Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/app/models
History
Martin Brennan b2acc416e7
FIX: Server-side hashtag lookups of secure categories for a user (#19377) 
* FIX: Use Category.secured(guardian) for hashtag datasource

Follow up to comments in #19219, changing the category
hashtag datasource to use Category.secured(guardian) instead
of Site.new(guardian).categories here since the latter does
more work for not much benefit, and the query time is the
same. Also eliminates some Hash -> Model back and forth
busywork. Add some more specs too.

* FIX: Server-side hashtag lookup cooking user loading

When we were using the PrettyText.options.currentUser
and parsing back and forth with JSON for the hashtag
lookups server-side, we had a bug where the user's
secure categories were not loaded since we never actually
loaded a User model from the database, only parsed it
from JSON.

This commit fixes the issue by instead using the
PretyText.options.userId and looking up the user directly
from the database when calling hashtag_lookup via the
PrettyText::Helpers code when cooking server-side. Added
the missing spec to check for this as well.
 		2022-12-09 10:34:25 +10:00
..
concerns FIX: Server-side hashtag lookups of secure categories for a user (#19377) 2022-12-09 10:34:25 +10:00
about.rb FEATURE: Add plugin API to register About stat group (#17442) 2022-07-15 13:16:00 +10:00
admin_dashboard_data.rb FEATURE: Add support for case-sensitive Watched Words (#17445) 2022-08-02 10:06:03 +02:00
admin_dashboard_general_data.rb FIX: Amend `release_notes_link` in app/models/admin_dashboard_general_data.rb (#19125) 2022-11-21 16:21:34 +00:00
admin_dashboard_index_data.rb
allowed_pm_user.rb FEATURE: Allow List for PMs (#10270) 2020-07-20 15:23:49 -06:00
anonymous_user.rb
api_key.rb Update wordpress scopes and add ``session/scopes`` endpoint (#15366) 2022-05-02 12:15:32 -03:00
api_key_scope.rb FEATURE: User Status API (#19149) 2022-11-24 19:16:28 +04:00
application_request.rb FEATURE: Track API and user API requests (#19186) 2022-11-29 13:07:42 +02:00
associated_group.rb FEATURE: Experimental support for group membership via google auth (#14835) 2021-12-09 12:30:27 +00:00
auto_track_duration_site_setting.rb
backup_draft_post.rb
backup_draft_topic.rb
backup_file.rb
backup_location_site_setting.rb
backup_metadata.rb FIX: Prevent "uploads are missing in S3" alerts after restoring a backup 2020-09-10 21:37:48 +02:00
badge.rb FEATURE: Allow setting `default_enabled` for badges (#19178) 2022-11-24 13:44:26 +01:00
badge_grouping.rb
badge_type.rb
base_font_setting.rb DEV: Do not translate font names (#10723) 2020-09-23 12:00:07 +03:00
bookmark.rb DEV: TODO followups (#18936) 2022-11-09 07:48:05 +10:00
category.rb FIX: Server-side hashtag lookups of secure categories for a user (#19377) 2022-12-09 10:34:25 +10:00
category_and_topic_lists.rb
category_custom_field.rb
category_featured_topic.rb FIX: Make sure featured category topics are unique (#18343) 2022-09-27 14:01:22 +03:00
category_group.rb
category_list.rb FEATURE: Add dark mode option for category logos (#18460) 2022-10-07 11:00:44 -04:00
category_page_style.rb FEATURE: add categories page style to order topics by created date (#17500) 2022-07-25 09:41:43 -04:00
category_required_tag_group.rb FEATURE: Allow multiple required tag groups for a category (#16381) 2022-04-06 14:08:06 +01:00
category_search_data.rb
category_tag.rb PERF: Cache categories in Site model take 3. 2021-06-24 13:30:51 +08:00
category_tag_group.rb PERF: Cache categories in Site model take 3. 2021-06-24 13:30:51 +08:00
category_tag_stat.rb
category_user.rb UX: Change wording for 'regular' categories to 'normal' (#17134) 2022-06-20 06:49:33 +03:00
child_theme.rb
color_scheme.rb more (#19106) 2022-11-18 13:28:13 -06:00
color_scheme_color.rb FIX: Wizard could not send custom color schemes to the client correctly (#10484) 2020-08-20 17:10:33 -07:00
