Commit Graph

286 Commits

Author SHA1 Message Date
Sam c07d76677d Merge pull request #2701 from riking/email-pr-ssl
Rename POP3 settings, fix multisite SSL state leak
2014-08-29 10:02:05 +10:00
Neil Lalonde 14890a6002 FEATURE: add a way to map arbitrary urls to a topic, post, or category. Useful for sites that have migrated to Discourse and want to redirect from their old site to Discourse with 301 redirects. 2014-08-28 15:58:24 -04:00
riking 6d357c9c23 Rename pop3s settings to pop3, remove 'insecure' 2014-08-26 17:03:58 -07:00
Akshay b4e38e5646 updated checks of environment with Rails.env by Rails.env methods 2014-08-18 15:36:47 +05:30
Scott Walkinshaw 7e2aa5acfb Move discourse_plugin to lib 2014-07-23 00:03:48 -04:00
Neil Lalonde 939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Sam 6019e3f257 FIX: remove hardcoding from middleware stack so we can control it 2014-07-10 17:01:21 +10:00
Sam 5032c96486 FIX: disable x accl redirect for CDN assets
We need to keep headers in tact
2014-07-10 16:32:46 +10:00
Sam 103e2ebba9 FIX: properly support sendfile on all routes
FIX: disable unused etags
2014-07-10 15:18:51 +10:00
Régis Hanol 6b45b635f8 FIX: properly whitelist <code> classes needed for syntax highlighting 2014-07-09 16:27:47 +02:00
Sam 724b36fe0d We need pry in development 2014-05-27 10:08:03 +10:00
Sam 1aa200788c Monkey patching, not required. 2014-05-14 10:20:23 +10:00
Robin Ward c3ccc3e309 Transpile ES6 even without node, just using rubyracer 2014-05-08 11:35:33 -04:00
Sam 0334179c6e give logster its own redis connection 2014-05-08 06:52:59 +10:00
Sam 4af0aa9cbc logster integration (in production as well) 2014-05-07 08:24:15 +10:00
Sam 692f099807 Remove uneeded hack 2014-05-07 08:24:15 +10:00
Vikhyat Korrapati 33307a50b3 Get rid of plugins.css, inject it using DiscourseSassImporter. 2014-04-09 19:42:43 +05:30
Benjamin Kampmann d22df7731d Allow plugins to ship custom styles only for mobile
- adds another :mobile-flag to register_assets
- adds test for plugin registering of assets
- load plugins when on desktop and plugins_mobile when on mobile
2014-04-07 16:33:35 +02:00
Sam bd7d1e62f6 BUGFIX: we need to precompile plugins.css ... otherwise there be dragons 2014-04-02 11:58:02 +11:00
Robin Ward b0a130db86 Precompile break_string 2014-03-20 14:50:34 -04:00
Stephan Kaag f12925887c Drop Rails3 support 2014-02-17 19:42:08 +01:00
Vikhyat Korrapati 6acc5c19e7 Use LOAD_PLUGINS=1 instead of LOAD_PLUGINS=true for consistency. 2014-02-05 10:50:28 +05:30
Vikhyat Korrapati 102352e205 Add rake task for running plugin tests. 2014-02-02 01:52:53 +05:30
Sam abe814412e Source DB config more cleanly, fixes issues with socket in prd 2014-01-15 12:08:35 +11:00
Régis Hanol 8d73b7f94d BUGFIX: hide sensitive site settings 2014-01-06 13:03:53 +01:00
Sam b703d8c77a BUGFIX: redis-rails has always been a problem child
implemented an ActiveSupport::Cache::Store for our internal use.
* allows for expire by family
* works correctly in multisite
* namespaced correctly

