Commit graph

934 commits

Author SHA1 Message Date
Sam Saffron
4171eb758c SECURITY: expire all existing sessions if user changes passwords 2015-06-06 03:09:19 +10:00
Arpit Jalan
b33654ac31 Remove site setting stubbing (Round 1) 2015-06-03 15:44:00 +05:30
Arpit Jalan
725861f344 FIX: move draft cleanup to the dedicated method and add test 2015-06-03 14:35:54 +05:30
Sam Saffron
40882a9576 add another test 2015-06-02 20:28:33 +10:00
Sam Saffron
0fd1974838 FIX: leaving around useless drafts after posting 2015-06-02 20:28:33 +10:00
Sam Saffron
d459cb95dc FIX: when advancing draft sequence remove old drafts 2015-06-02 20:28:33 +10:00
Régis Hanol
64e73e98fb FIX: allow the cooked_post_processor to download external uploads 2015-06-01 20:08:41 +02:00
Sam Saffron
97f03e699d FIX: mixed local s3 store missing avatars 2015-06-01 11:17:42 +10:00
Régis Hanol
acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Régis Hanol
5a143c0c6e storage engines refactor 2015-05-29 18:39:47 +02:00
Régis Hanol
0aa552cf61 remove fragile assertion 2015-05-29 16:53:27 +02:00
Neil Lalonde
ea8cf1a208 FIX: topic auto-close uses the client's time zone 2015-05-27 18:01:46 -04:00
Sam
147ea002f7 FIX: allow handling for avatars that are not in the set of "resized sizes" 2015-05-26 15:41:50 +10:00
Sam
eeda367e70 FIX: should be able to serve optimized image from local if its ... local... 2015-05-26 12:32:52 +10:00
Régis Hanol
bb0c2813ac FEATURE: generate (avatar) thumbnails in a background task
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar

PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Paul Kaplan
1c926d22c6 Correctly parse require_activation field of SSO 2015-05-21 16:50:54 -05:00
Paul Kaplan
1c34341f31 Replace site setting with a payload attribute 2015-05-19 11:16:02 -05:00
Paul Kaplan
4c26c4d9bc Add a SiteSetting to not trust sso emails by default 2015-05-15 12:15:06 -05:00
Sam
e074651fdc PERF: refactor user search so works more efficiently
Stop scanning entire user table
2015-05-14 14:38:47 +10:00
Sam
e6f73a1c80 PERF: optimise front page category security lookup query 2015-05-14 12:19:22 +10:00
Régis Hanol
bb29bff5d8 Merge pull request #3463 from techAPJ/patch-2
FIX: match subdomain with email domain blacklist
2015-05-13 17:56:54 +02:00
Arpit Jalan
220b9c5abe FIX: match subdomain with email domain blacklist 2015-05-13 21:02:02 +05:30
Régis Hanol
d90e0fe66b Merge pull request #3460 from techAPJ/patch-3
FIX: rate limit topic invitations
2015-05-13 12:55:20 +02:00
Arpit Jalan
4324a157e0 FIX: rate limit topic invitations 2015-05-13 14:44:37 +05:30
Sam
51d82fc25d PERF: Active Record #pluck is twice faster
PERF: SqlBuilder bypasses AR converters and uses PG directly
2015-05-13 16:46:17 +10:00
Sam
5ef641126f remove s3 deprecation warning, we will continue to support it 2015-05-12 08:27:25 +10:00
Sam
0f53fc8328 correct emergency regeneration in the controller 2015-05-06 07:33:32 +10:00
Erick Guan
a48dd1cc28 store the slug as the title is, only sanitize the slug
and prettify code
2015-05-05 18:33:16 +08:00
Erick Guan
b772ff6e13 FEATURE: add slug geneartion options 2015-05-05 18:08:30 +08:00
Sam
f58d85edea FEATURE: move stylesheet cache out of the uploads directory 2015-05-05 15:50:13 +10:00
Neil Lalonde
963ebf5963 FIX: if approving a user when must_approve_users is false, don't send an email 2015-05-04 15:30:25 -04:00
Sam
803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Arthur Neves
b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec
This conversion is done by Transpec 3.1.0 with the following command:
    transpec

* 424 conversions
    from: obj.should
      to: expect(obj).to

* 325 conversions
    from: == expected
      to: eq(expected)

* 38 conversions
    from: obj.should_not
      to: expect(obj).not_to

* 15 conversions
    from: =~ /pattern/
      to: match(/pattern/)

