Commit Graph

421 Commits

Author SHA1 Message Date
Robin Ward 5fcd5002c4 FIX: Saving a user field as `required` didn't work the first time 2016-03-09 15:34:48 -05:00
Robin Ward 5771d2aee2 SECURITY: Support for confirm old as well as new email accounts 2016-03-08 14:52:22 -05:00
Régis Hanol 622d804d46 FEATURE: Add rejection message on rejected IncomingEmail
FIX: Better RateLimit description in rejected IncomingEmail
FEATURE: Send email when hitting a rate limit
2016-03-07 16:56:17 +01:00
Régis Hanol f3c868e7bb run the BackupChunksMerger job in 5 seconds 2016-03-03 12:01:13 +01:00
Arpit Jalan 8f62a0caa8 FEATURE: log backup operation 2016-02-27 23:33:18 +05:30
Neil Lalonde 283ff4c7f8 move code for bulk adding users to a group from controller to model 2016-02-18 14:03:08 -05:00
Régis Hanol 63b9d1c645 FIX: sends an email notifcation when a user's post is linked 2016-02-16 18:29:23 +01:00
Régis Hanol bf96025507 link email logs to the post that generate the email notification when available 2016-02-16 16:35:57 +01:00
Régis Hanol 91bb38626c FEATURE: new incoming email details modal 2016-02-10 22:00:27 +01:00
Erick Guan 35142847ba FIX: Prepend the user id before username in admin user routes 2016-02-09 15:14:13 +01:00
Arpit Jalan eec8436cfe FEATURE: filter admin reports via user group 2016-02-04 11:23:49 +05:30
Régis Hanol cf4c256b17 FEATURE: new 'raw email' modal when listing rejected emails 2016-02-01 21:41:49 +01:00
Arpit Jalan 74f22f95da FEATURE: log admin/moderator grant/revoke action 2016-01-27 15:39:04 +05:30
Régis Hanol 3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Neil Lalonde 1aa68e085e don't hide all a user's posts when staff manually blocks them 2016-01-14 15:20:26 -05:00
Arpit Jalan 4c967d11b4 FEATURE: log site text changes 2015-12-18 19:42:06 +05:30
Robin Ward d22a479c61 FIX: Error filtering for overidden values with no query 2015-12-08 12:49:37 -05:00
Régis Hanol 578f606a1a add 'incoming_email' to groups 2015-12-07 12:39:28 +01:00
Robin Ward b0b85725ad If a search for a translation is exactly the value, prioritize it 2015-11-30 15:31:30 -05:00
Robin Ward de88be2fbc Support for "Only show overridden" in site text customization 2015-11-30 15:25:08 -05:00
Robin Ward 5e93140f85 FEATURE: Can override any translation via an admin interface 2015-11-27 11:35:19 -05:00
Robin Ward 8eeb027c65 Can revert changes to email templates 2015-11-20 12:30:21 -05:00
Robin Ward f5b34d5f53 FEATURE: Admin interface for editing email templates 2015-11-19 16:39:34 -05:00
Sam Saffron 6dd4bc7d57 FEATURE: support group owner, capable of controlling group membership
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members

Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
Leo McArdle fe5264f9e9 filter by username in email digest preview
adds a user prompt on the email digest preview page to generate a preview for a particular user
also fixes some broken styling on the page
2015-10-30 18:11:38 +00:00
Robin Ward 23371b026d FIX: Don't raise an error if you try to assign a group that exists 2015-10-28 12:21:54 -04:00
Robin Ward 47e25648df FEATURE: Change user groups in bulk via admin 2015-10-26 15:57:30 -04:00
Sam dfe3ecb914 PERF: disable prepared statements
see: https://github.com/rails/rails/issues/21992
2015-10-19 14:02:22 +11:00
Sam dc859beff3 FEATURE: add handle_mail admin route
you can post full email payloads to this endpoint /admin/email/handle_mail
2015-10-19 08:33:24 +11:00
Robin Ward 7802757306 FIX: Username for topic creation is required 2015-10-13 16:33:26 -04:00
Arpit Jalan 607265fc28 FEATURE: add users to group via email 2015-09-15 12:36:44 +05:30
Neil Lalonde 1bd0f5b015 FEATURE: group can grant a trust level when a user is added 2015-09-01 16:52:12 -04:00
Régis Hanol 96c23d51a2 FIX: don't break the message bus when restoring a backup 2015-08-27 20:02:13 +02:00
Régis Hanol 73624e63c5 FIX: revoke any api keys when suspending an user 2015-08-23 22:33:37 +02:00
Robin Ward 146f2eab7f Can edit settings on the embedding page 2015-08-20 15:56:05 -04:00
Robin Ward d1c69189f3 FEATURE: Can edit category/host relationships for embedding 2015-08-20 15:56:04 -04:00
Jonathan Brachthaeuser c0e88724c2 Preserve user-field options when updating user-fields
Avoid deleting options of the user-field when no options are
transmitted.
2015-08-17 19:01:20 +02:00
Robin Ward 7fffd483f8 Fix deprecations with site text, upgrade to ES6 / store 2015-08-10 10:21:04 -04:00
Robin Ward bd631e343a FEATURE: Can create stylesheets for embedded comments 2015-08-10 10:21:04 -04:00
Robin Ward 0932e82508 Refactor Customizations to have deeper URLs 2015-08-10 10:21:04 -04:00
Robin Ward aa6f792ce1 FEATURE: Custom orders for user fields 2015-07-30 14:53:13 -04:00
Robin Ward dc8a68fd29 FEATURE: New "Dropdown" user field type 2015-07-28 12:30:21 -04:00
Arpit Jalan 5fc7545c01 UX: include more details on Permalinks page 2015-07-17 21:39:23 +05:30
Arpit Jalan dc90c396f2 FEATURE: manage Permalinks 2015-07-17 01:26:02 +05:30
Régis Hanol f18098fd9b FEATURE: category dropdown in admin reports 2015-06-24 15:19:39 +02:00
Robin Ward 76bfd723f6 Merge pull request #3482 from riking/patch-3
Import/Export site customizations
2015-06-22 14:03:07 -04:00
Arpit Jalan d21944a0b6 FIX: add missing translation keys 2015-05-26 19:11:37 +05:30
Régis Hanol c91634c09a FIX: support for async uploads of emojis 2015-05-20 16:45:48 +02:00
riking d112f39031 Change extension back to .dcstyle.json 2015-05-19 18:35:16 -07:00
riking fbc06d044f Use .dcstylejson instead of .dcstyle.json 2015-05-16 20:41:35 -07:00
riking 1e53c179a3 FEATURE: Export customizations as JSON files 2015-05-16 20:24:13 -07:00
Sam 8277a586bb usage of raise corrected 2015-05-07 11:00:51 +10:00
Sam 803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Robin Ward 5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Robin Ward 96d2c5069b Interface for reviewing queued posts 2015-04-15 14:54:37 -04:00
Arpit Jalan 499bed69e2 FIX: show error message if user already exist in group 2015-04-15 14:15:58 +05:30
Sam 75890aed26 FEATURE: allow admins to choose a group as a primary group
FEATURE: allow admins to set a default title for a group
2015-04-10 12:17:28 +10:00
Régis Hanol babbbc06d1 FIX: add support for .tgz and .gz backup files 2015-04-07 15:26:47 +02:00
Sam 586cca352d move memory diagnostics into lib, so it can be reused elsewhere 2015-03-30 10:14:42 +11:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Régis Hanol fc962eb378 FEATURE: automatic daily roll-up for screened IP addresses 2015-03-09 18:55:17 +01:00
Robin Ward 84b84a9d7c Support for `url_list` site setting. 2015-03-03 16:19:29 -05:00
