Commit Graph

311 Commits

Author SHA1 Message Date
Benjamin Kampmann 0cf07d41ae Move Concern from lib into app/models. refs #2279 2014-04-29 19:26:43 +02:00
Benjamin Kampmann e6e03a1a96 move custom fields into its own concern 2014-04-29 19:26:42 +02:00
Robin Ward 359d59242e If a new user receives a mention, quote or response to their post, allow
them to continue posting in a topic.
2014-04-29 12:59:14 -04:00
Sam e88e43bfb6 Merge pull request #2279 from fantasticfears/concern
move concerns to the model/concerns
2014-04-28 09:48:33 +10:00
Régis Hanol f8d9fb7bdc Revert "Merge pull request #2284 from jaimeiniesta/patch-1"
This reverts commit a6b88d1e7e, reversing
changes made to 9bee0b6e2d.
2014-04-25 11:40:38 +02:00
Sam a6b88d1e7e Merge pull request #2284 from jaimeiniesta/patch-1
escape gravatar URLs to comply with W3C standards
2014-04-24 12:56:16 +10:00
Sam 05efc8df16 BUGFIX: likes would cause whole post to re-render 2014-04-24 12:42:04 +10:00
Robin Ward af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Sam a3b2b4baca FEATURE: custom fields on User 2014-04-22 13:52:13 +10:00
Jaime Iniesta 6084cb969d escape gravatar URLs to comply with W3C standards
This fixes an HTML validation error due to & not being properly escaped on the gravatar URLs.
2014-04-21 00:46:00 +02:00
Erick Guan 6d45f71254 move concerns to the model/concerns 2014-04-19 12:00:40 +08:00
Vikhyat Korrapati 843023d7c9 Fix user_badges n+1 query. 2014-04-17 21:58:05 +05:30
Vikhyat Korrapati 4c0f85650e Display badge count in the user admin page. 2014-04-16 18:08:10 +05:30
Vikhyat Korrapati e0a4959dc9 Sort featured badges by badge type first, followed by grant count. 2014-04-16 18:08:10 +05:30
Sam 862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol 2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam b0ed9082b3 FEATURE: Hidden site setting for max username length 2014-04-14 12:55:33 +10:00
Régis Hanol 6373de550f update annotations 2014-04-08 17:35:44 +02:00
Sam d71f62a9f9 Merge pull request #2180 from tomciopp/master
More idiomatic approach to finding drafts
2014-04-08 16:46:24 +10:00
Régis Hanol ef24a4c71c FEATURE: add redirect_users_to_top_page site setting (default to true) 2014-03-31 21:53:38 +02:00
Thomas Cioppettini 38882eb1a7 Remove threequals from ruby files 2014-03-26 12:20:41 -07:00
Sam 7e7c4efcc0 FEATURE: on initial boot hint users on how to get admin 2014-03-24 18:03:39 +11:00
Sam 5c148faeb9 annotations were out of date 2014-03-20 15:35:51 +11:00
Sam 02963b03dc BUGFIX: last_seen_at can be nil 2014-03-17 12:42:51 +11:00
Sam fe63db7953 Merge pull request #2115 from vikhyat/badge-system
Initial badge system implementation
2014-03-17 10:06:37 +11:00
Vikhyat Korrapati 9b26c8584e Initial badge system implementation. 2014-03-14 21:49:26 +05:30
Neil Lalonde 9ca516e58d Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.) 2014-03-12 12:39:36 -04:00
Régis Hanol 8214536614 BUGFIX: don't show redirect reason if you aren't redirected
Move the redirect to top page logic server-side and make sure the reason
is not shown when top is not in the navigation menu (top_menu).
2014-03-07 18:58:53 +01:00
Stephen Birarda 4a2dab9c5e allow for custom min_username_length
change constant in user to be global range and not default
2014-03-04 16:37:05 -08:00
Robin Ward 4b61d6af28 BUGFIX: new date was incorrect 2014-03-03 16:11:59 -05:00
Robin Ward 3abe84941f FEATURE: Add `new_since` column to `UserStat` so we can reset the "New"
date.
