Robin Ward
005b8bf7c3
FIX: When creating a SSO user via sync, do not user the IP address.
2015-02-25 14:41:23 -05:00
Neil Lalonde
cf81b3f86d
FEATURE: don't allow username and password to be the same
2015-02-25 12:00:13 -05:00
Dan Singerman
1c545d4c1e
Allow adding and removing members of groups by username or id
...
As discussed here: https://meta.discourse.org/t/discourse-gem-group-add/25668/2 .
2015-02-25 14:52:13 +00:00
Sam
9ca61efa97
correct test
2015-02-25 18:09:45 +11:00
Sam
b760d22460
PERF: avoid expensive order by random for suggested topics
2015-02-25 17:19:12 +11:00
Sam
7b6e85cb6c
remove unused api call
...
correct spec
2015-02-25 14:39:50 +11:00
Sam
3658c21fc5
REGRESSION: incorrect ordering when featuring topics
2015-02-25 14:24:25 +11:00
Sam
fe578f9944
FEATURE: Allow manual assignment of related post to badge
...
PERF: clean up performance of user badges admin when large number of badges exist
2015-02-25 12:53:01 +11:00
Robin Ward
34dc1f9e10
Spec to ensure that SSO respects blocked emails
2015-02-23 17:14:54 -05:00
Robin Ward
ca5730018a
FIX: SSO code should respect IP address filters
2015-02-23 16:01:46 -05:00
Robin Ward
8186d86f38
FIX: Enforce max length for custom user fields
2015-02-23 13:02:30 -05:00
Sam
6960639c58
Merge pull request #3190 from riking/thrown_logging
...
Delete old ErrorLog, use Logster for 500 errors
2015-02-23 14:19:16 +11:00
Régis Hanol
20c9a312c7
FIX: clicks counter on attachments wasn't always working
2015-02-22 20:47:18 +01:00
Sam
17927b2e8b
FIX: don't use flash cause we are not redirecting
...
(we should probably change that though)
2015-02-20 10:28:58 +11:00
Régis Hanol
e74b9ee5da
FIX: should not count disagreed flags
2015-02-19 18:11:07 +01:00
Sam
103d42a9d9
FIX: emoji cache could get corrupt
...
FEATURE: enforce 1 day expiry by default on discourse cache
remove family expiry concept as the implementation was fragile
2015-02-19 16:58:22 +11:00
Sam
709ab731c7
don't put missing notifications in the stream for tests.
2015-02-19 13:20:25 +11:00
Sam
451788b95d
FIX: allow searching in PMs when "search this topic" is selected
2015-02-19 12:56:49 +11:00
Sam
b041b3f67f
FIX: bookmark topic was not working intuitively
...
- explicitly call out "clear bookmarks"
- correct keyboard shortcuts
- properly remove bookmarks when toggeling
2015-02-19 10:58:57 +11:00
Arpit Jalan
f3daae6dec
Improve auto generated email reply error message
2015-02-18 18:58:51 +05:30
Loïc Guitaut
395654bf24
Fix regression on editing private messages
...
v1.2.0beta9 has introduced a regression in edit of a private topic
(first post). Previously a check for no change in TopicsController was
made but it has been changed without considering that the topic could
be private.
By simply forcing a conversion of `topic.category_id` to integer, the case
where its value is nil is handled correctly as it was previously.
2015-02-18 00:41:16 +01:00
Arpit Jalan
6e5540c107
FIX: do not show name in email if name on posts are disabled
2015-02-18 01:39:41 +05:30
Sam
cdef67667a
PERF: allow background jobs to flush between requests in same thread
2015-02-17 09:58:43 +11:00
Régis Hanol
3cad4824d7
FEATURE: allow moderators to see flagged private messages
2015-02-16 13:03:04 +01:00
Régis Hanol
0b45054e2b
FIX: couldn't uncategorize a topic
2015-02-16 10:31:36 +01:00
Robin Ward
3ce2077aa8
Migrate unsubscribe keys to the database.
...
