discourse/lib
Martin Brennan 7c32411881
FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664)
### General Changes and Duplication

* We now consider a post `with_secure_media?` if it is in a read-restricted category.
* When uploading we now set an upload's secure status straight away.
* When uploading if `SiteSetting.secure_media` is enabled, we do not check to see if the upload already exists using the `sha1` digest of the upload. The `sha1` column of the upload is filled with a `SecureRandom.hex(20)` value which is the same length as `Upload::SHA1_LENGTH`. The `original_sha1` column is filled with the _real_ sha1 digest of the file. 
* Whether an upload `should_be_secure?` is now determined by whether the `access_control_post` is `with_secure_media?` (if there is no access control post then we leave the secure status as is).
* When serializing the upload, we now cook the URL if the upload is secure. This is so it shows up correctly in the composer preview, because we set secure status on upload.

### Viewing Secure Media

* The secure-media-upload URL will take the post that the upload is attached to into account via `Guardian.can_see?` for access permissions
* If there is no `access_control_post` then we just deliver the media. This should be a rare occurrance and shouldn't cause issues as the `access_control_post` is set when `link_post_uploads` is called via `CookedPostProcessor`

### Removed

We no longer do any of these because we do not reuse uploads by sha1 if secure media is enabled.

* We no longer have a way to prevent cross-posting of a secure upload from a private context to a public context.
* We no longer have to set `secure: false` for uploads when uploading for a theme component.
2020-01-16 13:50:27 +10:00
..
active_record/connection_adapters FIX: Race-condition in fallback handlers (#8005) 2019-08-21 15:47:44 +02:00
auth FEATURE: Hash API keys in the database (#8438) 2019-12-12 11:45:00 +00:00
autospec DEV: Remove use of `cd` in the app (#8337) 2019-11-13 09:57:39 +00:00
backup_restore DEV: Less hacky way of rolling back DB changes 2020-01-15 23:37:42 +01:00
common_passwords DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
compression FIX: Decompressing lots of small files triggered error 2020-01-09 15:11:31 +01:00
content_security_policy DEV: Allow CSP to be enabled during QUnit tests (#8668) 2020-01-07 12:22:58 +00:00
demon DEV: Sidekiq::Logging is gone use Sidekiq.logger instead 2019-12-10 15:09:51 +11:00
email DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
emoji DEV: supports unicorn emoji 13.0beta (#8402) 2019-11-25 10:23:18 +01:00
es6_module_transpiler REFACTOR: Deprecate `Discourse.Site` and `Discourse.User` 2019-11-12 10:53:22 -05:00
file_store FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
freedom_patches DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
generators REFACTOR: Remove `Ember.Controller` in favor of import 2019-10-23 13:06:54 -04:00
guardian FEATURE: Featured topic for user profile & card (#8461) 2019-12-09 11:15:47 -08:00
highlight_js DEV: already defined constant 'HIGHLIGHTJS_DIR' 2019-01-21 10:12:23 +01:00
i18n DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
import DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export FEATURE: remove support for 'suppress_from_latest' category setting. (#8308) 2019-11-18 12:28:35 +05:30
javascripts FEATURE: Add Belarusian language 2019-07-04 11:37:37 +02:00
middleware FIX: avoid superflous logging when mime type is bad 2020-01-02 12:34:38 +11:00
migration REFACTOR: Restoring of backups and migration of uploads to S3 2020-01-14 11:41:35 +01:00
onebox DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
plugin DEV: Improve support for extending flags. (#8619) 2019-12-27 08:41:50 -03:00
pretty_text FEATURE: Add support for secure media (#7888) 2019-11-18 11:25:42 +10:00
rate_limiter DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable Improve spam_hosts copy (#8203) 2019-10-18 09:31:15 -07:00
scheduler FEATURE: log long running jobs in the defer queue 2018-10-12 17:03:47 +11:00
search FIX: skip invalid URLs when checking for audio/video in search blurbs 2019-11-06 10:32:15 -05:00
seed_data FIX: Consistently handle category param 2019-05-27 16:39:56 +08:00
sidekiq DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
site_settings FIX: Skip validation on enforcing second factor change if the value is "no" 2019-12-06 16:42:15 -08:00
stylesheet DEV: watch for changes to plugin mobile/desktop SCSS 2020-01-08 13:25:36 -05:00
svg_sprite UX: New bell icons for notification/tracking statuses 2019-12-19 14:39:29 -05:00
tasks FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
theme_store FIX: Allow importing themes with subdirectories in extra_js 2019-11-13 23:45:09 +00:00
turbo_tests FIX: Migration paths were being forgotten 2019-12-16 14:13:47 -05:00
validators FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
webauthn SECURITY: 2FA with U2F / TOTP 2020-01-15 11:27:12 +01:00
wizard FIX: When running the wizard and using a custom theme, fallback to the color_scheme name if the base_scheme_id is nil (#8236) 2019-10-25 09:29:51 -03:00
admin_confirmation.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
admin_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
admin_user_index_query.rb FEATURE: improve suspect user discovery 2019-12-02 16:39:28 +05:30
age_words.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
archetype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
auth.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
avatar_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
backup_restore.rb REFACTOR: Restoring of backups and migration of uploads to S3 2020-01-14 11:41:35 +01:00
badge_posts_view_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge_queries.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