* 9 conversions
    from: it { should ... }
      to: it { is_expected.to ... }

* 5 conversions
    from: lambda { }.should_not
      to: expect { }.not_to

* 4 conversions
    from: lambda { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should_not
      to: expect { }.not_to

* 1 conversion
    from: === expected
      to: be === expected

* 1 conversion
    from: =~ [1, 2]
      to: match_array([1, 2])

For more details: https://github.com/yujinakayama/transpec#supported-conversions
2015-04-25 11:18:35 -04:00
Robin Ward
151b559e4c FIX: If you delete a user, delete their queued posts as well. 2015-04-24 16:04:44 -04:00
Robin Ward
3660fe4f60 FIX: When approving/rejecting a post it should delete the user action 2015-04-24 15:25:47 -04:00
Robin Ward
5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Régis Hanol
a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward
f600ead587 FIX: Don't validate approved posts.
A moderator has already validated them. Otherwise we hit things like
rate limits.
2015-04-21 11:59:35 -04:00
Robin Ward
2cdd967188 Adds support for invisible approval queues, which we'll need for Akismet 2015-04-20 17:19:05 -04:00
Sam Saffron
296add56e6 correct letter avatar template 2015-04-20 13:07:12 +10:00
Sam
51b747346e PREF: speed up grabbing unread counts 2015-04-17 16:01:20 +10:00
Sam
832cb9fdc3 FIX: admin check missing from topic tracking state
FIX: handle muted categories correctly
2015-04-17 14:03:08 +10:00
Sam
4387e05162 PERF: speed up query 2015-04-16 17:29:37 +10:00
Sam
a5b25ad2af FEATURE: scale up likes per day as users increase trust level
tl2 = 1.5 times the likes
tl3 = 2 times the likes
tl4 = 3 times the likes