2014-03-03 15:47:00 -05:00
Sam 6f31d3f0e5 FEATURE: single sign on support
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
Neil Lalonde b696c96a19 Look at the age of a user's first post to determine if the user can be nuked, instead of looking at when the user registered. 2014-02-20 12:29:40 -05:00
Erik Ordway 8fc5c66c55 this needs to go but did not show up in my tests but did on travis 2014-02-11 18:13:24 -08:00
Robin Ward e511e8a80b Link to groups from user profile 2014-02-07 10:44:51 -05:00
Sam 93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Sam be560d4eb6 Update annotations 2014-02-07 11:07:52 +11:00
Sam 227873df78 FEATURE: proper mailing list mode
once enable_mailing_list_mode is enabled any user can elect
to get every post via email unless they opt out of category or topic
2014-02-07 11:07:52 +11:00
Neil Lalonde c8bc9bd5db Show discourse logo as system user avatar 2014-01-29 12:29:05 -05:00
Neil Lalonde 7cc5da08fe Track how many posts a user reads each day in user_visits 2014-01-27 11:20:19 -05:00
Neil Lalonde ae3b53bb76 Add a page in admin to view trust level 3 requirements for a user. Only shows for users who are currently at trust level 2. 2014-01-22 18:17:45 -05:00
Neil Lalonde ba74226346 FIX: invited users get clearer messaging when setting a password for the first time 2014-01-21 12:42:26 -05:00
Régis Hanol 129617b415 Lots of bugfixes
BUGFIX: navigation bar should always activate the right tab (even when diging into a top period)
BUGFIX: /top pages titles
BUGFIX: no "edit category" button on /top page after visiting a category
BUGFIX: properly hide category columns when there is no children category (on both filter + top pages)
BUGFIX: promises not caught when scrolling down a topic list to load more of them
BUGFIX: CSS on category dropdowns
Updated `top_menu` i18n with available filters
2014-01-18 19:27:25 +01:00
Régis Hanol c1a66b70bb BUGFIX: use previous_visit_at instead of last_seen_at to determine the best period to display in the top summary 2014-01-16 01:36:32 +01:00
Neil Lalonde 4f6b208e8d Posts by trust level 3 users do not have nofollow on their external links. 2014-01-15 11:40:51 -05:00
Régis Hanol e732aa8a86 BUGFIX: we should not store absolute urls for locally uploaded avatar templates
Highly recommended to run: `RAILS_ENV=production bundle exec rake avatars:regenerate` to fix the avatar templates stored in the database.
2014-01-07 17:45:06 +01:00
Neil Lalonde a897c2b091 Add default_external_links_in_new_tab site setting 2014-01-02 15:27:37 -05:00
Robin Ward f145060315 Don't employ the "too many replies" if the user is staff, or if they created the topic.
See: http://meta.discourse.org/t/what-is-the-point-of-limiting-new-users-to-three-replies-per-topic/11696
2014-01-02 12:57:40 -05:00
DV Suresh 24886c300b Correct few spelling in the comments 2013-12-21 01:19:22 -06:00
Neil Lalonde 33c6997ded Move password validation into PasswordValidator 2013-12-19 16:15:47 -05:00
Robin Ward 1cac9fa257 New users can only post `newuser_max_replies_per_topic` times per topic. 2013-12-19 13:45:55 -05:00
Sam 2db3cfb16b annotate models 2013-12-05 17:40:35 +11:00
Régis Hanol 82b78ec6ba schemaless avatar urls 2013-11-22 19:18:45 +01:00
Régis Hanol 3cf5a363f7 do not destroy uploads when destroying a user 2013-11-22 18:29:07 +01:00
railsaholic 34bba737ff Refactor SessionController#create, reduce complexity.
