Neil Lalonde
48ee89940e
Merge pull request #1423 from einarj/nickname_registration_service
...
Nickname registration service object
2013-09-09 11:37:56 -07:00
Neil Lalonde
b73f4e9864
Put category description in meta description tag
2013-09-09 11:38:09 -04:00
Einar Jonsson
724b3aadcf
Extracted nickname registration out of the UsersController and into its
...
own service.
2013-09-09 09:26:50 +00:00
Régis Hanol
45b838009c
proper content-disposition header when downloading attachments
2013-09-06 19:23:56 +02:00
Neil Lalonde
45d7765936
Merge branch 'master' into mobile
2013-09-05 15:54:22 -04:00
Robin Ward
71c1b8b9b9
When deleting a post as staff, ask if you want to delete direct replies too
2013-09-05 11:03:34 -04:00
Robin Ward
f157ec1f91
Select +Replies for bulk operations
2013-09-05 11:03:29 -04:00
Robin Ward
46efbac40e
Add "Unread" filter to messages tab. Rename the other two views.
2013-08-30 12:32:05 -04:00
Emili Parreno
ee96fabcba
Allow CAS authentication
2013-08-28 14:34:51 +02:00
Sam
61281a3c81
invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users
2013-08-28 17:18:31 +10:00
Neil Lalonde
9efa29e688
Detect whether to use mobile view. Session var mobile_view can override automatic detection.
2013-08-27 14:57:42 -04:00
Neil Lalonde
89265c3a8b
FIX: BAD CSRF on login. Don't check csrf in the fake login form since it doesn't actually do anything.
2013-08-27 11:31:14 -04:00
Sam
c4a0152dc6
recover from bad CSRF tokens without requiring a hard refresh of the browser
2013-08-27 15:56:12 +10:00
Einar Jonsson
9085cec232
Move json hash from users controller to NicknameUnavailable
2013-08-26 15:00:11 +00:00
Sam
afd1a3ac7b
yeah ... we should be installing the gem :)
2013-08-26 13:52:15 +10:00
Sam
213ce33af2
Fixed all broken specs
...
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
b52aba15e0
major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily
2013-08-26 12:59:17 +10:00
Sam
90dddb4395
store honeypot challenge in redis for extra security
2013-08-26 12:55:13 +10:00
Sam
c4a2e62a95
Merge pull request #1378 from justin808/justin808_cc
...
Lower Complexity of UsersController
2013-08-25 17:14:39 -07:00
Einar Jonsson
0d22a77c63
Added test case for nickname registration failure
...
* Also made a minor readability change by moving the auth.present? check
* from UsersController#create into #create_third_party_auth_records
* which is the method that relies on the check.
2013-08-25 20:18:07 +00:00
Robin Ward
b32e87c929
Merge pull request #1377 from ZogStriP/avatar-work
...
Improved specs for avatar + added a warning whenever the uploaded image is not a square
2013-08-25 07:30:34 -07:00
Robin Ward
b74754e673
Merge pull request #1371 from einarj/cleanup_user_registration
...
Extracted nickname registration into a private controller method
2013-08-25 07:30:10 -07:00
Robin Ward
e1efde6707
Merge pull request #1376 from gcapizzi/lists_controller_refactoring
...
ListController refactoring
2013-08-25 07:29:35 -07:00
Justin Gordon
464595df5c
Lower Complexity of UsersController
...
https://codeclimate.com/github/discourse/discourse/UsersController#method-complexity
2013-08-24 22:57:12 -10:00
Robin Ward
c0b051c9f6
Show Private Messages pill as a topic list rather than individual messages.
2013-08-24 16:58:16 -04:00
Régis Hanol
3b9e62e6b9
improved specs for avatar
2013-08-24 22:45:05 +02:00
Giuseppe Capizzi
6f19cb7252
Extract ListController#list_target_user
2013-08-24 19:38:02 +02:00
Einar Jonsson
84987cd835
Extracted nickname registration into a private controller method
2013-08-23 09:46:33 +00:00
Neil Lalonde
86012ac579
Fix a case when the wrong topic is loaded because the slug starts with a number
2013-08-22 16:23:46 -04:00
Sam
d7596840e5
only staff should be able to see bookmarks and favs of other users
...
ensure that when they click on them they see the correct topics (topics for user they are looking at, not current user)
2013-08-22 09:18:54 +10:00
Neil Lalonde
47add6da70
Log when a site customization is deleted
2013-08-21 12:33:24 -04:00
Neil Lalonde
a95303fcd8
Log site customization changes. Use a modal to show staff action log details for site customizations.
2013-08-21 12:33:24 -04:00
Einar Jonsson
916a3f33f2
Refactored user activation business logic out of UsersController and
...
into a UserActivator class.
2013-08-21 09:22:34 +00:00
Neil Lalonde
3abeb5f793
Staff action logs can be filtered to changes of one site setting
2013-08-20 13:50:51 -04:00
Sam
df2b0b47bd
Merge pull request #1360 from michaelkirk/feature/oauth2
...
not recording Oauth2 user email
2013-08-19 14:57:05 -07:00
Neil Lalonde
1d030666d8
Log site setting changes and show in admin
2013-08-19 16:58:38 -04:00
Michael Kirk
9e8d8870f5
fixed: record Oauth2 user email
2013-08-19 11:21:27 -07:00
Sam
a9393e4a7a
paging for flag list
...
corrected reload behavior on flag list
refactored post actions ... extracted flag queries
2013-08-19 21:14:26 +10:00
Michael Kirk
4af8a9102e
Authenticate with Discourse via OAuth2
...
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol
ea6e73076b
change your avatar in a modal
2013-08-17 00:35:29 +02:00
Neil Lalonde
b6285b85d2
Add reject option to pending users page
2013-08-16 11:42:43 -04:00
Neil Lalonde
293361dcd3
Screened URLs list in admin
2013-08-15 10:52:26 -04:00
Sam
11dca1fd92
make code climate a bit happier
2013-08-06 06:25:44 +10:00
Neil Lalonde
86647f0a54
Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail.
2013-08-14 16:08:23 -04:00
Robin Ward
aec929b184
Screw it, don't choose columns.
2013-08-14 12:26:31 -04:00
Robin Ward
a05ffafd4c
FIX: Direct link to Avatar
2013-08-14 12:22:44 -04:00
Robin Ward
479ca86713
FIX: Don't select columns if we don't have to.
2013-08-14 12:18:54 -04:00
Robin Ward
6793cba4ae
FIX: Displaying actions
2013-08-14 12:04:35 -04:00
Régis Hanol
4866f4d8f5
FIX: N+1 query for avatars
2013-08-14 15:25:05 +02:00
Régis Hanol
3524b90d6a
FIX: avatars in quotes/oneboxes
...
Avatars in quotes/oneboxes are still pointing to the old
`/users/:username/avatar(/:size)` route.
So, this adds back the old avatar route for the transition period.
2013-08-14 12:20:05 +02:00
Régis Hanol
c867b67a0b
custom avatar support
2013-08-13 22:08:29 +02:00
Neil Lalonde
b36c6d7b78
Users cannot change their own username after 3 days since registering. Site setting username_change_period allows you to change the number of days.
