38c10a3dc2
correct the validator
2018-08-15 14:56:24 +10:00
91e0a77a60
FEATURE: silenced users should not be allowed to edit posts
2018-08-15 14:29:36 +10:00
06f82a7d72
correct exception handling, always do to_i in array
2018-08-15 11:31:42 +10:00
bc47148d35
add validation to exclude_category_ids
2018-08-15 09:53:28 +10:00
12bab65167
FIX: going from /categories to /latest on mobile might break infinite scrolling
2018-08-15 01:22:03 +02:00
ba0e322fd0
FIX: Validation of topic params broke discourse-assign
2018-08-14 18:45:46 +02:00
87fa26b6c8
FIX: Silenced users shouldn't be able to act on posts
2018-08-14 11:43:39 -04:00
2927294cc6
FIX: Bulk deleting topics should ignore already deleted topics
2018-08-14 16:37:52 +02:00
de92913bf4
FIX: store the topic links using the cooked upload url
2018-08-14 12:23:32 +02:00
ad5f502332
FIX: add a basic validator for topic params
...
This cuts down on log noise when people try out sql injection
2018-08-14 17:01:04 +10:00
6cae47aa53
collect extra environment correctly
2018-08-13 16:33:28 +10:00
168ffd8384
FEATURE: group warnings about IP level rate limiting
2018-08-13 14:38:20 +10:00
d10c9d7d75
FIX: Missing extensions for non-image uploads due to 2b57239389.
2018-08-13 10:58:55 +08:00
71a1d75d7e
FIX: disable_2fa fix method selection
...
The previous code resulted in
NameError: undefined local variable or method `totp' for main:Object
I now understand what @tgxworld meant about we should only disable totp when I submitted this before.
This is the kind of Ruby stuff that I still don't understand well,(perhaps this isn't the most Ruby way to do this?) but this does what I think is supposed to happen. And it worked just now.
2018-08-10 14:45:40 -07:00
865cb3feb9
FIX: allow selecting site's default theme from preference
2018-08-10 14:12:02 +03:00
ea8394b080
typo in error message
2018-08-10 11:34:01 +10:00
1fc2597626
better error handling for upload extension fixer
2018-08-10 11:28:22 +10:00
b9072e8292
FEATURE: Add "Reset Bump Date" action to topic admin wrench ( #6246 )
2018-08-10 10:51:03 +10:00
ef4b9f98c1
FEATURE: Allow admins to reply without topic bump
2018-08-10 10:48:30 +10:00
d77dccc636
FIX: user-deleted posts with deferred flags can be destroyed
2018-08-09 14:54:31 -04:00
6ddf7fcd1f
Fix warnings about already initialized constants
2018-08-09 17:29:02 +02:00
5895507153
FEATURE: Ability for plugins to whitelist custom fields for flags
...
You can now call `whitelist_flag_post_custom_field` from your plugins
and those custom fields will be available on the flagged posts
area of the admin section.
2018-08-09 10:49:14 -04:00
ed4c0f256e
FIX: check permalinks for deleted topics
...
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
1ea23b1eae
FIX: Wrong order for `S3Helper#copy_file`.
2018-08-08 15:58:54 +08:00
0879610ffd
Add missing require in `uploads:fix_incorrect_extensions`.
2018-08-08 15:39:37 +08:00
a35f2984e9
FIX: support Arrays with Marshal dump in distributed cache
...
Theme cache uses arrays here
2018-08-08 16:44:56 +10:00
17047806b9
Add a rake task to fix uploads with wrong extension.
2018-08-08 13:15:17 +08:00
0b7ed8ffaf
FEATURE: backend support for user-selectable components
...
* FEATURE: backend support for user-selectable components
* fix problems with previewing default theme
* rename preview_key => preview_theme_id
* omit default theme from child themes dropdown and try a different fix
* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
aafff740d2
Add `FileStore::S3Store#copy_file`.
2018-08-08 11:30:34 +08:00
4e6e4a83df
FIX: subfolder digest emails have incorrect URLs
2018-08-07 16:38:17 -04:00
1fcb5c1b6d
Version bump to v2.1.0.beta4
2018-08-07 12:32:57 -04:00
2b57239389
FIX: Upload's content is the only source of truth for the file type.
