David Taylor
0d0d78841b
FIX: Remove `plugin.enabled?` checks at initialization time ( #6166 )
...
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
- An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
- In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.
Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.
I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
- `post_custom_fields_whitelist`
- `whitelist_staff_user_custom_field`
- `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
Joffrey JAFFEUX
a2281fbb19
FEATURE: allows to jump to a date in a topic
2018-07-19 16:00:13 +02:00
Kyle Zhao
2901691e87
FEATURE: per-category approval settings ( #5778 )
...
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
Arpit Jalan
2c971c41f6
FIX: post deletions rate limit per day was not working
2018-06-28 19:21:27 +05:30
Arpit Jalan
a6d50d1ff7
FEATURE: new settings to control posts deletions rate limit
2018-06-28 17:03:37 +05:30
Arpit Jalan
c352f8eb15
FEATURE: rate limit post deletions to 50 per day
2018-06-28 16:38:58 +05:30
Arpit Jalan
6bcdc3ba4b
FEATURE: allow author to delete posts irrespective of post_edit_time_limit
2018-06-26 21:43:06 +05:30
Gerhard Schlager
ed4c0c4a63
FEATURE: Add option to delete all replies of flagged post
2018-04-24 11:08:05 -04:00
Robin Ward
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Sam
75172024ca
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:27 +11:00
Sam
41986cdb2f
Refactor requires login logic, reduce duplicate code
...
This also corrects the positioning in the chain of the check
and removes misuse of prepend_before_action
2018-02-01 15:17:59 +11:00
Sam
f2e7b74d88
FIX: don't return 200s when login is required to paths
...
When running `ensure_login_required` it should always happen prior to
`check_xhr` cause check xhr will trigger a 200 response
2018-02-01 12:26:45 +11:00
Robin Ward
6b04967e2f
FEATURE: Staff members can lock posts
...
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Régis Hanol
1b4483c942
FEATURE: Added 'select +below' and 'select +all replies' options to selecting posts
2017-12-13 22:12:06 +01:00
Guo Xiang Tan
e73fbfe265
FIX: `Topic#featured_link_root_domain` extracts URL before parsing.
2017-12-04 10:00:07 +08:00
Robin Ward
23dce88f5f
FIX: Removed a line by accident, broke tests
2017-10-23 14:49:14 -04:00
Robin Ward
89a1b34480
FIX: Show the deleted icon if the quote expands a deleted topic
2017-10-23 13:41:41 -04:00
Guo Xiang Tan
77d4c4d8dc
Fix all the errors to get our tests green on Rails 5.1.
2017-09-25 13:48:58 +08:00
Bianca Nenciu
6bc74ceb50
Split alias levels in mentionable and messageable levels. ( #5065 )
...
* Split alias levels in mentionable and messageable levels.
* Fixed some tests.
* Set messageable level to everyone by default.
* By defaults, groups are not mentionable or messageable.
* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Bianca Nenciu
bb3a5910d7
Support for sending PMs to email addresses ( #4988 )
...
* Added support for sending PMs to email addresses.
* Made changes after review.
* Added settings validator.
* Fixed tests.
2017-08-28 12:07:30 -04:00
Mudasir Raza
84c83afd35
Allow optional import_mode param for posts in api ( #4952 )
2017-08-17 07:53:04 -04:00
Régis Hanol
4f09a5a7a5
Add 'Post.permitted_create_params' to allow plugins to add new params when creating a post
2017-08-12 04:10:45 +02:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Robin Ward
ae7734707e
REFACTOR: Merge different templates from rendering user stream items
2017-06-20 15:45:41 -04:00
Guo Xiang Tan
8ab9f30bbd
FIX: User can't remove bookmark from a deleted post.
2017-05-19 12:25:12 +08:00
Guo Xiang Tan
304ace926e
FIX: Raise right response when post_action does not exist.