Don't compromise readablity
2013-11-15 22:09:03 +05:30
sirMackk af67284995 User ctrl refactor - breaks up large methods, moves some logic into model
Includes missing methods from backup for travis to pass

fix missing code, failing specs

keep params handling in the controller.
2013-11-09 18:44:13 +05:30
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde 92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Robin Ward f7d6ab579c Merge pull request #1571 from novemberkilo/master
Refactor User#update_last_seen! and User#update_tracked_topics
2013-10-29 08:28:08 -07:00
Sam 95e936c299 cleanup API for looking up a user by email or username, add specs, fix invalid auto association in open id provider 2013-10-28 16:29:07 +11:00
Manoj 96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Navin Keswani 6ce80fd148 Refactor User#update_last_seen! and User#update_tracked_topics 2013-10-23 23:27:30 +02:00
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Robin Ward 2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Manoj 868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Neil Lalonde 0eaf32db45 Add a message to flags created because of the newuser_spam_host_threshold site setting 2013-10-17 15:08:11 -04:00
Manoj 7c03076c2a Refactored Topic#limit_topics_per_day to reduce code climate complexity
Extracted  1) #apply_per_day_rate_limit_for, method as generic
RateLimiter , 2) #limit_first_day_topics_per_day as a separate method,
3) Added User#added_a_day_ago?, 4) Fixed private methods indentation.
2013-10-16 14:58:18 +05:30
Neil Lalonde 3c2c6ab24b Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic. 2013-10-11 13:34:05 -04:00
Sam 5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Sam 441010ac65 optimise view count calculation query 2013-10-02 17:08:53 +10:00
Robin Ward 7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward fcff4e80d1 New `user_stats` table to keep track of queried information on a user.
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00
Robin Ward 2319924206 Adds a class that can detect whether a user has uploaded a custom avatar 2013-09-10 15:39:11 -04:00
Sam 162d94aa02 improve secure_category_id query 2013-09-10 14:29:02 +10:00
Sam 41a1b6942d notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Neil Lalonde 117fc8db58 Change the way nuked users' posts are handled. Allow null in the user_id column of posts. Show these posts in the posts stream. 2013-09-04 15:42:21 -04:00
Sam 61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Sam dfa5a8a83f annotate models 2013-08-28 10:52:06 +10:00
Navin Keswani d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Neil Lalonde 6e79197519 Enum site settings can have translatable names in dropdown. Add setting for how often users get digest emails by default: default_digest_email_frequency. 2013-08-23 17:36:25 -04:00
Sam 472f0684c3 Merge pull request #1345 from salbertson/refactor-find_by_username_or_email
Improve test coverage and refactor User.find_by_username_or_email
2013-08-22 17:14:06 -07:00
Neil Lalonde 3b15e2e58e Banned users are not returned as pending review users 2013-08-22 19:23:49 -04:00
Scott Albertson 1dbe1fb1bc Refactor User.find_by_username_or_email
* Improve test coverage
2013-08-22 09:40:07 -07:00
Sam c0c929be5a optimise query that runs every 10 minutes and takes out the user table 2013-08-20 17:40:22 +10:00
Michael Kirk 4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol 2119774fb6 FIX: custom avatars in email 2013-08-16 09:58:20 +02:00
Régis Hanol c9969738bf FIX: N+1 query for avatars when searching for users 2013-08-16 00:26:49 +02:00
Sam b55c9e391d Merge pull request #1333 from fabianoleittes/fix_type_url
Fix url not to be nil
2013-08-14 20:04:00 -07:00
Fabiano Leite 4df8babb9a Fix url not to be nil 2013-08-14 21:55:25 -03:00