base62.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
browser_detection.rb FIX: Detect DiscourseHub user agent. 2019-08-09 11:58:15 +03:00
cache.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
canonical_url.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_badge.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
comment_migration.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_finder.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
configurable_urls.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_buffer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_security_policy.rb DEV: Remove unsafe-eval from development CSP (#8569) 2019-12-30 12:17:12 +00:00
cooked_post_processor.rb FIX: Remove full nested quotes on direct reply (#8581) 2019-12-20 10:24:34 +02:00
crawler_detection.rb FIX: use crawler layout when saving url in Wayback Machine (#7667) 2019-06-03 12:13:32 +10:00
csrf_token_verifier.rb DEV: Provide method for auth plugins to generate a CSRF token 2019-08-13 01:13:08 +01:00
current_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_renderer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_setting_providers.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
db_helper.rb FIX: Clear banner topic cache after remapping 2019-08-15 11:24:20 +01:00
directory_helper.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse.rb FIX: Use CDN for the `discourse-internet-explorer` 2020-01-10 15:06:55 -05:00
discourse_cookie_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_diff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
discourse_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_hub.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse_iife.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_ip_info.rb FIX: MaxMind DB file not downloading correctly 2020-01-05 22:08:13 +11:00
discourse_logstash_logger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_plugin.rb DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
discourse_plugin_registry.rb FIX: properly load desktop and mobile only plugin css assets. 2019-08-22 08:39:10 +05:30
discourse_redis.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse_tagging.rb FIX: prevents crash in discourse_tagging with empty term (#8548) 2019-12-17 10:55:06 +01:00
discourse_updates.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
disk_space.rb FIX: parallel spec system needs a dedicated upload folder for each worker. (#8547) 2019-12-18 11:21:57 +05:30
distributed_cache.rb REFACTOR: distributed_cache is moved to the message_bus gem 2018-10-15 15:01:45 -04:00
distributed_memoizer.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
distributed_mutex.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
edit_rate_limiter.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_backup_token.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
email_cook.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_updater.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
encodings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
excerpt_parser.rb DEV: Add option to keep quoted content in post excerpt. 2020-01-04 18:56:52 +05:30
feed_element_installer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
feed_item_accessor.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
file_helper.rb FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
filter_best_posts.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
final_destination.rb FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
flag_query.rb DEV: Remove FlagQuery class and old code (#8064) 2019-09-12 13:21:33 -03:00
flag_settings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
gaps.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_path.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
guardian.rb FIX: group membership leak 2020-01-15 11:21:58 +01:00
has_errors.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
headless-ember.js JSHint headless-ember 2014-03-11 03:18:57 -04:00
hijack.rb Take 2 of 0f5161af19. 2019-04-29 16:41:35 +08:00
homepage_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
html_prettify.rb Revert "FEATURE: Use configured quotation marks in fancy topic title" 2019-07-18 11:55:49 +02:00
html_to_markdown.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
image_sizer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export.rb DEV: clean up dependencies in spec 2019-10-02 14:50:54 +10:00
inline_oneboxer.rb DEV: use Discourse.cache over Rails.cache 2019-11-27 12:36:19 +11:00
introduction_updater.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
ip_addr.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
js_locale_helper.rb FEATURE: Load translation overrides without JS `eval` 2019-11-05 19:16:38 +01:00
json_error.rb FIX: Fix build. 2019-05-22 17:39:44 +03:00
letter_avatar.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
markdown_linker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mem_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
message_bus_diags.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
method_profiler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mini_sql_multisite_connection.rb DEV: remove deprecated syntax 2019-11-11 09:36:40 +11:00
mobile_detection.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_post_manager.rb FIX: first post true if user creates topic first (#8139) 2019-10-02 15:51:40 -04:00
new_post_result.rb Support for custom messages and redirects when creating posts (#8434) 2019-11-29 09:30:54 -05:00
notification_levels.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
oneboxer.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
onpdiff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
pbkdf2.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
