Daniel Waterworth
9cf77372a2
FIX: Guardian#can_remove_allowed_users? shouldn't break for ownerless topics
...
A topic can outlive its original author. TopicGuardian should still work
in this situation.
2020-06-19 10:35:52 +01:00
Joffrey JAFFEUX
4b793a1072
FIX: allows PM owner to remove any user if >= TL2 ( #10036 )
2020-06-12 12:54:28 +02:00
Dan Ungureanu
c5e3faac00
FIX: Recovered posts with no user will be taken over by system user ( #8834 )
2020-02-06 10:19:04 +02:00
mintsaxon
4b54791bcc
FIX: Notify staged users about private categories ( #8765 )
...
group membership and `CategoryUser` notification level should be
respected to determine whether to notify staged users about activity in
private categories, instead of only ever generating notifications for staged
users' own topics (which has been the behaviour since
0c4ac2a7bc
)
2020-01-22 16:33:25 -03:00
Roman Rizzi
0c4ac2a7bc
Merge pull request from GHSA-569c-22ff-pj3x
2020-01-16 15:17:16 -03:00
Vinoth Kannan
31577b2131
FEATURE: wiki editors are allowed edit tags for wiki topics.
...
If a wiki editor's TL is greater than 'min trust level to tag topics' site setting then they can edit the tags for any wiki topic.
2019-10-23 23:35:38 +05:30
Dan Ungureanu
fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. ( #8014 )
...
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.
This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
Rimian Perkins
6bbd83067d
FEATURE: New post editing period for >= tl2 users ( #8070 )
...
* FEATURE: Add tl2 threshold for editing new posts
* Adds a new setting and for tl2 editing posts (30 days same as old value)
* Sets the tl0/tl1 editing period as 1 day
* FIX: Spec uses wrong setting
* Fix site setting on guardian spec
* FIX: post editing period specs
* Avoid shared examples
* Use update_columns to avoid callbacks on user during tests
2019-09-06 07:44:12 -04:00
Joffrey JAFFEUX
71bf9ec1b2
FEATURE: opt-in guidance on topics for users without access ( #7852 )
...
Co-Authored-By: majakomel <maja.komel@gmail.com>
Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2019-07-04 10:12:39 +02:00
Arpit Jalan
3c64dc3e7d
FIX: do not allow creation of topic if there is no category available for posting ( #7786 )
2019-06-26 16:32:53 +05:30
Sam Saffron
39b856dce7
DEV: correct edge case introduced in 333b5a19
...
We need to allow users to edit uncategorized topics out of uncategorized
when for some reason admin just turns it off.
2019-06-26 17:53:29 +10:00
Bianca Nenciu
557805249d
FIX: Ensure topic exists before making a banner. ( #7781 )
2019-06-25 13:49:29 +03:00
Robin Ward
e8b9f38374
FIX: Don't allow users to edit topic information when the OP is locked
...
see:
https://meta.discourse.org/t/user-able-to-edit-title-of-locked-post/104826
2019-06-18 14:22:38 -04:00
Sam Saffron
30990006a9
DEV: enable frozen string literal on all files
...
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.
Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Blake Erickson
5b5b5a5931
FIX: return an error if a user tries to whisper
...
This commit fixes a bug where a user creates a whisper post via the api
but is posted as a regular message because they don't have access to
whisper. Now a 403 unauthorized will be returned instead of the whisper
param just being ignored for regular users. Staff users should not be
affected by this change.
https://meta.discourse.org/t/a-whisper-is-posted-as-a-message-if-the-user-is-not-staff-moderator-admin-when-using-the-api/116601
2019-05-07 11:42:26 -06:00
Robin Ward
31e100530f
FEATURE: Flag count in post menu
...
This change shows a notification number besides the flag icon in the
post menu if there is reviewable content associated with the post.
Additionally, if there is pending stuff to review, the icon has a red
background.
We have also removed the list of links below a post with the flag
status. A reviewer is meant to click the number beside the flag icon to
view the flags. As a consequence of losing those links, we've removed
the ability to undo or ignore flags below a post.
2019-05-06 16:13:31 -04:00
Arpit Jalan
d68d29f37a
FIX: only staff can banner topics
2019-04-02 12:46:55 +05:30
Bianca Nenciu
034b8a7ecc
FIX: Let users delete topics.
...
Follow-up to 31053f30de
.
2019-03-29 22:00:36 +02:00
Bianca Nenciu
31053f30de
FEATURE: Let users delete their own topics. ( #7267 )
2019-03-29 17:10:05 +01:00
Gerhard Schlager
c30996129f
FEATURE: Allow TL4 users to reset bump date
2019-01-02 16:57:05 +01:00
Gerhard Schlager
b9072e8292
FEATURE: Add "Reset Bump Date" action to topic admin wrench ( #6246 )
2018-08-10 10:51:03 +10:00
Kyle Zhao
2901691e87
FEATURE: per-category approval settings ( #5778 )
...
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
Guo Xiang Tan
3bfd9698c7
PERF: Avoid running the same query twice in `TopicViewSerializer#details`.
