41986cdb2f
Refactor requires login logic, reduce duplicate code
...
This also corrects the positioning in the chain of the check
and removes misuse of prepend_before_action
2018-02-01 15:17:59 +11:00
f2e7b74d88
FIX: don't return 200s when login is required to paths
...
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
2d340d1122
FIX: Don't allow username update via update route
...
It's not using the UsernameChanger
2018-01-26 16:53:43 -05:00
dde0fcc658
FEATURE: Allow sending invites to staged users
2018-01-22 15:37:18 +01:00
f74ac826c5
slightly more meaningful error message
2018-01-22 12:20:53 +01:00
672888f526
FIX: handle invalid password reset token
2018-01-09 23:48:17 +05:30
642645ba9a
FIX: broken select badge as user title ( #5474 )
...
* FIX: broken select badge as user title
* selected id wasn’t pass to underlying component
* <none> was rendered as an html tag <none></none>
* overriding a badge name wouldn’t work as it was using badge.name and not badge.display_name
* adds a spec to ensure this behavior is correct
2018-01-05 16:58:15 +01:00
62a27f9d57
FEATURE: warn if attempting to mention a group with too many members
2017-12-21 16:13:57 +11:00
6a2bce1931
FIX: Data loss on update of single user_field.
...
https://meta.discourse.org/t/api-data-loss-caused-by-changed-behaviour-of-custom-user-field-update/74990
2017-12-20 16:33:23 +08:00
96584403cd
SECURITY: prevent staged accounts from changing email
2017-12-14 17:16:49 +11:00
a393d3bcbb
FIX: ensure staged accounts are always inactive
...
If for any reason active is stored in the user model, clear it out
prior to creating an account
2017-12-13 14:22:16 +11:00
e2b64257b3
Fix undefined method for `NilClass` error.
2017-12-12 18:54:29 +08:00
5003f07b2c
FEATURE: new site setting show_inactive_accounts
2017-12-07 19:22:41 +05:30
628275fc31
FIX: Some badge routes were still working even with badges disabled
2017-11-21 12:22:44 -05:00
ed16cba77f
REFACTOR: Raise error if email token fails to create.
2017-11-08 12:02:33 +08:00
d7880af0bb
FIX: change password form validation should instruct admins to use min password length for admin accounts
2017-11-07 16:14:56 -05:00
d320f4840d
FIX: Unable to invite groups that are not public visible into pms.
...
https://meta.discourse.org/t/inviting-groups-broken-in-head/73346/6
2017-11-03 21:40:33 +08:00
edf4af608e
FIX: Better match when searching for groups.
2017-11-02 10:20:14 +08:00
defea6245c
REFACTOR: Always validate email by default.
2017-10-25 13:48:34 +08:00
2db66072d7
SECURITY: signup without verified email using Google auth
2017-10-16 13:51:41 -04:00
1faae3c765
rename forgot_password_strict to hide_email_address_taken
2017-10-03 15:28:31 -04:00
e47f5cedd2
FEATURE: forgot_password_strict setting also prevents reporting that an email address is taken during signup
2017-10-03 15:28:30 -04:00
daf1dda700
FIX: username autocomplete in assign modal wasn't working
2017-10-03 12:49:45 +02:00
8140e54675
FIX: More fixes for `Group#mentionable` and `Group#messageable` feature.
2017-10-02 17:45:58 +08:00
f6c484881b
FIX: wasn't able to save watched/tracked/muted categories/tags
2017-09-29 13:09:48 +02:00
cd6dff58dd
FIX: add user option/profile fields that were not permitted
2017-09-28 14:59:53 +02:00
af01e62b14
FIX: wasn't allowed to set a user's title anymore
2017-09-26 20:13:24 +02:00
28c54b42c5
FIX: wasn't able to update user options anymore
2017-09-26 20:00:10 +02:00
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
797936d2c5
FIX: don't leak whisper count in user card
2017-09-14 20:08:16 +02:00
171d9e5aed
SECURITY: Prevent users from updating to blacklisted email domains
2017-09-12 10:11:08 -04:00
d7d9923b8e
FIX: display email validation error messages
2017-09-11 13:22:14 -04:00
9f0f086b3e
FEATURE: allow API to mark accounts as approved on creation
2017-08-28 15:36:46 -04:00
6c997b65d9
optimize enqueuing activation email code
2017-07-31 22:57:39 +05:30
2e2b5e28aa
FIX: add slight delay when enqueuing activation email
2017-07-31 16:52:07 +05:30
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
d0b027d88d
FEATURE: phase 1 of supporting multiple email addresses
2017-07-20 11:22:27 +09:00
5994c85ea9
FIX: Raise the right error when email params is missing.
2017-06-12 17:48:32 +09:00
54bb2a6bc2
FIX: Don't redirect to wizard when resetting password
2017-06-07 12:36:52 -04:00
2cad739262
FIX: Better error message when username change fails.
...
https://meta.discourse.org/t/500-error-on-username-edit/64064
2017-06-07 10:45:53 +09:00
b584264d82
FIX: Don't show "resend email" option when user approval is on
2017-05-25 15:29:05 -04:00
57a2042ef6
FIX: Quiet server side errors for requesting json for account-created
2017-05-04 12:30:13 -04:00
81190f5d66
FIX: Redirect away from `account-created` if you're logged in
2017-05-03 11:18:01 -04:00
12fb20fe1b
FEATURE: Allow users to resend/update email from confirmation page
2017-05-03 11:18:01 -04:00
b381372184
Use Ember.js for the `/u/account-created` path so we can add controls
2017-05-03 11:18:01 -04:00
0722ffadf1
Remove site settings enforce_global_nicknames and discourse_org_access_key
2017-05-01 14:53:16 -04:00
ea26c56631
FIX: redirect to login page for anonymous user when profiles are hidden
2017-04-20 13:00:45 +05:30
04016f0dec
Support Ruby 2.4.
2017-04-15 12:29:00 +08:00
57788200ec
REFACTOR: Add `User.reserved_username?`.
2017-04-13 10:44:26 +08:00
5943543ec3
FIX: Improve checks for non-human users.
2017-04-06 11:29:34 +08:00
Sam
Robin Ward
Gerhard Schlager
Régis Hanol
Arpit Jalan
Joffrey JAFFEUX
Philipp Daniels
Guo Xiang Tan
Neil Lalonde
Guo Xiang Tan
Leo McArdle