2013-08-12 14:55:09 -04:00
Neil Lalonde
bb492eb8bf
Add filtering to staff logs page
2013-08-09 16:59:05 -04:00
Neil Lalonde
90a3bcf6ff
Add filter by action to staff logs page
2013-08-09 10:06:59 -04:00
Neil Lalonde
33bddbff85
Use Ember.ListView for staff action logs page
2013-08-09 10:06:58 -04:00
Neil Lalonde
0d44313a4b
Use Ember.ListView for blocked emails list
2013-08-09 10:06:58 -04:00
Neil Lalonde
5c8c52482a
Add a way to view staff action logs in admin
2013-08-07 16:27:34 -04:00
Neil Lalonde
d2fb6ec53f
Blocked Emails list in admin
2013-08-07 16:27:34 -04:00
Robin Ward
1c3804934e
Show the entire history of replies above a post when you expend "in reply to"
2013-08-06 17:43:10 -04:00
Neil Lalonde
c74da0d262
Admins who haven't been approved can log in when must_approve_users is enabled
2013-08-06 16:51:29 -04:00
Neil Lalonde
98b58150bb
Dashboard calculations are done with an async job now
2013-08-02 18:32:33 -04:00
Sam
803d023e23
Fixed GitHub auth, GitHub can provide us with a valid email - so automatically log in for those cases
2013-08-02 12:16:44 +10:00
Sam
160107a712
working plugin interface for custom openid auth, custom css and custom js
2013-08-01 16:02:43 +10:00
Neil Lalonde
16cd3e2a53
Fix to allow admins to change the case of a someone's username
2013-07-30 16:48:45 -04:00
Neil Lalonde
06140740d0
Version checks: tolerate old version check data that can happen immediately after upgrading but forgetting to restart sidekiq/clockwork. Don't cache version check data along with other dashboard data.
2013-07-30 12:12:04 -04:00
Neil Lalonde
4fd5087f91
Add button to delete a spammer in the flag modal
...
Add SiteSettings: delete_user_max_age, delete_all_posts_max. Add delete spammer button to admin flags UI
Moderators can delete users too
2013-07-29 15:29:44 -04:00
Neil Lalonde
e076158789
Add ip_address, email, and context to staff_action_logs table. Context should usually be the url from which the staff member performed the action, but could be any string that describes what the staff member was doing when the action was performed.
2013-07-29 15:29:43 -04:00
Neil Lalonde
5f3e9131ed
Deleting a user from admin user page has the option to also block signups from the same email address
2013-07-29 15:29:43 -04:00
Neil Lalonde
5f8a130277
Add BlockedEmail, to block signups based on email. Track stats of how many times each email address is blocked, and last time it was blocked. Move email validation out of User model and into EmailValidator. Signup form remembers which email addresses have failed and shows validation error on email field.
2013-07-29 15:29:43 -04:00
Neil Lalonde
e25638dab0
add a way to delete posts and topics when deleting a user with UserDestroyer
2013-07-29 15:29:43 -04:00
Neil Lalonde
a8df9778b5
Rename AdminLog to StaffActionLog
2013-07-29 15:29:43 -04:00
Sam
22893e203a
Merge pull request #1260 from sir-pinecone/reactivate-admin-refresh-btn
...
Fix auto-group refresh response so that ajax callback runs
2013-07-28 22:22:55 -07:00
Sam
aa6c92922d
SECURITY: correct our CSRF implementation to be much more aggressive
2013-07-29 15:13:13 +10:00
Sam
4a20d09523
distributed memoizer added to ensure absolute duplicate posts don't get through
...
in case of an absolute dupe just return the memoized post
This works around issues with wordpress being crazy
2013-07-29 12:25:19 +10:00
Michael Campagnaro
aa7e96c0fa
Fix auto-group refresh response so that ajax callback runs
2013-07-26 19:47:32 -04:00
Robin Ward
c28b377494
Don't redirect to arbitrary URLs via link tracker
2013-07-26 12:14:11 -04:00
Robin Ward
0317cf9608
Show topics as a list of topics on the User Stream.
2013-07-25 15:56:20 -04:00
Sam
cb5ce3aab9
Merge pull request #1247 from sir-pinecone/strip-spaces-from-login
...
Strip leading/trailing spaces from login
2013-07-24 00:16:55 -07:00
Sam
880dd53f48
Merge pull request #1249 from sir-pinecone/strip-spaces-from-group
...
Strip spaces from group names upon creation
2013-07-24 00:15:53 -07:00
Michael Campagnaro
867ce0310c
display group validation errors in alert modal
2013-07-24 00:42:44 -04:00
Michael Campagnaro
b223cdb493
Strip spaces from group names upon creation
2013-07-24 00:00:17 -04:00
Michael Campagnaro
25f8692a79
Strip leading/trailing spaces from login
2013-07-23 23:03:38 -04:00
Régis Hanol
be9217d4c8
add server-side filesize check on uploads
2013-07-24 00:54:41 +02:00
Robin Ward
3ee6e42016
FIX: Server side errors with Topic.similar_to
2013-07-23 10:02:58 -04:00
Sam
9ac6c6e2e9
Merge pull request #1233 from sir-pinecone/improve-group-deletion
...
Add confirmation modal to admin group deletion
2013-07-23 00:43:06 -07:00
Stephan Kaag
0e3b8fbb24
Remove some calls to `all`. They are not required, and Rails4 raises warnings about them.
2013-07-22 20:44:11 +02:00
Sam
1f3c5cb656
allow end user to recover a post they delete
...
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Michael Campagnaro
9616767bff
Add confirmation modal to admin group deletion
2013-07-22 02:48:23 -04:00
Sam
0ec1438b9a
correct auto track param parsing for WordPress
2013-07-22 15:07:20 +10:00
Sam
acba0ea41e
add auto track to permitted params
2013-07-22 15:07:20 +10:00
Sam
c2be81a76e
Merge pull request #1199 from ZogStriP/uploads
...
adds the `max_attachment_size_kb` setting
2013-07-16 23:03:42 -07:00
Sam
06bd9e3234
allow login required screen to be customized
2013-07-16 20:49:04 +10:00
Sam
352ac9e60c
Finalize read only and post only categories, finished off UI work
2013-07-16 15:46:11 +10:00
Sam
ecf17cfebb
work in progress, add fidelity to category group permissions (full, create posts, readonly)
2013-07-16 15:46:11 +10:00
Sam
c7697bbae2
remove duplicate code
2013-07-16 15:44:38 +10:00
Régis Hanol
5ce05ff5cb
adds the `max_attachment_size_kb` setting
...
so that we can specify a different max upload size for attachments and images.
2013-07-16 02:01:36 +02:00
Robin Ward
0e504aac9b
FIX: You can reset your password even if logins are required.
2013-07-15 12:12:54 -04:00
Robin Ward
6ca5df0a09
Can recover deleted topics. Deleted topics show the first post as deleted in the UI.
2013-07-12 12:09:17 -04:00
Robin Ward
5eaae063f0
Discourse Macro Helpers + Minor Fix to Admin User View
2013-07-11 19:35:52 -04:00
Robin Ward
19c169540c
Staff can enter and view deleted topics
2013-07-11 16:39:35 -04:00
Robin Ward
7fd8bb75d9
Merge pull request #1177 from ZogStriP/attachments
...
Attachments
2013-07-11 06:49:20 -07:00
Sam
1aef6de4b0
automatically approve invited users on forum where moderators must approve (keep in mind only moderators can invite)
...
speed up specs a touch
allow invite controller to accept an email in absence of user (cleans up API)
2013-07-11 11:22:00 +10:00
Régis Hanol
27ab5f471c
support arbitrary attachments
2013-07-10 22:59:53 +02:00
Robin Ward
b7327942af
Add `deleted_by` to `Trashable` tables
2013-07-09 15:46:36 -04:00
Neil Lalonde
ba7a4e9845
Merge pull request #1165 from novemberkilo/feature/log-trust-level-boosts
...
Log all changes of user trust level by an admin
2013-07-09 12:16:08 -07:00
Robin Ward
d98f288aa4
FIX: Recovering a deleted post was not updating a topic's statistics
2013-07-09 12:15:55 -04:00
Navin
d77ce23de2
Log all changes of user trust level by an admin
2013-07-08 11:53:22 +02:00
Sam
085e094497
404 if a category does not exist ....
