Commit Graph

458 Commits

Author SHA1 Message Date
Kyle Zhao 6659417807 FEATURE: match user title when primary group changes
When primary group changes and the user's title is the previous primary
group's title, change the title to the new primary group's title
2018-09-17 15:08:39 +10:00
pmusaraj 7f05af5995 cleanup 2018-09-12 13:10:14 -04:00
pmusaraj aa614e393c return 403 when trying drafts of another user 2018-09-12 13:08:02 -04:00
pmusaraj b8c0a29bec better test name 2018-09-12 11:09:30 -04:00
pmusaraj 11fd18b254 code-styling fixes 2018-09-12 11:06:30 -04:00
pmusaraj 3a00c2adeb add test to ensure that userA cannot see drafts stream of userB 2018-09-12 10:13:20 -04:00
Sam d1984a0b4d FIX: display a correct error when attempting to agree on a deferred flag
Previously we would raise a 500 error if a moderator tried to agree on a
flag another moderator deferred.

This can happen cause the UX for flags does not live refresh as flags
are handled
2018-09-12 13:16:59 +10:00
Robin Ward 3bb4f4c5ef Adds test to make sure moderators can't make master keys
It wasn't obvious from the code, plus we'd never want this to regress!
2018-09-11 12:02:06 -04:00
Neil Lalonde 9e77fd8fc3 FIX: wrong category links on subfolder install in rss feed for a category topic list 2018-09-07 10:03:30 -04:00
Sam 879067d000 FIX: check admin theme cookie against user selectable
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable

this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
Gerhard Schlager 26082688d1 FIX: Zero is a valid value for the page parameter 2018-09-05 20:43:05 +02:00
Vinoth Kannan d9be4f47e8 SPEC: redirect to original URL after social signup 2018-09-05 03:24:50 +05:30
Vinoth Kannan d8b543bb67 FIX: redirect to original URL after social signup 2018-09-05 01:44:23 +05:30
David Taylor 4382fb5fac DEV: Allow plugins to whitelist specific user custom_fields for editing (#6358) 2018-09-04 20:45:36 +10:00
Sam 2f5c21e28c FIX: return a 400 error instead of 500 for null injections
Many security scanners like to inject NULL in inputs causing application
to exception out and return a 500

We now handle this exception and render a 400 status back
2018-09-04 12:11:52 +10:00
Gerhard Schlager f33433bf9e Validation of params should restrict to max int (#6331)
* FIX: Validation of params should restrict to max int

* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
Bianca Nenciu f5e0356fb2 correct miscellaneous issues with user login history 2018-09-02 17:24:54 +10:00
Sam b3aab1770f FIX: set old last modified date for invalid avatars
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
2018-08-31 17:07:31 +10:00
Blake Erickson c6f339a0b5 format json better with spaces in my test 2018-08-30 14:39:40 -06:00
Blake Erickson ae532f8548 FIX: return 422 for an invalid group name on category create 2018-08-30 14:28:55 -06:00
David Taylor 103509b9dd SECURITY: Prevent users from modifying custom fields 2018-08-30 12:59:36 +01:00
Bianca Nenciu 72ffabf619 UX: Improve email testing admin tool. (#6308) 2018-08-29 23:14:16 +02:00
Neil Lalonde ebe7835316 FIX: links in rss feeds are sometimes wrong on subfolder installs 2018-08-27 18:05:15 -04:00
Raul Tambre 2271918be2 FEATURE: Use S3 dualstack endpoints
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
2018-08-27 11:22:46 +10:00
Joffrey JAFFEUX 82dcc5cbfa
FEATURE: makes reports loadable in bulk (#6309) 2018-08-24 15:28:01 +02:00
Osama Sayegh e0cc29d658 FEATURE: themes and components split
* FEATURE: themes and components split

* two seperate methods to switch theme type

* use strict equality operator
2018-08-24 11:30:00 +10:00
Sam 29315b73c2 FIX: improve last_modified date returned for avatars
instead of hard coding a date:

1. For optimized images use the upload date when on s3
2. For not-found use 10 minutes ago to match the expiry
2018-08-24 09:36:11 +10:00
Osama Sayegh 2711f173dc FIX: don't allow inviting more than `max_allowed_message_recipients`
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows

