Davide Porrovecchio
dd9d815178
FIX: Add User Api Key headers to CORS
...
- add User-Api-Key and User-Api-Client-Id to Access-Control-Allow-Headers
- update test
2018-07-24 10:28:23 +10:00
Vinoth Kannan
84ab825e41
FEATURE: Webhook for user destroyed event ( #6124 )
2018-07-23 13:19:49 +05:30
Guo Xiang Tan
125126c893
Fix typo.
2018-07-20 07:57:00 +08:00
Guo Xiang Tan
9b18ee4bba
Improve handling of file params in lograge.
2018-07-19 08:23:59 +08:00
Sam
665ade50c6
SECURITY: extra CORS headers should be set on correct host
2018-07-11 09:29:02 +10:00
Sam
b97b426d34
Revert "FIX: wrong site origin in message bus header"
...
This reverts commit 93b49a0dd5
.
2018-07-11 09:26:43 +10:00
Neil Lalonde
93b49a0dd5
FIX: wrong site origin in message bus header
2018-07-10 15:01:03 -04:00
Dax74
ccc2d94ae8
Update link
...
See https://meta.discourse.org/t/wrong-link-on-manual-admin-creation/90849
2018-06-27 11:38:01 +02:00
Sam
5f64fd0a21
DEV: remove exec_sql and replace with mini_sql
...
Introduce new patterns for direct sql that are safe and fast.
MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API
- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder
See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Guo Xiang Tan
8a2c5fbebb
Remove unused lines.
2018-06-11 08:44:41 +08:00
Guo Xiang Tan
2aad91d4a2
PERF: Don't bloat the Sidekiq queue with `Jobs::SendPushNotification`.
2018-05-24 10:04:09 +08:00
Sam
6974b7d6a8
FIX: run deferred jobs inline in sidekiq
2018-05-23 12:05:37 +10:00
Guo Xiang Tan
467d91347a
Missing specs for `Group`, `Tag`, `Category` and `Flag` web hooks.
2018-05-21 17:29:58 +08:00
Guo Xiang Tan
bf84037f79
FIX: Payload for webhooks should be current as of the time the event was triggered.
...
https://meta.discourse.org/t/group-category-tag-user-deleted-webhooks-not-firing/87752
2018-05-21 17:29:58 +08:00
Jeff Wong
2002a7c4ef
FIX: regenerate vapid keys when the public key bytes is blank
2018-05-07 17:01:56 -07:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android ( #5792 )
...
* Feature: Push notifications for Android
Notification config for desktop and mobile are merged.
Desktop notifications stay as they are for desktop views.
If mobile mode, push notifications are enabled.
Added push notification subscriptions in their own table, rather than through
custom fields.
Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Sam
26ce930ac6
FIX: remove auth cookie if we see InvalidAccess
2018-04-20 11:21:51 +10:00
Guo Xiang Tan
1b9a38c5e2
FIX: Incorrect formatter used when logstash formatter is enabled.
2018-04-17 12:07:52 +08:00
Guo Xiang Tan
a902d5b27f
Replace ActiveSupport::Logger with DiscourseLogstashLogger when enabled.
2018-04-13 12:08:27 +08:00
Arpit Jalan
a16b616861
FEATURE: webhook for flag events
2018-04-13 07:47:58 +05:30
Vinoth Kannan
434cbc649f
FEATURE: Webhook for tag events
2018-04-04 17:49:20 +05:30
Guo Xiang Tan
e04d09d148
Add Process pid to lograge output as well.
2018-04-04 18:31:29 +08:00
Guo Xiang Tan
746889bbc1
Include hostname in lograge payload.
2018-04-04 18:24:30 +08:00
Vinoth Kannan
e7407d0adc
FEATURE: Webhook for group and category events
2018-03-27 11:53:35 +05:30
Kyle Zhao
f7bd05e534
FEATURE: set 'Retry-After' header for 429 responses ( #5659 )
2018-03-13 23:12:41 +08:00
Sam
0134e41286
FEATURE: detect when client thinks user is logged on but is not
...
