IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-01 21:19:41 -06:00
Code Issues Packages Projects Releases Wiki Activity
30,095 Commits 221 Branches 500 Tags 911 MiB
addf6f6d17
Commit Graph

343 Commits

Author SHA1 Message Date
Gerhard Schlager
f33433bf9e Validation of params should restrict to max int (#6331) 
* FIX: Validation of params should restrict to max int

* FIX: Send status 400 when "page" param isn't between 1 and max int
 2018-09-03 14:45:32 +10:00
Bianca Nenciu
f5e0356fb2 correct miscellaneous issues with user login history 2018-09-02 17:24:54 +10:00
Sam
b3aab1770f FIX: set old last modified date for invalid avatars 
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
 2018-08-31 17:07:31 +10:00
Blake Erickson
c6f339a0b5 format json better with spaces in my test 2018-08-30 14:39:40 -06:00
Blake Erickson
ae532f8548 FIX: return 422 for an invalid group name on category create 2018-08-30 14:28:55 -06:00
David Taylor
103509b9dd SECURITY: Prevent users from modifying custom fields 2018-08-30 12:59:36 +01:00
Bianca Nenciu
72ffabf619 UX: Improve email testing admin tool. (#6308) 2018-08-29 23:14:16 +02:00
Neil Lalonde
ebe7835316 FIX: links in rss feeds are sometimes wrong on subfolder installs 2018-08-27 18:05:15 -04:00
Raul Tambre
2271918be2 FEATURE: Use S3 dualstack endpoints 
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
 2018-08-27 11:22:46 +10:00
Joffrey JAFFEUX
82dcc5cbfa
FEATURE: makes reports loadable in bulk (#6309) 2018-08-24 15:28:01 +02:00
Osama Sayegh
e0cc29d658 FEATURE: themes and components split 
* FEATURE: themes and components split

* two seperate methods to switch theme type

* use strict equality operator
 2018-08-24 11:30:00 +10:00
Sam
29315b73c2 FIX: improve last_modified date returned for avatars 
instead of hard coding a date:

1. For optimized images use the upload date when on s3
2. For not-found use 10 minutes ago to match the expiry
 2018-08-24 09:36:11 +10:00
Osama Sayegh
2711f173dc FIX: don't allow inviting more than max_allowed_message_recipients 
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows

* add specs for guardian

* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)

Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences

* groups take only 1 slot in PM

* just return if topic is a PM
 2018-08-23 14:36:49 +10:00
James Kiesel
cdea969c6a FEATURE: Make initial admins TL1 
* Match register controller TL to rake admin:create
* Don't promote if trust_level > 1
 2018-08-22 15:45:24 +10:00
Gerhard Schlager
17dc8f2490 UX: Wizard resends activation email when user exists 2018-08-21 19:13:41 +02:00
Sam
2d96160192 FEATURE: improve API error reporting for invalid records 2018-08-21 11:54:34 +10:00
Guo Xiang Tan
b4f92a05b3 FIX: Load more on groups page does not account for params. 
https://meta.discourse.org/t/cant-scroll-through-list-of-users-groups-if-more-than-one-page/92259
 2018-08-20 17:08:50 +08:00
Sam
f5fe58384f correct regression around file renaming 2018-08-20 16:08:05 +10:00
Sam
ce4b12ae59 FIX: if we have not target available do not redirect 2018-08-20 13:10:59 +10:00
Sam
d7b1919ead correct specs 2018-08-20 12:46:14 +10:00
Guo Xiang Tan
a9e502936f FIX: Converting PNG to JPEG does not set the correct extension. 2018-08-17 13:09:48 +08:00
Sam
f62073a22a correct regression uploading images 2018-08-16 18:49:08 +10:00
Gerhard Schlager
937ab3f213 FIX: Validation of min_posts and max_posts didn't work 2018-08-16 10:36:53 +02:00
Sam
796164b58c FIX: automatically correct bad avatars on access 
Also start relying on upload extension for optimized images
 2018-08-16 16:32:56 +10:00
Sam
38c10a3dc2 correct the validator 2018-08-15 14:56:24 +10:00
Misaka 0x4e21
d4fd19d49a UX: Replace Google search with Discourse search on not found page 
* UX: Replace Google search with Discourse search on not found page.

