Commit Graph

271 Commits

Author SHA1 Message Date
Matt Palmer c09f345cff Proxy letter avatars by default
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service.  This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).

It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png`.
2015-11-06 14:13:44 +11:00
Arpit Jalan a439500bac FIX: do not mark post as spam if the previous flag was disagreed 2015-10-17 01:30:53 +05:30
Arpit Jalan b60bceba36 fix the build 2015-10-14 19:20:30 +05:30
Régis Hanol fe656fb04d FIX: select appropriate period when redirecting to top 2015-09-21 20:28:20 +02:00
Sam 83efde79f0 specs to account for new default letter avatar location 2015-09-15 13:25:15 +10:00
Sam 262f561a87 FEATURE: relax username rules to allow - and . and leading _
This relaxes our very strict username rules to allow for some long asked for requests

- leading _ is now allowed
- . is allowed except for trailing char and confusing extensions like .gif .json
- dash (-) is now permitted
2015-09-02 12:13:44 +10:00
Régis Hanol bef80633b1 FEATURE: global admin override of most of the user preferences 2015-08-21 20:39:21 +02:00
Neil Lalonde 782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Sam Saffron feeb509a97 SECURITY: expire all existing email tokens on password reset 2015-06-06 03:50:06 +10:00
Sam Saffron 4171eb758c SECURITY: expire all existing sessions if user changes passwords 2015-06-06 03:09:19 +10:00
Régis Hanol acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Arpit Jalan 220b9c5abe FIX: match subdomain with email domain blacklist 2015-05-13 21:02:02 +05:30
Neil Lalonde 963ebf5963 FIX: if approving a user when must_approve_users is false, don't send an email 2015-05-04 15:30:25 -04:00
Robin Ward 151b559e4c FIX: If you delete a user, delete their queued posts as well. 2015-04-24 16:04:44 -04:00
Régis Hanol a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Sam Saffron 296add56e6 correct letter avatar template 2015-04-20 13:07:12 +10:00
Sam 5aa1272f05 clean up first day user definition and object model 2015-03-26 16:48:36 +11:00
Sam 9834d11503 Staff and TL2 up are immune to newuser checks and not considered new users 2015-03-26 16:04:46 +11:00
Régis Hanol 6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Régis Hanol e74b9ee5da FIX: should not count disagreed flags 2015-02-19 18:11:07 +01:00
Robin Ward 3ce2077aa8 Migrate unsubscribe keys to the database.
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
Arpit Jalan 6c410ed093 FIX: strip whitespaces from user email 2015-01-30 01:44:24 +05:30
Arpit Jalan 58f46137d6 FIX: allow developer emails to bypass email blacklist/whitelist restriction 2015-01-30 00:10:03 +05:30
Régis Hanol 256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
Jason W. May a2b284a0a4 table & model changes for group managers with permission to edit membership 2015-01-15 11:44:42 -08:00
Luciano Sousa b3d769ff4f Update rspec syntax to v3
update rspec syntax to v3

