Commit Graph

2833 Commits

Author SHA1 Message Date
Guo Xiang Tan 2442bba131 UX: Better group creation workflow.
* Owners and users can now be added to a group during creation.

https://meta.discourse.org/t/you-cannot-allow-membership-requests-without-any-owners/64760/3
2017-07-27 16:12:42 +09:00
Neil Lalonde 24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan b59dfb86f4 UX: Include group name in email when group is invited to a PM.
https://meta.discourse.org/t/xyz-invited-you-to-a-message-but-really-invited-a-group-im-in/65996
2017-07-26 15:51:44 +09:00
Guo Xiang Tan e3ac6585bd FIX: Search by topic_id should not be restricted by `SiteSetting.min_search_term_length`. 2017-07-26 09:52:39 +09:00
Guo Xiang Tan 6c0a29698b Fix JS tests failing when running in `RAILS_ENV=test`.
Fixes the following error:

```
phantomjs /home/tgxworld/work/discourse/vendor/assets/javascripts/run-qunit.js http://localhost:60099/qunit
2017-07-25 16:27:41 +0900: Rack app error handling request { GET /stylesheets/desktop.css }
<Errno::ENOENT: No such file or directory @ rb_sysopen - /home/tgxworld/work/discourse/tmp/stylesheet-cache/desktop.css>
/home/tgxworld/work/discourse/app/controllers/stylesheets_controller.rb:65:in `write'
/home/tgxworld/work/discourse/app/controllers/stylesheets_controller.rb:65:in `show_resource'
/home/tgxworld/work/discourse/app/controllers/stylesheets_controller.rb:9:in `show'
```
2017-07-25 16:31:31 +09:00
Guo Xiang Tan 1b0750d7ef Merge pull request #4983 from tgxworld/group_owners_can_invite_users_to_groups
Group owners can invite users to groups
2017-07-24 16:21:19 +09:00
Leo McArdle 407a23663d FEATURE: send rejection email for unrecognized errors 2017-07-21 18:26:52 +01:00
Guo Xiang Tan 2a17f1ccd7 FIX: Group owners should be able to invite users to their groups.
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Robin Ward 3882722195 FEATURE: Inline (Mini) Oneboxing
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Jakub Macina e5ee4ccc48 Add pagination and checking for more results to search. 2017-07-20 18:12:34 +02:00
Régis Hanol bf6c3b7017 FIX: don't error out when an unsubscribe key isn't associated to a user anymore 2017-07-20 12:24:24 +02:00
Leo McArdle d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Robin Ward cdb3706025 Track clicks on topics in search results 2017-07-17 15:42:32 -04:00
Robin Ward 97e211f837 FEATURE: Log Search Queries 2017-07-14 14:30:58 -04:00
Robin Ward f1a6449e4b SECURITY: Remove disposable invite feature 2017-07-07 20:24:39 -04:00
Sam 340a3ee5cb correct spec to handle not null visibility_level 2017-07-03 16:03:26 -04:00
Sam 845170bd6b FEATURE: add support for group visibility level
There are 4 visibility levels

- public (default)
- members only
- staff
- owners

Note, admins and group owners ALWAYS have visibility to groups

Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
Arpit Jalan 72c92b0f4e FIX: include canonical meta tag on category pages 2017-07-03 13:25:22 +05:30
Arpit Jalan e7b9b1312e FEATURE: remove all invites
https://meta.discourse.org/t/remove-all-invitations-button-for-the-admin-panel/65207
2017-06-29 22:30:10 +05:30
Guo Xiang Tan 7b35c55a1e FIX: Display Google search form when 404 page is rendered by Ember. 2017-06-29 14:37:24 +09:00
Régis Hanol a9c0df0b58 FIX: always try to convert PNG to JPG when pasting an image 2017-06-23 12:13:48 +02:00
Robin Ward ae7734707e REFACTOR: Merge different templates from rendering user stream items 2017-06-20 15:45:41 -04:00
Guo Xiang Tan b5ec241716 FIX: Validate interpolation keys used in translation overrides.
https://meta.discourse.org/t/discobot-translation-missing-error/64429/6?u=tgxworld
2017-06-16 08:54:48 +09:00
Guo Xiang Tan b5249fb4ca FIX: Send request membership PM to last 5 active group owner. 2017-06-15 11:37:09 +08:00
Arpit Jalan 34996b4eff FIX: show invite validation error message in response 2017-06-13 22:41:53 +05:30
Régis Hanol 5d63a7f4a6 FIX: pull hotlinked images even when they have no extension 2017-06-13 13:27:05 +02:00
Guo Xiang Tan a5d3abc9b6 FIX: Create group membership request on behalf of user. 2017-06-13 17:49:21 +09:00
Régis Hanol 54e8fb0d89 FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting 2017-06-12 22:41:29 +02:00
Robin Ward 2ff850d446 FIX: If forcing a refresh, don't return a onebox preview 2017-06-12 14:05:59 -04:00
Neil Lalonde 0b41046238 don't force SiteSetting.title into meta title tag 2017-06-12 13:50:50 -04:00
Arpit Jalan b9c94aa234 FEATURE: add required user fields to invite accept form
UX: make "accept invitation" page consistent with sign up modal
2017-06-12 20:43:07 +05:30
Guo Xiang Tan 5994c85ea9 FIX: Raise the right error when email params is missing. 2017-06-12 17:48:32 +09:00
Arpit Jalan 6e37f09b19 UX: add email to '/email/unsubscribed' page 2017-06-10 09:51:12 +05:30
Régis Hanol 038454bde2 FIX: always confirm emails when SSO says so 2017-06-08 01:05:33 +02:00
Robin Ward 54bb2a6bc2 FIX: Don't redirect to wizard when resetting password 2017-06-07 12:36:52 -04:00
Guo Xiang Tan 2cad739262 FIX: Better error message when username change fails.
https://meta.discourse.org/t/500-error-on-username-edit/64064
2017-06-07 10:45:53 +09:00
Sam b4060778d9 FIX: you should always be allowed to see actions you created 2017-06-02 14:24:06 -04:00
Guo Xiang Tan 2ee144c27f FEATURE: Add DiscourseEvent trigger when a user logs in.
* Also adds a event trigger when user logs in for the first time.
2017-06-01 17:44:49 +09:00
Sam 607998af33 FEATURE: dropdown to filter staff action logs 2017-05-30 11:25:42 -04:00
Arpit Jalan d2c2139da8 FEATURE: require name when accepting invite if 'full name required' setting is enabled 2017-05-29 21:46:43 +05:30
Robin Ward b584264d82 FIX: Don't show "resend email" option when user approval is on 2017-05-25 15:29:05 -04:00
Sam 29fac1ac18 PERF: improve performance of unread queries
Figuring out what unread topics a user has is a very expensive
operation over time.

Users can easily accumulate 10s of thousands of tracking state rows
(1 for every topic they ever visit)

When figuring out what a user has that is unread we need to join
the tracking state records to the topic table. This can very quickly
lead to cases where you need to scan through the entire topic table.

This commit optimises it so we always keep track of the "first" date
a user has unread topics. Then we can easily filter out all earlier
topics from the join.

We use pg functions, instead of nested queries here to assist the
planner.
2017-05-25 15:07:30 -04:00
Robin Ward 6eb6c25816 FIX: Keep the flash when redirecting for login_required 2017-05-25 14:10:15 -04:00
Robin Ward ca965f83c3 Revert "FIX: If login is required, redirect to the `/login` route instead of root"
This reverts commit 8a8dec550b.
2017-05-25 14:04:28 -04:00
Robin Ward 8a8dec550b FIX: If login is required, redirect to the `/login` route instead of root 2017-05-25 13:35:15 -04:00
Robin Ward cdbe027c1c Refactor `FileHelper` to use keyword arguments. 2017-05-24 13:54:26 -04:00
Sam d0f84aa14e FIX: missing to_i which breaks selector component for anon 2017-05-24 11:39:10 -04:00
Guo Xiang Tan 238a156300 FIX: `TopicTimestampChanger` should not allow timestamps in the future. 2017-05-22 16:03:49 +08:00
Guo Xiang Tan 4382a0bb07 Rename `PostTimestampChanger` -> `TopicTimestampChanger`. 2017-05-22 15:01:33 +08:00
Robin Ward 908433a7a0 SECURITY: Validate the `entity` when downloading a CSV 2017-05-19 16:00:51 -04:00
Guo Xiang Tan 8ab9f30bbd FIX: User can't remove bookmark from a deleted post. 2017-05-19 12:25:12 +08:00
Arpit Jalan 1fd8e426f2 FIX: better uploads error page 2017-05-18 23:29:37 +05:30
Régis Hanol 13e489b4ca replace the upload type whitelist with a sanitizer 2017-05-18 12:13:13 +02:00
Sam 2a5a01af2e improve error on theme upload, add gif to allowed uploads 2017-05-17 16:29:09 -04:00
Neil Lalonde a0f03936ff FIX: saving invisible primary group field that you don't belong to 2017-05-17 12:46:50 -04:00
Sam e1dd543a93 FEATURE: allow users to select theme on single device 2017-05-15 12:48:16 -04:00
Sam 2d96a0785d FEATURE: theme selection is now global per-user 2017-05-12 12:41:34 -04:00
Neil Lalonde 55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
Pat David 18de62b015 Add get_embeddable_css_class to assist multi-site embed styling
If present, pass embeddable_host.class_name to view for inclusion
on the <html> element as a class for targeted styling.
2017-05-11 15:16:16 -04:00
Pat David 4bf8548dc5 Add embed class name setup for embeddable hosts 2017-05-11 15:16:16 -04:00
Régis Hanol 9641d2413d REFACTOR: upload workflow creation into UploadCreator
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Sam 04b5516bf2 improve upload functionality 2017-05-10 15:47:11 -04:00
Sam bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Sam Saffron c2829dce22 FIX: base sql vanishes after badge creation 2017-05-09 09:25:57 -04:00
Robin Ward afe04b8bbb FIX: Possible 500 error if category saved incorrectly 2017-05-08 15:17:58 -04:00
Arpit Jalan e89d0a6b20 FIX: importing a theme via file was broken 2017-05-08 12:03:24 +05:30
Robin Ward 777f1f0f47 FIX: Return a 404 if the auth session is not present 2017-05-04 15:35:24 -04:00
Robin Ward 1768c45a33 FIX: If we can't proxy to a CDN due to HTTP error, render blank 2017-05-04 12:42:46 -04:00
Robin Ward 57a2042ef6 FIX: Quiet server side errors for requesting json for account-created 2017-05-04 12:30:13 -04:00
Guo Xiang Tan 3eb920e2b0 Merge pull request #4841 from fantasticfears/webhook-ping
add event name for ping webhooks in the header
2017-05-04 04:54:40 +08:00
Robin Ward 81190f5d66 FIX: Redirect away from `account-created` if you're logged in 2017-05-03 11:18:01 -04:00
Robin Ward 12fb20fe1b FEATURE: Allow users to resend/update email from confirmation page 2017-05-03 11:18:01 -04:00
Robin Ward b381372184 Use Ember.js for the `/u/account-created` path so we can add controls 2017-05-03 11:18:01 -04:00
Sam 946f25098f Refactor theme fields so they support custom theme defined vars
This paves the way to allowing themes to specify uploads and so on.
2017-05-02 16:02:14 -04:00
Arpit Jalan 77a8cae094 FIX: rescue specific errors on invite failure 2017-05-02 15:13:33 +05:30
Erick Guan 9f8a917d65 add event name for ping webhooks in the header 2017-05-02 08:13:23 +02:00
Neil Lalonde 0722ffadf1 Remove site settings enforce_global_nicknames and discourse_org_access_key 2017-05-01 14:53:16 -04:00
Guo Xiang Tan 304ace926e FIX: Raise right response when post_action does not exist. 2017-04-27 17:29:53 +08:00
Guo Xiang Tan e4b9f72f9e FIX: Force the right encoding when handling email. 2017-04-27 16:51:54 +08:00
Arpit Jalan b755279cf0 remove unneeded code 2017-04-27 08:47:47 +05:30
Arpit Jalan e3f82140d8 more readable code for filtering username/email when bulk adding to group 2017-04-27 08:43:28 +05:30
Arpit Jalan b41d96fac1 FIX: properly initialize hashes 2017-04-27 02:56:14 +05:30
Arpit Jalan 285c167fae FEATURE: provide more details when performing a bulk add to group 2017-04-27 01:37:51 +05:30
Guo Xiang Tan 6f7c6b0fd0 FIX: Incorrect error raised. 2017-04-25 09:59:01 +08:00
Guo Xiang Tan 423f2ab228 FIX: Processing incoming email should be done in a background job. 2017-04-24 13:57:28 +08:00
Sam 7a9eee1b71 FEATURE: default notification level for group messages
also fixes it so staff can amend other user's group notification level
2017-04-20 15:47:35 -04:00
Arpit Jalan ea26c56631 FIX: redirect to login page for anonymous user when profiles are hidden 2017-04-20 13:00:45 +05:30
Robin Ward 8b8ee2ad61 Pass a context in when using a HTML builder 2017-04-18 12:35:35 -04:00
Arpit Jalan 1c23aedccf FIX: always send password reset email when accepting invite if password is not set 2017-04-18 14:37:06 +05:30
Robin Ward 1363988cd7 Support for an HTML builder that can create dynamic HTML 2017-04-17 17:32:55 -04:00
Sam 86904e9cd6 FIX: better error handling for theme import 2017-04-17 16:55:53 -04:00
Arpit Jalan 0954367bf4 FIX: send activation email when accepting invite if password is set 2017-04-15 14:59:50 +05:30
Guo Xiang Tan 04016f0dec Support Ruby 2.4. 2017-04-15 12:29:00 +08:00
Sam ed2e62f845 correct environment handling for test mode 2017-04-14 14:00:46 -04:00
Sam def7348777 FIX: display custom sections with default theme
also cleans up mechanism for previewing themes, cleans up naming,
gets rid of old janky "preview_style", secures local theme key
2017-04-14 13:35:12 -04:00
Arpit Jalan ef093b1610 Merge pull request #4807 from techAPJ/email-token-social
FIX: confirm email token for user created via social login
2017-04-13 16:18:15 +05:30
Guo Xiang Tan 3d76fb9c2c FIX: Don't show category options for reports that can't be scoped to a category. 2017-04-13 17:10:55 +08:00
Arpit Jalan 7fb17b83c4 FIX: confirm email token for user created via social login 2017-04-13 14:15:32 +05:30
Guo Xiang Tan ee449b0dd5 Improve SSO verbose log when user record is invalid. 2017-04-13 11:39:26 +08:00
Guo Xiang Tan 57788200ec REFACTOR: Add `User.reserved_username?`. 2017-04-13 10:44:26 +08:00
Sam a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Sam Saffron 0013a23dc1 SECURITY: prefer render plain/html to render text where possible 2017-04-10 08:01:42 -04:00
Guo Xiang Tan 9663a74445 FIX: Ensure `username` param is valid in `NotificationsController`. 2017-04-07 17:32:52 +08:00
Régis Hanol 93556bb950 Merge pull request #4793 from rcgordon/smtp-fast-rejection
Added an API to ask if an incoming email should be dropped at the SMTP level.
2017-04-07 09:59:52 +02:00
Neil Lalonde 708f65f740 FIX: web crawlers getting 404 on category pages 2017-04-06 14:52:06 -04:00
Ryan C. Gordon 888d1512ec Corrected indentation. 2017-04-06 01:49:34 -04:00
Aashaka Shah 402eaaa773 FEATURE: add og tags to metadata in individual badges page 2017-04-06 09:32:53 +05:30
Guo Xiang Tan 5943543ec3 FIX: Improve checks for non-human users. 2017-04-06 11:29:34 +08:00
Ryan C. Gordon c51af13338 smtp_should_reject API: use better approach to find user email. 2017-04-05 23:10:36 -04:00
Ryan C. Gordon a51c191a66 Make Email::Receiver.check_address() into a class method. 2017-04-05 23:10:36 -04:00
Ryan C. Gordon e15d11df18 Added an API to ask if an incoming email should be dropped at the SMTP level.
This lets an SMTP server optionally decide if it should reject a mail without
passing it on to Discourse at all, possibly before even reading the
email's payload, to prevent spam-induced backscatter and save resources.

