Commit Graph

2774 Commits

Author SHA1 Message Date
Neil Lalonde d0fbb27f3e FEATURE: new invite acceptance page, where username can be chosen and password can be set 2017-02-15 16:51:57 -05:00
Sam 9c51e3e8e7 amend preloader api to supply topic list 2017-02-15 12:04:02 -05:00
Sam 2c59ffeb2c FIX: token rotation not accounting for overlapping tokens correctly
also... freeze_time has no block form, correct all usages and specs
2017-02-15 10:58:18 -05:00
Marica Odagaki a9a585f66a Use && and || consistently so that there's less chance of copy paste errors in the future 2017-02-15 00:25:49 -08:00
Marica Odagaki 3bb1b98b0e FIX: admin dashboard shouldn't complain when using iam profile for s3 access
Previous code wasn't working as intended because it was parsed as

    (bad_keys = (access_key or secret_key)) and !use_iam_profile

because of Ruby's operator precedence: `=` binds more eagerly than `and`.

http://ruby-doc.org/core-2.3.1/doc/syntax/precedence_rdoc.html

See also: https://github.com/bbatsov/ruby-style-guide#no-and-or-or
2017-02-15 00:22:14 -08:00
Sam f2099c3811 adjust API 2017-02-14 16:32:33 -05:00
Sam 89d5e8ab4b FEATURE: allow plugins to preload data in topic list 2017-02-14 16:29:06 -05:00
Sam 5346cd3514 correct the test 2017-02-14 09:34:39 -05:00
Sam c52784f9d2 FIX: race condition when marking tokens as seen
- in rare conditions can lead to users being logged off
2017-02-14 09:34:09 -05:00
Sam 0ab96a7691 FEATURE: add hidden setting for verbose auth token logging
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
Robin Ward 0e58e393a1 FIX: === and a better constant, thanks @ZogStriP 2017-02-13 13:14:19 -05:00
Robin Ward e1d358ffbf FIX: Don't clear the login hint when the system user is saved 2017-02-13 10:54:20 -05:00
Jeff Atwood 3ee7a9266c Merge pull request #4686 from tgxworld/group_is_visible_if_user_is_group_owner
FIX: Show groups that user is owner of on groups page.
2017-02-11 22:18:44 -08:00
Sam Saffron 4332f0dde1 FEATURE: allow user search API to restrict to group 2017-02-09 18:45:39 -05:00
Sam 53ea8942e8 action to be reserved for assigned plugin 2017-02-08 12:10:16 -05:00
Sam f34907b523 Merge pull request #4681 from vietqhoang/feature/add-user-title-to-sso-payload
FEATURE: Add user title to SSO payload
2017-02-07 10:25:32 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Régis Hanol 84af84dc52 prevent inactive & staged users from being automatically added to a group 2017-02-06 17:49:27 +01:00
Robin Ward f1e7bca3c9 FEATURE: Warn a user when they're replying to the same user too much 2017-02-03 17:00:54 -05:00
Robin Ward b251d11518 FIX: If you make a new banner, clear the old dismissed values 2017-02-03 15:07:38 -05:00
Guo Xiang Tan 61111a3f9b FIX: Show groups that user is owner of on groups page. 2017-02-03 16:51:32 +08:00
Arpit Jalan 6b8691ecea Merge pull request #4685 from techAPJ/approve-users-invite-fix
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:22:18 +05:30
Arpit Jalan dc2171960b FIX: allow existing users to be invited to topic/message when must_approve_users is enabled 2017-02-03 13:01:23 +05:30
Guo Xiang Tan ec73224b5e PERF: Remove N+1 query when saving a user. 2017-02-03 15:03:33 +08:00
Neil Lalonde b91cb92af0 FIX: reports for time to first reply and topics without replies were counting whispers and moderator actions 2017-02-02 17:27:41 -05:00
Guo Xiang Tan 3c28d94706 FIX: Don't configure Redis connector if Redis slave config is not set. 2017-02-02 13:48:55 +08:00
Guo Xiang Tan d449f782a3 Revert "FIX: Don't skip callbacks when rebaking posts."
This reverts commit 06c651f8c9.