2017-04-27 17:29:53 +08:00
Sam Saffron
0013a23dc1
SECURITY: prefer render plain/html to render text where possible
2017-04-10 08:01:42 -04:00
Robin Ward
14410b71fb
Convert server side paths to use `/u/`
2017-03-30 10:23:24 -04:00
Sam
bc1a6ccb90
Merge pull request #4741 from tgxworld/allow_bookmark_removal
...
FIX: Allow user to remove bookmark from posts as long as bookmark is …
2017-03-10 12:49:20 -05:00
Régis Hanol
00380d84c5
UX: display text & html parts alongside raw email in incoming email modal
2017-03-08 23:15:42 +01:00
Guo Xiang Tan
689dd16be0
FIX: Allow user to remove bookmark from posts as long as bookmark is present.
...
https://meta.discourse.org/t/bookmark-issue-when-access-to-topic-is-lost-pms/51993
2017-03-08 13:53:49 +08:00
Guo Xiang Tan
781d83a46f
FIX: Toggling a post's wiki status should not skip revision.
2017-01-25 13:34:55 +08:00
Guo Xiang Tan
0a25df67bc
Revert "FIX: Incorrect parameter being passed to component."
...
This reverts commit d354a6f7a4
.
2017-01-25 13:12:24 +08:00
Guo Xiang Tan
d354a6f7a4
FIX: Incorrect parameter being passed to component.
2017-01-25 13:09:08 +08:00
Guo Xiang Tan
32846aad2a
FIX: Toggling post's wiki status should not create a new version.
2017-01-20 15:42:33 +08:00
Sam
6ff309aa80
SECURITY: don't grant same privileges to user_api and api access
...
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Neil Lalonde
29edbafac7
FIX: post short link on subfolder installs
2016-11-01 15:20:04 -04:00
Sam
2b15919aee
missing spot where old api was used
2016-08-26 10:58:34 +10:00
Régis Hanol
681f566a66
FIX: staff members should be able to see raw email of deleted posts
2016-08-01 23:55:22 +02:00
Guo Xiang Tan
36ddb1787e
FEATURE: Add toggle topic visibility button in popup menu.
2016-07-28 16:57:04 +08:00
Andre Pereira
8cbd585e20
FEATURE: Allow staff users to merge posts.
2016-07-27 12:04:14 +08:00
Steve Kemp
8f8ad3fe4a
Allow an (optional) post-creation time to be submitted. ( #4205 )
...
* Allow an (optional) post-creation time to be submitted.
This should allow a new post to be created with an initial
date/time specified by the caller, which will be useful for
people writing importers..
* Only allow `created_at` to be submitted via the API.
This addresses the previous concern.
2016-05-22 10:54:03 +02:00
Robin Ward
5518141ad5
Option for verbose logging when API calls to create posts fail
2016-04-12 12:10:48 -04:00
Arpit Jalan
13fa0f8cf8
FIX: only show regular posts in RSS feed
2016-03-31 21:34:53 +05:30
Arpit Jalan
41208b99a1
FEATURE: RSS feed for user posts and topics
2016-03-31 20:24:05 +05:30
Arpit Jalan
c54dc4a8d9
FIX: update RSS description for public/private posts
2016-03-21 18:45:16 +05:30
Arpit Jalan
34469e725b
FEATURE: separate API endpoints for public and private posts
2016-03-21 18:21:15 +05:30
Arpit Jalan
89248580dc
FEATURE: revert post to a specific revision
2016-03-11 02:46:55 +05:30
Régis Hanol
cf4c256b17
FEATURE: new 'raw email' modal when listing rejected emails
2016-02-01 21:41:49 +01:00
Neil Lalonde
685ba1eb7f
FEATURE: blocked users can send and reply to private messages from staff
2016-01-22 12:54:24 -05:00
Arpit Jalan
06bac23e5f
FEATURE: allow users to wikify their own posts based on trust level
2016-01-12 08:44:25 +05:30
Sam
9899e8d4a5
FEATURE: First class messages to groups, you can select a group as a target of a message
2015-12-02 15:49:43 +11:00
Robin Ward
3939331dec
FIX: Staff was getting 500 when editing post in deleted topic
2015-11-13 11:35:23 -05:00
Arpit Jalan
49edffd3c3
FEATURE: support linking to a specific revision of a topic/post
2015-10-19 14:31:29 +05:30
Régis Hanol
06b799bfbf
Merge pull request #3857 from gdpelican/fix-for-untopiced-posts
...