Removed redis-rails from the project, no longer needed
2014-01-06 16:50:04 +11:00
Robin Ward cab6a3f339 Don't forget to precompile the embed css 2013-12-31 18:12:07 -05:00
Sam d150bc20cf no need to remove what is not there 2013-12-31 15:12:07 +11:00
Sam b67a3a85dd split js with vendor/application
avoid one huge js bundle and instead break it down
to application and vendor (3rd party) our app changes
a lot, vendor changes a lot less
2013-12-23 10:32:07 +11:00
Sam 7b8d2547d0 globals now implemented and documented 2013-12-20 16:17:21 +11:00
Neil Lalonde c91d1624cf Oops, add browser-update to config.assets.precompile 2013-11-27 14:41:35 -05:00
Sam 7603faa20d add rbtrace for production tracing 2013-11-20 10:10:12 +11:00
Régis Hanol 291acca4fa autoload server/client locales in plugins 2013-11-19 16:42:28 +01:00
Régis Hanol a01b423263 remove empty plugin.rb file 2013-11-13 16:14:22 +01:00
Sam e5202b19c0 fix for emoji precompile 2013-11-06 22:39:28 +11:00
Neil Lalonde adba0c2996 Avoid deprecation warning about whitelist_attributes in rails 4 2013-11-05 15:47:43 -05:00
Sam da62a10b77 work around regression in ruby head 2013-10-28 15:13:10 +11:00
Sam 28a0cb494a rails 4 upgrade
rack lock is trouble, nuke it out of orbit
more aggressive suicide for forked sidekiq
2013-10-10 14:23:24 +11:00
Robin Ward be0ce08cc2 Ember Upgrade: 1.0 2013-10-01 11:16:27 -04:00
Sam f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Sam 6af1e12cc1 after_initialize callback for plugins 2013-09-17 10:24:15 +10:00
Sam 6ca6853392 disable XML params, they are just used by malicious bots to determine if we have XML vuls. 2013-09-16 12:58:26 +10:00
Neil Lalonde eb0442159c Precompile the new css files 2013-09-05 17:31:19 -04:00
Sam 818bf1355d PluginStore for plugin specific bits of storage
Amended plugin interfaces so they work with the vk sample
2013-08-26 12:59:17 +10:00
Sam 213ce33af2 Fixed all broken specs
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Stephan Kaag a6b4b5dbf2 Replace Clockwork with Sidetiq 2013-08-14 21:39:40 +02:00
Robin Ward 4a0ea7f776 Upgrade jQuery to 2.0.3 2013-08-01 11:58:22 -04:00
Sam 160107a712 working plugin interface for custom openid auth, custom css and custom js 2013-08-01 16:02:43 +10:00
Doug Alcorn 35a2bb7919 Parameterize the PBKDF2 algorithm in application config
http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
2013-07-22 21:36:01 -04:00
Sam 9e4b0df7ff 69 specs fail in rails 4 now ...not too bad 2013-07-22 15:07:20 +10:00
Robin Ward d466d11e71 Ember RC6 update 2013-07-16 10:35:18 -04:00
Sam 21bfb64a28 added EMBED_CLOCKWORK so users can embed clockwork scheduling inside another process 2013-07-09 11:01:51 +10:00
Robin Ward ad6705cca7 Update Ember to latest master (RC5) 2013-06-10 10:14:42 -04:00
Ian Christian Myers 0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Robin Ward a3d62fdf69 Temporarily roll back ember rc5. We identified some things we need to fix. 2013-06-06 01:25:43 -04:00
Robin Ward a0bd51862e Upgrade Ember to RC5. Disabled a deprecation warning that I believe is in error. 2013-06-05 12:07:18 -04:00
Sam 8874c9ea75 Add message format support that can be used on complex localization strings
Add message about new and unread topics at the bottom of topics
move localization helper into lib
2013-05-30 16:49:57 +10:00
Matt Van Horn 806255b3c4 refactor Topic validation
introduce a couple of custom validators
fix minor discrepancies in tests
copy I18n error message keys to default location
clean up validation invocation
move some responsibilities out of validator into class
2013-05-22 22:31:52 -07:00
Sam e9ebadb414 Nuke message_bus_observer move to service class and classes
Secure all messages triggered by post creation and all user actions so they don't leak
(meaning, if you have a browser open and secure topics are created you will only get them if you are allowed to see them)
2013-05-16 15:03:16 +10:00
Sam a613347100 this warning is getting in the way of my presentation 2013-05-14 15:20:28 +10:00
David Celis eb8cbaa91b Allow clockwork to be run using the daemons gem
Clockwork ships with a helpful clockworkd executable, which uses the
daemons gem to daemonize clockwork. This provides an easy way to
start/stop/restart a deamonized clockwork process when deploying to
production servers manually. However, the daemons gem unfortunately does
funky things to the working directory that was preventing the
application from booting. Changing this `require` line to using
`require_relative` solves the issue and makes Discourse easier for Rails
devs to deploy to their own VPSes using, say, Capistrano.