2018-05-24 16:46:13 +08:00
Robin Ward
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Guo Xiang Tan
2ad2ed2eb2
FIX: Couldn't move a topic into the uncategorized category.
2018-03-13 10:20:47 +08:00
Robin Ward
cd6c5fc5fb
FIX: Disable "Make Personal Message" if they are disabled
2018-03-02 20:28:39 -05:00
Sam
75172024ca
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:27 +11:00
Robin Ward
69af881f7f
New site setting `trusted_users_can_edit_others`
...
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan
25c25ae423
FEATURE: Allow user to leave a PM.
2017-10-19 12:32:55 +08:00
OsamaSayegh
79f3d299a1
Don't allow category definition topics to be converted to PMs ( #5216 )
2017-10-02 10:04:58 +02:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Guo Xiang Tan
a28704bcee
FIX: Can't recover a post when its user has been deleted.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
Leo McArdle
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Robin Ward
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
Régis Hanol
5eda2f43c6
small topic/category guardians refactor
2016-06-27 14:36:57 +02:00
Neil Lalonde
0f8b4dcc86
FIX: trust level 3 should not be able to edit topics in categories that restrict them from doing so
2016-06-01 15:42:10 -04:00
Arpit Jalan
b25d950d99
FEATURE: allow moderators to convert a private message to public topic or vice versa
2016-05-04 22:47:32 +05:30
Arpit Jalan
acfb540952
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-02 21:34:05 +05:30
Sam
8ba57c0ffd
FIX: restrict moderators from creating/editing topics in readonly categories
...
In the past moderators had blanket access to all categories they were allowed
to see. This tightens down the restriction.
2016-04-13 15:59:38 +10:00
Arpit Jalan
106e3c897f
FIX: TL3 users should not be able to edit title of archived topics
2016-01-29 01:16:41 +05:30
Kane York
c9e4745fe8
FIX: Return 410 Gone for deleted topics you could otherwise see
2015-09-18 00:14:43 -07:00
Régis Hanol
d5a2029026
FIX: category permissions weren't properly loaded when /categories is the homepage
...
FIX: don't scope to a specific category when creating a new topic from /categories
2015-09-07 18:52:53 +02:00
Robin Ward
f9069c350f
FIX: Permission issues when editing topics
...
If a user can't create a topic in a category, they should'be be
able to edit topics.
2015-04-30 17:08:12 -04:00
riking
1c0658e204
FIX: People could retitle restricted topics
...
Sort of a security fix but not really
2015-02-25 21:09:53 -08:00
Régis Hanol
1a070b16e4
FIX: use the 'post edit time limit' for topics too
2015-02-25 20:53:21 +01:00
Robin Ward
e207ca36ee
Easier helper for filtering secured categories
2015-02-12 11:52:59 -05:00
Sam
0f585bcdbe
FIX: PM should never be allowed to have a category
...
FIX: TL3 should not be allowed to muck with PM titles
2014-09-11 17:39:34 +10:00
Sam
59d04c0695
Internal renaming of elder,leader,regular,basic to numbers
...
Changed internals so trust levels are referred to with
TrustLevel[1], TrustLevel[2] etc.
This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Neil Lalonde
2f32af3941
FIX: staff should be able to edit topics that have been archived
2014-08-15 12:45:05 -04:00
Neil Lalonde
5caf72510c
Prevent deleting the static page doc topics
2014-08-13 17:03:45 -04:00
Sam
6eaaf6714c
FIX: logic for can_see_topic?
2014-08-05 14:37:53 +10:00
Neil Lalonde
fc22127726
FIX: only admin can edit faq, tos, and privacy policy
2014-07-29 10:40:09 -04:00
riking
19b757b058
FEATURE: Hide deleted posts by default for staff
2014-07-17 10:40:15 -07:00
Neil Lalonde
faed17aa18
Moderators should always be able to create topics too
2014-06-09 15:28:03 -04:00
Neil Lalonde
4d50d0d109
FIX: admins should be able to create topics, even if min_trust_to_create_topic is higher than their trust level
2014-06-09 11:03:21 -04:00
Neil Lalonde
e68e97d986
FIX: moderators can't see private topics that they aren't invited to see.
2014-05-12 15:26:46 -04:00
Régis Hanol
fca6738212
BUGFIX: could not see the revisions of a post in a deleted topic
2014-05-12 16:30:10 +02:00
Neil Lalonde
2c725e2779
FEATURE: Trust level 4 abilities: pin/unpin, close, archive, make invisible, split/merge topic
2014-03-17 14:50:28 -04:00
Régis Hanol
1fd71bb237
BUGFIX: make the system_user an elder (TL=4)
...
Otherwise it won't be able to create topic when the `min_trust_to_create_topic` is > 0
2014-01-21 15:21:38 +01:00
Neil Lalonde
7c8ea8c166
Trust level 3 users can edit topic titles and change category
2014-01-16 11:59:26 -05:00
Patrick
ffb29dea77
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter
...
Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics.
2014-01-10 21:22:54 -06:00