Robin Ward 005b8bf7c3 FIX: When creating a SSO user via sync, do not user the IP address. 2015-02-25 14:41:23 -05:00
Dan Singerman 1c545d4c1e Allow adding and removing members of groups by username or id
As discussed here: https://meta.discourse.org/t/discourse-gem-group-add/25668/2.
2015-02-25 14:52:13 +00:00
Robin Ward ca5730018a FIX: SSO code should respect IP address filters 2015-02-23 16:01:46 -05:00
Sam ca915e8ad7 correct issue under 2.0.0 2015-02-11 17:41:24 +11:00
Sam 9a59caf800 add regexp to reporting 2015-02-11 17:23:54 +11:00
Sam e427d54191 FEATURE: show large objects in admin/memory_stats 2015-02-11 17:18:47 +11:00
Régis Hanol c4e427cf73 FEATURE: filter screened IP addresses 2015-02-10 19:38:59 +01:00
Robin Ward 8d46de4819 Add a spec for the new plugins controller 2015-02-10 12:35:53 -05:00
Sam 39e828dee4 improve formatting 2015-02-10 15:59:08 +11:00
Sam d5405eebde Add basic snapshot comparison for tracking memory leaks 2015-02-10 15:54:16 +11:00
Sam 1d99f5c9c0 FEATURE: add process stats to memory report 2015-02-10 12:34:01 +11:00
Sam 3aea00473b FEATURE: improve memory reporting of /admin/memory_stats 2015-02-10 11:48:30 +11:00
Régis Hanol 1e6f886886 FIX: use distributed mutex to prevent errors when uploading emojis in batches 2015-02-09 18:54:57 +01:00
Sam e8323fa534 FIX: removing a group from a user was not removing primary group 2015-02-09 16:03:09 +11:00
Robin Ward 3d7b534564 FEATURE: New "Plugins" admin section with extensibility support 2015-02-06 17:33:24 -05:00
Robin Ward 4e64d16a47 FEATURE: Allow plugins to log staff actions 2015-02-05 15:26:34 -05:00
Sam 67eccee990 FEATURE: basic disk space usage stats 2015-02-04 18:05:17 +11:00
Neil Lalonde 644c7a4675 FEATURE: Add an option to show custom user fields on profiles. Default is to not show them. 2015-01-29 17:38:39 -05:00
Sam 497042ddf2 FIX: don't restrict to local filesystem for df check
FIX: check correct directory when looking at backup limits
2015-01-27 08:25:57 +11:00
Régis Hanol f7f5e39f75 FIX: Minor Admin bug with a setting when creating a new group 2015-01-23 20:31:48 +01:00
Régis Hanol 256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
Régis Hanol e300945879 FEATURE: split group admin in 2 tabs (custom & automatic)
FIX: clear the user-selector when adding new members
2015-01-21 20:52:48 +01:00
Neil Lalonde 7412ff4da7 FIX: suspended users are logged out when they are suspended. Show a reason for suspension when they try to log in. 2015-01-19 12:37:02 -05:00
Régis Hanol 6734a51b6a move SiteText.{head,top,bottom} to SiteCustomization 2015-01-14 12:15:53 +01:00
Robin Ward f3b72f5d96 Revert "move SiteText.{head,bottom} to SiteCustomization and remove redundant SiteText.top"
This reverts commit 6ee2849df6.
2015-01-12 20:21:22 -05:00
Régis Hanol 6ee2849df6 move SiteText.{head,bottom} to SiteCustomization and remove redundant SiteText.top 2015-01-12 19:59:43 +01:00
Régis Hanol 060cda7772 FIX: proper handling of group memberships 2015-01-05 18:51:45 +01:00
Neil Lalonde 4c166942ad FEATURE: Invite admin api has an optional param send_email which can prevent sending an email to the invited user. The api will return the password reset url so that the caller can send an email with it instead. 2015-01-02 15:48:54 -05:00
Régis Hanol 9932bea7ce FEATURE: default emoji override 2014-12-25 17:58:15 +01:00
Arpit Jalan bb152a5b3f FEATURE: download user posts archive 2014-12-24 15:13:48 +05:30
Sam ba68eee20b FIX: stable ordering for site customisations 2014-12-23 13:03:48 +11:00
Sam f23eb475a4 FEATURE: remove override stylesheet option, too confusing 2014-12-23 13:03:48 +11:00
Régis Hanol 45dbdb6896 FEATURE: custom emojis 2014-12-23 01:12:26 +01:00
Arpit Jalan 42cbe6ef2a FEATURE: export csv for all the logs 2014-12-11 23:33:26 +05:30
Blake Erickson 1d0eccf710 Have activate user return json
- Change activate user from admin controller to return json
- Test that it returns json
- Remove unnessary test from log_out spec