2013-07-08 15:56:13 +10:00
Sam
91238af6f1
correct failing specs
2013-07-08 12:25:38 +10:00
Neil Lalonde
25d2cbc33f
Merge branch 'master' of github.com:discourse/discourse
2013-07-05 16:52:27 -04:00
Neil Lalonde
1c0e0da683
Add rss feed for latest and hot
2013-07-05 16:49:06 -04:00
Robin Ward
6cd6484b5e
New mode for Wordpress: Filter ONLY posts liked by moderators
2013-07-05 16:07:24 -04:00
Robin Ward
7335f5fb7f
Merge pull request #1145 from abbat/yandex-workaround
...
Workaround solution to help Yandex crawler index discourse.
2013-07-05 10:04:40 -07:00
Anton Batenev
694a6f4970
Fix recommendations from #1145
2013-07-05 15:59:39 +04:00
Robin Ward
07ebd20776
Merge pull request #1143 from ahx/fix-cas-email-name-and-improve-authentication-specs
...
Improve the omniauth controller specs. Fix the email provided by CAS. Get name from CAS attributes.
2013-07-04 14:48:52 -07:00
Anton Batenev
af36d32f7f
Workaround solution to help Yandex crawler index discource.
...
Yandex search engine doesn't index noscript tag content. See also
http://meta.discourse.org/t/noscript-tag-and-some-search-engines/8078
2013-07-04 22:08:23 +04:00
Andreas Haller
661f2057f7
Improve the omniauth controller specs. Fix the email provided by CAS. Get name from CAS attributes.
...
* Make omniauth controller specs more robust by using shared examples for all authentication providers in controller spec. – Still passing. Yay!
* Return "casuser", instead of "casuser@" when no cas_domainname is configured.
* If no cas_domainname is configured, the CAS authentication would return "casuser@" for the users email field, because it tried to assume the email adress of the CAS user by it's username + cas_domainname.
Now it just returns the username instead of adding an "@" if cas_domainname is not configured.
This especially makes sense on CAS setups where the username equals the users email adress.
The old behaviour, if cas_domainname is configured, was not changed.
* Fetch the email from CAS attributes if provided
If the cas:authenticationSuccess (handled via omniauth-cas) response gives us an email use that.
If not, behave as before (username or username@cas_domainname).
* Fetch the (full) name from CAS attributes if provided
If the CAS response by omniauth provides a [:info][:name] field, prefer this over the uid, because we want the name to be a "Full Name", instead of just a "shortname"
2013-07-04 12:01:39 +02:00
Navin
3da37506da
Back end - temporary boosting of trust levels
2013-07-03 10:30:40 +02:00
Sam
4d4a5735d2
logic to bypass trust level filter for high scoring posts
2013-07-03 12:37:17 +10:00
Neil Lalonde
075ed1ab53
Refactor user blocking code; hide the Block button in admin
2013-07-02 14:42:53 -04:00
Robin Ward
5770879472
Refactor: Move Topic Details into better objects, identity map, tests, query string filters
2013-07-02 10:36:46 -04:00
Sam
c3f64f99b3
fix up messed up routes
2013-07-02 15:21:26 +10:00
Sam
f6b850e7a4
allow skipping the validations on creation if its an api call AND skip_validations is specified
...
this allows wordpress plugin to post very very short titles or titles that would otherwise be disallowed
2013-07-02 12:23:19 +10:00
Sam
46c6949b6e
Merge pull request #1123 from stephankaag/rails4-new
...
Refactor routes in order to be compatible with Rails 4
2013-07-01 16:07:22 -07:00
Stephan Kaag
e39cc464b1
Refactor routes in order to be compatible with Rails 4
2013-07-01 20:00:06 +02:00
Sam
b92e912ac9
add min replies, min score and min trust level params for wordpress
2013-07-01 21:29:45 +10:00
Neil Lalonde
c1a39b5a30
Show date with year in message to banned users who try to log in
2013-06-30 12:49:34 -04:00
Neil Lalonde
a352b70bfc
Permit changing my own username's case without an error saying it is already taken
2013-06-28 16:21:46 -04:00
Robin Ward
2deaf8ef98
Custom Wordpress Serializer and Path, with Specs
2013-06-28 13:56:13 -04:00
Neil Lalonde
1355c1e3b0
Fix links to uncategorized when SiteSetting.uncategorized_name is set
2013-06-27 16:16:06 -04:00
Neil Lalonde
5d6ad8f39c
Show a useful message when a banned user tries to log in
2013-06-27 15:14:42 -04:00
Sam
9fd00cac65
work in progress, add custom faq link, ember router needs to know about this or the redirect trick will not work
2013-06-27 17:15:59 +10:00
Robin Ward
89f182899f
Support for custom Privacy Policies
2013-06-26 10:59:36 -04:00
Sam
92562c2090
Merge pull request #1057 from house9/list-controller-1
...
refactor list_controller
2013-06-25 17:36:56 -07:00
Sam
4b56aa8183
Merge pull request #1089 from budnik/minor_refactorings
...
Some refactorings
2013-06-25 17:29:51 -07:00
Neil Lalonde
b2d300fe0b
Add ability to give users a title. Show them under usernames beside posts. Needs love from a designer.
2013-06-25 18:39:20 -04:00
Neil Lalonde
a86b35c873
Remove the access_password site setting
2013-06-25 15:05:25 -04:00
Jesse House
2e12eb2b62
refactor list_controller
...
- minor refactoring of actions 'category' and 'category_feed'
- fix defect in 'category' where check was for literal
string 'uncategorized' instead of SiteSetting.uncategorized_name
- major refactoring on defined topic actions
2013-06-25 08:29:00 -07:00
Dmitriy Budnik
2722029d38
stylistic refactorings
...
w/ less syntactic sugar
2013-06-25 18:23:23 +03:00
Jesse House
06be760257
adds TopMenuItem model which encapsulates top_menu parsing logic
2013-06-24 10:04:18 -07:00
Sam
9778bfb749
Merge pull request #1059 from vipulnsward/fix_method_typo
...
`fake_success_reponse` => `fake_success_response`
2013-06-20 18:23:46 -07:00
Vipul A M
1884dc8d3f
`fake_success_reponse` => `fake_success_response`
2013-06-21 01:17:35 +05:30
Robin Ward
6c37a8f8fb
Merge pull request #1055 from vipulnsward/dedeuplicate_app_controller
...
Remove code duplication in ApplicationController
2013-06-20 09:55:09 -07:00
Vipul A M
4ddc0825f5
Remove code duplication in ApplicationController
2013-06-20 21:17:33 +05:30
Robin Ward
8e6a903f9b
Merge pull request #1046 from house9/admin-user-index-2
...
extract Admin::UsersController#index to its own query class
2013-06-20 07:52:22 -07:00
Sam
08df4c41cc
Merge branch 'master' of github.com:discourse/discourse
2013-06-20 17:42:29 +10:00
Sam
4a8a663a67
flagging workflow changes per http://meta.discourse.org/t/we-need-an-archive-flag-notification-button/7450
2013-06-20 17:42:15 +10:00
Jesse House
e0ff74ead0
extract Admin::UsersController#index to its own query class
...
- move query to its own class
- use postgres ILIKE case insensitive
- removed duplicated list of trust levels
2013-06-19 13:48:45 -07:00
Neil Lalonde
e263bb3c0a
Anons should be able to see post history
2013-06-19 16:43:16 -04:00
Robin Ward
5ef6714d48
New site setting: `minimum_topics_similar`, allows you to specify a minimum amount
...
of topics that need to be in the database before it will suggest similar topics as
a user creates a post.
2013-06-19 13:14:24 -04:00
Sam
799b402778
fix horribly broken invite code, could lead to inviting the wrong person to a conversation
2013-06-19 10:31:19 +10:00
Neil Lalonde
eea00afb80
tos and privacy urls redirect based on site settings
2013-06-18 10:52:04 -04:00
Robin Ward
b9a2469774
Merge pull request #1041 from vipulnsward/refactor_topics_controller
...
