Sam
f028ffaf29
SECURITY: correct local onebox category checks
...
Also removes ugly "source_topic_id" from cooked posts
Patch was authored by @zogstrip
Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Robin Ward
569e57f0a9
FIX: Delete the invalid auth cookie even if you hit the rate limit
2018-02-09 19:09:54 -05:00
Sam
4f946319b4
improve warning text
2018-01-19 08:32:15 +11:00
Sam
25f4d98307
improve error logging for warn_exception
2018-01-05 09:54:42 +11:00
Robin Ward
aed37770e3
FIX: Load the route format before discourse
2017-12-21 16:29:11 -05:00
Sam
6c82a50903
Improve error handling in hijacked code
2017-12-01 16:23:32 +11:00
Sam
f52111f787
FEATURE: allow plugins to easily detect if running in Rack
...
Usage: Discourse.running_in_rack? to tell if rack was booted
2017-11-16 08:39:29 +11:00
Sam
70bb2aa426
FEATURE: allow specifying s3 config via globals
...
This refactors handling of s3 so it can be specified via GlobalSetting
This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3
It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Sam
a4d4db4f0c
PERF: code not correctly caching git commands
...
Every check for Discourse version could result in shelling out.
2017-10-04 14:22:38 +11:00
Robin Ward
460ed3c8cf
Revert "Allow `NotFound` to specify an optional `Location` for the resource"
...
This reverts commit 4ae66c9e01
.
2017-09-26 12:58:24 -04:00
Robin Ward
4ae66c9e01
Allow `NotFound` to specify an optional `Location` for the resource
2017-09-26 09:10:18 -04:00
Robin Ward
d1ebc62065
The ability to display errors on flagging actions.
2017-09-25 12:28:01 -04:00
Robin Ward
717ed75fc4
Add warning when plugins changed by `tmp` was not removed
2017-09-08 13:38:46 -04:00
Guo Xiang Tan
4d840d10db
PERF: Reduce number of Redis hits per requests.
2017-09-07 13:34:27 +08:00
Sam Saffron
7f8a90ef63
remove non english comment
2017-08-31 17:00:37 -04:00
Sam
552fbd3c8d
lint
2017-08-28 12:25:34 -04:00
darix
4b5724ec02
Extend config/version.rb with more informations ( #5061 )
...
This gives installations not using git checkouts
to provide all the informations needed for the
internal version checks and version display in
the dashboard.
The build:stamp rake task was extended to also
add the new informations.
2017-08-28 12:24:56 -04:00
Guo Xiang Tan
0e656ff213
FIX: Can't reset AR schema cache due to versions table.
2017-08-17 19:27:35 +09:00
Guo Xiang Tan
86adc8d717
Fix typo.
2017-08-16 13:06:47 +09:00
Guo Xiang Tan
ed851dbfff
FIX: Avoid publishing a gigantic payload.
...
* Certain sites have way too many categories.
2017-08-16 11:38:30 +09:00
Guo Xiang Tan
3f24ed2b3e
Can't revert due to incompatibility of new site setting types.
...
Revert "Revert "FEATURE: Site settings defaults per locale""
This reverts commit 439fe8ba24
.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24
Revert "FEATURE: Site settings defaults per locale"
...
This reverts commit 468a8fcd20
.
2017-08-07 10:31:50 +09:00
Erick Guan
468a8fcd20
FEATURE: Site settings defaults per locale
...
This change-set allows setting different defaults for different locales.
It also:
- Adds extensive testing around site setting validation
- raises deprecation error if site setting has the default property based on env
- relocated site settings for dev and tests in the initializer
- deprecated client_setting in the site setting's loading process
- ensure it raises when a enum site setting being set
- default_locale is promoted to `required` category.
- fixes incorrect default setting and validation
- fixes ensure type check for site settings
- creates a benchmark for site setting
- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Robin Ward
d2490cbbb8
Test failures for Inline Onebox
2017-07-20 16:01:16 -04:00
Robin Ward
3882722195
FEATURE: Inline (Mini) Oneboxing
...
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Guo Xiang Tan
e7c972ac89
FIX: Don't use backticks that take in inputs.
2017-03-17 15:33:51 +08:00
Sam
1935f624b8
FEATURE: reset active record cache in sidekiq if needed
...
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Robin Ward
adb73180f7
FEATURE: Let plugins register themes easily
2017-01-13 11:50:52 -05:00
Régis Hanol
dfb633fde3
remove 'already initialized constant' warning
2017-01-11 11:03:36 +01:00
Guo Xiang Tan
cdd550e947
Use a different Redis key when PG failover sets site to readonly mode.
