dad2024094
FIX: do not impose default min/max validation on hidden site setting
2017-04-22 12:08:39 +05:30
9eff4f0807
FIX: all basic integer settings should have max value validation
2017-04-21 07:09:41 +05:30
f5673fbd47
Remove references to elder
...
The use of the TL4 name Elder was changed in 2014 to Leader. The spec function was changed to `:trust_level_4`, but the it statement was not changed.
2017-02-26 17:40:42 -07:00
9b263a0559
increase req min unique pw chars from 5 to 6
2017-02-16 17:06:19 -08:00
8feb94e13f
FIX: password validator was being too strict
2017-02-14 09:18:04 -05:00
94e1105af7
fix unique char counting in password validator
2017-02-10 10:38:17 -05:00
1bcb835446
FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting
2017-02-09 15:00:22 -05:00
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
86522a52b7
FEATURE: add censored_pattern setting to censor posts using regex
2016-11-08 16:39:26 -05:00
7a81669c18
SECURITY: don't allow re-using the current password during password reset
2016-08-24 12:27:21 -04:00
59680af329
disable email white/blacklisting for staged users
2016-07-04 16:05:01 +02:00
de9136a8f2
FIX: bypass TL0-specific validations on posts in a PM
2016-04-18 22:08:42 +02:00
20ce7f29e0
FEATURE: new 'manual_polling_enabled' site setting
2016-03-16 22:28:01 +01:00
50e65634d7
FEATURE: new setting min_admin_password_length and better default
2016-03-02 14:43:26 +05:30
8944d62aa6
add validator for the 'reply_by_email_enabled' site setting
2016-02-09 23:35:40 +01:00
99c4252ba6
FEATURE: Staff should be exempt from user mention limit
2016-02-01 21:19:56 +05:30
3e50313fdc
Prepare for separation of RSpec helper files
...
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`
`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).
For more information:
https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files
In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.
This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.
At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
2015-12-01 20:39:42 +00:00
5b9594277a
skip most post validations for staged accounts
2015-12-01 10:40:23 +01:00
7c694139ec
trust staged accounts when validating posts
2015-11-30 19:08:35 +01:00
69ad0358c2
FIX: incorrect logic in email blocker
...
if mail.com was blocked, email.com was automatically blocked
2015-06-15 11:28:50 +10:00
b7ac8448c6
Improve IP blocking error message
2015-06-02 07:48:26 +05:30
6bf680882c
Better error message when new registration limit from an IP address is reached
2015-06-01 10:16:25 +05:30
30b063c08b
FEATURE: make full names a required field of user profiles with the full_name_required setting
2015-04-02 17:08:04 -04:00
c04b214910
FEATURE: don't allow username and email to be the same
2015-02-27 13:47:43 -05:00
cf81b3f86d
FEATURE: don't allow username and password to be the same
2015-02-25 12:00:13 -05:00
f7d2fc0524
FEATURE: 'reply by email address' validator
...
Prevent infinite email loophole when the 'reply_by_email_address' site setting is the same as the 'notification_email'.
2015-02-06 12:08:37 +01:00
0fd98b56d8
few components with rspec3 syntax
2015-01-09 13:34:37 -03:00
7641d88224
FEATURE: new 'maximum new user accounts per registration IP' site setting
2014-11-17 12:04:29 +01:00
443caaa8f7
FIX: don't let admins skip post validations, unless it's faq, tos, or privacy
2014-08-01 14:53:35 -04:00
e1be478ef4
FIX: admins bypass some post validations. This allows them to edit legal docs even if those docs are longer than max post length, for example.
2014-07-28 16:40:14 -04:00
3eb65885d1
Add validation of string site settings with regex, and min and max lengths
2014-06-18 11:15:40 -04:00
ba65aa3f6c
Add a way to validate min and max value of an integer site setting
2014-06-12 18:04:37 -04:00
9611a1ac47
Validate username site settings
2014-06-11 16:20:57 -04:00
2c19d8a136
Fix password_validator_spec
2013-12-27 11:15:53 -05:00
ab12695d63
Block passwords that are in the top 5000 most common passwords. Site setting block_common_passwords can disable this feature.
2013-12-27 11:00:21 -05:00
0c45eba037
FIX: Users can edit posts when they've reached the `newuser_max_replies_per_topic` threshold.
2013-12-20 11:30:51 -05:00
854d9c8fc6
Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length.
2013-12-19 16:15:47 -05:00
33c6997ded
Move password validation into PasswordValidator
2013-12-19 16:15:47 -05:00
1cac9fa257
New users can only post `newuser_max_replies_per_topic` times per topic.
2013-12-19 13:45:55 -05:00
c1008f4359
Fixes for postgresql inet columns in Rails 4. They're backed by an IPAddr class now, which breaks sql parameter marker support, and automatically sets the attribute to nil when trying to assign an invalid ip address.
2013-10-22 19:19:32 -04:00
7d582fbee3
Screened ip address can be edited, deleted, and changed to allow or block.
2013-10-22 16:30:46 -04:00
648b11a0eb
Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address.
2013-10-21 14:50:18 -04:00
78c15d5810
Move the unique post key storage code into the Post model
2013-09-09 16:17:31 -04:00
eae7e75611
FIX: recover post by a non-staff user fails because the post is not unique. Uniqueness check shouldn't happen when recovering a deleted post.
2013-09-06 11:50:15 -04:00
86647f0a54
Add ScreenedUrl. Rename BlockedEmail to ScreenedEmail.
2013-08-14 16:08:23 -04:00
5f8a130277
Add BlockedEmail, to block signups based on email. Track stats of how many times each email address is blocked, and last time it was blocked. Move email validation out of User model and into EmailValidator. Signup form remembers which email addresses have failed and shows validation error on email field.
2013-07-29 15:29:43 -04:00
121d08e25f
FIX: updating needs a restart
2013-06-29 03:49:54 +02:00
f7de9f17d5
refactor validators
...
add a new setting for min pm body length
use that setting for flags
scale entropy check down for pms
2013-06-13 18:18:43 +10:00
2465c9c724
Add min_private_message_title_length site setting so private messages can have short titles
2013-06-04 17:59:23 -04:00
Arpit Jalan
jomaxro
Jeff Atwood
Sam
Neil Lalonde
Guo Xiang Tan
Erick Guan
Régis Hanol
Andy Waite
Luciano Sousa
Robin Ward