2018-08-07 13:15:00 +08:00
4b000f5d12
FIX: do not use `lib` for requires
...
this breaks loading the app from arbitrary dirs
2018-08-07 11:04:29 +10:00
ffc8c52bf5
FIX: store welcome topic id in custom field
2018-08-06 23:46:03 +05:30
812add18bd
REFACTOR: Serve auth provider information in the site serializer.
...
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
0cd9e2acb9
fix build
2018-08-04 01:56:26 +02:00
066010db7d
FEATURE: introduces list/compact_list components
2018-08-03 16:41:37 -04:00
ac2513b0f2
FEATURE: automatic PM when a user's email is revoked
2018-08-03 16:39:22 +02:00
c81bad3232
Merge pull request #6232 from OsamaSayegh/message-email-short-reply
...
UX: better rejection message when reply via email is too short
2018-08-02 14:25:04 -07:00
a157dfd418
UX: better rejection message when reply via email is too short
2018-08-02 22:43:53 +03:00
14bbd5d167
FIX: use the right URL when downloading the file from S3
2018-08-02 10:04:41 +02:00
4a872823e7
Improvements to user drafts ( #6226 )
...
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels
* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
0f1137dafa
FIX: 'migrate_from_s3' rake task wasn't handling short urls
2018-08-01 22:58:46 +02:00
059862ed46
Mark discord auth plugin official
2018-08-01 09:33:14 -07:00
b829452c75
Merge pull request #6209 from discourse/mini_scheduler
...
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
0b9437cee7
FIX: more resilient/consistent dashboard caching ( #6223 )
2018-08-01 09:45:50 -04:00
a115aae45f
Use rchardet instead of charlock_holmes gem
2018-08-01 10:41:20 +02:00
ff942ed2f3
FIX: Try detecting encoding of RSS feed
2018-08-01 10:41:20 +02:00
1f45215537
FEATURE: Drafts view in user profile
...
* add drafts.json endpoint, user profile tab with drafts stream
* improve drafts stream display in user profile
* truncate excerpts in drafts list, better handling for resume draft action
* improve draft stream SQL query, add rspec tests
* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)
* cleanup
* linting fixes
* apply prettier styling to modified files
* add client tests for drafts, includes a fixture for drafts.json
* improvements to code following review
* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix
* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed
* prettier, eslint fixes
* use "username_lower" from users table, added error handling for rejected promises
* adds guardian spec for can_see_drafts, adds improvements following code review
* move DraftsController spec to its own file
* fix failing drafts qunit test, use getOwner instead of deprecated this.container
* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
6aee22b88f
FIX: Onebox images are not downloaded locally without css class
2018-08-01 02:51:02 +05:30
4ad7ce70ce
REFACTOR: extract scheduler to the mini_scheduler gem
2018-07-31 17:12:55 -04:00
afe3b00c0f
FIX: use hidden setting for max export file size
2018-07-31 11:25:28 +05:30
f0c203a5cf
clean up previous commit
2018-07-31 14:50:02 +10:00
b55d9e63a0
Rake mail test debugging ( #6171 )
...
* FEATURE: rake emails:test add debugging
* Oops! Remove safety code
* more language tweaks
2018-07-31 14:45:59 +10:00
fd29ecb91a
UX: include a flag reason in the post-deleted-by-staff-because-of-flags message
2018-07-30 16:45:46 -04:00
8f1db615db
FIX: don't break restore if function does not exist
2018-07-30 22:11:38 +02:00
17b851cf08
FEATURE: show last updated date for wiki topics
2018-07-30 20:27:49 +05:30
6566b2f11a
FEATURE: Allow revoke and connect for Instagram logins
2018-07-30 14:38:53 +01:00
dfcb2a0d42
FEATURE: include published_time in metadata
2018-07-30 17:09:56 +05:30
8d1acbd4c2
DEV: Include specific authenticator name in warning message
2018-07-30 11:33:48 +01:00
b94633e844
FIX: `FileHelper` should prioritize response content-type.
...