Refactor `TopicsController` and remove code duplication
2013-06-18 06:35:32 -07:00
Sam
80c42753e1
fix up find as you type for the invite into PM function
...
allow mods to remove users from a PM
2013-06-18 17:17:01 +10:00
Vipul A M
531587c5ca
Refactor `TopicsController` and remove code duplication
2013-06-18 11:22:09 +05:30
Sam
7abb20928b
Merge pull request #1033 from chrishunt/move-dynamic-favicon-to-user
...
Move 'dynamic favicon' setting to User preference
2013-06-17 17:31:02 -07:00
Sam
7ca5ab3da3
allow api for restricted by global password sites
2013-06-17 16:09:59 +10:00
Sam
80c03b7b1e
case sensitive where it should not be
2013-06-17 15:47:18 +10:00
Sam
dd5cd1df4f
Merge pull request #1037 from ZogStriP/imagineering
...
Imagineering
2013-06-16 22:01:10 -07:00
Sam
0052e78bfe
render error when people attempt to save an invalid group name
...
hide controls when we showing an automatic group
2013-06-17 13:43:06 +10:00
Sam
b97d186cb5
automatic groups should not allow you to muck with the listed users in the group
2013-06-17 12:54:25 +10:00
Sam
dbfd40da84
order group member by username, bump up max count to 200 for now
2013-06-17 12:02:48 +10:00
Régis Hanol
6ea91b4416
remove useless upload topic direct association
2013-06-17 02:49:33 +02:00
Chris Hunt
09d3800701
Move 'dynamic favicon' from Server to User pref
2013-06-14 23:58:24 -07:00
Vipul A M
8298a07fd9
`toggle_mute` doesn't require a param
2013-06-14 11:08:59 +05:30
Sam
e6e81efe85
correct information leak in page not found
2013-06-13 10:27:17 +10:00
Robin Ward
77b218a142
FIX: Do not suggest similar topics from secure categories you can't see.
2013-06-12 13:45:11 -04:00
Chris Hunt
a362d62b42
Do not return mail password in EmailController
2013-06-11 16:00:13 -07:00
Neil Lalonde
82b5f57e40
Make it possible to set a site setting to empty string
2013-06-11 14:31:38 -04:00
Robin Ward
93bbe190c0
Moved Email components into a module
2013-06-10 15:34:10 -04:00
Robin Ward
3b7d3aa487
FIX: Search wasn't using the lowercase username for finding the context.
2013-06-10 10:42:06 -04:00
Neil Lalonde
169125e96d
Fix a case where a random topic with null slug will be rendered instead of 404
2013-06-07 14:30:26 -04:00
Robin Ward
5217602ec3
FIX: RSS paths render a 404 for missing topics.
2013-06-07 12:52:12 -04:00
Ian Christian Myers
b61e10f9ad
All parameters for #create in PostsController pass through strong_parameters.
...
We are now explicitly whitelisting all parameters for Post creation. A nice side-effect is that it cleans up the #create action in PostsController. We can now trust that all parameters entering PostCreator are of a safe scalar type.
2013-06-07 01:29:25 -07:00
Chris Hunt
41b0692543
Show 'waiting approval' and don't send email
...
When 'must approve users' in enabled, we don't want to send an
activation email to users after they sign up. Instead, we will show them
'waiting approval' and not take an action until their account is
approved by an admin.
2013-06-06 18:36:16 -07:00
Neil Lalonde
a151bfc7ec
Store when a topic was first set to auto-close and report that amount of time when it closes. And do some refactoring.
2013-06-06 17:04:21 -04:00
Robin Ward
8f32aed944
Only use HTML templates for the digest email.
2013-06-06 15:08:56 -04:00
Neil Lalonde
62041da7e0
Handle /t/only-the-slug urls by trying to find the topic by slug (second try)
2013-06-06 14:41:37 -04:00
Robin Ward
bac03a3369
Merge pull request #975 from jd-erreape/username_refactor
...
[WIP] Refactored user_name suggestion methods into a module
2013-06-06 08:12:29 -07:00
Juan de Dios Herrero
96d23ddd8d
Refactored user_name suggestion methods into a module to reduce the complexity of User model
2013-06-06 16:40:10 +02:00
Ian Christian Myers
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
255a614142
keep /srv/status exposed
2013-06-06 14:40:10 +10:00
Sam
2ca734c118
Merge pull request #964 from chrishunt/exclusive-club
...
Add 'invite only' site setting
2013-06-05 16:38:47 -07:00
Robin Ward
0b97ea6345
Better HTML emails, smarter email digests, new email section in admin with digest preview
2013-06-05 17:47:25 -04:00
Chris Hunt
a523fa56ac
Don't require authentication for invites
2013-06-05 11:12:37 -07:00
Chris Hunt
acf147ef88
Disable OmniAuth account creation if 'invite only'
2013-06-05 11:11:02 -07:00
Chris Hunt
d432798ff8
Silently fail if user tries to sneak in
...
When 'invite only' is enabled, there's no way for a user to create an
account unless they try and sneak in by POSTing to /users/. We will
silently fail if this happens.
2013-06-05 11:08:21 -07:00
Ian Christian Myers
41528f5d11
Implemented strong_parameters for Upload/UploadsController.
...
The topic_id param is now required using strong_parameters' #require method. If the parameter is missing ActionController::ParameterMissing will be raised instead of Discourse::InvalidParameters.
2013-06-05 00:55:55 -07:00
Ian Christian Myers
f50b648844
Implemented strong_parameters for PostAction/PostActionsController.
...
PostActionsController now uses strong_parameters' #require to require certain parameters. ActionController::ParameterMissing is now thrown when a reqired parameter is missing, rather than Discourse::InvalidParameters.
2013-06-05 00:23:51 -07:00
Ian Christian Myers
3b245031a4
Implemented strong_parameters for Invite/InvitesController.
...
The email parameter is now required using strong parameters and will throw ActionController::ParameterMissing if it is missing. If the email address is incorrect or invalid, Discourse::InvalidParameters will still be thrown.
2013-06-05 00:04:03 -07:00
Ian Christian Myers
130d837952
Implemented strong_parameters for Category/CategoriesController.
...
Category now requires parameters to be permitted by strong_parameters using #require or #permit for mass-assignment. Missing required parameters now throw a ActionController::ParameterMissing execption instead of the Discourse::InvalidParameters execption.
2013-06-04 23:45:25 -07:00
Sam
870e59883b
secure the links on the topic pages, eliminated deleted topics as well.
2013-06-05 16:10:26 +10:00
Sam
913a607528
need to punch through account creation stuff
2013-06-05 14:01:24 +10:00
Sam
2dfba8d6de
we need to be able to do username checks for registration to work
2013-06-05 12:50:42 +10:00
Sam
5e305eaf0a
missing skip filter for omniauth
2013-06-05 10:30:51 +10:00
Sam
21b3359ea4
Merge pull request #957 from chrishunt/chrishunt/lock-down-the-base
...
Add 'login required' site setting
2013-06-04 17:22:08 -07:00
Chris Hunt
978785720a
Redirect to root after login if no path provided
...
If we do not do this, then people that login from /login will just be
redirected back to the login page. We'd rather have them see the root
path.
2013-06-04 16:10:10 -07:00
Chris Hunt
92a4828f72
Redirect all controllers to login if required
...
We want to skip the filter for sessions controller so that we can login
and we want to skip the filter for static pages because those should be
visible to visitors.
2013-06-04 16:10:10 -07:00
Régis Hanol
e3e55d4dad
fix image uploads on s3/imgur
2013-06-05 00:35:42 +02:00
Robin Ward
02b1f78410
FIX: Include preloaded data even if the request type isn't explicitly text/html
2013-06-04 12:56:12 -04:00
Neil Lalonde
2259e97d42
Add a count of blocked users on the dashboard
2013-06-04 11:53:19 -04:00
Neil Lalonde
c4904aacc0
Automatically flag someone as a spammer if their posts get at least X spam flags from N users while their trust level is 'new user'. Staff can clear and set this status from the user record in admin.