* add specs for guardian

* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)

Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences

* groups take only 1 slot in PM

* just return if topic is a PM
2018-08-23 14:36:49 +10:00
James Kiesel cdea969c6a FEATURE: Make initial admins TL1
* Match register controller TL to rake admin:create
* Don't promote if trust_level > 1
2018-08-22 15:45:24 +10:00
Gerhard Schlager 17dc8f2490 UX: Wizard resends activation email when user exists 2018-08-21 19:13:41 +02:00
Sam 2d96160192 FEATURE: improve API error reporting for invalid records 2018-08-21 11:54:34 +10:00
Guo Xiang Tan b4f92a05b3 FIX: Load more on groups page does not account for params.
https://meta.discourse.org/t/cant-scroll-through-list-of-users-groups-if-more-than-one-page/92259
2018-08-20 17:08:50 +08:00
Sam f5fe58384f correct regression around file renaming 2018-08-20 16:08:05 +10:00
Sam ce4b12ae59 FIX: if we have not target available do not redirect 2018-08-20 13:10:59 +10:00
Sam d7b1919ead correct specs 2018-08-20 12:46:14 +10:00
Guo Xiang Tan a9e502936f FIX: Converting PNG to JPEG does not set the correct extension. 2018-08-17 13:09:48 +08:00
Sam f62073a22a correct regression uploading images 2018-08-16 18:49:08 +10:00
Gerhard Schlager 937ab3f213 FIX: Validation of min_posts and max_posts didn't work 2018-08-16 10:36:53 +02:00
Sam 796164b58c FIX: automatically correct bad avatars on access
Also start relying on upload extension for optimized images
2018-08-16 16:32:56 +10:00
Sam 38c10a3dc2 correct the validator 2018-08-15 14:56:24 +10:00
Misaka 0x4e21 d4fd19d49a UX: Replace Google search with Discourse search on not found page
* UX: Replace Google search with Discourse search on not found page.

* FIX: Update application_controller_spec.rb.
2018-08-15 11:53:04 +10:00
Sam 06f82a7d72 correct exception handling, always do to_i in array 2018-08-15 11:31:42 +10:00
Sam bc47148d35 add validation to exclude_category_ids 2018-08-15 09:53:28 +10:00
Régis Hanol 12bab65167 FIX: going from /categories to /latest on mobile might break infinite scrolling 2018-08-15 01:22:03 +02:00
Gerhard Schlager ba0e322fd0 FIX: Validation of topic params broke discourse-assign 2018-08-14 18:45:46 +02:00
Sam ad5f502332 FIX: add a basic validator for topic params
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
Guo Xiang Tan d10c9d7d75 FIX: Missing extensions for non-image uploads due to 2b57239389. 2018-08-13 10:58:55 +08:00
Gerhard Schlager b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Gerhard Schlager ef4b9f98c1 FEATURE: Allow admins to reply without topic bump 2018-08-10 10:48:30 +10:00
Neil Lalonde 2c4d7225d8 FIX: permalink redirects with subfolder 2018-08-09 11:05:27 -04:00
Sam ed4c0f256e FIX: check permalinks for deleted topics
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
Osama Sayegh 0b7ed8ffaf FEATURE: backend support for user-selectable components
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
Guo Xiang Tan 2b57239389 FIX: Upload's content is the only source of truth for the file type. 2018-08-07 13:15:00 +08:00
Sam 6797395bd0 FIX: staff should be allowed to agree and keep post 2018-08-07 10:05:43 +10:00
David Taylor 812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Penar Musaraj 1f45215537 FEATURE: Drafts view in user profile
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Guo Xiang Tan 919e8db686 FIX: Check for group name availability should skip reserved usernames. 2018-08-01 11:09:33 +08:00
Neil Lalonde 1708ff1808 UX: add a route /rules as an alias for /faq and /guidelines 2018-07-26 15:38:08 -04:00
David Taylor f38942d121 FIX: Destroy session between omniauth callbacks controller tests 2018-07-25 16:33:42 +01:00
Gerhard Schlager 1ac643d71c FIX: Email template for "Queued Posts Reminder" was not found 2018-07-24 17:26:52 +02:00
Guo Xiang Tan fad9c2b971 PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table. 2018-07-24 13:51:53 +08:00
Guo Xiang Tan ae8b0a517f PERF: Split skipped email logs into a seperate table. 2018-07-24 13:14:37 +08:00
Neil Lalonde f4b5eccad3 FIX: categories page crawler view had incorrect URLs 2018-07-23 14:54:41 -04:00
David Taylor eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Joffrey JAFFEUX a2281fbb19
FEATURE: allows to jump to a date in a topic 2018-07-19 16:00:13 +02:00
Régis Hanol 6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Sam ac0053f491 FEATURE: navigate to first post and auto bump category settings
### navigate_to_first_post_after_read setting for categories

