Commit Graph

67 Commits

Author SHA1 Message Date
Régis Hanol
0df666277d BUGFIXES: properly deal with bookmarks and deleted posts
BUGFIX: removing a bookmark from the activity feed was busted for deleted posts
BUGFIX: delete associated user actions when deleting a post
2014-06-04 17:41:11 +02:00
riking
41332ab7ad Allow anonymous to see raw posts 2014-05-19 23:33:27 -07:00
Wojciech Zawistowski
960d64930c Wiki Post 2014-05-13 08:53:11 -04:00
Régis Hanol
fca6738212 BUGFIX: could not see the revisions of a post in a deleted topic 2014-05-12 16:30:10 +02:00
Régis Hanol
bc3de84ebf FEATURE: remove bookmark button in activity feed 2014-05-12 09:33:26 +02:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Sam
05efc8df16 BUGFIX: likes would cause whole post to re-render 2014-04-24 12:42:04 +10:00
Robin Ward
dbab628e16 Support for creating embedded topics via API 2014-04-03 14:42:44 -04:00
Robin Ward
10d0320532 FIX: Allow expanding posts when anonymous, add specs 2014-04-03 11:30:43 -04:00
Robin Ward
d1e7fa1c47 Minor tweaks to importing first posts 2014-04-02 15:54:21 -04:00
Robin Ward
558a06a117 Adds better reusable error message support. Added to fetching remote
posts. /cc @riking
2014-04-02 13:22:10 -04:00
Robin Ward
b250aa36a0 Remote fetching of blog contents 2014-04-02 10:26:46 -04:00
Robin Ward
50fb048b99 Interface for expanding OP contents 2014-04-02 10:26:46 -04:00
Sam
1cd32ced33 FEATURE: update likes and flags live. 2014-03-24 13:22:03 +11:00
Neil Lalonde
283dc7dd2d Trust level 4: add ability to edit any post and see edit history 2014-03-13 10:47:49 -04:00
Wojciech Zawistowski
227c0af20b Removes unnecessary instance vars. 2014-02-24 18:03:29 +01:00
Wojciech Zawistowski
ed311eb65a PostsController refactoring. 2014-02-21 17:12:43 +01:00
Wojciech Zawistowski
cfbeba84d2 Adds tests for PostsController#replies. 2014-02-20 17:38:13 +01:00
Wojciech Zawistowski
5e8db5ce14 Adds specs for PostsController#by_number. 2014-02-19 17:41:17 +01:00
Wojciech Zawistowski
5b9a4d3581 Refactors PostsController and adds unit tests. 2014-02-18 17:19:38 +01:00
Régis Hanol
4fb274fb9d BUGFIX: history link doesn't work on deleted posts 2014-02-04 20:05:50 +01:00
Neil Lalonde
259295d865 Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year. 2014-01-09 11:55:04 -05:00
Sam
eeb83adf71 BUGFIX: staff can now edit delted posts
fixes #1343

This was way easier than mucking with the UI
2014-01-06 18:12:51 +11:00
Régis Hanol
06dd7ffe3c better revision history 2013-12-12 03:41:34 +01:00
Neil Lalonde
a9ab98ef9e Auto-close time can be entered in 3 ways, so a topic can close at any time 2013-11-27 09:52:35 -05:00
Sam
3fa48f8d76 Style fix: https://twitter.com/andrzejkrzywda/status/404943844896423937 2013-11-26 10:21:41 +11:00
Régis Hanol
482b752046 add edit reason when editing a post 2013-11-15 23:28:49 +01:00
Régis Hanol
af96ef2994 FIX: deleting a flagged post issue
cf. http://meta.discourse.org/t/deleting-a-flagged-post-issue/10061

The bug was only happening when you were about the delete the first post, which means deleting the entire topic.
2013-10-02 16:59:57 +02:00
Régis Hanol
cd4cda5b4c allow users to specify thumbnail size 2013-09-27 10:57:31 +02:00
Robin Ward
7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward
71c1b8b9b9 When deleting a post as staff, ask if you want to delete direct replies too 2013-09-05 11:03:34 -04:00
Robin Ward
f157ec1f91 Select +Replies for bulk operations 2013-09-05 11:03:29 -04:00
Robin Ward
1c3804934e Show the entire history of replies above a post when you expend "in reply to" 2013-08-06 17:43:10 -04:00
Sam
4a20d09523 distributed memoizer added to ensure absolute duplicate posts don't get through
in case of an absolute dupe just return the memoized post

This works around issues with wordpress being crazy
2013-07-29 12:25:19 +10:00
Sam
1f3c5cb656 allow end user to recover a post they delete
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Sam
0ec1438b9a correct auto track param parsing for WordPress 2013-07-22 15:07:20 +10:00
Sam
acba0ea41e add auto track to permitted params 2013-07-22 15:07:20 +10:00
Robin Ward
5eaae063f0 Discourse Macro Helpers + Minor Fix to Admin User View 2013-07-11 19:35:52 -04:00
Robin Ward
d98f288aa4 FIX: Recovering a deleted post was not updating a topic's statistics 2013-07-09 12:15:55 -04:00
Sam
f6b850e7a4 allow skipping the validations on creation if its an api call AND skip_validations is specified
this allows wordpress plugin to post very very short titles or titles that would otherwise be disallowed
2013-07-02 12:23:19 +10:00
Neil Lalonde
e263bb3c0a Anons should be able to see post history 2013-06-19 16:43:16 -04:00
Ian Christian Myers
b61e10f9ad All parameters for #create in PostsController pass through strong_parameters.
We are now explicitly whitelisting all parameters for Post creation. A nice side-effect is that it cleans up the #create action in PostsController. We can now trust that all parameters entering PostCreator are of a safe scalar type.
2013-06-07 01:29:25 -07:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
870e59883b secure the links on the topic pages, eliminated deleted topics as well. 2013-06-05 16:10:26 +10:00
Robin Ward
d554a59102 Support for a new site setting: newuser_spam_host_threshold. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Neil Lalonde
9828c87525 Topic Auto-Close: admins and mods can set a topic to automatically close after a number of days 2013-05-13 12:53:52 -04:00
Sam
942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Sam
20493106cd fix post trashing 2013-05-07 17:56:56 +10:00
Sam
e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam
cef9a74053 route for markdown /md/topic_id/post_number 2013-04-30 16:30:41 +10:00