2013-06-03 16:37:40 -04:00
Robin Ward
545dbfc07e
New Feature: Staff can choose to "Take Action" when flagging to immediately reach hiding
...
thresholds.
2013-05-31 17:39:32 -04:00
Robin Ward
d23ef1d090
FIX: You could update a topic to have a title that's too short if the TextCleaner
...
removed extra characters. Additionally, updating the title will not return an error
message to the client app if the operation fails (rather than failing silently.)
2013-05-31 15:24:13 -04:00
Sam
b228a7c185
Merge pull request #923 from eriko/cas_support
...
remove hardcoded value and replace with SiteSetting.cas_domainname
2013-05-30 21:39:29 -07:00
Neil Lalonde
42714b424f
For 403 errors, show the same html page as 404
2013-05-30 16:39:39 -04:00
Neil Lalonde
5d444be72b
Support incomplete topic urls like /t/just-a-slug; fix error when using route /t/:topic_id/:post_number
2013-05-30 10:39:15 -04:00
Sam
e93b7a3b20
more progress towards live unread and new counts, unread message implemented, still to implement delete messages
2013-05-30 16:49:57 +10:00
Sam
73834370a5
work in progress, live unread and new counts
2013-05-30 16:49:57 +10:00
Erik Ordway
364a59d344
remove hardcoded value and replace with SiteSetting.cas_domainname
2013-05-29 15:47:49 -07:00
Robin Ward
830b93a16b
Reduced complexity of admin flags controller, split up into methods, moved reports into model.
2013-05-29 16:49:34 -04:00
Neil Lalonde
b1bdebd611
url for uncategorized category topic list is always /category/uncategorized
2013-05-29 12:06:33 -04:00
Robin Ward
92dc59fba9
Properly assign draft keys to Categories List view.
2013-05-28 21:16:24 -04:00
Sam
46389754d6
Merge pull request #892 from eriko/cas_support
...
Cas support
2013-05-28 16:13:29 -07:00
Robin Ward
560fb15d8a
Include pinned topics in category list.
...
- removes an (n+1) query for user data
- supports the preload store for the data to avoid a second request
- fix a bug where uncategorizes was reporting (0, 0, 0) for topics by week, month, year
2013-05-28 15:36:16 -04:00
Robin Ward
e1781240a6
Merge branch 'refactoring' of git://github.com/mattvanhorn/discourse
...
Conflicts:
lib/text_sentinel.rb
2013-05-27 10:42:20 -04:00
Sam
661ddbb158
introduce strong_parameters
2013-05-27 11:06:09 +10:00
Sam
d84ae80074
Simplify user action make it more idiomatic
2013-05-27 10:22:37 +10:00
Matt Van Horn
d7817cf314
extract TopicNotifier class from topic
2013-05-24 13:36:33 -07:00
Robin Ward
3037e9adf6
FIX: Clearing flags wasn't making topics visible again.
2013-05-24 16:03:20 -04:00
Robin Ward
bd779834e5
Use search context for filtering search results by current category or user
2013-05-24 14:04:26 -04:00
Erik Ordway
1575ce7b10
add cas support with a few tests
2013-05-23 13:40:50 -07:00
Robin Ward
b9a310f4b1
Search Refactor: Let's use a class to keep track of our state rather
...
than passing params everywhere. Also make the private API private.
2013-05-22 15:22:06 -04:00
Robin Ward
0f296cd42b
Refactor + Fix: Wasn't correctly loading activity streams. Code is a lot more Ember-y now.
2013-05-22 12:06:37 -04:00
Sam
c4d8085fc5
remove moderator status posts from best feed
2013-05-22 15:04:53 +10:00
Sam
a3dce9afd7
don't error out on not posts if its a json request
2013-05-20 17:32:53 +10:00
Sam
fc57578c85
proper 404 for json request 404
2013-05-20 17:28:32 +10:00
Sam
e91ed83586
the private message stream is different to normal streams, improving the ui a bit and collapsing conversations
2013-05-20 16:44:06 +10:00
Sam
80fb20816c
get rid of nonsense 404.html
...
correct 404 handling for invalid pages
2013-05-20 10:29:49 +10:00
Neil Lalonde
f3282e33a3
Add tabs to category create/edit modal. Categories can have a default auto-close setting that applies to all new topics created in the category. Add rspec-given and write some integration tests. Tests for topic auto-close with category default
2013-05-17 11:05:35 -04:00
Robin Ward
a80ec535a3
Support for "Select All / Deselect All" while selecting posts to merge / delete.
2013-05-16 16:50:38 -04:00
Robin Ward
d554a59102
Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
...
to the same host enough tiles, they will not be able to post the same link again.
Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam
88417725b5
we need some, albeit hacky way of clearing these old pms, make at least some way of finding them
2013-05-16 17:30:30 +10:00
Neil Lalonde
21b4b8d5d5
Expire dashboard data when you upgrade to a new discourse version. Version check data was being cached and causing confusion to people who upgraded.
2013-05-14 16:17:25 -04:00
Neil Lalonde
9828c87525
Topic Auto-Close: admins and mods can set a topic to automatically close after a number of days
2013-05-13 12:53:52 -04:00
Sam
670b66ade3
better add some tests here tomorrow
2013-05-13 18:47:32 +10:00
Sam
b6bf95e741
speed up startup (avoid loading some gems on startup)
...
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam
a27046bacd
fix cache hole
2013-05-13 11:09:03 +10:00
Sam
98d9f174ae
fix spec
2013-05-13 11:07:22 +10:00
Robin Ward
cf01c98d81
Experimental: Interface to Move Posts to an Existing Topic
2013-05-10 14:55:51 -04:00
Sam
942f168ab6
UI still a tad rough, but we have a first pass of secure categories
2013-05-10 16:47:47 +10:00
Sam
5280b3a01b
more group progress, UI getting there, controller mostly done
...
changed it so notify moderators goes to the moderators group
allow admins to grant self moderation and revoke self moderation
2013-05-09 17:37:34 +10:00
Sam
0f0fd281a8
group progress, never email banned users
2013-05-09 11:34:58 +10:00
Neil Lalonde
f35a44aeae
Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account
2013-05-08 10:10:47 -04:00
Sam
6b536dcde5
work in progress ... groups
2013-05-08 15:20:38 +10:00
Sam
20493106cd
fix post trashing
2013-05-07 17:56:56 +10:00
Sam
e9fc272db7
remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
...
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam
be1ab8b275
automatic group infrustructure
2013-05-06 14:49:56 +10:00
Régis Hanol
392b9696f4
prevent duplicate actions on a post
2013-05-04 02:52:45 +02:00
Sam
42494b5bb1
we can't trust CSRF for anon the way it is designed.
...
The page they have loaded may be cached we need a different way of delivering the CSRF potentially
2013-05-03 16:43:11 +10:00
Sam
5ec52bd2e9
:s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff
2013-05-02 17:22:27 +10:00
Sam
65cd00cf25
moderators now have teeth, more at http://meta.discourse.org/t/moderator-permission-set/6307/5
...
allow pms to be targetted at groups
2013-05-02 15:15:53 +10:00
Sam
cef9a74053
route for markdown /md/topic_id/post_number
2013-04-30 16:30:41 +10:00
Régis Hanol
017ee7c2da
FIX: [security bug] XHR check bypass
2013-04-30 02:34:19 +02:00
Jonathan Roes
057b4768e6
strip whitespace when changing e-mail addresses
...
Fixes #778 .