configurable via tl[234]_additional_likes_per_day_multiplier site setting
2015-04-16 09:44:30 +10:00
Robin Ward
d2ed64751e UX: Show category badge on enqueued posts 2015-04-15 15:29:37 -04:00
Robin Ward
9ffec28076 Allow posts in any queue to support topic/post attributes 2015-04-15 14:54:37 -04:00
Robin Ward
0c233e4e25 Interface is wired up for Approving/Rejecting posts 2015-04-15 14:54:37 -04:00
Robin Ward
a5ee45ccbe PostEnqueuer object to handle validation of enqueued posts 2015-04-15 14:54:36 -04:00
Robin Ward
8ba6a45cd7 Post Queue model to enqueue creation of posts 2015-04-15 14:54:35 -04:00
Robin Ward
eaf5d21c41 Don't store post timings that are greater than the account lifetime 2015-04-14 11:49:44 -04:00
Ed Gibbs
5650428052 FIX: Sort page views report records
Adding a sort ascending by date to the page views report.
2015-04-12 10:46:13 -07:00
Sam
75890aed26 FEATURE: allow admins to choose a group as a primary group
FEATURE: allow admins to set a default title for a group
2015-04-10 12:17:28 +10:00
Régis Hanol
0e1c4a0a44 Merge pull request #3313 from techAPJ/patch-1
FEATURE: invite existing user to a topic
2015-04-03 11:41:10 +02:00
Arpit Jalan
8c2d7dcaac FEATURE: invite existing user to a topic 2015-04-03 15:00:04 +05:30
Régis Hanol
682656fa6c FIX: only redirect to whitelisted hostnames 2015-04-01 22:59:25 +02:00
Régis Hanol
0f4a4651a9 FIX: youtube preview video title link doesn't work 2015-04-01 18:23:27 +02:00
Régis Hanol
eec1921ba9 FIX: notifications inconsistencies + never notify system user 2015-04-01 11:55:59 +02:00
Sam
05737effef FIX: stop stripping dots from SSO names
This could upset Louis C.K.
2015-03-27 10:25:51 +11:00
Sam
0c287d7d6b ensure usernames do not keep cycling 2015-03-27 10:04:16 +11:00
Sam
4566a1e30a FIX: sso override code not triggered when attaching to existing user 2015-03-27 09:39:35 +11:00
Sam
5aa1272f05 clean up first day user definition and object model 2015-03-26 16:48:36 +11:00
Sam
9834d11503 Staff and TL2 up are immune to newuser checks and not considered new users 2015-03-26 16:04:46 +11:00
Sam
cfa511e35d FIX: correctly mute likers
FEATURE: disallow all muting of staff
2015-03-26 12:08:04 +11:00
Arpit Jalan
fb0e7dc0b2 FIX: do not delete already redeemed invite 2015-03-25 23:30:09 +05:30
Régis Hanol
90de61ee3d S3 deprecation warning 2015-03-25 18:34:07 +01:00
Arpit Jalan
4862a93804 FIX: delete duplicate invites 2015-03-25 22:43:41 +05:30
Sam
853c91d7d0 Merge pull request #3289 from fullfatthings/suppress_sso_welcome_emails
Add an sso option to suppress welcome emails
2015-03-23 10:36:58 +11:00
Robin Ward
3c0fee1786 Fixes broken spec 2015-03-20 13:24:03 -04:00
Dan Singerman
e8648350eb Add an sso option to suppress welcome emails
As discussed here: https://meta.discourse.org/t/create-new-sso-users-without-sending-welcome-emails/24894
2015-03-20 17:04:52 +00:00
Régis Hanol
5084e2bdf1 Merge pull request #3284 from techAPJ/patch-1
FEATURE: new site setting min_first_post_length
2015-03-19 19:55:27 +01:00
Arpit Jalan
b706307ac7 FEATURE: new site setting min_first_post_length 2015-03-20 00:20:38 +05:30
Robin Ward
3d2d224312 FEATURE: User Directory, with sorting and time period filter 2015-03-18 15:20:34 -04:00
Régis Hanol
df7c38dd51 FIX: don't add an automated message when *a* moderator already replied (as opposed to *the* moderator) 2015-03-16 12:02:34 +01:00
Régis Hanol
3a40875e0b Merge pull request #3247 from jmay/group-manager-invites
group manager can issue invitations from restricted topics
2015-03-16 09:53:04 +01:00
Régis Hanol
afd2417945 FEATURE: new 'auto_respond_to_flag_actions' site setting 2015-03-11 19:29:09 +01:00
Régis Hanol
c8631a7a8b FIX: auto-message shouldn't generate notifications 2015-03-11 19:07:17 +01:00
Régis Hanol
6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde
608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Sam
79a17d5c22 FIX: discourse.conf not parsing out comments correctly 2015-03-09 13:14:29 +11:00
Robin Ward
c4fa75918b FIX: If a category of a topic changed, watching/tracking didn't kick in 2015-03-04 13:39:50 -05:00
Jason W. May
0f36774246 group manager can invite members into the group from any restricted topic 2015-03-03 12:18:42 -08:00
Neil Lalonde
7c14db44cc UX: improve message when admin login is blocked because of admin ip address whitelisting 2015-03-02 12:13:22 -05:00
Sam
37fefc16de workaround, something about report spec is messed up 2015-03-02 12:29:56 +11:00
Sam
0742f340f9 FEATURE: allow for a localized error when a regex fails in site settings
FEATURE: apply string validation to list site settings (so we get regex)
2015-02-27 11:45:56 +11:00
Sam
3658c21fc5 REGRESSION: incorrect ordering when featuring topics 2015-02-25 14:24:25 +11:00
Robin Ward
ca5730018a FIX: SSO code should respect IP address filters 2015-02-23 16:01:46 -05:00
Sam
6960639c58 Merge pull request #3190 from riking/thrown_logging
Delete old ErrorLog, use Logster for 500 errors
2015-02-23 14:19:16 +11:00
Régis Hanol
e74b9ee5da FIX: should not count disagreed flags 2015-02-19 18:11:07 +01:00
Sam
709ab731c7 don't put missing notifications in the stream for tests. 2015-02-19 13:20:25 +11:00
Robin Ward
3ce2077aa8 Migrate unsubscribe keys to the database.
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
Sam
276fd702e8 missed a send which caused code to break 2015-02-12 15:01:14 +11:00
riking
68ccd2d664 FEATURE: All 500 errors now show up in Logster
Added Discourse.handle_request_exception()
2015-02-09 12:48:33 -08:00
Régis Hanol
e36272cb68 fix the build 2015-02-09 17:13:22 +01:00
Sam
e8323fa534 FIX: removing a group from a user was not removing primary group 2015-02-09 16:03:09 +11:00
Sam
820ce8765e refactor traffic report
split traffic report in 2, page view vs raw traffic
hide raw traffic report by default
improve flushing logic for application reqs
2015-02-06 14:39:16 +11:00
Régis Hanol
2fcd199f48 FIX: send a PM to moderators when a post has been flagged as sockpuppet 2015-02-05 19:58:49 +01:00
Sam
08b790b3c2 improve metrics gathered using in our traffic section
this also pulls out the middleware into its own home and inserts in front
2015-02-05 16:08:52 +11:00
Sam
eb7a5c251d freeze time in report spec so it has consistent results 2015-02-05 11:33:13 +11:00
Sam
e105f0965c infrustructure for tracking application web requests 2015-02-04 16:15:16 +11:00
Dan Singerman
64c4bd5dbf Fix force_avatar_update.to_i error as force_avatar_update is a boolean
If force_avatar_update is passed in sso attributes it errors on
force_avatar_update.to_i. The SingleSignOn class forces avatar_force_update
to a boolean, so it should be treated as such.
2015-01-30 09:51:38 +00:00
Sam
8264dbd971 Merge pull request #3140 from fullfatthings/fix_missing_sso_avatar_bug
Fix bug when sso_overrides_avatar is true but no avatar_url is passed
2015-01-30 10:45:25 +11:00
Arpit Jalan
6c410ed093 FIX: strip whitespaces from user email 2015-01-30 01:44:24 +05:30
Robin Ward
e42e9bd010 Merge pull request #3149 from techAPJ/patch-2
FIX: allow developer emails to bypass email blacklist/whitelist restrict...
2015-01-29 13:42:59 -05:00
Arpit Jalan
58f46137d6 FIX: allow developer emails to bypass email blacklist/whitelist restriction 2015-01-30 00:10:03 +05:30
Régis Hanol
bdb0b45834 Merge pull request #3148 from techAPJ/patch-1
Do not allow TL0 users topics in email digest
2015-01-29 17:50:21 +01:00
Robin Ward
6e862e0e59 FIX: Should flush rate limit keys before testing it 2015-01-29 11:45:12 -05:00
Arpit Jalan
21e94859a9 Do not allow TL0 users topics in email digest 2015-01-29 21:10:26 +05:30
Régis Hanol
cd2c9edb46 FIX: 🐛 upload on IE9 wasn't working :'(
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Dan Singerman
dbf2f4efec Fix bug when sso_overrides_avatar is true but no avatar_url is passed
If a user has a current avatar, and sso_overrides_avatar is true, but no avatar_url is
passed in the sso attributes, the current code errors, as it tries to parse a nil
as a URL. It seems to me valid that a third party system may not pass an avatar_url in
some cases (e.g. avatars may not be mandatory, so not all users may have them)

