Guo Xiang Tan
86926f4aee
DEV: Let `create!` handle the check for persistence.
...
This is unlikely to fail but we want to know when it does.
2018-12-12 08:36:13 +08:00
Gerhard Schlager
688755baf2
DEV: Improve specs and handle invalid email token
...
Follow-up to 7977b09025
2018-12-11 18:04:10 +01:00
Gerhard Schlager
7977b09025
FEATURE: Activate users invited via email when invite is redeemed
...
Do not send an activation email to users invited via email. They
already confirmed their email address by clicking the invite link.
Users invited via link will need to confirm their email address before
they can login.
2018-12-11 00:09:53 +01:00
Arpit Jalan
b9835cc392
FIX: do not use scheduler for uploading csv file for invite
...
Since the bulk invite process already happens in a dedicated Sidekiq job
2018-07-04 13:28:11 +05:30
Guo Xiang Tan
ad5082d969
Make rubocop happy again.
2018-06-07 13:28:18 +08:00
Arpit Jalan
83245aa508
FIX: better handling of invite links after they are redeemed
...
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
Sam
41986cdb2f
Refactor requires login logic, reduce duplicate code
...
This also corrects the positioning in the chain of the check
and removes misuse of prepend_before_action
2018-02-01 15:17:59 +11:00
Sam
f2e7b74d88
FIX: don't return 200s when login is required to paths
...
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
Arpit Jalan
a2183c3f1d
SECURITY: verify that inviter can invite new user to a topic
2017-10-09 15:59:41 +05:30
Guo Xiang Tan
6fe604b93e
Revert "SECURITY: Fix XSS on unsubscribed page."
...
This reverts commit 190558db9d
.
2017-10-09 09:03:07 +08:00
Guo Xiang Tan
190558db9d
SECURITY: Fix XSS on unsubscribed page.
2017-10-09 08:59:03 +08:00
Régis Hanol
4771b0a99f
FIX: user fields in invite signups were broken
2017-10-04 23:04:24 +02:00
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Guo Xiang Tan
2a17f1ccd7
FIX: Group owners should be able to invite users to their groups.
...
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Robin Ward
f1a6449e4b
SECURITY: Remove disposable invite feature
2017-07-07 20:24:39 -04:00
Arpit Jalan
e7b9b1312e
FEATURE: remove all invites
...
https://meta.discourse.org/t/remove-all-invitations-button-for-the-admin-panel/65207
2017-06-29 22:30:10 +05:30
Arpit Jalan
34996b4eff
FIX: show invite validation error message in response
2017-06-13 22:41:53 +05:30
Arpit Jalan
b9c94aa234
FEATURE: add required user fields to invite accept form
...
UX: make "accept invitation" page consistent with sign up modal
2017-06-12 20:43:07 +05:30
Arpit Jalan
d2c2139da8
FEATURE: require name when accepting invite if 'full name required' setting is enabled
2017-05-29 21:46:43 +05:30
Arpit Jalan
77a8cae094
FIX: rescue specific errors on invite failure
2017-05-02 15:13:33 +05:30
Arpit Jalan
1c23aedccf
FIX: always send password reset email when accepting invite if password is not set
2017-04-18 14:37:06 +05:30
Arpit Jalan
0954367bf4
FIX: send activation email when accepting invite if password is set
2017-04-15 14:59:50 +05:30
Neil Lalonde
d0fbb27f3e
FEATURE: new invite acceptance page, where username can be chosen and password can be set
2017-02-15 16:51:57 -05:00
Arpit Jalan
5523d0dbf9
fix the build
2017-02-03 15:35:33 +05:30
Arpit Jalan
26ccf61ab1
FIX: sane error message when inviting an existing user
2017-02-03 14:27:27 +05:30
Arpit Jalan
9dd09e453b
FEATURE: add explicit confirmation button to accept the invite
2017-01-25 15:50:30 +05:30
Arpit Jalan
e793caf3e3
FIX: only allow CSV file to be uploaded for bulk invite
2017-01-11 16:26:01 +05:30
Arpit Jalan
ce974da9e5
FIX: simplify CSV file upload
2016-12-05 14:09:08 +05:30
Arpit Jalan
b1a94049e0
FIX: only staff can access 'resend all invites' feature
2016-06-07 10:57:08 +05:30
Arpit Jalan
a9c6df198c
FEATURE: rate limit resend invites
2016-06-07 10:24:20 +05:30
Arpit Jalan
7b205ebba4
FEATURE: customize invite email message
2016-06-06 20:15:30 +05:30
Arpit Jalan
c4e1ad0953
FEATURE: Resend all pending invitations
2016-06-03 12:23:13 +05:30
Arpit Jalan
1253afdf95
FIX: invite link should not auto-accept invitation if user is already logged in
2016-02-23 19:49:58 +05:30
Arpit Jalan
4c86758f74
FIX: show proper message on invite error
2015-12-20 22:13:37 +05:30
Arpit Jalan
f2c1dbaa68
FIX: return 422 if the invite is already redeemed
2015-09-16 17:30:00 +05:30
Arpit Jalan
eb96016043
FEATURE: copy invite link for topic invites
2015-08-31 21:15:15 +05:30
Arpit Jalan
4ad07b8c09
FEATURE: generate invite token
2015-08-28 18:29:31 +05:30
Sam
e5888cf090
PERF: avoid preloading json in cases where it is not needed
...