change syntax to rspec v3

oops. fix typo

mailers classes with rspec3 syntax

helpers with rspec3 syntax

jobs with rspec3 syntax

serializers with rspec3 syntax

views with rspec3 syntax

support to rspec3 syntax

category spec with rspec3 syntax
2015-01-05 11:59:30 -03:00
Erick Guan 97b3914b70 FIX: use utc time when generate reports; set boundary 2014-12-30 22:43:03 +08:00
Régis Hanol 521226f4c9 FIX: registration fails with timeout on gravatar 2014-12-15 22:10:27 +01:00
Jeff Atwood ea269ccfb2 rename purge_inactive to purge_unactivated 2014-12-02 21:36:25 -08:00
Jason W. May bdc7947cd6 rspec expect...to deprecations 2014-10-31 10:44:26 -07:00
Régis Hanol ada750b384 fixed some more deprecations. 20 to go 2014-10-29 16:06:50 +01:00
Régis Hanol de76b512c1 fix most deprecations in the specs (still some left) 2014-09-25 17:44:48 +02:00
Sam c248d28c38 FEATURE: display associated accounts in admin user 2014-09-25 16:15:01 +10:00
riking 2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Robin Ward 3c6673aceb Purge inactive accounts that are older than 7 days 2014-08-13 14:13:41 -04:00
Robin Ward 9a1580244a FIX: Don't show profile pages for inactive users and don't show them in
search results.
2014-08-13 13:30:25 -04:00
Neil Lalonde 939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde 01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Andrew Bezzub 9ffd173873 move bio to UserProfile from User 2014-06-13 14:55:32 -04:00
Sam fa6f22dd39 Move letter avatars out of upload system
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Sam d9f51961c4 BUGFIX: pick gravatar if it was just downloaded
BUGFIX: don't go rebaking unless all avatars are downloaded
2014-05-28 16:54:21 +10:00
Sam 1e28668e9f missed one spot where route changed 2014-05-28 01:09:01 +10:00
Sam 504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam 6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam 8f445e835b FIX broken spec 2014-05-22 09:08:09 +10:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol c21d3f41d0 BUGFIX: only redirect new users to top page once
Actually, new users will still be redirected to the top page during the first 30 seconds of their first visit.
2014-05-05 19:00:40 +02:00
Robin Ward 359d59242e If a new user receives a mention, quote or response to their post, allow
them to continue posting in a topic.
2014-04-29 12:59:14 -04:00
Régis Hanol f8d9fb7bdc Revert "Merge pull request #2284 from jaimeiniesta/patch-1"
This reverts commit a6b88d1e7e, reversing
changes made to 9bee0b6e2d.
2014-04-25 11:40:38 +02:00
Sam a6b88d1e7e Merge pull request #2284 from jaimeiniesta/patch-1
escape gravatar URLs to comply with W3C standards
2014-04-24 12:56:16 +10:00
Sam a3b2b4baca FEATURE: custom fields on User 2014-04-22 13:52:13 +10:00
Jaime Iniesta 2c3a10aa5b fixes user specs about ampersands in gravatar URLs 2014-04-21 10:52:58 +02:00
Régis Hanol ef24a4c71c FEATURE: add redirect_users_to_top_page site setting (default to true) 2014-03-31 21:53:38 +02:00
Sam 90139efc6f Fix spec, remove pointless have_many etc preamble 2014-03-17 12:47:47 +11:00
Vikhyat Korrapati 9b26c8584e Initial badge system implementation. 2014-03-14 21:49:26 +05:30
Régis Hanol 8214536614 BUGFIX: don't show redirect reason if you aren't redirected
Move the redirect to top page logic server-side and make sure the reason
is not shown when top is not in the navigation menu (top_menu).
2014-03-07 18:58:53 +01:00
Stephen Birarda 4a2dab9c5e allow for custom min_username_length
change constant in user to be global range and not default
2014-03-04 16:37:05 -08:00
Erik Ordway 557d1886bb remove what little CAS testing there was. 2014-02-11 17:53:20 -08:00
Robin Ward b61df08d1b FEATURE: Admin selector to choose a primary group for a user, display it
and apply a CSS class to their posts.
2014-02-10 17:00:15 -05:00
Neil Lalonde 7cc5da08fe Track how many posts a user reads each day in user_visits 2014-01-27 11:20:19 -05:00
Neil Lalonde 4f6b208e8d Posts by trust level 3 users do not have nofollow on their external links. 2014-01-15 11:40:51 -05:00
Régis Hanol e732aa8a86 BUGFIX: we should not store absolute urls for locally uploaded avatar templates
Highly recommended to run: `RAILS_ENV=production bundle exec rake avatars:regenerate` to fix the avatar templates stored in the database.
2014-01-07 17:45:06 +01:00
Robin Ward f145060315 Don't employ the "too many replies" if the user is staff, or if they created the topic.
See: http://meta.discourse.org/t/what-is-the-point-of-limiting-new-users-to-three-replies-per-topic/11696
2014-01-02 12:57:40 -05:00
Régis Hanol 82b78ec6ba schemaless avatar urls 2013-11-22 19:18:45 +01:00
Régis Hanol 3cf5a363f7 do not destroy uploads when destroying a user 2013-11-22 18:29:07 +01:00
railsaholic 34bba737ff Refactor SessionController#create, reduce complexity.
Don't compromise readablity
2013-11-15 22:09:03 +05:30
sirMackk af67284995 User ctrl refactor - breaks up large methods, moves some logic into model
Includes missing methods from backup for travis to pass

