Commit Graph

5300 Commits

Author SHA1 Message Date
Neil Lalonde 0b8f6d3637 FIX: subfolder support for S3 CDN 2018-08-20 10:22:03 -04:00
Sam f5fe58384f correct regression around file renaming 2018-08-20 16:08:05 +10:00
Sam d7b1919ead correct specs 2018-08-20 12:46:14 +10:00
Sam 8b5e42ea16 FIX: always test and coerce to image on upload
In the past the filename of the origin was used as the source
for the extension of the file when optimizing on upload.

We now use the actual calculated extension based on upload data.
2018-08-20 12:18:59 +10:00
Robin Ward a83f662492 FIX: Allow silenced users to like / bookmark, just not flag. 2018-08-17 11:06:18 -04:00
Guo Xiang Tan 16c0ebe8a8 Fix the build. 2018-08-17 16:53:07 +08:00
Guo Xiang Tan a26ef7738f FIX: `FileHelper#download` should return nil if max size is exceeded. 2018-08-17 16:19:59 +08:00
Guo Xiang Tan be89f593f9 DEV: Include caller in error message for `Discourse#execute_command`. 2018-08-17 16:17:07 +08:00
Guo Xiang Tan fae8757cd4 FIX: `Guardian#post_can_act?` shouldn't raise an error if user of post has been deleted. 2018-08-17 15:11:30 +08:00
Sam 70155f0923 DEV: decrease log level of compile failures
We do not need to report his in logs, our failure mode is fine here.
2018-08-17 17:10:02 +10:00
Guo Xiang Tan a9e502936f FIX: Converting PNG to JPEG does not set the correct extension. 2018-08-17 13:09:48 +08:00
Gerhard Schlager 802ad0dc61 Add rake task for updating static pages 2018-08-16 19:51:20 +02:00
Régis Hanol 98898ff4b3 FIX: raise an exception when 'downsize'git st fails 2018-08-16 19:20:07 +02:00
Joffrey JAFFEUX 3fbf7b164d
FEATURE: emoji 11.0 "recently added" update (#6275)
Adds support for emojis in the http://www.unicode.org/emoji/charts-11.0/emoji-released.html list
2018-08-16 11:59:45 +02:00
Gerhard Schlager 937ab3f213 FIX: Validation of min_posts and max_posts didn't work 2018-08-16 10:36:53 +02:00
Arpit Jalan 8e3b685aa4 make rubocop happy 2018-08-16 14:03:46 +05:30
Arpit Jalan df55e5bac4 optimize categories:create_definition task 2018-08-16 14:00:07 +05:30
Arpit Jalan 78e14abb32 new rake task to bulk tag all topics in a category 2018-08-16 13:56:57 +05:30
Arpit Jalan 777055f960 new rake task to create category definition 2018-08-16 13:50:52 +05:30
Sam 796164b58c FIX: automatically correct bad avatars on access
Also start relying on upload extension for optimized images
2018-08-16 16:32:56 +10:00
Guo Xiang Tan 33f4aa2835 Fix `migrate_to_s3` rake task, `File#close!` is not a valid method. 2018-08-16 13:26:58 +08:00
Neil Lalonde ac3b0f0164 REFACTOR: move remap out of script into a class 2018-08-15 12:37:52 -04:00
David Taylor 7b089f7af4 FIX: Don't throw exception if welcome topic cannot be found 2018-08-15 15:50:55 +01:00
Sam 38c10a3dc2 correct the validator 2018-08-15 14:56:24 +10:00
Sam 91e0a77a60 FEATURE: silenced users should not be allowed to edit posts 2018-08-15 14:29:36 +10:00
Sam 06f82a7d72 correct exception handling, always do to_i in array 2018-08-15 11:31:42 +10:00
Sam bc47148d35 add validation to exclude_category_ids 2018-08-15 09:53:28 +10:00
Régis Hanol 12bab65167 FIX: going from /categories to /latest on mobile might break infinite scrolling 2018-08-15 01:22:03 +02:00
Gerhard Schlager ba0e322fd0 FIX: Validation of topic params broke discourse-assign 2018-08-14 18:45:46 +02:00
Robin Ward 87fa26b6c8 FIX: Silenced users shouldn't be able to act on posts 2018-08-14 11:43:39 -04:00
Gerhard Schlager 2927294cc6 FIX: Bulk deleting topics should ignore already deleted topics 2018-08-14 16:37:52 +02:00
Régis Hanol de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Sam ad5f502332 FIX: add a basic validator for topic params
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
Sam 6cae47aa53 collect extra environment correctly 2018-08-13 16:33:28 +10:00
Sam 168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Guo Xiang Tan d10c9d7d75 FIX: Missing extensions for non-image uploads due to 2b57239389. 2018-08-13 10:58:55 +08:00
Jay Pfaffman 71a1d75d7e
FIX: disable_2fa fix method selection
The previous code resulted in

    NameError: undefined local variable or method `totp' for main:Object

I now understand what @tgxworld meant about we should only disable totp when I submitted this before.

