discourse/lib
Roman Rizzi f13ec11c64
FEATURE: Add scopes to API keys (#9844)
* Added scopes UI

* Create scopes when creating a new API key

* Show scopes on the API key show route

* Apply scopes on API requests

* Extend scopes from plugins

* Add missing scopes. A mapping can be associated with multiple controller actions

* Only send scopes if the use global key option is disabled. Use the discourse plugin registry to add new scopes

* Add not null validations and index for api_key_id

* Annotate model

* DEV: Move default mappings to ApiKeyScope

* Remove unused attribute and improve UI for existing keys

* Support multiple parameters separated by a comma
2020-07-16 15:51:24 -03:00
..
auth FEATURE: Add scopes to API keys (#9844) 2020-07-16 15:51:24 -03:00
autospec DEV: adjust rake autospec to work with renamed es6 files 2020-03-31 14:40:58 +11:00
backup_restore FEATURE: Create SQL-only backup if there are no uploads 2020-07-07 16:23:47 +02:00
common_passwords DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
compression FIX: Decompressing lots of small files triggered error 2020-01-09 15:11:31 +01:00
content_security_policy FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
demon FEATURE: Implement support for IMAP and SMTP email protocols. (#8301) 2020-07-10 12:05:55 +03:00
email FEATURE: Implement support for IMAP and SMTP email protocols. (#8301) 2020-07-10 12:05:55 +03:00
emoji DEV: supports unicorn emoji 13.0beta (#8402) 2019-11-25 10:23:18 +01:00
file_store SECURITY: Add content-disposition: attachment for SVG uploads 2020-07-09 13:31:48 +10:00
freedom_patches DEV: correct some Ruby 2.7 deprecations 2020-07-16 17:43:20 +10:00
generators FIX plugin generator: mobile, desktop stylesheets registering (#9039) 2020-02-25 11:43:17 +01:00
guardian FEATURE: Allow group moderators to close/archive topics 2020-07-14 12:36:19 -04:00
highlight_js DEV: already defined constant 'HIGHLIGHTJS_DIR' 2019-01-21 10:12:23 +01:00
i18n Locale checks were disabled by mistake 2020-06-16 16:04:14 +02:00
imap FEATURE: Implement support for IMAP and SMTP email protocols. (#8301) 2020-07-10 12:05:55 +03:00
import DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export FEATURE: Include category position when exporting categories (#9658) 2020-05-07 12:17:15 +10:00
javascripts REFACTOR: removes unreachable statement (#9680) 2020-05-07 16:37:02 +02:00
middleware FIX: handle heroku style HTTP_X_REQUEST_START (#10087) 2020-06-19 10:17:24 -04:00
migration FIX: Allow post migrations using `#change` to carry out unsafe migration 2020-05-15 14:23:27 +08:00
onebox FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
plugin FEATURE: Add scopes to API keys (#9844) 2020-07-16 15:51:24 -03:00
pretty_text DEV: Merge category and tag hashtags code paths (#10216) 2020-07-13 19:13:17 +03:00
rate_limiter DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
scheduler FEATURE: log long running jobs in the defer queue 2018-10-12 17:03:47 +11:00
search FIX: Incorrect search blurb when advanced search filters are used take2 2020-07-14 11:50:40 +08:00
seed_data DEV: correct some Ruby 2.7 deprecations 2020-07-16 17:43:20 +10:00
sidekiq DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
site_settings FEATURE: Remove deprecated uploads url site settings. 2020-06-22 14:32:29 +08:00
stylesheet FEATURE: Support for publishing topics as pages (#9364) 2020-04-08 12:52:36 -04:00
svg_sprite DEV: Remove Google+ icon from sprite 2020-07-09 21:29:39 -04:00
tasks FIX: Silence route-recognizer source map errors in development mode 2020-07-15 15:42:04 -04:00
theme_store Support plugin and Theme compatibility version manifests (#9995) 2020-07-06 14:48:00 -07:00
turbo_tests DEV: Reduce size of begin-rescue region 2020-06-23 10:14:09 +01:00
validators FEATURE: sso_overrides_(email|username|name) for all auth methods 2020-07-06 10:18:45 +01:00
webauthn SECURITY: 2FA with U2F / TOTP 2020-01-15 11:27:12 +01:00
wizard FIX: Wizard was creating duplicate Light theme if Light was selected (#9464) 2020-04-20 08:31:43 -05:00
admin_confirmation.rb DEV: Upgrade Redis to 4.2.1. 2020-06-15 10:05:22 +08:00
admin_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
admin_user_index_query.rb DEV: Standardize table sorting verbiage (#9757) 2020-05-14 20:10:59 -06:00
age_words.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
archetype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
auth.rb DEV: Drop legacy OpenID 2.0 support (#8894) 2020-02-07 17:32:35 +00:00