When enabled on categories logged on users will return to OP after
reading the entire category. (useful for documentation categories)

### num_auto_bump_daily

Set a number of topics that will automatically bump daily on a category.

- Every 15 minutes we will check if any category has this setting
- Categories with the setting are shuffled
- We exclude pinned, closed, category description and archived topics
- Maximum of 1 topic for the list of categories is bumped till limit reached per category
- We always try to bump oldest first
- Limit is elastic using a RateLimiter that ensures that we only bump N per day

Also some minor organisation on category settings

Froze strings on category.rb
2018-07-16 18:10:35 +10:00
Leo McArdle 21ebb1cd54 FEATURE: Secondary emails support. 2018-07-16 11:09:49 +08:00
Guo Xiang Tan 711371e8c8 FIX: Select+below will ask server for post ids on megatopics. 2018-07-13 15:10:39 +08:00
Kyle Zhao 2901691e87 FEATURE: per-category approval settings (#5778)
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
Guo Xiang Tan 258e9e35ca PERF: Make mega topics work without a stream.
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld.
2018-07-12 12:46:12 +08:00
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Guo Xiang Tan 0a28181c62 Fix the build take 2. 2018-07-10 11:27:03 +08:00
Guo Xiang Tan 5374a0e720 Fix the build. 2018-07-10 09:48:57 +08:00
Jordan Seanor 10bc69a62f FEATURE: Event on topic merge (#6057) 2018-07-10 09:28:57 +08:00
David Taylor 9a813210b9 SECURITY: Do not allow authentication with disabled plugin-supplied a… (#6071)
Do not allow authentication with disabled plugin-supplied auth providers
2018-07-09 14:25:58 +10:00
Guo Xiang Tan 9948f57a99 REFACTOR: Update test to assert for the right objects. 2018-07-09 09:54:14 +08:00
Maja Komel 18f5f646b1 FEATURE: allow selecting a tag when moving posts to a new topic (#6072) 2018-07-06 18:21:32 +02:00
Sam e72fd7ae4e FIX: move crawler blocking into anon cache
This refinement of previous fix moves the crawler blocking into
anonymous cache