2013-04-27 23:03:06 -04:00
Régis Hanol
dca2fbcefc
add meaningful error message on upload [ fixes #773 ]
2013-04-27 20:26:17 +02:00
Neil Lalonde
6063f81946
Show something on categories page when js is disabled
2013-04-26 13:10:41 -04:00
Sam
f9e33ec6b8
store ip address and current user with incoming links
...
make links long an readable in share dialog
2013-04-26 16:18:55 +10:00
Sam
37867af1bb
track incoming links, amend share link to include user
...
fix pm styling
2013-04-24 18:05:35 +10:00
Neil Lalonde
06e5083950
Dashboard links to list of admins and moderators; Move a bunch of ember routes into one file: admin_users_list_routes.js
2013-04-23 12:07:58 -04:00
Neil Lalonde
fe1b979c65
Admin Dashboard: click numbers in Users per Trust Level table to see a list of the users
2013-04-23 10:41:40 -04:00
Sam
cfc62dadff
speed up tests
...
add the ability to find the first notify private message
2013-04-22 17:45:03 +10:00
Sam
4cea92c4e9
work in progress add support for groups
2013-04-19 10:34:39 +10:00
Neil Lalonde
372442bd1c
Make it possible to edit a category with an empty slug
2013-04-18 17:07:06 -04:00
Neil Lalonde
cbe0168922
Fix a problem where you might see missing {{sentTo}} value after a failed login
2013-04-18 16:44:56 -04:00
Neil Lalonde
f76d6c0f3f
Fix for loading uncategorized topics when slug for uncategorized_name is blank
2013-04-18 16:28:47 -04:00
Sam
6974ad487c
fix not found error when spiders were hitting with .php
2013-04-18 09:55:47 +10:00
Régis Hanol
b24c1a1ad9
better consistency around email case sensitivity
2013-04-15 02:20:33 +02:00
Sam
2bdb53261b
don't treat notify user as a flag
2013-04-15 13:09:52 +10:00
Philipp Weissensteiner
3dcb1905e3
Refactor user controller, create action, mostly.
...
The gist of the commit are a few improvements in the
create action, where:
* long boolean statemenst have been wrapped in smaller more readable
methods.
* the 3rd party user info creation has been extracted (still in controller)
* a small helper method for creating a new user from params (to reduce
visual clutter)
* specs have been added where I came across untested methods/branches
Other changes are more trivial like formatting and whitespace fixes.
Hope this helps. Regards.
2013-04-13 00:53:59 +02:00
Neil Lalonde
651cfba93f
Add ability to destroy a user with 0 posts
2013-04-12 16:53:00 -04:00
Sam
0f362c5474
this has been bugging me for ages, broken "fill your profile link" fixed AND bio updates when you save
2013-04-12 10:07:58 +10:00
Sam
850b042cab
introduce rack:cache as a default, so users don't need to configure apache or nginx
...
under rack cache we are able to serve 620reqs a second per thin (on my machine) before it 12 (on my machine)
reorganised so mini profilers can be cleanly disabled from config file
added caching for categories index
move production.rb to production.sample.rb
2013-04-11 16:24:21 +10:00
Régis Hanol
c5cf8be864
auto replace rules in titles
2013-04-10 11:00:50 +02:00
Mark Rushakoff
56acb5fcce
Don't call to_sym on param
2013-04-08 22:55:39 -07:00
Robin Ward
4ad006ea97
FIX: non-logged in users couldn't see who liked something
2013-04-08 11:57:23 -04:00
Sam
11ff0ccd03
correct logic for tracking the highest seen post number so its always consistent
2013-04-08 11:12:52 +10:00
Sam
9a1619727d
Merge pull request #670 from ZogStriP/add-some-tests-for-uploads
...
added some tests for uploads
2013-04-07 15:05:35 -07:00
Régis Hanol
41b7f741d0
extract hard-coded strings
2013-04-07 18:14:50 +02:00
Régis Hanol
1692350336
added some tests for uploads
2013-04-07 17:52:46 +02:00
Robin Ward
a14f62766e
Replace MultisiteI18n hack with SiteContent and admin editing.
2013-04-05 16:48:15 -04:00
Sam
a2cca2540e
some minimal site settings diags
...
fix issue where days_visited was totally out of sync
2013-04-05 17:47:54 +11:00
Robin Ward
fa1ba6791b
Work in Progress: Content Editing in Admin Section
2013-04-04 17:26:22 -04:00
Robin Ward
738789f336
Admins can't lock themselves out of a site by setting approval.
2013-04-03 12:23:28 -04:00
Robin Ward
368011d03b
Merge pull request #628 from ZogStriP/add-uploads-controller-specs
...
add UploadsController specs
2013-04-03 08:06:49 -07:00
Régis Hanol
2b120ef886
add UploadsController specs
2013-04-03 01:17:17 +02:00
Robin Ward
ee76f1926d
Debugging Tool for Hot Topics
2013-04-02 18:00:53 -04:00
Neil Lalonde
25073e873f
Fetch the list of problems more frequently on the admin dashboard
2013-03-29 15:48:26 -04:00
Mark Rushakoff
3e3712a517
Don't call to_sym on param
2013-03-28 20:50:07 -07:00
Régis Hanol
1668b5eab2
FIX: allows the selection of the default landing tab
2013-03-28 14:01:13 +01:00
Sam
2295290383
added best=N option to get N best comment on a post
2013-03-27 22:53:11 -07:00
Robin Ward
36269cfbaa
Rename 'popular' to 'latest'. First stab at 'Hot' tab.
2013-03-27 16:21:23 -04:00
Sam
fc94d3e551
match the create api with the update api ... so api is more consistent
2013-03-26 23:49:35 -07:00
Robin Ward
af7f6fea28
Can set the `hotness` of a category. For the soon to be implemented "hotness" tab.
2013-03-26 18:08:58 -04:00
Sam
c57ec611e1
basic api support
2013-03-25 18:04:46 -07:00
Sam
deb603f41c
Merge pull request #547 from kid0m4n/convert-ruby-1-9-syntax
...
Convert a lot of :a => b to a: b and bring peace to the world
2013-03-24 16:43:17 -07:00
Karan Misra
5dfb04e4b3
Convert a lot of :a => b to a: b and bring peace to the world
2013-03-25 05:07:36 +05:30
Sam
b1d1ab7d2b
Merge pull request #559 from ZogStriP/fix-exception-when-wrong-resource-type-in-url
...
[fixes #391 ] exception when wrong resource type in URL
2013-03-24 16:16:34 -07:00
Régis Hanol
0da8f35659
[ fixes #391 ] exception when wrong resource type in URL
2013-03-24 22:25:24 +01:00
buddhamagnet
baef69d08c
add render nothing to refresh_browsers method
2013-03-23 21:37:37 +00:00
Sarah Vessels
54c7b1ab63
Use consistent new-style hashes in render calls *twitch*
2013-03-22 14:08:11 -04:00
Robin Ward
ee5213be5f
Fixes regression with video embeds
2013-03-21 20:53:12 -04:00
Robin Ward
babcfe6234
Cache oneboxes in Redis now instead of postgres.
2013-03-21 13:11:54 -04:00
Neil Lalonde
c3c25b894a
Cache dashboard data in the controller, not the report model
2013-03-20 13:54:32 -04:00
Neil Lalonde
1e4dd3ea0c
Start detecting install problems and report them on the admin dashboard. This commit adds check for Rails.env
2013-03-20 12:00:52 -04:00
Sam
62c60540be
pull moderator into own column, rename trust levels
2013-03-19 21:06:11 -07:00
Robin Ward
59fc3bfac4
PostDestroyer to replace callbacks for destroying
2013-03-18 17:55:11 -04:00
Robin Ward
e1e1bdd0b1
Merge pull request #469 from wojciechka/master
...