2017-01-11 16:38:49 +08:00
Guo Xiang Tan
22059d4df9
Add Rake task to clean up unused multisite Redis keys.
2016-12-05 11:46:34 +08:00
Guo Xiang Tan
e8a3043129
Spawn a single thread that checks for PostgreSQL fallback.
2016-11-17 13:52:08 +08:00
Sam
f4c754b389
FEATURE: split JavaScript application bundle, so plugins live in own file
...
This adds plugin.js and plugin_third_party.js files
2016-11-15 11:43:13 +11:00
Sam
c995fd65be
fix oops
2016-11-02 17:00:24 +11:00
Sam
7e43e73df6
FIX: properly reset all contexts after forking
...
Fixes hang on backup
2016-11-02 13:34:20 +11:00
Guo Xiang Tan
2f39293867
FIX: User enabled readonly mode was not working.
2016-08-25 23:31:59 +08:00
Robin Ward
2891f230d1
SECURITY: Make sure uploaded_urls have corresponding upload records
2016-07-28 13:54:17 -04:00
Sam Saffron
6777bd2629
warm up v8 after fork
2016-07-16 15:11:34 +10:00
Guo Xiang Tan
f256e3afb6
Merge pull request #4297 from tgxworld/handle_user_enabled_readonly_mode
...
Handle user enabled readonly mode
2016-07-05 19:54:32 +08:00
Régis Hanol
5169bcdb6e
FIX: httpshttps ultra secure URLs
2016-06-30 16:55:01 +02:00
Guo Xiang Tan
64858c10fe
FIX: Set a not expiring key for user enabled readonly mode.
2016-06-29 15:10:01 +08:00
Guo Xiang Tan
20359788dc
Rename `SiteSetting#use_https` to `force_https`.
2016-06-29 15:02:43 +08:00
Guo Xiang Tan
7619c2fa2f
FIX: Make sure we add a TTL when we enable readonly mode.
2016-06-29 13:55:17 +08:00
Régis Hanol
2194ccec6e
slightly better automatic flag reason messages
2016-04-25 23:03:17 +02:00
Régis Hanol
56c870cca2
add support for 1.5 pixel ratio
2016-04-06 10:57:59 +02:00
Guo Xiang Tan
b41aa27a84
FEATURE: Support multisite in PostgreSQL fallback adapter.
2016-03-02 21:37:37 +08:00
Neil Lalonde
f4d44187c8
FIX: site_contact_user should default to system user, not first admin user
2015-11-24 14:37:41 -05:00
Sam
805120fc95
FEATURE: add connnection reaping based on maximum age
...
This feature ensures connections to the db are always attempted to be closed
after 600 seconds of idle time.
2015-10-17 11:29:16 +11:00
Régis Hanol
fe656fb04d
FIX: select appropriate period when redirecting to top
2015-09-21 20:28:20 +02:00
Kane York
c9e4745fe8
FIX: Return 410 Gone for deleted topics you could otherwise see
2015-09-18 00:14:43 -07:00
Régis Hanol
a501947d67
FEATURE: suppress categories from the homepage
2015-09-02 20:25:18 +02:00
Sam
2876725e1b
REFACTOR: remove hacky search from discovery
2015-07-27 16:47:06 +10:00
Robin Ward
8a9fa3e5bf
FIX: Error reloading dev due to conditional require
2015-07-14 14:52:35 -04:00
Sam
8252f4e110
FEATURE: allow use of redis sentinel via redis_sentinels
...
Use: DISCOURSE_REDIS_SENTINELS and DISCOURSE_REDIS_HOST to configure redis
sentinel
2015-06-25 16:51:48 +10:00
Régis Hanol
c3227b69fa
FIX: proper support for pixel ratios up to 3
2015-05-29 09:57:54 +02:00
Régis Hanol
85d4d3223c
FIX: crop avatars on the server instead of the client
...
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Sam
147ea002f7
FIX: allow handling for avatars that are not in the set of "resized sizes"
2015-05-26 15:41:50 +10:00
Régis Hanol
bb0c2813ac
FEATURE: generate (avatar) thumbnails in a background task
...
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar
PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Sam
df5be88a77
fallback to hardcoded version if installed and not using git
2015-05-22 11:22:12 +10:00
Régis Hanol
9a96cd9f3b
CRUSHED: duplicate key value violates unique constraint 'index_uploads_on_sha1'
2015-05-07 01:00:13 +02:00
Sam
b7e7da766d
avoid static method so we can easily inherit off this class
2015-05-06 09:53:29 +10:00
Sam
803feefd54
MessageBus handles readonly redis now, no need to wrap it
2015-05-04 12:21:00 +10:00
Robin Ward
16408cee06
Allow Postgres to trigger readonly mode for the site.