avatar_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
backup_restore.rb FIX: Restoring backup from PG12 could fail on PG10 2020-06-16 16:04:14 +02:00
badge_posts_view_manager.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
badge_queries.rb FEATURE: multiple use invite links (#9813) 2020-06-09 20:49:32 +05:30
base62.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
bookmark_manager.rb FIX: Do not allow null options for bookmark manager 2020-05-08 15:24:59 +00:00
bookmark_query.rb FEATURE: Add search to user bookmark list (#10230) 2020-07-14 14:43:41 +10:00
bookmark_reminder_notification_handler.rb FEATURE: Optionally delete bookmark when reminder sent (#9637) 2020-05-07 13:37:39 +10:00
browser_detection.rb FIX: Detect DiscourseHub user agent. 2019-08-09 11:58:15 +03:00
cache.rb DEV: Upgrade Redis to 4.2.1. 2020-06-15 10:05:22 +08:00
canonical_url.rb FEATURE: default canonical URL (#9738) 2020-05-12 09:13:20 +10:00
category_badge.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
comment_migration.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_finder.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
configurable_urls.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_buffer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_security_policy.rb FIX: Allow CSP to work correctly for non-default hostnames/schemes (#9180) 2020-03-19 19:54:42 +00:00
cooked_post_processor.rb FIX: Don't strip `noopener` from oneboxes 2020-07-13 16:54:42 -04:00
crawler_detection.rb FIX: Detect Wayback Machine using user agent (#9777) 2020-05-14 21:10:07 +10:00
csrf_token_verifier.rb DEV: Provide method for auth plugins to generate a CSRF token 2019-08-13 01:13:08 +01:00
current_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_renderer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_setting_providers.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
db_helper.rb FEATURE: allows multiple custom emoji groups (#9308) 2020-03-30 20:16:10 +02:00
directory_helper.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse.rb DEV: Use a longer TTL for pg readonly mode. 2020-07-14 16:15:58 +08:00
discourse_cookie_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_diff.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
discourse_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_hub.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse_ip_info.rb FIX: MaxMind DB file not downloading correctly 2020-01-05 22:08:13 +11:00
discourse_js_processor.rb Revert "PERF: Move highlightjs to a background worker, and add result cache (#10191)" 2020-07-15 13:52:35 +01:00
discourse_logstash_logger.rb FIX: Use 'hostname' when Discourse.os_hostname is not available 2020-02-18 13:37:39 +02:00
discourse_plugin_registry.rb FEATURE: Add scopes to API keys (#9844) 2020-07-16 15:51:24 -03:00
discourse_redis.rb DEV: Use rails_failover gem for ActiveRecord and Redis failover handling 2020-06-15 15:47:07 +08:00
discourse_tagging.rb FIX: tag topic counts wrong after adding synonyms 2020-02-14 12:15:29 -05:00
discourse_updates.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
disk_space.rb FIX: correct upload statistics report for external storage 2020-02-20 15:15:53 +11:00
distributed_cache.rb REFACTOR: distributed_cache is moved to the message_bus gem 2018-10-15 15:01:45 -04:00
distributed_memoizer.rb DEV: Replace `Time.new` with `Time.now` (#9142) 2020-03-09 17:37:49 +01:00
distributed_mutex.rb FIX: Off-by-one error setting the distributed mutex key to expire 2020-02-03 14:54:50 +00:00
edit_rate_limiter.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_backup_token.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
email_cook.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_updater.rb FIX: : trigger `user_updated` event only if email changed after user creation. 2020-07-16 18:21:30 +05:30
encodings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
excerpt_parser.rb FIX: do not raise error if 'class' attribute is not found. 2020-05-01 10:03:40 +05:30
feed_element_installer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
feed_item_accessor.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
file_helper.rb SECURITY: Add content-disposition: attachment for SVG uploads 2020-07-09 13:31:48 +10:00
filter_best_posts.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
final_destination.rb FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
flag_query.rb DEV: Remove FlagQuery class and old code (#8064) 2019-09-12 13:21:33 -03:00
