Sam
df751ed6ec
Merge pull request #4457 from JaredReisinger/github-auth-with-email-whitelist
...
Add support for email whitelist/blacklist to GitHub auth
2016-09-23 09:49:14 +10:00
Robin Ward
3c12dd6549
FIX: Consider lazyYT divs as links when extracting
2016-09-22 16:50:24 -04:00
pmusaraj
0344388924
added tests and enabled queue when new setting is > 0
2016-09-22 14:51:36 -04:00
Jared Reisinger
2ae7c47a3c
Add support for email whitelist/blacklist to GitHub auth
...
If a site is configured for GitHub logins, _**and**_ has an email domain
whitelist, it's possible to get in a state where a new user is locked to
a non-whitelist email (their GitHub primary) even though they have an
alternate email that's on the whitelist. In all cases, the GitHub
primary email is attempted first so that previously existing behavior
will be the default.
- Add whitelist/blacklist support to GithubAuthenticator (via
EmailValidator)
- Add multiple email support GithubAuthenticator
- Add test specs for GithubAuthenticator
- Add authenticator-agnostic "none of your email addresses are allowed"
error message.
2016-09-22 11:31:10 -07:00
Robin Ward
14bee641aa
Can choose categories or latest as homepage style
2016-09-22 09:52:19 -04:00
Robin Ward
2a0443445b
New step to choose emoji set
2016-09-22 09:52:19 -04:00
Robin Ward
2545c2ffa6
Add new welcome message step
2016-09-22 09:52:19 -04:00
Robin Ward
b0ee7930e8
Server side support for inviting as a moderator via the wizard
2016-09-22 09:52:19 -04:00
Robin Ward
28cd49f02b
Split Logos and Icons into separate steps
2016-09-22 09:52:19 -04:00
Robin Ward
4f9a7aa769
FIX: Prompt for the wizard for the first admin who logs in
2016-09-22 09:52:19 -04:00
Robin Ward
644bcbc253
Make the site contact a drop down of admin users
2016-09-22 09:52:19 -04:00
Robin Ward
74ed2e82ac
UX: Wiggle invalid form elements. Don't allow a site title of Discourse
2016-09-22 09:52:19 -04:00
Robin Ward
29cf47cfb2
Track steps the user has completed, nag them to finish it.
2016-09-22 09:52:19 -04:00
Robin Ward
ef84981e38
Invite Users step
2016-09-22 09:52:19 -04:00
Robin Ward
35b767f6af
Company Name Step which updates the TOS
2016-09-22 09:52:19 -04:00
Robin Ward
28b6c300a0
Clean up wizard updater API for better plugin use
2016-09-22 09:52:19 -04:00
Robin Ward
e3640ee5f6
Privacy Step
2016-09-22 09:52:19 -04:00
Robin Ward
af83c8dc14
Upload Logos Step
2016-09-22 09:52:19 -04:00
Robin Ward
c94e6f1b96
Add locale step
2016-09-22 09:52:19 -04:00
Robin Ward
3f6e3b9aff
Wizard - Color Scheme Step
2016-09-22 09:52:19 -04:00
Robin Ward
9f12b571ef
Wizard: Server Side Validation + Finished Step
2016-09-22 09:52:19 -04:00
Robin Ward
3a4615c205
Wizard: Step 1
2016-09-22 09:48:58 -04:00
Sam
8dc4329094
FEATURE: optionally get extra profile info from facebook
...
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
Erick Guan
c463cf63d4
FEATURE: Webhook for user creation and approval
2016-09-19 10:12:55 +08:00
Arpit Jalan
e46204d195
FIX: allow long words if they contain periods
2016-09-13 09:15:05 +05:30
Robin Ward
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
Guo Xiang Tan
35bc0c943f
More randomly failing specs fixes.
2016-09-05 19:33:03 +08:00
Guo Xiang Tan
1f70fc9e11
Make sure we reset global in specs.
2016-09-05 18:18:14 +08:00
Guo Xiang Tan
31d900f7e7
Fix build.
2016-09-05 17:03:41 +08:00
Guo Xiang Tan
aa1f306894
Properly clean up plugin event in specs..
2016-09-05 16:10:03 +08:00
Guo Xiang Tan
aabb7a8592
FIX: DiscourseEvent should not be triggered from within the controller.
2016-09-05 15:58:04 +08:00
Guo Xiang Tan
ec90655c41
FIX: Clean up specs properly.
2016-09-05 15:48:59 +08:00
Guo Xiang Tan
aa9decf6fd
Remove `DiscourseEvent.clear`.
2016-09-05 15:17:49 +08:00
Sam
59640bae3b
FIX: absolute URL for CDN should always be rooted with a protocol
2016-09-05 15:57:46 +10:00
Guo Xiang Tan
2f39293867
FIX: User enabled readonly mode was not working.