This just does the bare minimum sanity checking that could prevent obvious
backscatter. For legit errors from legit users, Discourse will still send a
much more pleasant reply email.
2017-04-05 23:10:36 -04:00
Robin Ward 40ab2e5667 FEATURE: Let users update their emails before confirming
This allows users who entered a typo or invalid email address when
signing up an opportunity to fix it and resending the confirmation
email to that address.
2017-04-05 16:44:49 -04:00
Robin Ward 3839206317 FIX: Return JSON errors for `by-external` if JSON requested 2017-04-04 16:22:14 -04:00
Robin Ward 17f2974d0a SECURITY: Confirm new administrator accounts via email 2017-04-04 15:59:01 -04:00
Guo Xiang Tan 406d721f11 Fix `NilClass` error in `UsersController`. 2017-04-04 14:17:45 +08:00
Guo Xiang Tan f4758a4c4d FEATURE: Allow admins to schedule a topic to be published in the future. 2017-04-04 11:16:05 +08:00
Guo Xiang Tan 0bbad5040a `topic-status-info` component wasn't updated when topic is closed/opened. 2017-03-31 15:58:26 +08:00
Guo Xiang Tan b6e9871b4b Update `Topic#closed` client side when closing/opening a topic temporarily. 2017-03-31 15:05:00 +08:00
Guo Xiang Tan 34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Robin Ward 14410b71fb Convert server side paths to use `/u/` 2017-03-30 10:23:24 -04:00
Guo Xiang Tan a818fa9831 FIX: Show stats of the last 30 days be default for admin reports.
* `1.month.ago + 1.month` uses the calendar month for calculations
  such that `1.month.ago` from the 30th of March 2017 will give
  us the 28th of February 2017. Adding one month ahead from
  28th February 2017 will be 28th of March 2017.
2017-03-30 09:48:10 +08:00
Arpit Jalan f3cd5f61c5 FEATURE: Send anonymized usage statistics to Discourse if Discourse Hub can't reach the site 2017-03-28 09:07:23 +05:30
Neil Lalonde 11ce73b8ed FEATURE: category setting for default top period 2017-03-22 16:54:18 -04:00
Sam 8e5e3b5af8 FIX: sso provider require return_sso_url 2017-03-22 09:08:38 -04:00
Robin Ward 874e8900af Display email address in SSO error message. 2017-03-21 15:37:46 -04:00
Robin Ward aeaf5075bf Custom errors for when Email is invalid via SSO 2017-03-21 15:23:38 -04:00
Robin Ward 52d78294cc Render a layout when there's an SSO error 2017-03-21 15:23:38 -04:00
Arpit Jalan 82c0f5f587 Merge pull request #4767 from techAPJ/activate-account
FIX: send activation email if user have unconfirmed email address
2017-03-21 09:44:23 +05:30
Arpit Jalan 7c3ae50dcd FIX: send activation email if user have unconfirmed email 2017-03-21 09:41:50 +05:30
Sam Saffron b94c7b4902 missing disposition 2017-03-20 17:07:32 -04:00
Sam 652b2d7199 remove redundent header setting 2017-03-20 16:08:18 -04:00
Sam c106ca6778 FEATURE: fallback asset path for multi host setups 2017-03-20 15:59:17 -04:00
Guo Xiang Tan 1d4993a185 FIX: Sync user's notification channel before preloaded current user data.
This is to fix the problem where a newly created user would not
receive live updates for the first notification if the notification
is published before the client has subscribed to the channel.
2017-03-20 17:17:21 +08:00
Robin Ward f5f54c1b77 Merge pull request #4764 from tgxworld/nuke_backticks
FIX: Don't use backticks that take in inputs.
2017-03-17 15:40:23 -04:00
Guo Xiang Tan e7c972ac89 FIX: Don't use backticks that take in inputs. 2017-03-17 15:33:51 +08:00
Victor van Poppelen 9e60f9f093 JSON API parsing error on CSRF exception: single quotes in ['BAD CSRF'] is invalid JSON:
https://meta.discourse.org/t/json-api-parsing-error-single-quotes-used-for-errors-like-bad-csrf/58869
2017-03-16 16:47:18 -07:00
Guo Xiang Tan bbc85e1e29 Merge pull request #4750 from discourse/group_login_registration_flow
FEATURE: Redirect to groups page and apply group actions upon login/s…
2017-03-16 09:50:56 +08:00
Guo Xiang Tan ca965bb455 FEATURE: Redirect to groups page after login/registration flow. 2017-03-16 09:48:51 +08:00
Guo Xiang Tan 1a7e954e09 FIX: Store custom emojis as uploads.
* Depending on a hardcoded directory was a flawed design
  which made it impossible to debug when custom emojis go
  missing.
2017-03-14 13:07:18 +08:00
Neil Lalonde 6d7e968e30 FEATURE: box-style rendering of sub-categories 2017-03-13 15:25:52 -04:00
Sam a690121805 SECURITY: always allow staff to resend activation mails 2017-03-13 10:32:24 -04:00
Sam 1a745ca16a else @user makes no sense :) 2017-03-13 10:22:23 -04:00
Guo Xiang Tan 9364d8ce71 FIX: Store user's id instead for sending activation email.
* Email and username are both allowed to be used for logging in.
  Therefore, it is easier to just store the user's id rather than
  to store the username and email in the session.
2017-03-13 20:24:55 +08:00
Guo Xiang Tan 7ebfa3c901 SECURITY: Only allow users to resend activation email with a valid session.
* Improve error when an active user tries to request for an activation email.
2017-03-13 19:35:29 +08:00
Arpit Jalan 848120c098 FEATURE: RSS feed for top page period filters 2017-03-13 15:23:46 +05:30
Sam f13367cecd FIX: latest + category not respecting homepage category suppression 2017-03-10 15:17:51 -05:00
Sam bc1a6ccb90 Merge pull request #4741 from tgxworld/allow_bookmark_removal
FIX: Allow user to remove bookmark from posts as long as bookmark is …
2017-03-10 12:49:20 -05:00
Arpit Jalan f7e7ca3937 FEATURE: anonymized site statistics 2017-03-10 18:50:26 +05:30
Régis Hanol 00380d84c5 UX: display text & html parts alongside raw email in incoming email modal 2017-03-08 23:15:42 +01:00
Arpit Jalan 801b5838e1 FIX: do not show faq/guidelines page to anonymous users for private forums 2017-03-08 16:00:49 +05:30
Arpit Jalan 090236b15b FIX: do not show about page to anonymous users for private forums 2017-03-08 13:15:44 +05:30
Guo Xiang Tan 689dd16be0 FIX: Allow user to remove bookmark from posts as long as bookmark is present.
https://meta.discourse.org/t/bookmark-issue-when-access-to-topic-is-lost-pms/51993
2017-03-08 13:53:49 +08:00
Neil Lalonde d95e4102c1 FIX: tags created in secured categories should not be forbidden outside those categories 2017-03-07 11:46:46 -05:00
Rafael dos Santos Silva c3477cd40d Merge pull request #4716 from discourse/bounced_emails_details
FEATURE: Allow checking the raw response of a bounced email
2017-03-06 13:30:19 -03:00
Guo Xiang Tan 477eb0591e FIX: Posts in a deleted topic couldn't be moved.
https://meta.discourse.org/t/moving-posts-to-new-topic/58436/4
2017-03-06 14:56:20 +08:00
Sam c99f4260c0 Merge pull request #4729 from tgxworld/dont_mark_user_as_valid
FIX: Don't mark user as `active` if verified email is different.
2017-03-03 15:57:30 -05:00
Neil Lalonde 6aab8cb331 FEATURE: new category setting for whether to show latest topics or top topics by default 2017-03-03 11:30:44 -05:00
Rafael dos Santos Silva aac4a4ed94 Handle invalid parameters and missing bounced emails 2017-03-02 20:37:28 -03:00
Neil Lalonde ca20cb9941 FEATURE: subcategories can be discovered by web crawlers on page 1 of the parent category topics list 2017-03-02 15:06:56 -05:00
Guo Xiang Tan 3d347fb9c4 FIX: Don't mark user as `active` if verified email is different. 2017-03-02 14:24:30 +08:00
Sam dbfea9b5b0 correct refactor 2017-03-01 18:26:26 -05:00
Sam c79b146283 FEATURE: make list controller a bit more extensible 2017-03-01 16:41:09 -05:00
Neil Lalonde 262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
Blake Erickson 80858bae2c FEATURE: further restrict downloading of backups
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
Arpit Jalan 877957ae88 Merge pull request #4715 from techAPJ/login-per-ip
FEATURE: new site setting for max logins per ip per hour/minute
2017-02-27 18:24:53 +05:30
Arpit Jalan cba51e1c38 FEATURE: new site setting for max logins per ip per hour/minute 2017-02-27 16:58:03 +05:30
Régis Hanol fdf749770b remove unecessary '.limit(1)' 2017-02-24 12:56:13 +01:00
Régis Hanol a2c04be718 FIX: eradicate I18n fallback issues 💣
FIX: client's translation overrides were not working when the current locale was missing a key
FIX: ExtraLocalesController.show was not properly handling multiple translations
FIX: JsLocaleHelper#output_locale was not properly handling multiple translations

FIX: ExtraLocalesController.show's spec which was randomly failing
FIX: JsLocaleHelper#output_locale was muting cached translations hashes

REFACTOR: move 'enableVerboseLocalization' to the 'localization' initializer
REFACTOR: remove unused I18n.js methods (getFallbacks, localize, parseDate, toTime, strftime, toCurrency, toPercentage)
REFACTOR: remove all I18n.pluralizationRules and instead use MessageFormat's pluralization rules

