Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
29,276 Commits 267 Branches 502 Tags 861 MiB
Commit Graph

2547 Commits

Author SHA1 Message Date
OsamaSayegh decf1f27cf FEATURE: Groundwork for user-selectable theme components 
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
 2018-07-12 14:18:21 +10:00
David Taylor 9a813210b9 SECURITY: Do not allow authentication with disabled plugin-supplied a… (#6071) 
Do not allow authentication with disabled plugin-supplied auth providers
 2018-07-09 14:25:58 +10:00
Maja Komel 18f5f646b1 FEATURE: allow selecting a tag when moving posts to a new topic (#6072) 2018-07-06 18:21:32 +02:00
Arpit Jalan b9835cc392 FIX: do not use scheduler for uploading csv file for invite 
Since the bulk invite process already happens in a dedicated Sidekiq job
 2018-07-04 13:28:11 +05:30
Sam e72fd7ae4e FIX: move crawler blocking into anon cache 
This refinement of previous fix moves the crawler blocking into
anonymous cache

This ensures we never poison the cache incorrectly when blocking crawlers
 2018-07-04 11:14:43 +10:00
Sam 7f98ed69cd FIX: move crawler blocking to app controller 
We need access to site settings in multisite, we do not have access
yet if we attempt to get them in request tracker middleware
 2018-07-04 10:30:50 +10:00
Sam 6a54da0902 FIX: raise invalid params for bad callback 
Corrects it so we raise a 400 instead of logged 500 error
 2018-06-29 10:43:33 +10:00
Sam 982df3c17b FIX: return status 400 for invalid member params 
previously error returned was a 500 which is not ideal
and is logged
 2018-06-29 10:15:17 +10:00
Robin Ward fd7bb8e656 FIX: Scope the `cn` to the subfolder 2018-06-28 11:03:36 -04:00
Arpit Jalan 2c971c41f6 FIX: post deletions rate limit per day was not working 2018-06-28 19:21:27 +05:30
Arpit Jalan a6d50d1ff7 FEATURE: new settings to control posts deletions rate limit 2018-06-28 17:03:37 +05:30
Arpit Jalan c352f8eb15 FEATURE: rate limit post deletions to 50 per day 2018-06-28 16:38:58 +05:30
Maja Komel ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Arpit Jalan 6bcdc3ba4b FEATURE: allow author to delete posts irrespective of post_edit_time_limit 2018-06-26 21:43:06 +05:30
Arpit Jalan 7efdccdbc5 FIX: allow staff to remove tags from queued topics 2018-06-26 17:08:40 +05:30
Joffrey JAFFEUX 95d99de7b4
FIX: hides durability section in dashboard if backups are disabled 2018-06-20 22:26:37 +02:00
Guo Xiang Tan 0365806b93 FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
Sam 5f64fd0a21 DEV: remove exec_sql and replace with mini_sql 
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
 2018-06-19 16:13:36 +10:00
Joffrey JAFFEUX f2dbe66367
FEATURE: adds a /admin/reports route to list all reports 2018-06-18 12:31:56 +02:00
Rafael dos Santos Silva 51cb38783e FIX: start_url was wrong in non-subfolder 2018-06-15 14:29:33 -03:00
Rafael dos Santos Silva 8fc08aad09 FEATURE: Update the webmanifest 
- Remove share target because the spec is changing
- Allow any orientation again because natural is too restrictive
- Use correct file and mime types for the manifest
 2018-06-14 00:13:28 -03:00
Sam Saffron 030e322a39 FEATURE: block top level /my/ routes 2018-06-12 19:47:45 +10:00
Jeff Wong 44ee26721a FIX: add check for missing assets file in development 2018-06-11 11:18:34 -07:00
Arpit Jalan f9ab3848ed FEATURE: support disabling emails for non-staff users 2018-06-07 18:31:08 +05:30
Guo Xiang Tan ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Sam 89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade 
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
 2018-06-07 14:21:33 +10:00
Vinoth Kannan d8e641cd98 FIX: avatar_url includes upload_path twice when local storage used 2018-06-06 18:27:30 +05:30
Guo Xiang Tan a83ab01264 REFACTOR: Remove extra param for group mentionable and messableable route. 2018-06-06 09:42:09 +08:00
Arpit Jalan f8d82f135f FIX: do not verify group visibility when checking for mentionable/messageable 2018-06-05 16:59:21 +05:30
Guo Xiang Tan 95f9b72351 FIX: Update activation email route was returning a generic json error. 2018-05-31 14:19:43 +08:00
Guo Xiang Tan 21e9315416 FIX: Use user account email instead of auth email when totp is enabled. 
https://meta.discourse.org/t/github-2fa-flow-broken/88674
 2018-05-30 12:15:12 +08:00
Guo Xiang Tan a081771950
Merge pull request #5872 from OsamaSayegh/users-controller-specs-to-request 
REFACTOR: users contollers specs => request specs
 2018-05-28 13:32:37 +08:00
OsamaSayegh 449399bef3 return 403 forbidden when local logins disabled 2018-05-26 05:18:19 +03:00
Régis Hanol 5b2e7c8d10 fix the build 2018-05-26 03:11:10 +02:00
Robin Ward 4195c7c9ea FEATURE: Ability to clear a user's penalty history 
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
 2018-05-25 12:54:22 -04:00
Guo Xiang Tan 569f63b8a2
Merge pull request #5825 from featheredtoast/extend-service-worker-cache 
FIX: update cache times for service workers
 2018-05-25 09:28:17 +08:00
Sam 53b97b28f0 FIX: in rare conditions post timing would miss the user 2018-05-24 15:38:33 +10:00
Neil Lalonde 3db1032bfd FIX: not found page shouldn't include the Google search form for sites with login_required enabled 2018-05-23 16:59:02 -04:00
Blake Erickson 3edca8b104 Return a 403 instead of 200 when trying to delete a user with posts 
See [this commit][1] for more info