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
Robin Ward
e207ca36ee
Easier helper for filtering secured categories
2015-02-12 11:52:59 -05:00
Sam
276fd702e8
missed a send which caused code to break
2015-02-12 15:01:14 +11:00
Régis Hanol
c4e427cf73
FEATURE: filter screened IP addresses
2015-02-10 19:38:59 +01:00
Robin Ward
8d46de4819
Add a spec for the new plugins controller
2015-02-10 12:35:53 -05:00
Sam
acda6ebd60
FIX: view tracking needs to release data earlier
...
retaining data during queuing was causing huge memory spikes
2015-02-10 17:03:33 +11:00
riking
68ccd2d664
FEATURE: All 500 errors now show up in Logster
...
Added Discourse.handle_request_exception()
2015-02-09 12:48:33 -08:00
riking
5657006aca
Rename handle_exception to handle_job_exception
2015-02-09 12:47:46 -08:00
Régis Hanol
e36272cb68
fix the build
2015-02-09 17:13:22 +01:00
Sam
e8323fa534
FIX: removing a group from a user was not removing primary group
2015-02-09 16:03:09 +11:00
Robin Ward
7dea65122e
Support a url
field in plugin metadata
2015-02-06 18:08:57 -05:00
Régis Hanol
f7d2fc0524
FEATURE: 'reply by email address' validator
...
Prevent infinite email loophole when the 'reply_by_email_address' site setting is the same as the 'notification_email'.
2015-02-06 12:08:37 +01:00
Sam
820ce8765e
refactor traffic report
...
split traffic report in 2, page view vs raw traffic
hide raw traffic report by default
improve flushing logic for application reqs
2015-02-06 14:39:16 +11:00
Robin Ward
4e64d16a47
FEATURE: Allow plugins to log staff actions
2015-02-05 15:26:34 -05:00
Régis Hanol
2fcd199f48
FIX: send a PM to moderators when a post has been flagged as sockpuppet
2015-02-05 19:58:49 +01:00
Régis Hanol
f1403206ca
Merge pull request #3169 from riking/patch-3
...
SECURITY: Don't leak topic title in the redirect
2015-02-05 12:47:58 +01:00
Sam
08b790b3c2
improve metrics gathered using in our traffic section
...
this also pulls out the middleware into its own home and inserts in front
2015-02-05 16:08:52 +11:00
Sam
eb7a5c251d
freeze time in report spec so it has consistent results
2015-02-05 11:33:13 +11:00
Robin Ward
3b68214210
FIX: Clean up after adding events. Fixes random test failures.
2015-02-04 17:33:18 -05:00
Robin Ward
25daca8f23
Helpers for plugins to support enabling/disabling
2015-02-04 16:23:56 -05:00
riking
4c8850108a
SECURITY: Don't leak topic title in the redirect
2015-02-04 11:55:39 -08:00
Sam
a4b96adfc5
eliminate cross talk in site setting test
2015-02-04 16:57:16 +11:00
Sam
c150c55e2d
FEATURE: rudimentary view tracking wired in
2015-02-04 16:15:16 +11:00
Sam
e105f0965c
infrustructure for tracking application web requests
2015-02-04 16:15:16 +11:00
Robin Ward
aacf2e6f20
Can add shadowed_by_global
to a site setting to override
...
If a site setting has `shadowed_by_global: true` then, if
a `GlobalSetting` exists with the same name then that value
will be used instead. Additionally, the setting will be hidden.
This is useful in a multisite environment for private settings
such as API keys. You want to set it globally, yet not display
the key to customers.
2015-02-03 16:49:22 -05:00
Robin Ward
f15b0d205f
FIX: The "too similar" check happened when trying to make a post a wiki
2015-02-02 12:44:56 -05:00
Dan Singerman
64c4bd5dbf
Fix force_avatar_update.to_i error as force_avatar_update is a boolean
...
If force_avatar_update is passed in sso attributes it errors on
force_avatar_update.to_i. The SingleSignOn class forces avatar_force_update
to a boolean, so it should be treated as such.
