db929e58fc
FIX: Don't allow staff to approve users with unverified emails
2017-09-04 12:55:39 -04:00
bb3a5910d7
Support for sending PMs to email addresses ( #4988 )
...
* Added support for sending PMs to email addresses.
* Made changes after review.
* Added settings validator.
* Fixed tests.
2017-08-28 12:07:30 -04:00
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
2a17f1ccd7
FIX: Group owners should be able to invite users to their groups.
...
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
f1a6449e4b
SECURITY: Remove disposable invite feature
2017-07-07 20:24:39 -04:00
c243861b17
FIX: do not show "Send Activation Email" button if `must_approve_users` setting is enabled
...
https://meta.discourse.org/t/error-when-pressing-send-activitation-email-when-must-approve-users-setting-is-enabled/65408
2017-07-04 14:00:50 +05:30
845170bd6b
FEATURE: add support for group visibility level
...
There are 4 visibility levels
- public (default)
- members only
- staff
- owners
Note, admins and group owners ALWAYS have visibility to groups
Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
e7b9b1312e
FEATURE: remove all invites
...
https://meta.discourse.org/t/remove-all-invitations-button-for-the-admin-panel/65207
2017-06-29 22:30:10 +05:30
908433a7a0
SECURITY: Validate the `entity` when downloading a CSV
2017-05-19 16:00:51 -04:00
28f486cb7a
FIX: Regular users shouldn't be able to invite to PMs if disabled
2017-05-19 12:57:21 -04:00
5d9d2cf287
FIX: do not explicitly show email of flagger / flagged user
2017-04-20 22:09:30 +05:30
96f2335c09
FIX: Corrects typo to avoid error 500 on theme change
2017-04-15 01:21:53 +01:00
def7348777
FIX: display custom sections with default theme
...
also cleans up mechanism for previewing themes, cleans up naming,
gets rid of old janky "preview_style", secures local theme key
2017-04-14 13:35:12 -04:00
213a496203
FIX: show all staff events related to the target user
2017-02-22 13:31:40 +05:30
b32f33b3f0
FIX: allow staff members to send PMs when enable_private_messages is disabled
2017-02-22 11:32:09 +05:30
046cbad10b
FEATURE: add a button on admin user page that links to action log
2017-02-21 21:38:37 +05:30
dc2171960b
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:01:23 +05:30
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
ab68e0c9db
FEATURE: allow "developer" account flagging via developers table
...
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
d61df21d69
FEATURE: allow people to send messages to themselves (for notes etc)
2016-07-04 11:36:43 +10:00
800081f606
FIX: staged users weren't able to reply in restricted categories
2016-06-26 19:25:45 +02:00
dfdc54957c
FIX: A blocked user should not be able to moderate anything.
2016-06-20 15:51:26 +08:00
b1a94049e0
FIX: only staff can access 'resend all invites' feature
2016-06-07 10:57:08 +05:30
f3f6c2f98f
FEATURE: tag groups
2016-06-06 14:18:48 -04:00
22d7ea1192
FIX: user can't export entity unless they are logged in
2016-05-05 19:12:37 +05:30
e5918c7d00
FEATURE: Merge tagging plugin into core
2016-04-27 11:58:53 -04:00
de82bd946d
FIX: Group members should be able to see their groups even if private
2016-04-26 14:17:53 -04:00
415efd0f5b
FIX: staged user doesn't get notified for replies in topics they created in secured categories
2016-02-24 11:30:17 +01:00
685ba1eb7f
FEATURE: blocked users can send and reply to private messages from staff
2016-01-22 12:54:24 -05:00
9f8d6b6088
FIX: allow exisiting users to be invited to topic/message when enable_local_logins is disabled
2015-10-30 11:28:05 +05:30
e29fe77b45
FEATURE: make trust level for message sending configurable
...
- add min_trust_to_send_messages site setting (default 1) to allow admins
to configure when messages can be sent between members
2015-10-12 11:15:48 +11:00
4d593d1c18
FIX: staff should be immune to max_invites_per_day setting
2015-06-05 10:22:41 +05:30
dd91d5b02f
FEATURE: disable invites by setting max_invites_per_day to 0
2015-05-19 16:51:21 +10:00
d491d4f997
FEATURE: invite existing users to private topic
2015-04-16 00:52:54 +05:30
23e8e1b6c1
Merge pull request #3303 from riking/patch-6
...
