879067d000
FIX: check admin theme cookie against user selectable
...
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable
this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
2018-09-07 10:47:28 +10:00
4205c528d0
FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
...
These site settings are very hard to explain and only applicable for very
specific Discourse setups.
If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".
The setting allows you to extend this to TL4 or any trust level.
Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
2711f173dc
FIX: don't allow inviting more than `max_allowed_message_recipients`
...
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows
* add specs for guardian
* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)
Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences
* groups take only 1 slot in PM
* just return if topic is a PM
2018-08-23 14:36:49 +10:00
865cb3feb9
FIX: allow selecting site's default theme from preference
2018-08-10 14:12:02 +03:00
0b7ed8ffaf
FEATURE: backend support for user-selectable components
...
* FEATURE: backend support for user-selectable components
* fix problems with previewing default theme
* rename preview_key => preview_theme_id
* omit default theme from child themes dropdown and try a different fix
* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
decf1f27cf
FEATURE: Groundwork for user-selectable theme components
...
* Phase 0 for user-selectable theme components
- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
7750b30016
FIX: Allow a user to remove their title
...
Somewhere there was a regression and a user couldn't remove their own
title. If they selected '(none)' in the UI it would say it was saved,
but it would not actually be updated in the db.
2018-05-31 17:16:52 -06:00
f7c4c71409
FIX: title selector needs to flag whether title comes from badge or not
2018-04-26 16:51:11 -04:00
a5172a37e0
Allow staff members to enable safe mode, even if disabled
2018-04-25 11:49:57 -04:00
f6cfff3cea
UX: user preferences allows users to choose which title to use from their badges and groups
2018-04-06 14:34:36 -04:00
a8149f8969
FIX: user should not be able to invite to PM if trust level requirment not met
...
FIX: when personal messages are disabled let user invite to a public topic
2018-03-08 14:59:04 +05:30
7cbda949f1
REFACTOR: New spec tests and code improvement
2018-02-22 20:27:02 +05:30
84ce1acfef
FEATURE: Allow staffs to tag PMs
2018-02-21 20:11:46 +05:30
7e48c47d37
rename 'enable_private_email_messages' to 'enable_personal_email_messages'
2018-02-01 13:25:29 +05:30
ff0376a80b
rename 'enable_private_messages' to 'enable_personal_messages'
2018-02-01 13:25:29 +05:30
650ec9c73f
minor test the developer cache first before digging into email
2018-01-17 15:50:41 +11:00
f2565f6c7e
SECURITY: Any group can be invited into a PM.
2017-12-14 14:57:48 +08:00
1f14350220
Rename "Blocked" to "Silenced"
2017-11-10 14:10:27 -05:00
4452d67a23
Revert "FIX: TL0 users' messages to moderators were not being posted when flagging private messages"
2017-10-23 18:17:53 -04:00
79de10b212
FEATURE: Allow users to disable new PMs.
...
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
b124e5f19f
FIX: TL0 users' messages to moderators were not being posted when flagging private messages
2017-10-13 11:55:49 -04:00
db929e58fc
FIX: Don't allow staff to approve users with unverified emails
2017-09-04 12:55:39 -04:00
bb3a5910d7
Support for sending PMs to email addresses ( #4988 )
...
* Added support for sending PMs to email addresses.
* Made changes after review.
* Added settings validator.
* Fixed tests.
2017-08-28 12:07:30 -04:00
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
2a17f1ccd7
FIX: Group owners should be able to invite users to their groups.
...
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
f1a6449e4b
SECURITY: Remove disposable invite feature
2017-07-07 20:24:39 -04:00
c243861b17
FIX: do not show "Send Activation Email" button if `must_approve_users` setting is enabled
...
https://meta.discourse.org/t/error-when-pressing-send-activitation-email-when-must-approve-users-setting-is-enabled/65408
2017-07-04 14:00:50 +05:30
845170bd6b
FEATURE: add support for group visibility level
...
There are 4 visibility levels
- public (default)
- members only
- staff
- owners
Note, admins and group owners ALWAYS have visibility to groups
Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
e7b9b1312e
FEATURE: remove all invites
...
https://meta.discourse.org/t/remove-all-invitations-button-for-the-admin-panel/65207
2017-06-29 22:30:10 +05:30
908433a7a0
SECURITY: Validate the `entity` when downloading a CSV
2017-05-19 16:00:51 -04:00
28f486cb7a
FIX: Regular users shouldn't be able to invite to PMs if disabled
2017-05-19 12:57:21 -04:00
5d9d2cf287
FIX: do not explicitly show email of flagger / flagged user
2017-04-20 22:09:30 +05:30
96f2335c09
FIX: Corrects typo to avoid error 500 on theme change
2017-04-15 01:21:53 +01:00
def7348777
FIX: display custom sections with default theme
...
also cleans up mechanism for previewing themes, cleans up naming,
gets rid of old janky "preview_style", secures local theme key
2017-04-14 13:35:12 -04:00
213a496203
FIX: show all staff events related to the target user
2017-02-22 13:31:40 +05:30
b32f33b3f0
FIX: allow staff members to send PMs when enable_private_messages is disabled
2017-02-22 11:32:09 +05:30
046cbad10b
FEATURE: add a button on admin user page that links to action log
2017-02-21 21:38:37 +05:30
dc2171960b
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:01:23 +05:30
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
ab68e0c9db
FEATURE: allow "developer" account flagging via developers table
...
This mechanism for flagging developer accounts will eventually replace
DISCOURSE_DEVELOPER_EMAILS
2016-07-28 10:14:06 +10:00
d61df21d69
FEATURE: allow people to send messages to themselves (for notes etc)
2016-07-04 11:36:43 +10:00
800081f606
FIX: staged users weren't able to reply in restricted categories
2016-06-26 19:25:45 +02:00
dfdc54957c
FIX: A blocked user should not be able to moderate anything.
2016-06-20 15:51:26 +08:00
b1a94049e0
FIX: only staff can access 'resend all invites' feature
2016-06-07 10:57:08 +05:30
f3f6c2f98f
FEATURE: tag groups
2016-06-06 14:18:48 -04:00
22d7ea1192
FIX: user can't export entity unless they are logged in
2016-05-05 19:12:37 +05:30
e5918c7d00
FEATURE: Merge tagging plugin into core
2016-04-27 11:58:53 -04:00
de82bd946d
FIX: Group members should be able to see their groups even if private
2016-04-26 14:17:53 -04:00
415efd0f5b
FIX: staged user doesn't get notified for replies in topics they created in secured categories
2016-02-24 11:30:17 +01:00
685ba1eb7f
FEATURE: blocked users can send and reply to private messages from staff
2016-01-22 12:54:24 -05:00
Sam
Osama Sayegh
Blake Erickson
Neil Lalonde
Robin Ward
Arpit Jalan
Vinoth Kannan
Guo Xiang Tan
Bianca Nenciu
Guo Xiang Tan
David Taylor
Régis Hanol