permalink_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
pinned_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plain_text_to_markdown.rb FIX: use URI.regexp to find URLs in plain text 2019-06-07 01:26:06 +02:00
plugin_gem.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_initialization_guard.rb DEV: Add a plugin incompatibility message (#8151) 2019-10-06 20:47:33 +02:00
post_action_creator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_destroyer.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_result.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_creator.rb FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
post_destroyer.rb FEATURE: Featured topic for user profile & card (#8461) 2019-12-09 11:15:47 -08:00
post_jobs_enqueuer.rb FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025) 2019-08-27 09:09:00 -03:00
post_locker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_merger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_revisor.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
pretty_text.rb FIX: Respect `enable_inline_emoji_translation` setting in titles 2019-12-03 20:39:11 +01:00
primary_group_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
promotion.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
quote_comparer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rake_helpers.rb FEATURE: Add support for secure media (#7888) 2019-11-18 11:25:42 +10:00
rate_limiter.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
read_only_header.rb DEV: rename ReadOnly module to ReadOnlyHeader 2019-05-06 16:07:49 +02:00
retrieve_title.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
route_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rtl.rb Check site default locale if Rtl class is initialized without a user (#8417) 2019-11-26 15:01:37 -05:00
s3_helper.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
s3_inventory.rb FIX: parallel spec system needs a dedicated upload folder for each worker. (#8547) 2019-12-18 11:21:57 +05:30
score_calculator.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
screening_model.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search.rb FEATURE: Modal for profile featured topic & admin wrench refactor (#8545) 2019-12-16 08:41:34 -08:00
secure_session.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
single_sign_on.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
single_sign_on_provider.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
site_icon_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting_extension.rb DEV: use Discourse.cache over Rails.cache 2019-11-27 12:36:19 +11:00
slug.rb FIX: If a prettified slug is a number, return defaultt (#8554) 2019-12-17 10:34:20 +10:00
socket_server.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
source_url.rb DEV: Remove unsafe-eval from development CSP (#8569) 2019-12-30 12:17:12 +00:00
spam_handler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
sql_builder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
staff_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
staff_message_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
suggested_topics_builder.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
system_message.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
text_cleaner.rb FEATURE: English locale with international date formats 2019-05-20 13:47:20 +02:00
text_sentinel.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_javascript_compiler.rb FIX: Allow theme translations to be accessed in initializers (#8285) 2019-11-05 11:54:12 +00:00
theme_settings_manager.rb FEATURE: Load theme setting descriptions from theme locale files 2019-05-31 14:49:59 +01:00
theme_settings_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
timeline_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_creator.rb FEATURE: categories can require topics have a tag from a tag group 2019-10-31 16:10:19 -04:00
topic_list_responder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_publisher.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_query.rb FIX: topic_tracking_state when mute_all_categories_by_default is enabled 2020-01-06 18:22:42 +00:00
topic_query_params.rb FEATURE: Embed topics list on remote sites via Javascript API. (#8008) 2019-08-15 13:41:06 -04:00
topic_query_sql.rb DEV: Rails 5.2 upgrade and global gem upgrade 2018-06-07 14:21:33 +10:00
topic_retriever.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
topic_subtype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_view.rb UX: Do not use avatars as fallback opengraph images for replies (#8605) 2019-12-20 13:17:14 +00:00
topics_bulk_action.rb FIX: Unread topics not clearing when whisper is last post (#8271) 2019-11-01 09:19:43 +10:00
trust_level.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
turbo_tests.rb FIX: Made turbo_rspec display errors in shared groups correctly 2019-08-29 12:41:14 +01:00
twitter_api.rb Fix DiscourseCops/NoURIEscapeEncode errors and re-enable 2019-12-12 14:54:26 +10:00
unread.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
upload_creator.rb FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
upload_fixer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload_markdown.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
upload_recovery.rb FEATURE: allow UploadRecovery to be run on a single post (#8094) 2019-10-02 14:57:36 +10:00
upload_security.rb FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
url_helper.rb FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
user_name_suggester.rb DEV: correct a few Ruby 2.7 deprecations 2019-11-28 13:13:29 +11:00
version.rb Version bump to v2.4.0.beta9 2019-12-19 14:07:24 -05:00
webauthn.rb SECURITY: Improve second factor auth logic 2020-01-10 10:45:56 +10:00
wizard.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00