Commit graph

99 commits

Author SHA1 Message Date
Sam
9468ebeb2e CHANGE: Mini Profiler only enabled for developers in prd 2014-07-17 08:34:41 +10:00
riking
783454ebe1 Fix /p/post/user route not saving referrals
Make user id optional for /p/id/uid
Add /posts/id/raw route for debugging failed post processing
2014-07-11 14:44:07 -07:00
Neil Lalonde
5bcfb6ee38 FIX: don't show 'About category' topics on the 404 page 2014-07-04 16:18:17 -04:00
riking
2d5f667160 Make ?preview-style make sense
New behavior:
?preview-style=(sha) -- see that stylesheet
?preview-style= -- see the currently selected stylesheet
?preview-style=default -- see the default stylesheet ("rescue mode")
2014-06-20 09:06:36 -07:00
Neil Lalonde
ad2bd11d6e Add a way to get user based on sso external id 2014-06-18 14:40:25 -04:00
Régis Hanol
00117c18c3 FEATURE: dismissable banner topic 2014-06-18 20:05:19 +02:00
Sam
f1a28d62a3 FEATURE: support registration of custom html by plugins 2014-06-05 11:39:33 +10:00
Sam
fa6f22dd39 Move letter avatars out of upload system
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Sam
f8b7f0d73f FEATURE: logster env tab, log current user 2014-05-12 15:28:23 +10:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Vikhyat Korrapati
8f53b7a65b Detect arrays for serialization using respond_to?(:to_ary).
This is the way AMS detects arrays, and is more robust than checking
is_a? for whitelisted classes. For example, this works for
ActiveRecord::AssociationRelation which the current logic does not
handle.
2014-04-16 20:48:09 +05:30
Robin Ward
558a06a117 Adds better reusable error message support. Added to fetching remote
posts. /cc @riking
2014-04-02 13:22:10 -04:00
Robin Ward
b0f3061113 It doesn't make sense to redirect when not logged in on a non-GET
request. We should report a failure then. They likely logged out or
in another tab or timed out.
2014-03-05 12:12:53 -05:00
Neil Lalonde
7322345039 FIX: when shown 403 error page and logging in, it will take you to the same page 2014-02-26 17:53:53 -05:00
Robin Ward
3151f59bc9 REFACTOR: We don't cache the json for the Site model anymore, so let's
rename and remove the methods leftover from that.
2014-02-24 14:25:37 -05:00
Neil Lalonde
9545e2e46e FIX: broken 404 page. don't bother showing current_usre stuff 2014-02-21 12:24:45 -05:00
Robin Ward
d95887c57d CHANGE: We now include the _escaped_fragment_ support by default, but
only if the crawler check fails. It is a fallback for non-google search
engines that support the Ajax crawling API.
2014-02-20 17:02:26 -05:00
Robin Ward
c4b5455c21 REFACTOR: Rename GooglebotDetection to CrawlerDetection because we
will likely whitelist more crawlers in the future.
2014-02-20 16:07:02 -05:00
Régis Hanol
d443ddd43d Merge pull request #1922 from joallard/language-toggle
Allow users to toggle interface language in their preferences
2014-02-19 18:28:00 +01:00
Neil Lalonde
7f6b2e5563 Show login button on 404 page. Add routes to show login and signup modals when page/route loads. If logged in and showing 404 page, load ember app. 2014-02-18 17:18:53 -05:00
Jonathan Allard
0592420e52 Add a site setting to allow users to toggle I18n.locale
It is false by default.
2014-02-18 14:54:00 -05:00
Jonathan Allard
c513725f26 Allow users to toggle interface language in their preferences 2014-02-18 14:53:59 -05:00
Neil Lalonde
d298e2e065 Detect Googlebot from user agent and use a different layout that doesn't load javascript 2014-02-15 17:54:34 -05:00
Régis Hanol
5725f02d9e allow full access to /admin/backups while in read-only mode 2014-02-13 13:31:14 -08:00
Régis Hanol
e7472dc374 readonly mode 2014-02-13 13:31:13 -08:00
Neil Lalonde
e0df404d7e Add site setting tos_accept_required. If enabled, users must check a box saying that they've read and accept the terms of service. 2014-02-07 16:04:13 -05:00
slainer68
748e1e0748 Allow using the API when Login required site setting is on. 2014-01-24 14:02:49 +01:00
Neil Lalonde
259295d865 Add post_edit_time_limit site setting to limit the how long a post can be edited and deleted by the author. Default is 1 year. 2014-01-09 11:55:04 -05:00
christophe
dfb9b8fa58 Fix unused parameter 2014-01-04 08:53:27 +01:00
Neil Lalonde
1f0a59584b Revert "Re-apply with fixes: Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations." 2013-12-18 14:47:22 -05:00
Régis Hanol
94fda12795 use a helper instead of a view for custom HTML content 2013-12-17 18:56:59 +01:00
Régis Hanol
4c6b535cc0 move arbitrary html content out of noscript and into the preloadstore 2013-12-17 18:25:27 +01:00
Neil Lalonde
5171a23a9c Re-apply with fixes: Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations. 2013-12-11 11:19:22 -05:00
Neil Lalonde
2596f7dec2 Revert "Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations." 2013-12-09 16:28:11 -05:00
Neil Lalonde
ca5d4d5e54 Stop using user agent to detect mobile devices. Use a media query and yepnope to load the appropriate css and customizations. 2013-12-09 13:28:42 -05:00
Harry Seo
2d9876a6ac FIX: set_locale filter must be executed before check_xhr filter because check_xhr filter renders html in some cases 2013-12-04 20:49:54 +09:00
Robin Ward
7207cef7aa TopicQuery cleanup in advance of custom sorting:
- Move SQL method constants into a module
- Removed unused count methods
- Moved methods that don't return a TopicList into Topic
- Replaced some confusing method signatures
2013-11-13 12:26:32 -05:00
Régis Hanol
e9f9d22482 add query parameter to temporarily disable customization 2013-11-12 18:14:22 +01:00
Robin Ward
de30af9302 Support for inviting to a forum from a user's invite page. 2013-11-06 12:56:50 -05:00
Vikhyat Korrapati
855ee3b43d Fix ActiveRecord::Associations::CollectionProxy serialization in Rails 4. 2013-11-03 10:41:38 +05:30
Robin Ward
348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Sam
3d647a4b41 remove rack cache, it has been causing trouble
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
Sam
939a452293 require dependency was leading to errors in dev 2013-10-09 17:22:41 +11:00
Sam
7993845bfa add current_user_provider so people can override current_user bevior cleanly, see
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Neil Lalonde
45d7765936 Merge branch 'master' into mobile 2013-09-05 15:54:22 -04:00
Robin Ward
f157ec1f91 Select +Replies for bulk operations 2013-09-05 11:03:29 -04:00
Neil Lalonde
9efa29e688 Detect whether to use mobile view. Session var mobile_view can override automatic detection. 2013-08-27 14:57:42 -04:00
Sam
c4a0152dc6 recover from bad CSRF tokens without requiring a hard refresh of the browser 2013-08-27 15:56:12 +10:00
Sam
11dca1fd92 make code climate a bit happier 2013-08-06 06:25:44 +10:00
Sam
aa6c92922d SECURITY: correct our CSRF implementation to be much more aggressive 2013-07-29 15:13:13 +10:00