David Taylor
9248ad1905
DEV: Enable `Style/SingleLineMethods` and `Style/Semicolon` in Rubocop ( #6717 )
2018-12-04 11:48:13 +08:00
Penar Musaraj
7b3432f711
Enforce disabling flagging hidden posts server-side
2018-11-05 10:00:59 -05:00
Bianca Nenciu
048cdfbcfa
FIX: Do not allow revoking the token of current session. ( #6472 )
...
* FIX: Do not allow revoking the token of current session.
* DEV: Add getter of current auth_token from Guardian.
2018-10-12 10:40:48 +11:00
Kyle Zhao
4bb980b9f7
FEATURE: do not allow moderators to export user list ( #6418 )
2018-09-21 09:07:13 +08:00
Sam
879067d000
FIX: check admin theme cookie against user selectable
...
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable
this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
Osama Sayegh
e0cc29d658
FEATURE: themes and components split
...
* FEATURE: themes and components split
* two seperate methods to switch theme type
* use strict equality operator
2018-08-24 11:30:00 +10:00
Osama Sayegh
2711f173dc
FIX: don't allow inviting more than `max_allowed_message_recipients`
...
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows
* add specs for guardian
* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)
Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences
* groups take only 1 slot in PM
* just return if topic is a PM
2018-08-23 14:36:49 +10:00
Robin Ward
a83f662492
FIX: Allow silenced users to like / bookmark, just not flag.
2018-08-17 11:06:18 -04:00
Guo Xiang Tan
fae8757cd4
FIX: `Guardian#post_can_act?` shouldn't raise an error if user of post has been deleted.
2018-08-17 15:11:30 +08:00
Sam
91e0a77a60
FEATURE: silenced users should not be allowed to edit posts
2018-08-15 14:29:36 +10:00
Robin Ward
87fa26b6c8
FIX: Silenced users shouldn't be able to act on posts
2018-08-14 11:43:39 -04:00
Osama Sayegh
0b7ed8ffaf
FEATURE: backend support for user-selectable components
...
* FEATURE: backend support for user-selectable components
* fix problems with previewing default theme
* rename preview_key => preview_theme_id
* omit default theme from child themes dropdown and try a different fix
* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
Penar Musaraj
4a872823e7
Improvements to user drafts ( #6226 )
...
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels
* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
Penar Musaraj
1f45215537
FEATURE: Drafts view in user profile
...
* add drafts.json endpoint, user profile tab with drafts stream
* improve drafts stream display in user profile
* truncate excerpts in drafts list, better handling for resume draft action
* improve draft stream SQL query, add rspec tests
* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)
* cleanup
* linting fixes
* apply prettier styling to modified files
* add client tests for drafts, includes a fixture for drafts.json
* improvements to code following review
* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix
* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed
* prettier, eslint fixes
* use "username_lower" from users table, added error handling for rejected promises
* adds guardian spec for can_see_drafts, adds improvements following code review
* move DraftsController spec to its own file
* fix failing drafts qunit test, use getOwner instead of deprecated this.container
* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Guo Xiang Tan
96aca6d7e6
Remove legacy vote post action code. ( #6009 )
2018-07-09 16:54:18 +08:00
Neil Lalonde
211981ef23
add specs for min_trust_to_create_tag set to staff and admin
2018-07-05 11:39:32 -04:00
Arpit Jalan
6bcdc3ba4b
FEATURE: allow author to delete posts irrespective of post_edit_time_limit
2018-06-26 21:43:06 +05:30
Robin Ward
fd54c92a52
FEATURE: New site setting, whitelisted_link_domains
...
If provided, users who normally couldn't post links (say, due to a
low trust level), can post links to those specific hosts.
2018-06-13 16:11:22 -04:00
Blake Erickson
7750b30016
FIX: Allow a user to remove their title
...
Somewhere there was a regression and a user couldn't remove their own
title. If they selected '(none)' in the UI it would say it was saved,
but it would not actually be updated in the db.
2018-05-31 17:16:52 -06:00
Robin Ward
a5172a37e0
Allow staff members to enable safe mode, even if disabled
2018-04-25 11:49:57 -04:00
Neil Lalonde
f6cfff3cea
UX: user preferences allows users to choose which title to use from their badges and groups
2018-04-06 14:34:36 -04:00
Arpit Jalan
a8149f8969
FIX: user should not be able to invite to PM if trust level requirment not met
...
