David Taylor
77fe57f923
FEATURE: Rake task to list users which have been staff in the past month
2018-12-14 16:29:12 +00:00
Kyle Zhao
b0c2e9bb05
minor changes to default script-src ( #6770 )
...
- add report-sample to force require a sample of the violating code
- do not whitelist GA/GTM's entire domain
2018-12-14 08:17:31 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard ( #6768 )
...
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Sam
939b82ef0c
DEV: correct intermittent test failure
...
ActionController::BadRequest can not be re-dispatched, under some conditions
we are getting this vs InvalidParameterError in the following test
59c56bd20f/spec/requests/application_controller_spec.rb (L34-L62)
2018-12-13 18:27:13 +11:00
Sam
94b8ba4f8f
FIX: remove slow platform detection from server side
...
Historically due to https://meta.discourse.org/t/why-is-discourse-so-slow-on-android/8823
we decreased page sizes of both home page and topic page on android by half.
This was done on the server side and as a side effect and caused page sizes on android
to mismatch between Android and non Android.
Unfortunately about a year ago googlebot started pretending it is Android,
this cause Google to start indexing pages as what android would see. So
it saw double the amount of pages in the index as what exists on desktop.
This in turn caused double the amount of indexing work and a large amount
of broken links on long topics.
This fix removes all special behavior which is no longer needed due to
other performance work in Discourse including raw handlebars on home page
and virtual dom on topic pages.
I tested we do not need this on Blu Advance 5.0 it has 1.3 GHZ mediatec mt6580
This phone retails for around $50 USD.
If we decide long term that we want any hacks like this we will shift them
to the client side. It can just hold data in memory without rendering.
2018-12-13 13:57:05 +11:00
Bianca Nenciu
7cac04e1a8
* FEATURE: Adds site setting to let quotes on direct replies.
...
* DEV: Added test.
* FIX: Do not bump topic when removing full quotes.
2018-12-12 15:42:53 +01:00
Maja Komel
dbbadb5c35
FEATURE: add short_site_description setting to be included in title tag on homepage
2018-12-12 11:46:58 +01:00
Sam
0ca61242b8
FEATURE: polyfill intersection observer for IE11 / iOS Safari
...
This feature is used for defer loading of images and in future for post cloaking
This gives us a polyfill so we can safely use the feature in problem browsers
The polyfill supports "polling" but it does not appear we need it yet.
If we discover anything odd here, consider setting poll interval per:
https://github.com/w3c/IntersectionObserver/tree/master/polyfill
```
var io = new IntersectionObserver(callback);
io.POLL_INTERVAL = 100; // Time in milliseconds.
```
Keeping the mutation observer cause we often mutate the DOM
2018-12-12 15:36:08 +11:00
David Taylor
c7c56af397
FEATURE: Allow connecting associated accounts when two-factor is enabled ( #6754 )
...
Previously the 'reconnect' process was a bit magic - IF you were already logged into discourse, and followed the auth flow, your account would be reconnected and you would be 'logged in again'.
Now, we explicitly check for a reconnect=true parameter when the flow is started, store it in the session, and then only follow the reconnect logic if that variable is present. Setting this parameter also skips the 'logged in again' step, which means reconnect now works with 2fa enabled.
2018-12-11 13:19:00 +00:00
Sam
671469bcc7
FIX: URLs containing two # would fail to work
...
Some URLs in browsers are non compliant and contain twos `#` this commit adds
special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 18:03:13 +11:00
David Taylor
9db829134c
FIX: Use database to persist metadata during social registration ( #6750 )
...
Previously was using the cookie_store, which is limited to 4kb. This caused issues for providers sending large volumes of metadata about a user.
2018-12-10 15:10:06 +00:00
Rishabh
314c084e5d
DEV: nuke code dependent comments from scheduler.rake
2018-12-10 16:16:19 +05:30
Rishabh
4767a5a26e
DEV: Update incorrect Job frequency
2018-12-10 13:26:19 +05:30
Sam
e17d0c0526
FIX: don't double add users to topic allowed users
...
In latest rails building the same relation twice results in an error
Previous versions would deduplicate
2018-12-10 14:45:02 +11:00
Sam
955cdad649
FIX: exec_params needs instrumentation
...
the method no longer routes to "exec" or "async_exec" in latest PG so we
need to explicitly intercept
2018-12-10 14:28:10 +11:00
Sam
502a0fe778
FIX: support connecting GitHub with existing accounts
2018-12-10 09:27:00 +11:00
David Taylor
25aed5a47c
FIX: Add missing android icon
...
Used in the "Recently Used Devices" section of user preferences
2018-12-07 15:49:40 +00:00
David Taylor
160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator ( #6739 )
...
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
David Taylor
86f8734bc0
FIX: Prioritize explicit 'connect' over matching by email
...
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
2018-12-07 15:05:51 +00:00
David Taylor
3cad3f9df1
DEV: Add profile fetching support to `ManagedAuthenticator`
2018-12-07 15:05:51 +00:00
David Taylor
f7ce607e5d
FIX: Return 422 instead of 500 for invalid SSO signature ( #6738 )
2018-12-07 15:01:44 +00:00
David Taylor
6c71395bf6
FIX: Only hide shared draft topics from `latest` ( #6737 )
...
Previously we were hiding them from all topic lists, which can result in
topics being "stuck" in an unread state with no easy way to clear them.
2018-12-07 12:44:23 +00:00
Bianca Nenciu
41e184280d
FEATURE: Remove full quotes of direct replies. ( #6729 )
2018-12-07 13:07:11 +01:00
Gerhard Schlager
df3bb07ec6
UX: Add missing icons
2018-12-07 13:00:02 +01:00
David Taylor
5e09398c5b
FIX: Do not serialize user fields unless they are specified for display ( #6736 )
2018-12-07 10:57:28 +00:00
David Taylor
0b1d660876
UX: Make shared drafts behaviour consistent for non-staff users ( #6734 )
...
This makes it easier to diagnose the problem when a public category
is set as the 'shared drafts category'. Doing this is not recommended.
2018-12-06 18:59:29 +00:00
David Taylor
ded3639f87
DEV: Add openid-connect as an official plugin
2018-12-06 16:16:47 +00:00
Xiao Guan
7ec124fc89
FEATURE: Improved deprecation warnings ( #6722 )
...
* FEATURE: Discourse.deprecate can report version
* Ember counterpart for deprecation
2018-12-06 11:38:01 +00:00
Gerhard Schlager
43cfdb1cb9
FIX: Wizard tries harder to find existing Welcome Topic
...
The wizard searches for:
* a topic that with the "is_welcome_topic" custom field
* a topic with the correct slug for the current default locale
* a topic with the correct slug for the English locale
* the oldest globally pinned topic
It gives up if it didn't find any of the above.
2018-12-06 10:27:22 +01:00
Guo Xiang Tan
978f0db109
SECURITY: Require groups to be given when inviting to a restricted category. ( #6715 )
2018-12-05 16:43:07 +01:00
Gerhard Schlager
99117d664c
FEATURE: Multisite support for S3 backup store ( #6700 )
2018-12-05 10:10:39 +08:00
David Taylor
e117deb2ba
FIX: Improve avatar loading, and add tests
...
Follow-up from 4e2cc9c
2018-12-04 15:09:32 +00:00
Régis Hanol
3c9c95ac83
Update Rubocop to 0.60
2018-12-04 10:48:16 +01:00
David Taylor
9248ad1905
DEV: Enable `Style/SingleLineMethods` and `Style/Semicolon` in Rubocop ( #6717 )
2018-12-04 11:48:13 +08:00
Penar Musaraj
56948896ff
UX: replace FA5 compress/expand icons
...
Adds a new SVG sprite file that contains non-FontAwesome 5 icons to our subset.
Adds the FontAwesome 4.7.0 icons for expand / collapse.
