Commit Graph

332 Commits

Author SHA1 Message Date
Neil Lalonde 4c166942ad FEATURE: Invite admin api has an optional param send_email which can prevent sending an email to the invited user. The api will return the password reset url so that the caller can send an email with it instead. 2015-01-02 15:48:54 -05:00
Régis Hanol 9932bea7ce FEATURE: default emoji override 2014-12-25 17:58:15 +01:00
Arpit Jalan bb152a5b3f FEATURE: download user posts archive 2014-12-24 15:13:48 +05:30
Sam ba68eee20b FIX: stable ordering for site customisations 2014-12-23 13:03:48 +11:00
Sam f23eb475a4 FEATURE: remove override stylesheet option, too confusing 2014-12-23 13:03:48 +11:00
Régis Hanol 45dbdb6896 FEATURE: custom emojis 2014-12-23 01:12:26 +01:00
Arpit Jalan 42cbe6ef2a FEATURE: export csv for all the logs 2014-12-11 23:33:26 +05:30
Blake Erickson 1d0eccf710 Have activate user return json
- Change activate user from admin controller to return json
- Test that it returns json
- Remove unnessary test from log_out spec

This commit was created so that when you activate a user through the api
it returns a json response.
2014-12-08 11:16:57 -07:00
Lourens Naudé fb60daa867 Introduce support for dumping Rails process heap at the end of a benchmark run 2014-12-07 22:55:37 +00:00
Blake Erickson bdc92eec70 Have log_out method return json.
This commit helps improve the discourse_api experience so that we can
check the json response if it was a success or not. This commit also
checks that a 404 is sent instead of a 500 if a bad user_id is passed
in.
2014-12-01 06:03:25 -07:00
Régis Hanol 5b90ceb71d FEATURE: rolls up 1.2.*.* IP ranges when number of entries > 10 2014-11-27 19:29:30 +01:00
Robin Ward 257bde8e2b FEATURE: "Suspect" users list in admin. 2014-11-26 13:58:16 -05:00
Régis Hanol 7b0ae702e7 FEATURE: log a new staff action when rolling up banned IP addresses 2014-11-24 19:48:54 +01:00
Régis Hanol d3d517108d FIX: display total number of other accounts with the same IP address in the IP lookup dialog 2014-11-24 19:34:04 +01:00
Régis Hanol 7b1c001932 FIX: limit other accounts deletion to 50 accounts otherwise it'll feel too slow 2014-11-24 18:05:40 +01:00
Régis Hanol 1023191315 FEATURE: roll up function for 123.456.789.* ranges 2014-11-24 17:25:48 +01:00
Sam 1c498eb491 FEATURE: API endpoint for inviting an admin 2014-11-24 15:42:56 +11:00
Sam 490cd6f539 Merge pull request #2989 from jmay/group-admin-incremental
API addition: HTTP PATCH support for /groups/xxx: incremental membership changes
2014-11-24 11:50:51 +11:00
Arpit Jalan 7455e81b31 sort screened IPs by match_count 2014-11-22 01:41:59 +05:30
Arpit Jalan 515882d224 FEATURE: export screened IPs list in a CSV file 2014-11-22 00:59:48 +05:30
Jason W. May 6f8119ebb8 Merge branch 'master' into group-admin-incremental 2014-11-21 10:04:05 -08:00
Jason W. May 98404d19c5 check that `changes` param is present 2014-11-21 10:03:29 -08:00
Sam d53b4ab5bc Merge pull request #2979 from techAPJ/patch-1
FEATURE: log out user everywhere and refresh/redirect
2014-11-21 16:59:44 +11:00
Régis Hanol b8d806ee07 FEATURE: delete all accounts from this IP in the IP lookup modal 2014-11-20 19:59:20 +01:00
Jason W. May 50de22801f API addition: HTTP PATCH support for /groups/xxx: incremental membership changes 2014-11-20 09:29:56 -08:00
Sam 6b10c4dc54 add support for hidden api keys, used in hosting scenarios 2014-11-20 15:38:20 +11:00
Robin Ward 87cd5dbcb7 Merge pull request #2985 from techAPJ/patch-3
remove /download from csv file url
2014-11-19 14:10:34 -05:00
Arpit Jalan aebf36c356 remove /download from csv file url 2014-11-20 00:34:38 +05:30
Arpit Jalan c84b51d4ae FEATURE: show exact error for test email 2014-11-19 22:58:59 +05:30
Arpit Jalan eb9eada894 FEATURE: log out user everywhere and refresh/redirect 2014-11-19 12:34:34 +05:30
Régis Hanol ec76be964e UX: better footer handling 2014-11-10 21:51:55 +01:00
Régis Hanol bb2d538194 FEATURE: log impersonations 2014-11-06 10:58:47 +01:00
Robin Ward fde5e739c9 Work in progress (up till about?) 2014-11-05 12:39:25 -05:00
Régis Hanol b09ad87098 FIX: add 'show emails' button from moderators in user admin section 2014-11-03 12:46:08 +01:00
Sam 59cc2476a1 Merge pull request #2933 from techAPJ/patch-1
trivial update to allow api endpoint for sync_sso
2014-10-30 21:39:54 +11:00
Arpit Jalan fb750af659 trivial update to allow api endpoint for sync_sso 2014-10-30 15:30:44 +05:30
Régis Hanol 6e053942a4 FIX: moderators should be able to search users by email 2014-10-29 22:08:41 +01:00
Sam 7d6d8bd0a3 FEATURE: admin end point to sync sso /admin/users/sync_sso
Must be admin to invoke (api is fine too), uses same sso payload nonce is ignored
2014-10-28 11:25:21 +11:00
Régis Hanol 10094a0bcd FIX: resolve flags as good when deleting a spam user 2014-10-20 16:59:06 +02:00
Robin Ward 0cbdf6f5bb FIX: Many bugs with admin badges interface
* Editing a badge's title would show it as changed in the side even if
  you didn't hit save