color_scheme_setting.rb Add site setting to pick dark mode color scheme (#10390) 2020-08-07 08:52:47 -04:00
custom_emoji.rb FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
developer.rb DEV: Update annotations 2019-11-29 15:49:08 +00:00
digest_email_site_setting.rb
directory_column.rb Revert "DEV: Remove stale ignored_columns from models." 2022-01-11 11:00:58 +08:00
directory_item.rb DEV: Plugin API to add directory columns (#13440) 2021-06-22 13:00:04 -05:00
discourse_connect.rb FIX: Don't attempt to add user again to a group when syncing groups via SSO (#18772) 2022-10-28 13:27:12 +03:00
discourse_version_check.rb
dismissed_topic_user.rb FEATURE: New way to dismiss new topics (#11927) 2021-02-04 11:27:34 +11:00
do_not_disturb_timing.rb DEV: Fix random typos (#16066) 2022-02-28 10:20:58 +08:00
draft.rb FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
draft_sequence.rb FIX: Update draft count when sequence is increased (#13940) 2021-08-04 13:30:37 +03:00
email_change_request.rb DEV: pull email address validation out to a new EmailAddressValidator 2022-02-17 21:49:22 -05:00
email_level_site_setting.rb
email_log.rb FEATURE: Log the SMTP response in EmailLog (#17056) 2022-06-15 10:28:30 +10:00
email_style.rb
email_token.rb SECURITY: Fix invite link email validation (#18817) 2022-11-01 16:33:32 +00:00
embeddable_host.rb DEV: Rename `UriHelper.escape_uri` to `.normalized_encode` 2022-08-09 11:55:25 +01:00
embedding.rb FIX: use allowlist and blocklist terminology (#10209) 2020-07-27 10:23:54 +10:00
emoji.rb PERF: limits use of redis cache while building emojis list (#19013) 2022-11-14 13:38:50 +01:00
emoji_set_site_setting.rb DEV: Remove JoyPixels emoji option (#12197) 2021-02-26 07:44:52 -05:00
external_upload_stub.rb DEV: Do not destroy external upload stub on error in debug mode (#14139) 2021-08-25 11:11:19 +10:00
given_daily_like.rb
global_setting.rb FIX: LOAD_PLUGINS=0 in dev/prod, warn in plugin:pull_compatible_all (#15537) 2022-01-11 12:30:22 +00:00
group.rb PERF: Update `Group#user_count` counter cache outside DB transaction (#19256) 2022-11-30 11:52:08 -03:00
group_archived_message.rb FIX: Update group inbox notifications on archive/unarchive (#16152) 2022-03-11 11:57:47 +01:00
group_associated_group.rb FEATURE: Experimental support for group membership via google auth (#14835) 2021-12-09 12:30:27 +00:00
group_category_notification_default.rb FEATURE: set notification levels when added to a group (#10378) 2020-08-06 12:27:27 -04:00
group_custom_field.rb
group_history.rb
group_manager.rb
group_mention.rb
group_request.rb
group_tag_notification_default.rb FEATURE: set notification levels when added to a group (#10378) 2020-08-06 12:27:27 -04:00
group_user.rb PERF: Update `Group#user_count` counter cache outside DB transaction (#19256) 2022-11-30 11:52:08 -03:00
ignored_user.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
imap_sync_log.rb DEV: IMAP debugging improvements (#11784) 2021-01-21 11:37:47 +10:00
incoming_domain.rb
incoming_email.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
incoming_link.rb
incoming_links_report.rb FEATURE: Make report filters reusable (#9444) 2020-04-22 11:52:50 +03:00
incoming_referer.rb
invite.rb FIX: Existing users were mistakenly unable to redeem invite (#19191) 2022-11-25 11:57:04 +10:00
invite_redeemer.rb SECURITY: Prevent email from being nil in InviteRedeemer (#19004) 2022-11-14 12:02:06 +10:00
invited_group.rb FEATURE: Various improvements to invite system (#12314) 2021-03-09 00:15:14 +02:00
invited_user.rb FEATURE: Various improvements to invite system (#12298) 2021-03-06 13:29:35 +02:00
javascript_cache.rb DEV: Introduce minification and source maps for Theme JS (#18646) 2022-10-18 18:20:10 +01:00
like_notification_frequency_site_setting.rb