2018-12-03 22:29:20 -05:00
David Taylor
4831c4c2ee
FIX: Use safe navigation operator throughout statement
2018-12-03 20:00:28 +00:00
David Taylor
e32cdb00cb
Fix the build
2018-12-03 18:51:07 +00:00
David Taylor
b373ff47e2
FIX: Topic is nil when first post is being created
2018-12-03 18:30:52 +00:00
David Taylor
4e2cc9caf0
FIX: Use safe navigation operator when looking for avatar URL
2018-12-03 17:28:21 +00:00
David Taylor
404acef6e3
DEV: Move `run-qunit.js` out of the vendor directory
2018-12-03 16:16:37 +00:00
Penar Musaraj
f8e6a37858
FIX: raise exception when getting dimensions of missing image
...
- follow-up on 0eacd45ab1
2018-12-03 10:19:49 -05:00
David Taylor
9125b5fbc4
DEV: Reformat single line method definition
...
Following comments on 71aaed272c
2018-12-03 15:03:00 +00:00
Bianca Nenciu
3f8fa4ad4e
FEATURE: Do not check consecutive replies for original poster. ( #6714 )
2018-12-03 02:32:29 -08:00
Rishabh
503ae1829f
FIX: All multisite upload paths should start with /uploads/default/.. ( #6707 )
2018-12-03 12:04:14 +08:00
Maja Komel
6121d11187
FIX: make staff_edit_locks_post work with download_remote_images_to_local
2018-12-03 14:14:59 +11:00
Joffrey JAFFEUX
f94c3aef7b
DEV: upgrades highlight.js from v9.12.0 to v9.13.1
2018-12-03 09:45:52 +11:00
Maja Komel
1073634271
FIX: show generic title when quoting off-topic secure category posts
2018-12-03 09:42:32 +11:00
David Taylor
71aaed272c
DEV: Correct auth_provider deprecation warning
2018-11-30 22:22:26 +00:00
David Taylor
4e010382cc
REFACTOR: Initialize auth providers after `plugin.activate!`
...
Also added some helpful functionality for plugin developers:
- Raises RuntimeException if the auth provider has been registered too late
- Logs use of deprecated parameters
2018-11-30 16:58:18 +00:00
Kyle Zhao
488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP ( #6704 )
...
* FEATURE: allow plugins and themes to extend the default CSP
For plugins:
```
extend_content_security_policy(
script_src: ['https://domain.com/script.js ', 'https://your-cdn.com/ '],
style_src: ['https://domain.com/style.css ']
)
```
For themes and components:
```
extend_content_security_policy:
type: list
default: "script_src:https://domain.com/ |style_src:https://domain.com "
```
* clear CSP base url before each test
we have a test that stubs `Rails.env.development?` to true
* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
Penar Musaraj
7dec963f2e
FIX: add vkontakte icon alias
2018-11-30 08:50:38 -05:00
David Taylor
208005f9c9
REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
...
Changes to functionality
- Removed syncing of user metadata including gender, location etc.
These are no longer available to standard Facebook applications.
- Removed the remote 'revoke' functionality. No other providers have
it, and it does not appear to be standard practice in other apps.
- The 'facebook_no_email' event is no longer logged. The system can
cope fine with a missing email address.
Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
David Taylor
534e1b1b18
DEV: Introduce Auth::ManagedAuthenticator
...
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00
Vinoth Kannan
fc0b7c9e26
FIX: incoming email matches the wrong user if null bounce key available in db
2018-11-30 12:29:51 +05:30
Penar Musaraj
ad665b901a
FIX: Refactor commit a8c3ca, add test
2018-11-29 19:12:00 -05:00
Penar Musaraj
a58c3ca430
FIX: limit SvgSprite scan to string setting values
2018-11-29 18:36:48 -05:00
Penar Musaraj
0eacd45ab1
FIX: refactor ImageSizer.resize
...
reverts 140d9c2
2018-11-29 15:28:45 -05:00
Arpit Jalan
40f10855c6
FIX: defer flags (only) when handling a flag and deleting replies ( #6702 )
2018-11-29 22:44:18 +05:30
Neil Lalonde
075d9fc558
Version bump to v2.2.0.beta5
2018-11-29 11:18:11 -05:00
Bianca Nenciu
ddd260941e
FIX: Fix query selecting users not accepting PMs.
2018-11-29 15:59:30 +08:00
Guo Xiang Tan
56034c733a
UX: Strip class when link is not oneboxed due to site setting limits.
2018-11-29 14:33:01 +08:00
Rishabh
871d4543cc
FIX: Use File.join for relative_base_url, fix spec
2018-11-29 09:49:56 +05:30
Rishabh
05a4f3fb51
FEATURE: Multisite support for S3 image stores ( #6689 )
...
* FEATURE: Multisite support for S3 image stores
* Use File.join to concatenate all paths & fix linting on multisite/s3_store_spec.rb
2018-11-29 12:11:48 +08:00
Penar Musaraj
6568832235
FIX: map discord/patreon FA5 icons for login buttons correctly
2018-11-28 14:36:36 -05:00
Vinoth Kannan
bfb3c4d9f9
DEV: create bounce alert earlier if email_log detected from bounce_key
2018-11-28 21:13:06 +05:30
Penar Musaraj
654b80e472
FIX: add FA Discourse icon, update setting instructions
2018-11-28 09:53:06 -05:00
Vinoth Kannan
25253dec56
FIX: Get email address from email_log if bounced with verp
...
We can not access mail.final_recipient attr if it bounced with verp
2018-11-28 19:04:09 +05:30
Arpit Jalan
851ef14096
Revert "FIX: do not agree flags by default when deleting posts"
...
This reverts commit cb6fc8057b
.
2018-11-28 10:21:11 +05:30
Vinoth Kannan
7dbf709467
FIX: create whisper post in PMs when bounces with verp and user is staged
2018-11-28 08:24:23 +05:30
Guo Xiang Tan
a1e77aa2ed
FEATURE: Reimplement `SiteSetting.max_oneboxes_per_post`. ( #6668 )
...
Previously, the site setting was only effective on the client side of
things. Once the site setting was been reached, all oneboxes are not
rendered. This commit changes it such that the site setting is respected
both on the client and server side. The first N oneboxes are rendered and
once the limit has been reached, subsequent oneboxes will not be
rendered.
2018-11-27 16:00:31 +08:00
Arpit Jalan
6cb49cd42c
Merge pull request #6671 from techAPJ/destroy-posts-flags
...
FIX: do not agree flags by default when deleting posts
2018-11-27 11:27:23 +05:30
Arpit Jalan
cb6fc8057b
FIX: do not agree flags by default when deleting posts
2018-11-27 10:57:20 +05:30
Penar Musaraj
03deda2147
Upgrade to FontAwesome 5 (take two) ( #6673 )
...
* Add missing icons to set
* Revert FA5 revert
This reverts commit 42572ff
* use new SVG syntax in locales
* Noscript page changes (remove login button, center "powered by" footer text)
* Cast wider net for SVG icons in settings
- include any _icon setting for SVG registry (offers better support for plugin settings)
- let themes store multiple pipe-delimited icons in a setting
- also replaces broken onebox image icon with SVG reference in cooked post processor
* interpolate icons in locales
* Fix composer whisper icon alignment
* Add support for stacked icons
* SECURITY: enforce hostname to match discourse hostname
This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname
* load SVG sprite with pre-initializers
* FIX: enable caching on SVG sprites
* PERF: use JSONP for SVG sprites so they are served from CDN
This avoids needing to deal with CORS for loading of the SVG
Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is
* Add missing SVG sprite JSONP script to CSP
* Upgrade to FA 5.5.0
* Add support for all FA4.7 icons
- adds complete frontend and backend for renamed FA4.7 icons
- improves performance of SvgSprite.bundle and SvgSprite.all_icons
* Fix group avatar flair preview
- adds an endpoint at /svg-sprites/search/:keyword
- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset
* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Vinoth Kannan
bcdf5b2f47
DEV: improve missing uploads query and skip checking file size
2018-11-27 02:21:33 +05:30
Vinoth Kannan
4ccf9d28eb
Remove trailing whitespaces
2018-11-27 01:15:29 +05:30
Vinoth Kannan
fd272eee44
FEATURE: Make uploads:missing task compatible with s3 uploads
2018-11-27 00:54:51 +05:30
Vinoth Kannan
cedd2118c4
FEATURE: If PM email bounced for staged user then alert in whisper reply ( #6648 )
2018-11-27 00:29:37 +05:30
David Taylor
afcf149c34
FIX: Fix mentions for mixed case group names
2018-11-26 15:34:56 +00:00
Joffrey JAFFEUX
4546d8fbbf
FEATURE: allows plugins to register no module files ( #6664 )
2018-11-26 16:01:28 +08:00
Guo Xiang Tan
565603ad0d
Remove unused variable.