2015-01-30 09:51:38 +00:00
Sam
8264dbd971
Merge pull request #3140 from fullfatthings/fix_missing_sso_avatar_bug
...
Fix bug when sso_overrides_avatar is true but no avatar_url is passed
2015-01-30 10:45:25 +11:00
Sam
b1f81c0dca
Merge pull request #3080 from riking/misc
...
Miscellaneous fixes from PR#3000
2015-01-30 10:23:17 +11:00
Sam
ea7af7a83b
Merge pull request #3135 from longhotsummer/fix-no-user-params
...
FIX: creating a user shouldn't error when optional fields aren't given
2015-01-30 10:12:57 +11:00
riking
85a7b925c7
Miscellaneous fixes from PR#3000
...
FIX: Don't require login to view post raw
FIX: Don't submit read-guidelines for anonymous users (causes
unnecessary 403 errors from ensure_logged_in)
FIX: Don't pass nil to an array serializer
2015-01-29 13:56:32 -08:00
Régis Hanol
6a68e8c272
FIX: use CDN for user card/profile background and user avatars (for real this time)
2015-01-29 22:53:48 +01:00
Arpit Jalan
6c410ed093
FIX: strip whitespaces from user email
2015-01-30 01:44:24 +05:30
Robin Ward
e42e9bd010
Merge pull request #3149 from techAPJ/patch-2
...
FIX: allow developer emails to bypass email blacklist/whitelist restrict...
2015-01-29 13:42:59 -05:00
Arpit Jalan
58f46137d6
FIX: allow developer emails to bypass email blacklist/whitelist restriction
2015-01-30 00:10:03 +05:30
Robin Ward
1f40807001
Add extensibility point for whenever a post is created
2015-01-29 12:46:29 -05:00
Régis Hanol
bdb0b45834
Merge pull request #3148 from techAPJ/patch-1
...
Do not allow TL0 users topics in email digest
2015-01-29 17:50:21 +01:00
Robin Ward
6e862e0e59
FIX: Should flush rate limit keys before testing it
2015-01-29 11:45:12 -05:00
Arpit Jalan
21e94859a9
Do not allow TL0 users topics in email digest
2015-01-29 21:10:26 +05:30
Arpit Jalan
e97755ab5d
FIX: remove custom Discourse headers in email
2015-01-29 17:25:50 +05:30
Régis Hanol
cd2c9edb46
FIX: 🐛 upload on IE9 wasn't working :'(
...
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Robin Ward
d43944b3ed
Extensibility for tracking changes to a topic
2015-01-28 13:37:06 -05:00
Dan Singerman
dbf2f4efec
Fix bug when sso_overrides_avatar is true but no avatar_url is passed
...
If a user has a current avatar, and sso_overrides_avatar is true, but no avatar_url is
passed in the sso attributes, the current code errors, as it tries to parse a nil
as a URL. It seems to me valid that a third party system may not pass an avatar_url in
some cases (e.g. avatars may not be mandatory, so not all users may have them)
This might warrant a discussion about what should happen in this case; maybe the current
avatar in discourse should be removed? This branch merely stops the login process erroring.
2015-01-28 16:01:39 +00:00
Arpit Jalan
b0369061e2
FIX: always set a default Message ID in email
2015-01-28 14:49:38 +05:30
Arpit Jalan
12c82bed59
Disable digest emails site setting
2015-01-27 22:41:36 +05:30
Greg Kempe
d99ccf6d27
FIX: creating a user shouldn't error when optional fields aren't provided
...
This fixes a bug where the server would 500 if the only user fields
where optional ones, and the create_user call didn't provide any
values so that params[:user_fields] was nil.
Additionally, don't bother double-checked for required fields, since we
iterate over all fields and will catch any that are required and blank.
2015-01-27 11:48:27 +02:00
Arpit Jalan
5c2ee8ec2a
FEATURE: suppress digest emails for users not seen on the site for more than (n) days.
2015-01-26 22:04:02 +05:30
riking
1ab0d6bd82
FEATURE: Log username changes by staff
...