This ensures we never poison the cache incorrectly when blocking crawlers
2018-07-04 11:14:43 +10:00
Sam 7f98ed69cd FIX: move crawler blocking to app controller
We need access to site settings in multisite, we do not have access
yet if we attempt to get them in request tracker middleware
2018-07-04 10:30:50 +10:00
Sam 982df3c17b FIX: return status 400 for invalid member params
previously error returned was a 500 which is not ideal
and is logged
2018-06-29 10:15:17 +10:00
Robin Ward fd7bb8e656 FIX: Scope the `cn` to the subfolder 2018-06-28 11:03:36 -04:00
Maja Komel ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Arpit Jalan 6bcdc3ba4b FEATURE: allow author to delete posts irrespective of post_edit_time_limit 2018-06-26 21:43:06 +05:30
Arpit Jalan 7efdccdbc5 FIX: allow staff to remove tags from queued topics 2018-06-26 17:08:40 +05:30
Guo Xiang Tan 0365806b93 FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
Michael Brown ae5d255f83 FIX: Reference example.com instead of somesite.com in examples
* somesite.com actually exists...
* example.com should be used in examples and is harmless to visit
2018-06-19 10:37:24 -04:00
Sam 5f86434bf1 DEV: make tests less fragile 2018-06-14 18:31:07 +10:00
Rafael dos Santos Silva 8fc08aad09 FEATURE: Update the webmanifest
- Remove share target because the spec is changing
- Allow any orientation again because natural is too restrictive
- Use correct file and mime types for the manifest
2018-06-14 00:13:28 -03:00
OsamaSayegh 4a9dadb646 Add test case for topic embed CSS 2018-06-13 16:22:54 +10:00
OsamaSayegh 249a256cd2 Fix build 2018-06-11 09:12:28 +03:00
OsamaSayegh 77f1cdf20e REFACTOR: admin backups controller specs to requests (#5953) 2018-06-11 13:26:24 +08:00
OsamaSayegh 1dbe13886f REFACTOR: admin site texts controller specs to requests (#5958) 2018-06-11 12:59:21 +08:00
OsamaSayegh 4f06d6078b REFACTOR: admin themes controller specs to requests (#5954) 2018-06-11 12:54:16 +08:00
OsamaSayegh 1fe092da0a REFACTOR: admin badges controller specs to requests (#5960) 2018-06-11 12:50:56 +08:00
OsamaSayegh bf8d392a51 REFACTOR: admin user fields controller specs to requests (#5961) 2018-06-11 12:50:21 +08:00
OsamaSayegh 4c8939d530 REFACTOR: admin email controller specs to requests (#5962) 2018-06-11 12:50:08 +08:00
OsamaSayegh c0776884dd REFACTOR: admin reports controller specs to requests (#5963) 2018-06-11 12:49:28 +08:00
OsamaSayegh da94eaa81d REFACTOR: admin color schemes controller specs to requests (#5964) 2018-06-11 12:48:58 +08:00
OsamaSayegh 767f022b29 REFACTOR: admin screened ip addresses controller specs to requests (#5965) 2018-06-11 12:48:34 +08:00
OsamaSayegh 93b1386fb2 REFACTOR: admin site settings controller specs to requests (#5966) 2018-06-11 12:48:09 +08:00
OsamaSayegh 325f975ed3 REFACTOR: admin dashboard controller specs to requests (#5967) 2018-06-11 12:47:42 +08:00
OsamaSayegh a4574cf2ca REFACTOR: admin webhooks controller specs to requests (#5969) 2018-06-11 12:47:29 +08:00
OsamaSayegh a914ec28fc REFACTOR: admin impersonate controller specs to requests (#5968) 2018-06-11 12:47:14 +08:00
OsamaSayegh d22b552c9b REFACTOR: admin emojis controller specs to requests (#5974) 2018-06-11 12:39:31 +08:00
OsamaSayegh 12b1687e1f REFACTOR: admin permalinks controller specs to requests (#5970) 2018-06-11 12:37:21 +08:00
OsamaSayegh 37c84451ed REFACTOR: admin staff action logs controller specs to requests (#5971) 2018-06-11 12:37:06 +08:00
OsamaSayegh 65241c6778 REFACTOR: admin api controller specs to requests (#5972) 2018-06-11 12:35:45 +08:00
OsamaSayegh 2c8a9d36af REFACTOR: admin versions controller specs to requests (#5973) 2018-06-11 12:35:05 +08:00
OsamaSayegh 237559c76f REFACTOR: admin screened emails controller specs to requests (#5975) 2018-06-11 12:33:54 +08:00
OsamaSayegh f30c2dacb2 REFACTOR: admin screened urls controller specs to requests (#5976) 2018-06-11 12:33:38 +08:00
OsamaSayegh 63b2207065 REFACTOR: admin plugins controller specs to requests (#5977) 2018-06-11 12:33:07 +08:00
OsamaSayegh c6fe082fe4 REFACTOR: admin controller specs to requests (#5978) 2018-06-11 12:32:55 +08:00
OsamaSayegh 4ac7be1d1c REFACTOR: admin embeddable hosts controller specs to requests (#5979) 2018-06-11 12:32:13 +08:00
OsamaSayegh 062aecd239 REFACTOR: admin embedding controller specs to requests (#5980) 2018-06-11 12:31:58 +08:00
OsamaSayegh f5ad0022f7 REFACTOR: admin users controller specs to requests (#5946) 2018-06-08 12:42:06 +08:00
Guo Xiang Tan 3a8f69c3d2 DEV: Assert for 200 response code to avoid changing magic helper in the future. 2018-06-07 16:11:09 +08:00
OsamaSayegh 1e805cfd3e REFACTOR: composer messages controller specs to requests (#5940) 2018-06-07 13:51:52 +08:00
OsamaSayegh c6c1ef71c1 REFACTOR: inline onebox controller specs to requests 2018-06-07 13:11:45 +08:00
OsamaSayegh 30be1b0d2b REFACTOR: category hashtags controller specs to requests (#5936) 2018-06-07 13:09:23 +08:00
OsamaSayegh 9975f9751e REFACTOR: metadata controller specs to requests (#5935) 2018-06-07 13:08:28 +08:00
OsamaSayegh 1957cb541b REFACTOR: permalinks controller specs to requests (#5934) 2018-06-07 13:08:13 +08:00
OsamaSayegh f2a5a84f0b REFACTOR: similar topics controller specs to requests (#5933) 2018-06-07 13:07:53 +08:00
OsamaSayegh 37829a521a REFACTOR: stylesheets controller specs to requests 2018-06-07 13:06:32 +08:00
OsamaSayegh a8d33603f9 REFACTOR: export CSV controller specs to requests 2018-06-07 13:02:02 +08:00
OsamaSayegh 0124209a96 REFACTOR: site controller specs to requests 2018-06-07 12:58:33 +08:00
OsamaSayegh 3c96ee4b6f REFACTOR: clicks controller specs to requests (#5929) 2018-06-07 12:57:29 +08:00
OsamaSayegh 2688cc6241 REFACTOR: post action users controller specs to requests 2018-06-07 12:55:01 +08:00
OsamaSayegh e2e566214d REFACTOR: user avatars controller spec to requests 2018-06-07 12:53:33 +08:00
OsamaSayegh 05c1fe5c8f REFACTOR: user actions controller specs to requests 2018-06-07 12:52:06 +08:00
OsamaSayegh 7f21892ad0 REFACTOR: finish installation controller specs to requests 2018-06-07 12:49:47 +08:00
OsamaSayegh 5ecaa55e50 REFACTOR: webhooks controller specs to requests 2018-06-07 12:46:29 +08:00
OsamaSayegh cc82fb33b5 REFACTOR: queued posts controller specs to requests 2018-06-07 12:41:26 +08:00
OsamaSayegh 1b7d46c054 REFACTOR: post actions controller specs to requests 2018-06-07 12:38:17 +08:00
OsamaSayegh f75d1e958d REFACTOR: extra locales controller specs to requests 2018-06-07 12:34:39 +08:00
OsamaSayegh d2880246cd REFACTOR: steps controller specs to requests 2018-06-07 12:31:13 +08:00
Guo Xiang Tan 47ddb3a7ca Merge branch 'wizard-controller' of https://github.com/OsamaSayegh/discourse into OsamaSayegh-wizard-controller 2018-06-07 12:27:48 +08:00
OsamaSayegh 600ff85ecd REFACTOR: draft controller specs to requests (#5942) 2018-06-07 12:24:20 +08:00
OsamaSayegh f5178ded56 REFACTOR: offline controller spec to requests (#5943) 2018-06-07 12:24:05 +08:00
Sam 89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Vinoth Kannan d8e641cd98 FIX: avatar_url includes upload_path twice when local storage used 2018-06-06 18:27:30 +05:30
OsamaSayegh 3244fb8959 REFACTOR: wizard controller specs to requests 2018-06-06 12:07:55 +03:00
Guo Xiang Tan a83ab01264 REFACTOR: Remove extra param for group mentionable and messableable route. 2018-06-06 09:42:09 +08:00
Arpit Jalan f8d82f135f FIX: do not verify group visibility when checking for mentionable/messageable 2018-06-05 16:59:21 +05:30
OsamaSayegh d3e610eed9 REFACTOR: topic controller (2) specs to requests (#5911) 2018-06-05 12:03:49 +08:00
OsamaSayegh 475d944d74 REFACTOR: onebox controller specs to requests (#5914) 2018-06-05 11:36:08 +08:00
OsamaSayegh 22fcc04d38 REFACTOR: user badges controller specs to requests (#5912) 2018-06-05 10:59:01 +08:00
OsamaSayegh 79dcd79470 REFACTOR: email controller specs to requests (#5917) 2018-06-05 10:57:11 +08:00
Guo Xiang Tan a508e6a5f6 DEV: Stablize `requests/search_controller_spec`. 2018-06-05 10:07:05 +08:00
OsamaSayegh bc75cfe4b5 REFACTOR: tags controller specs (#5908) 2018-06-04 14:09:14 +08:00
OsamaSayegh 1f8805d3af REFACTOR: user api keys contoller specs to request 2018-06-04 16:07:53 +10:00
OsamaSayegh 807223deef REFACTOR: notifications controller specs to requests 2018-06-04 16:06:53 +10:00
OsamaSayegh e4bdafb550 REFACTOR: categories controller specs to requests (#5903)
REFACTOR: categories controller specs to requests
2018-06-04 12:04:32 +08:00
OsamaSayegh e58ed247f2 REFACTOR: uploads controller specs to requests (#5907) 2018-06-04 11:13:52 +08:00
OsamaSayegh cfea837e88 REFACTOR: search controller specs to requests (#5906) 2018-06-04 11:12:38 +08:00
OsamaSayegh 9b4a98695e REFACTOR: list controller specs to requests (#5902) 2018-06-04 11:09:59 +08:00
OsamaSayegh 474ff94df3 REFACTOR: convert invites controller specs to requests (#5898)
REFACTOR: convert invites controller specs to requests
2018-06-01 13:06:08 +08:00
OsamaSayegh d4848f2d58 REFACTOR: topics controller specs to requests (#5886)
* REFACTOR: topics controller specs to requests
2018-05-31 22:45:32 +08:00
Guo Xiang Tan 7fc8a36529 DEV: Take 2 Queue jobs in tests by default.
On my machine this cuts the time taken to run our test suite
from ~11mins to ~9mins.
2018-05-31 16:23:23 +08:00
Guo Xiang Tan 56e9ff6853 Revert "DEV: Queue jobs in tests by default."
Too risky for now