* FIX: Update application_controller_spec.rb.
 2018-08-15 11:53:04 +10:00
Sam
06f82a7d72 correct exception handling, always do to_i in array 2018-08-15 11:31:42 +10:00
Sam
bc47148d35 add validation to exclude_category_ids 2018-08-15 09:53:28 +10:00
Régis Hanol
12bab65167 FIX: going from /categories to /latest on mobile might break infinite scrolling 2018-08-15 01:22:03 +02:00
Gerhard Schlager
ba0e322fd0 FIX: Validation of topic params broke discourse-assign 2018-08-14 18:45:46 +02:00
Sam
ad5f502332 FIX: add a basic validator for topic params 
This cuts down on log noise when people try out sql injection
 2018-08-14 17:01:04 +10:00
Guo Xiang Tan
d10c9d7d75 FIX: Missing extensions for non-image uploads due to 2b57239389. 2018-08-13 10:58:55 +08:00
Gerhard Schlager
b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Gerhard Schlager
ef4b9f98c1 FEATURE: Allow admins to reply without topic bump 2018-08-10 10:48:30 +10:00
Neil Lalonde
2c4d7225d8 FIX: permalink redirects with subfolder 2018-08-09 11:05:27 -04:00
Sam
ed4c0f256e FIX: check permalinks for deleted topics 
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
 2018-08-09 15:05:12 +10:00
Osama Sayegh
0b7ed8ffaf FEATURE: backend support for user-selectable components 
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
 2018-08-08 14:46:34 +10:00
Guo Xiang Tan
2b57239389 FIX: Upload's content is the only source of truth for the file type. 2018-08-07 13:15:00 +08:00
Sam
6797395bd0 FIX: staff should be allowed to agree and keep post 2018-08-07 10:05:43 +10:00
David Taylor
812add18bd REFACTOR: Serve auth provider information in the site serializer. 
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
 2018-08-06 09:25:48 +01:00
Penar Musaraj
1f45215537 FEATURE: Drafts view in user profile 
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
 2018-08-01 16:34:54 +10:00
Guo Xiang Tan
919e8db686 FIX: Check for group name availability should skip reserved usernames. 2018-08-01 11:09:33 +08:00
Neil Lalonde
1708ff1808 UX: add a route /rules as an alias for /faq and /guidelines 2018-07-26 15:38:08 -04:00
David Taylor
f38942d121 FIX: Destroy session between omniauth callbacks controller tests 2018-07-25 16:33:42 +01:00
Gerhard Schlager
1ac643d71c FIX: Email template for "Queued Posts Reminder" was not found 2018-07-24 17:26:52 +02:00
Guo Xiang Tan
fad9c2b971 PERF: Move EmailLog#reply_key into new post_reply_keys table. 2018-07-24 13:51:53 +08:00
Guo Xiang Tan
ae8b0a517f PERF: Split skipped email logs into a seperate table. 2018-07-24 13:14:37 +08:00
Neil Lalonde
f4b5eccad3 FIX: categories page crawler view had incorrect URLs 2018-07-23 14:54:41 -04:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099) 
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
 2018-07-23 16:51:57 +01:00
Joffrey JAFFEUX
a2281fbb19
FEATURE: allows to jump to a date in a topic 2018-07-19 16:00:13 +02:00
Régis Hanol
6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Sam
ac0053f491 FEATURE: navigate to first post and auto bump category settings 
### navigate_to_first_post_after_read setting for categories

When enabled on categories logged on users will return to OP after
reading the entire category. (useful for documentation categories)

### num_auto_bump_daily

Set a number of topics that will automatically bump daily on a category.

- Every 15 minutes we will check if any category has this setting
- Categories with the setting are shuffled
- We exclude pinned, closed, category description and archived topics
- Maximum of 1 topic for the list of categories is bumped till limit reached per category
- We always try to bump oldest first
- Limit is elastic using a RateLimiter that ensures that we only bump N per day

Also some minor organisation on category settings

Froze strings on category.rb
 2018-07-16 18:10:35 +10:00
Leo McArdle
21ebb1cd54 FEATURE: Secondary emails support. 2018-07-16 11:09:49 +08:00
Guo Xiang Tan
711371e8c8 FIX: Select+below will ask server for post ids on megatopics. 2018-07-13 15:10:39 +08:00
Kyle Zhao
2901691e87 FEATURE: per-category approval settings (#5778) 
- disallow moving topics to a category that requires topic approval
 2018-07-13 12:51:08 +10:00
Guo Xiang Tan
258e9e35ca PERF: Make mega topics work without a stream. 
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld.
 2018-07-12 12:46:12 +08:00
OsamaSayegh
decf1f27cf FEATURE: Groundwork for user-selectable theme components 
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
 2018-07-12 14:18:21 +10:00
Guo Xiang Tan
0a28181c62 Fix the build take 2. 2018-07-10 11:27:03 +08:00
Guo Xiang Tan
5374a0e720 Fix the build. 2018-07-10 09:48:57 +08:00
Jordan Seanor
10bc69a62f FEATURE: Event on topic merge (#6057) 2018-07-10 09:28:57 +08:00
David Taylor
9a813210b9 SECURITY: Do not allow authentication with disabled plugin-supplied a… (#6071) 
Do not allow authentication with disabled plugin-supplied auth providers
 2018-07-09 14:25:58 +10:00
Guo Xiang Tan
9948f57a99 REFACTOR: Update test to assert for the right objects. 2018-07-09 09:54:14 +08:00
Maja Komel
18f5f646b1 FEATURE: allow selecting a tag when moving posts to a new topic (#6072) 2018-07-06 18:21:32 +02:00
Sam
e72fd7ae4e FIX: move crawler blocking into anon cache 
This refinement of previous fix moves the crawler blocking into
anonymous cache

