Commit Graph

3632 Commits

Author SHA1 Message Date
Guo Xiang Tan
a89f60b85b Merge pull request #4631 from tgxworld/prevent_users_from_changing_permissions_of_non_real_users
FIX: Do not allow admins to meddle with admin and moderation access o…
2017-01-04 09:10:27 +08:00
Robin Ward
cf7774bdd9 FEATURE: Block muted users from sending you PMs 2017-01-03 14:51:53 -05:00
Jeff Atwood
15a0f3cb14 add vertical align to email blockquote avatar img 2017-01-02 13:49:00 -08:00
Arpit Jalan
495a511862 simplify quote markup in emails 2017-01-02 21:37:01 +05:30
Neil Lalonde
477b237e45 FIX: use 'other' instead of 'many' for Ukrainian pluralization until translations are fixed 2016-12-30 11:49:25 -05:00
Guo Xiang Tan
f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Guo Xiang Tan
c7b151683d FIX: Do not allow admins to meddle with admin and moderation access of non real users. 2016-12-29 11:11:33 +08:00
Neil Lalonde
dd4937a493 Version bump to v1.7.0.beta11 2016-12-28 18:14:06 -05:00
Sam
d28d8a1f85 FIX: order by op_likes leads to broken browsing 2016-12-27 19:08:54 +11:00
Sam
2f6a4cc6de remove UserActionObserver, replace with after_save and service
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam
0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan
13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Guo Xiang Tan
5d7f3223f0 SECURITY: Users can only bookmark posts which they can see. 2016-12-21 12:01:26 +08:00
Neil Lalonde
c75bebdea2 FIX: uncategorized setting to control whether topic featured links are allowed 2016-12-20 15:55:30 -05:00
Régis Hanol
b12b2b1911 change onebox preview key for me consistency 2016-12-20 11:18:47 +01:00
Sam
ea9f7a41af remove gctools (no longer used) add gctracer for debugging 2016-12-20 15:07:30 +11:00
Régis Hanol
52cd9972bb FIX: prevent DDoS with lots of _oneboxable_ links
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Sam
2b808ad9da Merge pull request #4609 from joebuhlig/category-topics-wiki
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde
a65281d5ea FIX: better support for featured link topics in summary emails 2016-12-19 17:05:49 -05:00
Neil Lalonde
3256620d5d FIX: some blank topics and posts in summary email because they're images 2016-12-19 16:21:31 -05:00
Neil Lalonde
923cf73c6e Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox. 2016-12-19 14:54:07 -05:00
Robin Ward
e03d5e2140 Reapply Ember 2.10 for good this time!
This reverts commit ddd299f4aa.
2016-12-19 11:19:10 -05:00
Joe Buhlig
87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Régis Hanol
c7289f423f fix letter_avatar spec 2016-12-19 10:00:28 +01:00
Sam
e0ff57ca75 SECURITY: prevent reuse of password reset 2016-12-19 18:00:22 +11:00
Robin Ward
ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while""
This reverts commit 76bbc481cb.
2016-12-16 10:29:30 -05:00
Robin Ward
76bbc481cb Revert "Revert Ember 2.10+ for a short while"
This reverts commit 21682fd60b.
2016-12-16 09:52:29 -05:00
Sam
6ff309aa80 SECURITY: don't grant same privileges to user_api and api access
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
Régis Hanol
197517d55e FIX: locally uploaded audio & video files should onebox even when the extension is uppercase 2016-12-15 23:21:44 +01:00
Robin Ward
21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Neil Lalonde
f01f95d62d FEATURE: new settings to customize some colors in emails 2016-12-15 14:43:53 -05:00
Neil Lalonde
e6361d1228 Version bump to v1.7.0.beta10 2016-12-14 14:57:51 -05:00
Guo Xiang Tan
c80466a801 Merge pull request #4589 from tgxworld/rescue_error
FIX: Don't raise error when admin access is invalid.
2016-12-14 17:43:44 +08:00
Guo Xiang Tan
9a800107cb FIX: Associate category logo and background to uploads record. 2016-12-12 17:37:28 +08:00
Guo Xiang Tan
05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Neil Lalonde
17bc42fe85 FIX: box style category badges in emails, and shrink text and some spacing in summary email 2016-12-09 16:59:54 -05:00
Neil Lalonde
fb2633366a FIX: featured link topics shouldn't require the same min post length 2016-12-09 15:46:26 -05:00
Neil Lalonde
a4c4f13901 Remove the topic_featured_link_onebox setting. We will always try to onebox a link and add it to the body if topic_featured_link_enabled is enabled. 2016-12-09 13:28:12 -05:00
Sam
846597f563 FIX: staff tags are stripped by non-staff 2016-12-09 17:24:26 +11:00
Sam
02b21a26dd Merge pull request #4585 from ibnesayeed/urdu-support
Add initial Urdu support with RTL direction
2016-12-09 13:01:25 +11:00
Neil Lalonde
ee54e37a1f Version bump to v1.7.0.beta9 2016-12-07 17:50:43 -05:00
Régis Hanol
f4688f74db FIX: emoticons stop summary from being updated 2016-12-07 23:05:14 +01:00
Sawood Alam
3f765e0227
Added Urdu locale file for moment.js 2016-12-06 13:55:38 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Régis Hanol
951ef0d949 UX: fix onebox styling in emails 2016-12-05 12:00:04 +01:00
Guo Xiang Tan
4b75ad5110 FIX: Don't raise error when admin access is invalid. 2016-12-05 17:36:45 +08:00
Guo Xiang Tan
22059d4df9 Add Rake task to clean up unused multisite Redis keys. 2016-12-05 11:46:34 +08:00
Guo Xiang Tan
ce36f54dcd Add rake task to clean up orphane Redis keys when a multisite has been removed. 2016-12-05 11:39:08 +08:00
Sam
39a524aac8 FEATURE: brotli cdn bypass for assets
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Sam
33d0a23d84 Merge branch 'fix_whisper' 2016-12-05 10:01:03 +11:00