linked_topic.rb FEATURE: new setting to create a linked topic on autoclosing mega topics (#11001) 2020-11-02 12:18:48 +05:30
locale_site_setting.rb DEV: Fix rubocop issues (#14715) 2021-10-27 11:39:28 +03:00
mailing_list_mode_site_setting.rb
muted_user.rb
navigation_menu_site_setting.rb DEV: Migrate sidebar site settings (#19336) 2022-12-08 09:44:29 +08:00
new_topic_duration_site_setting.rb
notification.rb FIX: deprioritize reaction notifications (#19049) 2022-11-16 15:37:51 +11:00
notification_level_when_replying_site_setting.rb
oauth2_user_info.rb DEV: Move OAuth2UserInfo deprecation to after_save (#15704) 2022-01-25 10:29:31 +00:00
onceoff_log.rb
optimized_image.rb FIX: Ensure 'crop' always returns requested dimensions (#16437) 2022-04-19 11:21:24 +01:00
permalink.rb FIX: Show error messages when adding permalinks in the admin UI (#12545) 2021-03-29 13:36:59 -05:00
plugin_store.rb
plugin_store_row.rb
post.rb FEATURE: Show live user status on inline mentions on posts (#18683) 2022-12-06 19:10:36 +04:00
post_action.rb DEV: Remove PostAction/UserAction bookmark refs (#16681) 2022-05-10 10:42:18 +10:00
post_action_type.rb DEV: Compatibility with TruffleRuby (#16864) 2022-05-19 21:56:55 +02:00
post_analyzer.rb FEATURE: Show live user status on inline mentions on posts (#18683) 2022-12-06 19:10:36 +04:00
post_custom_field.rb DEV: Drop old hotlinked image data from post_custom_fields (#16594) 2022-05-12 15:34:35 +01:00
post_detail.rb
post_hotlinked_media.rb DEV: Map already-downloaded hotlinked images in post_process_cooked 2022-05-23 14:28:02 +01:00
post_mover.rb FEATURE: Promote polymorphic bookmarks to default and migrate (#16729) 2022-05-23 10:07:15 +10:00
post_reply.rb DEV: Remove stale ignored_columns. (#11160) 2020-11-09 15:57:59 +11:00
post_reply_key.rb FIX: Email Send post has already been taken error (#16992) 2022-06-06 13:13:26 -06:00
post_revision.rb FEATURE: Add post edits count to user activity (#13495) 2021-08-02 10:15:53 -04:00
post_search_data.rb DEV: annotate models (#11047) 2020-10-27 23:42:33 +05:30
post_stat.rb
post_timing.rb FEATURE: whispers available for groups (#17170) 2022-06-30 10:18:12 +10:00
post_upload.rb
previous_replies_site_setting.rb
private_message_topic_tracking_state.rb FEATURE: whispers available for groups (#17170) 2022-06-30 10:18:12 +10:00
published_page.rb DEV: Upgrade Rails to 6.1.3.1 (#12688) 2021-04-21 12:36:32 +03:00
push_subscription.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
quoted_post.rb FEATURE: Nokogumbo (#9577) 2020-05-05 13:46:57 +10:00
remote_theme.rb SECURITY: Expand and improve SSRF Protections (#18815) 2022-11-01 16:33:17 +00:00
remove_muted_tags_from_latest_site_setting.rb
report.rb FEATURE: Track API and user API requests (#19186) 2022-11-29 13:07:42 +02:00
reviewable.rb FIX: Exclude claimed reviewables from user menu (#19179) 2022-12-01 07:09:57 +08:00
reviewable_claimed_topic.rb FIX: Don't log a claimed topic database error during tests 2020-01-09 12:32:05 -05:00
reviewable_flagged_post.rb FEATURE: Deleting a user with their posts also deletes chat messages. (#19194) 2022-11-28 13:32:57 -03:00
reviewable_history.rb DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
reviewable_post.rb DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
reviewable_priority_setting.rb
reviewable_queued_post.rb DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
reviewable_score.rb DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
reviewable_sensitivity_setting.rb DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
reviewable_user.rb DEV: Use AR enums in reviewables related code 2022-09-22 14:44:27 +02:00
s3_region_site_setting.rb Added S3 region eu-south-1 Milanù 2021-09-16 12:33:43 -04:00
screened_email.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
screened_ip_address.rb FIX: Update match_count of screened IP address (#19321) 2022-12-06 13:09:38 +02:00
screened_url.rb