FIX: when personal messages are disabled let user invite to a public topic
2018-03-08 14:59:04 +05:30
Arpit Jalan
003b03d939
allow staff to delete user if posts are 5 or less irrespective of delete_user_max_post_age
2018-03-05 23:31:29 +05:30
Robin Ward
cd6c5fc5fb
FIX: Disable "Make Personal Message" if they are disabled
2018-03-02 20:28:39 -05:00
Guo Xiang Tan
e7a7356986
Remove ancient votes code that is no longer used.
2018-02-28 14:37:22 +08:00
Guo Xiang Tan
902c5d11cf
FIX: Don't allow other flag actions after `notify_moderator` has happened.
...
https://meta.discourse.org/t/receiving-sorry-an-error-has-occurred-during-flagging-step-of-discobot-tutorial/77233/5
2018-02-28 11:27:56 +08:00
Robin Ward
69af881f7f
New site setting `trusted_users_can_edit_others`
...
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Robin Ward
b4aa0b096e
FIX: Couldn't like staff when `allow_flagging_staff` was set
2018-02-14 15:46:04 -05:00
Robin Ward
4dfe659189
Rename `allow staff flags` to `allow flagging staff`
2018-02-12 15:27:26 -05:00
Robin Ward
6287631745
FEATURE: New site setting, `allow staff flags`, false by default
...
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
Robin Ward
dedeb2deb8
FIX: Don't show the link button in the composer if linking is disabled
2018-02-08 12:56:10 -05:00
Robin Ward
b2b6dc68a6
FEATURE: a setting to customize the minimum TL to flag a post
2018-02-06 17:12:27 -05:00
Arpit Jalan
ff0376a80b
rename 'enable_private_messages' to 'enable_personal_messages'
2018-02-01 13:25:29 +05:30
Robin Ward
6b04967e2f
FEATURE: Staff members can lock posts
...
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Robin Ward
782d75069e
FIX: UX improvements for system messages when PMs are disabled
2018-01-23 13:12:11 -05:00
Arpit Jalan
ef4c6c67ba
fix the build
2017-12-23 14:42:40 +05:30
Guo Xiang Tan
f2565f6c7e
SECURITY: Any group can be invited into a PM.
2017-12-14 14:57:48 +08:00
Robin Ward
971e302ff2
FEATURE: Support an end date for user silencing
2017-11-14 13:20:19 -05:00
Robin Ward
1f14350220
Rename "Blocked" to "Silenced"
2017-11-10 14:10:27 -05:00
Neil Lalonde
fb5b9b6d06
FIX: don't offer the "Something Else" flag reason to TL0 users since they don't have permission to send private messages
2017-10-24 11:47:42 -04:00
Neil Lalonde
4452d67a23
Revert "FIX: TL0 users' messages to moderators were not being posted when flagging private messages"
2017-10-23 18:17:53 -04:00
Guo Xiang Tan
25c25ae423
FEATURE: Allow user to leave a PM.
2017-10-19 12:32:55 +08:00
Guo Xiang Tan
79de10b212
FEATURE: Allow users to disable new PMs.
...
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
Neil Lalonde
b124e5f19f
FIX: TL0 users' messages to moderators were not being posted when flagging private messages
2017-10-13 11:55:49 -04:00
OsamaSayegh
79f3d299a1
Don't allow category definition topics to be converted to PMs ( #5216 )
2017-10-02 10:04:58 +02:00
Robin Ward
561fa7d0cd
FEATURE: Site Setting to hide suspension reason on the public profile
2017-09-25 12:25:14 -04:00
Guo Xiang Tan
5d4221fbe1
PERF: Avoid calling expensive `PostGuardian#can_see_post?` multiple times.
...