This reverts commit be28154d3b.
2018-05-31 15:34:46 +08:00
Guo Xiang Tan be28154d3b DEV: Queue jobs in tests by default. 2018-05-31 14:45:47 +08:00
Guo Xiang Tan 95f9b72351 FIX: Update activation email route was returning a generic json error. 2018-05-31 14:19:43 +08:00
OsamaSayegh 4e21a031df Remove trailing whitespace 2018-05-31 12:31:46 +10:00
OsamaSayegh 23e3a68592 REFACTOR: session controller specs to requests 2018-05-31 12:31:46 +10:00
Guo Xiang Tan 21e9315416 FIX: Use user account email instead of auth email when totp is enabled.
https://meta.discourse.org/t/github-2fa-flow-broken/88674
2018-05-30 12:15:12 +08:00
Guo Xiang Tan 123a22e6d8 DEV: Clean up omniauth after mocking. 2018-05-28 15:12:54 +08:00
Guo Xiang Tan a081771950
Merge pull request #5872 from OsamaSayegh/users-controller-specs-to-request
REFACTOR: users contollers specs => request specs
2018-05-28 13:32:37 +08:00
OsamaSayegh 0347c97520 tgxworld feedback 2018-05-28 06:20:47 +03:00
Robin Ward 4195c7c9ea FEATURE: Ability to clear a user's penalty history
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
2018-05-25 12:54:22 -04:00
OsamaSayegh bac0482061 REFACTOR: users contollers specs => request specs 2018-05-25 05:04:25 +03:00
Neil Lalonde 3db1032bfd FIX: not found page shouldn't include the Google search form for sites with login_required enabled 2018-05-23 16:59:02 -04:00
OsamaSayegh 609804f5ef REFACTOR: merge posts controller specs into request specs 2018-05-23 08:53:46 +10:00
OsamaSayegh 450a600721 REFACTOR: about & badge controllers => requests 2018-05-22 13:45:13 +10:00
Sam 788ca1f112 FIX: stop adding email to unsubscribe url
Instead of adding email to unsubscribe url store it in redis for 1 hour
rate limit calls to unsubscribe endpoint to ensure there is no risk of
bloating redis

