Commit Graph

5496 Commits

Author SHA1 Message Date
Guo Xiang Tan
66062ed6d9 Add missing default choice for SiteSetting.google_oauth2_prompt. 2018-02-23 11:23:08 +08:00
Guo Xiang Tan
3637f0d3bb Update copy to reflect that 2FA key should be kept a secret. 2018-02-23 10:40:25 +08:00
Guo Xiang Tan
e137b7f836 UX: Improve indication of 2FA status in user's preferences. 2018-02-23 10:36:48 +08:00
Guo Xiang Tan
2e2da3a6e2 Update copy for 2FA. 2018-02-23 10:36:48 +08:00
Robin Ward
9b704b21b5 Don't include client when false 2018-02-22 21:22:09 -05:00
Robin Ward
69af881f7f New site setting trusted_users_can_edit_others
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan
24d0a7a4c7 Take 2 on f74d6bb605.
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
Guo Xiang Tan
dd26bbe868
Merge pull request #5610 from discourse/pm-tags
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
Joffrey JAFFEUX
1c790ae6bc Revert "Add prompt and HD settings to the Google OAuth2 plugin."
This reverts commit f74d6bb605.
2018-02-22 19:17:02 +01:00
scossar
9d0807224b Don't enqueue topic webhook unless a post has a topic 2018-02-22 14:34:59 +08:00
Guo Xiang Tan
ef1b82a226 Add missing site setting description. 2018-02-22 13:52:36 +08:00
Geoffrey Challen
f74d6bb605 Add prompt and HD settings to the Google OAuth2 plugin. 2018-02-22 12:29:19 +08:00
Vinoth Kannan
84867c1c07 Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm 2018-02-22 06:48:34 +05:30
Guo Xiang Tan
1b04d881c5 UX: Display lock icon in admin user lists when user has 2FA enabled. 2018-02-22 09:00:09 +08:00
Joffrey JAFFEUX
6f5acfe783 Login with email/forget password UI refactoring
* move button into login modal with social buttons
* adds email link next to login field when filling it
* adds proper validation messages
* improves forgot password flash clearing
* more tests
2018-02-22 08:06:15 +08:00
Sam
720e1965e3 FEATURE: add category suppress from latest
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.

New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Joshua Rosenfeld
3ec8b38796
A few more 'private message' strings to update
Follow up from a08832bd08
2018-02-21 15:28:26 -05:00
Vinoth Kannan
2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Joshua Rosenfeld
23f7c3607c
Update Twitter login site setting description text 2018-02-21 13:07:33 -05:00
Vinoth Kannan
84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Gerhard Schlager
210939de68 FEATURE: Use HTML instead of text for incoming emails by default 2018-02-21 11:14:36 +01:00
Guo Xiang Tan
8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login
Featheredtoast two factor login
2018-02-21 15:00:10 +08:00
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Sam
ca1a3f37e3 FEATURE: add instrumentation for all external net calls 2018-02-21 15:20:29 +11:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward
3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Jeff Atwood
6c29908ba2 very minor copyedits 2018-02-20 00:44:56 -08:00
Sam
73a492f721 minor changes to discourse bench
Ruby master is not compatible with bootsnap atm
2018-02-20 14:41:21 +11:00
Arpit Jalan
c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh
f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Leo McArdle
5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Guo Xiang Tan
d601a6b23c FIX: Support old Service Worker source file path to avoid routing errors. 2018-02-19 08:04:45 +08:00
SidV
790c5facc9 Mailgun typo (#5593)
mailgun = Mailgun
2018-02-16 01:35:37 -05:00
Neil Lalonde
32ad98161f Update translations 2018-02-15 16:36:03 -05:00
Sam
7af9ed6674 FEATURE: add goanna rendering engine to non crawler list
Goanna the fork of Gecko which is used by Pale Moon browser is not a crawler.
2018-02-16 06:30:47 +11:00
Guo Xiang Tan
28365f8ae5 PERF: Have nginx cache and serve the service worker file. 2018-02-15 10:50:39 +08:00
Sam
38f4acd55a FIX: rate limiter text is confusing, should not say daily
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
2018-02-14 15:29:50 +11:00
Joffrey JAFFEUX
548db91c76
FIX: displays an error when reaching tags limit 2018-02-14 00:30:09 +01:00
Joffrey JAFFEUX
ed114177e7
Mini tag chooser tweaks 2018-02-13 19:41:03 +01:00
Erick Guan
03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Muhlis Cahyono
cc3cf6588b FEATURE: Notification API Endpoints for Admins
* create/update/delete notification api with external url
* remove external url feature
* Fix Travis CI build error (add new line)
* Fix Travis CI build error
2018-02-13 01:38:26 -05:00
Robin Ward
4dfe659189 Rename allow staff flags to allow flagging staff 2018-02-12 15:27:26 -05:00
Robin Ward
6287631745 FEATURE: New site setting, allow staff flags, false by default
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
AhmadF.Cheema
e48ae647f9 Fix typo in server.en.yml 2018-02-11 21:17:22 +01:00
Robin Ward
2faa4c2f5f FIX: Don't show personal messages if disabled as a composer action 2018-02-09 16:58:35 -05:00
Joffrey JAFFEUX
190d208631
FEATURE: improves composer-actions toggle menu
* only toggles
* fix a bug with presence
* more tests
* do not duplicate `continuing discussion...` text
* persist state to allow switching between toggles
2018-02-08 11:46:55 +01:00
scossar
dab0ec1d66 Add translation key/value for target_user_not_found error message 2018-02-07 11:35:17 +01:00
Robin Ward
1bab15c757 FEATURE: A site setting for a minimum TL to post links 2018-02-06 18:07:58 -05:00
Robin Ward
b2b6dc68a6 FEATURE: a setting to customize the minimum TL to flag a post 2018-02-06 17:12:27 -05:00
Kane York
cd19d546a8
Update default linkify TLDs to top 15
Also kept gov, but moved it to the end because it was in the previous version.
2018-02-02 17:45:42 -08:00