search_log.rb FEATURE: show recent searches in quick search panel (#15024) 2021-11-25 15:44:15 -05:00
shared_draft.rb
shelved_notification.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
sidebar_section_link.rb FEATURE: Decouple category/tag presence in sidebar from notifi level (#17273) 2022-06-30 14:54:20 +08:00
single_sign_on_record.rb
site.rb FEATURE: Hide welcome topic if it hasn't been edited (#18632) 2022-10-19 20:01:36 -06:00
site_setting.rb DEV: Migrate sidebar site settings (#19336) 2022-12-08 09:44:29 +08:00
sitemap.rb FEATURE: Let sites add a sitemap.xml file. (#16357) 2022-04-12 10:33:59 -03:00
skipped_email_log.rb FIX: Handle edge cases for group SMTP email job (#13631) 2021-07-05 14:56:32 +10:00
slug_setting.rb
stylesheet_cache.rb PERF: Add scheduled job to delete old stylesheet cache rows (#13747) 2021-07-16 10:58:01 -04:00
tag.rb FIX: When filtering tags for visibility, respect tag group permissions (#19152) 2022-11-22 12:55:57 -06:00
tag_group.rb FIX: tag groups were not visible to allowed group members (#17183) 2022-06-21 23:40:54 +05:30
tag_group_membership.rb
tag_group_permission.rb
tag_search_data.rb
tag_user.rb DEV: Do not use hard-coded everyone group id (#15679) 2022-01-21 15:56:45 -07:00
theme.rb DEV: Add link rel preload to theme-javascripts (#19231) 2022-11-30 12:43:01 -06:00
theme_field.rb DEV: Add link rel preload to theme-javascripts (#19231) 2022-11-30 12:43:01 -06:00
theme_modifier_set.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
theme_setting.rb FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
theme_translation_override.rb DEV: Use the theme cache helper for settings 2022-02-21 09:45:14 +00:00
top_lists.rb
top_menu_item.rb
top_topic.rb FIX: Better and more secure validation of periods for TopicQuery 2021-07-23 14:24:44 -04:00
topic.rb UX: Exclude search ignored and user muted categories in similarity search (#19349) 2022-12-07 11:33:01 +08:00
topic_allowed_group.rb
topic_allowed_user.rb
topic_converter.rb FIX: Do not invite whisper or small action posters (#18123) 2022-08-29 15:52:54 +03:00
topic_custom_field.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
topic_embed.rb DEV: Rename `UriHelper.escape_uri` to `.normalized_encode` 2022-08-09 11:55:25 +01:00
topic_featured_users.rb
topic_group.rb Changed `CONFLICT` to `SQL` for multiline strings 2019-12-13 11:51:40 -05:00
topic_invite.rb
topic_link.rb FIX: Hide links to muted topics and in categories list (#14761) 2021-10-29 17:52:23 +03:00
topic_link_click.rb FIX: Count clicks on links with query params (#15969) 2022-02-18 14:47:56 +02:00
topic_list.rb FIX: Avoid duplicate topic-list requests (#18073) 2022-08-24 11:54:01 +01:00
topic_notifier.rb
topic_participants_summary.rb PERF: Combine avatar_lookup and primary_group_lookup into user_lookup (#10253) 2020-07-17 10:48:08 +01:00
topic_poster.rb REFACTOR: Add `full_url` and `display_name` to `User` 2022-04-14 11:53:57 +02:00
topic_posters_summary.rb FIX: Add plugin event to topic list user lookup (#14116) 2021-08-25 13:16:08 +03:00
topic_search_data.rb
topic_tag.rb
topic_thumbnail.rb DEV: followup to prev commit 2020-05-26 16:19:05 +10:00
topic_timer.rb FEATURE: Allow category moderators to set auto deletion topic timers (#19383) 2022-12-08 17:14:43 -03:00
topic_tracking_state.rb DEV: Migrate sidebar site settings (#19336) 2022-12-08 09:44:29 +08:00
topic_user.rb DEV: Fix random typos (#16066) 2022-02-28 10:20:58 +08:00
topic_view_item.rb FIX: exclude private messages from TL3 requirements 2020-04-07 17:36:07 -04:00
translation_override.rb DEV: Upgrade to Rails 7 2022-04-28 11:51:03 +02:00
trust_level3_requirements.rb PERF: Faster TL3 promotion replies needed calculation (#10416) 2020-08-12 11:28:34 -03:00
trust_level_and_staff_and_disabled_setting.rb FEATURE: Make allow_uploaded_avatars accept TL (#14091) 2021-08-24 10:46:28 +03:00
