11 -04:00
Guo Xiang Tan
a28704bcee
FIX: Can't recover a post when its user has been deleted.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
Leo McArdle
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
Guo Xiang Tan
5d7f3223f0
SECURITY: Users can only bookmark posts which they can see.
2016-12-21 12:01:26 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Guo Xiang Tan
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Kiffin Gish
3aa22715af
A new guard for changing post timestamps called can_change_post_timestamps?
2016-11-06 20:14:09 +01:00
Sam
674264726d
FIX: should not be allowed to see users list of people who started a PM
2016-10-19 17:36:35 +11:00
Sam Saffron
4d8d5613e4
FEATURE: add min_trust_level_to_edit_post
...
add minimum trust level to edit post (default 0)
2016-10-01 02:12:27 +10:00
Robin Ward
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
Sam Saffron
46b34e3c62
FEATURE: remove user option for edit history public
...
Users can no longer opt-in for "public" edit history
if site owner disables it.
This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Régis Hanol
b65f2fc565
we can't see a nil category
2016-07-02 12:21:14 +02:00
Régis Hanol
5eda2f43c6
small topic/category guardians refactor
2016-06-27 14:36:57 +02:00
Régis Hanol
800081f606
FIX: staged users weren't able to reply in restricted categories
2016-06-26 19:25:45 +02:00
Neil Lalonde
f3f6c2f98f
FEATURE: tag groups
2016-06-06 14:18:48 -04:00
Neil Lalonde
0f8b4dcc86
FIX: trust level 3 should not be able to edit topics in categories that restrict them from doing so
2016-06-01 15:42:10 -04:00
Régis Hanol
1e57bbf5c8
Lots bounce emails related fixes
...
- Show bounce score on user admin page
- Added reset bounce score button on user admin page
- Only whitelisted email types are sent to emails with high bounce score
- FIX: properly detect bounces even when there is no TO: header in the email
- Don't desactivate a user when reaching the bounce threshold
2016-05-06 19:34:33 +02:00
Arpit Jalan
b25d950d99
FEATURE: allow moderators to convert a private message to public topic or vice versa
2016-05-04 22:47:32 +05:30