* Clicking a badge would not scroll to the top

* If there was an error saving a badge there was a missing i18n key

* URLs were using queryParams instead of paths

* User `label` tags for checkboxes for larger click targets

* Saved! text would persist when viewing another badge

* After creating a new badge it would show nothing

* Validation errors were not being properly released to the client

* Query errors were surrounded by an extra array
2014-10-17 16:14:49 -04:00
Robin Ward 2322586131 FIX: Saving a field as not required was actually making it required
until you edited it.
2014-10-14 17:21:34 -04:00
Régis Hanol 5504622c1b rename export/import in favor of backup/restore for better consistency 2014-10-10 20:04:07 +02:00
Robin Ward f9a8f6d6ce FEATURE: Support for a `required` setting on user fields. 2014-10-08 15:10:19 -04:00
Régis Hanol c46b9c0ac3 FIX: allow admins to search users by email 2014-10-07 12:05:38 +02:00
Robin Ward 381814fd5d Adds support for a description to user fields. 2014-10-02 15:56:52 -04:00
Robin Ward edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
Sam 0fc6c751cb FEATURE: implement lock/unlock trust level mechanics 2014-09-30 13:16:34 +10:00
riking bff95a6a97 Rename 'leader' -> 'tl3' 2014-09-30 13:16:34 +10:00
riking c8111ada6e FEATURE: Allow admins to lock users from TL3 promotion/demotion
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
Robin Ward 0fc0533134 FEATURE: Admin interface for adding custom fields for users 2014-09-25 16:17:51 -04:00
Robin Ward bc53d48bd7 Renaming site contents to site text 2014-09-24 16:08:14 -04:00
Sam 9428ad779f FIX: send content length with backups 2014-09-23 09:25:53 +10:00
Régis Hanol 79030c874e FIX: allow staff members to restore withdrawn posts that are flagged 2014-09-09 20:26:40 +02:00
Sam 59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
riking 3cf493eb4f FIX: Apply contract checks when first creating a badge 2014-09-02 19:09:51 -07:00
riking 1833b43ae2 FEATURE: Badge query validation, preview results, and EXPLAIN
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.

Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.

On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).