Don't error on posts#latest if a post does not have a topic
2015-10-16 14:59:36 +02:00
James Kiesel
695b366a03
Don't error on posts#latest if a post does not have a topic
2015-10-16 14:44:48 +03:00
Sam
2422289c8b
FIX: whispers should not be revealed in reply to, or reply expansion
...
FEATURE: mark whisper as experimental
FIX: badges should never apply to whispers
2015-09-25 10:16:19 +10:00
Robin Ward
91f3e8e724
For now, restrict whispering to staff only.
2015-09-15 12:29:32 -04:00
Robin Ward
5af0f5f80e
FEATURE: Whisper posts
2015-09-11 14:05:21 -04:00
Kane York
27ee8bea95
FIX: Remove N+1 queries in posts.json
2015-09-04 13:36:47 -07:00
Kane York
32e5016dbb
FEATURE: Include topic title, category in posts.json
2015-09-01 17:46:06 -07:00
Kane York
94439ebddd
FIX: Tighter rate-limit for post self-deletions
2015-08-18 12:50:45 -07:00
Régis Hanol
23a5c6444a
FIX: move topic links and quoted posts extraction to the PostRevisor
2015-08-14 19:33:32 +02:00
Sam
bafdf9290d
FIX: don't let blocked users reach post creator or new post queue
...
correct broken spec
2015-08-06 10:32:53 +10:00
Sam
01ad88f1ed
FEATURE: min_first_post_typing_time
...
If a user spends less than 3 seconds typing
first post they will automatically enter the approval queue
2015-08-04 10:57:34 +10:00
Sam
7b8b96446e
FEATURE: track statistics around post creation
...
- how long were people typing?
- how long was composer open?
- how many drafts were created?
- correct, draft saved to go away after you continue typing
store in Post.find(xyz).post_stat
2015-08-03 14:29:15 +10:00
Robin Ward
5f45e5361f
FIX: Moderation actions can have their messages removed
2015-07-28 16:58:56 -04:00
Arpit Jalan
71ee84f848
FEATURE: latest posts RSS feed
2015-06-09 21:45:06 +05:30
Sam
e5888cf090
PERF: avoid preloading json in cases where it is not needed
...
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Régis Hanol
a737090442
- FEATURE: revamped poll plugin
...
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Tan Le
9fbc763902
Replace Hash#keys.each with Hash#each_key for some perf boost
2015-04-18 21:53:53 +10:00
Robin Ward
22ffcba8e6
Convert `Discourse.Post` to ES6 and use Store model
...
- Includes acceptance tests for composer (post, edit)
- Supports acceptance testing of bootbox
2015-04-15 14:54:36 -04:00
Robin Ward
19a9a8b408
`NewPostManager` determines whether to queue a post or not
2015-04-15 14:54:36 -04:00
Robin Ward
db4c04d606
FIX: Moderators shouldn't be able to see secure deleted posts
2015-04-13 11:48:31 -04:00
Régis Hanol
6cd4330335
FIX: show all deleted posts
2015-03-11 18:07:47 +01:00
Sam
59a28bf5c1
regression: bookmarked may be missing, do not fail
2015-02-19 11:42:01 +11:00
Sam
b041b3f67f
FIX: bookmark topic was not working intuitively
...
