Guo Xiang Tan
85620abb71
DEV: Clear connections after multisite specs.
2018-09-11 10:15:06 +08:00
Sam
e64402cb3b
SECURITY: correct edge case when SSO provides unvalidated emails
2018-09-11 08:24:02 +10:00
Rishabh
80eace4268
Merge pull request #6383 from discourse/fix_username_suggester
...
FIX: don't raise an error on integer usernames in user_name_suggester
2018-09-11 00:30:29 +05:30
Rishabh Nambiar
81c87df18a
FIX: don't raise an error on integer usernames
2018-09-10 22:17:56 +05:30
David Taylor
84fc7abb73
FIX: Allow `rake destroy:topics` to delete topics in sub-categories
2018-09-10 12:52:14 +01:00
Guo Xiang Tan
df04e69cde
FIX: `S3Helper#list` creates incorrect prefix.
2018-09-10 16:34:40 +08:00
Neil Lalonde
9e77fd8fc3
FIX: wrong category links on subfolder install in rss feed for a category topic list
2018-09-07 10:03:30 -04:00
Sam
879067d000
FIX: check admin theme cookie against user selectable
...
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable
this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
Gerhard Schlager
797cbf8653
FIX: Remove user fields when anonymizing user
2018-09-07 00:02:56 +02:00
Guo Xiang Tan
1f636c445b
PERF: Add fast path to find uploads before resorting to `LIKE` query.
...
For a normal upload url
Before
```
Warming up --------------------------------------
264.000 i/100ms
Calculating -------------------------------------
2.754k (± 8.4%) i/s - 13.728k in 5.022066s
```
After
```
Warming up --------------------------------------
341.000 i/100ms
Calculating -------------------------------------
3.435k (±11.6%) i/s - 17.050k in 5.045676s
```
2018-09-06 14:44:24 +08:00
Guo Xiang Tan
d4b05d7bc5
Always link post to uploads in post process.
...
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
Guo Xiang Tan
434035f167
FIX: Link post to uploads in `PostCreator`.
...
* This ensures that uploads are linked to their post on creation
instead of a background job which may be delayed if Sidekiq
is facing difficulties.
2018-09-06 11:18:11 +08:00
Gerhard Schlager
26082688d1
FIX: Zero is a valid value for the page parameter
2018-09-05 20:43:05 +02:00
Guo Xiang Tan
f3aef2cc83
FIX: Incorrect/missing extension in short_url fails to map to upload.
...
`Hash#invert` causes us to lose keys if the hash contains similar
values.
2018-09-05 21:48:58 +08:00
Gerhard Schlager
2c5d9269a0
FIX: Notifications shouldn't use user locale unless allow_user_locale is enabled
2018-09-05 11:44:28 +02:00
Sam
d9c0dc8687
correct prev commit
...
s3. did not exists it is s3-
2018-09-05 16:11:44 +10:00
Sam
83e1315e42
FIX: correct urls in uploads table to point at dualstack
...
Last week we added support for dual stack urls but did not remap the
the old records in the uploads and optimized images table
This caused a few minor edge cases worst was that if you rebaked old
images S3 CDN was not repopulated.
2018-09-05 15:58:04 +10:00
Gerhard Schlager
b8fc699164
FIX: Detect {{foo}} as interpolation key
2018-09-05 00:47:39 +02:00
Vinoth Kannan
d9be4f47e8
SPEC: redirect to original URL after social signup
2018-09-05 03:24:50 +05:30
Vinoth Kannan
d8b543bb67
FIX: redirect to original URL after social signup
2018-09-05 01:44:23 +05:30
David Taylor
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
Guo Xiang Tan
3b337bfc6b
Revert "FIX: Don't rate limit admin and staff constraints when matching routes."
...
This reverts commit 651b50b1a1
.
2018-09-04 14:27:21 +08:00
Guo Xiang Tan
19182c0c8f
DEV: Skip fragile tests for now.
2018-09-04 13:58:09 +08:00
Guo Xiang Tan
651b50b1a1
FIX: Don't rate limit admin and staff constraints when matching routes.
...
* When an error is raised when checking route constraints, we
can only return true/false which either lets the request
through or return a 404 error. Therefore, we just skip
rate limiting here and let the controller handle the
rate limiting.