This cleans up an error condition where UI thinks a user is logged on
but the user is not. If this happens user will be prompted to refresh.
2018-03-06 16:49:31 +11:00
Guo Xiang Tan
66d620f7b1
FEATURE: Trigger topic webhook when topic status is updated.
2018-02-27 11:07:37 +08:00
scossar
9d0807224b
Don't enqueue topic webhook unless a post has a topic
2018-02-22 14:34:59 +08:00
Sam
ca1a3f37e3
FEATURE: add instrumentation for all external net calls
2018-02-21 15:20:29 +11:00
Gerhard Schlager
ce060e2b86
FIX: Server didn't use default_locale as fallback locale
2018-01-25 14:57:41 +01:00
Guo Xiang Tan
54dc191a91
Update `rails_multisite` to 2.0.1.
2018-01-19 10:19:16 +08:00
Sam
442a17bfb2
PERF: bypass omniauth unless in an auth path
2018-01-15 12:44:54 +11:00
Sam
ea63abf0f7
bypass mini profiler for locales
...
bypass cdn for now
2018-01-09 11:30:59 +11:00
Arpit Jalan
b205910faa
FIX: allow upto three url redirects in onebox ( #5457 )
2017-12-27 10:30:06 +11:00
Guo Xiang Tan
6c4ee9d5b5
FEATURE: Trigger user webhook when a user logs in/out.
...
https://meta.discourse.org/t/how-do-you-learn-how-to-build-these-plugins/57946/10?u=tgxworld
2017-12-20 17:47:30 +08:00
Guo Xiang Tan
7d8cd84fa6
Improve lograge custom payload error handling.
2017-12-12 17:27:40 +08:00
Sam
63bdc4056d
More log suppressions for rate limit exceeded
2017-12-11 17:52:57 +11:00
Guo Xiang Tan
2ff3444568
Rescue from errors when trying to append custom payloads to lograge output.
2017-12-08 08:31:58 +08:00
Sam
0693ed10d1
remove logging code for now
2017-12-08 08:36:35 +11:00
Vinoth Kannan
58aeaef0c4
FIX: Rescue if default_current_user_provider raised an error
2017-12-08 01:42:55 +05:30
Vinoth Kannan
19247f9087
FIX: current_user should be called only if controller have that method
2017-12-07 23:12:34 +05:30
Sam
90a55d6f7c
FIX: handle CORS in hijacked requests
2017-12-07 10:31:04 +11:00
Guo Xiang Tan
6cb2b68b22
`current_username` -> `username`.
2017-12-05 12:29:02 +08:00
Guo Xiang Tan
dc858ec120
Include `request.remote_ip` and `current_username` in lograge logs.
2017-12-05 11:57:41 +08:00
Guo Xiang Tan
900dec5bc1
Make logster ignore `Rack::QueryParser::InvalidParameterError` errors.
2017-11-30 15:29:19 +08:00
Guo Xiang Tan
46f8a6c97d
Fix broken lograge logs.
2017-11-28 14:00:13 +08:00
Guo Xiang Tan
b907f7d307
Add more metrics to lograge's output if `MethodProfiler` is enabled.
2017-11-25 08:16:40 +08:00
Sam
2b8d4508e5
PERF: stop running background work between requests
...
Use a dedicated thread to run Scheduler::Defer
This avoids blocking of a worker during operations that require waiting.
In particular uploads risked blocking a unicorn.
This also add a queue "length" that discourse prometheus consumes.
2017-11-23 15:48:47 +11:00
Guo Xiang Tan
89d9ffa884
EXPERIMENTAL: Allow logs to be shipped via different methods.
...
See https://github.com/dwbutler/logstash-logger#uri-configuration for
a list of available methods.
2017-11-15 09:11:33 +08:00
Guo Xiang Tan
0d8e9a88c9
FIX: Disable `rails_multisite` formatter if lograge is enabled.
2017-11-15 09:03:50 +08:00