This might warrant a discussion about what should happen in this case; maybe the current
avatar in discourse should be removed? This branch merely stops the login process erroring.
2015-01-28 16:01:39 +00:00
Jason W. May
a2b284a0a4 table & model changes for group managers with permission to edit membership 2015-01-15 11:44:42 -08:00
Régis Hanol
256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
Arpit Jalan
5e751ce90a FEATURE: 🎁 rate limit invites for non-staff users 2015-01-20 01:12:24 +05:30
Sam
0b14cfa2c3 skip failing spec, something is off with timezones 2015-01-09 12:03:08 +11:00
Sam
03388e11ab oops, migration was flipping 2015-01-08 15:26:15 +11:00
Sam
3347a48275 FEATURE: add liked and bookmarked classes to topic list item rows 2015-01-08 14:35:56 +11:00
Robin Ward
114cc1c851 FIX: We missed some references to /category/xyz in the ruby code base. 2015-01-07 11:47:01 -05:00
Sam
efc717c14a FEATURE: remove star concept from Discourse 2015-01-07 13:43:27 +11:00
Luciano Sousa
b52f12948a models with rspec3 syntax 2015-01-05 13:04:23 -03:00
Luciano Sousa
b3d769ff4f Update rspec syntax to v3
update rspec syntax to v3