2018-11-26 14:45:00 +08:00
Guo Xiang Tan
3188d3506d
Re-add option that was removed by mistake in 482013a1d4
.
2018-11-26 14:24:23 +08:00
Guo Xiang Tan
482013a1d4
FIX: Group mentions missing after post processing.
2018-11-26 12:57:07 +08:00
Guo Xiang Tan
57e2f4990d
PERF: Move processing of inline onebox out of V8 context. ( #6658 )
2018-11-26 09:21:38 +08:00
Bianca Nenciu
172b3bf4d3
FIX: Fix broken theme field URLs. ( #6622 )
2018-11-23 16:11:05 +01:00
Guo Xiang Tan
7f7464e3e6
DEV: Remove unused variable.
2018-11-23 08:32:29 +08:00
Sam
7ba681383d
DEV: run plugin tests in autospec
2018-11-23 11:27:08 +11:00
David Taylor
f645cb9c14
FEATURE: Use translated name for 'your email has been authenticated by' ( #6649 )
2018-11-22 19:12:04 +00:00
David Taylor
052bf37578
FIX: Use `Discourse.deprecate` instead of `Rails.logger.warn`
...
This will significantly reduce the volume of logs when the condition is hit
2018-11-22 15:59:47 +00:00
Gerhard Schlager
bf27aecce2
REFACTOR: compact! works since the array can't contain empty strings
2018-11-22 13:27:34 +01:00
Guo Xiang Tan
96168cb3c6
DEV: Use a set in `SiteSetting.settings_hash`.
2018-11-22 17:16:40 +08:00
Guo Xiang Tan
4752ddc908
Avoid DB query when there are no mentions.
2018-11-22 16:44:17 +08:00
Guo Xiang Tan
28a6cf8228
FIX: Mention lookup should be case insensitive.
2018-11-22 16:32:56 +08:00
Guo Xiang Tan
3f636b2d19
FIX: Check whether group is mentionable by user when cooking post.
2018-11-22 16:16:33 +08:00
Guo Xiang Tan
672e95bcb4
FIX: Staged users should not be mentionable.
2018-11-22 15:00:46 +08:00
Guo Xiang Tan
c5a70eca6e
PERF: Move mention lookups out of the V8 context. ( #6640 )
...
We were looking up each mention one by one without any form of caching and that results
in a problem somewhat similar to an N+1. When we have to do alot of DB
lookups, it also increased the time spent in the V8 context which may
eventually lead to a timeout. The change here makes it such that mention lookups only does a single
DB query per post that happens outside of the V8 context.
2018-11-22 14:28:48 +08:00
Guo Xiang Tan
596e09aaf9
FIX: Wizard icons step fields have incorrect values.
...
https://meta.discourse.org/t/is-the-wizard-supposed-to-not-let-you-skip-adding-icons/102417
2018-11-22 14:19:36 +08:00
Maja Komel
993d8f346e
FIX notifications for flag PMs ( #6641 )
2018-11-22 10:25:19 +08:00
Gerhard Schlager
c376670bd2
FIX: a search term containing '& could lead to errors
...
This also makes sure that the search term in front or after special characters isn't ignored.
2018-11-21 22:07:56 +01:00
Sam
966d3c8437
remove unneeded code
...
```
irb(main):001:0> def test; if false; puts "hi"; end; end
=> :test
irb(main):002:0> test
=> nil
```
2018-11-21 12:57:34 +11:00
Sam
20268385a5
FIX: never attempt to log invalid post numbers
...
Previously in some cases we would queue logging of invalid post numbers
The impact would be we would miss logging an incoming link and would leak
an error.
2018-11-21 11:58:47 +11:00
Sam
86255faa08
FEATURE: do not switch to JPEG unless you meet 75k byte savings
...
This also adjusts the algorithm to expect
- 30% saving for JPEG conversion
AND
- Minimum of 75K bytes saved
The reasoning for increase of saving requirements is cause PNG may have been
uploaded unoptimized, 30% saving on PNG is very possible
2018-11-21 11:01:08 +11:00
Kyle E. Mitchell
15e793fd3b
FEATURE: Terms of Service v1.0.0
...
Co-authored-by: Gerhard Schlager <mail@gerhard-schlager.at>
2018-11-21 00:45:16 +01:00
Rishabh
eacbe28f55
FIX: Skip gsub for normalizing whitespaces when text is nil ( #6631 )
2018-11-20 09:12:32 +01:00
Vinoth Kannan
bc41057949
minor copy edit
2018-11-20 12:07:56 +05:30
Guo Xiang Tan
1a57be3248
Avoid deprecated site setting logging in `SiteSetting.settings_hash`.
2018-11-20 11:59:38 +08:00
Sam
1b4f2029d7
FIX: clear theme cache when restoring
...
Previously old themes may be cached incorrectly, this also forces
a rebake of old themes to ensure version can compile cleanly
2018-11-20 13:37:58 +11:00
Guo Xiang Tan
fe131c5ea2
Fix missing avatars on topic list page.
...
Introduced in b50fab2d72
2018-11-19 14:55:41 +08:00
Vinoth Kannan
1a9a2bd5c1
DEV: Report the missing uploads count
2018-11-19 12:06:46 +05:30
Sam
d1e3c213a7
Do not look up blank ips
...
No point attempting any kind of lookup on blank ip addresses
this simply adds log noise
Also ... freeze strings
2018-11-19 15:50:21 +11:00
Kyle Zhao
962fbd1ec7
include '/plugins/' directory for script-src and blob for worker-src
...
- plugins may include additional static JS assets
- ACE.js editor register a service worker with a blob for syntax
checking
2018-11-16 16:31:01 -05:00
Guo Xiang Tan
45f299dfdd
PERF: Try to match users before groups.
...
User mentions are more common than group mentions so
this will allow us to avoid an extra query.
2018-11-16 16:41:20 +08:00
Guo Xiang Tan
0ac5126a78
FIX: Clear uploads cache on `SiteSetting.refresh!`.
...
This fixes a bug where the return value of uploads site settings
may defer between processes even though we trigger a refresh via
MessageBus.
2018-11-16 11:02:51 +08:00
Kyle Zhao
6fba8b8aef
CSP: include `worker_src`
...
`worker_src` fallbacks to `script_src`, but #6611 made `script_src` too
restrict to include the service worker.
2018-11-15 13:57:15 -05:00
Kyle Zhao
055d59373a
CSP: drop 'self' in `script-src` ( #6611 )
2018-11-15 12:14:16 -05:00
Maja Komel
fc95f772bc
FIX: avoid using absolute positioning for box category style in emails ( #6607 )
2018-11-15 14:35:50 +01:00
Joffrey JAFFEUX
c52e68a0c8
FIX: better handling of missing welcome topic in wizard ( #6606 )
2018-11-15 12:20:48 +01:00
Guo Xiang Tan
a895626d10
DB based S3 settings fixes for `s3:upload_assets`.
2018-11-15 15:48:40 +08:00
Guo Xiang Tan
68b640f6a9
Allow `s3:upload_assets` to use site settings from DB take 2.