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
2018-07-30 10:54:36 +08:00
5f1fd0019b
FEATURE: Allow revoke and connect for GitHub logins
2018-07-27 17:18:53 +01:00
6296f63804
FEATURE: Revoke and connect for Yahoo logins
2018-07-27 16:20:47 +01:00
9c72c00206
FEATURE: Revoke and reconnect for Twitter logins
2018-07-27 12:28:51 +01:00
c74dd2fa08
FIX: welcome topic should not be a private message
2018-07-27 15:15:13 +05:30
6740631fdb
TEMPFIX: Fix broken restores.
2018-07-27 12:48:16 +08:00
135c803f49
FIX: don't send PM if flagged post is deleted but flags were deferred or cleared
2018-07-26 15:12:31 -04:00
a74024b1c9
Version bump to v2.1.0.beta3
2018-07-26 14:16:06 -04:00
467c529920
FIX: Remove return statement from inside block
2018-07-26 15:52:39 +01:00
88241f57a3
FEATURE: allow auth plugins to have a site setting for full screen login
2018-07-26 11:11:16 +01:00
def2c977ce
allow auth plugins to have a site setting for if they should be full screen vs popup window
2018-07-25 19:20:11 -05:00
f94aeaf6cf
SECURITY: force IM decoder based on file extension - part 3
2018-07-25 23:55:06 +02:00
800c57c6ab
SECURITY: force IM decoder based on file extension - part 2
2018-07-25 23:08:02 +02:00
4bf3bf6786
SECURITY: force IM decoder based on file extension
2018-07-25 22:00:04 +02:00
0d0d78841b
FIX: Remove `plugin.enabled?` checks at initialization time ( #6166 )
...
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
- An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
- In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.
Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.
I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
- `post_custom_fields_whitelist`
- `whitelist_staff_user_custom_field`
- `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
796639a797
FIX: makes disk_space computation more resilient ( #6172 )
2018-07-25 11:04:01 -04:00
fa399ce1c5
FEATURE: Add revoke and reconnect functionality for google logins
2018-07-25 16:03:14 +01:00
578c8e861b
FIX: refreshes disk_space on backup create/destroy ( #6169 )
2018-07-25 08:26:30 -04:00
776fd0de66
FIX: Filter open-id logins by identifier
2018-07-25 11:47:09 +01:00
84d14fd8a0
FIX: Don't rely on setting data type read from database
2018-07-25 11:40:59 +02:00
417bcf7d2e
add checks for staff and system user before sending flags_agreed_and_post_deleted message
2018-07-24 19:25:11 -04:00
fe39cdc90a
FEATURE: when a post is deleted because a moderator agreed with flags, send a message to the post author
2018-07-24 17:17:56 -04:00
7058205f70
FIX: Broken specs
2018-07-24 12:00:34 -04:00
236243f38a
SECURITY: Consider `0.0.0.0` a private IP
2018-07-24 11:16:27 -04:00
7a3c541077
UX: Preview multiple color schemes in wizard ( #6151 )
...
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.
Theme preview windows are shrinked.
Imported default color schemes.
Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
2018-07-24 09:00:20 -04:00
fa19d3a53c
Merge pull request #6108 from discourse/transaction-sidekiq-fix
...
Fix notifications for topics moved between categories
2018-07-24 17:44:03 +08:00
20a21b1240
Move into MiniSQLMultisiteConnection, and add test for rollback
2018-07-24 09:41:55 +01:00
fad9c2b971
PERF: Move `EmailLog#reply_key` into new `post_reply_keys` table.
2018-07-24 13:51:53 +08:00
ae8b0a517f
PERF: Split skipped email logs into a seperate table.
2018-07-24 13:14:37 +08:00
e42038eae2
Rake task called method with wrong arguments
2018-07-24 00:10:09 +02:00
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
b165cfdfbe
FIX: Raise a better error in `SiteSettings::TypeSupervisor`.
2018-07-19 16:41:00 +08:00
14a0879658
FIX: allow Twitter videos to go fullscreen
2018-07-19 10:22:36 +05:30
2dc3a50dac
FIX: Do not update `last seen` time for suspended users
2018-07-18 16:04:57 +01:00
6d6e026e3c
FEATURE: selectable avatars
2018-07-18 12:57:43 +02:00
379384ae1e
FIX: never block /srv/status which is used for health checks
...
This route is also very cheap so blocking it is not required
It is still rate limited and so on elsewhere
2018-07-18 12:37:01 +10:00
3874d40910
Prepare to drop `EmailLog#topic_id`.