Also move controller to request specs
2018-05-22 09:07:03 +10:00
Guo Xiang Tan b7b08b4173 Fix regression introduced in 2ceb107074. 2018-05-21 13:26:23 +08:00
Guo Xiang Tan 2ceb107074 Refactor tests to use the json extension instead of headers. 2018-05-21 09:49:46 +08:00
Arpit Jalan 9f422c93f6 FIX: restrict updates on `confirm_old_email` email templates 2018-05-19 12:19:59 +05:30
Arpit Jalan 9532d9a555 FIX: handle invalid tags 2018-05-17 19:33:12 +05:30
Régis Hanol 131b7f5da5 make 🤖 rubocop happy 2018-05-16 16:35:04 +02:00
Joe Buhlig 3cd4c82c49 Allow parameters for group and username filters on directory (#5815) 2018-05-16 16:20:17 +02:00
Régis Hanol 37232fcb58 FIX: staff members should see all tags 2018-05-13 17:50:21 +02:00
Guo Xiang Tan 2eb2f273a8 Refactor of `PushSubscriptionPusher`. 2018-05-09 08:14:14 +08:00
Jeff Wong 7f1f697e97 FIX: de-duplicate push subscriptions - ensure unique user/key 2018-05-08 15:20:39 -07:00
Gerhard Schlager 52db0b31c1 FIX: Automatically add user to groups after updating email address 2018-05-08 21:27:22 +02:00
Arpit Jalan 83245aa508 FIX: better handling of invite links after they are redeemed
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
Guo Xiang Tan 21007a4a8d Rewrite push notifications controller specs as request specs.
* Improve assertions to test for the outcome we expected instead
  of just asserting for a 200 response.