2018-11-15 15:10:39 +08:00
Guo Xiang Tan
c56d682f45
Allow `s3:upload_assets` to use site settings from DB.
2018-11-15 15:06:19 +08:00
Sam
e7001f879a
SECURITY: enforce hostname to match discourse hostname
...
This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname
2018-11-15 15:23:06 +11:00
Bianca Nenciu
b6576d9473
FEATURE: Add new setting to force user edit last post. ( #6571 )
2018-11-14 15:48:16 +01:00
Penar Musaraj
f6fb079129
Disable wizard invites step when local_logins are turned off
2018-11-14 13:05:32 +01:00
Guo Xiang Tan
861b52b6f3
Fix the build take 2.
2018-11-14 18:07:04 +08:00
Guo Xiang Tan
2220345a8b
Fix the build.
2018-11-14 17:32:32 +08:00
Guo Xiang Tan
72370b9c36
Add deprecation warnings for url based site settings.
2018-11-14 16:09:26 +08:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. ( #6573 )
2018-11-14 15:03:02 +08:00
Rishabh
4a12cfaecb
Remove trailing whitespace for Rubocop
2018-11-13 17:19:26 +05:30
Brian Helba
ea94323766
FIX: 'migrate_from_s3' rake task should respect max sizes ( #6598 )
...
Rather than hardcode a maximum size of 20MB for uploads migrated from S3, the task should use site settings for this value.
2018-11-13 12:27:38 +01:00
Kyle Zhao
3493ea85cc
remove Logster from CSP whitelist ( #6593 )
...
Logster 1.3 no longer has inline JS and is now CSP compliant
2018-11-13 09:55:57 +11:00
Penar Musaraj
4f81bb8303
Disallow revision edits with empty raw content
2018-11-12 15:28:38 -05:00
Vinoth Kannan
44d95ad5ab
FIX: Cache url data for failed inline oneboxes
2018-11-13 01:44:20 +05:30
Régis Hanol
182b34243d
FIX: opts is a hash in 'log_on_user'
...
cc @nbianca
2018-11-12 16:00:12 +01:00
Bianca Nenciu
5af9a69a3b
FIX: Do not check for suspicious login when impersonating. ( #6534 )
...
* FIX: Do not check for suspicious login when impersonating.
* DEV: Add 'impersonate' parameter to log_on_user.
2018-11-12 15:34:12 +01:00
Gerhard Schlager
7c4d4331bc
FEATURE: Better handling of quotation marks in site text search
...
It also matches 3 dots with the ellipsis symbol.
2018-11-12 13:26:41 +01:00
Sam
e17a13ce19
FEATURE: additional "related messages" section
...
This splits out previous message correspondence from suggeted and instead
has a dedicated section called "related messages"
2018-11-12 13:04:42 +11:00
Régis Hanol
6b51d84dc5
FIX: Don't enqueue topics if the user can't create them
...
Co-authored-by: Vinoth Kannan <vinothkannan@vinkas.com>
2018-11-09 18:24:28 +01:00
Sam
bc7c1e411c
DEV: Ruby 2.5.1 is no longer supported with Discourse
...
This removes a monkey patch we no longer need since our containers require
2.5.2 or up for all Discourse installs.
If you are looking to deploy on 2.5.1 which is highly not recommended you
will need to figure out how to apply this diff.
2018-11-09 18:24:58 +11:00
Sam
7d52f5869d
Revert "FIX: Don't enqueue topics if the user can't create them"
...
This reverts commit 515e103db6
.
2018-11-09 15:25:38 +11:00
Vinoth Kannan
515e103db6
FIX: Don't enqueue topics if the user can't create them
2018-11-09 06:10:23 +05:30
Gerhard Schlager
24e5be3f0c
FIX: Relative links in translations should work with subfolder
2018-11-08 23:31:05 +00:00
Guo Xiang Tan
14ff47f6f1
Fix typo.
2018-11-08 16:42:12 +08:00
Guo Xiang Tan
7290145641
PERF: Speed up `migrate_to_s3` rake task.
...
* Prioritizes non-image uploads
* Does one remap per upload instead of 3 remaps previously
* Every 100 uploads migrated, do 2 remaps which fixes broken
URLs
* Exclude email_logs table from remap
2018-11-08 16:39:56 +08:00
Guo Xiang Tan
57f92ac808
Revert "Swtich to regexp for `DbHelper.remap`."
...
Regexp is so much slower.
This reverts commit c3f89e3cd7
.
2018-11-08 14:20:09 +08:00
Guo Xiang Tan
c3f89e3cd7
Swtich to regexp for `DbHelper.remap`.
2018-11-08 14:08:38 +08:00
Sam
42572ff138
Revert font awesome 5 changes
...
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Guo Xiang Tan
0232a3b5e5
PERF: Exclude tables when remapping in `migrate_to_s3` rake task.
2018-11-08 12:37:36 +08:00
Guo Xiang Tan
9737938a4a
Add option to skip tabels when using `DbHelper.remap`.
2018-11-08 12:29:37 +08:00
Penar Musaraj
09dc922b3b
Fix several FontAwesome 5 issues
...
add missing icons, update SvgSprite methods (to fix ruby 2.4 issues), update whisper icon in composer, fix alignment issues
2018-11-07 22:20:53 -05:00
Guo Xiang Tan
3365753bd0
PERF: Reduce number of database queries for `DbHelper.remap`
...
* Cuts number of queries from 273 to 89
* Add some specs
* For a table with 500 posts, benchmarks locally shows a runtime
reduction from 0.046929135 to 0.032694705.
2018-11-08 10:54:39 +08:00
Penar Musaraj
9a34c6153e
Fix small issues with FA5 icons
2018-11-07 16:39:04 -05:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs ( #6557 )
...
* First take on subsetting svg icons
* FontAwesome 5 svg subset WIP
* Include icons from plugins/badges into svg sprite subset
* add svg icon support to themes
* Add spec for SvgSprite
* Misc. SVG icon fixes
* Use FA5 svgs in local-dates plugin
* CSS adjustments, fix SVG icons in group flair
* Use SVG icons in poll plugin
* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Gerhard Schlager
555f467727
DEV: Add less confusing aliases for base_uri and base_url_no_prefix
2018-11-07 11:33:52 +01:00
Guo Xiang Tan
dfc0519cd3
Remove deprecation notice for old site settings.
2018-11-07 14:36:59 +08:00
Sam
0a442e319c
FIX: correct svg handling for images
...
We regressed and optimized images no longer worked with svg
The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
2018-11-07 15:29:26 +11:00
Bianca Nenciu
2070edf889
FIX: Clarify User.group_locked_trust_level.
...
* Rename User.group_locked_trust_level to User.group_granted_trust_level.
* Remove the column from users table.
2018-11-07 10:27:44 +08:00
Sam
06b9d8223a
FIX: search within topic not working correctly in CJK
...
We were splitting the term prior to search causing everything to miss
2018-11-07 09:41:55 +11:00
Robin Ward
71460fc203
PERF: Use mini_sql for the query
...
On sites with many flages, it could take quite a long time for
ActiveRecord to return all the joined data.
It's now 3 queries instead of one, but significantly faster, especially
if you have a minimum threshold set.
2018-11-05 14:44:27 -05:00
Jeff Atwood
afbdf9c2d2
Merge pull request #6558 from pmusaraj/disallow-flagging-deleted-post
...
FIX: disable flagging hidden posts
2018-11-05 11:05:32 -08:00
Penar Musaraj
7b3432f711
Enforce disabling flagging hidden posts server-side
2018-11-05 10:00:59 -05:00
Bianca Nenciu
5fc09a6467
DEV: Fix build.