Robin Ward 8fa9c51bf4 FIX: New avatar regression with mixed case email addresses. 2013-08-14 13:05:57 -04:00
Régis Hanol 4866f4d8f5 FIX: N+1 query for avatars 2013-08-14 15:25:05 +02:00
Régis Hanol 5ca187ba57 only the host part of an email address is case insensitive 2013-08-14 19:31:35 +02:00
Régis Hanol c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Robin Ward 6452962f36 FIX: Notification counters were being updated incorrectly. 2013-08-09 12:12:56 -04:00
Neil Lalonde 5f8a130277 Add BlockedEmail, to block signups based on email. Track stats of how many times each email address is blocked, and last time it was blocked. Move email validation out of User model and into EmailValidator. Signup form remembers which email addresses have failed and shows validation error on email field. 2013-07-29 15:29:43 -04:00
Doug Alcorn 35a2bb7919 Parameterize the PBKDF2 algorithm in application config
http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
2013-07-22 21:36:01 -04:00
Sam ecf17cfebb work in progress, add fidelity to category group permissions (full, create posts, readonly) 2013-07-16 15:46:11 +10:00
Sam 1aef6de4b0 automatically approve invited users on forum where moderators must approve (keep in mind only moderators can invite)
speed up specs a touch
allow invite controller to accept an email in absence of user (cleans up API)
2013-07-11 11:22:00 +10:00
Neil Lalonde 9b0f63627b Add blocked users count to dashboard 2013-07-08 12:44:13 -04:00
Juan de Dios Herrero 27b038cd40 Refactored username validations to avoid repeated code 2013-07-07 13:05:18 +02:00
Juan de Dios Herrero e4fc6e02ed Added discourse hub nickname operations simplify and avoid repeated code 2013-07-07 12:40:35 +02:00
Stephan Kaag 89b621d31a Refactor update_all statements in order to prevent deprecation warnings in Rails 4 2013-07-02 18:36:47 +02:00
Neil Lalonde a352b70bfc Permit changing my own username's case without an error saying it is already taken 2013-06-28 16:21:46 -04:00
Sam 6b82f1047a that date there is on purpose for date boundries 2013-06-28 16:08:48 +10:00
Sam 1ec12fc808 this spec is just refusing to work on jenkins 2013-06-28 16:07:36 +10:00
Sam 3c67cf8acd remove timecop, specs were failing and we can avoid it here anyway 2013-06-28 15:14:44 +10:00
Neil Lalonde 8e50b49cf1 Try to fix specs that are failing in jenkins 2013-06-27 17:23:06 -04:00
Neil Lalonde b1d0f30379 Fix AdminUser bulkApprove; add a way to approve a user without sending them the welcome email for cases when must_approve_users is enabled and there are existing users 2013-06-26 13:24:30 -04:00
Dmitriy Budnik d12288de49 adding a missing User association 2013-06-24 17:08:49 +03:00
Sam 298949a343 missing dependency 2013-06-23 14:32:46 +10:00
Sam 4a8a663a67 flagging workflow changes per http://meta.discourse.org/t/we-need-an-archive-flag-notification-button/7450 2013-06-20 17:42:15 +10:00
Sam 799b402778 fix horribly broken invite code, could lead to inviting the wrong person to a conversation 2013-06-19 10:31:19 +10:00
Régis Hanol 454636abf1 annotate models 2013-06-17 02:49:34 +02:00
Juan de Dios Herrero 36fe8fbc6d Added role scopes to roleable 2013-06-07 18:26:06 +02:00
Juan de Dios Herrero 1b92d9d7f8 Added roleable module for User model 2013-06-07 12:33:48 +02:00
Chris Hunt f6ce985121 Send activation email after user approved 2013-06-06 18:37:25 -07:00
Robin Ward bac03a3369 Merge pull request #975 from jd-erreape/username_refactor
[WIP] Refactored user_name suggestion methods into a module
2013-06-06 08:12:29 -07:00
Juan de Dios Herrero 96d23ddd8d Refactored user_name suggestion methods into a module to reduce the complexity of User model 2013-06-06 16:40:10 +02:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Neil Lalonde b55182b983 Use PostDestroyer when deleting all of a user's posts; deleting a post removes its flags and resets its flag counts 2013-06-05 16:05:13 -04:00