If site settings are changed, there is a chance that the post
will fail PostValidator's validations.
2017-02-01 10:52:15 +08:00
Viet Hoang 40164ccd4a Add user title to SSO payload 2017-01-31 16:42:27 -08:00
Guo Xiang Tan c01cee4aa6 PERF: N+1 query when saving a user. 2017-01-27 10:53:42 +08:00
Robin Ward 496682c442 Merge pull request #4662 from tgxworld/fix_localized_group_name_change
Fix localized group name change
2017-01-26 10:50:00 -05:00
Guo Xiang Tan bed11dfa0e FIX: Polls permanently broken if post requires approval. 2017-01-26 13:29:43 +08:00
Guo Xiang Tan 06c651f8c9 FIX: Don't skip callbacks when rebaking posts. 2017-01-25 17:47:13 +08:00
Guo Xiang Tan 32846aad2a FIX: Toggling post's wiki status should not create a new version. 2017-01-20 15:42:33 +08:00
Arpit Jalan 0791c2c966 FIX: sso_overrides_avatar should override previously set avatar 2017-01-19 10:52:24 +05:30
Guo Xiang Tan 706b4f6b9f FEATURE: Remap group mentions when group name has been changed. 2017-01-18 13:39:34 +08:00
Guo Xiang Tan 59dfb51a35 FIX: Don't change automatic group name if localized name has been taken. 2017-01-18 12:20:23 +08:00
Régis Hanol fbf9172db8 FIX: log backups download/destroy staff action
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:53:31 +01:00
Robin Ward 86c52c72f6 FIX: Deleting a user was not deleting their directory items 2017-01-16 11:46:52 -05:00
Guo Xiang Tan 63954c1b33 FIX: Same user record being saved twice causing validation to fail. 2017-01-16 16:41:03 +08:00
Guo Xiang Tan e3b6f9b8ae FIX: Do not update user stats like counts for private messages. 2017-01-16 11:07:53 +08:00
Guo Xiang Tan ed5fa20b0c Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
This reverts commit 9c40657ba4.

Calling this whenever a user is initialize is hurting us bad
on performance.
2017-01-16 09:44:10 +08:00
Neil Lalonde e8307ac24c FIX: mailing list mode digest emails included whispers 2017-01-13 13:46:33 -05:00
Robin Ward adb73180f7 FEATURE: Let plugins register themes easily 2017-01-13 11:50:52 -05:00
Guo Xiang Tan 515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00
Régis Hanol 887e9af84f FEATURE: new 'max_image_megapixels' site setting 2017-01-11 23:37:12 +01:00
Neil Lalonde fc0a0a76a4 Add more info in staff action logs for blocking a user, and add logging for lock trust level, activate, and deactive user 2017-01-10 17:25:36 -05:00
Robin Ward 7341b0d03c Don't give notifications to admins for trust level notifications 2017-01-10 12:18:48 -05:00
Robin Ward b60bc47a4c Plugins can register providers for global settings 2017-01-09 17:18:58 -05:00
Guo Xiang Tan 3d21ccd4a5 FIX: Add validation to disallow censored words in topic title. 2017-01-09 16:55:41 +08:00
Guo Xiang Tan ad4a96d387 FIX: Only send membership request to the last 5 active group owners. 2017-01-03 15:33:57 +08:00
Guo Xiang Tan 8a4e9c1940 Merge pull request #4633 from xfalcox/resize-emoji-full-path
FIX: Use full path for emoji resize job
2017-01-03 14:00:00 +08:00
Guo Xiang Tan 980cea7081 FIX: Add length validation for `User#name`. 2017-01-03 13:42:33 +08:00
Rafael dos Santos Silva 9ee67ad89c FIX: Use full path for emoji resize job 2017-01-02 13:34:32 -02:00
Régis Hanol c4552ef8c1 slightly shorter regexp for OptimizedImage.safe_path? 2017-01-02 16:28:14 +01:00
Guo Xiang Tan f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Neil Lalonde 9c40657ba4 FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level 2016-12-28 17:36:04 -05:00
Robin Ward 889efe48be FIX: Customization templates were not working with Glimmer2 2016-12-27 12:17:30 -05:00
Arpit Jalan d72cbcb2a4 FEATURE: new setting to validate user website 2016-12-26 21:29:27 +05:30
Sam c531f4ded5 remove rails-observers
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.

For example: if we want to upgrade to rails 5 there is no published gem

Internally the usage of observers had quite a few problem.

