5771d2aee2
SECURITY: Support for confirm old as well as new email accounts
2016-03-08 14:52:22 -05:00
d62689fa76
Move updating a user's email to its own controller
2016-03-08 14:52:22 -05:00
1135d2094a
Merge pull request #4006 from scossar/set-locale-from-header
...
Feature: (WIP) Set locale from Accept-Language header
2016-03-04 09:12:30 +01:00
8d4bac7da2
fix build & add migration to clear common passwords cache
2016-03-03 19:39:22 +01:00
50e65634d7
FEATURE: new setting min_admin_password_length and better default
2016-03-02 14:43:26 +05:30
0a396583ed
set locale for anonymous from header
...
set locale on signup
update spec
add locale option
2016-02-26 13:45:00 -08:00
6df5b38b54
better user update spec
2016-02-24 16:10:08 +05:30
d77511319e
show monthly top topics on 404 page
2016-02-24 13:46:55 +05:30
0064927077
FIX: do not allow new email to be duplicate
...
FIX: return proper error message when email already exists
2016-01-23 13:42:53 +05:30
7303f8f309
FEATURE: first pass at user summary page
2016-01-20 15:14:25 +11:00
380764dc92
FIX: validate email when changing via user preferences page
2016-01-16 10:50:49 +05:30
c7df6783a9
FIX: only invalidate password reset links using javascript
2016-01-04 11:48:54 -05:00
3e50313fdc
Prepare for separation of RSpec helper files
...
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`
`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).
For more information:
https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files
In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.
This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.
At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
76692235ae
FIX: don't ever fetch staged accounts in unseen mentions
2015-11-27 18:16:50 +01:00
43614439e6
FEATURE: can take over a staged account
2015-11-13 19:07:28 +01:00
16f509afb9
FIX: enforce 'allow_uploaded_avatars' & 'sso_overrides_avatar' server-side
2015-11-12 10:26:45 +01:00
bb79e6aff7
FEATURE: new hide_user_profiles_from_public site setting
2015-10-28 19:56:08 +01:00
a527c58c7d
UX: Show a nicer "Log In" screen if the user follows `/my/preferences`
2015-10-14 13:39:31 -04:00
36309e50cc
Merge pull request #3767 from tgxworld/track_user_profile_views
...
Track user profile views
2015-09-23 11:38:18 +02:00
07e7b07b63
FIX: refreshing gravatar wasn't working
2015-09-17 19:42:44 +02:00
7acc93b2a0
FEATURE: Track user profile views.
2015-09-16 14:48:31 +08:00
18d7c1c75d
fix the build - take 2
2015-09-11 15:47:48 +02:00
e0c9054748
FEATURE: invite page tabs
2015-07-13 09:42:51 +05:30
df988a20eb
FEATURE: Reserved usernames
...
A list of usernames that will be blocked from being used to sign up.
2015-07-01 13:50:55 -07:00
73646184aa
correct specs
2015-06-05 18:58:20 +10:00
cb025a65e0
FIX: make sure we also save the user_avatar.custom_upload_id
2015-05-29 10:21:41 +02:00
8d967d9065
FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread
2015-05-20 16:45:48 +02:00
6a338afbdd
Merge pull request #3403 from zzakcanncode/rspec_up
...
Rspec 3
2015-04-28 07:50:30 +10:00
2932284293
FEATURE: magic login route for admin when SSO is enabled
2015-04-27 22:54:48 +05:30
b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec
...
This conversion is done by Transpec 3.1.0 with the following command:
transpec
* 424 conversions
from: obj.should
to: expect(obj).to
* 325 conversions
from: == expected
to: eq(expected)
* 38 conversions
from: obj.should_not
to: expect(obj).not_to
* 15 conversions
from: =~ /pattern/
to: match(/pattern/)
* 9 conversions
from: it { should ... }
to: it { is_expected.to ... }
* 5 conversions
from: lambda { }.should_not
to: expect { }.not_to
* 4 conversions
from: lambda { }.should
to: expect { }.to
* 2 conversions
from: -> { }.should
to: expect { }.to
* 2 conversions
from: -> { }.should_not
to: expect { }.not_to
* 1 conversion
from: === expected
to: be === expected
* 1 conversion
from: =~ [1, 2]
to: match_array([1, 2])
For more details: https://github.com/yujinakayama/transpec#supported-conversions
2015-04-25 11:18:35 -04:00
2459f52c71
Merge pull request #3375 from techAPJ/patch-2
...
