012da86a07
FIX user directory time period count ( #6586 )
2018-11-12 15:30:05 +01:00
d1684a1652
PERF: avoid left joins and distinct on posts_for query
...
Previously this was extremely expensive due to the `distict` and
`left join` clauses, this eliminates it and makes query much faster
2018-11-12 13:26:41 +11:00
c3c9299c44
FIX: Improve performance for `Group.posts_for` ( #6588 )
2018-11-12 08:44:20 +08:00
f8838ac9cd
FIX: fix/removes broken elements of old dashboard
2018-11-09 17:18:19 +01:00
24e5be3f0c
FIX: Relative links in translations should work with subfolder
2018-11-08 23:31:05 +00:00
42572ff138
Revert font awesome 5 changes
...
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs ( #6557 )
...
* First take on subsetting svg icons
* FontAwesome 5 svg subset WIP
* Include icons from plugins/badges into svg sprite subset
* add svg icon support to themes
* Add spec for SvgSprite
* Misc. SVG icon fixes
* Use FA5 svgs in local-dates plugin
* CSS adjustments, fix SVG icons in group flair
* Use SVG icons in poll plugin
* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
0a442e319c
FIX: correct svg handling for images
...
We regressed and optimized images no longer worked with svg
The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
2018-11-07 15:29:26 +11:00
7534042427
DEV: Update annotations.
2018-11-07 11:11:19 +08:00
2070edf889
FIX: Clarify User.group_locked_trust_level.
...
* Rename User.group_locked_trust_level to User.group_granted_trust_level.
* Remove the column from users table.
2018-11-07 10:27:44 +08:00
8067f8a32c
FIX: disables dates filtering on most_disagreed_flags report ( #6556 )
2018-11-02 14:42:52 +01:00
4e0f033fae
FEATURE: adds ignored flags to most_disagreed_flags report ( #6554 )
2018-11-02 11:08:00 +01:00
f9b36820ef
FIX: only extract script tags with certain types ( #6553 )
...
`script` tags with custom types (e.g. `text/template`) are not executed
by the browser, and should not be extracted into an external theme
JavaScript
2018-11-01 16:01:46 -04:00
ec91450aae
FEATURE: Track how many user flags are agreed/disagreed/ignored
...
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
23423ba112
correct spec and error reporting
...
previous commit misused warn_exception which caused a spec to fail
2018-10-31 13:38:05 +11:00
e0ccd36dbe
FEATURE: Suspicious logins report. ( #6544 )
2018-10-30 22:51:58 +00:00
b2585524a9
FEATURE: adds a most disagreed flaggers report
2018-10-26 15:59:04 +02:00
ed9c21e42c
FEATURE: hide muted categories from /categories list ( #6531 )
2018-10-26 11:34:39 +11:00
d17c8df926
Only check for suspicious login for staff members
2018-10-26 00:29:28 +02:00
6a3767cde7
FEATURE: Warn users via email about suspicious logins. ( #6520 )
...
* FEATURE: Warn users via email about suspicious logins.
* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
0ead513fb0
PERF: remove total unread notifications from message bus ( #6529 )
2018-10-25 12:14:34 +11:00
5fd94d3211
PERF: limit unread count to 99 in blue circle
...
This revises: e605542c4e
2018-10-24 12:10:27 +11:00
e605542c4e
PERF: limit unread count to 99 in the blue circle
...
This safeguard is in place to avoid very expensive queries on the server
side
2018-10-24 11:53:28 +11:00
b74dd7d379
FIX: stop logging every 404 error when searching for gravatars
2018-10-23 11:43:14 +11:00
b69652278f
FEATURE: Add Wiki Editor badge. ( #6511 )
2018-10-19 15:30:27 +02:00
5f86564da1
FEATURE: adds latest to user-api-key session scope
2018-10-19 09:54:06 +02:00
9bfc939692
cleanup so gravatar download failures are consistent
...
previously we would ignore socket error, but this would mean that
there could be conditions where we would keep trying to download
gravatars forever (in an hourly job)
2018-10-19 12:51:55 +11:00
f0af61da41
FIX: User `AvatarLookup` for looking up avatar details ( #6508 )
...