The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.

The Badge.save() method is amended to propogate errors.

Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.

Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.

An uninitialized variable path is removed in the backfill() method.

TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-31 11:25:44 -07:00
Régis Hanol 8a20d05ba5 FEATURE: backup without uploads 2014-08-20 18:53:58 +02:00
Sam 8737ffb272 Merge pull request #2658 from akshaymohite/optimization-fixes
Not initializing variable for looping if unused in loop
2014-08-18 14:42:52 +10:00
Sam baaa3e0f9f FIX: #2664 it should be validates not validate
Thanks @chancancode
2014-08-18 14:40:54 +10:00
Akshay 6301a43d57 Not initializing variable for looping if unused in loop 2014-08-15 03:24:55 +05:30
Arpit Jalan d0736a06b6 FEATURE: export user list 2014-08-15 01:46:57 +05:30
Régis Hanol e64d3b8a42 FIX: disagree flag should unhide hidden post 2014-08-11 10:48:00 +02:00
Sam 0b01310c84 FIX: system badges where created under id 100 2014-08-06 10:51:39 +10:00
Régis Hanol ec30086dea FEATURE: agree all the flags 2014-08-04 22:48:04 +02:00
Sam 5a3466a6c3 FIX: keep correct ordering on admin badges 2014-07-30 08:46:59 +10:00
Robin Ward ac4a33a656 FIX: Display proper error message when changing a trust level fails 2014-07-29 15:54:20 -04:00
Régis Hanol bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
Sam 1a6aa07611 FEATURE: editable badge groups 2014-07-27 18:22:01 +10:00
Sam ec03d135fa FEATURE: allow advanced badge options in admin screen
clean up serializer, allow simplistic preview
2014-07-24 18:28:23 +10:00
Sam b9a7d945c3 Improve badge grouping UI
Start work on triggers
2014-07-23 11:43:17 +10:00
Robin Ward f06f8abedd Merge pull request #2537 from ligthyear/group-member-management-on-user
Improved Group Member Management on User Administration
2014-07-17 11:00:05 -04:00
Sam 88469721b9 FEATURE: Allow admins to disable specific badges 2014-07-14 17:40:36 +10:00
Benjamin Kampmann ac3f1ba3d6 Improved Group Member Management on User Administration
Allows for a quick and easy group membership management on the
user-administration page. Uses the select2 UI component to
autosuggest other groups, remove existing ones and lock in automatic
groups.
2014-07-13 20:11:38 +02:00
Régis Hanol 59b5ba7c0f BUGFIX: IP lookup wasn't working when using HTTPS
REFACTOR: the ip locator into a ip-lookup component
2014-07-07 22:18:18 +02:00
Sam 6bbb083d47 FEATURE: support "unlisted" badges. 2014-07-03 17:44:36 +10:00
Vikhyat Korrapati e0fd1f6f5e Add ability to specify custom font awesome icon for badges. 2014-06-19 16:56:18 +05:30
Sam 56dcd00570 BUGFIX: trust_level_0 group not including trust_level_1
BUGFIX: manual trust level change not adding user to groups
BUGFIX: system not in correct trust level groups
2014-06-17 10:52:02 +10:00
Régis Hanol 0781531e3c Merge pull request #2415 from techAPJ/bulk-invite-users-5
FEATURE: Bulk Invite
2014-06-10 19:11:11 +02:00
Neil Lalonde c61462662b Add ability to run validation on site settings. notification_email and other email address settings are now validated. 2014-06-09 16:59:20 -04:00
Arpit Jalan 727184641e FEATURE: Bulk Invite 2014-06-09 01:43:39 +05:30
Sam Saffron d97ceb1d72 FEATURE: log_out endpoint for admins 2014-06-06 13:02:52 +10:00
Sam 9e9c41ac52 FEATURE: admins can clear screend emails if needed 2014-06-02 16:53:00 +10:00
Vikhyat Korrapati d208e4d517 Multiple grant badges. 2014-05-21 12:54:55 +05:30
