Commit Graph

145 Commits

Author SHA1 Message Date
Robin Ward f9069c350f FIX: Permission issues when editing topics
If a user can't create a topic in a category, they should'be be
able to edit topics.
2015-04-30 17:08:12 -04:00
Arthur Neves b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec
This conversion is done by Transpec 3.1.0 with the following command:
    transpec

* 424 conversions
    from: obj.should
      to: expect(obj).to

* 325 conversions
    from: == expected
      to: eq(expected)

* 38 conversions
    from: obj.should_not
      to: expect(obj).not_to

* 15 conversions
    from: =~ /pattern/
      to: match(/pattern/)

* 9 conversions
    from: it { should ... }
      to: it { is_expected.to ... }

* 5 conversions
    from: lambda { }.should_not
      to: expect { }.not_to

* 4 conversions
    from: lambda { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should_not
      to: expect { }.not_to

* 1 conversion
    from: === expected
      to: be === expected

* 1 conversion
    from: =~ [1, 2]
      to: match_array([1, 2])

For more details: https://github.com/yujinakayama/transpec#supported-conversions
2015-04-25 11:18:35 -04:00
Régis Hanol 3a40875e0b Merge pull request #3247 from jmay/group-manager-invites
group manager can issue invitations from restricted topics
2015-03-16 09:53:04 +01:00
Neil Lalonde 608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Jason W. May 0f36774246 group manager can invite members into the group from any restricted topic 2015-03-03 12:18:42 -08:00
Régis Hanol 1a070b16e4 FIX: use the 'post edit time limit' for topics too 2015-02-25 20:53:21 +01:00
Régis Hanol 3cad4824d7 FEATURE: allow moderators to see flagged private messages 2015-02-16 13:03:04 +01:00
Robin Ward e207ca36ee Easier helper for filtering secured categories 2015-02-12 11:52:59 -05:00
Luciano Sousa 0fd98b56d8 few components with rspec3 syntax 2015-01-09 13:34:37 -03:00
Régis Hanol 6cec925f26 FIX: all PMs should be flaggable 2015-01-08 16:06:43 +01:00
Neil Lalonde 3cb25b019e FIX: when private messages are disabled in settings, flag modal shouldn't show private message options 2014-12-19 16:47:39 -05:00
Régis Hanol de76b512c1 fix most deprecations in the specs (still some left) 2014-09-25 17:44:48 +02:00
Robin Ward 309b67add4 FIX: If a post has been hidden due to flagging, don't use the absolute
edit window for edit prevention.
2014-09-16 11:21:14 -04:00
Sam 0f585bcdbe FIX: PM should never be allowed to have a category
FIX: TL3 should not be allowed to muck with PM titles
2014-09-11 17:39:34 +10:00
Sam e3f7d2a3ac remove elder terminology in specs 2014-09-05 16:55:48 +10:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Neil Lalonde 2f32af3941 FIX: staff should be able to edit topics that have been archived 2014-08-15 12:45:05 -04:00
Sam 347aa343b0 fix spec, I don't agree with allowing mods and staff to edit this 2014-08-15 12:56:03 +10:00
Neil Lalonde 5caf72510c Prevent deleting the static page doc topics 2014-08-13 17:03:45 -04:00
Régis Hanol 3ae1ebdfc3 FIX: use PostDestroyer when deleting/recovering a topic 2014-08-07 19:12:35 +02:00
Sam e7e70d14da Merge pull request #2591 from BenLubar/benlubar-edit-history-public
add profile option for edit history visibility
2014-07-30 14:09:10 +10:00
Neil Lalonde fc22127726 FIX: only admin can edit faq, tos, and privacy policy 2014-07-29 10:40:09 -04:00
Ben Lubar 93ea940a4d add spec for public edit history 2014-07-29 01:00:39 -05:00
Régis Hanol bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
riking 19b757b058 FEATURE: Hide deleted posts by default for staff 2014-07-17 10:40:15 -07:00
Arpit Jalan 48f86181bf REFACTOR: move all conditions to guardian 2014-07-04 23:04:19 +05:30
Robin Ward a2fec165d5 Disable editing of hidden posts within a timeframe from when the post
was initially hidden.
2014-06-20 15:38:03 -04:00
Neil Lalonde 4f523ae1b9 Don't allow invites if local logins are disabled, since it provides a way to bypass external auth 2014-06-18 16:46:20 -04:00
Neil Lalonde faed17aa18 Moderators should always be able to create topics too 2014-06-09 15:28:03 -04:00
Neil Lalonde 4d50d0d109 FIX: admins should be able to create topics, even if min_trust_to_create_topic is higher than their trust level 2014-06-09 11:03:21 -04:00
