discourse/app/controllers
Sam df45e82377 SECURITY: only allow picking of avatars created by self (#6417)
* SECURITY: only allow picking of avatars created by self

Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
..
admin SECURITY: remove admin memory diagnostics routes 2018-09-18 08:35:09 +10:00
users FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
about_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
application_controller.rb FIX: check admin theme cookie against user selectable 2018-09-07 10:47:28 +10:00
badges_controller.rb PERF: N+1 queries on badges page. 2018-03-19 14:36:09 +08:00
categories_controller.rb REFACTOR: Rescue error at the specific spot that is raising the error. 2018-09-03 11:04:58 +08:00
category_hashtags_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
clicks_controller.rb Make rubocop happy again. 2018-06-07 13:28:18 +08:00
composer_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
composer_messages_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
directory_items_controller.rb make 🤖 rubocop happy 2018-05-16 16:35:04 +02:00
draft_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
drafts_controller.rb raise error early in drafts controller 2018-09-13 08:40:57 -04:00
email_controller.rb FIX: stop adding email to unsubscribe url 2018-05-22 09:07:03 +10:00
embed_controller.rb FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
exceptions_controller.rb UX: Replace Google search with Discourse search on not found page 2018-08-15 11:53:04 +10:00
export_csv_controller.rb FEATURE: Log entity export in staff logs 2018-09-19 03:16:45 +05:30
extra_locales_controller.rb simplify production switch and serve extra locales from actual site 2018-01-10 08:19:51 +11:00
finish_installation_controller.rb FEATURE: Make initial admins TL1 2018-08-22 15:45:24 +10:00
forums_controller.rb PERF: add frozen strings 2018-01-15 12:44:54 +11:00
groups_controller.rb reworked specs of existing group behavior 2018-09-17 17:46:43 +10:00
highlight_js_controller.rb Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
inline_onebox_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
invites_controller.rb FIX: do not use scheduler for uploading csv file for invite 2018-07-04 13:28:11 +05:30
list_controller.rb FIX: wrong category links on subfolder install in rss feed for a category topic list 2018-09-07 10:03:30 -04:00
metadata_controller.rb FIX: use current user color scheme when filling `theme-color` attribute (#6384) 2018-09-12 11:04:58 +10:00
notifications_controller.rb Make rubocop happy again. 2018-06-07 13:28:18 +08:00
offline_controller.rb FIX: offline controller regression 2017-10-31 15:44:50 +11:00
onebox_controller.rb FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
permalinks_controller.rb FIX: if we have not target available do not redirect 2018-08-20 13:10:59 +10:00
post_action_users_controller.rb UX: cap likes 2 (#5237) 2017-11-15 11:28:54 +11:00
post_actions_controller.rb FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
posts_controller.rb FEATURE: Allow admins to reply without topic bump 2018-08-10 10:48:30 +10:00
push_notification_controller.rb Feature: Push notifications for Android (#5792) 2018-05-04 15:31:48 -07:00
queued_posts_controller.rb FIX: allow staff to remove tags from queued topics 2018-06-26 17:08:40 +05:30
qunit_controller.rb DEV: remove qunit rails fork and add a couple of async tests 2018-04-23 16:42:40 +10:00
robots_txt_controller.rb FIX: simplify so we ban all auth paths 2018-08-16 19:16:47 +10:00
safe_mode_controller.rb Allow staff members to enable safe mode, even if disabled 2018-04-25 11:49:57 -04:00
search_controller.rb FEATURE: support search click through tracking for user, category and tags 2017-12-01 12:04:55 +05:30
session_controller.rb FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
similar_topics_controller.rb display 'similar to' earlier when composing a post 2017-09-16 01:03:29 +02:00
site_controller.rb FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
static_controller.rb FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
steps_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
stylesheets_controller.rb FEATURE: backend support for user-selectable components 2018-08-08 14:46:34 +10:00
tag_groups_controller.rb FIX: tag groups page should only be visible to staff 2018-09-17 11:41:18 -04:00
tags_controller.rb FIX: check permalinks for deleted topics 2018-08-09 15:05:12 +10:00
themes_controller.rb fix theme previewing (#6245) 2018-08-08 10:58:45 +03:00
topics_controller.rb FIX: don't allow inviting more than `max_allowed_message_recipients` 2018-08-23 14:36:49 +10:00
uploads_controller.rb Rename `FileHelper.is_image?` -> `FileHelper.is_supported_image?`. 2018-09-12 09:22:28 +08:00
user_actions_controller.rb FIX: Remove mentions filters from user and groups 2017-12-07 16:29:02 -05:00
user_api_keys_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00
user_avatars_controller.rb FIX: set old last modified date for invalid avatars 2018-08-31 17:07:31 +10:00
user_badges_controller.rb FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
users_controller.rb SECURITY: only allow picking of avatars created by self (#6417) 2018-09-19 22:33:10 -07:00
users_email_controller.rb FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
webhooks_controller.rb Make rubocop happy again. 2018-06-07 13:28:18 +08:00
wizard_controller.rb Refactor requires login logic, reduce duplicate code 2018-02-01 15:17:59 +11:00