Neil Lalonde c4d3aa3d47 Theming: a UI to choose some base colors that are applied to all the site css. CSS compiled outside of asset pipeline. 2014-05-14 10:18:12 -04:00
Sam 084ec87850 FEATURE: admins can invite users to groups via the web UI 2014-05-09 18:22:36 +10:00
Louis Rose 1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol 11af466737 FEATURE: add a specific flag reason when a post has been hidden 2014-04-30 16:58:01 +02:00
Sam 0fc4c47927 Merge pull request #2295 from vikhyat/badge-system
Titleable badges
2014-04-29 11:26:51 +10:00
Neil Lalonde 1da59e7e2e FIX: deactivated users shouldn't be able to log in 2014-04-28 13:46:28 -04:00
Vikhyat Korrapati b4e037dfb2 Allow badges to be marked as "titleable". 2014-04-28 10:30:38 +05:30
Neil Lalonde feaaf55a0c Theming: color scheme editing. Unfinished! Doesn't have any effect on css files yet. 2014-04-24 16:49:12 -04:00
Robin Ward e48cf06fc9 REFACTOR: Add urls for admin groups, make it more idiomatic ember 2014-04-23 15:15:46 -04:00
Robin Ward af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Vikhyat Korrapati acfcf0b64e Add /badges route that lists all defined badges. 2014-04-16 18:42:06 +05:30
riking eb90315dfd Strip whitespace from site settings 2014-04-08 01:59:48 -07:00
Vikhyat Korrapati 0f9ea25010 Interface for granting/revoking badges from admin user page. 2014-03-21 11:09:19 +05:30
Sam fe63db7953 Merge pull request #2115 from vikhyat/badge-system
Initial badge system implementation
2014-03-17 10:06:37 +11:00
Vikhyat Korrapati 9b26c8584e Initial badge system implementation. 2014-03-14 21:49:26 +05:30
Robin Ward dc1d6decf5 Support for removal of old backups automatically via a site setting 2014-03-12 12:24:35 -04:00
Neil Lalonde b40313559b FIX: moderators should not be able to see site setting changes in the staff action logs. Fixes #2027 2014-02-28 16:30:54 -05:00
Régis Hanol ca9f6e9137 BUGFIX: couldn't upload backup on OSX
--B is not a valid df option on OSX
2014-02-28 15:43:50 +01:00
Régis Hanol 70ca6171d1 BUGFIX: fix math & unit when checking disk space 2014-02-27 16:55:12 +01:00
Régis Hanol 043901ef46 FEATURE: warn the user when there is not enough space on disk to upload a backup 2014-02-26 19:38:06 +01:00
Régis Hanol 68a935c36b FEATURE: upload backups 2014-02-22 01:41:01 +01:00
Régis Hanol 683bf8c0a4 FEATURE: add all email logs tab 2014-02-15 01:17:13 +01:00
Régis Hanol 3f3c9ca7cb FEATURE: add filters on email logs 2014-02-15 00:50:08 +01:00
Neil Lalonde 35dae76bbd Log when and why an email was not sent in email_logs 2014-02-14 13:06:39 -05:00
Sam 177371fb69 do a full GC prior to getting stats 2014-02-14 16:10:26 +11:00
Sam b75620973f FEATURE: memory stats route for diagnostics in admin 2014-02-14 15:45:12 +11:00
Régis Hanol b89d328de2 display/preload the logs of the last/current operation 2014-02-13 13:31:14 -08:00
Régis Hanol 3be1b5569a backups controller & specs 2014-02-13 13:31:13 -08:00
Régis Hanol 8344f0d8fd remove old import/export code 2014-02-13 13:31:13 -08:00
Robin Ward b61df08d1b FEATURE: Admin selector to choose a primary group for a user, display it
and apply a CSS class to their posts.
2014-02-10 17:00:15 -05:00
Robin Ward 3b1ef6ebc9 Work in progress: Groups Page 2014-02-07 10:44:51 -05:00
Sam 93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Neil Lalonde 74f1c553e3 FIX: 1868 Security: Dangerous Send 2014-01-27 13:05:51 -05:00
Neil Lalonde 90e195b2e7 More work on trust level 3 requirements page 2014-01-24 11:56:46 -05:00
