Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
33,701 Commits 178 Branches 498 Tags 916 MiB
Commit Graph

6774 Commits

Author SHA1 Message Date
Daniel Waterworth bc03c509ab FIX: CategoryUser#batch_set (#7787) 
* Remove unused method

* Prefabricate user in category_user_spec.rb

* FIX: Remove notification_level from category_users unique indexes

* FIX: CategoryUser#batch_set wasn't updating pre-existing records

* Improve tests for CategoryUser#batch_set

* FIX: changed was being reported incorrectly

* DEV: Rewrote query to do a bulk insert

* DEV: remove unnecessary parentheses
 2019-06-25 12:13:27 +10:00
Vinoth Kannan b1ca64487a FIX: multisite upload urls must have either db name or the word 'short-url'. 2019-06-25 01:19:58 +05:30
Bianca Nenciu b4df8c5466
PERF: Use Oj for serializing JSON. (#7780) 2019-06-24 18:32:00 +03:00
Penar Musaraj e51de4cc25
FEATURE: Add endpoint to individually update a theme setting (#7789) 
- also adds a new staff action type called "change theme setting" for easier logging of staff changes to theme settings
 2019-06-21 13:49:14 -04:00
Guo Xiang Tan 7c86f16aa3 FIX: Support carriage return in `InlineUploads`. 
Follow up to 8deaef3872.
 2019-06-21 14:07:06 +08:00
Guo Xiang Tan 8deaef3872 FIX: Don't replace img tags within anchor tags with markdown format. 
Follow up to 9a25b0d614.
 2019-06-21 12:32:02 +08:00
Penar Musaraj f51f37eddf FEATURE: apply a small penalty to closed topics when searching (#7782) 2019-06-21 12:03:45 +10:00
Guo Xiang Tan 9a25b0d614 FIX: Edge case with anchor tag in `InlineUploads`. 2019-06-21 09:55:56 +08:00
Vinoth Kannan 9f0574dcfd SPEC: Update webhook event attributes even when an error raised 
1e3cb7575d
 2019-06-21 00:45:35 +05:30
Robin Ward 0d84c5b894 FIX: If a user deletes a hidden post, it should not lose history 2019-06-20 12:38:16 -04:00
Guo Xiang Tan 53efb7bd24 FIX: BBcode edge case for `InlineUploads`. 2019-06-20 11:47:51 +08:00
Guo Xiang Tan 34f382b758 FIX: `InlineUploads` should replace attachment links with markdown text. 2019-06-19 11:15:02 +08:00
Guo Xiang Tan 73a45048a0 FIX: `Upload#short_url` generates incorrect URL when extension is `nil`. 2019-06-19 09:10:50 +08:00
Robin Ward e8b9f38374 FIX: Don't allow users to edit topic information when the OP is locked 
see:
https://meta.discourse.org/t/user-able-to-edit-title-of-locked-post/104826
 2019-06-18 14:22:38 -04:00
Jeff Wong 893b50031d
replace subfolder on cdn url conversion between general cdn and s3 (#7764) 
When both a cdn URL and an s3 cdn URL defined, subfolder paths were leaking
through to the s3 cdn URL. If we are replacing the cdn url with the s3_cdn url,
we also need to make sure that the subpath is removed as well, as it appears in
the original cdn url.

The test should give a fairly good gist of the situations - in subfolder
situations where s3_cdn and a cdn is defined:
`asset_path` returns the asset with a subfolder, in the form `{cdn_url}/{subfolder}/{asset_path}`

Currently this is being replaced to `{s3_cdn_url}/{subfolder}/{asset_path}`
I am proposing we change this to: `{s3_cdn_url}/{asset_path}` as it seems like
for s3_cdn urls we should not be carrying around app subfolder pathing anywhere
we are looking up s3 paths.
 2019-06-17 11:51:17 -07:00
David Taylor e6e47f2fb2 SECURITY: Add confirmation screen when logging in via user-api OTP 2019-06-17 16:18:44 +01:00
David Taylor 52387be4a4 SECURITY: Add confirmation screen when logging in via email link 2019-06-17 16:18:37 +01:00
David Taylor 5f6f707080 Revert "Merge pull request from GHSA-hv9p-jfm4-gpr9" 
This reverts commit b8340c6c8e.
 2019-06-17 16:17:10 +01:00
David Taylor b8340c6c8e
Merge pull request from GHSA-hv9p-jfm4-gpr9 
* SECURITY: Add confirmation screen when logging in via email link