Support for running discourse with a prefix (i.e. as http://servername/discourse )
2013-03-18 07:24:11 -07:00
Neil Lalonde
50b04b2209
Add email counts to admin dashboard
2013-03-18 10:08:09 -04:00
Neil Lalonde
6a99d12784
Add likes to admin dashboard
2013-03-18 10:08:08 -04:00
Wojciech Kocjan
e6ccc300dc
Support for running discourse with a prefix (i.e. as http://servername/discourse )
2013-03-16 00:01:21 +01:00
Neil Lalonde
d9cdde9aa7
Add user counts for each trust level to admin dashboard
2013-03-15 18:09:02 -04:00
Neil Lalonde
8983df9856
Show current user count for now, not at different points in time
2013-03-15 18:09:01 -04:00
Robin Ward
76d8df6ac6
Merge pull request #462 from kubabrecka/colorpicker3
...
implement color picking from predefined set for category badges + option to change foreground color
2013-03-15 13:43:59 -07:00
Robin Ward
ad082cea70
Big commit:
...
- Support for a popup that shows similar topics
- Cleaned up a lot of Javascript
- Cleaned up use of Promises
2013-03-15 14:35:33 -04:00
Neil Lalonde
6c4d9ecfdc
Use one request to fetch dashboard report data and check version
2013-03-14 18:26:26 -04:00
Kuba Brecka
8784c55188
implement color picking from predefined set for category badges + option to change foreground color
2013-03-14 14:16:57 +01:00
Neil Lalonde
213d3e5c10
Remove unused code and routes that don't exist in session_controller
2013-03-13 15:21:45 -04:00
Neil Lalonde
58004d44cd
Support for browser password managers, but doesn't quite work in IE
2013-03-13 13:55:33 -04:00
Sam
38f185355d
added options to disable quoting and open links in new tabs
...
fixed a some regressions
removed some dead code
fixed messages about constants being re-defined
2013-03-12 20:06:58 -07:00
Robin Ward
d1d4530efd
User Profile enhancements:
...
- Added PreloadStore support to avoid duplicate requests
- preliminary SEO
- Support for opengraph/twitter cards
2013-03-08 15:04:37 -05:00
Robin Ward
fb573b917f
Merge pull request #390 from ZogStriP/min-search-term-length-site-setting
...
added the min-search-term-length site setting
2013-03-08 06:58:45 -08:00
Neil Lalonde
2ebe0336ae
On signup, handle duplicate key errors on email and username better
2013-03-07 14:56:55 -05:00
Robin Ward
f8d8272406
Cleaned up TopicUserSpec, introduces clearing of pinned topics
2013-03-07 12:19:25 -05:00
Regis Hanol
5703d6c730
added the min-search-term-length site setting
2013-03-07 16:52:01 +01:00
Robin Ward
c123e40638
Merge pull request #373 from alxndr/master
...
Raise 404 from Admin::UsersController#show if no user found
2013-03-06 09:17:47 -08:00
Alexander
c4f1cb0d7b
Raise 404 from Admin::UsersController#show if no user found
...
[Fixes #353 ]
2013-03-05 14:02:23 -08:00
Robin Ward
e4277757c4
Fix onebox loading on every keystroke after a request fails.
2013-03-05 14:06:39 -05:00
Robin Ward
0c5ca30188
Merge pull request #361 from ZogStriP/enforce-coding-convention
...
enforce coding convention
2013-03-05 07:25:19 -08:00
Robin Ward
3cf3fee781
Merge pull request #319 from alxndr/rss-caching
...
Basic caching for topic/category RSS feeds
2013-03-05 07:20:15 -08:00
Régis Hanol
239cbd2d58
enforce coding convention
...
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Robin Ward
9a66c416af
Merge pull request #343 from kubabrecka/localize_static_pages
...
implement translations into static pages (FAQ, TOS) + an example of CZ translation
2013-03-04 11:51:28 -08:00
Alexander
d6e665f888
Caching for topic/category RSS feeds
...
Using anonymous_etag() now
2013-03-04 11:21:01 -08:00
Robin Ward
51f6ae69c9
Check when logging in whether a auth provider is enabled, including specs
2013-03-04 13:44:41 -05:00
Robin Ward
f7c9efb101
Merge branch 'persona-integration' of git://github.com/callahad/discourse
2013-03-04 11:51:26 -05:00
Kuba Brecka
778cad5d2f
implement translations into static pages (FAQ, TOS) + an example of CZ translation
2013-03-03 16:27:32 +01:00
Robin Ward
d410f043a9
Merge pull request #290 from alxndr/category-rss
...
RSS for topics in a category
2013-03-01 12:01:26 -08:00
Dan Callahan
23d812a4ab
Use AJAX for submitting Persona credentials.
...
Fixes issue with needing to unblock popups.
2013-03-01 14:00:56 -06:00
Dan Callahan
ef8cf2f734
Add basic Persona functionality
...
1. No session integration yet, so automatic login/logout events are suppressed.
2. Popup blockers must be disabled: submits form to target="_blank"
2013-03-01 14:00:56 -06:00
Robin Ward
7c68224763
Merge pull request #309 from goshakkk/enums
...
Introduce Enum
2013-03-01 11:34:48 -08:00
Robin Ward
d2596c3c4c
Remove unusued site_settings, show checkbox in UI for boolean values, remove restrict_access
...
boolean to avoid locking yourself out by setting access_password to empty string. Minor
UI tweaks.
2013-03-01 14:27:41 -05:00
Gosha Arinich
0c99dea153
introduce Enum
2013-03-01 21:16:36 +03:00
Alexander
fd240c1967
RSS for topics in a category
...
Creates a new route for category RSS
2013-03-01 09:52:59 -08:00
Robin Ward
628927a79f
Added Site Setting to change locale.
2013-02-28 14:34:38 -05:00
Gosha Arinich
d2f3c829db
refactor User and TrustLevel a bit
...
* rename `User#password_required` to `User#password_required!`
* emails with "i" @ something are a special case as well
* get rid of `self.` and returns where possible
* prefer "unless a" instead of "if !a"
* `unread_notifications` without manually iterating
* introduce `User#moderator?`
* introduce `TrustLevel#valid_key?`, `TrustLevel#compare`, and
`TrustLevel#level_key`
2013-02-28 19:15:54 +03:00
Robin Ward
dc8e1196fd
Code to support EmberJS + Discourse Tutorial feature: Admin Reports
2013-02-27 22:40:36 -05:00
Robin Ward
cf867a35ff
Merge pull request #271 from goshakkk/topic-refactor
...
Refactor Topic
2013-02-27 10:32:44 -08:00
Robin Ward
007118b00c
Merge branch 'github-auth' of git://github.com/nverba/discourse
...
Conflicts:
config/locales/server.en.yml
db/structure.sql
spec/views/omniauth_callbacks/complete.html.erb_spec.rb
2013-02-27 12:09:22 -05:00
Alexander
8855a0bfbe
RSS of a topic via new route
...
Adds TopicView#recent_posts; Post#by_newest, #with_user, #author_readable; User#readable_name
Autodiscovery tag in topic show HTML.
2013-02-26 14:54:17 -08:00
Neil Lalonde
cd6c1de5b0
Add site settings for company name and domain, and use them in the Terms of Service
2013-02-26 15:50:42 -05:00
Gosha Arinich
12d664a610
refactor Topic
...
* move finding by username/email to User
* make SiteSetting return a range of possible post title lengths
* remove unnecessary conditions
2013-02-26 19:27:59 +03:00
nverba
b45f872c04
Added Github authentication option, disabled by default with enable options in settings.