2015-04-29 11:49:58 -04:00
Robin Ward
de42c627c5
Allow plugins to specify a minimum `requires version`
2015-04-27 13:07:12 -04:00
Robin Ward
3a6efa25f0
Allow ReadOnly to propogate up to the Ember app via Response Header
2015-04-24 14:37:16 -04:00
Robin Ward
5b3f99aa50
Don't blow up if Redis switches to READONLY
2015-04-24 14:37:16 -04:00
Robin Ward
19a9a8b408
`NewPostManager` determines whether to queue a post or not
2015-04-15 14:54:36 -04:00
Sam
2a2bd3e946
regression and missing filter
2015-04-02 16:30:34 +11:00
Sam
4dbd065026
work-in-progress full page search
2015-04-02 16:02:07 +11:00
Sam
23ed7e9db8
Exceptions we use in the app should inherit off StandardError
2015-03-23 12:16:21 +11:00
Sam
71d6266f98
REGRESSION: exceptions are handled natively by logster
2015-02-27 13:05:51 +11:00
Sam
6960639c58
Merge pull request #3190 from riking/thrown_logging
...
Delete old ErrorLog, use Logster for 500 errors
2015-02-23 14:19:16 +11:00
Sam
d56b71851b
FEATURE: configurable connection reaping settings
2015-02-17 09:58:43 +11:00
Régis Hanol
9a637836d0
FEATURE: readonly safeguard
2015-02-11 21:50:17 +01:00
Robin Ward
8d46de4819
Add a spec for the new plugins controller
2015-02-10 12:35:53 -05:00
riking
68ccd2d664
FEATURE: All 500 errors now show up in Logster
...
Added Discourse.handle_request_exception()
2015-02-09 12:48:33 -08:00
riking
5657006aca
Rename handle_exception to handle_job_exception
2015-02-09 12:47:46 -08:00
Robin Ward
25daca8f23
Helpers for plugins to support enabling/disabling
2015-02-04 16:23:56 -05:00
Sam
ba186b25a7
FEATURE: optional top level bookmarks tab
2015-01-25 15:53:11 +11:00
Sam
efc717c14a
FEATURE: remove star concept from Discourse
2015-01-07 13:43:27 +11:00
Robin Ward
eb512f07a7
FIX: Spec failures for feeds related to enabling categories as default
...
page for anons when latest is deleted.
2014-09-11 15:30:41 -04:00
Robin Ward
0eaf023025
FIX: If `latest` is removed (why?) don't 404 on root
2014-09-11 14:42:45 -04:00
Neil Lalonde
19cba7bb0f
Version checks include the branch
2014-09-09 17:35:51 -04:00
Sam
f897c89d48
FIX: run reaper after fork
2014-08-11 17:51:55 +10:00
Neil Lalonde
fc22127726
FIX: only admin can edit faq, tos, and privacy policy
2014-07-29 10:40:09 -04:00
riking
a69efada85
Realign method comment
2014-07-17 15:07:25 -07:00
riking
12cb682548
Start passing more context to Discourse.handle_exception
2014-07-17 14:11:56 -07:00
riking
2b5a955c18
Pass more context from Sidekiq jobs to Logster
2014-07-17 11:19:59 -07:00
Sam
7e1bd88c33
BUGFIX: eliminate drafts for system user
2014-06-25 10:55:35 +10:00
Sam
48790368a0
BUGFIX: system user needs no drafts.
2014-06-25 10:45:20 +10:00
Sam
a2e2d0e886
Merge pull request #2316 from mutiny/refactor-where-first
...
Refactor `where(...).first` to `find_by(...)`
2014-05-08 09:10:45 +10:00
Sam
d648b04eef
forgot to reconnect logster post fork
2014-05-08 08:05:28 +10:00
Louis Rose
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Sam
c6f9cc0787
UPGRADE: sidekiq to sidekiq 3.0
2014-04-23 11:01:17 +10:00
Sam
ead7c52a06
Refactor demonizer in prep for unicorn forking
...
Upgrade sidekiq
2014-04-17 15:58:00 +10:00
Régis Hanol
bb0baa6d7c
BUGFIX: properly reconnect to the current db after forking
2014-04-07 19:38:47 +02:00
Sam
f3cc7360e0
BUGFIX: Correct after_fork semantics
...
