Commit Graph

906 Commits

Author SHA1 Message Date
Arpit Jalan 431aa79bb3 Merge pull request #4587 from techAPJ/invite-upload
FIX: simplify CSV file upload
2016-12-05 14:30:13 +05:30
Arpit Jalan ce974da9e5 FIX: simplify CSV file upload 2016-12-05 14:09:08 +05:30
Guo Xiang Tan 31acd311e5 FEATURE: Allow group owners to edit group name and avatar flair. 2016-12-05 14:27:46 +08:00
Guo Xiang Tan b45fd21ed9 FIX: Clean up specs. 2016-12-05 13:37:33 +08:00
Sam dc66f6681a add spec for brotli controller, ensure cached correctly 2016-12-05 16:08:36 +11:00
Neil Lalonde dafd1453d6 FIX: topic list filters for bookmarked, posted, and read now work with tag filter 2016-12-02 15:58:14 -05:00
Guo Xiang Tan bc0a8142fe PERF: Only show members count on group page. 2016-12-02 16:28:54 +08:00
Sam b8dc58be90 got to be careful with integrity specs 2016-11-29 18:01:09 +11:00
Sam 266322ce2e FEATURE: add help text for no bookmarks in user page 2016-11-29 17:56:00 +11:00
Guo Xiang Tan 5794f1619d PERF: Fix N+1 queries when loading groups. 2016-11-26 02:20:26 +08:00
Sam 88a46be051 FEATURE: display text excerpts when scrolling on mobile 2016-11-25 11:35:29 +11:00
Sam bfd0418f07 added a test for safe mode 2016-11-23 13:31:05 +11:00
Robin Ward 32a8d5ed1f Merge pull request #4550 from cpradio/cannot-see-mention
FEATURE: Notify user when mention can't see the reply they were mentioned in
2016-11-15 16:40:47 -05:00
Sam 63d9d4f301 FIX: properly specify default on no cache on all resources 2016-11-15 17:00:44 +11:00
cpradio 824c235760 FEATURE: Notify user when mention can't see the reply they were mentioned in
FIX: Group Mention Notifications
2016-11-14 22:03:16 -05:00
Neil Lalonde 764a572070 FIX: when subcategories with the same name exist, filtering by tags might use the wrong subcategory 2016-11-02 15:29:33 -04:00
Régis Hanol 71f940d478 FIX: use metadata to hold the message_id with sparkpost 2016-10-27 19:35:50 +02:00
Régis Hanol 81e2a0099f FIX: ensure the group 'everyone' is never shown when using a different locale 2016-10-24 10:53:31 +02:00
Guo Xiang Tan ee9946388c Merge pull request #4507 from ming-relax/feat-delete-by-email
Remove user from a group by user email
2016-10-24 11:28:27 +08:00
Ming HU 7803a06e50 Use expect change for groups_controller_spec.rb 2016-10-24 10:32:21 +08:00
Robin Ward 19e2eec219 Allow step 0 to resend the confirmation email 2016-10-21 11:34:19 -04:00
Robin Ward c03d25f170 FEATURE: Configure Admin Account
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.

Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Ming HU dffd8baa91 Remove user from a group by user email 2016-10-18 17:10:47 +08:00
Régis Hanol 3949c24f80 FIX: sparkpost webhooks support 2016-10-17 11:26:49 +02:00
Sam f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Régis Hanol ddcc084d22 Revert "FEATURE: Use the top period default for users who have been inactive or are new" 2016-10-11 17:56:46 +02:00
cpradio 2de50a616d FEATURE: Use the top period default for users who have been inactive or are new 2016-10-11 09:55:15 -04:00
Sam 6031e692f0 Merge pull request #4366 from xfalcox/print
Print Support
2016-10-11 11:47:20 +11:00
Sam 3e513f5c05 Merge pull request #4459 from vibol/master
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Guo Xiang Tan 1302db2683 Skip randomly failing test first. 2016-10-01 05:14:35 +08:00
Robin Ward f62d01ff1b FIX: Clear the session after a reset token was used 2016-09-30 12:20:23 -04:00
Guo Xiang Tan cde18834f8 Fix randomly failing spec. 2016-09-30 05:18:54 +08:00
Vibol Hou c3d60d5d1d Merge remote-tracking branch 'upstream/master' 2016-09-29 02:12:05 -07:00
Guo Xiang Tan 72ccb4e11d FIX: Plugin "admin_js" translations bundle was not fetched. 2016-09-29 04:42:26 +08:00
Vibol Hou 34af73c7cb FEATURE: sparkpost webhook 2016-09-26 22:13:34 -07:00
Rafael dos Santos Silva 0229df4c73 Second review fixes 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva f96fffeb34 Add tests 2016-09-26 20:46:55 -03:00
Robin Ward 7f66cf618c FIX: You should be an admin to do the wizard 2016-09-22 11:12:51 -04:00
Robin Ward 29cf47cfb2 Track steps the user has completed, nag them to finish it. 2016-09-22 09:52:19 -04:00
Robin Ward ef84981e38 Invite Users step 2016-09-22 09:52:19 -04:00
Robin Ward 9f12b571ef Wizard: Server Side Validation + Finished Step 2016-09-22 09:52:19 -04:00
Robin Ward 3a4615c205 Wizard: Step 1 2016-09-22 09:48:58 -04:00
Robin Ward 0471ad393c Scaffold for new Wizard - Rails / Ember / Tests 2016-09-22 09:48:58 -04:00
Robin Ward 6070939daa Support for other i18n bundles 2016-09-22 09:48:58 -04:00
Guo Xiang Tan 9374e5d42d Revert "FIX: don't overwrite category's logo & background URLs"
This reverts commit 641b95f655.
2016-09-22 11:30:19 +08:00
Régis Hanol 641b95f655 FIX: don't overwrite category's logo & background URLs 2016-09-21 22:11:31 +02:00
Robin Ward 2766b2edc3 FIX: Allow redirection for slugs that start with digits 2016-09-19 13:31:19 -04:00
Erick Guan c463cf63d4 FEATURE: Webhook for user creation and approval 2016-09-19 10:12:55 +08:00
cpradio 0d2d8797b6 FIX: Backup validation wasn't escaping hyphens 2016-09-16 15:20:42 -04:00
Guo Xiang Tan a04dadf9b4 FIX: Randomly failing specs try 2. 2016-09-16 15:10:37 +08:00
Guo Xiang Tan 903d1dd326 FIX: Randomly failing specs. 2016-09-16 14:56:59 +08:00
Sam 75f3f7fcbd FEATURE: clean API method for reading a single notification 2016-09-16 16:14:15 +10:00
Guo Xiang Tan 512922d776 SECURITY: Add filename validation for backup uploads. 2016-09-16 11:58:14 +08:00
Robin Ward 2c9a47dda5 FIX: Validate the raw content of posts before enqueuing them 2016-09-12 12:26:49 -04:00
Sam 2d859ba0ed FIX: user api should always be available to staff 2016-09-12 15:42:06 +10:00
Robin Ward e78b7a243e FIX: Don't enqueue posts if the user can't create them (ex: closed) 2016-09-09 12:15:56 -04:00
Sam 1d281e02c7 id is optional if already specified in header 2016-09-02 17:08:46 +10:00
Sam be0fd5b4cc FEATURE: allow user api key revocation for read only keys 2016-09-02 17:04:00 +10:00
Erick Guan 0217973374
FIX: Importing user avatar when new user login by SSO 2016-08-29 20:47:19 +08:00
Neil Lalonde 2251104e32 FEATURE: avatar flair can be font awesome icons 2016-08-26 17:15:37 -04:00
Sam ca79c4b276 stop eating up push_urls 2016-08-26 13:23:06 +10:00
Sam fcdf13f52d add some more testing 2016-08-26 13:18:20 +10:00
Sam a37db9448f correctly return access rights in auth redirect 2016-08-26 13:12:38 +10:00
Neil Lalonde d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Sam a25a8115e8 FEATURE: support HEAD request to /user-api-key/new