This allows plugins with their own avatar logic to work in the user
summary sections.
2018-10-18 15:49:34 -04:00
3973823a33
FIX: always update 'last_gravatar_download_attempt' when updating gravatar
2018-10-18 11:02:54 +02:00
0f1afad6da
FIX: extracted theme JavaScripts for multisite ( #6502 )
...
* FIX: extracted theme javascripts for multisite
* onceoff to rebake all theme fields
2018-10-18 17:05:34 +11:00
22408f93c9
FIX: Wrap custom fields database statements in a transaction.
...
Kind of strange that we don't do it because a database statement
may fail and leave us in a weird state.
2018-10-18 12:23:04 +08:00
44eba0bb60
FIX: Don't rescue `PG::UniqueViolation` within a transaction.
...
Also acquire a transaction per link instead of failing when
any of the links can't be processed.
This prevents ActiveRecord from rolling back the transaction
and the next SQL statement sent to PG will fail. This is
however hard to test as it only happens when there are
two competing process trying to process this method at the
same time.
2018-10-18 10:54:30 +08:00
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display ( #6499 )
...
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
19d7543004
FIX: clear color scheme cache when clearing theme cache
2018-10-16 12:00:46 +11:00
99d1ded3b3
rename route `/javascripts` to `/theme-javascripts` ( #6495 )
2018-10-15 11:32:52 -04:00
f6eff38c0e
FEATURE: adds list#(unread|new) to user api key routes ( #6494 )
2018-10-15 15:48:35 +02:00
6acdea37c4
DEV: extract inline js when baking theme fields ( #6447 )
...
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields
This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
84d4c81a26
FEATURE: Support backup uploads/downloads directly to/from S3.
...
This reverts commit 3c59106bac
2018-10-15 09:43:31 +08:00
12f132736b
FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value
2018-10-11 15:11:48 -04:00
6a444eee56
Merge pull request #6476 from vinothkannans/tl4-flag
...
FEATURE: automatically hide non-TL4 posts when flagged by a TL4 user
2018-10-11 17:13:26 +05:30
227a49bb32
FEATURE: automatically hide non-TL4 posts when flagged by a TL4 user
2018-10-11 17:11:46 +05:30
b5b382dcd6
Feature: add boxes with subcategories option for desktop categories page ( #6471 )
...
* Feature: add boxes with subcategories option for desktop categories page
* only add subclass div when subclasses exist
2018-10-11 15:59:37 +08:00
3c59106bac
Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
...
This reverts commit c29a4dddc1
2018-10-11 11:08:23 +08:00
c29a4dddc1
FEATURE: Support backup uploads/downloads directly to/from S3.
2018-10-11 10:38:43 +08:00
ae6a5419e0
DEV: Report the backtrace as well.
2018-10-10 17:43:42 +08:00
51aba32651
FEATURE: add branch option to remote theme import
...
* FEATURE: add branch option to remote theme import
* FIX: Add missing variable in params
* FIX: Add missing param for import_theme method
* SPEC: Add test methods for branch support in git import
* FIX: Add missing space to scss style
* Do not assume default branch as master
* Change branch field placeholder
* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
e55f220b33
add category style boxes with featured topics option
2018-10-08 16:19:54 -07:00
eb3ed7f6fd
Add missing annotations
2018-10-08 18:01:21 +02:00
9bf522f227
FEATURE: Mixed case tagging ( #6454 )
...
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.
- If force_lowercase_tags is disabled, then mixed case tags are allowed.
- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.
- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.
- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.
- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
8430ea927e
FIX: Generate webhook payloads before destroy events ( #6325 )
2018-10-05 16:53:59 +08:00
34516c72bd
FIX: Recover public actions (likes) when recovering a post ( #6412 )
2018-10-02 11:25:08 -04:00
a515ba8612
FIX: corrects typo and adds a spec for likes report ( #6439 )
...