TEST: add tests for localization initializer
TEST: add tests for I18n.js
2017-02-24 11:31:21 +01:00
Sam Saffron 3754b038e8 fix brotli origin 2017-02-23 18:26:40 -05:00
Sam f15f61da0a FEATURE: add immutable caching to rails site of things 2017-02-23 13:05:00 -05:00
Rafael dos Santos Silva 5296f00c28 FEATURE: Allow checking the raw response of a bounced email 2017-02-22 14:51:33 -03:00
Neil Lalonde a702330ccd FEATURE: make show_subcategory_list a per-category setting 2017-02-22 11:42:36 -05:00
Régis Hanol 3ce3abef8f FIX: add Content-Disposition and Content-Type headers when downloading attachments 2017-02-20 15:59:01 +01:00
Régis Hanol f51e3b2131 FIX: should not be able to rename a system badge 2017-02-20 14:35:05 +01:00
Régis Hanol cb99f59ec3 reset bounce score when email is successfully changed 2017-02-20 10:37:01 +01:00
Sam 1935f624b8 FEATURE: reset active record cache in sidekiq if needed
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Sam Saffron 040e10a627 reduce duplication 2017-02-15 17:27:10 -05:00
Neil Lalonde d0fbb27f3e FEATURE: new invite acceptance page, where username can be chosen and password can be set 2017-02-15 16:51:57 -05:00
Sam 3818c196e0 remove disallowed params 2017-02-15 16:47:14 -05:00
Sam 74d4209d24 FEATURE: allow plugins to register custom topic list filters 2017-02-15 15:25:43 -05:00
Nicolas 1deec95ccb Use `natural` orientation for web app manifest.
The `any` orientation forces the rotation even when the device's screen
 rotation is disabled. Using `natural` respects that and restores the
 expected behaviour.
2017-02-12 18:04:06 +00:00
Jeff Atwood 3ee7a9266c Merge pull request #4686 from tgxworld/group_is_visible_if_user_is_group_owner
FIX: Show groups that user is owner of on groups page.
2017-02-11 22:18:44 -08:00
Sam Saffron 4332f0dde1 FEATURE: allow user search API to restrict to group 2017-02-09 18:45:39 -05:00
Sam ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Sam 2dec731da3 SECURITY: correctly validate input when admin searches for screened ips 2017-02-06 16:11:16 -05:00
Régis Hanol 27fb9c8804 FIX: bounce webhooks should also use recipient address 2017-02-05 19:06:35 +01:00
Neil Lalonde c4e10f2a9d FEATURE: redesign the change password page to use javascript and validations 2017-02-03 16:09:24 -05:00
Arpit Jalan 5523d0dbf9 fix the build 2017-02-03 15:35:33 +05:30
Arpit Jalan 26ccf61ab1 FIX: sane error message when inviting an existing user 2017-02-03 14:27:27 +05:30
Guo Xiang Tan 61111a3f9b FIX: Show groups that user is owner of on groups page. 2017-02-03 16:51:32 +08:00
Guo Xiang Tan 18007ed34b FIX: Can't use an internal name here if `SiteSetting.convert_pasted_images_to_hq_jpg` is `false`. 2017-02-01 14:51:56 +08:00
Guo Xiang Tan f6d9745c5f Bye bye byebug. 2017-02-01 14:50:14 +08:00
Guo Xiang Tan 6c8c91dca4 UX: Change default filename for images that have been pasted. 2017-02-01 14:44:41 +08:00
Arpit Jalan 9dd09e453b FEATURE: add explicit confirmation button to accept the invite 2017-01-25 15:50:30 +05:30
Guo Xiang Tan 781d83a46f FIX: Toggling a post's wiki status should not skip revision. 2017-01-25 13:34:55 +08:00
Guo Xiang Tan 0a25df67bc Revert "FIX: Incorrect parameter being passed to component."
This reverts commit d354a6f7a4.
2017-01-25 13:12:24 +08:00
Guo Xiang Tan d354a6f7a4 FIX: Incorrect parameter being passed to component. 2017-01-25 13:09:08 +08:00
Guo Xiang Tan 32846aad2a FIX: Toggling post's wiki status should not create a new version. 2017-01-20 15:42:33 +08:00
Régis Hanol fbf9172db8 FIX: log backups download/destroy staff action
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:53:31 +01:00
Guo Xiang Tan 515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00
Arpit Jalan e793caf3e3 FIX: only allow CSV file to be uploaded for bulk invite 2017-01-11 16:26:01 +05:30
Guo Xiang Tan d6bf5b0e78 Use `any` orientation for web app manifest. 2017-01-11 17:32:24 +08:00
Guo Xiang Tan cdd550e947 Use a different Redis key when PG failover sets site to readonly mode. 2017-01-11 16:38:49 +08:00
Neil Lalonde fc0a0a76a4 Add more info in staff action logs for blocking a user, and add logging for lock trust level, activate, and deactive user 2017-01-10 17:25:36 -05:00
Guo Xiang Tan 68300f515c FIX: Return 404 if id is not valid. 2017-01-06 10:39:44 +08:00
Neil Lalonde 685e6bdbab FIX: tags canonical url can raise error or be wrong 2017-01-05 15:17:23 -05:00
Claas Augner bec10ada2a
Remove unused email templates from controller 2017-01-05 15:31:14 +01:00
Guo Xiang Tan 5098baee2f FIX: Undefined variable. 2017-01-04 17:37:23 +08:00
Guo Xiang Tan 43671b1fda UX: Display group fullname in mention autocomplete. 2017-01-04 11:40:14 +08:00
Rafael dos Santos Silva d3fb724578 Merge pull request #4632 from xfalcox/native-app-banner
FEATURE: Opt-in native Discourse app install banner
2017-01-03 16:32:24 -02:00
Rafael dos Santos Silva d7c8c2d5e3 FEATURE: Opt-in native Discourse app install banner on Android/iOS 2017-01-03 15:50:45 -02:00
Guo Xiang Tan ad4a96d387 FIX: Only send membership request to the last 5 active group owners. 2017-01-03 15:33:57 +08:00
Guo Xiang Tan 5aee2673c7 FIX: Push null fields to last when sorting group members. 2016-12-22 14:55:24 +08:00
Guo Xiang Tan 5605700fa9 UX: Sort groups by name. 2016-12-22 14:46:20 +08:00
Guo Xiang Tan 8551d821a0 FEATURE: Add site setting to disable group directory. 2016-12-22 14:14:22 +08:00
Guo Xiang Tan 5e75d5c1bf PERF: N+1 query on groups page. 2016-12-21 20:59:09 +08:00
Guo Xiang Tan 5d7f3223f0 SECURITY: Users can only bookmark posts which they can see. 2016-12-21 12:01:26 +08:00
Guo Xiang Tan 9db5d5b6a7 FIX: Incorrect serializer for groups page. 2016-12-20 15:44:22 +08:00
Guo Xiang Tan 7c7c233c1c FIX: Can't update `Groups#allow_membership_requests` in admin. 2016-12-20 15:14:35 +08:00
Guo Xiang Tan 502e114c60 FIX: Incorrect count when loading more groups. 2016-12-20 14:39:44 +08:00
Guo Xiang Tan 193f8301a4 FIX: Do not show automatic groups to normal users. 2016-12-20 14:26:49 +08:00
Régis Hanol 52cd9972bb FIX: prevent DDoS with lots of _oneboxable_ links
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Sam 2b808ad9da Merge pull request #4609 from joebuhlig/category-topics-wiki
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde 923cf73c6e Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox. 2016-12-19 14:54:07 -05:00
Joe Buhlig 87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Guo Xiang Tan 18c8323987 FIX: Incorrect path for redirect. 2016-12-19 18:12:15 +08:00
Sam e0ff57ca75 SECURITY: prevent reuse of password reset 2016-12-19 18:00:22 +11:00
Sam dd383300b1 FEATURE: rate limit by login on password reset 2016-12-19 11:03:07 +11:00
Sam 15b5fddd49 SECURITY: protect upload params, only allow very strict filenames 2016-12-19 10:16:18 +11:00
Sam 61eb134181 FEATURE: setting to allow arbitrary redirects from sso origin
if sso_allows_all_return_paths is set to true you can redirect off-site from sso success
2016-12-16 13:37:44 +11:00
Sam 6ff309aa80 SECURITY: don't grant same privileges to user_api and api access
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
Sam 98f4a2adcb FIX: on 404 from brotli asset path return a correctly encoded doc
old implementation would cache the 404 for 1 year with incorrect encoding

hilarity would ensue
2016-12-15 16:05:20 +11:00
Guo Xiang Tan 4b940dc8bd FEATURE: Add groups page. 2016-12-14 17:27:47 +08:00
Robin Ward 03bc6f70f9 Better error messages when embedding fails 2016-12-13 14:38:05 -05:00
Guo Xiang Tan 2686ee5ab2 FIX: Admin can't add/remove public group users. 2016-12-13 16:39:44 +08:00
Guo Xiang Tan 43ee9f884e FEATURE: Add `Group#full_name`. 2016-12-13 16:16:26 +08:00
Guo Xiang Tan 7bfabb029b UX: Move editing group from into an individual tab. 2016-12-13 15:15:20 +08:00
Guo Xiang Tan da7009a968 FEATURE: Add request membership button for allowed groups. 2016-12-12 22:48:08 +08:00
Guo Xiang Tan 9a800107cb FIX: Associate category logo and background to uploads record. 2016-12-12 17:37:28 +08:00
Guo Xiang Tan 05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Guo Xiang Tan 790f1ef9f3 FIX: Permit missing params. 2016-12-12 17:00:30 +08:00
Guo Xiang Tan be5b5f6bea FEATURE: Public groups. 2016-12-12 17:00:30 +08:00
Guo Xiang Tan b9b4b0c175 FIX: Members should be ordered by username. 2016-12-08 14:27:38 +08:00
Guo Xiang Tan a2da2971af FEATURE: Allow columns on group members page to be sortable. 2016-12-08 10:49:12 +08:00
Robin Ward d379f57c58 FIX: Show an error page if `finish-installation` can't run 2016-12-07 11:10:08 -05:00
Guo Xiang Tan 81d333289e FIX: Return 503 when in readonly mode. 2016-12-07 14:04:42 +08:00
Guo Xiang Tan 545dfa7191 FEATURE: Allow group owners to edit title. 2016-12-07 10:26:28 +08:00
Sam 1135e00c83 FIX: regression unable to dismiss unread 2016-12-06 08:49:40 +11:00
Erick Guan 52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Arpit Jalan 431aa79bb3 Merge pull request #4587 from techAPJ/invite-upload
FIX: simplify CSV file upload
2016-12-05 14:30:13 +05:30
Guo Xiang Tan adb7fcb6b3 FEATURE: Add bio to group page. 2016-12-05 16:58:04 +08:00
Arpit Jalan ce974da9e5 FIX: simplify CSV file upload 2016-12-05 14:09:08 +05:30
Guo Xiang Tan 31acd311e5 FEATURE: Allow group owners to edit group name and avatar flair. 2016-12-05 14:27:46 +08:00
Sam dc66f6681a add spec for brotli controller, ensure cached correctly 2016-12-05 16:08:36 +11:00
Sam 8a98d617df correct headers and add better caching 2016-12-05 15:11:07 +11:00
Sam 39a524aac8 FEATURE: brotli cdn bypass for assets
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam 1db9d17756 Make removal of topic columns more resilient to deploys 2016-12-05 12:11:46 +11:00
Sam 33d0a23d84 Merge branch 'fix_whisper' 2016-12-05 10:01:03 +11:00
Neil Lalonde dafd1453d6 FIX: topic list filters for bookmarked, posted, and read now work with tag filter 2016-12-02 15:58:14 -05:00
Guo Xiang Tan bc0a8142fe PERF: Only show members count on group page. 2016-12-02 16:28:54 +08:00
Sam c04d4171ff FIX: whisper no longer experimental
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
Sam b8dc58be90 got to be careful with integrity specs 2016-11-29 18:01:09 +11:00
Sam 266322ce2e FEATURE: add help text for no bookmarks in user page 2016-11-29 17:56:00 +11:00
Guo Xiang Tan d95fbd89d0 Enable miniprofiler in development automatically. 2016-11-29 10:59:10 +08:00
Joe Buhlig 0390deba40 FIX: Add tags to list options from params 2016-11-26 08:24:52 -06:00
Guo Xiang Tan 559918c6c6 PERF: Add endpoint to check if a group can be mentioned by user. 2016-11-26 02:20:46 +08:00
Guo Xiang Tan 5794f1619d PERF: Fix N+1 queries when loading groups. 2016-11-26 02:20:26 +08:00
Guo Xiang Tan 712ff01f38 PERF: Remove eager load. 2016-11-25 11:21:08 +08:00
Guo Xiang Tan 63a88ee6e7 Merge pull request #4566 from tgxworld/fix_perf_redirect_to_top
Fix perf redirect to top
2016-11-25 03:39:56 +01:00
Sam 88a46be051 FEATURE: display text excerpts when scrolling on mobile 2016-11-25 11:35:29 +11:00
Neil Lalonde f885e5b5e6 fix success response handling of sending digest preview email 2016-11-24 15:05:33 -05:00
Guo Xiang Tan 84914c5e1f PERF: Fix N+1 query. 2016-11-24 17:47:14 +08:00
Guo Xiang Tan b889bfefbb PERF: Don't calculate the same query twice. 2016-11-24 14:05:26 +08:00
Neil Lalonde 47aa3d94aa FEATURE: send digest preview to an email address 2016-11-23 17:51:57 -05:00
Sam e2c87da42a FEATURE: Add basic support for Safe Mode
In Safe Mode all JS extensions and site customizations are disabled.

To access Safe Mode visit `sitename.org/safe-mode`
2016-11-21 16:46:14 +11:00
Guo Xiang Tan f824afb4d3 FEATURE: Allow date_of_field column to be updated. 2016-11-17 15:16:58 +08:00
cpradio c3d4c949f1 Add comments to relevant sections denoting "create new topic" scenario is not supported for cannot-see-mention (per @coding-horror instruction) 2016-11-16 06:26:36 -05:00
Robin Ward 32a8d5ed1f Merge pull request #4550 from cpradio/cannot-see-mention
FEATURE: Notify user when mention can't see the reply they were mentioned in
2016-11-15 16:40:47 -05:00
Sam 63d9d4f301 FIX: properly specify default on no cache on all resources 2016-11-15 17:00:44 +11:00
cpradio 824c235760 FEATURE: Notify user when mention can't see the reply they were mentioned in
FIX: Group Mention Notifications
2016-11-14 22:03:16 -05:00
Kiffin Gish 3aa22715af A new guard for changing post timestamps called can_change_post_timestamps? 2016-11-06 20:14:09 +01:00
Neil Lalonde 764a572070 FIX: when subcategories with the same name exist, filtering by tags might use the wrong subcategory 2016-11-02 15:29:33 -04:00
Neil Lalonde 29edbafac7 FIX: post short link on subfolder installs 2016-11-01 15:20:04 -04:00
Neil Lalonde 9ef1688a76 FEATURE: per-category default topic list sort order 2016-11-01 12:18:41 -04:00
Neil Lalonde 8c9d390cac FIX: Tags used only on deleted topics could not be used again 2016-10-28 15:11:50 -04:00
Régis Hanol 71f940d478 FIX: use metadata to hold the message_id with sparkpost 2016-10-27 19:35:50 +02:00
Dmitry Demenchuk fb25485bb1 Delete useless home_redirect method from ForumsController. 2016-10-27 15:45:22 +01:00
Régis Hanol 41f19641d1 FIX: don't error out when we receive a bounce associated to a deleted user 2016-10-26 10:13:05 +02:00
Régis Hanol 81e2a0099f FIX: ensure the group 'everyone' is never shown when using a different locale 2016-10-24 10:53:31 +02:00
Guo Xiang Tan ee9946388c Merge pull request #4507 from ming-relax/feat-delete-by-email
Remove user from a group by user email
2016-10-24 11:28:27 +08:00
Sam 9a94d1b212 FIX: everyone is not a visible group 2016-10-24 13:03:22 +11:00
Robin Ward 19e2eec219 Allow step 0 to resend the confirmation email 2016-10-21 11:34:19 -04:00
Sam bfa33f2518 Merge pull request #4500 from tgxworld/performance_on_users_page
PERF: Remove ordering by username.
2016-10-21 10:40:58 +11:00
Robin Ward c03d25f170 FEATURE: Configure Admin Account
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.

Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Ming HU dffd8baa91 Remove user from a group by user email 2016-10-18 17:10:47 +08:00
Régis Hanol 3949c24f80 FIX: sparkpost webhooks support 2016-10-17 11:26:49 +02:00
Guo Xiang Tan 18d032ad91 PERF: Remove ordering by username.
* Ordering by username results in a very expensive query
for very little upside UX wise.
2016-10-15 01:13:58 +08:00
Sam f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Neil Lalonde 0328141e05 FIX: prevent creation of tags with invalid characters 2016-10-12 15:44:36 -04:00
Régis Hanol ddcc084d22 Revert "FEATURE: Use the top period default for users who have been inactive or are new" 2016-10-11 17:56:46 +02:00
cpradio 2de50a616d FEATURE: Use the top period default for users who have been inactive or are new 2016-10-11 09:55:15 -04:00
Sam 6031e692f0 Merge pull request #4366 from xfalcox/print
Print Support
2016-10-11 11:47:20 +11:00
Sam f6ac914376 Merge pull request #4467 from cpradio/advanced-search-ui
FEATURE: Advanced Search UI
2016-10-11 10:02:35 +11:00
Sam 3e513f5c05 Merge pull request #4459 from vibol/master
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Neil Lalonde 600b23c0a4 FIX: permalink redirects should work on tag paths 2016-10-04 12:01:42 -04:00
cpradio 4b71fd253b Advanced Search UI
Properly support Categories so it updates the search box correctly

Use category id, as it is more consistent with search results than using the slugs, especially for parent/subcategory

Added Status

Improve AutoComplete so it can receive updates
Added the ability for AutoComplete to receive updates to badge-selector and group-selector

Respect null, which is set via web-hooks

Support both # and category: for category detection.

Only update the searchedTerms if they differ from its current value (this helps the Category Selector receive updates)

Opt in receive updates (#3)

* Make the selectors opt-in for receiving updates

* Opt-in to receive updates

* Fix category detection for search-advanced-options

Fix eslint error

Update user-selector so it can receive updates live too
Make the canReceiveUpdates check validate against 'true'

Converted to use template literals

Refactor the regex involved with this feature
Split apart the init to make it a bit more manageable/testable

Switch the category selector to category-chooser, so it is a dropdown of categories instead of auto-complete

Reduce RegEx to make this happier with unicode languages and reduce some of the complexity
2016-10-04 11:18:01 -04:00
Robin Ward f62d01ff1b FIX: Clear the session after a reset token was used 2016-09-30 12:20:23 -04:00
Guo Xiang Tan 1c3992e575 FIX: Ensure that translations bundle exists before merging plugin bundle. 2016-09-30 14:29:30 +08:00
Vibol Hou c3d60d5d1d Merge remote-tracking branch 'upstream/master' 2016-09-29 02:12:05 -07:00
Guo Xiang Tan 72ccb4e11d FIX: Plugin "admin_js" translations bundle was not fetched. 2016-09-29 04:42:26 +08:00
Vibol Hou 34af73c7cb FEATURE: sparkpost webhook 2016-09-26 22:13:34 -07:00
Rafael dos Santos Silva 0229df4c73 Second review fixes 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva 2a5a0bebb3 Adjusts from review 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva acc70cc3de SiteSetting, admin passtrough, CSS, hide on mobile 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva 6faedfa716 Rate limit printing 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva c12e533273 Feature: Adds a button to print a topic 2016-09-26 20:44:50 -03:00
Guo Xiang Tan 4e663998af PERF: N+1 query on user summary page. 2016-09-23 12:44:08 +08:00
Robin Ward 7f66cf618c FIX: You should be an admin to do the wizard 2016-09-22 11:12:51 -04:00
Robin Ward 29cf47cfb2 Track steps the user has completed, nag them to finish it. 2016-09-22 09:52:19 -04:00
Robin Ward 35b767f6af Company Name Step which updates the TOS 2016-09-22 09:52:19 -04:00
Robin Ward 28b6c300a0 Clean up wizard updater API for better plugin use 2016-09-22 09:52:19 -04:00
Robin Ward af83c8dc14 Upload Logos Step 2016-09-22 09:52:19 -04:00
Robin Ward c94e6f1b96 Add locale step 2016-09-22 09:52:19 -04:00
Robin Ward 9f12b571ef Wizard: Server Side Validation + Finished Step 2016-09-22 09:52:19 -04:00
Robin Ward 3a4615c205 Wizard: Step 1 2016-09-22 09:48:58 -04:00
Robin Ward 0471ad393c Scaffold for new Wizard - Rails / Ember / Tests 2016-09-22 09:48:58 -04:00
Robin Ward 6070939daa Support for other i18n bundles 2016-09-22 09:48:58 -04:00
Guo Xiang Tan 9374e5d42d Revert "FIX: don't overwrite category's logo & background URLs"
This reverts commit 641b95f655.
2016-09-22 11:30:19 +08:00
Régis Hanol 641b95f655 FIX: don't overwrite category's logo & background URLs 2016-09-21 22:11:31 +02:00
Guo Xiang Tan 547750e9dd Unify API keys and web hooks into a single admin nav header. 2016-09-20 05:22:03 +08:00
Robin Ward 2766b2edc3 FIX: Allow redirection for slugs that start with digits 2016-09-19 13:31:19 -04:00
Erick Guan 00d5facf36 FEATURE: prompts new webhook events 2016-09-19 12:07:17 +08:00
cpradio 2eddeab66b Escape the hyphen 2016-09-16 19:07:46 -04:00
cpradio 0d2d8797b6 FIX: Backup validation wasn't escaping hyphens 2016-09-16 15:20:42 -04:00
Sam 75f3f7fcbd FEATURE: clean API method for reading a single notification 2016-09-16 16:14:15 +10:00
Guo Xiang Tan 512922d776 SECURITY: Add filename validation for backup uploads. 2016-09-16 11:58:14 +08:00
Sam e6fcaadd45 FIX: redirects back to origin for SSO and omniauth login 2016-09-16 13:48:50 +10:00
Sam 25a82e7d22 PERF: only publish notification state if we changed it
also publish seen_notification_id so we can tell what is new and what is old
cleanup controller so it correctly checks user
fix bug around clearing notification when people click mark read
2016-09-16 12:02:19 +10:00
Guo Xiang Tan b0752b1f91 FIX: Don't bypass validations. 2016-09-15 10:15:17 +08:00
Sam 2d859ba0ed FIX: user api should always be available to staff 2016-09-12 15:42:06 +10:00
Arpit Jalan 19ddf95efa FIX: add custom invite email templates 2016-09-08 00:54:48 +05:30
Erick Guan 9ce61b4586 FEATURE: Webhooks. 2016-09-05 18:44:00 +08:00
Guo Xiang Tan aabb7a8592 FIX: DiscourseEvent should not be triggered from within the controller. 2016-09-05 15:58:04 +08:00
Sam 1d281e02c7 id is optional if already specified in header 2016-09-02 17:08:46 +10:00
Sam be0fd5b4cc FEATURE: allow user api key revocation for read only keys 2016-09-02 17:04:00 +10:00
Régis Hanol e064e6f7a3 FEATURE: new 'categories_and_latest' endpoint 2016-08-29 22:47:44 +02:00
Sam 0303080586 we do not define auth providers for builtins 2016-08-29 11:12:24 +10:00
Sam 22b8c0d44e FIX: fullscreen login set from client needs to be respected 2016-08-29 10:13:51 +10:00
Neil Lalonde 2251104e32 FEATURE: avatar flair can be font awesome icons 2016-08-26 17:15:37 -04:00
Sam ca79c4b276 stop eating up push_urls 2016-08-26 13:23:06 +10:00
Sam 2b15919aee missing spot where old api was used 2016-08-26 10:58:34 +10:00
Sam eaf87f0770 FIX: correctly handle api key so it uses current user provider 2016-08-26 10:39:13 +10:00
Arpit Jalan bfefda06f6 FIX: handle embed count when topic not found 2016-08-25 07:12:20 +05:30
Neil Lalonde 50a8eb1810 Merge pull request #4405 from gdpelican/fix/intersection-pagination
FIX: Don't join on tags unnecessarily when matching all tags
2016-08-24 14:45:15 -04:00
Robin Ward c3a3aff120 FEATURE: Support for a whitelist for embeddable host paths 2016-08-23 14:56:12 -04:00
Sam 691f739f11 better error handling
push notifications imply read access, no need for a special permission
2016-08-23 16:48:00 +10:00
Régis Hanol 2690ef7050 prefix setting with 'desktop_' since it's only used for desktop 2016-08-22 23:43:42 +02:00
Régis Hanol d06e2793aa fix logic for when to include topics in category list 2016-08-22 23:11:08 +02:00
Régis Hanol 4d6028ea2d UX: new 'category_page_style' site setting 2016-08-22 23:01:43 +02:00
James Kiesel 386b8b8498 Don't join on tags unnecessarily when matching all tags 2016-08-19 10:37:32 -05:00
Régis Hanol eb953c0904 FIX: /categories page on mobile 2016-08-19 01:47:00 +02:00
Neil Lalonde a644602612 FIX: infinite scrolling of topic list when filtered to one tag 2016-08-18 16:36:30 -04:00
Régis Hanol 6d1d7b7c8f UX: new /categories layout 2016-08-17 23:23:16 +02:00
Neil Lalonde d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Sam 79c1d3459b line was there twice 2016-08-17 17:03:48 +10:00
Sam 91b72936c4 Normalize away a requested push if for some reason we can not push there 2016-08-17 16:44:38 +10:00
Sam b4dfb84f37 PERF: stop doing work for HEAD requests on topics 2016-08-17 10:04:23 +10:00
Sam a25a8115e8 FEATURE: support HEAD request to /user-api-key/new
This allows us to cleanly sniff to find if it exists
2016-08-17 09:58:19 +10:00
Sam 416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Sam b7cea24d76 FEATURE: more user API flow, support key creation 2016-08-16 17:06:52 +10:00
Sam 0b334cdf74 FIX: stop removing query params from destination url in sso 2016-08-16 17:06:52 +10:00
Neil Lalonde 3b792054f2 Merge pull request #4387 from gdpelican/feature/tags-intersection
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
James Kiesel 037e9bb7b8 Support any number of tag intersections 2016-08-15 15:30:17 -04:00
Sam fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
James Kiesel 7e73b933c7 First pass 2016-08-12 15:28:46 -04:00
Sam 7e4503dd99 FEATURE: basic info route for all sites, even ones that require login
This information is public in meta tags already on home page, providing a
route allows consumers to check it way more cheaply
2016-08-12 17:10:35 +10:00
Sam afaba56de3 FEATURE: missing API endpoint for topic tracking states 2016-08-12 17:10:35 +10:00
Robin Ward 429f27ec96 SECURITY: Avoid mass assignment on user create 2016-08-05 11:57:13 -04:00
Neil Lalonde 5f67cd7b45 FIX: tag input detects when a tag is not allowed and won't offer to create it anyway 2016-08-03 13:18:56 -04:00
Guo Xiang Tan bf683178a8 FIX: Remove tag plugin code from tag hashtag check. 2016-08-02 10:59:12 +08:00
Régis Hanol 681f566a66 FIX: staff members should be able to see raw email of deleted posts 2016-08-01 23:55:22 +02:00
Neil Lalonde 1f12e41029 FIX: query for tag with no sub-categories 2016-07-28 16:59:00 -04:00
Neil Lalonde 82e170d6a6 FIX: 404 when filtering by category, no sub-category, and a tag 2016-07-28 16:19:03 -04:00
Neil Lalonde 77847f0d46 FIX: meta description tags for tags 2016-07-28 11:49:23 -04:00
Robin Ward 2f8ab8cd30 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 11:38:12 -04:00
Guo Xiang Tan 36ddb1787e FEATURE: Add toggle topic visibility button in popup menu. 2016-07-28 16:57:04 +08:00
Sam c6dbaca0dc SECURITY: disable user entered badge SQL by default
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Sam cb3afd11b4 SECURITY: limit route access when using external avatars 2016-07-28 09:00:43 +10:00
Régis Hanol 6dac9075dc new 'convert_pasted_images_quality' site setting 2016-07-27 19:59:44 +02:00
Régis Hanol be099bb637 only convert pasted images to HQ jpg when it's at least 5% smaller 2016-07-27 19:55:13 +02:00
Andre Pereira 8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Neil Lalonde 3c0df3510a FIX: tags index should show all tags belonging to a category even if they have never been used 2016-07-26 16:04:11 -04:00
Régis Hanol 749b981759 FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting 2016-07-25 23:01:28 +02:00
Neil Lalonde ece4fa82c9 FIX: add canonical link to tags topic lists 2016-07-25 16:16:19 -04:00
Neil Lalonde 11b3b5e30a FIX: when topic list is filtered by tag and category, subsequent page fetches would ignore the category filter 2016-07-25 16:16:18 -04:00
Régis Hanol d2e22ab215 extract bounce scores into site settings 2016-07-25 17:27:28 +02:00
Sam df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Neil Lalonde 7c092b0fe0 FEATURE: add filter to show topics that have not been tagged 2016-07-20 16:21:51 -04:00
Neil Lalonde a74606c87c PERF: tag groups index query 2016-07-15 17:16:26 -04:00
Régis Hanol 7b6d946613 FIX: searching received emails for TO was broken 2016-07-13 22:43:25 +02:00
Guo Xiang Tan 5fed886c8f FIX: Update post replies when we move posts. (#4324) 2016-07-13 17:34:21 +02:00
Sam 4161ee210a FEATURE: improved tag and category watching and tracking
- present tags watched on the user prefs page
- automatically watch or unwatch old topics based on watch status

New watching and tracking logic takes care of handling old topics
(either with or without read state)