2018-11-05 14:16:03 +02:00
David Taylor
1acbf8262b
Version bump to v2.2.0.beta4
2018-11-05 11:16:58 +00:00
David Taylor
a84b6b6b0c
SECURITY: Add CSRF protections to OpenID callback
2018-11-05 11:16:57 +00:00
Maja Komel
1ac3e5473a
FIX: don't strip eml attachments from received emails
2018-11-05 09:35:22 +01:00
Bianca Nenciu
ab02b9a5d8
FIX: Use 'require' for dependencies. ( #6552 )
2018-11-02 09:16:45 +11:00
Robin Ward
ec91450aae
FEATURE: Track how many user flags are agreed/disagreed/ignored
...
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
Sam
23423ba112
correct spec and error reporting
...
previous commit misused warn_exception which caused a spec to fail
2018-10-31 13:38:05 +11:00
Sam
31ad7a60ab
FIX: improve error handling for missing maxmind dbs
...
Correct issue where we kept on looking up data on a Logster::Message object
2018-10-31 12:57:18 +11:00
Sam
32b1f34910
PERF: avoid DNS lookups when getting IP info
...
Also cleans up interface in DiscourseIpInfo
grew cache to 2000 entries
2018-10-31 12:38:57 +11:00
Bianca Nenciu
e1e392f15b
DEV: Use DiscourseIpInfo for all IP queries. ( #6482 )
...
* DEV: Use DiscourseIpInfo for all IP queries.
* UX: Use latitude and longitude for more precision.
2018-10-30 22:08:57 +00:00
Sam
5c86e2d749
tweaks to related message list generation
...
- exclude users in groups I am in from related message search
- correctly limit number of related messages
2018-10-29 16:09:58 +11:00
Sam
9933059426
FEATURE: push related PMs to take first 3 slots
...
Previously the related PMs were last meaning you would have to work through
all unread to see them.
Also amends it so it either asks for related by group OR user not both.
2018-10-29 10:47:59 +11:00
Régis Hanol
d17c8df926
Only check for suspicious login for staff members
2018-10-26 00:29:28 +02:00
Régis Hanol
306d77b54f
FIX: don't use srcset on cropped thumbnails
2018-10-25 16:08:10 +02:00
David Taylor
56e0f47bcd
FIX: Do not update `last_seen` for API access
...
This regressed in 2dc3a50
. I have now added tests for the behavior.
2018-10-25 13:38:57 +01:00
Bianca Nenciu
effbef7d0b
UX: Use user locale for locations. ( #6527 )
...
* UX: Use user locale for locations.
* DEV: Added MaxMindDB test data and fixed test.
2018-10-25 10:54:01 +00:00
Bianca Nenciu
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Régis Hanol
addf6f6d17
FIX: support comma in 'sso_provider_secrets' site setting
2018-10-24 21:23:18 +02:00
Sam
e955a7b49d
Revert "Revert "FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder ( #6523 )""
...
This reverts commit 322b27b6dc
.
Oops rushed on the revert here... should be good
2018-10-24 15:14:01 +11:00
Sam
322b27b6dc
Revert "FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder ( #6523 )"
...
This reverts commit 63356d883e
.
This caused an outage, got to revert
2018-10-24 15:03:58 +11:00
Kyle Zhao
63356d883e
FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder ( #6523 )
2018-10-24 14:34:10 +11:00
Daniel Hollas
cee51672c9
FIX: Strip accents from search query
...
4481836
introduced accent stipping in search_indexer,
but we need to strip it from the query itself as well
TODO in search with diacritics:
- Still need to fix excerpts on search page
- need to support accent stripping in in_topic search
- need to make sure that in:title works correctly
- need to fix "word boldening" in titles
2018-10-23 12:10:33 +11:00
David Taylor
bafe3cd99a
Revert "DEV: Lint official plugins in CI ( #6519 )"
...
This reverts commit 093cab2db0
.
2018-10-22 22:30:33 +01:00
David Taylor
093cab2db0
DEV: Lint official plugins in CI ( #6519 )
2018-10-22 21:28:38 +01:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy ( #6514 )
...
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Bianca Nenciu
99b43f281b
FIX: Fix browser detection for Microsoft Edge. ( #6516 )
...
cool!
2018-10-22 23:15:41 +11:00
Arpit Jalan
597d4863d6
fix the build
2018-10-22 15:09:25 +05:30
Arpit Jalan
ce0a51665e
FIX: count emoji shortcuts in topic title
...
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
2018-10-22 13:44:05 +05:30
Kyle Zhao
dca830cb73
Revert "FEATURE: [Experimental] Content Security Policy ( #6504 )"
...
This reverts commit fb8231077a
.
2018-10-19 11:53:29 -04:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy ( #6504 )
2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f
FEATURE: Add Wiki Editor badge. ( #6511 )
2018-10-19 15:30:27 +02:00
Gerhard Schlager
341836eb42
Fix the rake task and importer instead
2018-10-17 16:48:09 +02:00
Gerhard Schlager
ee18d9ace0
FIX: mbox importer and rake task were broken
2018-10-17 16:34:18 +02:00
David Taylor
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display ( #6499 )
...
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
Matt Palmer
b1d7582abe
Run specs on discourse-prometheus-alert-receiver
...
Sam wants to watch the world burn.
2018-10-17 15:32:57 +11:00
Matt Palmer
f367eebb10
Override problematic .gemrc setting
2018-10-17 15:31:58 +11:00
Penar Musaraj
b06dccac49
FIX: force enable a user's email_private_messages option when user replies via email ( #6478 )
...
* Enable user email PM when posting to group or replying to topic via email
* remove extra line
* Add test and fix snake_case
* Only reenable email_private_messages for PM replies
2018-10-16 10:51:57 +11:00
Bianca Nenciu
c68a456baa
FIX: Do not award badges for links in restricted categories. ( #6492 )
2018-10-16 10:38:59 +11:00
Vinoth Kannan
4c2331260e
run specs on discourse-calendar plugin
2018-10-16 01:26:24 +05:30
Neil Lalonde
d166c38ab7
REFACTOR: distributed_cache is moved to the message_bus gem
2018-10-15 15:01:45 -04:00
Maja Komel
c104256991
FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility
2018-10-15 16:18:29 +02:00
Arpit Jalan
d76658ff8c
FEATURE: new rake task to anonymize all users
2018-10-15 16:19:25 +05:30
Guo Xiang Tan
8fa59f0548
FIX: Can't clean a tag if the given string is frozen.
2018-10-15 14:48:45 +08:00
Maja Komel
27e732a58d
FEATURE: allow multiple secrets for Discourse SSO provider
...
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.
This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Bianca Nenciu
d408073fc2
DEV: Update official plugins list
...
canned replies is now named discourse-canned-replies which keeps our naming consistent
2018-10-15 13:53:21 +11:00
Guo Xiang Tan
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
.
2018-10-15 09:43:31 +08:00
Joshua Rosenfeld
fd58ca1903
remove manually mapping of discourse-logster-rate-limit-checker, repo renamed to match
2018-10-12 15:56:23 -04:00
Joshua Rosenfeld
43a7b08a48
don't run specs on prometheus-alert-receiver for now either
2018-10-12 12:20:49 -04:00
Joshua Rosenfeld
ca71815bb2
don't run specs on calendar for now
2018-10-12 12:12:21 -04:00
Neil Lalonde
d19fb61f10
Version bump to v2.2.0.beta3
2018-10-12 10:55:45 -04:00
Joshua Rosenfeld
9d4916012a
manually map discourse-perspective too
2018-10-12 10:32:07 -04:00
Joshua Rosenfeld
2cb176f1ed
manually map discourse-logster-rate-limit-checker
...
also remove obsolete plugins
2018-10-12 10:27:24 -04:00
Joshua Rosenfeld
aba4dec27f
Update official plugin list
...
* Remove duplicate entry
* Add missing plugins
* Update list for new names
2018-10-12 10:12:31 -04:00
Sam
057087e0e8
FEATURE: log long running jobs in the defer queue
...