2018-07-18 10:22:24 +08:00
1d74ccaaf8
Add compatibility for ImageMagick7.
2018-07-17 15:50:58 +08:00
a7ec949e02
make RuboCop happy
2018-07-17 13:15:44 +05:30
7c7509e1bd
FEATURE: update TwitterApi for prettifying like/retweet count
2018-07-17 12:59:40 +05:30
7b3ef4d13f
FIX: use email color settings consistently in notification emails
2018-07-16 12:30:42 -04:00
a6c589d882
FEATURE: Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups ( #6045 )
...
- Add custom S3 Endpoints and DigitalOcean Spaces support
- Add Minio support using 'force_path_style' option and fix uploads to custom endpoint
2018-07-16 14:44:55 +10:00
0ed2834c2d
FEATURE: Add users:disable_2factor rake task
...
https://meta.discourse.org/t/admin-locked-out-of-2fa/92156/2?u=pfaffman
2018-07-16 09:56:55 +08:00
b1082924b9
FIX: do not validate topic deletions
2018-07-13 22:53:36 +05:30
711371e8c8
FIX: Select+below will ask server for post ids on megatopics.
2018-07-13 15:10:39 +08:00
c722b07057
FIX: `/t/:topic_id/last` route did not return any posts.
2018-07-13 14:26:10 +08:00
2901691e87
FEATURE: per-category approval settings ( #5778 )
...
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
81f9500f5c
FIX: Change megatopic threshold to 10,000 posts
2018-07-12 22:00:53 +01:00
258e9e35ca
PERF: Make mega topics work without a stream.
...
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld .
2018-07-12 12:46:12 +08:00
decf1f27cf
FEATURE: Groundwork for user-selectable theme components
...
* Phase 0 for user-selectable theme components
- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
536cef86f4
PERF: do not carry post ids in memory when rebaking all posts
2018-07-11 14:34:33 +05:30
0942e2c795
allow adding tags as a custom subject format for emails ( #5846 )
...
allow adding tags as a custom subject format for emails
2018-07-11 12:24:07 +10:00
f69b7deb80
FIX: wizard emoji images on subfolder installs
2018-07-10 11:02:22 -04:00
b4e1388f9b
PERF: Drop support for gaps in mega topics.
...
Based on our current implementation, there isn't a
practical way to determine the gaps of large topics
cheaply. We tried to load the gaps in chunks but felt
that the code becomes too complicated. Note that
megatopics are quite rare in the wild.
2018-07-10 16:27:02 +08:00
21f333654c
REFACTOR: Reduce dependency on the post stream in `TopicView`.
...
This will allow us to drop the post stream from the payload for
mega-topics. On smaller topics, the extra query is fast because
of an existing index.
2018-07-10 15:53:00 +08:00
4163f9e61e
DEV: Better clean up for PostgreSQL failover test.
2018-07-10 09:53:25 +08:00
96aca6d7e6
Remove legacy vote post action code. ( #6009 )
2018-07-09 16:54:18 +08:00
72a3457379
Bump `discourse_image_optim` which uses a global timeout.
...
Our previous solution has the timeout set at the worker level
which means the total timeout would be X timeout secs * N number of
workers.
2018-07-09 10:30:18 +08:00
dba22bbde2
rollback changes
...
This reverts:
* 1baba84c438e "fix s3 subfolders harder"
* ea5e57938edf "fix test for absolute_base_url change"
2018-07-06 17:16:40 -05:00
52e9f49ec1
fix s3 subfolders harder
...
specifically, include the folder in absolute_base_url
2018-07-06 16:28:40 -05:00
59a2767de8
Ensure that we restore the site setting in posts:rebake rake task.
2018-07-06 16:22:54 +08:00
eabc8f7fbd
Merge pull request #6023 from misaka4e21/only-staff-can-create-tag
...
FEATURE: Support disabling tag creation for non-staff users.
2018-07-05 11:12:44 -04:00
92000bc8a0
FEATURE: add a rake task to recalculate user stats post_count and topic_count
2018-07-05 10:38:46 -04:00
28dd7fb562
FEATURE: Create hidden posts for received spam emails ( #6010 )
...