When you watch a topic you now watch historically

Also removes confusing warnings from user.
2016-07-08 12:58:30 +10:00
Robin Ward 1eb64151f6 User interface for watching first post 2016-07-07 11:21:50 -04:00
Régis Hanol c104e4c022 allow avatars up to 1000px 2016-07-05 18:49:33 +02:00
Guo Xiang Tan f256e3afb6 Merge pull request #4297 from tgxworld/handle_user_enabled_readonly_mode
Handle user enabled readonly mode
2016-07-05 19:54:32 +08:00
Guo Xiang Tan 22ade1f811
FEATURE: Add event trigger when a user is logged out. 2016-07-04 17:20:30 +08:00
Sam 0c6d8e155c Merge pull request #4300 from NuckChorris/patch-2
Log RecordInvalid when verbose_sso_logging enabled
2016-07-01 14:12:06 +10:00
Guo Xiang Tan 904d9735ab
Refactor desktop notifications to be more modular. 2016-07-01 00:11:32 +08:00
Peter Lejeck e265b7b090 Log RecordInvalid when verbose_sso_logging enabled 2016-06-29 22:12:25 -07:00
Neil Lalonde 99e88ce39f FIX: n+1 query when fetching tag groups 2016-06-29 18:41:22 -04:00
Guo Xiang Tan 64858c10fe
FIX: Set a not expiring key for user enabled readonly mode. 2016-06-29 15:10:01 +08:00
Guo Xiang Tan 20359788dc
Rename `SiteSetting#use_https` to `force_https`. 2016-06-29 15:02:43 +08:00
Guo Xiang Tan e221414935
PERF: Remove N+1 queries on user messages page. 2016-06-29 09:30:54 +08:00
Sam 1411eedad3 FEATURE: offer to unwatch categories when unwatching category 2016-06-28 18:34:20 +10:00
Robin Ward ccf9b70671 When restoring a backup, disable emails.
This prevents accidental sending of emails after a restore before
the admin has had a chance to review everything.
2016-06-24 17:15:15 -04:00
Arpit Jalan 3232ce8265 FIX: better error message when trying to approve post for closed/deleted topic 2016-06-24 15:11:45 +05:30
Régis Hanol 5bfc9cf69e Allow API to create staged users 2016-06-23 12:27:05 +02:00
Régis Hanol 2ecd0da59f REFACTOR: use same code path for handling emails via API and POP 2016-06-22 15:50:49 +02:00
Sam 2d425892c4 FIX: update list of invited users after inviting 2016-06-21 16:01:29 +10:00
Régis Hanol 7fca6f502f fix and improve image downsizing algorithm 2016-06-20 12:35:07 +02:00
Sam 8866169879 FEATURE: can invite/revoke groups on private messages 2016-06-20 16:29:27 +10:00
Sam 7edf7b590f SECURITY: restrict constantize classes in search controller 2016-06-17 13:47:34 +10:00
Sam dd1a184955 Correct mailing list mode unsubscribe 2016-06-17 11:57:23 +10:00
Sam 852860de66 FEATURE: simpler and friendlier unsubscribe workflow
- All unsubscribes go to the exact same page
- You may unsubscribe from watching a category on that page
- You no longer need to be logged in to unsubscribe from a topic
- Simplified footer on emails
2016-06-17 11:28:49 +10:00
Régis Hanol 49f8a2baa7 FEATURE: support for mandrill webhooks 2016-06-13 12:32:14 +02:00
Guo Xiang Tan 95a013784f Merge pull request #4260 from jamescook/james/replace-certain-gsub-with-tr
Replace certain uses of 'gsub' with 'tr' / 'chomp' for a speed improvement
2016-06-13 18:25:38 +08:00
Sam e66c51fd85 correct regression where clicking on unlisted topics does not work 2016-06-12 16:36:38 +10:00
James Cook c0e25b5a9a Replace certain uses of 'gsub' with 'tr' or 'chomp' for a speed
improvement
2016-06-10 22:08:37 -05:00
Sam 3015030fe2 FIX: unlisted topics do not get "slug auto correct" logic 2016-06-10 10:53:26 +10:00
Neil Lalonde a6090339a7 FEATURE: tag group options: limit usage of one tag per group, tags in a group can't be used unless a prerequisite tag is used 2016-06-09 16:01:19 -04:00
Régis Hanol 214e25f1b5 use proper 'Message-Id' field 2016-06-09 00:33:13 +02:00
Robin Ward 9a81115c1c FIX: Duplicate link shouldn't happen on edit 2016-06-08 17:22:23 -04:00
Régis Hanol 3e3538d603 loosen security a bit on mailgun's webhook 2016-06-08 22:38:38 +02:00
Neil Lalonde a49ace0ffb FEATURE: ability to restrict tags to categories using groups 2016-06-07 15:36:20 -04:00
Robin Ward 431179dd25 FEATURE: Prompt users when they are entering duplicate links 2016-06-07 14:47:22 -04:00
Robin Ward 6aaa484baa REFACTOR: Move composer messages to store 2016-06-07 14:47:22 -04:00
Arpit Jalan 4253141700 FEATURE: custom email message for topic invites 2016-06-07 23:43:15 +05:30
Arpit Jalan b1a94049e0 FIX: only staff can access 'resend all invites' feature 2016-06-07 10:57:08 +05:30
Arpit Jalan a9c6df198c FEATURE: rate limit resend invites 2016-06-07 10:24:20 +05:30
Jeff Atwood 5c3e36aec2 Merge pull request #4252 from techAPJ/invite-email-improvements
FEATURE: customize invite email message
2016-06-06 14:24:39 -07:00
Neil Lalonde f3f6c2f98f FEATURE: tag groups 2016-06-06 14:18:48 -04:00
Régis Hanol fe595f1653 FEATURE: mailjet webhook 2016-06-06 19:47:45 +02:00
Arpit Jalan 7b205ebba4 FEATURE: customize invite email message 2016-06-06 20:15:30 +05:30
Arpit Jalan c4e1ad0953 FEATURE: Resend all pending invitations 2016-06-03 12:23:13 +05:30
Régis Hanol 9704603fab FEATURE: sendgrid webhooks 2016-06-01 21:48:06 +02:00
Neil Lalonde deb93044b4 FEATURE: new tags can be created from the "edit category" modal when defining the set of permitted tags 2016-05-31 17:27:22 -04:00
Neil Lalonde 2c78bea5a0 FIX: could not remove tags from a category 2016-05-31 17:27:22 -04:00
Neil Lalonde a6aab00663 FEATURE: show category-to-tag relationships on tags index page 2016-05-31 17:27:22 -04:00
Neil Lalonde 6796b15857 FEATURE: restrict tags to be used in a category 2016-05-30 16:56:33 -04:00
Régis Hanol 116efffdaa FEATURE: webhooks support for mailgun 2016-05-30 17:11:17 +02:00
Neil Lalonde 3d5716a2c8 FIX: tag input doesn't show staff-only tags to non-staff 2016-05-26 18:03:50 -04:00
Neil Lalonde f13470b96b Use db schema for tags instead of plugin store and custom fields 2016-05-26 14:29:48 -04:00
Neil Lalonde 2293fca012 FEATURE: after category name is changed, URLs with old category slug and tag filter will redirect to new category slug 2016-05-24 16:16:32 -04:00
Arpit Jalan f387dfe226 FIX: mixed case group mentions were not getting highligted in composer 2016-05-22 18:32:49 +05:30
Steve Kemp 8f8ad3fe4a Allow an (optional) post-creation time to be submitted. (#4205)
* Allow an (optional) post-creation time to be submitted.

This should allow a new post to be created with an initial
date/time specified by the caller, which will be useful for
people writing importers..

* Only allow `created_at` to be submitted via the API.

This addresses the previous concern.
2016-05-22 10:54:03 +02:00
Régis Hanol 6137bb46d3 FIX: a User is *not* a Topic 2016-05-14 10:06:29 +02:00
Régis Hanol 1e57bbf5c8 Lots bounce emails related fixes
- Show bounce score on user admin page
- Added reset bounce score button on user admin page
- Only whitelisted email types are sent to emails with high bounce score
- FIX: properly detect bounces even when there is no TO: header in the email
- Don't desactivate a user when reaching the bounce threshold
2016-05-06 19:34:33 +02:00
Robin Ward 89e506551a
Add body class to `account-created` route 2016-05-05 14:37:09 -04:00
Neil Lalonde c1aded8b64 FIX: crawler view of tags index page 2016-05-03 16:10:12 -04:00
Arpit Jalan 82daf93eb3 Merge pull request #4206 from techAPJ/convert-topic
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-04 01:33:15 +05:30
Robin Ward 664f1913c8
FIX: Don't include hidden posts in embedded comments 2016-05-03 15:01:20 -04:00
Régis Hanol 8e611ec7a1 FEATURE: handle bounced emails 2016-05-02 23:15:32 +02:00
Arpit Jalan acfb540952 FEATURE: move a topic from PM to regular topic or vice versa 2016-05-02 21:34:05 +05:30
Neil Lalonde e5918c7d00 FEATURE: Merge tagging plugin into core 2016-04-27 11:58:53 -04:00
Arpit Jalan 74b3807f60 FEATURE: new bootstrap mode settings for brand new Discourse community (#4193)
* FEATURE: new bootstrap mode settings for brand new Discourse community

* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
Sam 0b6d12f95d FIX: when no notification state exists on topic, mute on unsubscribe 2016-04-25 11:24:52 +10:00
Sam 7ee11b0508 more logging, add referer 2016-04-25 10:48:36 +10:00
Rafael dos Santos Silva bbe642070e App Banner Support for Android Chrome (#4103)
* App Banner Support for Android Chrome

* Oops, forgot semicolon;
2016-04-20 10:54:01 -04:00
Régis Hanol 7d9f2265b9 FIX: improve support for handling emails coming from screened email addresses 2016-04-18 23:01:54 +02:00
Sam 9e50f36c50 Merge pull request #4137 from cpradio/add-warning-to-flag
FEATURE: Add warning input to flag dialog when notifying a user
2016-04-15 16:23:22 +10:00
Régis Hanol 379bfac36d Merge pull request #4010 from riking/patch-sitelinks
FEATURE: Add /search discovery
2016-04-14 10:35:13 +02:00
Robin Ward 5518141ad5
Option for verbose logging when API calls to create posts fail 2016-04-12 12:10:48 -04:00
Guo Xiang Tan 983d64fd56 PERF: N+1 query on badges index. 2016-04-12 17:45:02 +08:00
Régis Hanol 7783ba46fc remove /error endpoint 2016-04-11 20:43:24 +02:00
Robin Ward cc25716e47 FIX: Allow message format translations to be overridden 2016-04-08 14:49:50 -04:00
Thorben Egberts cf8b3fbd56 FEATURE: add user custom fields to user card
The user's custom fields are now displayed on the user card. This has to be enabled for each custom field in the custom field settings. See https://meta.discourse.org/t/custom-user-fields-on-usercard/22662/
2016-04-08 14:35:41 +02:00
Sam 19ca08857f FEATURE: verbose SSO logging
By enabling the site setting verbose_sso_logging
you can log information every time a user tries initiates SSO
and during SSO failures
2016-04-08 11:20:01 +10:00
Guo Xiang Tan 4e7e4cee7d PERF: Rendering crawler's template is expensive. 2016-04-07 16:28:31 +02:00
Sam a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Sam 8ec7fd84fd FEATURE: prioritize sidekiq jobs
This commit introduces 3 queues for sidekiq

"critical" for urgent jobs (weighted at 4x weight)
"default" for standard jobs(weighted at 2x weight)
"low" for less important jobs


"critical jobs"

Reset Password emails has been seperated to its own job
Heartbeat which is required to keep sidekiq running
Test email which needs to return real quick


"low priority jobs"

Notify mailing list
Pull hotlinked images
Update gravatar

"default"