- explicitly call out "clear bookmarks"
- correct keyboard shortcuts
- properly remove bookmarks when toggeling
2015-02-19 10:58:57 +11:00
riking
4c8850108a
SECURITY: Don't leak topic title in the redirect
2015-02-04 11:55:39 -08:00
Sam
a6ce188f35
Merge pull request #3126 from riking/latest-posts
...
Latest posts endpoint at /posts.json
2015-01-30 08:55:45 +11:00
Robin Ward
f028b51620
Add post parameters so plugins like akismet can use it for spam
...
prevention.
2015-01-29 13:09:35 -05:00
Robin Ward
1f40807001
Add extensibility point for whenever a post is created
2015-01-29 12:46:29 -05:00
Robin Ward
8fc477ab07
More refactoring to support extensibility of history
2015-01-28 13:37:06 -05:00
Robin Ward
d43944b3ed
Extensibility for tracking changes to a topic
2015-01-28 13:37:06 -05:00
riking
9e9119d1c1
FEATURE: Enable pagination of /posts.json
2015-01-23 21:22:19 -08:00
riking
1d24d8471e
FEATURE: Latest posts endpoint at /posts.json
2015-01-23 21:16:03 -08:00
Régis Hanol
c681b353f2
FEATURE: bookmark topic button
2015-01-12 12:10:15 +01:00
Robin Ward
0bc0bd7a21
Pass the `current_user` to the topic saved event
2015-01-08 17:29:11 -05:00
Robin Ward
704ac91a22
FIX: Broken spec
2015-01-06 17:06:24 -05:00
Robin Ward
5667478b4d
A common, extensible interface for sending topic columns across the wire
...
This allows plugins to specify topic columns to serialize and save in
the database via the composer when creating topics and editing their
first posts.
2015-01-06 14:53:12 -05:00
Régis Hanol
a036ac7bdc
FIX: users can see the raw email source of their own posts
2014-11-12 14:49:42 +01:00
Régis Hanol
e7f251c105
LOTS of changes to properly handle post/topic revisions
...
FIX: history revision can now properly be hidden
FIX: PostRevision serializer is now entirely dynamic to properly handle
hidden revisions
FIX: default history modal to "side by side" view on mobile
FIX: properly hiden which revision has been hidden
UX: inline category/user/wiki/post_type changes with the revision
details
FEATURE: new '/posts/:post_id/revisions/latest' endpoint to retrieve
latest revision
UX: do not show the hide/show revision button on mobile (no room for
them)
UX: remove CSS transitions on the buttons in the history modal
FIX: PostRevisor now handles all the changes that might create new
revisions
FIX: PostRevision.ensure_consistency! was wrong due to off by 1
mistake...
refactored topic's callbacks for better readability
extracted 'PostRevisionGuardian'
2014-10-27 22:06:43 +01:00
Sam
1cc37e32b9
FEATURE: add max_reply_history to limit number of replies
...
that can be expanded, when clicking "in-reply-to"
2014-10-27 09:44:42 +11:00
Arpit Jalan
72873b8368
further optimize raw email feature
2014-10-18 00:50:02 +05:30
David McClure
19d5362c6b
FEATURE: ability to hide or show specific post revisions
2014-10-14 07:19:45 -07:00
Régis Hanol
5754e8dd0f
FEATURE: auto-close topics based on last post
2014-10-10 18:21:44 +02:00
Régis Hanol
7e8c4b63f4
FIX: only show agreed abd deferred flags on user's profile
2014-10-09 16:10:16 +02:00
Régis Hanol
98b6b9821a
FEATURE: log topic/post deletions from staff members
2014-10-01 17:40:13 +02:00
Régis Hanol
0b13f6572f
FEATURE: staff option to unhide a post
2014-09-22 18:55:13 +02:00
Régis Hanol
e56fcf0c43
FEATURE: add 'rebake post' in post wrench menu
2014-09-11 16:04:40 +02:00