Signed-off-by: David Celis <me@davidcel.is>
2013-05-01 14:10:51 -07:00
Sam 56a6c96f38 same as previous commit, but with more force 2013-04-29 17:11:20 +10:00
Sam f44fe3e689 dear smoke test, I love you, thanks ... the management 2013-04-29 16:52:56 +10:00
Régis Hanol ede9d2a0a8 show diff in post history view 2013-04-29 03:20:51 +02:00
Sam 850b042cab introduce rack:cache as a default, so users don't need to configure apache or nginx
under rack cache we are able to serve 620reqs a second per thin (on my machine) before it 12 (on my machine)

reorganised so mini profilers can be cleanly disabled from config file

added caching for categories index

move production.rb to production.sample.rb
2013-04-11 16:24:21 +10:00
Karan Misra 5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
Sam 1c8eef7dbd added basic passenger support, no long polling but functions
clean up initializers so they are ordered properly
2013-03-11 05:33:20 -07:00
Sam 22a4580df5 added profile environment for perftools profiling (1.9.3 only) 2013-03-10 17:21:56 -07:00
tangramor c5761eae8a Support for Simplified Chinese thanks to tangramor 2013-03-08 11:56:17 -05:00
Robin Ward 04f0105daf Fix locale path for precompiling assets 2013-02-28 15:06:04 -05:00
Robin Ward 628927a79f Added Site Setting to change locale. 2013-02-28 14:34:38 -05:00
Robin Ward 88267429c5 Remove fastclick for now -- we saw some regressions on iPad and want to make sure they weren't caused by
it.
2013-02-26 10:47:23 -05:00
Gosha Arinich cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Sam Saffron b9f3666f5a fast click instead of hacky double event binding 2013-02-25 11:11:46 +11:00
Sam Saffron a02414410f amazing the amount of damage a missing .js extension can cause 2013-02-20 17:17:05 +11:00
Sam Saffron 15c5f5b840 grrrrr asset pipeline hates me 2013-02-20 17:00:24 +11:00
Sam Saffron 0c085059c9 added sane sanitizer (Google Cajole) that is much more robust than old one ... yay for smilies
added sane way to do $LAB includes - pattern to be expanded
people keep on messing structure.sql
2013-02-20 16:11:56 +11:00
Sam Saffron 0e48e1c346 clean up git version stuff a tad 2013-02-18 18:01:36 +11:00
Sam Saffron 87b929eac6 added secret token warning in prd
added task to stamp builds
2013-02-18 17:34:43 +11:00
Sam Saffron 374820ae8b not required there, if anything should go in the initializer 2013-02-11 15:13:40 +11:00
Sam Saffron e925d53463 disable diags for now 2013-02-08 22:35:35 +11:00
Sam Saffron d3f911cc4c Revert "Something here is messed up Revert "message bus fixes and diagnostics""
This reverts commit f3c6144e3b.
2013-02-08 22:03:45 +11:00
Sam Saffron f3c6144e3b Something here is messed up Revert "message bus fixes and diagnostics"
This reverts commit 36d1aafe1e.
2013-02-08 21:39:38 +11:00
Sam Saffron 36d1aafe1e message bus fixes and diagnostics 2013-02-08 19:13:36 +11:00
Sam Saffron f79f0e740a Don't allow users to double flag stuff
Correct seed fu to match model
2013-02-07 10:45:58 +11:00
Robin Ward 21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00