Wojciech Zawistowski 960d64930c Wiki Post 2014-05-13 08:53:11 -04:00
Neil Lalonde e68e97d986 FIX: moderators can't see private topics that they aren't invited to see. 2014-05-12 15:26:46 -04:00
Neil Lalonde f44bd4ec28 Don't allow sending private messages to suspended users. Emails to suspended users should tell them how to respond, since they can't. 2014-05-06 15:01:27 -04:00
Neil Lalonde 7993c27ce5 Also allow system_user to send pm's even if enable_private_messages is disabled 2014-04-25 14:52:57 -04:00
Neil Lalonde ee8bbadfe8 Allow contact user to send private messages even if enable_private_messages is false 2014-04-23 17:00:22 -04:00
Robin Ward 84da39f5dc FIX: Admins should always be able to see groups so they can edit them. 2014-04-23 15:15:46 -04:00
Robin Ward af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Robin Ward 539890afdf Let's not show tons of extra information about invites unless you're the
person who invited them.
2014-03-21 14:16:11 -04:00
Neil Lalonde 2c725e2779 FEATURE: Trust level 4 abilities: pin/unpin, close, archive, make invisible, split/merge topic 2014-03-17 14:50:28 -04:00
Forest Carlisle e904b2faad Adding name to the list of uneditable items in preferences UI
* If enable_names,  enable_sso, and sso_overrides_name settings are true.
  * Added serialization of can_edit_name so the UI has access to the right.
2014-03-13 13:26:40 -07:00
Régis Hanol fd1c824187 Revert "Merge pull request #2116 from LessonPlanet/disable-name-edit-for-sso"
This reverts commit 91aa21671a, reversing
changes made to f19596af0d.
2014-03-13 18:17:59 +01:00
Neil Lalonde 283dc7dd2d Trust level 4: add ability to edit any post and see edit history 2014-03-13 10:47:49 -04:00
Forest Carlisle e8c7c6fab7 Adding name to the list of uneditable items in preferences UI
* If enable_names,  enable_sso, and sso_overrides_name settings are true.
2014-03-12 17:09:53 -07:00
Neil Lalonde 2838e1c3b5 FIX: don't show option to flag with notify_user to trust level 0 users. they can't send private messages. 2014-03-10 11:48:40 -04:00
Douglas Browne a1e70ac57e Added spec for SSO override username/email changes 2014-03-09 21:38:36 -04:00
Neil Lalonde b696c96a19 Look at the age of a user's first post to determine if the user can be nuked, instead of looking at when the user registered. 2014-02-20 12:29:40 -05:00
Neil Lalonde 8711762143 Users who have made no more than one post can delete their own accounts from their user preferences page. 2014-02-13 13:52:06 -05:00
Sam 81a4b4d97e Merge pull request #1939 from lukemelia/patch-1
Fixed typo in test name
2014-02-13 17:15:49 +11:00
Robin Ward f73a3f252a FIX: Don't allow parent categories to be deleted. Also, remove
duplicated logic and rely on the server response for `can_delete`
status.
2014-02-12 17:24:25 -05:00
Luke Melia e4ff06baad Fixed typo in test name 2014-02-12 15:24:44 -05:00
Sam 93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Robin Ward 8c29ed870e Non-staff users may not delete their posts in archived topics. 2014-01-17 17:42:12 -05:00
Neil Lalonde 7c8ea8c166 Trust level 3 users can edit topic titles and change category 2014-01-16 11:59:26 -05:00
Neil Lalonde 259295d865 Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year. 2014-01-09 11:55:04 -05:00
verg 8a830fb8e3 Prevent deleting 'uncategorized' category 2013-12-31 11:22:44 -06:00
Jithu Gopal 9584ecb295 fixing gender sensitive pronouns 2013-12-03 10:19:54 +05:30
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Robin Ward de30af9302 Support for inviting to a forum from a user's invite page. 2013-11-06 12:56:50 -05:00
Sam 666264879c change it so all topics MUST include a category, we store a special uncategorized category to compensate
this cleans up a bunch of internals and removes some settings
2013-10-24 12:08:02 +11:00
Matthieu Guillemot 3ba1f20674 New site settings to enable/disable the possibility of editing user's nickname or email address 2013-09-14 21:34:21 +09:00
Sam 5b08f73561 give god rights of impersonation to developers, must be edited into the production.rb config file 2013-09-05 10:27:34 +10:00
Neil Lalonde b47eedba00 Add min_trust_to_create_topic setting to require a certain trust level before users can start new topics 2013-09-03 19:12:22 -04:00
Neil Lalonde 663adde90e Users can change their own username at any time if they have no posts 2013-08-23 11:23:00 -04:00