* Remove duplicated assertion.
2018-05-07 15:40:46 +08:00
Guo Xiang Tan aa0d32231c FIX: Incorrect query when removing a group owner.
https://meta.discourse.org/t/group-rename-and-group-owners-removal-problems/85596
2018-05-07 13:57:00 +08:00
Robin Ward a5172a37e0 Allow staff members to enable safe mode, even if disabled 2018-04-25 11:49:57 -04:00
Sam 146a6c3592 FIX: exclude topics from latest in /categories on refresh
When you hit refresh on categories page it would not supress correctly
2018-04-24 11:07:26 -04:00
Robin Ward fd14ee4797 FEATURE: Allow safe mode to be disabled 2018-04-24 11:03:33 -04:00
Guo Xiang Tan 9eabf7c02c Fix randomly failing specs due to SearchLog cache. 2018-04-23 10:10:10 +08:00
Guo Xiang Tan 70d181bff8 FIX: Better error message in `GroupsController#add_members`.
https://meta.discourse.org/t/cant-add-members-to-a-group/85738?u=tgxworld
2018-04-20 10:28:52 +08:00
Robin Ward 3d7dbdedc0 FEATURE: An API to help sites build robots.txt files programatically
This is mainly useful for subfolder sites, who need to expose their
robots.txt contents to a parent site.
2018-04-16 15:43:20 -04:00
Arpit Jalan a1ef455c78 SECURITY: do not show private topic title on /unsubscribed page 2018-04-16 10:35:57 +05:30
Sam 3632b8d8d6 FEATURE: provide extra signal about content age to crawlers
Adds Last-Modified field to help teach crawlers not to crawl old content
2018-04-13 14:58:33 +10:00
Régis Hanol df7970a6f6 prefix the robots.txt rules with the directory when using subfolder 2018-04-11 22:05:02 +02:00
Guo Xiang Tan d9d86577ff FIX: Staff users are not affected by `enable_group_directory` site setting. 2018-04-10 09:22:01 +08:00
Guo Xiang Tan c82b2dcc24 Remove admin group management pages. 2018-04-09 15:14:50 +08:00
Sam 4111f17f64 add missing test for rel next/prev 2018-04-09 15:01:16 +10:00
Guo Xiang Tan 0623785f69 FIX: Prevent group owners from editing admin only settings. 2018-04-06 11:44:58 +08:00