[1]: bd352a17bf
 2018-05-22 17:02:02 -06:00
Sam 3e06def856 FIX: If we have no logo defined use sketch in manifest 2018-05-22 12:10:59 +10:00
Sam 788ca1f112 FIX: stop adding email to unsubscribe url 
Instead of adding email to unsubscribe url store it in redis for 1 hour
rate limit calls to unsubscribe endpoint to ensure there is no risk of
bloating redis

Also move controller to request specs
 2018-05-22 09:07:03 +10:00
Guo Xiang Tan 467d91347a Missing specs for `Group`, `Tag`, `Category` and `Flag` web hooks. 2018-05-21 17:29:58 +08:00
Arpit Jalan 9f422c93f6 FIX: restrict updates on `confirm_old_email` email templates 2018-05-19 12:19:59 +05:30
Arpit Jalan 003b7f06ad FIX: rescue specific error 2018-05-18 09:52:16 +05:30
Jeff Wong 04c7dbafa3 FIX: manifest.json better detection at mime type. Find size if uploaded 2018-05-17 14:45:24 -07:00
Jeff Wong 41ffafb65e FIX: best effort at returning correct mime types in manifest.json 2018-05-17 12:14:39 -07:00
Régis Hanol 53f8f6095d FEATURE: staff action logs when creating/updating/deleting badges 2018-05-17 18:09:27 +02:00
Arpit Jalan 9532d9a555 FIX: handle invalid tags 2018-05-17 19:33:12 +05:30
Régis Hanol 131b7f5da5 make 🤖 rubocop happy 2018-05-16 16:35:04 +02:00
Joe Buhlig 3cd4c82c49 Allow parameters for group and username filters on directory (#5815) 2018-05-16 16:20:17 +02:00
Régis Hanol 5e97a9bfb7 FIX: tags in a 'visible by everyone but usable only by staff' group weren't visible by everyone 2018-05-16 09:48:19 +02:00
Sam ff90881238 DEV: fix live refresh if you have a custom theme selected in dev 2018-05-16 17:25:49 +10:00
Sam 21e0b7c818 avoid async report pattern and replace with simpler hijack 2018-05-16 16:05:03 +10:00
Sam 193b6d5651 UX: improve new dashboard 
- top referred topics
- limit search logs to 8 results
 2018-05-15 15:08:36 +10:00
Jeff Wong e4a33cbc0a FIX: update cache times for service workers 
Add a last modified time.

