Commit Graph

62 Commits

Author SHA1 Message Date
Sam 857e2e6a19 correct scope, it should user:email to get read access to email 2013-08-02 10:03:29 +10:00
Sam 2162e3bbb5 we need email scope (also as I edit files I like to keep quoting consistent) 2013-08-02 09:59:25 +10:00
Sam 160107a712 working plugin interface for custom openid auth, custom css and custom js 2013-08-01 16:02:43 +10:00
Robin Ward 8c4aac7f94 Migrate all jasmine specs to Qunit. Removed Jasmine. 2013-06-19 18:18:35 -04:00
Sam 11afa0c11b work in progress migrate to moment 2013-06-07 08:49:22 +10:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam 8b69ee26ff forking in passenger was bust, message bus subscriptions would stop working after fork 2013-06-03 16:50:30 +10:00
Chris Hunt dbf4d9b0dc Set Sidekiq log level to WARN 2013-05-29 09:36:15 -07:00
Erik Ordway 1575ce7b10 add cas support with a few tests 2013-05-23 13:40:50 -07:00
Sam e9ebadb414 Nuke message_bus_observer move to service class and classes
Secure all messages triggered by post creation and all user actions so they don't leak
(meaning, if you have a browser open and secure topics are created you will only get them if you are allowed to see them)
2013-05-16 15:03:16 +10:00
Sam 68e6405aca redis rack cache was crazy, it was just storing stuff in redis FOREVER, added a PR to fix, forked to my repo, sourcing a sane version 2013-05-07 17:33:04 +10:00
Sam 4d2c28e8b2 added setting to flush redis if you feel like doing so in dev 2013-05-03 09:56:10 +10:00
slainer68 467c76b2c0 Implements support for rack-cors for API JavaScript access in end-user browser 2013-04-22 11:16:58 +02:00
Sam 8014d7fd25 correct rack::cache so it always punches through users with auth cookies 2013-04-12 21:59:52 +10:00
Sam 850b042cab introduce rack:cache as a default, so users don't need to configure apache or nginx
under rack cache we are able to serve 620reqs a second per thin (on my machine) before it 12 (on my machine)

reorganised so mini profilers can be cleanly disabled from config file

added caching for categories index

move production.rb to production.sample.rb
2013-04-11 16:24:21 +10:00
Kuba Brecka af0a772629 implement pluralization for server-side and js 2013-03-31 19:55:02 +02:00
Sam 36d60befbd mini profiler fix for multisite 2013-03-25 18:04:46 -07:00
Neil Lalonde ba315c6610 If assets haven't been precompiled, fail to start server in production mode with a message 2013-03-25 13:33:58 -04:00
Robin Ward 7c505df6d4 Merge branch 'update-sidekiq' of git://github.com/nverba/discourse
Conflicts:
	config/initializers/sidekiq.rb
2013-03-25 10:26:13 -04:00
Sam 622568fd57 fix mp in prd 2013-03-24 20:36:55 -07:00
Sam f921d1c547 comment out dead code
add some explanations
2013-03-24 20:09:28 -07:00
Sam 67c438434b wow, this has been broken for OH so long, we need to segragate users correctly so MP results work as expected 2013-03-24 19:52:03 -07:00
Sam 988a712c77 correct multisite functionality for omniauth 2013-03-24 17:21:18 -07:00
Karan Misra 5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
nverba 0c7579ec9f Update Sidekiq and config 2013-03-23 14:49:50 +00:00
Sam e3d30f1366 turns out that instansiating a storage provider and assigning it nowhere, just don't work 2013-03-20 23:54:28 -07:00
nverba 9a1fb90b91 Update mini_profiler.rb
Passing a pre-defined Redis connection to MiniProfiler stops connection leakage. Should limit MiniProfiler connections to one per running process.
2013-03-20 03:29:07 +00:00
nverba 68e3f5228f Basic Heroku integration 2013-03-13 19:07:49 +00:00
nverba 3c0274a00b init message_bus before site_settings 2013-03-13 15:15:22 +00:00
Sam 3a58e7aac2 amend airbrake location 2013-03-11 17:16:54 -07:00
Sam a0bdbe046a don't try to load airbrake if there is no config for it 2013-03-11 16:59:21 -07:00
Sam 1c8eef7dbd added basic passenger support, no long polling but functions
clean up initializers so they are ordered properly
2013-03-11 05:33:20 -07:00
Sam 22a4580df5 added profile environment for perftools profiling (1.9.3 only) 2013-03-10 17:21:56 -07:00
Neil Lalonde fab04dbb58 Add github commits widget 2013-03-06 14:39:01 -05:00
Neil Lalonde 739d6391a9 Fix error during db:migrate on a new database 2013-03-05 13:02:16 -05:00
Régis Hanol 239cbd2d58 enforce coding convention
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Neil Lalonde 3fdc59b1d9 Raise an error in production env if host_names is using production.localhost 2013-03-04 16:07:02 -05:00
Robin Ward f7c9efb101 Merge branch 'persona-integration' of git://github.com/callahad/discourse 2013-03-04 11:51:26 -05:00
Michael Berg 5e95dfb1c9 Removing unnecessary Rails.env check 2013-03-02 05:58:05 +01:00
Michael Berg de154f3ef1 Get secret_token from ENV['SECRET_TOKEN'] (e.g. for Heroku) 2013-03-01 23:55:49 +01:00
Dan Callahan fd4d384dc1 Add Mozilla Persona Omniauth Gem and initializer 2013-03-01 13:29:47 -06:00
Robin Ward 007118b00c Merge branch 'github-auth' of git://github.com/nverba/discourse
Conflicts:
	config/locales/server.en.yml
	db/structure.sql
	spec/views/omniauth_callbacks/complete.html.erb_spec.rb
2013-02-27 12:09:22 -05:00
nverba b45f872c04 Added Github authentication option, disabled by default with enable options in settings. 2013-02-26 05:00:21 +00:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward e461c84253 Clean up JS, add YUIDoc support, automatically create IIFE via asset pipeline 2013-02-25 17:16:57 -05:00
Neil Lalonde 1e794f98a7 Add an option to not flush redis every time sidekiq.rb is loaded in development 2013-02-21 13:45:16 -05:00
Neil Lalonde 803a86a21d Add more documentation to secret_token.rb 2013-02-20 20:32:40 -05:00
Sam Saffron 87b929eac6 added secret token warning in prd
added task to stamp builds
2013-02-18 17:34:43 +11:00
Sam Saffron 1228e351a8 a much more basic but robust restart watcher,
removed the pid stuff cause it needs to be a lot more careful not to think
pids from other machines restarted. robust working code is better than
complex graceful broken code.
2013-02-16 13:54:23 +11:00
Sam Saffron ff0d58e4ee message bus work in progress 2013-02-16 12:14:52 +11:00