2018-09-04 13:52:58 +08:00
Guo Xiang Tan
08b268c5bc
Be more forceful in disconnecting connections during failover.
2018-09-04 10:32:43 +08:00
Sam
ad70502ab8
FIX: ignore invalid usernames in incoming link tracker
...
If an incoming link username has NULL in it simply ignore it
2018-09-04 12:28:32 +10:00
Guo Xiang Tan
8dc1463ab3
Enable `Lint/ShadowingOuterLocalVariable` for Rubocop.
2018-09-04 10:16:42 +08:00
Sam
2f5c21e28c
FIX: return a 400 error instead of 500 for null injections
...
Many security scanners like to inject NULL in inputs causing application
to exception out and return a 500
We now handle this exception and render a 400 status back
2018-09-04 12:11:52 +10:00
Gerhard Schlager
eeedc3901e
FIX: Replying to deleted post via email should create new reply to topic
2018-09-03 23:06:40 +02:00
Vinoth Kannan
24a14af15a
FIX: Respect invalidate_oneboxes option for inline oneboxes
2018-09-03 22:33:43 +05:30
Guo Xiang Tan
ecf60c0c33
DEV: More attempts at stablizing specs in Travis.
...
Re-enable skipped test because it doesn't fail locally
for me to debug it.
2018-09-03 14:52:15 +08:00
Gerhard Schlager
f33433bf9e
Validation of params should restrict to max int ( #6331 )
...
* FIX: Validation of params should restrict to max int
* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
Guo Xiang Tan
747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains
...
FIX: Ignore OneBox blacklisted domains.
2018-09-03 11:10:52 +08:00
Guo Xiang Tan
0fac6cdba9
DEV: Better debugging information when test fails.
2018-09-03 10:55:25 +08:00
Maja Komel
182d9a4666
FIX: escape regex chars when searching site texts
2018-09-02 17:25:57 +10:00
Bianca Nenciu
f5e0356fb2
correct miscellaneous issues with user login history
2018-09-02 17:24:54 +10:00
Osama Sayegh
60eff9421a
FIX: precompile `desktop_theme` and `mobile_theme` stylesheets
...
required for environments that pre stage docker images and keep old image running during the deploy
2018-08-31 21:23:55 +10:00
Guo Xiang Tan
5a214a687c
FIX: Exclude `UserAuthToken` and `UserAuthTokenLog` in user webhook.
2018-08-31 17:25:56 +08:00
Guo Xiang Tan
ae2f00ee73
DEV: Include the thread in the error message.
2018-08-31 17:14:19 +08:00
Bianca Nenciu
931cffcebe
FEATURE: Let users see their user auth tokens. ( #6313 )
2018-08-31 10:18:06 +02:00
Sam
b3aab1770f
FIX: set old last modified date for invalid avatars
...
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
2018-08-31 17:07:31 +10:00
Sam
1866a8e8da
correct invalid spec
2018-08-31 15:06:30 +10:00
Sam
e1975e293f
FIX: when uploads are destroyed clear up avatar refs in user table
...
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
Sam
9b7cab589a
FIX: revert diacritic stripping
...
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
Guo Xiang Tan
81b99efc68
DEV: Raise an error if thread doesn't return within expected time.
2018-08-31 09:26:28 +08:00
Vinoth Kannan
297e8aaf2e
FIX: Escape regex pattern variable before using it
2018-08-31 03:02:24 +05:30
Blake Erickson
c6f339a0b5
format json better with spaces in my test
2018-08-30 14:39:40 -06:00
Blake Erickson
ae532f8548
FIX: return 422 for an invalid group name on category create
2018-08-30 14:28:55 -06:00
David Taylor
103509b9dd
SECURITY: Prevent users from modifying custom fields
2018-08-30 12:59:36 +01:00
Osama Sayegh
9efbf2c49f
FIX: changing component settings should trigger refresh for parent theme CSS ( #6340 )
2018-08-30 20:53:03 +10:00
Guo Xiang Tan
9c7e029d01
DEV: Attempt to stablize multisite tests.
2018-08-30 17:31:17 +08:00
David Taylor
f0abb4d09a
FIX: Allow user actions to be saved even if the post has nil user
...