After fork SiteSettings was not getting a new process id,
causing site settings not to refresh properly in unicorn
This code also centralizes the logic
2014-03-31 12:34:13 +11:00
riking
ccd3e635d2
Refresh the site after updating certain site settings
2014-03-06 20:24:23 -08:00
Sam Saffron
2ab76f60d1
FEATURE: Discoruse.handle_exception
...
to report exception via sidekiq helper, adds extra context
2014-02-21 14:30:25 +11:00
Régis Hanol
a682c8fc91
BUGFIX: do not push read-only signal to ALL sites
2014-02-19 18:21:41 +01:00
Régis Hanol
e7472dc374
readonly mode
2014-02-13 13:31:13 -08:00
Régis Hanol
bfc9664231
BUGFIX: site_contact_username was case-sensitive
2014-01-23 11:26:31 +01:00
Robin Ward
4981525047
REFACTOR: Fixes poor class hierarchy for listing topics
...
- Upgrades Ember to latest
- Fixes a bunch of bugs with page titles and missing "active" states
2014-01-18 19:26:24 +01:00
Sam
a247389d4e
FEATURE: automatically update site to latest version of assets
...
if a user neglects to move around the site it will prompt to do so 2 hours in
2014-01-15 12:08:35 +11:00
Neil Lalonde
52580f09af
Rename favorite to starred everywhere
2014-01-10 14:54:19 -05:00
Sam
1533a1163c
use_ssl is just confusing, it means use_https , fix name of setting
2014-01-09 10:51:38 +11:00
Régis Hanol
567d2bd23c
add top page
2013-12-24 00:50:36 +01:00
Sam
3fa48f8d76
Style fix: https://twitter.com/andrzejkrzywda/status/404943844896423937
2013-11-26 10:21:41 +11:00
Régis Hanol
37fd7ab574
pull hotlinked images
2013-11-05 19:07:29 +01:00
Sam
7993845bfa
add current_user_provider so people can override current_user bevior cleanly, see
...
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Sam
2ce4468aa5
rename system_username to site_contact_username , system_user is a special user with -1 id that is only used for certain admin tasks
...
for example system_user will autoclose stuff if needed, it will delete stubs and be the target for flag pms
2013-09-06 17:28:37 +10:00
Sam
41a1b6942d
notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
...
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Sam
213ce33af2
Fixed all broken specs
...
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
075002a6d5
refactoring the plugin interfaces to allow for better extensible
2013-08-26 12:59:17 +10:00
Régis Hanol
4ec9b3ea39
fix: git-version isn't showing up
2013-08-02 23:25:57 +02:00
Robin Ward
4f0713b9da
Merge pull request #1275 from ZogStriP/enable-thumbnailing-on-s3
...
Enable thumbnailing on s3
2013-08-01 07:35:35 -07:00
Sam
4fcba7a6f1
when there are no providers do not blow up
2013-08-01 16:05:46 +10:00
Sam
160107a712
working plugin interface for custom openid auth, custom css and custom js
2013-08-01 16:02:43 +10:00
Régis Hanol
ed9417fa3b
enable thumbnailing on S3
...
- added url to optimized image model
- refactored s3_store & local_store
2013-07-31 23:26:34 +02:00
Sam
aa6c92922d
SECURITY: correct our CSRF implementation to be much more aggressive
2013-07-29 15:13:13 +10:00
Sam
799b402778
fix horribly broken invite code, could lead to inviting the wrong person to a conversation
2013-06-19 10:31:19 +10:00
Régis Hanol
e3e55d4dad
fix image uploads on s3/imgur
2013-06-05 00:35:42 +02:00
Sam
2e87974cb5
fix very wonky logic around hostname calculation
2013-05-31 08:48:34 +10:00
Sam
160567e372
Revert "fix wonky logic figuring out host name"
...
This reverts commit 114fcb4734
.
2013-05-31 08:41:29 +10:00
Sam
114fcb4734
fix wonky logic figuring out host name
2013-05-31 08:39:52 +10:00
Robin Ward
d554a59102
Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
...
to the same host enough tiles, they will not be able to post the same link again.
Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam
b6bf95e741
speed up startup (avoid loading some gems on startup)
...
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Wojciech Kocjan
68bdab6635
Post processing of images adds prefix second time when post processing a post with one or more images if running with a prefix
2013-04-05 12:38:20 +02:00
Wojciech Kocjan
a875b1c44a
Store base URI in Discourse.BaseUri and use it in all places where rootURL was previously used
2013-04-04 11:16:38 +02:00
Wojciech Kocjan
e6ccc300dc
Support for running discourse with a prefix (i.e. as http://servername/discourse )
2013-03-16 00:01:21 +01:00
Gosha Arinich
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
Sam Saffron
0e48e1c346
clean up git version stuff a tad
2013-02-18 18:01:36 +11:00
Sam Saffron
d9a84ddd01
chuck git version at the bottom of the page
2013-02-18 17:39:54 +11:00
Sam Saffron
0f88947279
fix onebox for your own site
2013-02-06 16:22:11 +11:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00