Register newer service workers and claim clients more quickly.
 2018-05-14 12:29:24 -07:00
Régis Hanol e9abdaebbe UX: show an enveloppe icon when a badge is used in messages 
- the badge count now includes messages
- only show the message badges to admins
 2018-05-14 19:02:00 +02:00
Sam 6332d5040d UX: switch dashboard to be the new dashboard 
Also:
- add pageviews
- add problems and version sections
 2018-05-14 13:07:59 +10:00
Sam bc9e0d46af PERF: use cached reports for dashboard if available 2018-05-14 12:01:44 +10:00
Régis Hanol 37232fcb58 FIX: staff members should see all tags 2018-05-13 17:50:21 +02:00
Régis Hanol 2cf6fb7359 FIX: always unstage users when they log in 2018-05-13 17:00:02 +02:00
Régis Hanol be6404d651 FIX: redirect users after signing up with a social login when using SSO provider 2018-05-13 16:03:11 +02:00
Régis Hanol 09cf35c760 FIX: redirect users after signing up using SSO provider 2018-05-12 00:41:27 +02:00
Régis Hanol abda21a41f Revert "FIX: redirect to sso_destination_url after account activation" 
This reverts commit 0402e97368.
 2018-05-11 22:55:45 +02:00
Régis Hanol 0402e97368 FIX: redirect to sso_destination_url after account activation 2018-05-11 19:57:04 +02:00
Régis Hanol 2958e17cde remove duplicate code 2018-05-11 12:16:37 +02:00
Sam 8a783412b7 UX: improvements to new dashboard 
- remove inactive user report and replace with posts
- clean up internals so grouping by week happens on client
- when switching periods old report was not destroyed leading to bugs
- calculate trend based on previous interval ... not previous 30 days
- show percentages for mau/dau
- be more careful about utc date usage
- show uniqu and click through rate on search panel
- publish key of report with report so we only load the correct one
- subscribe earlier in channel in case of concurrency issues
 2018-05-11 13:30:32 +10:00
Blake Erickson bd352a17bf FIX: Show a json api response when deleting a user with posts 
A 500 error was actually caused with no response when using the api, so
it wasn't very clear that you need to delete the posts first when using
the api.
 2018-05-10 13:04:36 -06:00
Guo Xiang Tan bbc85258c9 Rename `display_plugins` -> `visible_plugins`. 2018-05-09 07:52:45 +08:00
Arpit Jalan 83245aa508 FIX: better handling of invite links after they are redeemed 
FIX: deprecate invite_passthrough_hours setting
 2018-05-08 20:17:57 +05:30
Guo Xiang Tan c6f45fcfdb Expose an API for plugins to be hidden on the admin plugin page. 2018-05-08 13:24:58 +08:00
Arpit Jalan 3a6e137e70 FIX: add context for deactivated user logs 2018-05-08 08:18:04 +05:30
Misaka 0x4e21 ff6be3c2e3 FEATURE: add profile_background fields into SSO (#5701) 
Add profile_background and card_background fields into Discourse SSO.
 2018-05-07 10:03:26 +02:00
Guo Xiang Tan aa0d32231c FIX: Incorrect query when removing a group owner. 
https://meta.discourse.org/t/group-rename-and-group-owners-removal-problems/85596
 2018-05-07 13:57:00 +08:00
Jeff Wong 91b31860a1
Feature: Push notifications for Android (#5792) 
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
 2018-05-04 15:31:48 -07:00
Neil Lalonde a0447b47e0 UX: when deleting a user, show a modal indicating that the delete is happening. User hijack so requests don't time out. 2018-05-03 16:18:19 -04:00
Joffrey JAFFEUX 980972182f
dashboard next: caching, mobile support and new charts 2018-05-03 15:41:41 +02:00
Neil Lalonde bd77795d7a REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-26 13:25:24 -04:00
Robin Ward a5172a37e0 Allow staff members to enable safe mode, even if disabled 2018-04-25 11:49:57 -04:00
Gerhard Schlager ed4c0c4a63 FEATURE: Add option to delete all replies of flagged post 2018-04-24 11:08:05 -04:00
Sam 146a6c3592 FIX: exclude topics from latest in /categories on refresh 
When you hit refresh on categories page it would not supress correctly
 2018-04-24 11:07:26 -04:00
Robin Ward fd14ee4797 FEATURE: Allow safe mode to be disabled 2018-04-24 11:03:33 -04:00
Sam 54d153068a DEV: remove qunit rails fork and add a couple of async tests 2018-04-23 16:42:40 +10:00
Guo Xiang Tan 70d181bff8 FIX: Better error message in `GroupsController#add_members`. 
https://meta.discourse.org/t/cant-add-members-to-a-group/85738?u=tgxworld
 2018-04-20 10:28:52 +08:00
Rafael dos Santos Silva 9014ca4624 FEATURE: Enable the Web Share Target API 
This will allow a Discourse instance that was installed[1] to receive share events.