fix missing code, failing specs

keep params handling in the controller.
2013-11-09 18:44:13 +05:30
Sam 95e936c299 cleanup API for looking up a user by email or username, add specs, fix invalid auto association in open id provider 2013-10-28 16:29:07 +11:00
Manoj 96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Robin Ward 2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Manoj 868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Manoj 7c03076c2a Refactored Topic#limit_topics_per_day to reduce code climate complexity
Extracted  1) #apply_per_day_rate_limit_for, method as generic
RateLimiter , 2) #limit_first_day_topics_per_day as a separate method,
3) Added User#added_a_day_ago?, 4) Fixed private methods indentation.
2013-10-16 14:58:18 +05:30
Sam 5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Sam 61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Navin Keswani d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Neil Lalonde 6e79197519 Enum site settings can have translatable names in dropdown. Add setting for how often users get digest emails by default: default_digest_email_frequency. 2013-08-23 17:36:25 -04:00
Scott Albertson 1dbe1fb1bc Refactor User.find_by_username_or_email
* Improve test coverage
2013-08-22 09:40:07 -07:00
Sam 31dac4b197 unseen users get no updates 2013-08-20 17:48:04 +10:00
Stephan Kaag 0e3b8fbb24 Remove some calls to `all`. They are not required, and Rails4 raises warnings about them. 2013-07-22 20:44:11 +02:00
Robin Ward 89152116c6 Only send digests to active users 2013-07-11 18:47:36 -04:00
Neil Lalonde a352b70bfc Permit changing my own username's case without an error saying it is already taken 2013-06-28 16:21:46 -04:00
Sam 1ec12fc808 this spec is just refusing to work on jenkins 2013-06-28 16:07:36 +10:00
Sam ca6325a3fe a pile of complicated and hard to follow specs were replaced by something that makes sense to old people like myself 2013-06-28 15:38:47 +10:00
Sam 3c67cf8acd remove timecop, specs were failing and we can avoid it here anyway 2013-06-28 15:14:44 +10:00
Neil Lalonde 8e50b49cf1 Try to fix specs that are failing in jenkins 2013-06-27 17:23:06 -04:00
Sam 799b402778 fix horribly broken invite code, could lead to inviting the wrong person to a conversation 2013-06-19 10:31:19 +10:00
Chris Hunt f6ce985121 Send activation email after user approved 2013-06-06 18:37:25 -07:00
Juan de Dios Herrero 96d23ddd8d Refactored user_name suggestion methods into a module to reduce the complexity of User model 2013-06-06 16:40:10 +02:00
Neil Lalonde b55182b983 Use PostDestroyer when deleting all of a user's posts; deleting a post removes its flags and resets its flag counts 2013-06-05 16:05:13 -04:00
Robin Ward dfba2b6e0a FIX: Strip links from google indexed bios when the users are new. 2013-06-05 15:28:10 -04:00
Robin Ward 4392a17b54 Strip out links when displaying a new user's bio 2013-06-04 12:06:25 -04:00
Leonard Garvey 3de632f892 Added a spec for staff? and regular? 2013-05-18 18:07:07 +10:00
Robin Ward d554a59102 Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam 5ec52bd2e9 :s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff 2013-05-02 17:22:27 +10:00
Jeff Atwood b64a4100fa change "visitor" trust level to "new user"
I blame me for this mistake.. visitor means other stuff in practice. New
User is correct meaning.
2013-04-17 16:11:24 -07:00