FIX: Don't fail topic auto-close if privledges are lost
2015-04-06 11:12:37 +02:00
e8dd5592c6
FEATURE: support inviting existing users to topic and message when SSO is enabled
2015-04-05 14:31:35 +05:30
03b971c3e3
FIX: Don't fail topic auto-close if privledges are lost
2015-03-27 15:31:04 -07:00
1601211617
Revert "FEATURE: allow end users to opt out of getting any private messages"
...
This reverts commit 229ecc4f8a
2015-03-23 17:21:58 +11:00
229ecc4f8a
FEATURE: allow end users to opt out of getting any private messages
2015-03-23 15:50:45 +11:00
0f36774246
group manager can invite members into the group from any restricted topic
2015-03-03 12:18:42 -08:00
a2b284a0a4
table & model changes for group managers with permission to edit membership
2015-01-15 11:44:42 -08:00
78537aad39
FIX: rate limit user posts export
2014-12-31 00:54:23 +05:30
bb152a5b3f
FEATURE: download user posts archive
2014-12-24 15:13:48 +05:30
b09ad87098
FIX: add 'show emails' button from moderators in user admin section
2014-11-03 12:46:08 +01:00
e7f251c105
LOTS of changes to properly handle post/topic revisions
...
FIX: history revision can now properly be hidden
FIX: PostRevision serializer is now entirely dynamic to properly handle
hidden revisions
FIX: default history modal to "side by side" view on mobile
FIX: properly hiden which revision has been hidden
UX: inline category/user/wiki/post_type changes with the revision
details
FEATURE: new '/posts/:post_id/revisions/latest' endpoint to retrieve
latest revision
UX: do not show the hide/show revision button on mobile (no room for
them)
UX: remove CSS transitions on the buttons in the history modal
FIX: PostRevisor now handles all the changes that might create new
revisions
FIX: PostRevision.ensure_consistency! was wrong due to off by 1
mistake...
refactored topic's callbacks for better readability
extracted 'PostRevisionGuardian'
2014-10-27 22:06:43 +01:00
59d04c0695
Internal renaming of elder,leader,regular,basic to numbers
...
Changed internals so trust levels are referred to with
TrustLevel[1], TrustLevel[2] etc.
This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
ee812eb447
FIX: Do not perform grants if badges are disabled
2014-09-02 13:12:27 -07:00
f571abfaaf
FEATURE: allow staff to send multiple invites to same email
2014-07-30 00:13:11 +05:30
575b5e3d13
FEATURE: disposable invite tokens
2014-07-14 21:30:46 +05:30
d99a9b6735
FIX: invite security check broke PM viewing for all admins
2014-07-05 16:56:26 +10:00
48f86181bf
REFACTOR: move all conditions to guardian
2014-07-04 23:04:19 +05:30
4f523ae1b9
Don't allow invites if local logins are disabled, since it provides a way to bypass external auth
2014-06-18 16:46:20 -04:00
727184641e
FEATURE: Bulk Invite
2014-06-09 01:43:39 +05:30
fca6738212
BUGFIX: could not see the revisions of a post in a deleted topic
2014-05-12 16:30:10 +02:00
084ec87850
FEATURE: admins can invite users to groups via the web UI
2014-05-09 18:22:36 +10:00
3f07c1d0a1
Backend support for group invites
2014-05-09 18:22:35 +10:00
f44bd4ec28
Don't allow sending private messages to suspended users. Emails to suspended users should tell them how to respond, since they can't.
2014-05-06 15:01:27 -04:00
1da59e7e2e
FIX: deactivated users shouldn't be able to log in
2014-04-28 13:46:28 -04:00
7993c27ce5
Also allow system_user to send pm's even if enable_private_messages is disabled
2014-04-25 14:52:57 -04:00
ee8bbadfe8
Allow contact user to send private messages even if enable_private_messages is false
2014-04-23 17:00:22 -04:00
84da39f5dc
FIX: Admins should always be able to see groups so they can edit them.
2014-04-23 15:15:46 -04:00
af877781b7
Allow admins to choose if groups are visible or not.
2014-04-22 16:43:46 -04:00
25860622b7
BUGFIX: if SSO is enabled invite system is disabled
2014-04-22 09:17:37 +10:00
38882eb1a7
Remove threequals from ruby files
2014-03-26 12:20:41 -07:00
539890afdf
Let's not show tons of extra information about invites unless you're the
...
person who invited them.
2014-03-21 14:16:11 -04:00
2c725e2779
FEATURE: Trust level 4 abilities: pin/unpin, close, archive, make invisible, split/merge topic
2014-03-17 14:50:28 -04:00
9b26c8584e
Initial badge system implementation.
