Commit Graph

53 Commits

Author SHA1 Message Date
Arpit Jalan 016732cced FEATURE: improve suspect user discovery 2019-12-02 16:39:28 +05:30
Krzysztof Kotlarek 427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
Sam Saffron 0a5a6dfded DEV: stop mutating inputs as a side effect
We had quite a few cases in core where inputs are being mutated as a side
effect of calling a method.

This handles all the cases where specs caught this.

Mutating inputs makes code harder to reason about. Eg:

```
frog = "frog"
jump(frog)
puts frog
"fly" # ?????
```

This commit is part of a followup commit that adds # frozen_string_literal
to all our specs.
2019-04-30 10:25:53 +10:00
Guo Xiang Tan c5808a8a25 PERF: N+1 queries admin users pages. 2019-03-15 15:09:44 +08:00
Régis Hanol b8d5f8d29d
REFACTOR: remove where conditions array with only 1 item 2019-02-11 15:42:32 +01:00
Maja Komel ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Sam 89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Régis Hanol a9ebde5111 FEATURE: new 'staged' users list for admins 2018-05-17 01:52:49 +02:00
Guo Xiang Tan f3b402ffd5 UX: Allow users to filter members on group page.
* Only admins are allowed to filter users by email.
2018-03-22 14:02:41 +08:00
Guo Xiang Tan 52b9af10a1 PERF: PG queries for the `UserEmail#email` column was not using the index. 2018-03-19 11:31:14 +08:00
Guo Xiang Tan 1b04d881c5 UX: Display lock icon in admin user lists when user has 2FA enabled. 2018-02-22 09:00:09 +08:00
Robin Ward 1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Sam 06365023c4 FEATURE: new API to search for a user by email 2017-11-09 17:04:21 +11:00
Sam 2d5bf0705a PERF: exact email match bypass
instead of scanning full table when there is an exact email match ONLY
return the actual user.
2017-11-09 16:53:14 +11:00
Guo Xiang Tan c25730935e FIX: Do not include non-human users on suspected users list.
https://meta.discourse.org/t/discobot-is-a-suspect-user/70558
2017-09-26 15:04:08 +08:00
Robin Ward db929e58fc FIX: Don't allow staff to approve users with unverified emails 2017-09-04 12:55:39 -04:00
Guo Xiang Tan 2d4d76472d FIX: Broken suspect user lists.
https://meta.discourse.org/t/server-error-code-500/68404
2017-08-22 11:16:55 +09:00
Leo McArdle 836dee1120 FIX: add additional email to tests and clean up resulting mess 2017-07-31 22:27:29 +00:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Leo McArdle d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Jared Reisinger 1dcd61fa34 Add pagination to /admin/users/list API
Prior to this, only the first 100 active/new/etc. users were available
via the `/admin/users/list` API.  This change adds support for a
`page=#` querystring parameter so that *all* of the users can be
retrieved.  Requests for pages past the last user result in an
empty-list response; requests for negative pages (or zero) just return
the first page.

Added tests to cover pagination.
2017-05-12 13:28:35 -07:00
Blake Erickson 0e6cb752da Clean up valid order names
Add a sortable mappings list to match other endpoints and so that you
don't have to use database column names.

Example: 'created' => 'created_at'

Also cleaned up some of the logic since a lot of it got moved into the
SORTABLE_MAPPING hash.
2017-02-25 11:51:40 -07:00
Blake Erickson e9d5c3265c Change param asc to ascending
For consistency, change param asc to ascending:

https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649/17?u=oblakeerickson
2017-02-25 09:13:31 -07:00
Blake Erickson 0a41da6bad FEATURE: Add order logic to admin users controller
Added order and direction parameters for sorting admin user pages. This
commit only includes backend api changes.

https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649

Now you can pass in `order` and `asc` parameters to the
`/admin/users/list/<query>.json` endpoint.

Example:

`/admin/users/list/active.json?&order=post_count` which defaults to desc

and

`/admin/users/list/active.json?order=post_count&asc=true`
2017-02-24 17:11:17 -07:00
Régis Hanol 8f68a95e56 FIX: trim leading & trailing whitespaces in admin user search 2016-10-10 16:18:57 +02:00
Robin Ward dc1a830d3d SECURITY: SQL Injection in Admin List Active Users 2016-07-28 11:42:06 -04:00
Robin Ward 5f3ac2a0cb Tweak suspect list to make sure any accounts listed are older than 1
day.
2014-12-03 12:21:43 -05:00
Robin Ward 9bdac79ba6 Make suspect report use <= 1 instead of = 0 2014-12-01 17:15:07 -05:00
Robin Ward c7bda41dda FIX: Use `OR` query instead of `AND`, also check that the profile is
blank
2014-11-26 16:29:58 -05:00
Robin Ward 257bde8e2b FEATURE: "Suspect" users list in admin. 2014-11-26 13:58:16 -05:00
Robin Ward cb124d5836 UX: Consolidate "Admins" and "Moderators" into "Staff" on admin users
list
2014-11-26 13:10:12 -05:00
Régis Hanol a609e1b655 fix the build :fired: 2014-11-24 19:48:08 +01:00
Régis Hanol d3d517108d FIX: display total number of other accounts with the same IP address in the IP lookup dialog 2014-11-24 19:34:04 +01:00
Régis Hanol 7b1c001932 FIX: limit other accounts deletion to 50 accounts otherwise it'll feel too slow 2014-11-24 18:05:40 +01:00
Régis Hanol 0398ab7514 FIX: when adding an IP to the spammer list, check the broader ban list
first

FEATURE: allow admins to search users using IP ranges
2014-11-21 18:16:06 +01:00
Régis Hanol 98e8523eec UX: improve ip-lookup modal
- replace close button with cross
- use table instead of ul/li
- use trust level number instead of full name
- sort users by descending trust level
- add post count
2014-11-19 21:38:53 +01:00
Jeff Atwood 82be9d3445 setting this to 200 was not a good idea 2014-11-18 03:04:59 -08:00
Jeff Atwood 601a13acef increase new user query to 200 results 2014-11-17 16:45:33 -08:00
Régis Hanol b09ad87098 FIX: add 'show emails' button from moderators in user admin section 2014-11-03 12:46:08 +01:00
Régis Hanol 6e053942a4 FIX: moderators should be able to search users by email 2014-10-29 22:08:41 +01:00
Arpit Jalan a826840540 Moderators can search users by ip address 2014-10-23 23:30:11 +05:30
Arpit Jalan 1035df46bf FEATURE: search by ip address on admin user list page 2014-10-23 08:02:02 +05:30
Régis Hanol c46b9c0ac3 FIX: allow admins to search users by email 2014-10-07 12:05:38 +02:00
Régis Hanol 7e309a21cf FEATURE: hide emails behind a button for staff members 2014-09-29 22:31:05 +02:00
Akshay 6301a43d57 Not initializing variable for looping if unused in loop 2014-08-15 03:24:55 +05:30
Régis Hanol 59b5ba7c0f BUGFIX: IP lookup wasn't working when using HTTPS
REFACTOR: the ip locator into a ip-lookup component
2014-07-07 22:18:18 +02:00
Benjamin Kampmann 2aabf4fdcd ip locator on ipinfo.io basis added to admin 2014-06-18 09:22:44 +02:00
Régis Hanol b328fd0031 BUGFIX: N+1 query when listing users in admin section 2014-04-08 19:12:53 +02:00
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde 3b15e2e58e Banned users are not returned as pending review users 2013-08-22 19:23:49 -04:00