All the rest

Note: for people running sidekiq from command line use

bin/sidekiq -q critical,4 -q default,2 -q low
2016-04-07 12:56:43 +10:00
Régis Hanol a5d8dfb07e FIX: don't hardcode maximum file size 2016-04-06 22:51:28 +02:00
Régis Hanol 2b9e8e5a7d Merge pull request #4147 from cpradio/default_top_timeframe
FIX: Use default top setting when user is return or enough data exists for Top Page Results
2016-04-06 18:33:56 +02:00
Neil Lalonde 56e47c8d7e FEATURE: report on admin dashboard when favicon is failing to load 2016-04-05 14:42:32 -04:00
cpradio c5bb1d1cfe Return default top setting as part of best_periods_for to see if it can be used 2016-04-05 14:27:18 -04:00
Régis Hanol d402a45781 FIX: hitting '/t/:id/posts.json' should return the first page of posts 2016-04-05 19:12:14 +02:00
Régis Hanol 841f36b058 FIX: automatically unstage user when signing in using OAuth 2016-04-04 19:04:10 +02:00
Régis Hanol 79639e2dec FIX: ensure group's users counters are kept in sync 2016-04-04 17:03:18 +02:00
cpradio 95fa340601 Added spec tests 2016-04-03 19:44:14 -04:00
cpradio b4f4cf794b Add warning input to flag dialog
Added isWarning property
pass is_warning along to post_action
Added is_warning to possible arguments to receive from post_actions route
Only show warning checkbox for staff
Only permit the is_warning argument if the user is staff
2016-04-03 18:48:39 -04:00
Arpit Jalan 13fa0f8cf8 FIX: only show regular posts in RSS feed 2016-03-31 21:34:53 +05:30
Arpit Jalan 41208b99a1 FEATURE: RSS feed for user posts and topics 2016-03-31 20:24:05 +05:30
Régis Hanol 0bf001ccd7 FIX: badge grant count wasn't filtered to the current user in the user summary 2016-03-30 23:11:00 +02:00
Sam ed750cac39 FIX: if badges are disabled badge pages should 404 2016-03-29 17:21:32 +11:00
Kane York f2ddd44712 FEATURE: Add /search discovery
The opensearch.xml results in a "site search engine" being added to
Chrome, while the sitelinks search tag results in "Search this website"
being added to Google Search.
2016-03-28 15:07:59 -07:00
Guo Xiang Tan 6d64b6d39f FIX: Query for category hashtag should be case sensitive. 2016-03-28 11:15:10 +08:00
Guo Xiang Tan 9a5ded48cf FIX: Return a proper error message when sync sso fails. 2016-03-26 13:30:15 +08:00
Arpit Jalan da2f1fda15 FIX: increase read_timeout when downloading avatar 2016-03-24 17:40:03 +05:30
Robin Ward f0552af5f1 FIX: Don't log validation errors for sso 2016-03-23 14:44:34 -04:00
Régis Hanol 39863953cd new 'enable_staged_users' site setting 2016-03-23 18:56:03 +01:00
Robin Ward 4180e207c3 FIX: Crazy large ids should not raise exceptions 2016-03-23 12:13:47 -04:00
Arpit Jalan c54dc4a8d9 FIX: update RSS description for public/private posts 2016-03-21 18:45:16 +05:30
Arpit Jalan 34469e725b FEATURE: separate API endpoints for public and private posts 2016-03-21 18:21:15 +05:30
Régis Hanol 2a5b339be8 Merge pull request #4099 from xfalcox/add-to-homescreen-android
Better Add to Homescreen on Android
2016-03-21 10:23:08 +01:00
Rafael dos Santos Silva c4da6ed88b Better Add to Homescreen on Android
Adds standalone screen, and top-bar color and background color on splash screen
2016-03-20 22:18:40 -04:00
Aryan Raj c3507a3242 Fix: Added underscore to my_redirect regex 2016-03-20 13:00:56 +05:30
Arpit Jalan a7eec3da5c FIX: blank search was broken 2016-03-18 23:38:45 +05:30
Arpit Jalan bd83cf7f4c FEATURE: add group posts and mentions RSS 2016-03-18 22:29:10 +05:30
Robin Ward 5d4ee2ca1d FEATURE: Warn a user when they have few likes remaining 2016-03-18 11:30:29 -04:00
Robin Ward 1fba835d4f FIX: Use a logging table for daily likes given. Use it for badges. 2016-03-18 11:18:54 -04:00
Sam 50f7616d04 FIX: include pinned status in search results 2016-03-18 16:26:20 +11:00
Sam 84d234a98a Merge pull request #4076 from scossar/locale-from-header-setting
FEATURE: add site setting for setting locale from header
2016-03-17 07:53:20 +11:00
Robin Ward 06591022fe FEATURE: Generous badge 2016-03-15 16:08:29 -04:00
scossar 0cbeda8414 add site setting for setting locale from header 2016-03-14 16:18:19 -07:00
Arpit Jalan ff12b5bf57 FIX: newly created categories were not showing up 2016-03-14 23:17:02 +05:30
Arpit Jalan 89248580dc FEATURE: revert post to a specific revision 2016-03-11 02:46:55 +05:30
Robin Ward 5fcd5002c4 FIX: Saving a user field as `required` didn't work the first time 2016-03-09 15:34:48 -05:00
Robin Ward 5771d2aee2 SECURITY: Support for confirm old as well as new email accounts 2016-03-08 14:52:22 -05:00
Robin Ward d62689fa76 Move updating a user's email to its own controller 2016-03-08 14:52:22 -05:00
Régis Hanol 031146a821 FIX: ensure email in address insn't used it both Groups & Categories 2016-03-08 20:52:04 +01:00
Neil Lalonde df413737d2 FIX: render About page for web crawlers 2016-03-07 15:28:11 -05:00
Régis Hanol 622d804d46 FEATURE: Add rejection message on rejected IncomingEmail
FIX: Better RateLimit description in rejected IncomingEmail
FEATURE: Send email when hitting a rate limit
2016-03-07 16:56:17 +01:00
Arpit Jalan 05288144b5 FIX: export user list based on trust level filter 2016-03-07 18:49:31 +05:30
Sam fe6ea48123 Merge pull request #4038 from markbiegel/instagram-login
FEATURE: Instagram OmniAuth login methods
2016-03-07 14:05:07 +11:00
Sam Saffron a656a672a1 FIX: Don't limit the count of badges to 96 2016-03-05 10:57:32 +11:00
Sam Saffron 7598037080 Only pull in gem if it is being used, remove middleware 2016-03-04 23:17:14 +11:00
Régis Hanol 1135d2094a Merge pull request #4006 from scossar/set-locale-from-header
Feature: (WIP) Set locale from Accept-Language header
2016-03-04 09:12:30 +01:00
Arpit Jalan 36f82aa68c FEATURE: enforce admin password validation when signing up via developer email 2016-03-04 00:28:47 +05:30
Régis Hanol f3c868e7bb run the BackupChunksMerger job in 5 seconds 2016-03-03 12:01:13 +01:00
Arpit Jalan 01e1bb53f1 FEATURE: add RSS feed for top topics 2016-02-29 23:46:36 +05:30
Arpit Jalan 8f62a0caa8 FEATURE: log backup operation 2016-02-27 23:33:18 +05:30
Sam 610954ecce Merge pull request #4035 from tgxworld/dont_return_500_when_plugin_is_disabled
Return 404 instead 500 when plugin is disabled.
2016-02-27 16:55:50 +11:00
Sam e8d4935a2c Merge pull request #4039 from tgxworld/follow_redirects_when_downloading_favicon
FIX: Follow redirects when downloading favicons.
2016-02-27 16:40:00 +11:00
scossar 0a396583ed set locale for anonymous from header
set locale on signup

update spec

add locale option
2016-02-26 13:45:00 -08:00
Sam Davies b2f4659792 Pass discourse username to TopicRetriever from embed controller
When you specify `discourse_username` param on the embed URL, it should
translate to creating the post with that username.

This commit ensures that this is now the case.
2016-02-25 13:02:25 +00:00
Guo Xiang Tan 62011a252f FIX: Follow redirects when downloading favicons. 2016-02-25 11:50:34 +08:00
Guo Xiang Tan e8de80de98 FIX: Default to first page when page params is an array. 2016-02-25 11:32:58 +08:00
Ubuntu 5c603bf8ec Added Instagram login method 2016-02-25 12:13:59 +10:00
Régis Hanol 0a84275800 missed a couple of newlines in the logs 2016-02-24 23:35:45 +01:00
Régis Hanol 97c7b894ce better logs when an error happens in SSO 2016-02-24 21:57:01 +01:00
Guo Xiang Tan a3fa80847e Return 404 instead 500 when plugin is disabled. 2016-02-24 17:09:30 +08:00
Arpit Jalan d77511319e show monthly top topics on 404 page 2016-02-24 13:46:55 +05:30
Arpit Jalan 1253afdf95 FIX: invite link should not auto-accept invitation if user is already logged in 2016-02-23 19:49:58 +05:30
Régis Hanol 4d981cec53 FIX: don't try to optimize large PNGs (takes too much time) 2016-02-22 12:57:24 +01:00
Sam 4c0a40f2b0 FIX: publish notification state when notifications are read
(this clears green and blue bubbles)
2016-02-22 12:24:51 +11:00
Neil Lalonde 97130463d6 FEATURE: show a new modal when suspended users try to log in 2016-02-19 12:19:20 -05:00
Neil Lalonde 283ff4c7f8 move code for bulk adding users to a group from controller to model 2016-02-18 14:03:08 -05:00
Sam 3829c78526 PERF: shift most user options out of the user table
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded

New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
Régis Hanol 63b9d1c645 FIX: sends an email notifcation when a user's post is linked 2016-02-16 18:29:23 +01:00
Régis Hanol bf96025507 link email logs to the post that generate the email notification when available 2016-02-16 16:35:57 +01:00
Sam dd6ebde824 FIX: Always ensure notifications are treated as read once clicked
UX: improve messaging so notifications list is far more stable
PERF: improve performance of notifcation lookup queries

- Add feature "SetTransientHeader" that allows shipping info to server
   in the next Ajax request
- remove local storage hack used for notifications
- amend lookupStale to return hydrated objects, move logic into store
- stop magically clearing various notifications (likes, invitee accepted, group_summary, granted badge)
2016-02-15 19:29:47 +11:00
Régis Hanol 91bb38626c FEATURE: new incoming email details modal 2016-02-10 22:00:27 +01:00
Erick Guan 35142847ba FIX: Prepend the user id before username in admin user routes 2016-02-09 15:14:13 +01:00
Sam Saffron b0567f9c62 FEATURE: automatically sync "move to inbox" / "archive" state on messages 2016-02-07 23:39:07 +11:00
Arpit Jalan eec8436cfe FEATURE: filter admin reports via user group 2016-02-04 11:23:49 +05:30
Régis Hanol cf4c256b17 FEATURE: new 'raw email' modal when listing rejected emails 2016-02-01 21:41:49 +01:00
Arpit Jalan 74f22f95da FEATURE: log admin/moderator grant/revoke action 2016-01-27 15:39:04 +05:30
Arpit Jalan 0064927077 FIX: do not allow new email to be duplicate
FIX: return proper error message when email already exists
2016-01-23 13:42:53 +05:30
Neil Lalonde 685ba1eb7f FEATURE: blocked users can send and reply to private messages from staff 2016-01-22 12:54:24 -05:00
Régis Hanol 74b5d063f9 FIX: enabling suppress_from_homepage should only remove the category from the homepage 2016-01-20 17:55:58 +01:00
Régis Hanol f61537bc16 Merge pull request #3952 from gdpelican/unsubscribe-via-email
Unsubscribe via email
2016-01-20 14:38:14 +01:00
James Kiesel c7283751a3 Unsubscribe via email 2016-01-20 22:25:25 +13:00
Sam Saffron 7303f8f309 FEATURE: first pass at user summary page 2016-01-20 15:14:25 +11:00
Neil Lalonde 9ad226aaa8 FEATURE: add email query param to login, signup, and password-reset URLs to prefill form 2016-01-19 16:53:46 -05:00
Régis Hanol 3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Sam ca3e2b4da3 FEATURE: you can not drill down and see why you have badges
Clicking on badges filters down the list to a particular user.
2016-01-18 17:59:20 +11:00
Guo Xiang Tan a055c37939 Merge pull request #3956 from tgxworld/fix_clashing_slug
FIX: Clashing category slug.
2016-01-18 10:15:13 +08:00
Arpit Jalan 380764dc92 FIX: validate email when changing via user preferences page 2016-01-16 10:50:49 +05:30
Régis Hanol 825a01cec3 fix the build 2016-01-15 12:34:28 +01:00
Régis Hanol c9c6b09f36 FIX: allow staff members to edit staged users preferences 2016-01-15 12:16:00 +01:00
Neil Lalonde 1aa68e085e don't hide all a user's posts when staff manually blocks them 2016-01-14 15:20:26 -05:00
Guo Xiang Tan c60e360c90 FIX: Clashing category slug. 2016-01-13 15:32:29 +08:00
Arpit Jalan e676974f16 Merge pull request #3953 from techAPJ/wiki
FEATURE: allow users to wikify their own posts based on trust level
2016-01-13 09:53:33 +05:30
Régis Hanol e2744fc19f FIX: adding the 'contains_messages' column back 2016-01-12 12:06:51 +01:00
Régis Hanol 8049dfdfda CLEANUP: remove 'contains_messages' leftover 💩 2016-01-12 11:29:26 +01:00
Sam 65e808b26d FEATURE: go to inbox after archiving a message 2016-01-12 15:49:05 +11:00
Arpit Jalan 06bac23e5f FEATURE: allow users to wikify their own posts based on trust level 2016-01-12 08:44:25 +05:30
Régis Hanol 98c0fac461 FEATURE: add small action post when adding/removing users in messages 2016-01-11 12:42:06 +01:00
Neil Lalonde c7df6783a9 FIX: only invalidate password reset links using javascript 2016-01-04 11:48:54 -05:00
Guo Xiang Tan c1dbf5c1c4 FEATURE: Autolinking to category using hashtags. 2016-01-05 00:12:24 +08:00
Jeff Atwood e1f90d12f1 formally remove IE9 support 2016-01-02 23:49:52 -08:00
Faisal Abbas f2480aa81f FIX: When 410 is received, display proper error message instead of generic. 2015-12-30 17:18:32 +05:00
Sam 736cbf3d2d FEATURE: add parameter that allows you to filter directory items on user
adding ?username= will filter directory_items.json by the username
2015-12-30 15:00:00 +11:00
Sam a4587b18f5 FEATURE: allow users to archive messages from message page 2015-12-30 13:26:39 +11:00
Robin Ward d1ebb9d0b5 FIX: I18n Fallbacks were not applying correctly 2015-12-23 12:09:18 -05:00
Sam 03ea0bfe22 FEATURE: allow users to archive messages
Messages are now in 3 buckets

- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with

You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly

Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
Sam Saffron 00342faff9 FIX: use default favicon if a bad favicon is specified 2015-12-22 18:08:27 +11:00
Arpit Jalan 4c86758f74 FIX: show proper message on invite error 2015-12-20 22:13:37 +05:30
Sam 63076a841e Merge branch 'refactor_user_page' 2015-12-20 16:50:33 +11:00
Sam a8b5192efd FEATURE: User page refactor
Re-organise user page so it is easier to find interesting info
split it into tabs

- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
Arpit Jalan 4c967d11b4 FEATURE: log site text changes 2015-12-18 19:42:06 +05:30
Sam 8baf5bb40d FIX: not proxying protocol-less urls 2015-12-17 13:21:09 +11:00
Sam 36fa57f145 Use a real placeholder avatar for all bad avatar links 2015-12-16 14:02:09 +11:00
Sam db7c878f3d correct bad logic 2015-12-16 13:40:34 +11:00
Sam a0e38a52ed PERF: proxy avatars locally when stored on s3
this avoids a nasty redirect
2015-12-16 13:18:38 +11:00
Régis Hanol 15c229195f FEATURE: notification_level on a per-group basis 2015-12-14 23:17:09 +01:00
Sam 8cf4d52cb6 FEATURE: split up group PMS on user page 2015-12-10 11:39:33 +11:00
Sam 564eada45a PERF: limit number of user actions retrieved to a saner page size 2015-12-09 16:23:15 +11:00
Robin Ward d22a479c61 FIX: Error filtering for overidden values with no query 2015-12-08 12:49:37 -05:00
Régis Hanol 3aa5129f54 FEATURE: allow group members to see all messages on group page 2015-12-07 23:19:33 +01:00
Régis Hanol a37d575d7d FEATURE: new 'My Groups' messages filter in user page 2015-12-07 18:37:03 +01:00
Régis Hanol 578f606a1a add 'incoming_email' to groups 2015-12-07 12:39:28 +01:00
Sam 7917316f6f FEATURE: display warning on top of composer for group mentions
If users attempt to mention a group that is "mentionable" display a warning
informing them that people will be notified.
2015-12-04 13:41:07 +11:00
Sam 9899e8d4a5 FEATURE: First class messages to groups, you can select a group as a target of a message 2015-12-02 15:49:43 +11:00
Sam d1a5d8ea62 FEATURE: show group mentions and topics in groups page 2015-12-01 16:52:43 +11:00
Robin Ward b0b85725ad If a search for a translation is exactly the value, prioritize it 2015-11-30 15:31:30 -05:00
Robin Ward de88be2fbc Support for "Only show overridden" in site text customization 2015-11-30 15:25:08 -05:00
Sam f6390c8ad6 correct bad merge 2015-11-30 17:12:51 +11:00
Sam ad3dd161e7 FEATURE: first class group mentions built in
If you allow a group to be mentioned it can be mentioned with the @ symbol.

