Commit Graph

689 Commits

Author SHA1 Message Date
Sam 2ad756464e SECURITY: TopicView not correctly restricting to topic 2014-05-29 21:56:26 +10:00
Sam 0bc3525b10 BUGFIX: more robust onebox implementation 2014-05-28 17:15:10 +10:00
Sam Saffron 330ea82ce4 FIX broken spec 2014-05-27 13:52:39 +10:00
Sam 033cbc61bf BUGFIX: broken spec 2014-05-27 10:08:03 +10:00
Sam 504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam 6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam cf254000cf Revert "Revert "BUGFIX: improve error messages for invalid API keys""
This reverts commit e9afe28586.
2014-05-23 08:43:19 +10:00
Neil Lalonde e9afe28586 Revert "BUGFIX: improve error messages for invalid API keys" 2014-05-22 14:55:36 -04:00
Sam eeef775f21 BUGFIX: improve error messages for invalid API keys
BUGFIX: don't track last seen for message bus
2014-05-22 09:01:29 +10:00
Neil Lalonde 742841ddce Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:35:10 -04:00
Robin Ward 64355c989e FIX: Don't extract links from empty quotes 2014-05-20 17:20:52 -04:00
Neil Lalonde 27cbc06563 Add fixed_category_positions site setting to handle whether categories are ordered by specified positions or by activity. 2014-05-16 11:33:52 -04:00
Robin Ward 3211c60bbe FEATURE: A new site setting `public_user_custom_fields` which allows you
to whitelist custom fields that will be exposed to the Ember client
application.
2014-05-14 14:39:01 -04:00
Neil Lalonde c4d3aa3d47 Theming: a UI to choose some base colors that are applied to all the site css. CSS compiled outside of asset pipeline. 2014-05-14 10:18:12 -04:00
Wojciech Zawistowski 960d64930c Wiki Post 2014-05-13 08:53:11 -04:00
Neil Lalonde e68e97d986 FIX: moderators can't see private topics that they aren't invited to see. 2014-05-12 15:26:46 -04:00
Sam a2e2d0e886 Merge pull request #2316 from mutiny/refactor-where-first
Refactor `where(...).first` to `find_by(...)`
2014-05-08 09:10:45 +10:00
Neil Lalonde f44bd4ec28 Don't allow sending private messages to suspended users. Emails to suspended users should tell them how to respond, since they can't. 2014-05-06 15:01:27 -04:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Neil Lalonde 014bfc0512 Use 10k most common passwords instead of 5k 2014-05-02 12:01:21 -04:00
Sam f6c22cc299 Merge pull request #2297 from ligthyear/custom-fields
Custom fields for Topic, Category, Post and Group
2014-04-30 13:15:50 +10:00
Robin Ward cd6ab981f3 FIX: preferences URL changed 2014-04-29 21:18:23 -04:00
Benjamin Kampmann f757706861 Ensure Reload reloads custom_fields, too 2014-04-29 19:34:56 +02:00
Benjamin Kampmann 230453b411 use more explicit naming to prevent name clashes. fixes build. 2014-04-29 19:26:43 +02:00
Benjamin Kampmann 0cf07d41ae Move Concern from lib into app/models. refs #2279 2014-04-29 19:26:43 +02:00
Benjamin Kampmann 1e70c3cbbd Add Support for Arrays to CustomFields 2014-04-29 19:26:42 +02:00
Benjamin Kampmann 48f016c7f5 fix double save missing error by using copy not actual reference 2014-04-29 19:26:42 +02:00
Benjamin Kampmann e6e03a1a96 move custom fields into its own concern 2014-04-29 19:26:42 +02:00
Sam 35952055e2 BUGFIX: web crawlers messing with anon caching 2014-04-29 10:48:09 +10:00
Neil Lalonde 495f78f574 oops, fix broken current_user_spec 2014-04-28 14:01:22 -04:00
Neil Lalonde 9fba385172 FIX: don't onebox hidden posts 2014-04-28 11:03:19 -04:00
Sam e88e43bfb6 Merge pull request #2279 from fantasticfears/concern
move concerns to the model/concerns
2014-04-28 09:48:33 +10:00
Neil Lalonde 47d000edcc Merge pull request #2292 from ligthyear/sass-variables
Improved Plugins SCSS management
2014-04-25 15:29:50 -04:00
Neil Lalonde 7993c27ce5 Also allow system_user to send pm's even if enable_private_messages is disabled 2014-04-25 14:52:57 -04:00
Benjamin Kampmann 64918c35f5 Improved Plugins SCSS management
- Moves the import of plugins for both mobile and desktop from common after discourse loading, allowing plugins to overwrite