2016-08-25 23:31:59 +08:00
Neil Lalonde
7a81669c18
SECURITY: don't allow re-using the current password during password reset
2016-08-24 12:27:21 -04:00
Régis Hanol
038eb6f645
FIX: translations with a symbol as key should also be overridable
2016-08-24 11:53:03 +02:00
Robin Ward
c3a3aff120
FEATURE: Support for a whitelist for embeddable host paths
2016-08-23 14:56:12 -04:00
Arpit Jalan
4a2f0e772c
add specs for post ownership change without revision
2016-08-20 01:27:48 +05:30
Robin Ward
4061725a95
FIX: Don't ever grant badges when they're disabled
2016-08-19 15:16:37 -04:00
Guo Xiang Tan
3141c179f7
REFACTOR: Get bucket name from S3Helper.
2016-08-19 14:08:37 +08:00
Sam
3ea68f8f6c
tweak headers so they can be consumed
2016-08-18 14:38:33 +10:00
Guo Xiang Tan
7ff1f6cb9d
Allow custom bucket name for `FileStore::S3Store`.
2016-08-16 15:25:42 +08:00
Neil Lalonde
3b792054f2
Merge pull request #4387 from gdpelican/feature/tags-intersection
...
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
James Kiesel
554d15fdd4
Add extra spec for topic_query
2016-08-15 15:42:06 -04:00
Guo Xiang Tan
0433163866
FEATURE: Support subfolders in `SiteSetting.s3_backup_bucket`.
2016-08-15 16:14:51 +08:00
Sam
fc095acaaa
Feature: User API key support (server side implementation)
...
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
Guo Xiang Tan
aa5de3c40a
FEATURE: Support subfolders in S3 bucket name.
...
This commit also fixes a bug where s3 uploads are not
moved to a tombstone folder when removed.
2016-08-15 13:07:41 +08:00
Guo Xiang Tan
3378ee223f
FIX: Incorrect path being passed to `S3Store#remove_file`.
2016-08-15 11:35:30 +08:00
Robin Ward
aef954784a
FIX: `nofollow` was being added during post processing when it shouldn't
2016-08-12 15:35:13 -04:00
James Kiesel
7e73b933c7
First pass
2016-08-12 15:28:46 -04:00
Robin Ward
7e165d031b
FIX: Short terms will be searched for if at least one is long enough
2016-08-11 11:53:14 -04:00
Guo Xiang Tan
6075debc90
Add specs to hidding settings when shadowed by a global.
2016-08-11 16:04:45 +08:00
Guo Xiang Tan
11afb20772
SECURITY: Escape HTML in filename.
2016-08-11 11:27:12 +08:00
Guo Xiang Tan
6288d4c995
FIX: Revised post not updated correctly when merging posts.
2016-08-11 09:01:54 +08:00
Robin Ward
fc311dbe3b
FEATURE: An option to search more recent posts for very large sites.
...
On very large forums searching posts can be slow, so this commit
introduces the ability to try and search only the most recent posts
first, and then going for a larger breadth search if there aren't
enough results.
Enable `search_prefer_recent_posts` and you can customize how many
recent posts to filter with `search_recent_posts_size`
2016-08-10 15:43:42 -04:00
Régis Hanol
e55e2aff94
FIX: FirstReplyByEmail badge wasn't granted
...
DEPRECATED: PostProcess badge trigger
2016-08-10 19:24:01 +02:00
Robin Ward
cc366d5a60
FIX: Search in non-english should have a smaller minimum
2016-08-09 15:20:28 -04:00
Robin Ward
28436a604a
FIX: Prevent tricking the search from ignoring minimum lengths
2016-08-09 14:49:46 -04:00
Sam
5cc8bb535b
SECURITY: do cookie auth rate limiting earlier
2016-08-09 10:02:18 +10:00
Régis Hanol
51322a46b3
FEATURE: retry processing incoming emails on rate limit
2016-08-08 22:28:27 +02:00
Neil Lalonde
f10c4682cd
FIX: muted tags showing in latest topic list
2016-08-04 11:54:48 -04:00
Régis Hanol
b08ab829b8
added 'X-Auto-Response-Suppress' email header (props to elijah)
2016-08-03 11:02:07 +02:00
Robin Ward
2891f230d1
SECURITY: Make sure uploaded_urls have corresponding upload records
2016-07-28 13:54:17 -04:00
Robin Ward
dc1a830d3d
SECURITY: SQL Injection in Admin List Active Users
2016-07-28 11:42:06 -04:00
Sam
16a383ea1e
SECURITY: limit bad cookie auth attempts
...
- Also cleans up the _t cookie if it is invalid
2016-07-28 12:58:49 +10:00
Andre Pereira
8cbd585e20
FEATURE: Allow staff users to merge posts.