* Add possibility to add hidden posts with PostCreator
* FEATURE: Create hidden posts for received spam emails
Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
7b26f5086b
PERF: we have no use for topic percent rank
...
Prepare to remove this column
2018-07-05 15:10:19 +10:00
272646c1df
FIX: only show the sequential replies warning for regular posts
2018-07-04 22:51:19 +02:00
8a53941fe0
FIX: less aggressive gmail eliding
2018-07-04 20:04:46 +02:00
448e2fe1a2
FIX: properly delete files in the download cache
2018-07-04 18:18:39 +02:00
f134701c7b
FIX: user topic and post counts can become negative when staff deletes posts in personal messages
2018-07-04 09:31:16 -04:00
7590128d38
fix typo
2018-07-04 12:01:15 +05:30
0af159546a
FIX: `BackupRestore::Backuper#remove_tar_leftovers` not cleaning up files.
...
Wildcard is sanitized when passed to `system()`.
2018-07-04 13:58:39 +08:00
e72fd7ae4e
FIX: move crawler blocking into anon cache
...
This refinement of previous fix moves the crawler blocking into
anonymous cache
This ensures we never poison the cache incorrectly when blocking crawlers
2018-07-04 11:14:43 +10:00
7f98ed69cd
FIX: move crawler blocking to app controller
...
We need access to site settings in multisite, we do not have access
yet if we attempt to get them in request tracker middleware
2018-07-04 10:30:50 +10:00
d1b21aa73b
add timings to asset precompile
2018-07-04 09:42:38 +10:00
b6e9c734f2
replace error with message
...
So Discourse continues to work on Ruby trunk
2018-07-04 09:42:38 +10:00
e8a6323bea
remove crawler blocking until multisite support
2018-07-03 17:54:45 -04:00
b71cf6d422
FEATURE: Add search not operator for tags.
2018-07-03 15:57:34 +08:00
212f518cd1
Add invite tokens to official plugins list
2018-06-30 17:24:45 -04:00
252e5574cc
FIX: Prevent ambigous column errors when joining `TopicView` queries.
2018-06-29 10:33:08 +08:00
db14e10943
SECURITY: category badges should HTML escape names
2018-06-28 18:15:07 +10:00
ec3e6a81a4
FEATURE: Second factor backup
2018-06-28 10:12:32 +02:00
23acddc9fa
Add descriptions for rake tasks
2018-06-27 20:24:46 +02:00
eb427f7cf4
PERF: Update `TopicView#participant_count` to use `Topic#posts_count`.
...
Use the counter cache instead of hitting the DB and plucking
every single id.
2018-06-27 17:18:47 +08:00
cfa7898c2d
Rename `TopicView#last_read_post_id` to `TopicView#filtered_post_id`.
2018-06-27 12:33:57 +08:00
cb69888758
PERF: Don't pluck all the columns just to retrieve a single value.
2018-06-27 11:41:35 +08:00
47cb46671a
FEATURE: Support disabling tag creation for non-staff users.
2018-06-27 07:15:02 +08:00
6bcdc3ba4b
FEATURE: allow author to delete posts irrespective of post_edit_time_limit
2018-06-26 21:43:06 +05:30
49ffc1eb61
Revert "PERF: Send down gaps as the relevant posts load instead of front loading."
...
This reverts commit 4c3352528e
2018-06-26 12:54:14 +08:00
4c3352528e
PERF: Send down gaps as the relevant posts load instead of front loading.
2018-06-26 12:49:06 +08:00
0b6a2e9d1f
Remove force summary mode for megatopics for now.
...
The logic is too hairy and we can't reliably determine
when to force summary mode. Work is underway to improve
perf for megatopics so this will not be required
eventually.
2018-06-26 12:49:06 +08:00
Sam
Régis Hanol
Gerhard Schlager
Robin Ward
Guo Xiang Tan
Jay Pfaffman
Osama Sayegh
Neil Lalonde
Arpit Jalan
David Taylor
Joffrey JAFFEUX
Jeff Atwood
Penar Musaraj
Jeff Wong
Vinoth Kannan
Jay Pfaffman
Nick Shearer
Guo Xiang Tan
Rishabh
Kyle Zhao
Maja Komel
Andrew Schleifer
Patrick Gansterer
Kasia Bułat
Joshua Rosenfeld
misaka4e21