 - Make desktop-option behave like the mobile-option: SCSS/CSS marked with that option will only be loaded for desktop from now on and ignored in mobile
 - Add variables-keyword, allowing plugins to ship and overwrite variables before they get imported by discourse (great for theming)
2014-04-25 18:25:45 +02:00
Neil Lalonde ee8bbadfe8 Allow contact user to send private messages even if enable_private_messages is false 2014-04-23 17:00:22 -04:00
Robin Ward 84da39f5dc FIX: Admins should always be able to see groups so they can edit them. 2014-04-23 15:15:46 -04:00
Régis Hanol b61abe3107 FEATURE: warn the admin whenever we disable the download_remote_images_to_local site setting 2014-04-23 12:43:10 +02:00
Robin Ward af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Erick Guan 6d45f71254 move concerns to the model/concerns 2014-04-19 12:00:40 +08:00
Régis Hanol b2cb4b27a1 Merge pull request #2273 from paully21/development-branch
Add blurb of post to search results via API
2014-04-17 21:06:03 +02:00
Robin Ward 87682f7539 FIX: Don't include image meta data when embedded in an email 2014-04-17 12:32:51 -04:00
Robin Ward b3ed8b6a32 Use query params for sortable table headings 2014-04-17 10:52:57 -04:00
paully21 84d100be85 Add blurb of post to search results via API 2014-04-17 07:58:51 -05:00
Régis Hanol 542d54e6bf BUGFIX: uploads to S3 2014-04-15 13:04:14 +02:00
Régis Hanol 2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam 63f4a0e050 Tighten API, add spec for recovery, keep mutex semantics 2014-04-14 10:51:46 +10:00
Vikhyat Korrapati 56ee1ac569 Extract scheduler cross-process locking into DistributedMutex. 2014-04-13 00:05:46 +05:30
Sam de9aa49b52 BUGFIX: default should register CSS for both mobile and desktop
If you want desktop only use :desktop option
2014-04-10 16:30:22 +10:00
Sam b9d4edd91a FEATURE: display unpinned state, allow unpinning by clicking on pin 2014-04-10 10:59:02 +10:00
Robin Ward 034287033e Add back onebox support for flash video 2014-04-09 13:41:25 -04:00
Régis Hanol c3a1c867dd REFACTOR: poll mailbox specs 2014-04-09 19:26:19 +02:00
riking 9c4dd1cb35 Change comma-delim site settings to pipe-delim 2014-04-08 14:17:55 -07:00
Benjamin Kampmann d22df7731d Allow plugins to ship custom styles only for mobile
- adds another :mobile-flag to register_assets
- adds test for plugin registering of assets
- load plugins when on desktop and plugins_mobile when on mobile
2014-04-07 16:33:35 +02:00
Sam 0372b81d11 FEATURE: allow moderators to globally pin topics 2014-04-07 16:38:51 +10:00
Robin Ward dbab628e16 Support for creating embedded topics via API 2014-04-03 14:42:44 -04:00
Robin Ward 558a06a117 Adds better reusable error message support. Added to fetching remote
posts. /cc @riking
2014-04-02 13:22:10 -04:00
Sam eff20fdda7 fix bust spec 2014-04-02 16:22:12 +11:00
Sam a3f270f0e9 BUGFIX: broken spec 2014-04-01 16:08:18 +11:00
Régis Hanol 706fd3c59a Merge pull request #2206 from riking/posted
Fix the 'posted' view so that it actually does something
2014-03-31 23:05:48 +02:00
Sam 8fc2549873 Stop using global vars where not needed
Simplify local process site setting provider
Stop setting up methods over and over
Centralize cache clearing
2014-03-31 12:34:13 +11:00
riking df5229a399 Add spec for posted list
The test fails on 956b14a and passes on this branch
2014-03-30 14:21:35 -07:00
Régis Hanol e6989b5313 Merge pull request #2192 from jorgemanrubia/configurable-emails-prefix
Option to change the subject prefix in emails
2014-03-28 15:08:50 +01:00
Neil Lalonde fd504e741f FIX: reply by email can handle emails with attachments. Attachments are still ignored, but a post or topic can be created from the email now. 2014-03-28 09:57:20 -04:00
Jorge Manrubia 806924dd7e Option to change the email subject prefix
It adds a new setting 'email_prefix' to configure which [label] will be used in the subject of emails. Discourse currently uses '[title]'. The problem is that sometimes you need to set a longer title, that doesn't really work well for emails. I think this is very common since the HTML `<title>` tag is very important for SEO.