If a job in the defer queue takes longer than 90 seconds log an error
2018-10-12 17:03:47 +11:00
Sam
a1c912b630
Return 400 instead of 404 for bad token
2018-10-12 10:51:41 +11:00
Bianca Nenciu
048cdfbcfa
FIX: Do not allow revoking the token of current session. ( #6472 )
...
* FIX: Do not allow revoking the token of current session.
* DEV: Add getter of current auth_token from Guardian.
2018-10-12 10:40:48 +11:00
Gerhard Schlager
7a41a783a4
FIX: Don't reply to Unsubscribe email sent to mailing list mirror
2018-10-11 16:09:22 +02:00
Chris Butler
ddbed82bca
Exit with an error if there are errors with settings import ( #6475 )
...
If the site_settings import has any errors or settings that are not found, this
will cause the task to exit with a non-zero exit code.
This is useful when using this task as part of automated configuration deployment,
where you may not want to continue with the process if a setting fails to
import.
2018-10-11 15:57:57 +08:00
Guo Xiang Tan
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
.
We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Guo Xiang Tan
c92bda95e1
Fix the build.
2018-10-11 10:45:01 +08:00
Gerhard Schlager
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
Guo Xiang Tan
5039a6c3f1
FIX: Strip null bytes in mail subjects.
2018-10-11 09:46:32 +08:00
Vinoth Kannan
59be289084
FIX: Do not add lightbox to onebox images ( #6479 )
2018-10-11 08:57:21 +11:00
Robin Ward
a566ed42ae
FEATURE: Option to disable user presence and profile
...
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Bianca Nenciu
4e0533a20b
FIX: Generate Onebox for posts of type moderator_action. ( #6466 )
2018-10-10 18:39:03 +08:00
Guo Xiang Tan
918633aa12
FIX: `upload:migrate_to_s3` rake task not remapping properly.
2018-10-10 15:09:21 +08:00
Sam
45f01e637b
FIX: when associating Github account disassociate others
...
There are some cases where an email floats from one GitHub account to another
if this happens just take over the Github mapping record
2018-10-10 15:46:50 +11:00
Guo Xiang Tan
f26804394a
DEV: Remove the use of stubs on `Rails.logger` in our test suite.
2018-10-10 09:34:50 +08:00
Sam
9b01e2b855
FIX: maxmind download task does not need environment
2018-10-10 11:16:28 +11:00
Bianca Nenciu
1d26a473e7
FEATURE: Show "Recently used devices" in user preferences ( #6335 )
...
* FEATURE: Added MaxMindDb to resolve IP information.
* FEATURE: Added browser detection based on user agent.
* FEATURE: Added recently used devices in user preferences.
* DEV: Added acceptance test for recently used devices.
* UX: Do not show 'Show more' button if there aren't more tokens.
* DEV: Fix unit tests.
* DEV: Make changes after code review.
* Add more detailed unit tests.
* Improve logging messages.
* Minor coding style fixes.
* DEV: Use DropdownSelectBoxComponent and run Prettier.
* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Bianca Nenciu
1fb1f4c790
FIX: Make error in Discourse Hub more descriptive. ( #6438 )
2018-10-09 22:05:31 +08:00
Erin Kosewic
51aba32651
FEATURE: add branch option to remote theme import
...
* FEATURE: add branch option to remote theme import
* FIX: Add missing variable in params
* FIX: Add missing param for import_theme method
* SPEC: Add test methods for branch support in git import
* FIX: Add missing space to scss style
* Do not assume default branch as master
* Change branch field placeholder
* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
Guo Xiang Tan
1c9b5e75e7
DEV: Support post deployment migrations for plugins.
2018-10-09 13:11:45 +08:00
Kyle Zhao
8b2a379e4e
DEV: transpile certain ES6 files without producing a module ( #6460 )
...
`.js.no-module.es6` files will be transpiled without producing a module.
import/export statements are deliberately not supported, so one would still need to use
`const module = require('moduleName').default.`
2018-10-09 09:18:23 +08:00
Gerhard Schlager
4881fb028f
FIX: allow_uppercase_posts didn't work for topic titles
2018-10-08 23:50:06 +02:00
Guo Xiang Tan
40fa96777d
FEATURE: Post deployment migrations. ( #6406 )
...
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.
The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.
```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```
To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
Kyle Zhao
9bbc1ae7b2
FIX: raise if staged user creation failed ( #6461 )
2018-10-08 15:45:23 +08:00
Arpit Jalan
c0bb04d89d
FIX: convert tag string to array when filtering topic list by tags
2018-10-08 08:56:25 +05:30
Penar Musaraj
26956bbe1a
FIX: Safari issue with some emojis ( #6456 )
...
https://meta.discourse.org/t/emojis-selected-on-ios-displaying-additional-rectangles/86132/8
2018-10-08 10:32:25 +08:00
Vinoth Kannan
4000dddd32
Merge pull request #6458 from vinothkannans/fix-giphy
...
FIX: Display large/broken image placeholders for image oneboxes
2018-10-07 18:08:54 +05:30
Vinoth Kannan
c499872597
FIX: Display large/broken image placeholders for image oneboxes
2018-10-07 17:42:41 +05:30
David Taylor
9bf522f227
FEATURE: Mixed case tagging ( #6454 )
...
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.
- If force_lowercase_tags is disabled, then mixed case tags are allowed.
- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.
- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.
- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.
- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Vinoth Kannan
8430ea927e
FIX: Generate webhook payloads before destroy events ( #6325 )
2018-10-05 16:53:59 +08:00
Sam
5b630f3188
FIX: stop logging every time invalid params are sent
...
Previously we were logging warning for invalid encoded params, this can
cause a log flood
2018-10-05 14:33:19 +10:00
Guo Xiang Tan
77c293f82d
Prefer `Process.clock_gettime` over `Time.now`.
2018-10-05 10:25:52 +08:00
Maja Komel
361ad7ed2b
FEATURE: add indication if incoming email attachment was rejected and inform sender about it ( #6376 )
...
* FEATURE: add indication if incoming email attachment was rejected and inform sender about it
* include errors for rejected attachments in email
* don't send warning email to staged users
* use user object instead of user_id in add_attachments method
2018-10-04 22:08:28 +08:00
Rishabh Nambiar
943f017a17
Mark discourse-perspective-api as an official plugin
2018-10-04 14:34:22 +05:30
Lucas Nicodemus
1907338834
FIX: No longer educate users who are editing
...
A user editing a post will no longer get composer messages that are
meant for new users posting replies and threads. These messages don't
make sense in an edit context at all -- they're usually discussing
making salient replies or topics, or adding avatars. They make even less
sense when a user is an admin attempting to change the default topics
for the first time.
Since these messages actually do make sense for a user when they have a
low post count, though, they're still going to occur. They just occur
when a user is creating new content (and thus, more likely to read the
notice), not during edits.
This is in response to this issue:
https://meta.discourse.org/t/education-message-for-editing-wiki-topic/66682
2018-10-04 13:20:13 +08:00
Jeff Wong
632ca42db9
FIX: edit checks for editing posts with no topic
2018-10-03 18:34:47 -07:00
Penar Musaraj
dc8a16b43b
Use Yarn to manage dependencies, cleanup unused bootstrap libs ( #6436 )
2018-10-03 10:15:43 -04:00
Guo Xiang Tan
13dde44c72
FIX: Limit concurrent `assets:precompile` to number of available cores.
2018-10-03 16:46:21 +08:00
Sam
eba3117e08
Missed one spot where url needed cooking
2018-10-03 15:06:37 +10:00
Sam
ad0e768742
FEATURE: add support for responsive images in posts
...
When creating lightboxes we will attempt to create 1.5x and 2x thumbnails
for retina screens, this can be controlled with a new hidden site setting
called responsice_post_image_sizes, if you wish to create 3x images run
SiteSetting.responsive_post_image_sizes = "1|1.5|2|3"
The default should be good for most of the setups as it balances filesize
with quality. 3x thumbs can get big.