flag_settings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
gaps.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_path.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
guardian.rb FEATURE: Allow group moderators to close/archive topics 2020-07-14 12:36:19 -04:00
has_errors.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
hijack.rb Take 2 of 0f5161af19. 2019-04-29 16:41:35 +08:00
homepage_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
html_prettify.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
html_to_markdown.rb Revert "DEV: Add logging for stack level too deep exception in HtmlToMarkdown" 2020-07-09 13:41:33 +01:00
image_sizer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export.rb FEATURE: Rake task to export groups (#9450) 2020-04-17 14:59:54 -07:00
inline_oneboxer.rb FIX: properly invalidate inline oneboxes when rebaking 2020-06-24 11:54:54 +02:00
introduction_updater.rb FIX: replace default welcome topic post with new value from wizard 2020-04-01 15:42:45 -04:00
ip_addr.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
js_locale_helper.rb PERF: ensure we run full GC on contexts 2020-05-15 14:01:54 +10:00
json_error.rb FIX: Fix build. 2019-05-22 17:39:44 +03:00
letter_avatar.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
markdown_linker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mem_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
message_bus_diags.rb PERF: avoid shelling to get hostname aggressively 2020-02-18 15:13:19 +11:00
method_profiler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mini_sql_multisite_connection.rb DEV: Allow DB.after_commit to be used outside of a transaction 2020-05-04 09:42:41 +01:00
mobile_detection.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_post_manager.rb enqueue spam/dmarc failing emails instead of hiding (#8674) 2020-01-21 11:12:00 -05:00
new_post_result.rb Support for custom messages and redirects when creating posts (#8434) 2019-11-29 09:30:54 -05:00
notification_levels.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
oneboxer.rb Revert "DEV: Remove useless code (#10130)" 2020-06-29 13:56:28 +03:00
onpdiff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
pbkdf2.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
permalink_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
pinned_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plain_text_to_markdown.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
plugin_gem.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_initialization_guard.rb DEV: Print backtrace of error when plugin fails to initialize. 2020-06-09 10:25:43 +08:00
post_action_creator.rb FIX: prevent re-flagging when we have reviewed flags before (#10010) 2020-06-09 15:26:10 -07:00
post_action_destroyer.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_result.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_creator.rb FEATURE: Implement support for IMAP and SMTP email protocols. (#8301) 2020-07-10 12:05:55 +03:00
post_destroyer.rb FIX: Remove user_deleted when staff recovers post (#10245) 2020-07-16 09:15:01 -05:00
post_jobs_enqueuer.rb FIX: the muted message should be sent after edit (#9593) 2020-05-01 08:33:57 +10:00
post_locker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_merger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_revisor.rb FEATURE: Implement support for IMAP and SMTP email protocols. (#8301) 2020-07-10 12:05:55 +03:00
pretty_text.rb DEV: Move `Discourse.getURL` and related functions to a module (#9966) 2020-06-03 12:45:26 -04:00
primary_group_lookup.rb UX: use "icon-picker" & "image-uploader" fields to set group flair. (#9779) 2020-05-25 11:08:47 +05:30
promotion.rb FIX: Don't raise an exception if we can't update the user on demotion 2020-06-22 15:43:59 -04:00
quote_comparer.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
rake_helpers.rb Try fix upload_spec flakys and remove logging from tasks/uploads_spec 2020-02-18 15:08:58 +10:00
rate_limiter.rb FIX: Ignore Redis readonly errors in `RateLimiter#rollback!`. 2020-06-11 15:13:11 +08:00
read_only_header.rb DEV: rename ReadOnly module to ReadOnlyHeader 2019-05-06 16:07:49 +02:00
retrieve_title.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
route_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rtl.rb Check site default locale if Rtl class is initialized without a user (#8417) 2019-11-26 15:01:37 -05:00