Before
```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
50: 19
75: 19
90: 21
99: 27
topic:
50: 56
75: 62
90: 64
99: 99
timings:
load_rails: 1262
ruby-version: 2.4.1-p111
rss_kb: 198432
pss_kb: 136612
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_9877: 327892
pss_kb_9877: 263671
rss_kb_9946: 325468
pss_kb_9946: 261671
rss_kb_10153: 326456
pss_kb_10153: 262657
```
After
```
Your Results: (note for timings- percentile is first, duration is second
in millisecs)
---
topic_admin:
50: 18
75: 18
90: 20
99: 28
topic:
50: 41
75: 42
90: 46
99: 49
timings:
load_rails: 1201
ruby-version: 2.4.1-p111
rss_kb: 187936
pss_kb: 123596
virtual: physical
architecture: amd64
operatingsystem: Ubuntu
memorysize: 15.59 GB
kernelversion: 4.10.0
physicalprocessorcount: 1
processor0: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
rss_kb_26478: 342360
pss_kb_26478: 276696
rss_kb_26547: 340368
pss_kb_26547: 275930
rss_kb_26747: 338964
pss_kb_26747: 274466
```
2017-09-08 14:07:24 +08:00
Robin Ward
db929e58fc
FIX: Don't allow staff to approve users with unverified emails
2017-09-04 12:55:39 -04:00
Bianca Nenciu
6bc74ceb50
Split alias levels in mentionable and messageable levels. ( #5065 )
...
* Split alias levels in mentionable and messageable levels.
* Fixed some tests.
* Set messageable level to everyone by default.
* By defaults, groups are not mentionable or messageable.
* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Guo Xiang Tan
2a17f1ccd7
FIX: Group owners should be able to invite users to their groups.
...
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Guo Xiang Tan
a338a7a53e
Fix the build.
2017-07-10 11:12:21 +09:00
Guo Xiang Tan
13f3de4bf6
Nuke all `SiteSetting.stubs` from our codebase.
2017-07-07 15:09:14 +09:00
Sam
845170bd6b
FEATURE: add support for group visibility level
...
There are 4 visibility levels
- public (default)
- members only
- staff
- owners
Note, admins and group owners ALWAYS have visibility to groups
Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
Robin Ward
28f486cb7a
FIX: Regular users shouldn't be able to invite to PMs if disabled
2017-05-19 12:57:21 -04:00
Robin Ward
addc85cd08
FIX: Don't let users edit wiki posts unless they can reply
2017-05-08 16:23:11 -04:00
Guo Xiang Tan
a28704bcee
FIX: Can't recover a post when its user has been deleted.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
Arpit Jalan
213a496203
FIX: show all staff events related to the target user
2017-02-22 13:31:40 +05:30
Arpit Jalan
b32f33b3f0
FIX: allow staff members to send PMs when enable_private_messages is disabled
2017-02-22 11:32:09 +05:30
Arpit Jalan
046cbad10b
FEATURE: add a button on admin user page that links to action log
2017-02-21 21:38:37 +05:30
Arpit Jalan
dc2171960b
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:01:23 +05:30
Leo McArdle
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
Guo Xiang Tan
58f3a2e9a9
Fix randomly failing spec.
2017-01-06 15:25:49 +08:00
Guo Xiang Tan
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
Guo Xiang Tan
5d7f3223f0
SECURITY: Users can only bookmark posts which they can see.
2016-12-21 12:01:26 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Sam
674264726d
FIX: should not be allowed to see users list of people who started a PM
2016-10-19 17:36:35 +11:00
Sam Saffron
4d8d5613e4
FEATURE: add min_trust_level_to_edit_post
...
add minimum trust level to edit post (default 0)
2016-10-01 02:12:27 +10:00
Sam Saffron
46b34e3c62
FEATURE: remove user option for edit history public
...
Users can no longer opt-in for "public" edit history
if site owner disables it.
This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Sam
d61df21d69
FEATURE: allow people to send messages to themselves (for notes etc)
2016-07-04 11:36:43 +10:00
Guo Xiang Tan
dfdc54957c
FIX: A blocked user should not be able to moderate anything.
2016-06-20 15:51:26 +08:00
Neil Lalonde
f3f6c2f98f
FEATURE: tag groups
2016-06-06 14:18:48 -04:00
Neil Lalonde
0f8b4dcc86
FIX: trust level 3 should not be able to edit topics in categories that restrict them from doing so
2016-06-01 15:42:10 -04:00
Arpit Jalan
b25d950d99
FEATURE: allow moderators to convert a private message to public topic or vice versa
2016-05-04 22:47:32 +05:30
Arpit Jalan
acfb540952
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-02 21:34:05 +05:30
Robin Ward
de82bd946d
FIX: Group members should be able to see their groups even if private
2016-04-26 14:17:53 -04:00
Sam
8ba57c0ffd
FIX: restrict moderators from creating/editing topics in readonly categories
...