Sam 2b64118df1 Merge pull request #1782 from ligthyear/group-mention
Allow groups to be used as aliases for user mentions
2014-01-12 14:36:45 -08:00
Robin Ward 852d110f35 Test email is now synchronous and ignores sidekiq queue. 2014-01-09 15:25:25 -05:00
Benjamin Kampmann c743a985a4 Allow groups to be used as aliases for user mention
when configured by the admin a group can be found through the @mentions
feature in both the compose/reply and the private message user-selectors
and once selected the mention will be replaced by the list of users in
the group
2014-01-08 02:36:24 +11:00
Régis Hanol 8d73b7f94d BUGFIX: hide sensitive site settings 2014-01-06 13:03:53 +01:00
Robin Ward 8c8645f158 FIX: Code and Emoticon formatting in HTML emails. 2013-11-28 17:21:14 -05:00
Sam 8339337cd1 strip out docker stuff, put into a plugin 2013-11-13 17:42:31 +11:00
Régis Hanol e9f9d22482 add query parameter to temporarily disable customization 2013-11-12 18:14:22 +01:00
Sam 932c2675a7 work in progress, admin page for upgrades (provides source lives in git) 2013-11-12 16:42:35 +11:00
Neil Lalonde 0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde 9c91ddd854 Should have put order on the screened urls results 2013-11-04 16:31:31 -05:00
Neil Lalonde bd9b85f076 Screened Urls page shows results for each domain instead of each url 2013-11-04 16:24:48 -05:00
Neil Lalonde 92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Neil Lalonde 017efdece5 A form to add ip addresses to be blocked or whitelisted 2013-10-24 17:19:10 -04:00
Sam 738a25b732 fix failure in rails 4 mode 2013-10-24 13:40:18 +11:00
Neil Lalonde bf06014a16 Order by creation time by default in screened ip addresses table 2013-10-23 13:01:50 -04:00
Robin Ward 348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Neil Lalonde 7d582fbee3 Screened ip address can be edited, deleted, and changed to allow or block. 2013-10-22 16:30:46 -04:00
Neil Lalonde 648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Neil Lalonde 13f17b2a5c Add ability to customize css and header for mobile 2013-09-16 12:28:02 -04:00
Neil Lalonde e8ef55c446 Rename StaffActionLog to UserHistory 2013-09-10 22:01:20 -04:00
Neil Lalonde 47add6da70 Log when a site customization is deleted 2013-08-21 12:33:24 -04:00
Neil Lalonde a95303fcd8 Log site customization changes. Use a modal to show staff action log details for site customizations. 2013-08-21 12:33:24 -04:00
Neil Lalonde 3abeb5f793 Staff action logs can be filtered to changes of one site setting 2013-08-20 13:50:51 -04:00
Neil Lalonde 1d030666d8 Log site setting changes and show in admin 2013-08-19 16:58:38 -04:00
Sam a9393e4a7a paging for flag list
corrected reload behavior on flag list
refactored post actions ... extracted flag queries
2013-08-19 21:14:26 +10:00
Neil Lalonde b6285b85d2 Add reject option to pending users page 2013-08-16 11:42:43 -04:00
Neil Lalonde 293361dcd3 Screened URLs list in admin 2013-08-15 10:52:26 -04:00
Neil Lalonde 86647f0a54 Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail. 2013-08-14 16:08:23 -04:00
Neil Lalonde bb492eb8bf Add filtering to staff logs page 2013-08-09 16:59:05 -04:00
Neil Lalonde 90a3bcf6ff Add filter by action to staff logs page 2013-08-09 10:06:59 -04:00
Neil Lalonde 33bddbff85 Use Ember.ListView for staff action logs page 2013-08-09 10:06:58 -04:00
Neil Lalonde 0d44313a4b Use Ember.ListView for blocked emails list 2013-08-09 10:06:58 -04:00
Neil Lalonde 5c8c52482a Add a way to view staff action logs in admin 2013-08-07 16:27:34 -04:00