s3_helper.rb FIX: Increase time of DOWNLOAD_URL_EXPIRES_AFTER_SECONDS to 5 minutes (#10160) 2020-07-03 13:42:36 +10:00
s3_inventory.rb DEV: Add timestamp columns to optimized_images table (#10199) 2020-07-14 11:50:33 +01:00
score_calculator.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
screening_model.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search.rb FIX: `in:title` search should only search through topic first posts. 2020-07-16 12:21:19 +08:00
secure_session.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
shrink_uploaded_image.rb FIX: Handle the case where upload goes missing during downsizing 2020-07-06 18:51:38 +02:00
single_sign_on.rb FEATURE: support SSO website and location overrides 2020-04-28 16:06:35 +10:00
single_sign_on_provider.rb FIX: Handle missing provider return sso url 2020-05-12 18:16:50 -06:00
site_icon_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting_extension.rb FEATURE: Filter settings by plugin (#9692) 2020-05-10 14:07:45 +03:00
slug.rb FIX: If a prettified slug is a number, return defaultt (#8554) 2019-12-17 10:34:20 +10:00
socket_server.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
spam_handler.rb DEV: Avoid an additional query in `SpamHandler`. 2020-04-27 13:03:57 +08:00
sql_builder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
staff_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
staff_message_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
suggested_topics_builder.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
system_message.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
text_cleaner.rb FEATURE: English locale with international date formats 2019-05-20 13:47:20 +02:00
text_sentinel.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_javascript_compiler.rb DEV: Remove `Discourse.RAW_TEMPLATES` (#9630) 2020-05-05 12:15:03 -04:00
theme_modifier_helper.rb DEV: Allow plugins to add theme modifiers via db migrations (#9192) 2020-03-12 16:35:28 +00:00
theme_settings_manager.rb FEATURE: add support for `upload` format in theme settings. 2020-04-15 18:34:02 +05:30
theme_settings_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
timeline_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_creator.rb FIX: sending messages to groups with non-lowercase names 2020-05-27 14:52:08 -06:00
topic_list_responder.rb Revert "FIX: don't compute draft for (ro)bots 🤖 in topics list" 2020-05-15 10:40:35 +08:00
topic_publisher.rb FIX: Use destroy_all instead of delete_all for shared drafts 2020-03-05 11:13:43 -08:00
topic_query.rb FIX: ensures category order keeps consistent (#10165) 2020-07-07 09:56:38 +02:00
topic_query_params.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
topic_query_sql.rb DEV: Rails 5.2 upgrade and global gem upgrade 2018-06-07 14:21:33 +10:00
topic_retriever.rb FIX: An `opts` hash was not, in fact, optional :) 2020-04-20 14:17:13 -04:00
topic_subtype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_upload_security_manager.rb FEATURE: Update upload security status on post move, topic conversion, category change (#8731) 2020-01-23 12:01:10 +10:00
topic_view.rb PERF: topic_view participant post count: don't send back ID list (#10210) 2020-07-13 18:42:09 -07:00
topics_bulk_action.rb FIX: Unread topics not clearing when whisper is last post (#8271) 2019-11-01 09:19:43 +10:00
trust_level.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
turbo_tests.rb FIX: Made turbo_rspec display errors in shared groups correctly 2019-08-29 12:41:14 +01:00
twitter_api.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
unread.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
upload_creator.rb SECURITY: Add content-disposition: attachment for SVG uploads 2020-07-09 13:31:48 +10:00
upload_fixer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload_markdown.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
upload_recovery.rb FEATURE: allow UploadRecovery to be run on a single post (#8094) 2019-10-02 14:57:36 +10:00
upload_security.rb Move UploadSecurity public types into PUBLIC_TYPES constant 2020-06-05 10:56:57 +10:00
url_helper.rb Minor change to case-insensitive regex for s3_presigned_url? 2020-02-03 14:22:35 +10:00
user_name_suggester.rb DEV: correct a few Ruby 2.7 deprecations 2019-11-28 13:13:29 +11:00
version.rb FIX: Test output related to `Discourse::VERSION` 2020-07-09 14:57:27 -04:00
webauthn.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
wizard.rb DEV: Allow plugins to add wizard steps after specific steps (#9315) 2020-04-01 08:36:50 -05:00