In the past moderators had blanket access to all categories they were allowed
to see. This tightens down the restriction.
2016-04-13 15:59:38 +10:00
Arpit Jalan
094f7a73d5
FIX: allow post editing but do not allow ninja edit for active flagged post
2016-03-31 00:11:08 +05:30
Arpit Jalan
6f0137dec9
FEATURE: disable post editing when the post has active flag
2016-03-30 23:28:49 +05:30
Neil Lalonde
fd853e0776
FIX: error when sending a private message to a group in some cases
2016-03-23 16:20:31 -04:00
Arpit Jalan
3e32393ab6
FIX: do not allow normal users to wiki edit-expired posts
2016-03-15 15:05:57 +05:30
Régis Hanol
415efd0f5b
FIX: staged user doesn't get notified for replies in topics they created in secured categories
2016-02-24 11:30:17 +01:00
Sam
3829c78526
PERF: shift most user options out of the user table
...
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded
New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
Arpit Jalan
106e3c897f
FIX: TL3 users should not be able to edit title of archived topics
2016-01-29 01:16:41 +05:30
Neil Lalonde
685ba1eb7f
FEATURE: blocked users can send and reply to private messages from staff
2016-01-22 12:54:24 -05:00
Arpit Jalan
06bac23e5f
FEATURE: allow users to wikify their own posts based on trust level
2016-01-12 08:44:25 +05:30
Andy Waite
3e50313fdc
Prepare for separation of RSpec helper files
...
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`
`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).
For more information:
https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files
In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.
This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.
At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
Sam Saffron
6dd4bc7d57
FEATURE: support group owner, capable of controlling group membership
...
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members
Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
Arpit Jalan
9f8d6b6088
FIX: allow exisiting users to be invited to topic/message when enable_local_logins is disabled
2015-10-30 11:28:05 +05:30
Sam
e29fe77b45
FEATURE: make trust level for message sending configurable
...
- add min_trust_to_send_messages site setting (default 1) to allow admins
to configure when messages can be sent between members
2015-10-12 11:15:48 +11:00
Robin Ward
5af0f5f80e
FEATURE: Whisper posts
2015-09-11 14:05:21 -04:00
Arpit Jalan
4d593d1c18
FIX: staff should be immune to max_invites_per_day setting
2015-06-05 10:22:41 +05:30
Sam
dd91d5b02f
FEATURE: disable invites by setting max_invites_per_day to 0
2015-05-19 16:51:21 +10:00
Robin Ward
f9069c350f
FIX: Permission issues when editing topics
...
If a user can't create a topic in a category, they should'be be
able to edit topics.
2015-04-30 17:08:12 -04:00
Arthur Neves
b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec
...
This conversion is done by Transpec 3.1.0 with the following command:
transpec
* 424 conversions
from: obj.should
to: expect(obj).to
* 325 conversions
from: == expected
to: eq(expected)
* 38 conversions
from: obj.should_not
to: expect(obj).not_to
* 15 conversions
from: =~ /pattern/
to: match(/pattern/)
* 9 conversions
from: it { should ... }
to: it { is_expected.to ... }
* 5 conversions
from: lambda { }.should_not
to: expect { }.not_to
* 4 conversions
from: lambda { }.should
to: expect { }.to
* 2 conversions
from: -> { }.should
to: expect { }.to
* 2 conversions
from: -> { }.should_not
to: expect { }.not_to
* 1 conversion
from: === expected
to: be === expected
* 1 conversion
from: =~ [1, 2]
to: match_array([1, 2])
For more details: https://github.com/yujinakayama/transpec#supported-conversions
2015-04-25 11:18:35 -04:00
Régis Hanol
3a40875e0b
Merge pull request #3247 from jmay/group-manager-invites
...
group manager can issue invitations from restricted topics
2015-03-16 09:53:04 +01:00
Neil Lalonde
608647d02f
FEATURE: Anonymize User. A way to remove a user but keep their topics and posts.
2015-03-10 11:59:08 -04:00
Jason W. May
0f36774246
group manager can invite members into the group from any restricted topic
2015-03-03 12:18:42 -08:00