This issue made it impossible to delete users if they had flagged a post with nil user
2018-08-30 01:03:32 +01:00
Sam
e6970151a6
FEATURE: allow specifying locale via SSO
...
Use:
locale
locale_force_update
To force user locale on users where SiteSetting.allow_user_locale is enabled
Note: If an invalid locale is specified no action will occur
2018-08-30 09:58:03 +10:00
Bianca Nenciu
72ffabf619
UX: Improve email testing admin tool. ( #6308 )
2018-08-29 23:14:16 +02:00
Gerhard Schlager
b2cf725700
FIX: Don't try to send invite email when invite was deleted
2018-08-29 12:43:12 +02:00
Sam
44cf3cf975
FIX: queue heartbeats in readonly modes
...
If sidekiq is paused or Discourse is in readonly continue to queue
heartbeats
If we do not do that then a master process can end up reaping sidekiq
workers and causing various badness
This also impacts restore which can do weird stuff TM in cases like this
2018-08-29 12:36:59 +10:00
Sam
740308675b
FEATURE: erode bounce score every time an email is sent
...
Introduces a hidden setting (default is 0.1) that erodes bounce score
every time we send an email. This means that erratic failures are less
painful cause system auto corrects
2018-08-28 17:02:12 +10:00
Kyle Zhao
e25a6e085e
FIX: drop title updates through RSS feeds
...
can create an update loop
2018-08-28 16:25:04 +10:00
Sam
9ab1fb7dfc
FEATURE: correctly store width and height on uploads
...
Previously we used width and height for thumbnails, new code ensures
1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions
Also
- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
Davide Porrovecchio
1826626272
FEATURE: Add Content-Type header to CORS
...
- add Content-Type to Access-Control-Allow-Headers
- update test accordingly
2018-08-28 11:19:38 +10:00
Neil Lalonde
ebe7835316
FIX: links in rss feeds are sometimes wrong on subfolder installs
2018-08-27 18:05:15 -04:00
Bianca Nenciu
b6963b8ffb
FIX: Ignore OneBox blacklisted domains.
2018-08-27 20:40:55 +02:00
Sam
dc17ae3b2f
correct specs
2018-08-27 14:50:56 +10:00
Sam
4205c528d0
FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
...
These site settings are very hard to explain and only applicable for very
specific Discourse setups.
If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".
The setting allows you to extend this to TL4 or any trust level.
Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
Raul Tambre
2271918be2
FEATURE: Use S3 dualstack endpoints
...
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
2018-08-27 11:22:46 +10:00
Maja Komel
020eba4623
FIX: find tags with non-latin names ( #6312 )
2018-08-27 11:05:28 +10:00
Kris
faf09bb8c8
Replacing default brown category color
2018-08-24 14:18:14 -04:00
Joffrey JAFFEUX
82dcc5cbfa
FEATURE: makes reports loadable in bulk ( #6309 )
2018-08-24 15:28:01 +02:00
James Kiesel
a4001c1ea0
FEATURE: Pop revise modal on post edited notification ( #6287 )
...
* Add revision number to notification url
* Pop modal on route change
* Add semicolon
* Ensure modal pops even when navigating within a topic
* Ensure modal pops when visiting from other page
* Fix eslint errors
* Fix prettier errors
* Add callback for notification item click
* Remove stray revisionUrl function
* Rename to afterRouteComplete
2018-08-24 09:13:07 -04:00
Guo Xiang Tan
932195d828
DEV: Update test case for `TopicEmbed`.
2018-08-24 09:42:12 +08:00
Guo Xiang Tan
1ba24496ab
Merge pull request #6261 from xrav3nz/fix/topic-embed-import-updates
...
FIX: update TopicEmbed's title and user correctly
2018-08-24 09:32:03 +08:00
Osama Sayegh
e0cc29d658
FEATURE: themes and components split
...
* FEATURE: themes and components split
* two seperate methods to switch theme type
* use strict equality operator
2018-08-24 11:30:00 +10:00
Guo Xiang Tan
4a552fb967
Merge pull request #6303 from nbianca/user_serializer_spec
...
Add spec for UserSerializer and UserApiKey.