This commit was created so that when you activate a user through the api
it returns a json response.
2014-12-08 11:16:57 -07:00
Lourens Naudé fb60daa867 Introduce support for dumping Rails process heap at the end of a benchmark run 2014-12-07 22:55:37 +00:00
Blake Erickson bdc92eec70 Have log_out method return json.
This commit helps improve the discourse_api experience so that we can
check the json response if it was a success or not. This commit also
checks that a 404 is sent instead of a 500 if a bad user_id is passed
in.
2014-12-01 06:03:25 -07:00
Régis Hanol 5b90ceb71d FEATURE: rolls up 1.2.*.* IP ranges when number of entries > 10 2014-11-27 19:29:30 +01:00
Robin Ward 257bde8e2b FEATURE: "Suspect" users list in admin. 2014-11-26 13:58:16 -05:00
Régis Hanol 7b0ae702e7 FEATURE: log a new staff action when rolling up banned IP addresses 2014-11-24 19:48:54 +01:00
Régis Hanol d3d517108d FIX: display total number of other accounts with the same IP address in the IP lookup dialog 2014-11-24 19:34:04 +01:00
Régis Hanol 7b1c001932 FIX: limit other accounts deletion to 50 accounts otherwise it'll feel too slow 2014-11-24 18:05:40 +01:00
Régis Hanol 1023191315 FEATURE: roll up function for 123.456.789.* ranges 2014-11-24 17:25:48 +01:00
Sam 1c498eb491 FEATURE: API endpoint for inviting an admin 2014-11-24 15:42:56 +11:00
Sam 490cd6f539 Merge pull request #2989 from jmay/group-admin-incremental
API addition: HTTP PATCH support for /groups/xxx: incremental membership changes
2014-11-24 11:50:51 +11:00
Arpit Jalan 7455e81b31 sort screened IPs by match_count 2014-11-22 01:41:59 +05:30
Arpit Jalan 515882d224 FEATURE: export screened IPs list in a CSV file 2014-11-22 00:59:48 +05:30
Jason W. May 6f8119ebb8 Merge branch 'master' into group-admin-incremental 2014-11-21 10:04:05 -08:00
Jason W. May 98404d19c5 check that `changes` param is present 2014-11-21 10:03:29 -08:00
Sam d53b4ab5bc Merge pull request #2979 from techAPJ/patch-1
FEATURE: log out user everywhere and refresh/redirect
2014-11-21 16:59:44 +11:00
Régis Hanol b8d806ee07 FEATURE: delete all accounts from this IP in the IP lookup modal 2014-11-20 19:59:20 +01:00
Jason W. May 50de22801f API addition: HTTP PATCH support for /groups/xxx: incremental membership changes 2014-11-20 09:29:56 -08:00
Sam 6b10c4dc54 add support for hidden api keys, used in hosting scenarios 2014-11-20 15:38:20 +11:00
Robin Ward 87cd5dbcb7 Merge pull request #2985 from techAPJ/patch-3
remove /download from csv file url
2014-11-19 14:10:34 -05:00
Arpit Jalan aebf36c356 remove /download from csv file url 2014-11-20 00:34:38 +05:30
Arpit Jalan c84b51d4ae FEATURE: show exact error for test email 2014-11-19 22:58:59 +05:30
Arpit Jalan eb9eada894 FEATURE: log out user everywhere and refresh/redirect 2014-11-19 12:34:34 +05:30
Régis Hanol ec76be964e UX: better footer handling 2014-11-10 21:51:55 +01:00
Régis Hanol bb2d538194 FEATURE: log impersonations 2014-11-06 10:58:47 +01:00
Robin Ward fde5e739c9 Work in progress (up till about?) 2014-11-05 12:39:25 -05:00
Régis Hanol b09ad87098 FIX: add 'show emails' button from moderators in user admin section 2014-11-03 12:46:08 +01:00
Sam 59cc2476a1 Merge pull request #2933 from techAPJ/patch-1
trivial update to allow api endpoint for sync_sso
2014-10-30 21:39:54 +11:00
Arpit Jalan fb750af659 trivial update to allow api endpoint for sync_sso 2014-10-30 15:30:44 +05:30
Régis Hanol 6e053942a4 FIX: moderators should be able to search users by email 2014-10-29 22:08:41 +01:00
Sam 7d6d8bd0a3 FEATURE: admin end point to sync sso /admin/users/sync_sso
Must be admin to invoke (api is fine too), uses same sso payload nonce is ignored
2014-10-28 11:25:21 +11:00
Régis Hanol 10094a0bcd FIX: resolve flags as good when deleting a spam user 2014-10-20 16:59:06 +02:00
Robin Ward 0cbdf6f5bb FIX: Many bugs with admin badges interface
* Editing a badge's title would show it as changed in the side even if
  you didn't hit save