The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam 019f1a1d06 UserEmailObserver is now removed
no big surprises here was pretty straightforward

after_commit semantics sure are weird though
2016-12-22 16:46:53 +11:00
Sam 2f6a4cc6de remove UserActionObserver, replace with after_save and service
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam 0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Robin Ward 1463e9ae46 FIX: Couldn't resolve raw customization 2016-12-21 16:19:04 -05:00
Robin Ward ca20560d1f FIX: Should use `RAW_TEMPLATES` scope for header customizations 2016-12-21 10:54:23 -05:00
Guo Xiang Tan 13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Guo Xiang Tan 5d7f3223f0 SECURITY: Users can only bookmark posts which they can see. 2016-12-21 12:01:26 +08:00
Sam 2b808ad9da Merge pull request #4609 from joebuhlig/category-topics-wiki
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde 74956694e5 If summary email finds no topics, show topics more than 1 day old from new users 2016-12-19 14:54:08 -05:00
Neil Lalonde 923cf73c6e Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox. 2016-12-19 14:54:07 -05:00
Joe Buhlig 87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Sam eb2db23b40 FEATURE: remove email_token_grace_period_hours
The site setting email_token_grace_period_hours just causes confusion and
should not be used anyway.

Out of the box, tokens stop working once confirmed, no need to add complexity here
2016-12-19 17:15:20 +11:00
Sam 15b5fddd49 SECURITY: protect upload params, only allow very strict filenames 2016-12-19 10:16:18 +11:00
Guo Xiang Tan 43ee9f884e FEATURE: Add `Group#full_name`. 2016-12-13 16:16:26 +08:00
Guo Xiang Tan 69330f8bc2 Add user_updated event to webhooks. 2016-12-13 11:26:26 +08:00
Neil Lalonde 239d06b218 add Likes Recieved to possible stats in summary email 2016-12-12 14:20:25 -05:00
Guo Xiang Tan 4a1340b14e Update annotations. 2016-12-12 22:59:40 +08:00
Guo Xiang Tan 9a800107cb FIX: Associate category logo and background to uploads record. 2016-12-12 17:37:28 +08:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Guo Xiang Tan 78553151ea Update annotations. 2016-12-12 17:00:30 +08:00
Sam 02b21a26dd Merge pull request #4585 from ibnesayeed/urdu-support
Add initial Urdu support with RTL direction
2016-12-09 13:01:25 +11:00
Régis Hanol f4688f74db FIX: emoticons stop summary from being updated 2016-12-07 23:05:14 +01:00
Erick Guan 52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Régis Hanol 06469ef0ce FIX: don't extract links from .elided parts 2016-12-05 15:19:15 +01:00
Arpit Jalan 431aa79bb3 Merge pull request #4587 from techAPJ/invite-upload
FIX: simplify CSV file upload
2016-12-05 14:30:13 +05:30
Guo Xiang Tan ce9f24dec9 Merge pull request #4588 from tgxworld/add_new_fields_to_group
Add new fields to group
2016-12-05 09:59:27 +01:00
Guo Xiang Tan adb7fcb6b3 FEATURE: Add bio to group page. 2016-12-05 16:58:04 +08:00
Arpit Jalan ce974da9e5 FIX: simplify CSV file upload 2016-12-05 14:09:08 +05:30
Sam 3e099ab2b1 PERF: avoid query on every logged on page load 2016-12-05 17:38:02 +11:00
Guo Xiang Tan 31acd311e5 FEATURE: Allow group owners to edit group name and avatar flair. 2016-12-05 14:27:46 +08:00
Sam 33d0a23d84 Merge branch 'fix_whisper' 2016-12-05 10:01:03 +11:00
Sawood Alam 49fc54aac6 Add initial Urdu support with RTL direction 2016-12-03 23:17:51 -05:00
Guo Xiang Tan e51574bea0 FIX: No need to fetch the model. 2016-12-02 17:17:03 +08:00
Guo Xiang Tan 3971f96aa6 Merge pull request #4536 from fantasticfears/webhooks-edit
FIX: missing post and topic edited webhooks
2016-12-02 10:16:19 +01:00
Sam 9b885c039a Merge branch 'master' into fix_whisper 2016-12-02 17:44:05 +11:00
Sam c04d4171ff FIX: whisper no longer experimental
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
Régis Hanol 453d149182 just checking for existence is enough here 2016-11-30 23:41:07 +01:00
Erick Guan 8c8549b27b
FIX: missing post and topic edited webhooks 2016-11-30 20:49:45 +01:00
Régis Hanol 57d0369894 FIX: don't raise an exception when a link was already extracted 2016-11-30 18:05:59 +01:00
Régis Hanol dec8a861f0 FIX: don't raise exception when a quote was already extracted 2016-11-30 17:18:34 +01:00
Sam 1939104d46 Add mapping for Discourse solved
This basically reserved user action 15 for Discourse solved.
2016-11-29 16:17:32 +11:00