Commit Graph

5632 Commits

Author SHA1 Message Date
Sam 502a0fe778 FIX: support connecting GitHub with existing accounts 2018-12-10 09:27:00 +11:00
David Taylor 25aed5a47c FIX: Add missing android icon
Used in the "Recently Used Devices" section of user preferences
2018-12-07 15:49:40 +00:00
David Taylor 160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator (#6739)
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
David Taylor 86f8734bc0 FIX: Prioritize explicit 'connect' over matching by email
This is an edge case that was previously handled by TwitterAuthenticator, but not FacebookAuthenticator.
2018-12-07 15:05:51 +00:00
David Taylor 3cad3f9df1 DEV: Add profile fetching support to `ManagedAuthenticator` 2018-12-07 15:05:51 +00:00
David Taylor f7ce607e5d
FIX: Return 422 instead of 500 for invalid SSO signature (#6738) 2018-12-07 15:01:44 +00:00
David Taylor 6c71395bf6
FIX: Only hide shared draft topics from `latest` (#6737)
Previously we were hiding them from all topic lists, which can result in
topics being "stuck" in an unread state with no easy way to clear them.
2018-12-07 12:44:23 +00:00
Bianca Nenciu 41e184280d FEATURE: Remove full quotes of direct replies. (#6729) 2018-12-07 13:07:11 +01:00
Gerhard Schlager df3bb07ec6 UX: Add missing icons 2018-12-07 13:00:02 +01:00
David Taylor 5e09398c5b
FIX: Do not serialize user fields unless they are specified for display (#6736) 2018-12-07 10:57:28 +00:00
David Taylor 0b1d660876
UX: Make shared drafts behaviour consistent for non-staff users (#6734)
This makes it easier to diagnose the problem when a public category
is set as the 'shared drafts category'. Doing this is not recommended.
2018-12-06 18:59:29 +00:00
David Taylor ded3639f87 DEV: Add openid-connect as an official plugin 2018-12-06 16:16:47 +00:00
Xiao Guan 7ec124fc89 FEATURE: Improved deprecation warnings (#6722)
* FEATURE: Discourse.deprecate can report version

* Ember counterpart for deprecation
2018-12-06 11:38:01 +00:00
Gerhard Schlager 43cfdb1cb9 FIX: Wizard tries harder to find existing Welcome Topic
The wizard searches for:

* a topic that with the "is_welcome_topic" custom field
* a topic with the correct slug for the current default locale
* a topic with the correct slug for the English locale
* the oldest globally pinned topic

It gives up if it didn't find any of the above.
2018-12-06 10:27:22 +01:00
Guo Xiang Tan 978f0db109 SECURITY: Require groups to be given when inviting to a restricted category. (#6715) 2018-12-05 16:43:07 +01:00
Gerhard Schlager 99117d664c FEATURE: Multisite support for S3 backup store (#6700) 2018-12-05 10:10:39 +08:00
David Taylor e117deb2ba FIX: Improve avatar loading, and add tests
Follow-up from 4e2cc9c
2018-12-04 15:09:32 +00:00
Régis Hanol 3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
David Taylor 9248ad1905 DEV: Enable `Style/SingleLineMethods` and `Style/Semicolon` in Rubocop (#6717) 2018-12-04 11:48:13 +08:00
Penar Musaraj 56948896ff UX: replace FA5 compress/expand icons
Adds a new SVG sprite file that contains non-FontAwesome 5 icons to our subset.