change syntax to rspec v3

oops. fix typo

mailers classes with rspec3 syntax

helpers with rspec3 syntax

jobs with rspec3 syntax

serializers with rspec3 syntax

views with rspec3 syntax

support to rspec3 syntax

category spec with rspec3 syntax
2015-01-05 11:59:30 -03:00
Régis Hanol
9fcaf090ec Merge pull request #3068 from fantasticfears/category_slug
support setting category slug
2015-01-02 11:55:27 +01:00
Erick Guan
97b3914b70 FIX: use utc time when generate reports; set boundary 2014-12-30 22:43:03 +08:00
Régis Hanol
a04f44d65a Merge pull request #3065 from fantasticfears/fix-visits-report
FIX: today visits not shown
2014-12-29 21:23:47 +01:00
Erick Guan
1e166d89ff support setting category slug 2014-12-30 03:14:54 +08:00
Erick Guan
fe7f2c6979 FIX: today visits not shown 2014-12-30 03:09:22 +08:00
Régis Hanol
7ca092da17 Merge pull request #3057 from jaanus/s3-frankfurt-bucket
Add eu-central-1 to list of S3 buckets.
2014-12-29 18:02:14 +01:00
jaanus
f6026ad1d0 Added eu-central-1 S3 bucket. 2014-12-29 18:31:21 +02:00
Robin Ward
1055fc0919 Merge pull request #3021 from jmay/custom-category-slug
optional custom value for category slug (create and update)
2014-12-29 10:34:23 -05:00
Sam
ef62933034 Ruby 2.2 fixes 2014-12-29 13:31:15 +11:00
Sam
5b844f5320 FEATURE: more than 1 site customization can be enabled at once
FIX: more robust site customizations

Rewrote site customization to use distributed cache and a much cleaner
css delivery mechanism
2014-12-23 13:03:48 +11:00
Robin Ward
768027f0e3 Merge pull request #3046 from gdpelican/feature/insensitive-group-names
Remove group name validation case sensitivity
2014-12-17 10:52:45 -05:00
James Kiesel
84bed4f9ce Remove group name validation case sensitivity 2014-12-17 18:44:30 +13:00
Régis Hanol
521226f4c9 FIX: registration fails with timeout on gravatar 2014-12-15 22:10:27 +01:00
Régis Hanol
1353557575 FIX: custom flags not possible on very long topic titles 2014-12-11 19:34:52 +01:00
Régis Hanol
86c4c947a3 FIX: drastically simplify auto-close topic logic
Get rid of this nonsensical maximum-flow algorithm :fired:
2014-12-06 16:29:54 +01:00
Régis Hanol
cd170ca548 FEATURE: auto-close topics based on community flags 2014-12-05 19:37:43 +01:00
Jason W. May
efa872e426 optional custom value for category slug (create and update) 2014-12-03 16:23:59 -08:00
Jeff Atwood
ea269ccfb2 rename purge_inactive to purge_unactivated 2014-12-02 21:36:25 -08:00
Régis Hanol
10b5032188 FIX: auto-closing attribution when a TL4 user auto-closes a topic 2014-11-26 19:51:07 +01:00
Régis Hanol
d7ef4f1edd remove useless 'puts' 2014-11-26 16:40:03 +01:00
Sam
c10e3df012 FEATURE: implement SSO provider on Discourse so Auth can be farmed to it
FEATURE: pass return_sso_url to SSO endpoints, for easier return
2014-11-26 17:26:27 +11:00
Robin Ward
4c9f55d1e1 FIX: Suspended users should have links stripped from their profiles. 2014-11-25 16:14:39 -05:00
riking
728e8a262c FIX: Admin panel referral stats not counting topics correctly
Due to what seems to be a bug in ActiveRecord, the distinct: true option
is not recognized on counts with string column names. This commit fixes
that by moving the DISTINCT into the count string.

For robustness, the integration spec for IncomingLinksReport was
rewritten to be an actual integration spec, running the actual interface
on actual fake data.
2014-11-24 12:16:52 -08:00
Robin Ward
dd1ebb535b FIX: Could not download exported data on some sites 2014-11-20 14:02:10 -05:00
Robin Ward
5f4e4de02a FIX: Make user_id uniqueness check pending. It still seems to check
but the test fails. cc @SamSaffron
2014-11-20 13:42:37 -05:00
Sam
8240a00829 correct spec 2014-11-14 18:10:52 +11:00
Régis Hanol
a8a0be0b34 FIX: change the unlisted/invisible topic state only when unhiding the first post 2014-11-12 16:34:30 +01:00
Sam
5fd0841563 correct broken spec 2014-11-12 10:27:34 +11:00
Sam
a2ba9a735e Merge pull request #2943 from fantasticfears/slug
Add stringex for Chinese slug generation
2014-11-12 08:57:59 +11:00
Erick Guan
667758ff40 Add stringex for Chinese slug generation 2014-11-11 21:12:07 +08:00
Sam
4e85fc9dae PERF: cache all site_text in memory 2014-11-11 16:28:59 +11:00