It will default to '[title]' if this setting is not used.

See: https://meta.discourse.org/t/where-to-change-the-email-subject-prefix/11989
2014-03-26 23:06:00 +01:00
Sam 5897d3419c BUGFIX: identity_url was not fished out correctly
If I user logged in with Google and then changed email,
they would no longer be able to log in with google
2014-03-26 14:52:50 +11:00
Robin Ward 539890afdf Let's not show tons of extra information about invites unless you're the
person who invited them.
2014-03-21 14:16:11 -04:00
Robin Ward d3f1eb395d Updated import for TypePad 2014-03-19 15:02:49 -04:00
Neil Lalonde 0b1550f9d4 Add excerpt column to topics table to remove N+1 query in ListableTopicSerializer 2014-03-18 15:24:29 -04:00
Sam 5c26b3dad1 FIX: broken specs after new link alerting code 2014-03-18 15:22:53 +11:00
Neil Lalonde 2c725e2779 FEATURE: Trust level 4 abilities: pin/unpin, close, archive, make invisible, split/merge topic 2014-03-17 14:50:28 -04:00
Benjamin Kampmann e63b9b362e allow apps to give custom admin javascripts 2014-03-17 13:19:08 +01:00
Sam 798b8444cf BUGFIX: work correctly if process forks 2014-03-17 15:22:11 +11:00
Sam 2c8ae22b87 FEATURE: add a simple queue Scheduler::Defer.later {}
For quick jobs that do not need to be sent to sidekiq,
runs inline in a single thread but does not block
2014-03-17 12:16:19 +11:00
Sam f4c2fef407 Merge pull request #2121 from LessonPlanet/disable-name-edit-for-sso
Adding name to the list of uneditable items in preferences UI
2014-03-17 10:05:11 +11:00
Vikhyat Korrapati e3702ecb30 Improved crawler detection: add Twitterbot, Facebook, curl, Bing, Baidu. 2014-03-16 19:30:20 +05:30
Neil Lalonde 98284d771f Mark failing spec as pending for Robin to investigate 2014-03-14 18:13:45 -04:00
Robin Ward e22f1ae186 Support for a daily job at a certain hour. Convert backup job to run at
3am instead of randomly during the day.
2014-03-14 13:02:45 -04:00
Forest Carlisle e904b2faad Adding name to the list of uneditable items in preferences UI
* If enable_names,  enable_sso, and sso_overrides_name settings are true.
  * Added serialization of can_edit_name so the UI has access to the right.
2014-03-13 13:26:40 -07:00
Régis Hanol fd1c824187 Revert "Merge pull request #2116 from LessonPlanet/disable-name-edit-for-sso"
This reverts commit 91aa21671a, reversing
changes made to f19596af0d.
2014-03-13 18:17:59 +01:00
Neil Lalonde 283dc7dd2d Trust level 4: add ability to edit any post and see edit history 2014-03-13 10:47:49 -04:00
Forest Carlisle e8c7c6fab7 Adding name to the list of uneditable items in preferences UI
* If enable_names,  enable_sso, and sso_overrides_name settings are true.
2014-03-12 17:09:53 -07:00
Neil Lalonde 9ca516e58d Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.) 2014-03-12 12:39:36 -04:00