Adds the FontAwesome 4.7.0 icons for expand / collapse.
2018-12-03 22:29:20 -05:00
David Taylor 4831c4c2ee FIX: Use safe navigation operator throughout statement 2018-12-03 20:00:28 +00:00
David Taylor e32cdb00cb Fix the build 2018-12-03 18:51:07 +00:00
David Taylor b373ff47e2 FIX: Topic is nil when first post is being created 2018-12-03 18:30:52 +00:00
David Taylor 4e2cc9caf0 FIX: Use safe navigation operator when looking for avatar URL 2018-12-03 17:28:21 +00:00
David Taylor 404acef6e3 DEV: Move `run-qunit.js` out of the vendor directory 2018-12-03 16:16:37 +00:00
Penar Musaraj f8e6a37858 FIX: raise exception when getting dimensions of missing image
- follow-up on 0eacd45ab1
2018-12-03 10:19:49 -05:00
David Taylor 9125b5fbc4 DEV: Reformat single line method definition
Following comments on 71aaed272c
2018-12-03 15:03:00 +00:00
Bianca Nenciu 3f8fa4ad4e FEATURE: Do not check consecutive replies for original poster. (#6714) 2018-12-03 02:32:29 -08:00
Rishabh 503ae1829f FIX: All multisite upload paths should start with /uploads/default/.. (#6707) 2018-12-03 12:04:14 +08:00
Maja Komel 6121d11187 FIX: make staff_edit_locks_post work with download_remote_images_to_local 2018-12-03 14:14:59 +11:00
Joffrey JAFFEUX f94c3aef7b DEV: upgrades highlight.js from v9.12.0 to v9.13.1 2018-12-03 09:45:52 +11:00
Maja Komel 1073634271 FIX: show generic title when quoting off-topic secure category posts 2018-12-03 09:42:32 +11:00
David Taylor 71aaed272c
DEV: Correct auth_provider deprecation warning 2018-11-30 22:22:26 +00:00
David Taylor 4e010382cc REFACTOR: Initialize auth providers after `plugin.activate!`
Also added some helpful functionality for plugin developers:
- Raises RuntimeException if the auth provider has been registered too late
- Logs use of deprecated parameters
2018-11-30 16:58:18 +00:00
Kyle Zhao 488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP (#6704)
* FEATURE: allow plugins and themes to extend the default CSP

For plugins:

```
extend_content_security_policy(
  script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'],
  style_src: ['https://domain.com/style.css']
)
```

For themes and components:

```
extend_content_security_policy:
  type: list
  default: "script_src:https://domain.com/|style_src:https://domain.com"
```

* clear CSP base url before each test

we have a test that stubs `Rails.env.development?` to true

* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
Penar Musaraj 7dec963f2e FIX: add vkontakte icon alias 2018-11-30 08:50:38 -05:00
David Taylor 208005f9c9 REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
Changes to functionality
  - Removed syncing of user metadata including gender, location etc.
    These are no longer available to standard Facebook applications.
  - Removed the remote 'revoke' functionality. No other providers have
    it, and it does not appear to be standard practice in other apps.
  - The 'facebook_no_email' event is no longer logged. The system can
    cope fine with a missing email address.

Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
David Taylor 534e1b1b18 DEV: Introduce Auth::ManagedAuthenticator
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00
Vinoth Kannan fc0b7c9e26 FIX: incoming email matches the wrong user if null bounce key available in db 2018-11-30 12:29:51 +05:30
Penar Musaraj ad665b901a FIX: Refactor commit a8c3ca, add test 2018-11-29 19:12:00 -05:00
Penar Musaraj a58c3ca430 FIX: limit SvgSprite scan to string setting values 2018-11-29 18:36:48 -05:00
Penar Musaraj 0eacd45ab1 FIX: refactor ImageSizer.resize
reverts 140d9c2
2018-11-29 15:28:45 -05:00
Arpit Jalan 40f10855c6
FIX: defer flags (only) when handling a flag and deleting replies (#6702) 2018-11-29 22:44:18 +05:30
Neil Lalonde 075d9fc558 Version bump to v2.2.0.beta5 2018-11-29 11:18:11 -05:00
Bianca Nenciu ddd260941e FIX: Fix query selecting users not accepting PMs. 2018-11-29 15:59:30 +08:00
Guo Xiang Tan 56034c733a UX: Strip class when link is not oneboxed due to site setting limits. 2018-11-29 14:33:01 +08:00
Rishabh 871d4543cc FIX: Use File.join for relative_base_url, fix spec 2018-11-29 09:49:56 +05:30
Rishabh 05a4f3fb51 FEATURE: Multisite support for S3 image stores (#6689)
* FEATURE: Multisite support for S3 image stores

* Use File.join to concatenate all paths & fix linting on multisite/s3_store_spec.rb
2018-11-29 12:11:48 +08:00
Penar Musaraj 6568832235 FIX: map discord/patreon FA5 icons for login buttons correctly 2018-11-28 14:36:36 -05:00
Vinoth Kannan bfb3c4d9f9 DEV: create bounce alert earlier if email_log detected from bounce_key 2018-11-28 21:13:06 +05:30