* Clicking a badge would not scroll to the top

* If there was an error saving a badge there was a missing i18n key

* URLs were using queryParams instead of paths

* User `label` tags for checkboxes for larger click targets

* Saved! text would persist when viewing another badge

* After creating a new badge it would show nothing

* Validation errors were not being properly released to the client

* Query errors were surrounded by an extra array
2014-10-17 16:14:49 -04:00
Robin Ward 2322586131 FIX: Saving a field as not required was actually making it required
until you edited it.
2014-10-14 17:21:34 -04:00
Régis Hanol 5504622c1b rename export/import in favor of backup/restore for better consistency 2014-10-10 20:04:07 +02:00
Robin Ward f9a8f6d6ce FEATURE: Support for a `required` setting on user fields. 2014-10-08 15:10:19 -04:00
Régis Hanol c46b9c0ac3 FIX: allow admins to search users by email 2014-10-07 12:05:38 +02:00
Robin Ward 381814fd5d Adds support for a description to user fields. 2014-10-02 15:56:52 -04:00
Robin Ward edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
Sam 0fc6c751cb FEATURE: implement lock/unlock trust level mechanics 2014-09-30 13:16:34 +10:00
riking bff95a6a97 Rename 'leader' -> 'tl3' 2014-09-30 13:16:34 +10:00
riking c8111ada6e FEATURE: Allow admins to lock users from TL3 promotion/demotion
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
Robin Ward 0fc0533134 FEATURE: Admin interface for adding custom fields for users 2014-09-25 16:17:51 -04:00
Robin Ward bc53d48bd7 Renaming site contents to site text 2014-09-24 16:08:14 -04:00
Sam 9428ad779f FIX: send content length with backups 2014-09-23 09:25:53 +10:00
Régis Hanol 79030c874e FIX: allow staff members to restore withdrawn posts that are flagged 2014-09-09 20:26:40 +02:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
riking 3cf493eb4f FIX: Apply contract checks when first creating a badge 2014-09-02 19:09:51 -07:00
riking 1833b43ae2 FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.

Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.

On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).

The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.

The Badge.save() method is amended to propogate errors.

Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.

Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.

An uninitialized variable path is removed in the backfill() method.

TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-31 11:25:44 -07:00
Régis Hanol 8a20d05ba5 FEATURE: backup without uploads 2014-08-20 18:53:58 +02:00
Sam 8737ffb272 Merge pull request #2658 from akshaymohite/optimization-fixes
Not initializing variable for looping if unused in loop
2014-08-18 14:42:52 +10:00
Sam baaa3e0f9f FIX: #2664 it should be validates not validate
Thanks @chancancode
2014-08-18 14:40:54 +10:00
Akshay 6301a43d57 Not initializing variable for looping if unused in loop 2014-08-15 03:24:55 +05:30
Arpit Jalan d0736a06b6 FEATURE: export user list 2014-08-15 01:46:57 +05:30