This allows us to cleanly sniff to find if it exists
2016-08-17 09:58:19 +10:00
Sam 416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Neil Lalonde 3b792054f2 Merge pull request #4387 from gdpelican/feature/tags-intersection
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
James Kiesel 037e9bb7b8 Support any number of tag intersections 2016-08-15 15:30:17 -04:00
Sam fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
James Kiesel 7e73b933c7 First pass 2016-08-12 15:28:46 -04:00
Sam 7e4503dd99 FEATURE: basic info route for all sites, even ones that require login
This information is public in meta tags already on home page, providing a
route allows consumers to check it way more cheaply
2016-08-12 17:10:35 +10:00
Sam afaba56de3 FEATURE: missing API endpoint for topic tracking states 2016-08-12 17:10:35 +10:00
Robin Ward 429f27ec96 SECURITY: Avoid mass assignment on user create 2016-08-05 11:57:13 -04:00
Neil Lalonde 5f67cd7b45 FIX: tag input detects when a tag is not allowed and won't offer to create it anyway 2016-08-03 13:18:56 -04:00
Régis Hanol 681f566a66 FIX: staff members should be able to see raw email of deleted posts 2016-08-01 23:55:22 +02:00
Neil Lalonde 82e170d6a6 FIX: 404 when filtering by category, no sub-category, and a tag 2016-07-28 16:19:03 -04:00
Robin Ward 2f8ab8cd30 SECURITY: XSS in "Account Suspended" Messages and Badge Descriptions 2016-07-28 11:38:12 -04:00
Sam c6dbaca0dc SECURITY: disable user entered badge SQL by default
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Sam cb3afd11b4 SECURITY: limit route access when using external avatars 2016-07-28 09:00:43 +10:00
Arpit Jalan c626558d36 UX: group pages should not show Messages tab to unauthorised users (#4318) 2016-07-09 00:50:04 +05:30
Robin Ward 1eb64151f6 User interface for watching first post 2016-07-07 11:21:50 -04:00
Robin Ward ccf9b70671 When restoring a backup, disable emails.
This prevents accidental sending of emails after a restore before
the admin has had a chance to review everything.
2016-06-24 17:15:15 -04:00
Sam 8866169879 FEATURE: can invite/revoke groups on private messages 2016-06-20 16:29:27 +10:00
Sam dd1a184955 Correct mailing list mode unsubscribe 2016-06-17 11:57:23 +10:00
Sam 852860de66 FEATURE: simpler and friendlier unsubscribe workflow
- All unsubscribes go to the exact same page
- You may unsubscribe from watching a category on that page
- You no longer need to be logged in to unsubscribe from a topic
- Simplified footer on emails
2016-06-17 11:28:49 +10:00
Régis Hanol 49f8a2baa7 FEATURE: support for mandrill webhooks 2016-06-13 12:32:14 +02:00
Sam 3015030fe2 FIX: unlisted topics do not get "slug auto correct" logic 2016-06-10 10:53:26 +10:00
Régis Hanol 214e25f1b5 use proper 'Message-Id' field 2016-06-09 00:33:13 +02:00
Régis Hanol 3e3538d603 loosen security a bit on mailgun's webhook 2016-06-08 22:38:38 +02:00
Robin Ward 431179dd25 FEATURE: Prompt users when they are entering duplicate links 2016-06-07 14:47:22 -04:00
Robin Ward 6aaa484baa REFACTOR: Move composer messages to store 2016-06-07 14:47:22 -04:00
Jeff Atwood cc66bff730 we forgot to update the mailgun tests 2016-06-06 16:55:24 -07:00
Régis Hanol fe595f1653 FEATURE: mailjet webhook 2016-06-06 19:47:45 +02:00
Régis Hanol 9704603fab FEATURE: sendgrid webhooks 2016-06-01 21:48:06 +02:00
Régis Hanol 116efffdaa FEATURE: webhooks support for mailgun 2016-05-30 17:11:17 +02:00
Guo Xiang Tan cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
Arpit Jalan f387dfe226 FIX: mixed case group mentions were not getting highligted in composer 2016-05-22 18:32:49 +05:30
Robin Ward 49a6d0b789
FIX: Don't bother with negative offsets 2016-05-09 16:33:55 -04:00
Arpit Jalan 82daf93eb3 Merge pull request #4206 from techAPJ/convert-topic
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-04 01:33:15 +05:30
Robin Ward b061ba5c52
FIX: Broken spec. Stupid mocking. 2016-05-03 15:30:48 -04:00