Commit Graph

1374 Commits

Author SHA1 Message Date
Kane York df988a20eb FEATURE: Reserved usernames
A list of usernames that will be blocked from being used to sign up.
2015-07-01 13:50:55 -07:00
Robin Ward 6422d5efbd Use the same component for similar topics as search results. 2015-06-24 15:08:22 -04:00
Robin Ward b4960d48b4 Better support for passing up errors when OmniAuth fails after auth 2015-06-24 12:12:43 -04:00
Régis Hanol f18098fd9b FEATURE: category dropdown in admin reports 2015-06-24 15:19:39 +02:00
Sam b052179ae6 Merge pull request #3163 from rcfox/fix-by-external
Allow periods in the external_id value used in the /users/by-external route.
2015-06-24 13:07:12 +10:00
Sam 65ac5b6475 Merge pull request #3562 from riking/no-index
Add noindex directive on unlisted topics
2015-06-23 15:50:53 +10:00
Robin Ward 76bfd723f6 Merge pull request #3482 from riking/patch-3
Import/Export site customizations
2015-06-22 14:03:07 -04:00
Kane York 2f0bd6294c Add noindex directive on unlisted topics 2015-06-22 11:00:39 -07:00
Régis Hanol efb02ae561 FIX: take into account unlisted banners 2015-06-22 14:08:30 +02:00
Sam 41e427bd2e Work in progress, full page search 2015-06-22 18:09:08 +10:00
Konstantin Ilchenko 131cf643ce FIX: Allow api to send uploads with :url 2015-06-21 14:54:59 +03:00
Robin Ward 4e898c604e UX: Update suggested topics to include topic status + category 2015-06-18 15:53:10 -04:00
Sam f26eee8431 FEATURE: add username to NGINX logs 2015-06-16 17:43:53 +10:00
Arpit Jalan d37c2a2c98 Merge pull request #3550 from techAPJ/patch-1
FIX: new-topic URL should survive login redirection
2015-06-16 07:19:42 +05:30
Sam 690f4a4c37 add X so it shows up at the end of chrome 2015-06-16 10:27:42 +10:00
Sam 9b8b1d0034 FEATURE: add special header that names the action for the request 2015-06-16 09:54:44 +10:00
Régis Hanol 1ac3941130 FEATURE: allow API to upload files synchronously 2015-06-15 16:12:15 +02:00
Arpit Jalan d1632c1dbd FIX: new-topic URL should survive login redirection 2015-06-14 20:24:47 +05:30
Régis Hanol 189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron c58b495e15 SECURITY: Query @usernames in bulk
Otherwise you could add many requests at once while composing.
2015-06-11 13:03:49 -04:00
Robin Ward ae277e28a6 FEATURE: Allow embedding topics without creating them, by id 2015-06-09 16:24:20 -04:00
Sam Saffron e3fa27a01c FEATURE: serialize and update category custom_fields
- send to client
- update from client
2015-06-10 06:13:36 +10:00
Robin Ward 7b6d6b76eb FEATURE: Multiple embeddable hosts
- Also refactors two site settings components into one, with tests
2015-06-09 13:25:43 -04:00
Arpit Jalan 71ee84f848 FEATURE: latest posts RSS feed 2015-06-09 21:45:06 +05:30
Robin Ward 5da5269652 FIX: Bad page title for categories view by google crawler 2015-06-08 12:07:35 -04:00
Arpit Jalan 74141cc475 FIX: send 404 error when unauthorized user tries to download user archive 2015-06-08 11:32:31 +05:30
Sam Saffron 4409a3072d FEATURE: we need admin login always 2015-06-05 18:43:59 +10:00
Régis Hanol 81a699e2b0 better support for mixed content 2015-06-01 17:49:58 +02:00
Sam Saffron 9787cb07aa FIX: when missing a static topic we were returning an error 2015-06-01 11:40:52 +10:00
Sam fc2a08731a FIX: sso_not_approved_url not working correctly 2015-05-30 13:19:07 +10:00
Régis Hanol 80a108e3cf FIX: don't break user avatars route 2015-05-29 19:19:41 +02:00
