Discource-C/discourse
1
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-15 07:45:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
discourse/spec
History
Dan Ungureanu 76a7b75d8a
DEV: Reuse can_invite_to_forum? in can_invite_to? (#14392) 
This commit resolves refactors can_invite_to? to use
can_invite_to_forum? for checking the site-wide permissions and then
perform topic specific checkups.

Similarly, can_invite_to? is always used with a topic object and this is
now enforced.

There was another problem before when `must_approve_users` site setting
was not checked when inviting users to forum, but was checked when
inviting to a topic.

Another minor security issue was that group owners could invite to
group topics even if they did not have the minimum trust level to do
it.
2021-09-29 17:40:16 +03:00
..
components
DEV: Reuse can_invite_to_forum? in can_invite_to? (#14392)
2021-09-29 17:40:16 +03:00
fabricators
DEV: Ignore reminder_type for bookmarks (#14349)
2021-09-16 09:56:54 +10:00
fixtures
FIX: Handle forwarded email quotes around Reply-To display name (#14384)
2021-09-20 16:26:18 +10:00
helpers
FIX: Offer site_logo_dark_url as an option for dark mode themes (#14361)
2021-09-16 17:47:51 -04:00
import_export
initializers
FEATURE: A low priority filter for the review queue. (#12822)
2021-04-23 15:34:24 -03:00
integration
SECURITY: Escape watched word in error message (#14434)
2021-09-24 11:55:15 +03:00
integrity
DEV: Fix a flaky Onceoff spec (#13314)
2021-06-07 20:38:31 +02:00
jobs
DEV: use upload id to save in theme setting instead of URL. (#14341)
2021-09-16 07:58:53 +05:30
lib
PERF: Revert all inboxes from messages route. (#14445)
2021-09-28 11:58:04 +08:00
mailers
FIX: add locales for group mention PM variants (#14358)
2021-09-16 23:07:45 +05:30
models
DEV: Reuse can_invite_to_forum? in can_invite_to? (#14392)
2021-09-29 17:40:16 +03:00
multisite
FIX: Use random file name for temporary uploads (#14250)
2021-09-06 10:21:20 +10:00
requests
DEV: Reuse can_invite_to_forum? in can_invite_to? (#14392)
2021-09-29 17:40:16 +03:00
script/import_scripts
DEV: If disabled do not change setting after import (#12142)
2021-02-19 09:33:35 -07:00
serializers
FIX: Use unread post excerpt for topic-level bookmark excerpt (#14414)
2021-09-22 12:47:36 +10:00
services
FEATURE: Humanize file size error messages (#14398)
2021-09-22 07:59:45 +10:00
support
FIX: Make sure reset-new for tracked is not limited by per_page count (#13395)
2021-06-17 08:20:09 +10:00
tasks
FIX: remove migrate_from_s3 task that silently corrupts data (#11703)
2021-01-17 22:33:29 +01:00
views/omniauth_callbacks
rails_helper.rb
Revert "DEV: Move rate limiter disable to after :each for tests (#13986)" (#13987)
2021-08-10 14:12:36 +10:00
swagger_helper.rb
DEV: Refactor the api docs for the user endpoint (#14377)
2021-09-20 10:04:57 -06:00