* FIX: corrects typo and adds a spec for likes report
* save!
2018-10-02 02:27:43 -07:00
1add11d8c9
FIX: don't send multiple requests when changing category notification ( #6435 )
2018-10-01 23:41:23 +08:00
19c9a6699a
FIX: Validate auto_close_hours category setting
...
This prevents server errors when the value is set too high
2018-09-26 16:04:49 +01:00
84f5448a92
FEATURE: Display trust level descriptions in site settings ( #6421 )
2018-09-21 15:10:38 +01:00
e402394375
FEATURE: auto grant an available title when removing old title
...
* FEATURE: auto grant an available title when removing old title
2018-09-21 12:06:08 +10:00
3e17ef0507
Merge pull request #6414 from techAPJ/user-field-unique-key
...
FEATURE: add external details to user fields
2018-09-20 22:29:39 +05:30
df45e82377
SECURITY: only allow picking of avatars created by self ( #6417 )
...
* SECURITY: only allow picking of avatars created by self
Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
195bd02fce
FIX: Avoid race condition when enqueuing job.
2018-09-20 11:24:01 +08:00
72be638728
FEATURE: add external details to user fields
2018-09-20 08:10:51 +05:30
e0e6dae6a7
minor cleanup to previous commit from code review
2018-09-19 16:07:29 +10:00
5302709343
FIX: in redis readonly raise an exception from DistributedMutex
...
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller
When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb
In redis readonly no thumbnails will be generated
2018-09-19 15:50:58 +10:00
4a92c5b2d6
`UploadRecovery` should recover attachments too.
2018-09-19 10:44:36 +08:00
9281b72308
FEATURE: Log entity export in staff logs
2018-09-19 03:16:45 +05:30
7d6b348d0b
SECURITY: correct XSS on long topic titles
2018-09-18 08:54:44 +10:00
6659417807
FEATURE: match user title when primary group changes
...
When primary group changes and the user's title is the previous primary
group's title, change the title to the new primary group's title
2018-09-17 15:08:39 +10:00
33541c4096
FEATURE: unconditionally omit no-follow for staff
...
Previously TL2 and below staff would have links
no-followed which was never intended
2018-09-17 12:02:20 +10:00
e51c676135
refactors trending search report to use SearchLog
2018-09-17 10:19:40 +10:00
5625461c05
clear error if you can contact theme repo again
2018-09-17 09:49:53 +10:00
c7d81e2682
FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard
2018-09-17 09:49:53 +10:00
419b14e58b
FIX: correctly keep stylesheet cache entries
...
The intent from day one was to keep MAX_TO_KEEP stylesheets per target
however the DELETE statement did not perform target filtering
This meant we often deleted the wrong stylesheets from the cache
2018-09-14 12:54:11 +10:00
a6502ce879
FIX: ensures errors in report initialization fail nicely ( #6392 )
2018-09-13 17:36:55 +02:00
18fcd483f2
FIX: ensures we have a color for reports ( #6396 )
2018-09-13 17:36:39 +02:00
7bf8b0d305
FIX: treats users_(by_type|tl) as other reports ( #6391 )
2018-09-13 17:35:54 +02:00
d288462abf
Merge pull request #6393 from techAPJ/bad-json
...
FIX: ignore and log bad json values for custom fields
2018-09-13 15:54:01 +05:30
e364547ff7
FIX: ignore and log bad json values for custom fields
2018-09-13 14:26:30 +05:30
529e4018f0
DEV: Avoid using `send` and make the method public instead.
2018-09-13 16:34:32 +08:00
3884e99e88
Add extra protection in `Upload#get_from_url`.
...
In case the extension goes missing from the URL.
2018-09-12 00:12:14 -07:00
b3469bea2d
FIX: Uploads not being linked correctly to posts.
...
Regression due to 1f636c445b
2018-09-11 23:50:23 -07:00
d1984a0b4d
FIX: display a correct error when attempting to agree on a deferred flag
...