Philipp Weissensteiner c34f476b31 Improve suggest_username method in user.rb
The suggest_username method showed up on codeclimate
so I thought I'd give it some love and make it more readable.
In the process removed trailing whitespaces and had to fix a
terrible spelling error :)
2013-03-31 19:01:11 +02:00
Philipp Weissensteiner 095cbaa093 Add a few specs to user model
I noticed a few assertions of the has_many type were missing.
Also added a couple of specs which were testing in one direction only.
Just tipping my toes in discourse hope this helps a little.
2013-03-29 00:24:35 +01:00
Sam Bauch 77e3434d81 added email whitelist SiteSetting feature to replicate email blacklist. email_validator method now also uses the regex method for both the whitelist and blacklist. 2013-03-22 14:49:42 -04:00
Sam 62c60540be pull moderator into own column, rename trust levels 2013-03-19 21:06:11 -07:00
Robin Ward d1d4530efd User Profile enhancements:
- Added PreloadStore support to avoid duplicate requests
- preliminary SEO
- Support for opengraph/twitter cards
2013-03-08 15:04:37 -05:00
Gosha Arinich 0c99dea153 introduce Enum 2013-03-01 21:16:36 +03:00
Gosha Arinich d2f3c829db refactor User and TrustLevel a bit
* rename `User#password_required` to `User#password_required!`
* emails with "i" @ something are a special case as well
* get rid of `self.` and returns where possible
* prefer "unless a" instead of "if !a"
* `unread_notifications` without manually iterating
* introduce `User#moderator?`
* introduce `TrustLevel#valid_key?`, `TrustLevel#compare`, and
  `TrustLevel#level_key`
2013-02-28 19:15:54 +03:00
Alexander 8855a0bfbe RSS of a topic via new route
Adds TopicView#recent_posts; Post#by_newest, #with_user, #author_readable; User#readable_name
Autodiscovery tag in topic show HTML.
2013-02-26 14:54:17 -08:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Sam Saffron 77a2d8ccc4 fixed a pile of notification craziness
addes some tests around post timings
2013-02-25 18:42:42 +11:00
Neil Lalonde 85f8f8f2d5 Better checking of blacklisted emails on create and when email is being updated 2013-02-20 16:25:08 -05:00
Neil Lalonde 046c330858 Changes to email_domains_blacklist shouldn't invalidate existing users 2013-02-20 12:16:16 -05:00
Neil Lalonde aaf96f1e29 Replace email_blacklist_regexp with email_domains_blacklist site setting 2013-02-13 22:45:43 -05:00
Robin Ward f00006ee7d Fix broken Yahoo! signup. 2013-02-13 12:37:48 -05:00
Neil Lalonde f850fe1e75 Implement the email_blacklist_regexp ssite setting 2013-02-13 12:28:39 -05:00
Neil Lalonde 238032051e Users with no email_tokens return true from email_confirmed 2013-02-12 10:19:02 -05:00
Neil Lalonde c18b85873f Prevent login until email is confirmed 2013-02-11 11:18:37 -05:00
Cyril Mougel 84191802df Extract the validation of Username format in own class to avoid
complexity in user model object
2013-02-08 12:54:47 -05:00
Neil Lalonde 79dfccf717 Username validation in signup and username change forms 2013-02-07 18:23:52 -05:00
Sam Saffron 85973ce6b0 added delete all posts button
wired up the ability to enable all themes
2013-02-07 18:11:56 +11:00
Andy 66022f9faa Updated email hash to Gravatar specifications
Gravatar email hashes have two requirements:
* Whitespace must be trimmed
* Email should be downcased
2013-02-05 21:16:15 -07:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00