Commit Graph

68 Commits

Author SHA1 Message Date
Robin Ward 8a4e96645c FEATURE: Can click to expand hidden posts to see the good stuff! 2014-06-20 17:07:12 -04:00
Régis Hanol 0df666277d BUGFIXES: properly deal with bookmarks and deleted posts
BUGFIX: removing a bookmark from the activity feed was busted for deleted posts
BUGFIX: delete associated user actions when deleting a post
2014-06-04 17:41:11 +02:00
riking 41332ab7ad Allow anonymous to see raw posts 2014-05-19 23:33:27 -07:00
Wojciech Zawistowski 960d64930c Wiki Post 2014-05-13 08:53:11 -04:00
Régis Hanol fca6738212 BUGFIX: could not see the revisions of a post in a deleted topic 2014-05-12 16:30:10 +02:00
Régis Hanol bc3de84ebf FEATURE: remove bookmark button in activity feed 2014-05-12 09:33:26 +02:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Sam 05efc8df16 BUGFIX: likes would cause whole post to re-render 2014-04-24 12:42:04 +10:00
Robin Ward dbab628e16 Support for creating embedded topics via API 2014-04-03 14:42:44 -04:00
Robin Ward 10d0320532 FIX: Allow expanding posts when anonymous, add specs 2014-04-03 11:30:43 -04:00
Robin Ward d1e7fa1c47 Minor tweaks to importing first posts 2014-04-02 15:54:21 -04:00
Robin Ward 558a06a117 Adds better reusable error message support. Added to fetching remote
posts. /cc @riking
2014-04-02 13:22:10 -04:00
Robin Ward b250aa36a0 Remote fetching of blog contents 2014-04-02 10:26:46 -04:00
Robin Ward 50fb048b99 Interface for expanding OP contents 2014-04-02 10:26:46 -04:00
Sam 1cd32ced33 FEATURE: update likes and flags live. 2014-03-24 13:22:03 +11:00
Neil Lalonde 283dc7dd2d Trust level 4: add ability to edit any post and see edit history 2014-03-13 10:47:49 -04:00
Wojciech Zawistowski 227c0af20b Removes unnecessary instance vars. 2014-02-24 18:03:29 +01:00
Wojciech Zawistowski ed311eb65a PostsController refactoring. 2014-02-21 17:12:43 +01:00
Wojciech Zawistowski cfbeba84d2 Adds tests for PostsController#replies. 2014-02-20 17:38:13 +01:00
Wojciech Zawistowski 5e8db5ce14 Adds specs for PostsController#by_number. 2014-02-19 17:41:17 +01:00
Wojciech Zawistowski 5b9a4d3581 Refactors PostsController and adds unit tests. 2014-02-18 17:19:38 +01:00
Régis Hanol 4fb274fb9d BUGFIX: history link doesn't work on deleted posts 2014-02-04 20:05:50 +01:00
Neil Lalonde 259295d865 Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year. 2014-01-09 11:55:04 -05:00
Sam eeb83adf71 BUGFIX: staff can now edit delted posts
fixes #1343

This was way easier than mucking with the UI
2014-01-06 18:12:51 +11:00
Régis Hanol 06dd7ffe3c better revision history 2013-12-12 03:41:34 +01:00
Neil Lalonde a9ab98ef9e Auto-close time can be entered in 3 ways, so a topic can close at any time 2013-11-27 09:52:35 -05:00
Sam 3fa48f8d76 Style fix: https://twitter.com/andrzejkrzywda/status/404943844896423937 2013-11-26 10:21:41 +11:00
Régis Hanol 482b752046 add edit reason when editing a post 2013-11-15 23:28:49 +01:00
Régis Hanol af96ef2994 FIX: deleting a flagged post issue
cf. http://meta.discourse.org/t/deleting-a-flagged-post-issue/10061

The bug was only happening when you were about the delete the first post, which means deleting the entire topic.
2013-10-02 16:59:57 +02:00
Régis Hanol cd4cda5b4c allow users to specify thumbnail size 2013-09-27 10:57:31 +02:00
Robin Ward 7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward 71c1b8b9b9 When deleting a post as staff, ask if you want to delete direct replies too 2013-09-05 11:03:34 -04:00
Robin Ward f157ec1f91 Select +Replies for bulk operations 2013-09-05 11:03:29 -04:00
Robin Ward 1c3804934e Show the entire history of replies above a post when you expend "in reply to" 2013-08-06 17:43:10 -04:00
Sam 4a20d09523 distributed memoizer added to ensure absolute duplicate posts don't get through
in case of an absolute dupe just return the memoized post

This works around issues with wordpress being crazy
2013-07-29 12:25:19 +10:00
Sam 1f3c5cb656 allow end user to recover a post they delete
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Sam 0ec1438b9a correct auto track param parsing for WordPress 2013-07-22 15:07:20 +10:00
Sam acba0ea41e add auto track to permitted params 2013-07-22 15:07:20 +10:00
Robin Ward 5eaae063f0 Discourse Macro Helpers + Minor Fix to Admin User View 2013-07-11 19:35:52 -04:00
Robin Ward d98f288aa4 FIX: Recovering a deleted post was not updating a topic's statistics 2013-07-09 12:15:55 -04:00
Sam f6b850e7a4 allow skipping the validations on creation if its an api call AND skip_validations is specified
this allows wordpress plugin to post very very short titles or titles that would otherwise be disallowed
2013-07-02 12:23:19 +10:00
Neil Lalonde e263bb3c0a Anons should be able to see post history 2013-06-19 16:43:16 -04:00
Ian Christian Myers b61e10f9ad All parameters for #create in PostsController pass through strong_parameters.
We are now explicitly whitelisting all parameters for Post creation. A nice side-effect is that it cleans up the #create action in PostsController. We can now trust that all parameters entering PostCreator are of a safe scalar type.
2013-06-07 01:29:25 -07:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam 870e59883b secure the links on the topic pages, eliminated deleted topics as well. 2013-06-05 16:10:26 +10:00
Robin Ward d554a59102 Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Neil Lalonde 9828c87525 Topic Auto-Close: admins and mods can set a topic to automatically close after a number of days 2013-05-13 12:53:52 -04:00
Sam 942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Sam 20493106cd fix post trashing 2013-05-07 17:56:56 +10:00
Sam e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00