Régis Hanol acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Régis Hanol 0483f05154 make sure we pass in the user_id when creating avatar thumbnails 2015-05-29 18:11:19 +02:00
Régis Hanol cb025a65e0 FIX: make sure we also save the user_avatar.custom_upload_id 2015-05-29 10:21:41 +02:00
Régis Hanol c3227b69fa FIX: proper support for pixel ratios up to 3 2015-05-29 09:57:54 +02:00
Sam bddbf70697 FIX: order post_actions by date 2015-05-28 16:16:36 +10:00
Sam bb3fb37650 FIX: when uploading same file was pasted into multiple composers 2015-05-28 15:08:54 +10:00
Neil Lalonde ea8cf1a208 FIX: topic auto-close uses the client's time zone 2015-05-27 18:01:46 -04:00
Sam 02fa7448ca FEATURE: custom url to redirect to on account pending approval for sso 2015-05-27 14:06:45 +10:00
Sam a988cd5abe FIX: redirect to CDN avatar for s3 avatars 2015-05-27 12:02:57 +10:00
Sam 918034aa7b remove less useful error reporting 2015-05-27 11:17:28 +10:00
Régis Hanol 992154533f remove debugging letfovers 2015-05-26 20:08:19 +02:00
Régis Hanol 7b03c7dbc4 Merge pull request #3504 from techAPJ/patch-4
FIX: add missing translation keys
2015-05-26 16:08:39 +02:00
Régis Hanol 85d4d3223c FIX: crop avatars on the server instead of the client
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Arpit Jalan d21944a0b6 FIX: add missing translation keys 2015-05-26 19:11:37 +05:30
Sam 147ea002f7 FIX: allow handling for avatars that are not in the set of "resized sizes" 2015-05-26 15:41:50 +10:00
Sam eeda367e70 FIX: should be able to serve optimized image from local if its ... local... 2015-05-26 12:32:52 +10:00
Neil Lalonde eaa1afeaf5 remove Google OpenID auth, since Google doesn't support it anymore 2015-05-25 15:13:44 -04:00
Régis Hanol bb0c2813ac FEATURE: generate (avatar) thumbnails in a background task
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar

PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Sam bcaed90744 fix missing rtl stylesheets 2015-05-23 15:25:05 +10:00
Sam fe46d1dd3b PERF: avoid cookies for all static, public, cached forever assets 2015-05-22 16:15:46 +10:00
Sam 96dbeb8608 fix stylesheet cache to recover if file is on disk 2015-05-22 11:22:12 +10:00
Robin Ward 0ed1c8011c FIX: About page error when `login_required` 2015-05-21 14:37:49 -04:00
Sam a0090a4585 fix incorrect handling of date on "globally enabled" stylesheet. 2015-05-21 17:23:54 +10:00
Sam 44fc8e42dc nginx is stripping ETags, just use last modified instead 2015-05-21 17:05:22 +10:00
Sam 4fbfc6ddbc PERF: missing caching on CSS and Site Customizations 2015-05-21 16:09:23 +10:00
Régis Hanol b7f8680618 fix build (:fired:) 2015-05-20 17:51:33 +02:00
Régis Hanol bcd98c8f0f FIX: API can provide a URL to create an upload 2015-05-20 17:38:06 +02:00
Régis Hanol c91634c09a FIX: support for async uploads of emojis 2015-05-20 16:45:48 +02:00
Régis Hanol 8d967d9065 FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread 2015-05-20 16:45:48 +02:00
Robin Ward 7d23826cee FIX: Keep around the page when redirecting 2015-05-20 10:16:17 -04:00
Régis Hanol 7d3b7a5657 fix the build 2015-05-20 15:32:31 +02:00
Régis Hanol b44488b618 FIX: keep to old attachment route 2015-05-20 14:55:42 +02:00
Sam e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam 14ab9c45b6 Merge pull request #3470 from ahuling13/expired-nonce-return-status
In the case of an expired nonce, return a 400 status code instead of 500
2015-05-20 12:08:17 +10:00
Sam d1d703718a Merge pull request #3476 from paulkaplan/sso-distrust-email
Add SSO setting to not trust emails automatically
2015-05-20 12:07:14 +10:00
