Guo Xiang Tan
b87c5eb1b6
Fix randomly failing spec.
2017-03-24 15:46:42 +08:00
Guo Xiang Tan
3ef82bb32c
SECURITY: CSRF vulnerabilities in Admin::BackupsController
.
2017-03-23 10:29:35 +08:00
Neil Lalonde
11ce73b8ed
FEATURE: category setting for default top period
2017-03-22 16:54:18 -04:00
Arpit Jalan
786fd6bbd2
Merge pull request #4774 from techAPJ/email-prefix
...
FIX: use email prefix only in subject
2017-03-22 14:18:50 +05:30
Arpit Jalan
295cf8839e
FIX: better error message when invited user already exists
2017-03-22 13:55:28 +05:30
Arpit Jalan
1853a4852c
FIX: use email prefix only in subject
2017-03-21 20:29:57 +05:30
Arpit Jalan
df246c79b6
FEATURE: add user profile fields in user list export
2017-03-21 15:51:52 +05:30
Arpit Jalan
82c0f5f587
Merge pull request #4767 from techAPJ/activate-account
...
FIX: send activation email if user have unconfirmed email address
2017-03-21 09:44:23 +05:30
Arpit Jalan
7c3ae50dcd
FIX: send activation email if user have unconfirmed email
2017-03-21 09:41:50 +05:30
Sam
74dbe877d8
test for side effect without mock
2017-03-20 16:15:23 -04:00
Sam
c106ca6778
FEATURE: fallback asset path for multi host setups
2017-03-20 15:59:17 -04:00
Arpit Jalan
8cbfa24ca2
Fix failing test
2017-03-20 20:14:25 +05:30
Arpit Jalan
521c88fe58
FIX: enqueue activation email for invited user that has password set
2017-03-20 17:13:21 +05:30
Guo Xiang Tan
a1d04a7a9a
Fix rspec tests.
2017-03-20 12:35:08 +08:00
Guo Xiang Tan
6057e17ae7
Fix weird test failure.
2017-03-20 12:06:37 +08:00
Robin Ward
fd591257a8
Merge pull request #4759 from kennym/support-ports-for-ip-addresses-in-embedding
...
FIX: Allow ports for embed host IPs
2017-03-16 11:23:42 -04:00
Guo Xiang Tan
5169ef8814
Fix broken specs.
2017-03-16 15:05:28 +08:00
Guo Xiang Tan
bf78c228f4
FIX: User created web hook being enqueued before record has been saved.
...
* Improve web hook tests as well.
2017-03-16 14:44:09 +08:00
Erick Guan
cfbfea0596
FEATURE: Allow easier customization to the web hook event serialization.
2017-03-16 10:09:05 +08:00
Guo Xiang Tan
bbc85e1e29
Merge pull request #4750 from discourse/group_login_registration_flow
...
FEATURE: Redirect to groups page and apply group actions upon login/s…
2017-03-16 09:50:56 +08:00
Guo Xiang Tan
ca965bb455
FEATURE: Redirect to groups page after login/registration flow.
2017-03-16 09:48:51 +08:00
Kenny Meyer
ae957bca25
Allow ports for embed host IPs
2017-03-15 18:16:34 -03:00
Guo Xiang Tan
685c26961f
Fix randomly failing specs.
2017-03-14 16:28:05 +08:00
Guo Xiang Tan
6312b8b7e4
Fix failing specs.
2017-03-14 14:58:22 +08:00
Guo Xiang Tan
d173473509
Fix randomly failing specs.
2017-03-14 14:43:48 +08:00
Guo Xiang Tan
1a7e954e09
FIX: Store custom emojis as uploads.
...
* Depending on a hardcoded directory was a flawed design
which made it impossible to debug when custom emojis go
missing.