FEATURE: invite existing users to private topic
2015-04-16 11:13:42 -04:00
d491d4f997
FEATURE: invite existing users to private topic
2015-04-16 00:52:54 +05:30
2a3f71a9a1
SECURITY: log off all existing sessions when resetting password
2015-04-15 08:57:43 +10:00
f5d89169e2
FEATURE: initial implemenation of anonymous posting mode
2015-04-07 18:05:31 +10:00
92e371f0b3
FEATURE: civilized mute
...
Allow user to mute all notifications generated by specific users
2015-03-24 11:55:22 +11:00
6d38005a22
Allow staff to change uneditable user fields
2015-03-20 15:18:43 -04:00
7d8dd9d93b
fix some rspec deprecations
2015-02-26 13:05:20 +01:00
8186d86f38
FIX: Enforce max length for custom user fields
2015-02-23 13:02:30 -05:00
17927b2e8b
FIX: don't use flash cause we are not redirecting
...
(we should probably change that though)
2015-02-20 10:28:58 +11:00
d99ccf6d27
FIX: creating a user shouldn't error when optional fields aren't provided
...
This fixes a bug where the server would 500 if the only user fields
where optional ones, and the create_user call didn't provide any
values so that params[:user_fields] was nil.
Additionally, don't bother double-checked for required fields, since we
iterate over all fields and will catch any that are required and blank.
2015-01-27 11:48:27 +02:00
1ab0d6bd82
FEATURE: Log username changes by staff
...
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
bc73238c8f
controllers with rspec3 syntax
2015-01-09 14:04:02 -03:00
02ade72ceb
Update username should return a json response
...
- Have update username return json response that contains the updated
username and id. I figured this would be better than just return "OK".
- Add test to verify that the new username is returned.
2014-12-10 09:43:16 -07:00
e9e88c9b82
Remove legacy avatar code
...
- Remove method that was only left around because the
[api](https://github.com/discourse/discourse_api/pull/53 ) called it
- Modify test to use new route instead of legacy route
https://meta.discourse.org/t/legacy-route-for-avatars/22838/2
2014-12-07 06:13:14 -07:00
a61519eebf
Have pick_avatar return json.
...
I'm working on writing a test in the discourse_api gem for uploading
avatars and the pick method needs to return a json response.
I also added a test to make sure json is returned.
2014-12-06 09:26:32 -07:00
efc4109902
update specs to remove deprecation warnings
2014-11-07 06:05:44 -08:00
c9eb809dad
FIX: The text to users who signed up when approval was required was
...
misleading.
2014-11-04 15:48:03 -05:00
865194f409
FIX: cannot show email for pending/inactive users
2014-10-29 01:07:27 +01:00
71f211f0b3
FEATURE: Allow users to select a badge with an image to appear on their
...
user card
2014-10-20 16:35:38 -04:00
1cf4a0d604
Rename "User Expansion" to the much clearer "User Card"
2014-10-20 12:11:59 -04:00
4d465362b5
FEATURE: Allow a user to upload an image for their expansion background.
2014-10-16 15:05:36 -04:00
f9a8f6d6ce
FEATURE: Support for a `required` setting on user fields.
2014-10-08 15:10:19 -04:00
0e7be81e60
FIX: badge granted titles were not being revoked when badge was revoked
2014-10-08 10:26:18 +11:00
41af2d79b5
add user email on account created page
2014-10-02 12:43:44 +05:30
edb34c178a
FEATURE: Show user fields when the user is signing up
2014-09-30 10:45:18 -04:00
a7a1dcadcc
use the right HTTP verb
2014-09-29 22:41:54 +02:00
7e309a21cf
FEATURE: hide emails behind a button for staff members
2014-09-29 22:31:05 +02:00
de76b512c1
fix most deprecations in the specs (still some left)
2014-09-25 17:44:48 +02:00
dd5872eecb
remove warnings
2014-09-25 17:46:51 +10:00
2c6d03f87f
SECURITY: Limit passwords to 200 characters
...
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
c9262a8390
FIX: Resend activation email was busted
2014-08-28 12:07:13 -04:00
ed125975a1
SECURITY: Prefix session key and validate token format.
2014-08-25 15:31:49 -04:00
9a1580244a
FIX: Don't show profile pages for inactive users and don't show them in
...
search results.