2016-07-27 12:04:14 +08:00
Robin Ward
2a4006fe0c
Add `YandexBot` to our list of crawlers
2016-07-26 13:21:37 -04:00
Sam
b5fbff947b
FIX: don't expire old sessions when logging in
2016-07-26 11:37:41 +10:00
Jeff Atwood
1379bd5053
fix all v=2 spec / test errors for emoji
2016-07-25 15:53:48 -07:00
Sam
12ecf8624a
FIX: tokenize words with dots correctly
...
hello.world is now tokenized as "hello.world" and "world" that way the word
"world" will find the post with "hello.world"
2016-07-25 16:26:33 +10:00
Sam
e01802a13b
FIX: strip quote from search term when searching within topic
2016-07-25 15:06:25 +10:00
Sam
df535c6346
FEATURE: refresh session cookie at most once an hour
...
This feature ensures session cookie lifespan is extended
when user is online.
Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Sam
12dc511fea
PERF: make score calculator cheaper when site has long topics
2016-07-22 09:48:44 +10:00
Neil Lalonde
7c092b0fe0
FEATURE: add filter to show topics that have not been tagged
2016-07-20 16:21:51 -04:00
Robin Ward
12cfc8cedd
FIX: Email cooker should support links within blockquotes
2016-07-18 14:38:40 -04:00
Robin Ward
6db50b820d
FIX: Email cooker should link links that don't begin a line
2016-07-18 13:46:13 -04:00
Sam Saffron
46b34e3c62
FEATURE: remove user option for edit history public
...
Users can no longer opt-in for "public" edit history
if site owner disables it.
This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00
Régis Hanol
caa1aea995
FIX: ensure emojis have absolute URLs and uses CDN
2016-07-15 18:37:51 +02:00
Guo Xiang Tan
5fe4837e28
Add `PostCreator#create!`.
2016-07-15 11:36:06 +08:00
Hu Ming
f8a12d4940
Add support for AWS cn ( #4327 )
2016-07-14 16:56:09 +02:00
Guo Xiang Tan
41cbdb5dfa
Fix the build.
2016-07-13 19:14:40 +08:00
Robin Ward
bb90129731
Improvements to email cook text rendering
2016-07-12 13:49:03 -04:00
Robin Ward
0c3b049176
FIX: Autolinking in email formatter was broken
2016-07-12 13:33:13 -04:00
Rafael dos Santos Silva
5915929166
FIX: Unicode aware text sentinel ( #4301 )
...
* FIX: Handle unicode text on Text Sentinel
Uses active_support to properly handle unicode text
* Adds test cases to unicode Text Sentinel
2016-07-12 11:08:55 -04:00
Robin Ward
a546395397
REFACTOR: Migrate markdown functionality in ES6
2016-07-11 12:57:05 -04:00
Arpit Jalan
2facb6190f
FEATURE: new site setting download_remote_images_max_days_old
2016-07-06 19:33:51 +05:30
James Kiesel
3588780ac3
Don't reject likes by email for closed topics ( #4311 )
2016-07-05 17:33:08 +02:00
Guo Xiang Tan
f256e3afb6
Merge pull request #4297 from tgxworld/handle_user_enabled_readonly_mode
...
Handle user enabled readonly mode
2016-07-05 19:54:32 +08:00
Régis Hanol
59680af329
disable email white/blacklisting for staged users
2016-07-04 16:05:01 +02:00
Guo Xiang Tan
bd07658a37
PERF: Split queries when cleaning uploads.
...
This reduces the number of scans that the db has to do in the query
to fetch orphan uploads. Futheremore, we were not batching our
records which bloats memory.
2016-07-04 16:34:32 +08:00
Sam
d61df21d69
FEATURE: allow people to send messages to themselves (for notes etc)
2016-07-04 11:36:43 +10:00
Sam
92daf44daf
correct random suggested topic selection
2016-07-04 10:34:54 +10:00
Sam
e858def372
remove invalid specs
2016-07-04 10:34:26 +10:00
Arpit Jalan
2f3ee3b658
FEATURE: new site setting suggested_topics_max_days_old
2016-07-03 15:07:56 +05:30
Matt Palmer
7a1e99dacb
Add some clarifying specs around new-topic-creating emails work
...
Strangers get to create new topics (if the appropriate tickbox is ticked)
but low-TL existing users don't. That might seem a bit backwards, but
the tickbox says 'strangers', not 'everyone'.
2016-06-30 22:24:25 +10:00
Sam
b15f6bd211
FIX: s3 cdn urls not remapped correctly
2016-06-30 18:58:38 +10:00
Guo Xiang Tan
8db3ab5f2a
Merge pull request #4292 from tgxworld/rename_use_https_to_force_https
...
Rename `SiteSetting#use_https` to `force_https`.
2016-06-29 15:17:57 +08:00
Guo Xiang Tan
64858c10fe
FIX: Set a not expiring key for user enabled readonly mode.
2016-06-29 15:10:01 +08:00
Guo Xiang Tan
20359788dc
Rename `SiteSetting#use_https` to `force_https`.
2016-06-29 15:02:43 +08:00