riking d112f39031 Change extension back to .dcstyle.json 2015-05-19 18:35:16 -07:00
Andrew Huling e44ddff9bb Change the expired nonce return status code from 400 to 419. 2015-05-19 13:13:14 -04:00
Régis Hanol 9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
riking fbc06d044f Use .dcstylejson instead of .dcstyle.json 2015-05-16 20:41:35 -07:00
riking 1e53c179a3 FEATURE: Export customizations as JSON files 2015-05-16 20:24:13 -07:00
Ryan Fox 14d2b76354 Merge branch 'master' into fix-by-external
Conflicts:
	app/controllers/users_controller.rb
2015-05-15 19:54:11 -04:00
Paul Kaplan b8a43e153c Use session controller to prevent inactive SSO users 2015-05-15 12:15:06 -05:00
Régis Hanol 93273cd17a Merge pull request #3451 from ossobv/sso_login_unapproved_account
Stop sso login processing after rendering error
2015-05-15 14:33:19 +02:00
Antonin Hildebrand 11852056a8 Add missing events for discourse-hipchat-plugin
https://github.com/binaryage/discourse-hipchat-plugin
2015-05-15 15:52:12 +08:00
Andrew Huling e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Robin Ward 0b65c88003 Upgrade Notifications to fix deprecations and use store 2015-05-11 11:20:45 -04:00
Harm Geerts d9a3e82516 Stop sso login processing after rendering error
This prevents a DoubleRenderError triggered on the redirect_to.
2015-05-11 14:17:32 +02:00
Arpit Jalan fc30b771cf FIX: reply count is off by one 2015-05-11 13:58:53 +05:30
Sam 8277a586bb usage of raise corrected 2015-05-07 11:00:51 +10:00
Sam 77cc087b13 FIX: proper error message when account created is hit with no session 2015-05-07 11:00:22 +10:00
Sam 376b28b0ed FIX: raise a 404 if click tracker gets no url 2015-05-06 11:27:41 +10:00
Sam 0f53fc8328 correct emergency regeneration in the controller 2015-05-06 07:33:32 +10:00
Sam ea670118c1 Add better error handling, correct the location on disk of stylesheet 2015-05-05 23:28:40 +10:00
Sam f58d85edea FEATURE: move stylesheet cache out of the uploads directory 2015-05-05 15:50:13 +10:00
Sam 803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Arpit Jalan 23fd16850a FIX: include youtube link in embedded comments 2015-05-01 18:34:45 +05:30
Robin Ward 16408cee06 Allow Postgres to trigger readonly mode for the site. 2015-04-29 11:49:58 -04:00
Sam 729aaa826b Merge pull request #3404 from techAPJ/patch-1
FEATURE: magic login route for admin when SSO is enabled
2015-04-28 07:47:50 +10:00
Robin Ward ecafbb0a63 Can delete users via the moderation queue 2015-04-27 15:06:20 -04:00
Robin Ward 3cb4554bbb Can refresh queued posts via button 2015-04-27 13:52:54 -04:00
Neil Lalonde cce8693354 FIX: canonical link tag when using relative_url_root 2015-04-27 13:34:22 -04:00
Arpit Jalan 2932284293 FEATURE: magic login route for admin when SSO is enabled 2015-04-27 22:54:48 +05:30
Robin Ward 3a6efa25f0 Allow ReadOnly to propogate up to the Ember app via Response Header 2015-04-24 14:37:16 -04:00
Robin Ward 5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Neil Lalonde ae028a5bb1 FIX: support for redirects to external url in permalinks table was broken 2015-04-23 16:45:28 -04:00
Régis Hanol a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward 53ca51654d FIX: Avoid cookie overflows by truncating the referer we store in flash 2015-04-22 12:41:49 -04:00
Robin Ward 5bf8c31af4 Users can see their pending posts 2015-04-21 16:44:47 -04:00
Robin Ward 2cdd967188 Adds support for invisible approval queues, which we'll need for Akismet 2015-04-20 17:19:05 -04:00