2013-02-26 05:00:21 +00:00
Gosha Arinich
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
Robin Ward
397c6ca761
Better error messages when topics can't load
2013-02-25 18:38:38 -05:00
Sam Saffron
77a2d8ccc4
fixed a pile of notification craziness
...
addes some tests around post timings
2013-02-25 18:42:42 +11:00
Sam Saffron
b66db4153d
refactor and organise current_user better
2013-02-24 21:42:04 +11:00
tms
3e6641c07e
Unsign auth token cookies per discussion on #215
2013-02-23 13:40:21 -05:00
Robin Ward
532b1f5450
Can edit category descriptions, they show up in a `title` attribute
2013-02-22 13:43:47 -05:00
Neil Lalonde
ff3e012034
Add a link that allows you to send activation email again
2013-02-22 11:49:58 -05:00
tms
5616fdc475
Sign the auth token cookie and make it httpOnly
2013-02-20 17:24:19 -05:00
Neil Lalonde
3ca2d92b2f
Fix the missing {{provider}} value message
2013-02-19 16:28:12 -05:00
Neil Lalonde
c0371ff427
Add version checking that shows on the admin dashboard
2013-02-19 15:20:49 -05:00
tms
20c723c4fb
Fancy 404 should require access too
2013-02-17 15:26:47 -05:00
Robin Ward
036e795e10
Merge pull request #152 from xdite/canonical-url
...
use canonical-url plugin to make view more clean
2013-02-15 07:18:41 -08:00
Jesse Pollak
ad5a5b4866
This commit adds a callback route to handle omniauth failure and removes a few unneccessary entries in en.yml
2013-02-14 18:08:40 -08:00
Robin Ward
5d4efa9100
Support for non-english categories
2013-02-14 16:51:48 -05:00
Robin Ward
b9457197c0
First stab at new user education - configurable messages that pop up on a user's first
...
few posts/topics.
2013-02-14 15:33:51 -05:00
Neil Lalonde
39eab7c425
Replace mentions of mothership with discourse_hub
2013-02-14 12:57:26 -05:00
Robin Ward
b94b9d2383
Merge pull request #146 from ismaelga/moderators-buttons
...
Create moderators
2013-02-14 07:26:50 -08:00
Sam Saffron
87d83802b9
added option that allows users to decide when they consider topics new (default 2 days old or newer)
...
added site_setting to control the default new_topic_duration_minutes
added 10 minutes option for auto_track_topics_after_msecs, default bumped up to 5 mins
2013-02-14 17:36:14 +11:00
Ismael Abreu
80bec6efc9
Adds grant and revoke moderation buttons so admins can make users moderators
2013-02-14 01:12:23 +00:00
Robin Ward
f00006ee7d
Fix broken Yahoo! signup.
2013-02-13 12:37:48 -05:00
Robin Ward
546016bfd2
Remove unused controllers, apply substitutions to TOS.
2013-02-13 11:50:27 -05:00
Robin Ward
34329ee598
Merge pull request #137 from shapkin/patch-1
...
Update app/controllers/categories_controller.rb
2013-02-13 07:20:50 -08:00
Robin Ward
afc23cc8cb
Merge pull request #133 from xdite/apply_omniauth
...
Apply omniauth
2013-02-13 07:19:13 -08:00
Alexander Shapkin
b036c9e555
Update app/controllers/categories_controller.rb
...
Fix extra whitespace and hash style.
Comply with a style guide like in Github.
2013-02-13 15:14:38 +04:00
xdite
cab4d95eaf
use canonical-url plugin to make view more clean
2013-02-13 19:04:43 +08:00
Jeff Atwood
ee75980f23
first step of variable-izing the /tos
2013-02-13 00:35:18 -08:00
xdite
a7908e07d1
merge master
2013-02-13 15:16:39 +08:00
xdite
9189d937f7
move all logic to omniauth
...
implement omniauth-facebook / omniauth-twitter
2013-02-13 15:08:38 +08:00
xdite
be3d036084
use omniauth-openid to replace google id
2013-02-13 15:08:32 +08:00
Neil Lalonde
4e9d9138d6
Fix broken signup with Twitter
2013-02-12 20:50:31 -05:00
Robin Ward
69c7b5aeed
Support category names with spaces
2013-02-12 17:54:56 -05:00
Neil Lalonde
824b09389f
Don't allow signups without a password
2013-02-12 15:42:16 -05:00
Robin Ward
95c86b0ffa
Merge pull request #140 from blom/adjust-regexp
...
Adjust some regular expressions
2013-02-12 08:47:54 -08:00
Ørjan Blom
bcd5040b11
Adjust some regular expressions
...
* Match beginning of string instead of beginning of line.
* Escape literal periods.
2013-02-12 17:21:56 +01:00
Grant Ammons
f3dc93a0db
WIP, a very nice refactoring of TopicsController#show
2013-02-11 17:54:56 -05:00
Robin Ward
57049b55a2
Little things:
...
- Retries on deadlock when calculating average time
- Removes Warning: When specifying html format for errors
- Doesn't use manual SQL to update user's ip address
2013-02-11 15:47:28 -05:00
Robin Ward
6ce32b8bc4
Trivial: Was not finding files in public for errors due to missing extensions.
2013-02-11 14:39:26 -05:00
Neil Lalonde
c18b85873f
Prevent login until email is confirmed
2013-02-11 11:18:37 -05:00
Sam Saffron
80929ead4b
security hole fixed
2013-02-11 17:28:21 +11:00
Sam Saffron
1c12c91d0c
forgot to skip a filter
2013-02-11 17:14:36 +11:00
Sam Saffron
c50a9e4d01
added support for disabling indexing by google using SiteSetting.allow_index_in_robots_txt = false
2013-02-11 11:02:57 +11:00
Sam Saffron
8250586306
add to_date so its more explicit
2013-02-11 09:11:02 +11:00
Kuba Brecka
d0c1d94918
fix user listing and search on non-US locale
2013-02-10 12:18:11 +01:00
Kuba Brecka
12fa6e9a4e
correct noscript link to next page
2013-02-09 14:12:31 +01:00
Robin Ward
03a798b202
Can clear flags on deleted posts if you're a moderator
2013-02-08 19:07:29 -05:00
Robin Ward
7c11c3fe0f
Can edit deleted posts.
2013-02-08 17:49:15 -05:00
Robin Ward
12d3c3b66b
Enforce entropy on flag text
2013-02-08 17:01:43 -05:00
Neil Lalonde
ce7088f081
check_username api now returns correct error message for invalid lengths etc
2013-02-08 14:12:48 -05:00
Cyril Mougel
84191802df
Extract the validation of Username format in own class to avoid
...
complexity in user model object
2013-02-08 12:54:47 -05:00
Neil Lalonde
79dfccf717
Username validation in signup and username change forms
2013-02-07 18:23:52 -05:00
Robin Ward
63c0fdda44
Merge pull request #57 from blowmage/user_search_refactor
...
Refactor UserController#search_users
2013-02-07 12:38:39 -08:00
Robin Ward
084a873b91
Give regular users a delete button. If they click it, their post will be revised to
...
say it was deleted.
2013-02-07 15:14:23 -05:00
Mike Moore
e41b6537f9
Remove expectation of term case
2013-02-07 09:35:38 -07:00
Mike Moore
5b01ac9288
Return User objects instead of hashes
2013-02-07 09:35:38 -07:00
Mike Moore
972b9d735c
Extract search logic to UserSearch model
2013-02-07 09:35:38 -07:00
Jakub Arnold
61654ab8f0
Fix all the trailing whitespace
2013-02-07 16:45:24 +01:00
Sam Saffron
85973ce6b0
added delete all posts button
...
wired up the ability to enable all themes
2013-02-07 18:11:56 +11:00
Sam Saffron
c7461622a9
admins can now clear flags inline
2013-02-07 15:15:48 +11:00
Sam Saffron
554ba7b676
Merge branch 'master' of github.com:discourse/discourse
2013-02-07 12:32:39 +11:00
Sam Saffron
7cdf1266ad
remove unused var
2013-02-07 12:32:29 +11:00
Neil Lalonde
471c61fd69
Add honeypot and challenge to signup form
2013-02-06 19:25:36 -05:00
Robin Ward
6043a370ad
Oops, that should be 1.minute
2013-02-06 12:07:22 -05:00
Robin Ward
8d568b05c4
Don't enable Cache-Control if the site has restricted access.
2013-02-06 11:55:54 -05:00
Sam Saffron
6f2f7b0589
flagging work, we should be clearing from the mod menu if a topic or post is deleted
2013-02-06 12:13:41 +11:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00