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
Régis Hanol
7a86abd105
Merge pull request #3084 from jmay/group-managers
...
table & model changes for group managers with permission to edit members
2015-01-16 12:02:38 +01:00
Neil Lalonde
4a11bb5227
FIX: on topic page, don't try to render post counts for a deleted user
2015-01-15 15:39:34 -05:00
Robin Ward
dc801bb442
Merge pull request #3102 from techAPJ/patch-2
...
Add username and date-time in exported file name
2015-01-15 15:35:06 -05:00
Robin Ward
505fa9f1cf
FIX: 🐛 Saving the same custom field array twice would raise an error
2015-01-15 15:31:50 -05:00
Arpit Jalan
c619aed8f9
💄 add username and date-time in exported file name
2015-01-16 01:39:46 +05:30
Jason W. May
a2b284a0a4
table & model changes for group managers with permission to edit membership
2015-01-15 11:44:42 -08:00
Régis Hanol
b4e5937850
FIX: 🐛 ensure emoji are case insensitive
2015-01-15 19:00:55 +01:00
Arpit Jalan
c4da9ce62f
FIX: old csv's were not getting deleted
2015-01-15 00:00:39 +05:30
Arpit Jalan
835835832f
FIX: user list export was failing
2015-01-14 16:24:42 +05:30
Arpit Jalan
b94c7922c5
🐎 gzip csv export files
2015-01-14 13:38:37 +05:30
Arpit Jalan
7771d2fb31
remove enable_email_names setting
2015-01-13 13:35:40 +05:30
Régis Hanol
1032fa7262
Merge pull request #3089 from lucianosousa/enhacement/controllers-rspec3
...
controllers with rspec3 syntax
2015-01-12 16:25:31 +01:00
Régis Hanol
5f98be6ec5
Merge pull request #3088 from lucianosousa/enhacement/components-rspec3
...
few components with rspec3 syntax
2015-01-12 16:25:25 +01:00
Régis Hanol
f7f5e39f75
FIX: Minor Admin bug with a setting when creating a new group
2015-01-23 20:31:48 +01:00
Régis Hanol
256519dddf
FEATURE: automatic group membership based on email address
2015-01-23 18:25:43 +01:00
Robin Ward
b3a2c0c45b
SECURITY: The SSO return_path
was an open redirect
...
This security fix needs SSO to be configured, and the user has to go
through the entire auth process before being redirected to the wrong host so
it is probably lower priority for most installs.
2015-01-22 12:20:17 -05:00
Régis Hanol
e300945879
FEATURE: split group admin in 2 tabs (custom & automatic)
...
FIX: clear the user-selector when adding new members
2015-01-21 20:52:48 +01:00
Arpit Jalan
5e751ce90a
FEATURE: 🎁 rate limit invites for non-staff users
2015-01-20 01:12:24 +05:30
Luciano Sousa
bc73238c8f
controllers with rspec3 syntax
2015-01-09 14:04:02 -03:00
Luciano Sousa
0fd98b56d8
few components with rspec3 syntax
2015-01-09 13:34:37 -03:00
Luciano Sousa
16156bdc1d
removing rspec3 warning
2015-01-09 09:55:58 -03:00
Sam
0b14cfa2c3
skip failing spec, something is off with timezones
2015-01-09 12:03:08 +11:00
Régis Hanol
6cec925f26
FIX: all PMs should be flaggable
2015-01-08 16:06:43 +01:00
Sam
03388e11ab
oops, migration was flipping
2015-01-08 15:26:15 +11:00
Sam
3347a48275
FEATURE: add liked and bookmarked classes to topic list item rows
2015-01-08 14:35:56 +11:00
Robin Ward
114cc1c851
FIX: We missed some references to /category/xyz
in the ruby code base.
2015-01-07 11:47:01 -05:00
Sam
ea87f5fd8a
FEATURE: support for filter=bookmarked and filter=liked in topic list
2015-01-07 18:20:10 +11:00