Commit graph

8 commits

Author SHA1 Message Date
Robin Ward
3b7d3aa487 FIX: Search wasn't using the lowercase username for finding the context. 2013-06-10 10:42:06 -04:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Robin Ward
bd779834e5 Use search context for filtering search results by current category or user 2013-05-24 14:04:26 -04:00
Robin Ward
b9a310f4b1 Search Refactor: Let's use a class to keep track of our state rather
than passing params everywhere. Also make the private API private.
2013-05-22 15:22:06 -04:00
Sam
b6bf95e741 speed up startup (avoid loading some gems on startup)
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam
98d9f174ae fix spec 2013-05-13 11:07:22 +10:00
Regis Hanol
5703d6c730 added the min-search-term-length site setting 2013-03-07 16:52:01 +01:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00