2018-10-03 13:44:53 +10:00
Penar Musaraj
34516c72bd
FIX: Recover public actions (likes) when recovering a post ( #6412 )
2018-10-02 11:25:08 -04:00
Guo Xiang Tan
3b1e13e4ab
Remove unecessary code.
2018-10-02 15:24:12 +08:00
Bianca Nenciu
e0d7cdac12
UX: Improve error messages for minimum and maximum username lengths.
2018-10-02 13:10:20 +08:00
Penar Musaraj
da9eee5262
FIX: Force enable user PM emails option when user posts to a group by email.
2018-10-02 12:38:10 +08:00
Gerhard Schlager
e2770bc1c4
FIX: async reload of locales could result in missing translations
2018-10-01 17:14:36 +02:00
Guo Xiang Tan
ac52d8d3c7
Fix `UploadRecovery` from S3 fails with bucket name containing sub-folder.
2018-10-01 19:03:02 +08:00
Guo Xiang Tan
a3dbe3685e
Fix the build.
2018-10-01 16:42:38 +08:00
Guo Xiang Tan
de85bb0a39
FIX: Don't update user_profile URLs unless upload is persisted.
2018-10-01 14:21:39 +08:00
Guo Xiang Tan
e262a08350
Add `UploadRecovery#recover_user_profile_backgrounds`.
2018-10-01 10:51:54 +08:00
Penar Musaraj
70d74f8fc1
FIX: advanced search ordering broken when using tags
2018-09-28 17:27:08 +08:00
Bianca Nenciu
5407036ef9
DEV: Run prettier. ( #6420 )
2018-09-21 11:02:23 +00:00
Arpit Jalan
2e02a28ab4
FIX: do not revise post if post revision is not present
2018-09-21 14:08:58 +05:30
Kyle Zhao
4bb980b9f7
FEATURE: do not allow moderators to export user list ( #6418 )
2018-09-21 09:07:13 +08:00
Guo Xiang Tan
1a64b3a487
FIX: Don't try to recover an invalid sha1.
2018-09-20 14:21:57 +08:00
Sam
df45e82377
SECURITY: only allow picking of avatars created by self ( #6417 )
...
* SECURITY: only allow picking of avatars created by self
Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
Sam
e0be5145cf
FIX: correct readonly timeout
...
So it only applies in readonly mode
2018-09-20 15:15:46 +10:00
Jeff Wong
d5442fbf08
FIX: do not send tl1 welcome message when a user has the basic user badge
2018-09-19 12:53:36 -07:00
Gerhard Schlager
469a2c36ed
FIX: Always unpause Sidekiq after backup and restore
...
* Logs exceptions during the cleanup phase, but doesn't stop executing subsequent cleanup tasks.
* Notifies the user at the end of the cleanup phase, so that the log contains possible errors during that phase.
2018-09-19 20:35:43 +02:00
Guo Xiang Tan
293cf600f0
FIX: Use a tmp file in `UploadRecovery` for local store.
2018-09-19 15:47:15 +08:00
Sam
e0e6dae6a7
minor cleanup to previous commit from code review
2018-09-19 16:07:29 +10:00
Sam
5302709343
FIX: in redis readonly raise an exception from DistributedMutex
...
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller
When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb
In redis readonly no thumbnails will be generated
2018-09-19 15:50:58 +10:00
Guo Xiang Tan
bc7f58191e
FIX: `UploadRecovery` should look at links too.
2018-09-19 11:52:57 +08:00
Guo Xiang Tan
4a92c5b2d6
`UploadRecovery` should recover attachments too.
2018-09-19 10:44:36 +08:00
Guo Xiang Tan
5a9b029014
Improve error messaging in `SocketServer`.
2018-09-19 09:11:10 +08:00
Arpit Jalan
fadcd36f92
FIX: do not treat ignore_redirects domains as blacklisted
...
This fix prevents domains present in `ignore_redirects` to be treated as
blacklisted domains and makes sure that onboxing happens for those domains.
Issue reported here: https://meta.discourse.org/t/steam-store-oneboxing-no-longer-works/97266
2018-09-18 10:38:02 +05:30
Guo Xiang Tan
ce6a0a5e9e
FIX: Moving upload to tombstone should update modification time.
...
A upload created a long time ago will be nuked from the tombstone
immediately if it gets deleted.
2018-09-18 10:48:29 +08:00
Sam
0e9841b995
SECURITY: remove admin memory diagnostics routes
2018-09-18 08:35:09 +10:00
Régis Hanol
4481836de2
FEATURE: new 'search_ignore_accents' site setting
2018-09-17 10:42:30 +02:00
Guo Xiang Tan
b71af05d62
Backward compatibility for dropping functions in `ColumnDropper`.
...
https://meta.discourse.org/t/launcher-rebuild-error-pg-error-schema-discourse-functions-does-not-exist/96209
2018-09-17 14:46:05 +08:00
Rishabh
4f46aa1ba3
FEATURE: Add SiteSetting for s3_configure_tombstone_policy
...
Add SiteSetting for s3_configure_tombstone_policy, skip policy generation if turned off (default on)
2018-09-17 10:57:50 +10:00
OsamaSayegh
c7d81e2682
FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard
2018-09-17 09:49:53 +10:00
Neil Lalonde
526ffc4966
FIX: error in response body to blocked crawlers, showing 500 Internal Server Error with status of 403
2018-09-14 15:40:20 -04:00
Neil Lalonde
b87a089822
FIX: don't block api requests when whitelisted_crawler_user_agents is set
2018-09-14 15:40:20 -04:00
Neil Lalonde
81dc36ba16
Version bump to v2.2.0.beta2
2018-09-14 11:43:35 -04:00
Guo Xiang Tan
f2363650c9
Merge pull request #6395 from discourse/plugin-migrations
...
DEV: apply plugin migrations when testing in Travis and Docker
2018-09-13 06:51:30 -07:00
David Taylor
b8c0e77908
DEV: apply plugin migrations when testing in Travis and Docker
...
In `RAILS_ENV=test`, plugins are not loaded by default. Therefore we need to explicitly specify `LOAD_PLUGINS=1` when we want to apply plugin migrations.
2018-09-13 12:39:54 +01:00
Guo Xiang Tan
529e4018f0
DEV: Avoid using `send` and make the method public instead.
2018-09-13 16:34:32 +08:00
Guo Xiang Tan
0a06b3d977
Accept custom AR relation for `UploadRecovery`.
2018-09-13 16:33:14 +08:00
Guo Xiang Tan
6c65718301
Include response body when raising an error in `FileHelper#download`.
2018-09-13 15:43:58 +08:00
Guo Xiang Tan
5eb65ad612
FIX: Do not try to recover invalid `Upload#short_url` in `UploadRecovery`.
2018-09-13 13:59:17 +08:00
Guo Xiang Tan
d99dd840e4
Add basic test case for `UploadRecovery`.
2018-09-13 13:26:23 +08:00
Guo Xiang Tan
a3b3b0810d
Rescue errors when running dry run for `UploadRecovery`.
2018-09-13 11:57:51 +08:00
Guo Xiang Tan
4dc25ad201
Fix s3 recovery from tombstone in `UploadRecovery`.
2018-09-13 09:19:45 +08:00
David Taylor
9461c99210
DEV: Add travis_fold to termination stage
2018-09-12 18:59:48 +01:00
David Taylor
26bd67a865
DEV: Add travis_fold statements to docker_test
2018-09-12 17:52:58 +01:00
Guo Xiang Tan
24c55bd613
Add dry run option to `UploadRecovery`.
2018-09-12 21:53:01 +08:00
Guo Xiang Tan
2cc48cfd06
Fix incorrect variable.
2018-09-12 02:06:14 -07:00
Guo Xiang Tan
c053f8ccf6
New rake task `uploads:recover`.
2018-09-12 01:52:30 -07:00
Guo Xiang Tan
6d01e0aa04
DEV: Print the error class in `uploads:list_posts_with_broken_images`.