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam
f5af4768eb
FEATURE: add clean support for running Discourse in a subfolder
...
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
Robin Ward
987504c6ab
Rename `no_js` layout to `no_ember`
...
While *sometimes* `no_js` was used for visitors without js (for example
disabling it on your browser) it was also used for some pages that were
disabled to JS capable browsers, including the 404 page.
Even worse, sometimes it was used on pages that *had* Javascript, such
as our `/activate-account` route. It has been renamed to `no_ember` to
indicate what it really is, a layout for the site that doesn't load our
Ember.js application.
2015-01-15 15:56:53 -05:00
Arpit Jalan
78fd99fc40
Feature: resend invites
2014-10-07 01:43:17 +05:30
Arpit Jalan
b3926efebc
convert space to plus for invite email parameter
2014-08-06 14:02:00 +05:30
Arpit Jalan
f571abfaaf
FEATURE: allow staff to send multiple invites to same email
2014-07-30 00:13:11 +05:30
Arpit Jalan
8862a881f8
FEATURE: topic support in disposable invites
2014-07-15 23:11:06 +05:30
Neil Lalonde
766196af87
FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations
2014-07-14 15:42:22 -04:00
Arpit Jalan
575b5e3d13
FEATURE: disposable invite tokens
2014-07-14 21:30:46 +05:30
Arpit Jalan
85ba55dc26
FEATURE: support txt file to be uploaded for bulk invite
2014-07-02 19:21:15 +05:30
Arpit Jalan
727184641e
FEATURE: Bulk Invite
2014-06-09 01:43:39 +05:30
Sam
084ec87850
FEATURE: admins can invite users to groups via the web UI
2014-05-09 18:22:36 +10:00
Louis Rose
1574485443
Perform the where(...).first to find_by(...) refactoring.
...
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Robin Ward
de30af9302
Support for inviting to a forum from a user's invite page.
2013-11-06 12:56:50 -05:00
Robin Ward
b7327942af
Add `deleted_by` to `Trashable` tables
2013-07-09 15:46:36 -04:00
Stephan Kaag
e39cc464b1
Refactor routes in order to be compatible with Rails 4
2013-07-01 20:00:06 +02:00
Neil Lalonde
a86b35c873
Remove the access_password site setting
2013-06-25 15:05:25 -04:00
Sam
2ca734c118
Merge pull request #964 from chrishunt/exclusive-club
...
Add 'invite only' site setting
2013-06-05 16:38:47 -07:00
Chris Hunt
a523fa56ac
Don't require authentication for invites
2013-06-05 11:12:37 -07:00
Ian Christian Myers
3b245031a4
Implemented strong_parameters for Invite/InvitesController.
...
The email parameter is now required using strong parameters and will throw ActionController::ParameterMissing if it is missing. If the email address is incorrect or invalid, Discourse::InvalidParameters will still be thrown.
2013-06-05 00:04:03 -07:00
Sam
e9fc272db7
remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
...
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Wojciech Kocjan
e6ccc300dc
Support for running discourse with a prefix (i.e. as http://servername/discourse )
2013-03-16 00:01:21 +01:00
Robin Ward
d2596c3c4c
Remove unusued site_settings, show checkbox in UI for boolean values, remove restrict_access
...
boolean to avoid locking yourself out by setting access_password to empty string. Minor
UI tweaks.
2013-03-01 14:27:41 -05:00
Jakub Arnold
61654ab8f0
Fix all the trailing whitespace
2013-02-07 16:45:24 +01:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00