This ensures we never poison the cache incorrectly when blocking crawlers
 2018-07-04 11:14:43 +10:00
Sam
7f98ed69cd FIX: move crawler blocking to app controller 
We need access to site settings in multisite, we do not have access
yet if we attempt to get them in request tracker middleware
 2018-07-04 10:30:50 +10:00
Sam
982df3c17b FIX: return status 400 for invalid member params 
previously error returned was a 500 which is not ideal
and is logged
 2018-06-29 10:15:17 +10:00
Robin Ward
fd7bb8e656 FIX: Scope the cn to the subfolder 2018-06-28 11:03:36 -04:00
Maja Komel
ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Arpit Jalan
6bcdc3ba4b FEATURE: allow author to delete posts irrespective of post_edit_time_limit 2018-06-26 21:43:06 +05:30
Arpit Jalan
7efdccdbc5 FIX: allow staff to remove tags from queued topics 2018-06-26 17:08:40 +05:30
Guo Xiang Tan
0365806b93 FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
Michael Brown
ae5d255f83 FIX: Reference example.com instead of somesite.com in examples 
* somesite.com actually exists...
* example.com should be used in examples and is harmless to visit
 2018-06-19 10:37:24 -04:00
Sam
5f86434bf1 DEV: make tests less fragile 2018-06-14 18:31:07 +10:00
Rafael dos Santos Silva
8fc08aad09 FEATURE: Update the webmanifest 
- Remove share target because the spec is changing
- Allow any orientation again because natural is too restrictive
- Use correct file and mime types for the manifest
 2018-06-14 00:13:28 -03:00
OsamaSayegh
4a9dadb646 Add test case for topic embed CSS 2018-06-13 16:22:54 +10:00
OsamaSayegh
249a256cd2 Fix build 2018-06-11 09:12:28 +03:00
OsamaSayegh
77f1cdf20e REFACTOR: admin backups controller specs to requests (#5953) 2018-06-11 13:26:24 +08:00
OsamaSayegh
1dbe13886f REFACTOR: admin site texts controller specs to requests (#5958) 2018-06-11 12:59:21 +08:00
OsamaSayegh
4f06d6078b REFACTOR: admin themes controller specs to requests (#5954) 2018-06-11 12:54:16 +08:00
OsamaSayegh
1fe092da0a REFACTOR: admin badges controller specs to requests (#5960) 2018-06-11 12:50:56 +08:00
OsamaSayegh
bf8d392a51 REFACTOR: admin user fields controller specs to requests (#5961) 2018-06-11 12:50:21 +08:00
OsamaSayegh
4c8939d530 REFACTOR: admin email controller specs to requests (#5962) 2018-06-11 12:50:08 +08:00
OsamaSayegh
c0776884dd REFACTOR: admin reports controller specs to requests (#5963) 2018-06-11 12:49:28 +08:00
OsamaSayegh
da94eaa81d REFACTOR: admin color schemes controller specs to requests (#5964) 2018-06-11 12:48:58 +08:00
OsamaSayegh
767f022b29 REFACTOR: admin screened ip addresses controller specs to requests (#5965) 2018-06-11 12:48:34 +08:00
OsamaSayegh
93b1386fb2 REFACTOR: admin site settings controller specs to requests (#5966) 2018-06-11 12:48:09 +08:00
OsamaSayegh
325f975ed3 REFACTOR: admin dashboard controller specs to requests (#5967) 2018-06-11 12:47:42 +08:00
OsamaSayegh
a4574cf2ca REFACTOR: admin webhooks controller specs to requests (#5969) 2018-06-11 12:47:29 +08:00
OsamaSayegh
a914ec28fc REFACTOR: admin impersonate controller specs to requests (#5968) 2018-06-11 12:47:14 +08:00
OsamaSayegh
d22b552c9b REFACTOR: admin emojis controller specs to requests (#5974) 2018-06-11 12:39:31 +08:00
OsamaSayegh
12b1687e1f REFACTOR: admin permalinks controller specs to requests (#5970) 2018-06-11 12:37:21 +08:00
OsamaSayegh
37c84451ed REFACTOR: admin staff action logs controller specs to requests (#5971) 2018-06-11 12:37:06 +08:00
OsamaSayegh
65241c6778 REFACTOR: admin api controller specs to requests (#5972) 2018-06-11 12:35:45 +08:00
OsamaSayegh
2c8a9d36af REFACTOR: admin versions controller specs to requests (#5973) 2018-06-11 12:35:05 +08:00
OsamaSayegh
237559c76f REFACTOR: admin screened emails controller specs to requests (#5975) 2018-06-11 12:33:54 +08:00
OsamaSayegh
f30c2dacb2 REFACTOR: admin screened urls controller specs to requests (#5976) 2018-06-11 12:33:38 +08:00
OsamaSayegh
63b2207065 REFACTOR: admin plugins controller specs to requests (#5977) 2018-06-11 12:33:07 +08:00
OsamaSayegh
c6fe082fe4 REFACTOR: admin controller specs to requests (#5978) 2018-06-11 12:32:55 +08:00
OsamaSayegh
4ac7be1d1c REFACTOR: admin embeddable hosts controller specs to requests (#5979) 2018-06-11 12:32:13 +08:00
OsamaSayegh
062aecd239 REFACTOR: admin embedding controller specs to requests (#5980) 2018-06-11 12:31:58 +08:00