Robin Ward dfba2b6e0a FIX: Strip links from google indexed bios when the users are new. 2013-06-05 15:28:10 -04:00
Robin Ward 4392a17b54 Strip out links when displaying a new user's bio 2013-06-04 12:06:25 -04:00
Neil Lalonde 2259e97d42 Add a count of blocked users on the dashboard 2013-06-04 11:53:19 -04:00
Sam d2c1eb090e Merge pull request #921 from nirnanaaa/postgres-truefalse
removed t's and f's from models
2013-05-30 21:38:26 -07:00
Sam e93b7a3b20 more progress towards live unread and new counts, unread message implemented, still to implement delete messages 2013-05-30 16:49:57 +10:00
Sam 33ff87bf44 work in progress, live unread / new counters 2013-05-30 16:49:57 +10:00
nirnanaaa 364113a4d5 removed t and f 's from group model
removed t and f 's from user model as mentioned in #919

removed t's and f's from category model
2013-05-29 22:10:43 +02:00
Sam 46389754d6 Merge pull request #892 from eriko/cas_support
Cas support
2013-05-28 16:13:29 -07:00
Sam ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam 2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Erik Ordway 1575ce7b10 add cas support with a few tests 2013-05-23 13:40:50 -07:00
Robin Ward 7a31630837 Search Refactor: Remove some manual SQL, make search data tables more idomatic Rails/AR 2013-05-22 16:31:13 -04:00
Robin Ward 27828c5ec2 Merge pull request #871 from avdi/refactoring-with-josh-and-avdi
Various refactorings towards Ruby/Rails idiom from Josh Susser and Avdi Grimm
2013-05-21 07:18:50 -07:00
Leonard Garvey b16705be0d Clean up update_visit_record!
update_visit_record! appears to add user_visit record if one
doesn't exist and days_visited is simply a counter for the number
of visit records.
2013-05-18 16:02:06 +10:00
Leonard Garvey 32f4dfd2fb DRY up the user model slightly
regular? is just the inverse of staff?
2013-05-18 16:00:35 +10:00
Josh Susser and Avdi Grimm 2acc80d192 Various idiomatic User refactorings. 2013-05-17 15:44:35 -04:00
Robin Ward d554a59102 Support for a new site setting: `newuser_spam_host_threshold`. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam eb71e9de24 opening move, don't get rid of green notification till the pm is read
TODO a way to list all unread PMs
2013-05-16 16:37:47 +10:00
Sam b6bf95e741 speed up startup (avoid loading some gems on startup)
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam 942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Neil Lalonde f35a44aeae Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account 2013-05-08 10:10:47 -04:00
Sam e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam be1ab8b275 automatic group infrustructure 2013-05-06 14:49:56 +10:00
Sam 5ec52bd2e9 :s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff 2013-05-02 17:22:27 +10:00
Sam e4a76812a6 this is a slightly round about way of making our self oneboxes sane
shrunk avatar to 60px, added global whitelisting
2013-05-01 16:38:13 +10:00
Sam 5cfcdc7ef0 backend for secure categories mostly done (todo pm groups) 2013-04-29 16:33:43 +10:00
Neil Lalonde 75cfcbfa4f Need to require email in user.rb because specs can start failing when running guard 2013-04-18 14:27:04 -04:00
Régis Hanol b24c1a1ad9 better consistency around email case sensitivity 2013-04-15 02:20:33 +02:00
Philipp Weissensteiner 3dcb1905e3 Refactor user controller, create action, mostly.
The gist of the commit are a few improvements in the
create action, where:

* long boolean statemenst have been wrapped in smaller more readable
  methods.
* the 3rd party user info creation has been extracted (still in controller)
* a small helper method for creating a new user from params (to reduce
  visual clutter)
* specs have been added where I came across untested methods/branches

Other changes are more trivial like formatting and whitespace fixes.
Hope this helps. Regards.
2013-04-13 00:53:59 +02:00