Keep in mind as a safety mechanism max_users_notified_per_group_mention is set to 100
2015-11-30 17:08:43 +11:00
Régis Hanol 16b3d26d7b allow staff members to view staged accounts user card/profile 2015-11-27 20:02:24 +01:00
Régis Hanol 76692235ae FIX: don't ever fetch staged accounts in unseen mentions 2015-11-27 18:16:50 +01:00
Robin Ward 5e93140f85 FEATURE: Can override any translation via an admin interface 2015-11-27 11:35:19 -05:00
Régis Hanol ba0df7e4cd rename 'is_support' to 'contains_messages' 2015-11-26 18:40:54 +01:00
Régis Hanol 9ef8397164 new Category.is_support attribute 2015-11-26 18:31:24 +01:00
Régis Hanol 09bfe49254 FIX: don't automagically downsize uploaded images that are larger than 10MB
FIX: don't optimize GIFs since ImageOption was disabled for GIFs (too slow)
2015-11-26 18:16:47 +01:00
Sam d41a8a21cc FIX: show letter avatars even if NGINX is not running in Dev mode 2015-11-25 14:42:46 +11:00
Arpit Jalan 362c515f33 FEATURE: compose a new pre-filled message via URL 2015-11-24 18:55:45 +05:30
Sam c70bb0c032 we got to clean up js debugging, its busting caching. 2015-11-22 01:20:39 +11:00
Robin Ward 1506eba28d Support for overriding client side translation keys 2015-11-20 17:14:01 -05:00
Robin Ward e82145cbf9 Fix broken spec 2015-11-20 14:27:30 -05:00
Robin Ward 5056de1d8a FIX: Never show less than 0 replies when embedding 2015-11-20 13:06:00 -05:00
Robin Ward 8eeb027c65 Can revert changes to email templates 2015-11-20 12:30:21 -05:00
Robin Ward f5b34d5f53 FEATURE: Admin interface for editing email templates 2015-11-19 16:39:34 -05:00
Robin Ward 3720783c1b Refactor to our own Discourse I18n backend
This removes some monkey patches and makes testing easier.
It will also support database backed I18n changes.
2015-11-13 16:35:02 -05:00
Régis Hanol 43614439e6 FEATURE: can take over a staged account 2015-11-13 19:07:28 +01:00
Arpit Jalan a682ec9444 FIX: handle private category permission error 2015-11-13 23:22:05 +05:30
Robin Ward 3939331dec FIX: Staff was getting 500 when editing post in deleted topic 2015-11-13 11:35:23 -05:00
Régis Hanol 16f509afb9 FIX: enforce 'allow_uploaded_avatars' & 'sso_overrides_avatar' server-side 2015-11-12 10:26:45 +01:00
Arpit Jalan 6243a7ad07 UX: show login screen when anon tries to unsubscribe topic 2015-11-11 11:53:24 +05:30
Régis Hanol 7d3be0f8f1 forgot password on a staged account does nothing 2015-11-09 17:37:33 +01:00
Régis Hanol d541018bb2 FIX: automagic image downsizing wasn't working for GIFs... 2015-11-09 15:09:08 +01:00
Sam Saffron 6dd4bc7d57 FEATURE: support group owner, capable of controlling group membership
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members

Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
Leo McArdle fe5264f9e9 filter by username in email digest preview
adds a user prompt on the email digest preview page to generate a preview for a particular user
also fixes some broken styling on the page
2015-10-30 18:11:38 +00:00
Arpit Jalan 106cb9874a FIX: show 404 page when user is logged out and navigates to private message 2015-10-30 17:41:55 +05:30
Robin Ward a9823ab59a FIX: Use a cookie to bypass the anon cache 2015-10-28 17:16:56 -04:00
Robin Ward db5379508e FIX: Don't show an anonymous cache if there is a flash 2015-10-28 15:12:05 -04:00
Régis Hanol bb79e6aff7 FEATURE: new hide_user_profiles_from_public site setting 2015-10-28 19:56:08 +01:00
Robin Ward 23371b026d FIX: Don't raise an error if you try to assign a group that exists 2015-10-28 12:21:54 -04:00
Robin Ward 46ca66771b FIX: Better error message for resending activation. Don't limit staff. 2015-10-27 16:25:30 -04:00
Robin Ward 47e25648df FEATURE: Change user groups in bulk via admin 2015-10-26 15:57:30 -04:00
Arpit Jalan c28843e87b FIX: redirect to return_url when working as SSO provider 2015-10-25 11:30:38 +05:30
Arpit Jalan 49edffd3c3 FEATURE: support linking to a specific revision of a topic/post 2015-10-19 14:31:29 +05:30
Sam dfe3ecb914 PERF: disable prepared statements
see: https://github.com/rails/rails/issues/21992
2015-10-19 14:02:22 +11:00
Sam dc859beff3 FEATURE: add handle_mail admin route
you can post full email payloads to this endpoint /admin/email/handle_mail
2015-10-19 08:33:24 +11:00
Régis Hanol 06b799bfbf Merge pull request #3857 from gdpelican/fix-for-untopiced-posts
Don't error on posts#latest if a post does not have a topic
2015-10-16 14:59:36 +02:00
James Kiesel 695b366a03 Don't error on posts#latest if a post does not have a topic 2015-10-16 14:44:48 +03:00
Régis Hanol d75cc67d86 FIX: robots.txt should be accessible even when login is required 2015-10-15 11:42:41 +02:00
Robin Ward a527c58c7d UX: Show a nicer "Log In" screen if the user follows `/my/preferences` 2015-10-14 13:39:31 -04:00
Robin Ward d66a545dd2 FIX: `/my/preferences` should prompt users to log in 2015-10-14 12:40:13 -04:00
Robin Ward 7802757306 FIX: Username for topic creation is required 2015-10-13 16:33:26 -04:00
Sam b6c2aa13e6 clean up implementation of non frame login / registration 2015-10-13 14:49:09 +11:00
Sam b3aebca406 FEATURE: allow auto provider to specify "full screen login"
this feature means we attempt to log in without opening a frame.
2015-10-13 12:23:34 +11:00
Neil Lalonde 3ef16a7711 FIX: permalinks redirect on subfolder installs could add the subfolder to the url twice 2015-10-12 16:54:53 -04:00
cpradio 8cabc14099 FEATURE: Allow default period to be set for Top Page 2015-10-06 12:04:31 -04:00
Neil Lalonde dd0a7107a8 FIX: canonical urls for category and topic pages was wrong when deployed to subfolder 2015-10-01 12:24:07 -04:00
Sam 6f43b575a8 FEATURE: no need to cap new and unread together anymore
- leave unread alone
- cap new at 500 per site, with a site setting
2015-10-01 17:17:15 +10:00
Robin Ward 33e58c0587 FIX: You can click to see your own PMs from flags
Also refactors post action users to be a new object type since they can
have `post_url` which is not a field of a `User`
2015-09-30 12:28:55 -04:00
Robin Ward 0f7aaf5ab1 Revert "FIX: paginated category and topic pages should not have canonical tag"
This reverts commit ecd93f7efb.
2015-09-29 17:22:28 -04:00
Arpit Jalan ecd93f7efb FIX: paginated category and topic pages should not have canonical tag 2015-09-29 17:23:49 +05:30
Arpit Jalan 193f04842e FIX: permalinks should work for Discourse categories 2015-09-27 12:14:04 +05:30
Sam 8da8999aa1 Revert "FIX: properly filter badges when they're on a whisper"
This reverts commit 6b07575632.
2015-09-25 10:20:47 +10:00
Sam 2422289c8b FIX: whispers should not be revealed in reply to, or reply expansion
FEATURE: mark whisper as experimental
FIX: badges should never apply to whispers
2015-09-25 10:16:19 +10:00
Régis Hanol 6b07575632 FIX: properly filter badges when they're on a whisper 2015-09-25 00:30:29 +02:00
Robin Ward 3620c8c85e Move descriptions for rate limiting errors into the exception 2015-09-24 13:52:46 -04:00
Régis Hanol 36309e50cc Merge pull request #3767 from tgxworld/track_user_profile_views
Track user profile views
2015-09-23 11:38:18 +02:00
Régis Hanol ed717ccb6e Merge pull request #3794 from tgxworld/add_web_manifes
FEATURE: Add web manifest for Chrome users.
2015-09-23 11:35:14 +02:00
Régis Hanol 1aad58b642 Merge pull request #3781 from tgxworld/feature_log_category_settings
Feature log category settings
2015-09-23 11:34:08 +02:00
Sam a0524ea4d1 FIX: render canonical URLs 2015-09-22 09:37:52 +10:00
Guo Xiang Tan 71eab8f4df FEATURE: Add web manifest for Chrome users. 2015-09-21 10:34:03 +08:00
Régis Hanol a3831a7003 FIX: uploading an animated user card/profile background was converted to a still image 2015-09-20 22:01:03 +02:00
Robin Ward e7af8d2239 FIX: Queued Posts should be ordered by `created_at` 2015-09-18 13:11:57 -04:00
Robin Ward cc516d3be0 Merge pull request #3743 from sitepoint/topic-embed-info
Add embed/info endpoint for TopicEmbed queries
2015-09-18 11:00:01 -04:00
Kane York c9e4745fe8 FIX: Return 410 Gone for deleted topics you could otherwise see 2015-09-18 00:14:43 -07:00
Guo Xiang Tan f39b9124b6 FEATURE: Log staff actions for Category changes. 2015-09-18 10:53:08 +08:00
Régis Hanol 07e7b07b63 FIX: refreshing gravatar wasn't working 2015-09-17 19:42:44 +02:00
Arpit Jalan f2c1dbaa68 FIX: return 422 if the invite is already redeemed 2015-09-16 17:30:00 +05:30
Guo Xiang Tan 7acc93b2a0 FEATURE: Track user profile views. 2015-09-16 14:48:31 +08:00
Jude Aakjaer 9cca510944 Add embed/info endpoint for TopicEmbed queries 2015-09-16 03:22:24 +00:00
Sam 8cb9c348f6 live posts counts is only available to logged in users 2015-09-16 12:27:05 +10:00
Neil Lalonde b4a724e80a FEATURE: export dashboard reports to csv file 2015-09-15 16:45:10 -04:00
Robin Ward 91f3e8e724 For now, restrict whispering to staff only. 2015-09-15 12:29:32 -04:00
Arpit Jalan 607265fc28 FEATURE: add users to group via email 2015-09-15 12:36:44 +05:30
Robin Ward 5af0f5f80e FEATURE: Whisper posts 2015-09-11 14:05:21 -04:00
Régis Hanol 18d7c1c75d fix the build - take 2 2015-09-11 15:47:48 +02:00
Régis Hanol 93f9dcfcec FIX: don't overwrite custom uploaded avatar when selecting gravatar
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
Régis Hanol 0c58f08207 FIX: profile picture selector 2015-09-11 15:10:56 +02:00
Sam 6437cd0341 FEATURE: add support for generic external avatar services
This changes it so we only ship an avatar template down to the client
it has no magic, all it knows is how to plug in size
2015-09-11 15:10:56 +02:00
Régis Hanol 2742602254 FEATURE: support for external letter avatars service 2015-09-11 02:12:40 +02:00
Régis Hanol e43034f08f Revert "FEATURE: SVG letter avatars (based on @eviltrout's spike)"
This reverts commit cd77465788.
2015-09-11 00:23:52 +02:00
Régis Hanol cd77465788 FEATURE: SVG letter avatars (based on @eviltrout's spike) 2015-09-11 00:11:48 +02:00
Sam e13ed24122 FEATURE: on mobile take users to full page search
UX: improve styling on full page search page
FEATURE: allow search context in full page search
FEATURE: visited color link for full page search
FIX: broken search help on fulls page search page
FEATURE: allow preload store to return a null
FEATURE: "mobileAction" for the header buttons
2015-09-08 11:04:03 +10:00
Régis Hanol 5dca462b5a Merge pull request #3721 from riking/patch-1
FEATURE: Include topic title, category in posts.json
2015-09-07 10:22:25 +02:00
Sam 335be272ff FEATURE: implement capping of new/unread
We cap new and unread at 2/5th of SiteSetting.max_tracked_new_unread

This dynamic capping is applied under 2 conditions:

1. New capping is applied once every 15 minutes in the periodical job, this effectively ensures that usually even super active sites are capped at 200 new items

2. Unread capping is applied if a user hits max_tracked_new_unread,
  meaning if new + unread == 500, we defer a job that runs within 15 minutes that will cap user at 200 unread

