Commit Graph

234 Commits

Author SHA1 Message Date
Sam 4a20d09523 distributed memoizer added to ensure absolute duplicate posts don't get through
in case of an absolute dupe just return the memoized post

This works around issues with wordpress being crazy
2013-07-29 12:25:19 +10:00
Sam 1f3c5cb656 allow end user to recover a post they delete
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Sam 0ec1438b9a correct auto track param parsing for WordPress 2013-07-22 15:07:20 +10:00
Sam acba0ea41e add auto track to permitted params 2013-07-22 15:07:20 +10:00
Robin Ward 5eaae063f0 Discourse Macro Helpers + Minor Fix to Admin User View 2013-07-11 19:35:52 -04:00
Robin Ward d98f288aa4 FIX: Recovering a deleted post was not updating a topic's statistics 2013-07-09 12:15:55 -04:00
Sam f6b850e7a4 allow skipping the validations on creation if its an api call AND skip_validations is specified
this allows wordpress plugin to post very very short titles or titles that would otherwise be disallowed
2013-07-02 12:23:19 +10:00
Neil Lalonde e263bb3c0a Anons should be able to see post history 2013-06-19 16:43:16 -04:00
Ian Christian Myers b61e10f9ad All parameters for #create in PostsController pass through strong_parameters.
We are now explicitly whitelisting all parameters for Post creation. A nice side-effect is that it cleans up the #create action in PostsController. We can now trust that all parameters entering PostCreator are of a safe scalar type.
2013-06-07 01:29:25 -07:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam 870e59883b secure the links on the topic pages, eliminated deleted topics as well. 2013-06-05 16:10:26 +10:00
Robin Ward d554a59102 Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Neil Lalonde 9828c87525 Topic Auto-Close: admins and mods can set a topic to automatically close after a number of days 2013-05-13 12:53:52 -04:00
Sam 942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Sam 20493106cd fix post trashing 2013-05-07 17:56:56 +10:00
Sam e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam cef9a74053 route for markdown /md/topic_id/post_number 2013-04-30 16:30:41 +10:00
Sam f9e33ec6b8 store ip address and current user with incoming links
make links long an readable in share dialog
2013-04-26 16:18:55 +10:00
Sam 37867af1bb track incoming links, amend share link to include user
fix pm styling
2013-04-24 18:05:35 +10:00
Régis Hanol c5cf8be864 auto replace rules in titles 2013-04-10 11:00:50 +02:00
Sam 2295290383 added best=N option to get N best comment on a post 2013-03-27 22:53:11 -07:00
Sam fc94d3e551 match the create api with the update api ... so api is more consistent 2013-03-26 23:49:35 -07:00
Sarah Vessels 54c7b1ab63 Use consistent new-style hashes in render calls *twitch* 2013-03-22 14:08:11 -04:00
Sam 62c60540be pull moderator into own column, rename trust levels 2013-03-19 21:06:11 -07:00
Robin Ward 59fc3bfac4 PostDestroyer to replace callbacks for destroying 2013-03-18 17:55:11 -04:00
Gosha Arinich 0c99dea153 introduce Enum 2013-03-01 21:16:36 +03:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward 532b1f5450 Can edit category descriptions, they show up in a `title` attribute 2013-02-22 13:43:47 -05:00
Robin Ward b9457197c0 First stab at new user education - configurable messages that pop up on a user's first
few posts/topics.
2013-02-14 15:33:51 -05:00
Robin Ward 03a798b202 Can clear flags on deleted posts if you're a moderator 2013-02-08 19:07:29 -05:00
Robin Ward 7c11c3fe0f Can edit deleted posts. 2013-02-08 17:49:15 -05:00
Robin Ward 084a873b91 Give regular users a delete button. If they click it, their post will be revised to
say it was deleted.
2013-02-07 15:14:23 -05:00
Jakub Arnold 61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00