trust_level_and_staff_setting.rb FIX: Don't store translated trust level names in anonymous cache (#13224) 2021-06-01 22:11:48 +02:00
trust_level_setting.rb FIX: Don't store translated trust level names in anonymous cache (#13224) 2021-06-01 22:11:48 +02:00
unsubscribe_key.rb FEATURE: Custom unsubscribe options (#17090) 2022-06-21 15:49:47 -03:00
upload.rb FIX: Allow attr updates of over-size-limit uploads (#18986) 2022-11-11 17:56:11 +01:00
upload_reference.rb FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
user.rb DEV: Migrate sidebar site settings (#19336) 2022-12-08 09:44:29 +08:00
user_action.rb FIX: action_code_path not being loaded for user-stream-item (#18577) 2022-10-13 19:10:18 +10:00
user_api_key.rb Revert "DEV: Remove stale ignored_columns from models." 2022-01-11 11:00:58 +08:00
user_api_key_scope.rb FEATURE: Allow user_status scope for UserApiKey (#19296) 2022-12-06 08:56:03 +10:00
user_archived_message.rb FIX: Don't publish PM archive events to acting user. (#14291) 2021-09-10 09:20:50 +08:00
user_associated_account.rb
user_associated_group.rb FEATURE: Experimental support for group membership via google auth (#14835) 2021-12-09 12:30:27 +00:00
user_auth_token.rb FEATURE: Apply rate limits per user instead of IP for trusted users (#14706) 2021-11-17 23:27:30 +03:00
user_auth_token_log.rb
user_avatar.rb FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
user_badge.rb DEV: Refactor user_badge_granted DiscourseEvent logic (#17579) 2022-07-22 09:06:02 +08:00
user_badges.rb
user_bookmark_list.rb FIX: Return next bookmarks page only if it exists (#18139) 2022-09-01 13:04:00 +03:00
user_custom_field.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
user_email.rb FEATURE: Add email normalization rules setting (#14593) 2021-11-24 11:30:06 +02:00
user_export.rb FEATURE: Create upload_references table (#16146) 2022-06-09 09:24:30 +10:00
user_field.rb DEV: Make user field validation more specific (#16746) 2022-05-16 14:21:33 +01:00
user_field_option.rb FIX: Validate value of custom dropdown user fields - dropdowns and multiple selects (#13890) 2021-07-30 13:50:47 -04:00
user_history.rb FEATURE: Promote the "delete group" staff action log. (#16656) 2022-05-09 12:12:52 -03:00
user_ip_address_history.rb DEV: annotate models (#11047) 2020-10-27 23:42:33 +05:30
user_notification_schedule.rb DEV: Update core model annotations 2021-07-06 10:11:06 +01:00
user_open_id.rb DEV: Drop legacy OpenID 2.0 support (#8894) 2020-02-07 17:32:35 +00:00
user_option.rb FEATURE: new site setting to hide user profiles by default. (#18864) 2022-11-06 16:44:17 +05:30
user_profile.rb SECURITY: Limit user profile field length (#18302) 2022-09-21 12:07:06 +10:00
user_profile_view.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
user_search.rb DEV: return user status on the user search route (#17716) 2022-08-09 14:54:33 +04:00
user_search_data.rb
user_second_factor.rb SECURITY: Improve second factor auth logic 2020-01-10 10:45:56 +10:00
user_security_key.rb
user_stat.rb FEATURE: whispers available for groups (#17170) 2022-06-30 10:18:12 +10:00
user_status.rb FEATURE: auto remove user status after predefined period (#17236) 2022-07-05 19:12:22 +04:00
user_summary.rb FIX: Show links with 0 clicks in top links section (#16016) 2022-02-21 22:15:38 +02:00
user_upload.rb
user_visit.rb
user_warning.rb
username_validator.rb FIX: Use cached RegEx instead of recreating RegEx on every usage 2022-11-09 14:27:55 +01:00
watched_word.rb FIX: Allow to add the same watched word with a different case (#17799) 2022-08-05 12:18:17 +02:00
web_crawler_request.rb PERF: perform all cached counting in background (#15991) 2022-02-22 16:45:25 +00:00
web_hook.rb SECURITY: Expand and improve SSRF Protections (#18815) 2022-11-01 16:33:17 +00:00
web_hook_event.rb
web_hook_event_type.rb FEATURE: adds the user_promoted event to webhooks (#15996) 2022-02-22 10:57:18 +01:00