This logic ensures that at worst case a user gets "bad" numbers for 15 minutes and then the system goes ahead and fixes itself up
2015-09-07 12:03:17 +10:00
Kane York 342eba4374 FEATURE: Category reordering dialog 2015-09-06 16:53:52 -07:00
Robin Ward 32e2d7963a FEATURE: Show FAQ at top of the hamburger until the user reads it 2015-09-04 16:56:02 -04:00
Kane York 27ee8bea95 FIX: Remove N+1 queries in posts.json 2015-09-04 13:36:47 -07:00
Robin Ward 73dba5af38 FIX: Notifications when no limit is provided 2015-09-02 15:48:41 -04:00
Robin Ward e624b7198d Try to estimate the amount of notifications to return based on height 2015-09-02 14:30:18 -04:00
Régis Hanol a501947d67 FEATURE: suppress categories from the homepage 2015-09-02 20:25:18 +02:00
Kane York 32e5016dbb FEATURE: Include topic title, category in posts.json 2015-09-01 17:46:06 -07:00
Sam 0a46ec9c50 Merge pull request #3519 from fullfatthings/fix_sso_redirect_when_login_required
Respect cookie[:destination_url] in Single Sign On
2015-09-02 10:32:18 +10:00
Neil Lalonde 1bd0f5b015 FEATURE: group can grant a trust level when a user is added 2015-09-01 16:52:12 -04:00
Robin Ward 9f50f70670 UX: Return more notifications in the user menu 2015-09-01 16:23:23 -04:00
Arpit Jalan eb96016043 FEATURE: copy invite link for topic invites 2015-08-31 21:15:15 +05:30
Neil Lalonde 43c62d413c FIX: similar topics api shouldn't return error if params are below minimum lengths 2015-08-31 10:54:45 -04:00
Arpit Jalan 4ad07b8c09 FEATURE: generate invite token 2015-08-28 18:29:31 +05:30
Neil Lalonde cc2dc4d550 FEATURE: the notice asking admins to get discussion started will update with live counts of topics and posts 2015-08-27 17:28:40 -04:00
Régis Hanol 96c23d51a2 FIX: don't break the message bus when restoring a backup 2015-08-27 20:02:13 +02:00
Sam 4e37bcc3e2 Add extra safety 2015-08-25 12:05:15 +10:00
Sam 2c59ad3dd3 FIX: favicon update broken when favicon lived on a CDN 2015-08-25 11:54:23 +10:00
Arpit Jalan 99edcddafb FEATURE: show pending/redeemed invite count in tabs 2015-08-25 01:12:46 +05:30
Régis Hanol 73624e63c5 FIX: revoke any api keys when suspending an user 2015-08-23 22:33:37 +02:00
Arpit Jalan 91519fdfe7 FIX: do not persist error message 2015-08-24 00:29:58 +05:30
Sam 2b9ca0de8b Merge pull request #3678 from tgxworld/allow_admin_to_change_timestamp
FEATURE: Allow admin to change timestamp of topic.
2015-08-21 10:34:37 +10:00
Robin Ward 146f2eab7f Can edit settings on the embedding page 2015-08-20 15:56:05 -04:00
Robin Ward d1c69189f3 FEATURE: Can edit category/host relationships for embedding 2015-08-20 15:56:04 -04:00
Régis Hanol eafeec51a5 FIX: don't show current topic when moving posts to another topic 2015-08-19 21:40:43 +02:00
Kane York 94439ebddd FIX: Tighter rate-limit for post self-deletions 2015-08-18 12:50:45 -07:00
Régis Hanol 4c2df814de FIX: ensure a file is present when creating an upload 2015-08-18 11:39:51 +02:00
Robin Ward 9f75870d99 Merge pull request #3661 from b-studios/preserve-user-field-options
Preserve user-field options when updating user-fields
2015-08-17 13:43:35 -04:00
Jonathan Brachthaeuser c0e88724c2 Preserve user-field options when updating user-fields
Avoid deleting options of the user-field when no options are
transmitted.
2015-08-17 19:01:20 +02:00
Régis Hanol 827ea641b0 FIX: Use File.size instead of IO.size 2015-08-17 18:57:28 +02:00
Guo Xiang Tan c7a21b7c23 FEATURE: Allow admin to change timestamp of topic. 2015-08-17 00:00:05 +08:00
Régis Hanol 23a5c6444a FIX: move topic links and quoted posts extraction to the PostRevisor 2015-08-14 19:33:32 +02:00
Guo Xiang Tan 1a245656e0 FIX: HTML not being stripped in description meta tag. 2015-08-14 10:00:07 +08:00
Régis Hanol 6669a2d94d FEATURE: per-topic unsubscribe option in emails 2015-08-12 23:00:16 +02:00
Régis Hanol ffbaf8c542 FEATURE: automatically downsize large images 2015-08-12 18:33:13 +02:00
Dan Singerman 8055d065f2 Refactor ApplicationController#redirect_to_login_if_required to use session for SSO 2015-08-11 16:48:55 +01:00
Dan Singerman 7056db26e6 Respect cookie[:destination_url] in Single Sign On
When the login_required setting is true, the destination URL is dropped. This change means it will be
respected at login time
2015-08-11 16:31:28 +01:00
Robin Ward 7fffd483f8 Fix deprecations with site text, upgrade to ES6 / store 2015-08-10 10:21:04 -04:00
Robin Ward bd631e343a FEATURE: Can create stylesheets for embedded comments 2015-08-10 10:21:04 -04:00
Robin Ward 0932e82508 Refactor Customizations to have deeper URLs 2015-08-10 10:21:04 -04:00
Sam bafdf9290d FIX: don't let blocked users reach post creator or new post queue
correct broken spec
2015-08-06 10:32:53 +10:00
Sam 01ad88f1ed FEATURE: min_first_post_typing_time
If a user spends less than 3 seconds typing
first post they will automatically enter the approval queue
2015-08-04 10:57:34 +10:00
Sam 7b8b96446e FEATURE: track statistics around post creation
- how long were people typing?
- how long was composer open?
- how many drafts were created?
- correct, draft saved to go away after you continue typing

store in Post.find(xyz).post_stat
2015-08-03 14:29:15 +10:00
Robin Ward cf91bca0cd FIX: Small actions should show descriptions on the user stream 2015-07-31 14:25:49 -04:00
Robin Ward aa6f792ce1 FEATURE: Custom orders for user fields 2015-07-30 14:53:13 -04:00
Robin Ward 9911e92e24 Merge pull request #3609 from riking/patch-7
FEATURE: Localization fallbacks
2015-07-30 10:44:29 -04:00
Régis Hanol faf4f44776 FEATURE: make pin expiration mandatory 2015-07-29 16:34:21 +02:00
Régis Hanol 9e2632badd FIX: title translation for crawlers 2015-07-29 15:39:20 +02:00
Robin Ward 5f45e5361f FIX: Moderation actions can have their messages removed 2015-07-28 16:58:56 -04:00
Robin Ward dc8a68fd29 FEATURE: New "Dropdown" user field type 2015-07-28 12:30:21 -04:00
Arpit Jalan d6069e8c90 UX: fix container layout 2015-07-28 13:58:30 +05:30
Sam 41ceff8430 UX: move search to its own route
previously search was bundled with discovery, something that makes stuff confusing internally
2015-07-27 16:47:06 +10:00
Sam 0c267e5952 maintain exact old behavior 2015-07-24 09:44:16 +10:00
Sam 719f558746 multisite fix, allow show through (security is handled in the controller) 2015-07-24 09:41:46 +10:00
Sam 3a54923116 FIX: permalink normalization not applied at constraint
implement permalink import for lithium
2015-07-22 13:40:45 +10:00
Sam 4491813d22 Revert "Revert "PERF: optimise query that gathers topic tracking state""
This reverts commit 909be09f1a.
2015-07-21 21:48:07 +10:00
Sam 909be09f1a Revert "PERF: optimise query that gathers topic tracking state"
This reverts commit 343e417a55.
2015-07-21 17:35:50 +10:00
Sam 343e417a55 PERF: optimise query that gathers topic tracking state
(this query runs on the front page to figure out new and unread topics)
2015-07-21 17:14:30 +10:00
Arpit Jalan 5fc7545c01 UX: include more details on Permalinks page 2015-07-17 21:39:23 +05:30
Arpit Jalan dc90c396f2 FEATURE: manage Permalinks 2015-07-17 01:26:02 +05:30
Kane York ecfa17b5a7 FEATURE: Localization fallbacks (server-side)
The FallbackLocaleList object tells I18n::Backend::Fallbacks what order the
languages should be attempted in. Because of the translate_accelerator patch,
the SiteSetting.default_locale is *not* guaranteed to be fully loaded after the
server starts, so a call to ensure_loaded! is added after the locale is set for
the current user.

The declarations of config.i18n.fallbacks = true in the environment files were
actually garbage, because the I18n.default_locale was
SiteSetting.default_locale, so there was nothing to fall back to. *derp*
2015-07-15 10:17:36 -07:00
Régis Hanol b0802abae2 FIX: crop & optimize user background profile/card images 2015-07-15 17:15:43 +02:00
Kane York 2a897a8a6b SECURITY: Remove email validation check bypass
- Increase size of email column to varchar(513)
 - Give error message on signup when email is too large

Overall impact: Low, allows signups from blocked domains. Main risk is increased spam.
2015-07-13 15:36:17 -07:00
Arpit Jalan e0c9054748 FEATURE: invite page tabs 2015-07-13 09:42:51 +05:30
Neil Lalonde 782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Doug 5e615ef26e Fixed bug that caused substrings of reserved usernames to be treated as reserved. 2015-07-06 23:54:25 -07:00
Robin Ward be664857be Merge pull request #3585 from riking/patch-3
FEATURE: Reserved usernames
2015-07-03 10:02:24 -04:00
Robin Ward 7676c5dfe7 Can add topic templates to categories, prepopulated on compose 2015-07-03 10:01:46 -04:00
Kane York df988a20eb FEATURE: Reserved usernames
A list of usernames that will be blocked from being used to sign up.
2015-07-01 13:50:55 -07:00
Robin Ward 6422d5efbd Use the same component for similar topics as search results. 2015-06-24 15:08:22 -04:00
Robin Ward b4960d48b4 Better support for passing up errors when OmniAuth fails after auth 2015-06-24 12:12:43 -04:00
Régis Hanol f18098fd9b FEATURE: category dropdown in admin reports 2015-06-24 15:19:39 +02:00
Sam b052179ae6 Merge pull request #3163 from rcfox/fix-by-external
Allow periods in the external_id value used in the /users/by-external route.
2015-06-24 13:07:12 +10:00
Sam 65ac5b6475 Merge pull request #3562 from riking/no-index
Add noindex directive on unlisted topics
2015-06-23 15:50:53 +10:00
Robin Ward 76bfd723f6 Merge pull request #3482 from riking/patch-3
Import/Export site customizations
2015-06-22 14:03:07 -04:00
Kane York 2f0bd6294c Add noindex directive on unlisted topics 2015-06-22 11:00:39 -07:00
Régis Hanol efb02ae561 FIX: take into account unlisted banners 2015-06-22 14:08:30 +02:00
Sam 41e427bd2e Work in progress, full page search 2015-06-22 18:09:08 +10:00
Konstantin Ilchenko 131cf643ce FIX: Allow api to send uploads with :url 2015-06-21 14:54:59 +03:00
Robin Ward 4e898c604e UX: Update suggested topics to include topic status + category 2015-06-18 15:53:10 -04:00
Sam f26eee8431 FEATURE: add username to NGINX logs 2015-06-16 17:43:53 +10:00
Arpit Jalan d37c2a2c98 Merge pull request #3550 from techAPJ/patch-1
FIX: new-topic URL should survive login redirection
2015-06-16 07:19:42 +05:30
Sam 690f4a4c37 add X so it shows up at the end of chrome 2015-06-16 10:27:42 +10:00
Sam 9b8b1d0034 FEATURE: add special header that names the action for the request 2015-06-16 09:54:44 +10:00
Régis Hanol 1ac3941130 FEATURE: allow API to upload files synchronously 2015-06-15 16:12:15 +02:00
Arpit Jalan d1632c1dbd FIX: new-topic URL should survive login redirection 2015-06-14 20:24:47 +05:30
Régis Hanol 189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron c58b495e15 SECURITY: Query @usernames in bulk
Otherwise you could add many requests at once while composing.
2015-06-11 13:03:49 -04:00
Robin Ward ae277e28a6 FEATURE: Allow embedding topics without creating them, by id 2015-06-09 16:24:20 -04:00
Sam Saffron e3fa27a01c FEATURE: serialize and update category custom_fields
- send to client
- update from client
2015-06-10 06:13:36 +10:00
Robin Ward 7b6d6b76eb FEATURE: Multiple embeddable hosts
- Also refactors two site settings components into one, with tests
2015-06-09 13:25:43 -04:00
Arpit Jalan 71ee84f848 FEATURE: latest posts RSS feed 2015-06-09 21:45:06 +05:30
Robin Ward 5da5269652 FIX: Bad page title for categories view by google crawler 2015-06-08 12:07:35 -04:00
Arpit Jalan 74141cc475 FIX: send 404 error when unauthorized user tries to download user archive 2015-06-08 11:32:31 +05:30
Sam Saffron 4409a3072d FEATURE: we need admin login always 2015-06-05 18:43:59 +10:00
Régis Hanol 81a699e2b0 better support for mixed content 2015-06-01 17:49:58 +02:00
Sam Saffron 9787cb07aa FIX: when missing a static topic we were returning an error 2015-06-01 11:40:52 +10:00
Sam fc2a08731a FIX: sso_not_approved_url not working correctly 2015-05-30 13:19:07 +10:00
Régis Hanol 80a108e3cf FIX: don't break user avatars route 2015-05-29 19:19:41 +02:00
Régis Hanol acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Régis Hanol 0483f05154 make sure we pass in the user_id when creating avatar thumbnails 2015-05-29 18:11:19 +02:00
Régis Hanol cb025a65e0 FIX: make sure we also save the user_avatar.custom_upload_id 2015-05-29 10:21:41 +02:00
Régis Hanol c3227b69fa FIX: proper support for pixel ratios up to 3 2015-05-29 09:57:54 +02:00
Sam bddbf70697 FIX: order post_actions by date 2015-05-28 16:16:36 +10:00
Sam bb3fb37650 FIX: when uploading same file was pasted into multiple composers 2015-05-28 15:08:54 +10:00
Neil Lalonde ea8cf1a208 FIX: topic auto-close uses the client's time zone 2015-05-27 18:01:46 -04:00
Sam 02fa7448ca FEATURE: custom url to redirect to on account pending approval for sso 2015-05-27 14:06:45 +10:00
Sam a988cd5abe FIX: redirect to CDN avatar for s3 avatars 2015-05-27 12:02:57 +10:00
Sam 918034aa7b remove less useful error reporting 2015-05-27 11:17:28 +10:00