2017-03-14 13:07:18 +08:00
Sam
64680286f4
correct logic, so revalidation is reset
...
correct test so it can run at any point
2017-03-13 10:47:43 -04:00
Sam
a690121805
SECURITY: always allow staff to resend activation mails
2017-03-13 10:32:24 -04:00
Sam
ef24fd54ba
FEATUE: automatically validate token is stored in redis
...
This ensures we have some handling for redis flushall
We attempt to recover our in-memory session token once every 30 seconds
Code is careful to only set the token if it is nil, to allow for manual
cycling to remain safe if needed
2017-03-13 10:19:02 -04:00
Sam
82ca0e368e
FEATURE: stop escaping special chars in title prettify
...
This feature is confusting and just leads to inconsistency
2017-03-13 10:02:20 -04:00
Guo Xiang Tan
9364d8ce71
FIX: Store user's id instead for sending activation email.
...
* Email and username are both allowed to be used for logging in.
Therefore, it is easier to just store the user's id rather than
to store the username and email in the session.
2017-03-13 20:24:55 +08:00
Guo Xiang Tan
7ebfa3c901
SECURITY: Only allow users to resend activation email with a valid session.
...
* Improve error when an active user tries to request for an activation email.
2017-03-13 19:35:29 +08:00
Arpit Jalan
848120c098
FEATURE: RSS feed for top page period filters
2017-03-13 15:23:46 +05:30
Guo Xiang Tan
4d4a1a1552
Add scope for human users.
2017-03-11 14:25:09 +08:00
Sam
6ebddc42d1
FIX: include children categories when searching a category
2017-03-10 15:58:47 -05:00
Neil Lalonde
402ddb810c
FIX: email customizations now apply to both html and text parts
2017-03-10 14:08:03 -05:00
Sam
bc1a6ccb90
Merge pull request #4741 from tgxworld/allow_bookmark_removal
...
FIX: Allow user to remove bookmark from posts as long as bookmark is …
2017-03-10 12:49:20 -05:00
Arpit Jalan
f7e7ca3937
FEATURE: anonymized site statistics
2017-03-10 18:50:26 +05:30
Guo Xiang Tan
9cc79363e0
Merge pull request #4744 from tgxworld/feature_seen_unseen_search
...
FEATURE: Search can be scoped to posts that the current user has seen…
2017-03-09 07:11:19 +08:00
Régis Hanol
23b06d2895
FIX: should not try to send digest to users who reached the bounce threshold
2017-03-08 19:19:11 +01:00
Guo Xiang Tan
c623951306
FEATURE: Search can be scoped to posts that the current user has seen/unseen.
...
https://meta.discourse.org/t/advanced-search-posts-that-i-have-seen/57966
2017-03-09 01:01:33 +08:00
Arpit Jalan
801b5838e1
FIX: do not show faq/guidelines page to anonymous users for private forums
2017-03-08 16:00:49 +05:30
Régis Hanol
cf8bc4483f
FIX: always send critical emails even when bounce score threshold has been reached
2017-03-08 10:06:16 +01:00
Arpit Jalan
090236b15b
FIX: do not show about page to anonymous users for private forums
2017-03-08 13:15:44 +05:30
Guo Xiang Tan
689dd16be0
FIX: Allow user to remove bookmark from posts as long as bookmark is present.
...
https://meta.discourse.org/t/bookmark-issue-when-access-to-topic-is-lost-pms/51993
2017-03-08 13:53:49 +08:00
Régis Hanol
ee9d621d9c
FIX: surround the FROM alias with " in order to support the @ character
2017-03-07 23:37:21 +01:00
Sam
99f4d5082b
FIX: Improve token rotation and increase logging
...
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
Neil Lalonde
0661cebbcf
fix intermittent failing spec
2017-03-07 11:59:05 -05:00
Neil Lalonde
d95e4102c1
FIX: tags created in secured categories should not be forbidden outside those categories
2017-03-07 11:46:46 -05:00
Robin Ward
dad57fa033
FIX: More errors with non-ascii URLs
2017-03-07 11:21:41 -05:00