Neil Lalonde cf630207b7 Remove an unused variable in check_reviving_old_topic spec 2014-03-12 10:46:50 -04:00
Neil Lalonde 659e7fa4ce FEATURE: Warn when reviving a topic that has been inactive for X days. Setting warn_reviving_old_topic_age controls when the warning is shown. Set it to 0 to disable this feature. 2014-03-12 10:44:12 -04:00
Neil Lalonde 2838e1c3b5 FIX: don't show option to flag with notify_user to trust level 0 users. they can't send private messages. 2014-03-10 11:48:40 -04:00
Douglas Browne a1e70ac57e Added spec for SSO override username/email changes 2014-03-09 21:38:36 -04:00
Robin Ward c3e5ee1d7e FIX: Failing specs 2014-03-07 12:06:20 -05:00
Sam 73ef91cf27 junk code removed 2014-03-07 19:00:36 +11:00
Sam edf86a207b fix build 2014-03-05 14:26:42 +11:00
Robin Ward 5e6764e9c9 FIX: Remove update, should fix issue with broken specs 2014-03-04 12:47:14 -05:00
Robin Ward a2b0e2b50f BUGFIX: Fix ailing tests 2014-03-03 16:24:20 -05:00
Sam 5c3f2feed4 BUGFIX: recovery code in case an unknown job is scheduled 2014-03-04 07:37:12 +11:00
Benjamin Kampmann 024597e643 Switch to proper exception handling system for better user feedback
- Replace implicit return code-system in Email::Receiver with proper exception system
 - Update tests to check for exceptions instead
 - Test the PollMailbox for expected failures
 - Add proper email-handling of problematic emails
"
2014-02-28 17:02:58 +01:00
Benjamin Kampmann d32cb55837 Add public-inbox to Email-In-Feature
- Adds the advanced option to accept email from non-users per category email-address
 - Adds tests covering the new feature
 - Adds UI to configure this feature in the frontend
2014-02-28 16:53:58 +01:00
Benjamin Kampmann 37cea49459 Add Email-In-Per-Category
- allow the configuration of an inbox-email-address per category
 - post emails to that email into that category instead of global

 - Adds UI for configuration
 - Adds Documentation for configuration
 - Adds Tests for new feature
2014-02-28 16:53:58 +01:00
Benjamin Kampmann 4af2cf3f23 Refactor and clean up New-Topic via Email
With the new email_in admin configuration setting, emails to the email_in_address fetched via POP will now be processed and posted as new topics to the forum.

With the email_in_min_trust you can control the trust level the user needs to have at least to be able to post an email as a new topic.

Also contains tests for the email-in feature and minor clean ups
2014-02-28 16:53:58 +01:00
Robin Ward a07e9f7e71 FEATURE: Bulk `reset read` status. 2014-02-21 15:18:45 -05:00
Sam Saffron 2ab76f60d1 FEATURE: Discoruse.handle_exception
to report exception via sidekiq helper, adds extra context
2014-02-21 14:30:25 +11:00
Robin Ward c4b5455c21 REFACTOR: Rename `GooglebotDetection` to `CrawlerDetection` because we
will likely whitelist more crawlers in the future.
2014-02-20 16:07:02 -05:00