This is the kind of Ruby stuff that I still don't understand well,(perhaps this isn't the most Ruby way to do this?) but this does what I think is supposed to happen. And it worked just now.
2018-08-10 14:45:40 -07:00
Osama Sayegh 865cb3feb9
FIX: allow selecting site's default theme from preference 2018-08-10 14:12:02 +03:00
Sam ea8394b080 typo in error message 2018-08-10 11:34:01 +10:00
Sam 1fc2597626 better error handling for upload extension fixer 2018-08-10 11:28:22 +10:00
Gerhard Schlager b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Gerhard Schlager ef4b9f98c1 FEATURE: Allow admins to reply without topic bump 2018-08-10 10:48:30 +10:00
Neil Lalonde d77dccc636 FIX: user-deleted posts with deferred flags can be destroyed 2018-08-09 14:54:31 -04:00
Gerhard Schlager 6ddf7fcd1f Fix warnings about already initialized constants 2018-08-09 17:29:02 +02:00
Robin Ward 5895507153 FEATURE: Ability for plugins to whitelist custom fields for flags
You can now call `whitelist_flag_post_custom_field` from your plugins
and those custom fields will be available on the flagged posts
area of the admin section.
2018-08-09 10:49:14 -04:00
Sam ed4c0f256e FIX: check permalinks for deleted topics
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
Guo Xiang Tan 1ea23b1eae FIX: Wrong order for `S3Helper#copy_file`. 2018-08-08 15:58:54 +08:00
Guo Xiang Tan 0879610ffd Add missing require in `uploads:fix_incorrect_extensions`. 2018-08-08 15:39:37 +08:00
Sam a35f2984e9 FIX: support Arrays with Marshal dump in distributed cache
Theme cache uses arrays here
2018-08-08 16:44:56 +10:00
Guo Xiang Tan 17047806b9 Add a rake task to fix uploads with wrong extension. 2018-08-08 13:15:17 +08:00
Osama Sayegh 0b7ed8ffaf FEATURE: backend support for user-selectable components
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
Guo Xiang Tan aafff740d2 Add `FileStore::S3Store#copy_file`. 2018-08-08 11:30:34 +08:00
Neil Lalonde 4e6e4a83df FIX: subfolder digest emails have incorrect URLs 2018-08-07 16:38:17 -04:00
Neil Lalonde 1fcb5c1b6d Version bump to v2.1.0.beta4 2018-08-07 12:32:57 -04:00
Guo Xiang Tan 2b57239389 FIX: Upload's content is the only source of truth for the file type. 2018-08-07 13:15:00 +08:00
Sam 4b000f5d12 FIX: do not use `lib` for requires
this breaks loading the app from arbitrary dirs
2018-08-07 11:04:29 +10:00
Arpit Jalan ffc8c52bf5 FIX: store welcome topic id in custom field 2018-08-06 23:46:03 +05:30
David Taylor 812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Régis Hanol 0cd9e2acb9 fix build 2018-08-04 01:56:26 +02:00
Joffrey JAFFEUX 066010db7d
FEATURE: introduces list/compact_list components 2018-08-03 16:41:37 -04:00
Régis Hanol ac2513b0f2 FEATURE: automatic PM when a user's email is revoked 2018-08-03 16:39:22 +02:00
Jeff Atwood c81bad3232
Merge pull request #6232 from OsamaSayegh/message-email-short-reply
UX: better rejection message when reply via email is too short
2018-08-02 14:25:04 -07:00
OsamaSayegh a157dfd418 UX: better rejection message when reply via email is too short 2018-08-02 22:43:53 +03:00
Régis Hanol 14bbd5d167 FIX: use the right URL when downloading the file from S3 2018-08-02 10:04:41 +02:00
Penar Musaraj 4a872823e7 Improvements to user drafts (#6226)
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels

* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
Régis Hanol 0f1137dafa FIX: 'migrate_from_s3' rake task wasn't handling short urls 2018-08-01 22:58:46 +02:00
Jeff Wong 059862ed46 Mark discord auth plugin official 2018-08-01 09:33:14 -07:00
Neil Lalonde b829452c75
Merge pull request #6209 from discourse/mini_scheduler
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
Joffrey JAFFEUX 0b9437cee7
FIX: more resilient/consistent dashboard caching (#6223) 2018-08-01 09:45:50 -04:00
Gerhard Schlager a115aae45f Use rchardet instead of charlock_holmes gem 2018-08-01 10:41:20 +02:00
Gerhard Schlager ff942ed2f3 FIX: Try detecting encoding of RSS feed 2018-08-01 10:41:20 +02:00
Penar Musaraj 1f45215537 FEATURE: Drafts view in user profile
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Vinoth Kannan 6aee22b88f FIX: Onebox images are not downloaded locally without css class 2018-08-01 02:51:02 +05:30
Neil Lalonde 4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
Arpit Jalan afe3b00c0f FIX: use hidden setting for max export file size 2018-07-31 11:25:28 +05:30
Sam f0c203a5cf clean up previous commit 2018-07-31 14:50:02 +10:00
Jay Pfaffman b55d9e63a0 Rake mail test debugging (#6171)
* FEATURE: rake emails:test add debugging

* Oops! Remove safety code

* more language tweaks
2018-07-31 14:45:59 +10:00
Neil Lalonde fd29ecb91a UX: include a flag reason in the post-deleted-by-staff-because-of-flags message 2018-07-30 16:45:46 -04:00
Régis Hanol 8f1db615db FIX: don't break restore if function does not exist 2018-07-30 22:11:38 +02:00
Arpit Jalan 17b851cf08 FEATURE: show last updated date for wiki topics 2018-07-30 20:27:49 +05:30
David Taylor 6566b2f11a FEATURE: Allow revoke and connect for Instagram logins 2018-07-30 14:38:53 +01:00
Arpit Jalan dfcb2a0d42 FEATURE: include published_time in metadata 2018-07-30 17:09:56 +05:30
David Taylor 8d1acbd4c2 DEV: Include specific authenticator name in warning message 2018-07-30 11:33:48 +01:00
Guo Xiang Tan b94633e844 FIX: `FileHelper` should prioritize response content-type.
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
2018-07-30 10:54:36 +08:00
David Taylor 5f1fd0019b FEATURE: Allow revoke and connect for GitHub logins 2018-07-27 17:18:53 +01:00
David Taylor 6296f63804 FEATURE: Revoke and connect for Yahoo logins 2018-07-27 16:20:47 +01:00
David Taylor 9c72c00206 FEATURE: Revoke and reconnect for Twitter logins 2018-07-27 12:28:51 +01:00
Arpit Jalan c74dd2fa08 FIX: welcome topic should not be a private message 2018-07-27 15:15:13 +05:30
Guo Xiang Tan 6740631fdb TEMPFIX: Fix broken restores. 2018-07-27 12:48:16 +08:00
Neil Lalonde 135c803f49 FIX: don't send PM if flagged post is deleted but flags were deferred or cleared 2018-07-26 15:12:31 -04:00
Neil Lalonde a74024b1c9 Version bump to v2.1.0.beta3 2018-07-26 14:16:06 -04:00
David Taylor 467c529920 FIX: Remove return statement from inside block 2018-07-26 15:52:39 +01:00
David Taylor 88241f57a3
FEATURE: allow auth plugins to have a site setting for full screen login 2018-07-26 11:11:16 +01:00
Nick Shearer def2c977ce allow auth plugins to have a site setting for if they should be full screen vs popup window 2018-07-25 19:20:11 -05:00
Régis Hanol f94aeaf6cf SECURITY: force IM decoder based on file extension - part 3 2018-07-25 23:55:06 +02:00
Régis Hanol 800c57c6ab SECURITY: force IM decoder based on file extension - part 2 2018-07-25 23:08:02 +02:00
Régis Hanol 4bf3bf6786 SECURITY: force IM decoder based on file extension 2018-07-25 22:00:04 +02:00
David Taylor 0d0d78841b
FIX: Remove `plugin.enabled?` checks at initialization time (#6166)
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
  - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
  - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.

Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.

I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
  - `post_custom_fields_whitelist`
  - `whitelist_staff_user_custom_field`
  - `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
Joffrey JAFFEUX 796639a797
FIX: makes disk_space computation more resilient (#6172) 2018-07-25 11:04:01 -04:00
David Taylor fa399ce1c5 FEATURE: Add revoke and reconnect functionality for google logins 2018-07-25 16:03:14 +01:00