Commit graph

35 commits

Author SHA1 Message Date
Robin Ward
1c3804934e Show the entire history of replies above a post when you expend "in reply to" 2013-08-06 17:43:10 -04:00
Sam
4a20d09523 distributed memoizer added to ensure absolute duplicate posts don't get through
in case of an absolute dupe just return the memoized post

This works around issues with wordpress being crazy
2013-07-29 12:25:19 +10:00
Sam
1f3c5cb656 allow end user to recover a post they delete
automatically delete stubs after 1 day
2013-07-22 17:48:47 +10:00
Sam
0ec1438b9a correct auto track param parsing for WordPress 2013-07-22 15:07:20 +10:00
Sam
acba0ea41e add auto track to permitted params 2013-07-22 15:07:20 +10:00
Robin Ward
5eaae063f0 Discourse Macro Helpers + Minor Fix to Admin User View 2013-07-11 19:35:52 -04:00
Robin Ward
d98f288aa4 FIX: Recovering a deleted post was not updating a topic's statistics 2013-07-09 12:15:55 -04:00
Sam
f6b850e7a4 allow skipping the validations on creation if its an api call AND skip_validations is specified
this allows wordpress plugin to post very very short titles or titles that would otherwise be disallowed
2013-07-02 12:23:19 +10:00
Neil Lalonde
e263bb3c0a Anons should be able to see post history 2013-06-19 16:43:16 -04:00
Ian Christian Myers
b61e10f9ad All parameters for #create in PostsController pass through strong_parameters.
We are now explicitly whitelisting all parameters for Post creation. A nice side-effect is that it cleans up the #create action in PostsController. We can now trust that all parameters entering PostCreator are of a safe scalar type.
2013-06-07 01:29:25 -07:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
870e59883b secure the links on the topic pages, eliminated deleted topics as well. 2013-06-05 16:10:26 +10:00
Robin Ward
d554a59102 Support for a new site setting: newuser_spam_host_threshold. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Neil Lalonde
9828c87525 Topic Auto-Close: admins and mods can set a topic to automatically close after a number of days 2013-05-13 12:53:52 -04:00
Sam
942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Sam
20493106cd fix post trashing 2013-05-07 17:56:56 +10:00
Sam
e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam
cef9a74053 route for markdown /md/topic_id/post_number 2013-04-30 16:30:41 +10:00
Sam
f9e33ec6b8 store ip address and current user with incoming links
make links long an readable in share dialog
2013-04-26 16:18:55 +10:00
Sam
37867af1bb track incoming links, amend share link to include user
fix pm styling
2013-04-24 18:05:35 +10:00
Régis Hanol
c5cf8be864 auto replace rules in titles 2013-04-10 11:00:50 +02:00
Sam
2295290383 added best=N option to get N best comment on a post 2013-03-27 22:53:11 -07:00
Sam
fc94d3e551 match the create api with the update api ... so api is more consistent 2013-03-26 23:49:35 -07:00
Sarah Vessels
54c7b1ab63 Use consistent new-style hashes in render calls *twitch* 2013-03-22 14:08:11 -04:00
Sam
62c60540be pull moderator into own column, rename trust levels 2013-03-19 21:06:11 -07:00
Robin Ward
59fc3bfac4 PostDestroyer to replace callbacks for destroying 2013-03-18 17:55:11 -04:00
Gosha Arinich
0c99dea153 introduce Enum 2013-03-01 21:16:36 +03:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Robin Ward
532b1f5450 Can edit category descriptions, they show up in a title attribute 2013-02-22 13:43:47 -05:00
Robin Ward
b9457197c0 First stab at new user education - configurable messages that pop up on a user's first
few posts/topics.
2013-02-14 15:33:51 -05:00
Robin Ward
03a798b202 Can clear flags on deleted posts if you're a moderator 2013-02-08 19:07:29 -05:00
Robin Ward
7c11c3fe0f Can edit deleted posts. 2013-02-08 17:49:15 -05:00
Robin Ward
084a873b91 Give regular users a delete button. If they click it, their post will be revised to
say it was deleted.
2013-02-07 15:14:23 -05:00
Jakub Arnold
61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00