2014-03-14 21:49:26 +05:30
831ad524e6
added some comments
2014-02-13 13:31:13 -08:00
8711762143
Users who have made no more than one post can delete their own accounts from their user preferences page.
2014-02-13 13:52:06 -05:00
b61df08d1b
FEATURE: Admin selector to choose a primary group for a user, display it
...
and apply a CSS class to their posts.
2014-02-10 17:00:15 -05:00
d9c05fcfc8
SECURITY: dissalow mods from seeing PMs
2014-02-07 14:24:19 +11:00
4fb274fb9d
BUGFIX: history link doesn't work on deleted posts
2014-02-04 20:05:50 +01:00
7c8ea8c166
Trust level 3 users can edit topic titles and change category
2014-01-16 11:59:26 -05:00
ffb29dea77
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter
...
Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics.
2014-01-10 21:22:54 -06:00
259295d865
Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year.
2014-01-09 11:55:04 -05:00
8a830fb8e3
Prevent deleting 'uncategorized' category
2013-12-31 11:22:44 -06:00
06dd7ffe3c
better revision history
2013-12-12 03:41:34 +01:00
309904ef8f
Revert "Merge pull request #1673 from aperrault/patch-04"
...
This reverts commit c9ea89bdd39ed49888fc
2013-11-19 14:08:45 -05:00
d9c026bec5
Fixing neglect to determine whether a user has the permission to create a topic on a category (besides being able to create a post) in ListController, TopicList, and TopicListSerializer causing the "Create Topic" button to appear even if a user cannot actually create a topic in that category but can reply to a topic therein.
2013-11-19 05:09:58 -07:00
0c6f794eb0
Used the term suspended instead of banned.
2013-11-07 13:53:49 -05:00
de30af9302
Support for inviting to a forum from a user's invite page.
2013-11-06 12:56:50 -05:00
4e46d91b8d
Refactor SpamRulesEnforcer so that each spam rule is in its own class
2013-10-25 13:25:02 -04:00
e18b93026a
defer view creation on so updates are not performed when people navigate to topics
2013-10-07 15:04:59 +11:00
5bf26ec34e
large refactor, ship a few columns from the user table into user_stats
2013-10-07 15:04:59 +11:00
3ba1f20674
New site settings to enable/disable the possibility of editing user's nickname or email address
2013-09-14 21:34:21 +09:00
36f8c9c45b
improve logic and performance on front page to avoid massive query
2013-09-10 16:02:54 +10:00
41a1b6942d
notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
...
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
5b08f73561
give god rights of impersonation to developers, must be edited into the production.rb config file
2013-09-05 10:27:34 +10:00
b47eedba00
Add min_trust_to_create_topic setting to require a certain trust level before users can start new topics
2013-09-03 19:12:22 -04:00
663adde90e
Users can change their own username at any time if they have no posts
2013-08-23 11:23:00 -04:00
eaede108c7
Remove duplication from Guardian
2013-08-16 14:24:29 +02:00
b8a1e21dbd
Delete all posts is allowed for the same amount of time as delete user
2013-08-13 11:11:05 -04:00
b36c6d7b78
Users cannot change their own username after 3 days since registering. Site setting username_change_period allows you to change the number of days.
2013-08-12 14:55:09 -04:00
4fd5087f91
Add button to delete a spammer in the flag modal
...
Add SiteSettings: delete_user_max_age, delete_all_posts_max. Add delete spammer button to admin flags UI
Moderators can delete users too
2013-07-29 15:29:44 -04:00
e25638dab0
add a way to delete posts and topics when deleting a user with UserDestroyer
2013-07-29 15:29:43 -04:00
7b1f9928e4
staff can change trust levels
2013-07-23 09:13:48 +10:00
1f3c5cb656
allow end user to recover a post they delete
...
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
352ac9e60c
Finalize read only and post only categories, finished off UI work
2013-07-16 15:46:11 +10:00
ecf17cfebb
work in progress, add fidelity to category group permissions (full, create posts, readonly)
2013-07-16 15:46:11 +10:00
6ca5df0a09
Can recover deleted topics. Deleted topics show the first post as deleted in the UI.
2013-07-12 12:09:17 -04:00
Robin Ward
Bianca Nenciu
Guo Xiang Tan
Guo Xiang Tan
Arpit Jalan
Sam
David Taylor
Régis Hanol
Neil Lalonde
riking
Jason W. May
Thomas Cioppettini
Vikhyat Korrapati
Patrick
verg
Autumn Perrault
Matthieu Guillemot
Giuseppe Capizzi