2018-09-12 01:06:51 -07:00
Guo Xiang Tan
71185c13b5
Merge pull request #6377 from tgxworld/remove_tif_tiff
...
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
2018-09-12 09:32:32 +08:00
Guo Xiang Tan
71caf7521d
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
...
https://meta.discourse.org/t/cr2-raw-files-are-being-treated-as-tiff-files/96775/3?u=tgxworld
2018-09-12 09:29:54 +08:00
Guo Xiang Tan
e1b16e445e
Rename `FileHelper.is_image?` -> `FileHelper.is_supported_image?`.
2018-09-12 09:22:28 +08:00
Guo Xiang Tan
d59e635a77
Rename `FileHelper.images` to `FileHelper.supported_images`.
2018-09-12 09:22:28 +08:00
Kyle Zhao
f1cb431968
FIX: rescue ActiveRecord::RecordInvalid in find_or_create_by_safe! ( #6385 )
...
AR uniqueness validation could raise ActiveRecord::RecordInvalid
2018-09-12 11:03:12 +10:00
Gerhard Schlager
1a01385e88
FIX: "false" didn't work as locale_default
2018-09-11 13:42:10 +02:00
Neil Lalonde
b3b9ac3b19
Version bump to v2.2.0.beta1
2018-09-10 19:43:15 -04:00
Rishabh
80eace4268
Merge pull request #6383 from discourse/fix_username_suggester
...
FIX: don't raise an error on integer usernames in user_name_suggester
2018-09-11 00:30:29 +05:30
Rishabh Nambiar
81c87df18a
FIX: don't raise an error on integer usernames
2018-09-10 22:17:56 +05:30
Blake Erickson
1d41f3c3fb
Merge pull request #6380 from discourse/rake-destroy-sub-category
...
FIX: Allow `rake destroy:topics` to delete topics in sub-categories
2018-09-10 10:26:04 -06:00
Guo Xiang Tan
94ff428571
Pass the right value to rake task.
2018-09-10 20:07:28 +08:00
David Taylor
84fc7abb73
FIX: Allow `rake destroy:topics` to delete topics in sub-categories
2018-09-10 12:52:14 +01:00
Guo Xiang Tan
4a966c639d
DEV: Update `uploads:list_posts_with_broken_images` to recover from tombstone.
2018-09-10 17:01:41 +08:00
Guo Xiang Tan
df04e69cde
FIX: `S3Helper#list` creates incorrect prefix.
2018-09-10 16:34:40 +08:00
Guo Xiang Tan
68572b8afc
Print error messages on why upload fails to save.
2018-09-10 16:02:13 +08:00
Guo Xiang Tan
0aca80e92a
Fixes to `uploads:list_posts_with_broken_images`.
2018-09-10 15:16:29 +08:00
Guo Xiang Tan
8496537590
Add `RECOVER_FROM_S3` to `uploads:list_posts_with_broken_images` rake task.
2018-09-10 15:14:30 +08:00
Joshua Rosenfeld
afaa722c32
sort official plugin list, remove duplicate entry
...
`discourse-sitemap` was listed twice, sorted list to help avoid duplication
2018-09-09 13:41:26 -04:00
Sam
879067d000
FIX: check admin theme cookie against user selectable
...
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable
this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
Gerhard Schlager
3dea48f1d9
Resetting miniracer context results in segfault
2018-09-07 00:19:23 +02:00
Gerhard Schlager
f13c34aaed
Adds a check for invalid message formats to rake i18n:check
2018-09-06 17:27:17 +02:00
Gerhard Schlager
3c09026fe4
Minor improvements to rake i18n:check
2018-09-06 16:54:30 +02:00
Guo Xiang Tan
d4b05d7bc5
Always link post to uploads in post process.
...
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
Guo Xiang Tan
434035f167
FIX: Link post to uploads in `PostCreator`.
...
* This ensures that uploads are linked to their post on creation
instead of a background job which may be delayed if Sidekiq
is facing difficulties.
2018-09-06 11:18:11 +08:00
Gerhard Schlager
26082688d1
FIX: Zero is a valid value for the page parameter
2018-09-05 20:43:05 +02:00
Guo Xiang Tan
f3aef2cc83
FIX: Incorrect/missing extension in short_url fails to map to upload.
...
`Hash#invert` causes us to lose keys if the hash contains similar
values.
2018-09-05 21:48:58 +08:00
Guo Xiang Tan
72834f19ff
DEV: Add rake tasks to list posts with broken images.
2018-09-05 16:54:15 +08:00
Gerhard Schlager
f4956f79a5
Make Rubocop happy
2018-09-05 01:04:43 +02:00
Gerhard Schlager
6658a6601c
Remove unused rake task
2018-09-05 00:47:39 +02:00
Gerhard Schlager
0d8c72d8c4
DEV: Add rake task to check locale files for errors
2018-09-05 00:47:39 +02:00
Gerhard Schlager
b8fc699164
FIX: Detect {{foo}} as interpolation key
2018-09-05 00:47:39 +02:00
Vinoth Kannan
d8b543bb67
FIX: redirect to original URL after social signup
2018-09-05 01:44:23 +05:30
David Taylor
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
Guo Xiang Tan
d1af89e3b3
DEV: Extract global admin api rate limiting into a dedicated method.
...
* We have a use case for overriding the rate limiting logic in a
plugin.
2018-09-04 16:37:54 +08:00
Guo Xiang Tan
3b337bfc6b
Revert "FIX: Don't rate limit admin and staff constraints when matching routes."
...
This reverts commit 651b50b1a1
.
2018-09-04 14:27:21 +08:00
Guo Xiang Tan
651b50b1a1
FIX: Don't rate limit admin and staff constraints when matching routes.
...
* When an error is raised when checking route constraints, we
can only return true/false which either lets the request
through or return a 404 error. Therefore, we just skip
rate limiting here and let the controller handle the
rate limiting.
2018-09-04 13:52:58 +08:00
Guo Xiang Tan
08b268c5bc
Be more forceful in disconnecting connections during failover.
2018-09-04 10:32:43 +08:00
Guo Xiang Tan
8dc1463ab3
Enable `Lint/ShadowingOuterLocalVariable` for Rubocop.
2018-09-04 10:16:42 +08:00
Gerhard Schlager
eeedc3901e
FIX: Replying to deleted post via email should create new reply to topic
2018-09-03 23:06:40 +02:00
Vinoth Kannan
24a14af15a
FIX: Respect invalidate_oneboxes option for inline oneboxes
2018-09-03 22:33:43 +05:30
Gerhard Schlager
f33433bf9e
Validation of params should restrict to max int ( #6331 )
...
* FIX: Validation of params should restrict to max int
* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
Guo Xiang Tan
747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains
...
FIX: Ignore OneBox blacklisted domains.
2018-09-03 11:10:52 +08:00
Guo Xiang Tan
45f092a49d
Extract `badge_posts` view management logic into a service object.
...
* Avoid defininig a global constant and method.
Fixes https://github.com/discourse/discourse/pull/6318
2018-09-03 09:51:35 +08:00
Maja Komel
182d9a4666
FIX: escape regex chars when searching site texts
2018-09-02 17:25:57 +10:00
Osama Sayegh
60eff9421a
FIX: precompile `desktop_theme` and `mobile_theme` stylesheets
...
required for environments that pre stage docker images and keep old image running during the deploy
2018-08-31 21:23:55 +10:00
Sam
9b7cab589a
FIX: revert diacritic stripping
...
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
2018-08-31 11:46:55 +10:00
Vinoth Kannan
297e8aaf2e
FIX: Escape regex pattern variable before using it
2018-08-31 03:02:24 +05:30
Neil Lalonde
4b6381367e
add support for Excon connection options in hub requests
2018-08-30 15:57:11 -04:00
Neil Lalonde
415201e1b4
Version bump to v2.1.0.beta6
2018-08-30 10:53:20 -04:00