* SECURITY: Add confirmation screen when logging in via user-api OTP

* FIX: Correct translation key in session controller specs

* FIX: Use .email-login class for page
 2019-06-17 15:59:41 +01:00
Arpit Jalan 863d8014d0 FIX: respond with 400 error on invalid redirect param 2019-06-17 16:44:30 +05:30
Sam Saffron 704c579550 FIX: do not allow unbound membership lookups 
Previously we would allow looking up membership limits in an unbound way
via the API, this introduces an upper limit of 1000 per page.
 2019-06-17 15:32:06 +10:00
Sam Saffron fe4f0a4369 FIX: staged users should not be included in TL groups 
staged users should not be included in any automatic groups cause for all
purposes they do not exist.
 2019-06-17 15:10:47 +10:00
Guo Xiang Tan 5d16d10a9e DEV: Fix edge case for `InlineUploads`. 2019-06-14 13:48:03 +08:00
Guo Xiang Tan befb074c98 DEV: `InlineUploads` should process CDN upload URLs as well. 2019-06-14 13:14:37 +08:00
Guo Xiang Tan 41abebcbce DEV: Support both `http` and `https` for `InlineUploads`. 2019-06-14 12:48:31 +08:00
Guo Xiang Tan c9db897777 FIX: Remove onebox src from `Jobs::PullHotlinkedImages`. 
The test that was added is incorrect because the post was not cooked.
 2019-06-14 09:21:25 +08:00
Vinoth Kannan 35d6fff69e PERF: use url instead of file key in temporary inventory table. 2019-06-13 22:03:58 +05:30
Guo Xiang Tan 7a0d031bc4 FIX: `InlineUploads` matching on external bbcode img url. 2019-06-13 13:47:36 +08:00
Guo Xiang Tan 782e583844 FIX: Edge cases with markdown references for `InlineUploads`. 2019-06-13 12:08:01 +08:00
Guo Xiang Tan 93c552afda FIX: `InlineUploads` does not correct urls with uppercase extension. 2019-06-13 11:19:33 +08:00
Maja Komel b4686934dd DEV: add spec for removed group bio 2019-06-12 18:03:29 +02:00
Arpit Jalan 7b66f8fb46 DEV: optimize bulk invite process 2019-06-12 16:33:19 +05:30
Guo Xiang Tan 641521896c FIX: Cover more edge cases in `InlineUploads`. 2019-06-12 17:06:58 +08:00
Sam Saffron 739696fdf0 DEV: improve spec to specify all code block formats 
Previously we only covered a few, this covers a few more formats.
 2019-06-12 18:34:30 +10:00
Sam Saffron 89c4332ac1 DEV: correct spec making bad assumptions 
bio_cooked is not meant to be touched directly, on save we "cook" the raw
bio.
 2019-06-12 16:31:50 +10:00
Guo Xiang Tan 73bf880f74 FIX: Correct more edge cases with `InlineUploads`. 2019-06-12 10:44:25 +08:00
Guo Xiang Tan ff48fbdfda FIX: `InlineUploads` raises an error when img tag is invalid. 2019-06-12 10:31:00 +08:00
Bianca Nenciu 934adb14d2
FIX: On tag change notify only users watching the tag. (#7707) 2019-06-11 18:06:54 +03:00
Vinoth Kannan 1881e895dc SPEC: correctly skips invalid upload urls 
788f995f30
 2019-06-11 20:15:40 +05:30
Vinoth Kannan 788f995f30 FIX: skip external urls which has upload url in query string. 
Add spec tests for post.each_upload_url method. e8fafbc123
 2019-06-11 19:55:02 +05:30
Arpit Jalan e2636f0ec7 FIX: handle array in redirect param 2019-06-11 17:49:09 +05:30
Guo Xiang Tan 40e67971f9 DEV: Add spec for `Email::Sender` for upload links in plain text emails. 2019-06-11 16:02:24 +08:00
Guo Xiang Tan fb0a655e8a FEATURE: Update pull hotlinked images to use `Upload#short_url`. 2019-06-11 15:17:29 +08:00
Guo Xiang Tan 42ab016856 FIX: Use markdown for images and attachments in `Email::Receiver`. 2019-06-11 14:49:46 +08:00
Guo Xiang Tan 9d0fba64c0 FIX: Use attachment format in user export system post take 2. 2019-06-11 12:15:11 +08:00
Guo Xiang Tan 06d974d55c FEATURE: Add base62 sha1 to cooked data attribute 
* FEATURE: Add base62 sha1 to data attribute in `Post#cooked`.

* FIX: Use `Upload#short_url` when quoting an image.
 2019-06-11 11:15:45 +10:00
Sam Saffron 7b17eb06da FEATURE: ban any SSO attempts with invalid external id 
We now treat any external_id of blank string (" " or "     " or "", etc) or a
invalid word (none, nil, blank, null) - case insensitive - as invalid.

In this case the client will see "please contact admin" the logs will explain
the reason clearly.
 2019-06-11 10:04:26 +10:00
Robin Ward ef37af5ab0 FIX: Broken spec 2019-06-10 11:50:48 -04:00
Robin Ward 8c4e16eafd FIX: In reply to would sometimes have a broken link 2019-06-10 11:33:10 -04:00
Guo Xiang Tan 799bd62803 DEV: Improve `PrettyText` spec to test for markdown image title attr. 2019-06-10 11:00:23 +08:00