Previously we would raise a 500 error if a moderator tried to agree on a
flag another moderator deferred.
This can happen cause the UX for flags does not live refresh as flags
are handled
2018-09-12 13:16:59 +10:00
71185c13b5
Merge pull request #6377 from tgxworld/remove_tif_tiff
...
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
2018-09-12 09:32:32 +08:00
e1b16e445e
Rename `FileHelper.is_image?` -> `FileHelper.is_supported_image?`.
2018-09-12 09:22:28 +08:00
16bd3f2cf2
FIX: use current user color scheme when filling `theme-color` attribute ( #6384 )
...
* FIX: use current user color scheme when filling `meta` attribute `theme-color`
* update manifest.webmanifest colors
2018-09-12 11:04:58 +10:00
e64402cb3b
SECURITY: correct edge case when SSO provides unvalidated emails
2018-09-11 08:24:02 +10:00
04d26c65e2
Refactor `Upload.get_from_url` to check length of sha1.
2018-09-10 10:10:39 +08:00
797cbf8653
FIX: Remove user fields when anonymizing user
2018-09-07 00:02:56 +02:00
1f636c445b
PERF: Add fast path to find uploads before resorting to `LIKE` query.
...
For a normal upload url
Before
```
Warming up --------------------------------------
264.000 i/100ms
Calculating -------------------------------------
2.754k (± 8.4%) i/s - 13.728k in 5.022066s
```
After
```
Warming up --------------------------------------
341.000 i/100ms
Calculating -------------------------------------
3.435k (±11.6%) i/s - 17.050k in 5.045676s
```
2018-09-06 14:44:24 +08:00
d4b05d7bc5
Always link post to uploads in post process.
...
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
434035f167
FIX: Link post to uploads in `PostCreator`.
...
* This ensures that uploads are linked to their post on creation
instead of a background job which may be delayed if Sidekiq
is facing difficulties.
2018-09-06 11:18:11 +08:00
e59622f2ba
FIX: deactivate chart trends for now ( #6364 )
2018-09-05 23:33:29 +02:00
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
ad70502ab8
FIX: ignore invalid usernames in incoming link tracker
...
If an incoming link username has NULL in it simply ignore it
2018-09-04 12:28:32 +10:00
8dc1463ab3
Enable `Lint/ShadowingOuterLocalVariable` for Rubocop.
2018-09-04 10:16:42 +08:00
931cffcebe
FEATURE: Let users see their user auth tokens. ( #6313 )
2018-08-31 10:18:06 +02:00
e1975e293f
FIX: when uploads are destroyed clear up avatar refs in user table
...
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
bb93179609
FEATURE: charts will now use tertiary color ( #6342 )
2018-08-30 14:56:11 +02:00
f0abb4d09a
FIX: Allow user actions to be saved even if the post has nil user
...
This issue made it impossible to delete users if they had flagged a post with nil user
2018-08-30 01:03:32 +01:00
e6970151a6
FEATURE: allow specifying locale via SSO
...
Use:
locale
locale_force_update
To force user locale on users where SiteSetting.allow_user_locale is enabled
Note: If an invalid locale is specified no action will occur
2018-08-30 09:58:03 +10:00
e25a6e085e
FIX: drop title updates through RSS feeds
...
can create an update loop
2018-08-28 16:25:04 +10:00
9ab1fb7dfc
FEATURE: correctly store width and height on uploads
...
Previously we used width and height for thumbnails, new code ensures
1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions
Also
- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
Maja Komel
Sam
David Taylor
Joffrey JAFFEUX
Gerhard Schlager
Penar Musaraj
Guo Xiang Tan
Bianca Nenciu
Kyle Zhao
Robin Ward
Bianca Nenciu
Régis Hanol
Jeff Wong
Neil Lalonde
Vinoth Kannan
Erin Kosewic
Arpit Jalan
OsamaSayegh
Guo Xiang Tan