Régis Hanol c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Neil Lalonde b8a1e21dbd Delete all posts is allowed for the same amount of time as delete user 2013-08-13 11:11:05 -04:00
Neil Lalonde b36c6d7b78 Users cannot change their own username after 3 days since registering. Site setting username_change_period allows you to change the number of days. 2013-08-12 14:55:09 -04:00
Neil Lalonde 4fd5087f91 Add button to delete a spammer in the flag modal
Add SiteSettings: delete_user_max_age, delete_all_posts_max. Add delete spammer button to admin flags UI
Moderators can delete users too
2013-07-29 15:29:44 -04:00
Neil Lalonde e25638dab0 add a way to delete posts and topics when deleting a user with UserDestroyer 2013-07-29 15:29:43 -04:00
Sam 7b1f9928e4 staff can change trust levels 2013-07-23 09:13:48 +10:00
Sam 1f3c5cb656 allow end user to recover a post they delete
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Sam 352ac9e60c Finalize read only and post only categories, finished off UI work 2013-07-16 15:46:11 +10:00
Sam ecf17cfebb work in progress, add fidelity to category group permissions (full, create posts, readonly) 2013-07-16 15:46:11 +10:00
Robin Ward 6ca5df0a09 Can recover deleted topics. Deleted topics show the first post as deleted in the UI. 2013-07-12 12:09:17 -04:00
Robin Ward 19c169540c Staff can enter and view deleted topics 2013-07-11 16:39:35 -04:00
Neil Lalonde 7977deb3bf Don't allow editing of title and category of an archived topic 2013-07-09 16:54:46 -04:00
Robin Ward b7327942af Add `deleted_by` to `Trashable` tables 2013-07-09 15:46:36 -04:00
Neil Lalonde b2d300fe0b Add ability to give users a title. Show them under usernames beside posts. Needs love from a designer. 2013-06-25 18:39:20 -04:00
Sam e53aa45f54 I think this is more correct, admins/mods should always be able to invite 2013-06-21 16:35:27 +10:00
Neil Lalonde c4904aacc0 Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin. 2013-06-03 16:37:40 -04:00
Matt Van Horn 872995db57 refactor guardian class for clarity & correctness
introduce NullUser to avoid type-checking
DRY up code
reduce number of multiple returns
remove some redundant/impossible logic branches
add pending test for possible bug
add test & fix for ability to flag archived posts
add #secure_category? method to topic class
Fix bug that prevented flagging of archived topics
Rename NullUser to AnonymousUser
DRY up can_<action>? methods
Fix some ownership logic, and a test, for Guardian
2013-05-22 01:09:34 -07:00
Sam b5eff93a9d update message bus to support per client filtering
start work on user_tracking_state
fix can_ban? in guardian
expose protected scopes on topic_query we need
move guardian spec to use build as opposed to creating topics / posts / users
start work on user tracking spec
2013-05-21 16:39:51 +10:00
Sam 4f328e3e45 +x on files makes no sense unless they really are executable
rails in the script dir makes no sense, use binstubs or bundler instead
2013-05-09 17:35:15 +10:00
Sam e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam 65cd00cf25 moderators now have teeth, more at http://meta.discourse.org/t/moderator-permission-set/6307/5
allow pms to be targetted at groups
2013-05-02 15:15:53 +10:00
Sam 5cfcdc7ef0 backend for secure categories mostly done (todo pm groups) 2013-04-29 16:33:43 +10:00
Neil Lalonde 651cfba93f Add ability to destroy a user with 0 posts 2013-04-12 16:53:00 -04:00
Robin Ward 738789f336 Admins can't lock themselves out of a site by setting approval. 2013-04-03 12:23:28 -04:00
Karan Misra 5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
Robin Ward 59fc3bfac4 PostDestroyer to replace callbacks for destroying 2013-03-18 17:55:11 -04:00
Gosha Arinich 0c99dea153 introduce Enum 2013-03-01 21:16:36 +03:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Ismael Abreu 80bec6efc9 Adds grant and revoke moderation buttons so admins can make users moderators 2013-02-14 01:12:23 +00:00
Robin Ward 03a798b202 Can clear flags on deleted posts if you're a moderator 2013-02-08 19:07:29 -05:00
Robin Ward 084a873b91 Give regular users a delete button. If they click it, their post will be revised to
say it was deleted.
2013-02-07 15:14:23 -05:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00