2018-08-24 08:16:11 +08:00
Sam
ac11f8df52
correct regression searching with diacritics
2018-08-24 10:00:51 +10:00
Sam
29315b73c2
FIX: improve last_modified date returned for avatars
...
instead of hard coding a date:
1. For optimized images use the upload date when on s3
2. For not-found use 10 minutes ago to match the expiry
2018-08-24 09:36:11 +10:00
Régis Hanol
bc7b530b0a
FIX: remove diacritics instead of transliterating
2018-08-24 00:38:44 +02:00
Bianca Nenciu
ff441bc4ca
Add spec for UserSerializer and UserApiKey.
2018-08-23 19:01:02 +02:00
Régis Hanol
2fcf2b899e
FIX: remove diacritics when tokenizing html for search
2018-08-23 17:13:52 +02:00
Arpit Jalan
7a91df3248
Merge pull request #6290 from techAPJ/latest-full-name
...
UX: show full name on /latest page
2018-08-23 17:34:54 +05:30
Arpit Jalan
1a7cd6648b
UX: show full name on /latest page
2018-08-23 14:41:06 +05:30
Guo Xiang Tan
dd810b8b05
Merge pull request #6304 from tgxworld/create_functions_in_different_schema
...
FIX: Create `BaseDropper` functions in a different schema.
2018-08-23 15:01:41 +08:00
Guo Xiang Tan
212ee15804
FIX: Create `BaseDropper` functions in a different schema.
...
https://meta.discourse.org/t/error-when-restore-db-backup/93145/25?u=tgxworld
2018-08-23 12:52:21 +08:00
Osama Sayegh
2711f173dc
FIX: don't allow inviting more than `max_allowed_message_recipients`
...
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows
* add specs for guardian
* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)
Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences
* groups take only 1 slot in PM
* just return if topic is a PM
2018-08-23 14:36:49 +10:00
Guo Xiang Tan
36a7028f19
FEATURE: Clean up `PostReplyKey` records.
...
* Default retention of 90 days.
2018-08-23 10:40:02 +08:00
Régis Hanol
f01169d6ff
FIX: don't send email when the post was deleted
2018-08-22 13:13:58 +02:00
James Kiesel
cdea969c6a
FEATURE: Make initial admins TL1
...
* Match register controller TL to rake admin:create
* Don't promote if trust_level > 1
2018-08-22 15:45:24 +10:00
Sam
272de95175
FIX: client duplicate registration should be cleaned up
...
If for any reason we are unable to correct client id on a user api key
invalidate old keys for client/user
2018-08-22 12:56:49 +10:00
Sam
5d96809abd
FIX: improve support for subfolder S3 CDN
2018-08-22 12:31:13 +10:00
Sam
f5142861e5
Revert "Revert "FIX: upload URLs from S3 on subfolder installs""
...
This reverts commit 26c96e97e5
.
We have no choice but to run this code
2018-08-22 11:31:33 +10:00
Sam
26c96e97e5
Revert "FIX: upload URLs from S3 on subfolder installs"
...
This reverts commit 357df2ff4f
.
2018-08-22 10:51:40 +10:00
Neil Lalonde
357df2ff4f
FIX: upload URLs from S3 on subfolder installs
2018-08-21 14:58:55 -04:00
Gerhard Schlager
17dc8f2490
UX: Wizard resends activation email when user exists
2018-08-21 19:13:41 +02:00
Régis Hanol
d1607a387a
FIX: only allow printable characters in uploads filename
2018-08-21 18:11:01 +02:00
Régis Hanol
3e436e2daf
FIX: doesn't translate group permission keys
2018-08-21 12:56:56 +02:00
Kyle Zhao
baf413d527
FIX: update TopicEmbed's title and user correctly
2018-08-21 18:31:01 +08:00
Guo Xiang Tan
7dcc69aef4
DEV: Refactor test to not call private method.
2018-08-21 14:29:58 +08:00
Guo Xiang Tan
48f499b324
DEV: Refactor some mail receiver related specs.
2018-08-21 14:00:45 +08:00
Guo Xiang Tan
d104de2a09
Remove line that is no longer required.
2018-08-21 11:48:58 +08:00
Guo Xiang Tan
8bdf14834b
PERF: Restrict number of skipped email log for `Jobs::UserEmail`.
2018-08-21 11:14:43 +08:00
Guo Xiang Tan
2c70d3f443
Take 2 on ba6f11c521
.
2018-08-21 10:06:36 +08:00