See https://wicg.github.io/web-share-target/ for the spec.

1: https://developers.google.com/web/fundamentals/app-install-banners/
 2018-04-19 17:00:05 -03:00
Arpit Jalan 91bf10bd12 FIX: create upload record for exported csv files 2018-04-20 00:27:49 +05:30
Joffrey JAFFEUX 0e414d0890
dashboard next: trending search report 
This commit also improves how data is loaded sync and async
 2018-04-19 18:19:21 +02:00
Joffrey JAFFEUX 01c061d20d
dashboard next: perf and UI tweaks 
* cache CORE reports
* adds backups/uploads section
* few css tweaks
 2018-04-18 21:30:41 +02:00
Robin Ward 3d7dbdedc0 FEATURE: An API to help sites build robots.txt files programatically 
This is mainly useful for subfolder sites, who need to expose their
robots.txt contents to a parent site.
 2018-04-16 15:43:20 -04:00
Arpit Jalan 9353ae4b5d Remove obsolete per topic unsubscribe page. 2018-04-16 16:11:20 +05:30
Joffrey JAFFEUX 0e15a575f4
EXPERIMENTAL: new dashboard UI 
This is the first iteration of an effort towards making a very good dashboard.

Until we feel confident this is good, this dashboard will only be accessible through /admin/dashboard_next
 2018-04-16 10:42:06 +02:00
Arpit Jalan a1ef455c78 SECURITY: do not show private topic title on /unsubscribed page 2018-04-16 10:35:57 +05:30
Arpit Jalan a8a12eb2d9 SECURITY: do not disclose topic titles on /unsubscribed page to unauthorized users 2018-04-15 18:01:58 +05:30
Arpit Jalan 18f50ca01a FIX: parameterize tag_id 2018-04-14 16:42:53 +05:30
Sam 3632b8d8d6 FEATURE: provide extra signal about content age to crawlers 
Adds Last-Modified field to help teach crawlers not to crawl old content
 2018-04-13 14:58:33 +10:00
Régis Hanol df7970a6f6 prefix the robots.txt rules with the directory when using subfolder 2018-04-11 22:05:02 +02:00
Arpit Jalan 9ca6ebe8fe FEATURE: enforce tagging on categories 2018-04-11 07:15:24 +05:30
Arpit Jalan 3a86a2588c FIX: bulk append/replace tags was not working 2018-04-10 13:01:03 +05:30
Sam 5925a581db array is not supported here, use a simple comma delimited list 2018-04-10 14:37:10 +10:00
Guo Xiang Tan d9d86577ff FIX: Staff users are not affected by `enable_group_directory` site setting. 2018-04-10 09:22:01 +08:00
Guo Xiang Tan c82b2dcc24 Remove admin group management pages. 2018-04-09 15:14:50 +08:00