Commit Graph

5496 Commits

Author SHA1 Message Date
Guo Xiang Tan 66062ed6d9 Add missing default choice for `SiteSetting.google_oauth2_prompt`. 2018-02-23 11:23:08 +08:00
Guo Xiang Tan 3637f0d3bb Update copy to reflect that 2FA key should be kept a secret. 2018-02-23 10:40:25 +08:00
Guo Xiang Tan e137b7f836 UX: Improve indication of 2FA status in user's preferences. 2018-02-23 10:36:48 +08:00
Guo Xiang Tan 2e2da3a6e2 Update copy for 2FA. 2018-02-23 10:36:48 +08:00
Robin Ward 9b704b21b5 Don't include `client` when false 2018-02-22 21:22:09 -05:00
Robin Ward 69af881f7f New site setting `trusted_users_can_edit_others`
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan 24d0a7a4c7 Take 2 on f74d6bb605.
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
Guo Xiang Tan dd26bbe868
Merge pull request #5610 from discourse/pm-tags
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
Joffrey JAFFEUX 1c790ae6bc Revert "Add prompt and HD settings to the Google OAuth2 plugin."
This reverts commit f74d6bb605.
2018-02-22 19:17:02 +01:00
scossar 9d0807224b Don't enqueue topic webhook unless a post has a topic 2018-02-22 14:34:59 +08:00
Guo Xiang Tan ef1b82a226 Add missing site setting description. 2018-02-22 13:52:36 +08:00
Geoffrey Challen f74d6bb605 Add prompt and HD settings to the Google OAuth2 plugin. 2018-02-22 12:29:19 +08:00
Vinoth Kannan 84867c1c07 Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm 2018-02-22 06:48:34 +05:30
Guo Xiang Tan 1b04d881c5 UX: Display lock icon in admin user lists when user has 2FA enabled. 2018-02-22 09:00:09 +08:00
Joffrey JAFFEUX 6f5acfe783 Login with email/forget password UI refactoring
* move button into login modal with social buttons
* adds email link next to login field when filling it
* adds proper validation messages
* improves forgot password flash clearing
* more tests
2018-02-22 08:06:15 +08:00
Sam 720e1965e3 FEATURE: add category suppress from latest
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.

New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Joshua Rosenfeld 3ec8b38796
A few more 'private message' strings to update
Follow up from a08832bd08
2018-02-21 15:28:26 -05:00
Vinoth Kannan 2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Joshua Rosenfeld 23f7c3607c
Update Twitter login site setting description text 2018-02-21 13:07:33 -05:00
Vinoth Kannan 84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Gerhard Schlager 210939de68 FEATURE: Use HTML instead of text for incoming emails by default 2018-02-21 11:14:36 +01:00
Guo Xiang Tan 8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login
Featheredtoast two factor login
2018-02-21 15:00:10 +08:00
Guo Xiang Tan 14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Sam ca1a3f37e3 FEATURE: add instrumentation for all external net calls 2018-02-21 15:20:29 +11:00
Jeff Wong f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward 3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Jeff Atwood 6c29908ba2 very minor copyedits 2018-02-20 00:44:56 -08:00
Sam 73a492f721 minor changes to discourse bench
Ruby master is not compatible with bootsnap atm
2018-02-20 14:41:21 +11:00
Arpit Jalan c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Leo McArdle 5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Guo Xiang Tan d601a6b23c FIX: Support old Service Worker source file path to avoid routing errors. 2018-02-19 08:04:45 +08:00
SidV 790c5facc9 Mailgun typo (#5593)
mailgun = Mailgun
2018-02-16 01:35:37 -05:00
Neil Lalonde 32ad98161f Update translations 2018-02-15 16:36:03 -05:00
Sam 7af9ed6674 FEATURE: add goanna rendering engine to non crawler list
Goanna the fork of Gecko which is used by Pale Moon browser is not a crawler.
2018-02-16 06:30:47 +11:00
Guo Xiang Tan 28365f8ae5 PERF: Have nginx cache and serve the service worker file. 2018-02-15 10:50:39 +08:00
Sam 38f4acd55a FIX: rate limiter text is confusing, should not say daily
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
2018-02-14 15:29:50 +11:00
Joffrey JAFFEUX 548db91c76
FIX: displays an error when reaching tags limit 2018-02-14 00:30:09 +01:00
Joffrey JAFFEUX ed114177e7
Mini tag chooser tweaks 2018-02-13 19:41:03 +01:00
Erick Guan 03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Muhlis Cahyono cc3cf6588b FEATURE: Notification API Endpoints for Admins
* create/update/delete notification api with external url
* remove external url feature
* Fix Travis CI build error (add new line)
* Fix Travis CI build error
2018-02-13 01:38:26 -05:00
Robin Ward 4dfe659189 Rename `allow staff flags` to `allow flagging staff` 2018-02-12 15:27:26 -05:00
Robin Ward 6287631745 FEATURE: New site setting, `allow staff flags`, false by default
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
AhmadF.Cheema e48ae647f9 Fix typo in server.en.yml 2018-02-11 21:17:22 +01:00
Robin Ward 2faa4c2f5f FIX: Don't show personal messages if disabled as a composer action 2018-02-09 16:58:35 -05:00
Joffrey JAFFEUX 190d208631
FEATURE: improves composer-actions toggle menu
* only toggles
* fix a bug with presence
* more tests
* do not duplicate `continuing discussion...` text
* persist state to allow switching between toggles
2018-02-08 11:46:55 +01:00
scossar dab0ec1d66 Add translation key/value for target_user_not_found error message 2018-02-07 11:35:17 +01:00
Robin Ward 1bab15c757 FEATURE: A site setting for a minimum TL to post links 2018-02-06 18:07:58 -05:00
Robin Ward b2b6dc68a6 FEATURE: a setting to customize the minimum TL to flag a post 2018-02-06 17:12:27 -05:00
Kane York cd19d546a8
Update default linkify TLDs to top 15
Also kept gov, but moved it to the end because it was in the previous version.
2018-02-02 17:45:42 -08:00