2014-08-13 13:30:25 -04:00
939e8505a9
Remove hub username integration
2014-07-16 12:25:24 -04:00
01a68f8cc7
Emails are case insensitive
2014-07-16 10:22:01 -04:00
4f416bf6ce
Check honeypot/challenge value on activation too
2014-07-15 14:07:35 -04:00
766196af87
FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations
2014-07-14 15:42:22 -04:00
cce7cf8c85
FEATURE: Require Javascript to activate an account via email link
2014-07-14 12:26:10 -04:00
b5c57fa947
FIX: don't mess with fixtures when running the specs
2014-07-14 17:34:23 +02:00
8fcc019ff8
FIX: only allow badge title selection if it exists
2014-07-09 15:31:49 +10:00
7909ca2a17
fix spec
2014-07-05 09:13:53 +10:00
5a0aed2bfa
FIX: regression, forgot password broken
...
also... mocks were invented by the devil
2014-07-02 13:06:55 +10:00
e22688a204
FEATURE: Can upload images to categories
2014-06-30 14:14:00 -04:00
9000c358d1
REFACTOR: Use common path for RESTful `DELETE` action from upload image
...
component
2014-06-30 14:13:59 -04:00
4088fba4f2
REFACTOR: Convert profile background uploader to be an ember component
2014-06-30 14:13:59 -04:00
386d1e231a
move profile_background from User to UserProfile
2014-06-26 12:30:07 -04:00
ad2bd11d6e
Add a way to get user based on sso external id
2014-06-18 14:40:25 -04:00
6e698315d6
Allow all /my URLs
...
Previously, URLs like /my/activity/posts were denied. This change allows those URLs.
2014-06-14 10:58:20 -07:00
03087679f0
FEATURE: Support custom preferences for users, injected by plugins
2014-06-11 15:50:37 +10:00
106838b92b
Correct invalid spec
2014-05-30 14:48:07 +10:00
504cfcff96
Fix specs for avatars
...
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
6c1c8be794
Work in progress, keeping avatars locally
...
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)
user can then pick which they want.
2014-05-27 10:08:03 +10:00
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
0fc4c47927
Merge pull request #2295 from vikhyat/badge-system
...
Titleable badges
2014-04-29 11:26:51 +10:00
b4e037dfb2
Allow badges to be marked as "titleable".
2014-04-28 10:30:38 +05:30
4445b8c3c0
Factor out mocks
2014-04-28 00:34:55 +10:00
b9ca124756
Support for /my/preferences to automatically redirect to the logged in
...
user.
2014-04-21 11:52:11 -04:00
2505d18aa9
FEATURE: support email attachments
2014-04-14 22:55:57 +02:00
be06156629
SECURITY: when enabled_local_logins is false users could log in via API
...
thanks @Nicholas Blanco
2014-03-26 15:39:44 +11:00
539890afdf
Let's not show tons of extra information about invites unless you're the
...
person who invited them.
2014-03-21 14:16:11 -04:00
9ca516e58d
Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.)
2014-03-12 12:39:36 -04:00
98c479c3c4
FEATURE: Profile Backgrounds
...
Shares a modified codebase with avatars called "user_image"
2014-03-05 15:10:44 +01:00
8711762143
Users who have made no more than one post can delete their own accounts from their user preferences page.
2014-02-13 13:52:06 -05:00
51eff92170
Refactor UsersController#create
...
* Simplify controller action
* Extract service classes
2013-12-05 10:11:16 -08:00
981d8f6aea
Signup form: prefill username if Discourse Hub has a match for the email address. Also, fix some bad specs in username_checker_service_spec that were passing...
2013-11-19 14:15:28 -05:00
77b59b54ce
Refactor UsersController#invited
...
* Add test coverage
* Simplify controller action
* Move finder code to Invite class
2013-11-11 13:23:49 -08:00
58f78e9001
Refactor Users#upload_avatar method
...
Moved avatar file upload to ```AvatarUploadService``` class and
```AvatarUploadPolicy```
Address review comments + require missing file in spec
2013-11-11 23:21:14 +05:30
af67284995
User ctrl refactor - breaks up large methods, moves some logic into model
...
Includes missing methods from backup for travis to pass
fix missing code, failing specs
keep params handling in the controller.
2013-11-09 18:44:13 +05:30
72bfa4471f
Move logic for updating a user into a service class
2013-11-07 08:39:39 -08:00
c0cffca1e6
Test title updating
2013-11-01 13:43:31 -07:00
Robin Ward
Régis Hanol
Arpit Jalan
scossar
Sam Saffron
Neil Lalonde
Andy Waite
Guo Xiang Tan
Kane York
Arthur Neves
Greg Kempe
Luciano Sousa
Blake Erickson
David McClure
Andrew Bezzub
Louis Rose
Vikhyat Korrapati
Johan Jatko
Scott Albertson
railsaholic
sirMackk