Commit graph

1639 commits

Author SHA1 Message Date
Kane York
27ee8bea95 FIX: Remove N+1 queries in posts.json 2015-09-04 13:36:47 -07:00
Robin Ward
73dba5af38 FIX: Notifications when no limit is provided 2015-09-02 15:48:41 -04:00
Robin Ward
e624b7198d Try to estimate the amount of notifications to return based on height 2015-09-02 14:30:18 -04:00
Régis Hanol
a501947d67 FEATURE: suppress categories from the homepage 2015-09-02 20:25:18 +02:00
Kane York
32e5016dbb FEATURE: Include topic title, category in posts.json 2015-09-01 17:46:06 -07:00
Sam
0a46ec9c50 Merge pull request #3519 from fullfatthings/fix_sso_redirect_when_login_required
Respect cookie[:destination_url] in Single Sign On
2015-09-02 10:32:18 +10:00
Neil Lalonde
1bd0f5b015 FEATURE: group can grant a trust level when a user is added 2015-09-01 16:52:12 -04:00
Robin Ward
9f50f70670 UX: Return more notifications in the user menu 2015-09-01 16:23:23 -04:00
Arpit Jalan
eb96016043 FEATURE: copy invite link for topic invites 2015-08-31 21:15:15 +05:30
Neil Lalonde
43c62d413c FIX: similar topics api shouldn't return error if params are below minimum lengths 2015-08-31 10:54:45 -04:00
Arpit Jalan
4ad07b8c09 FEATURE: generate invite token 2015-08-28 18:29:31 +05:30
Neil Lalonde
cc2dc4d550 FEATURE: the notice asking admins to get discussion started will update with live counts of topics and posts 2015-08-27 17:28:40 -04:00
Régis Hanol
96c23d51a2 FIX: don't break the message bus when restoring a backup 2015-08-27 20:02:13 +02:00
Sam
4e37bcc3e2 Add extra safety 2015-08-25 12:05:15 +10:00
Sam
2c59ad3dd3 FIX: favicon update broken when favicon lived on a CDN 2015-08-25 11:54:23 +10:00
Arpit Jalan
99edcddafb FEATURE: show pending/redeemed invite count in tabs 2015-08-25 01:12:46 +05:30
Régis Hanol
73624e63c5 FIX: revoke any api keys when suspending an user 2015-08-23 22:33:37 +02:00
Arpit Jalan
91519fdfe7 FIX: do not persist error message 2015-08-24 00:29:58 +05:30
Sam
2b9ca0de8b Merge pull request #3678 from tgxworld/allow_admin_to_change_timestamp
FEATURE: Allow admin to change timestamp of topic.
2015-08-21 10:34:37 +10:00
Robin Ward
146f2eab7f Can edit settings on the embedding page 2015-08-20 15:56:05 -04:00
Robin Ward
d1c69189f3 FEATURE: Can edit category/host relationships for embedding 2015-08-20 15:56:04 -04:00
Régis Hanol
eafeec51a5 FIX: don't show current topic when moving posts to another topic 2015-08-19 21:40:43 +02:00
Kane York
94439ebddd FIX: Tighter rate-limit for post self-deletions 2015-08-18 12:50:45 -07:00
Régis Hanol
4c2df814de FIX: ensure a file is present when creating an upload 2015-08-18 11:39:51 +02:00
Robin Ward
9f75870d99 Merge pull request #3661 from b-studios/preserve-user-field-options
Preserve user-field options when updating user-fields
2015-08-17 13:43:35 -04:00
Jonathan Brachthaeuser
c0e88724c2 Preserve user-field options when updating user-fields
Avoid deleting options of the user-field when no options are
transmitted.
2015-08-17 19:01:20 +02:00
Régis Hanol
827ea641b0 FIX: Use File.size instead of IO.size 2015-08-17 18:57:28 +02:00
Guo Xiang Tan
c7a21b7c23 FEATURE: Allow admin to change timestamp of topic. 2015-08-17 00:00:05 +08:00
Régis Hanol
23a5c6444a FIX: move topic links and quoted posts extraction to the PostRevisor 2015-08-14 19:33:32 +02:00
Guo Xiang Tan
1a245656e0 FIX: HTML not being stripped in description meta tag. 2015-08-14 10:00:07 +08:00
Régis Hanol
6669a2d94d FEATURE: per-topic unsubscribe option in emails 2015-08-12 23:00:16 +02:00
Régis Hanol
ffbaf8c542 FEATURE: automatically downsize large images 2015-08-12 18:33:13 +02:00
Dan Singerman
8055d065f2 Refactor ApplicationController#redirect_to_login_if_required to use session for SSO 2015-08-11 16:48:55 +01:00
Dan Singerman
7056db26e6 Respect cookie[:destination_url] in Single Sign On
When the login_required setting is true, the destination URL is dropped. This change means it will be
respected at login time
2015-08-11 16:31:28 +01:00
Robin Ward
7fffd483f8 Fix deprecations with site text, upgrade to ES6 / store 2015-08-10 10:21:04 -04:00
Robin Ward
bd631e343a FEATURE: Can create stylesheets for embedded comments 2015-08-10 10:21:04 -04:00
Robin Ward
0932e82508 Refactor Customizations to have deeper URLs 2015-08-10 10:21:04 -04:00
Sam
bafdf9290d FIX: don't let blocked users reach post creator or new post queue
correct broken spec
2015-08-06 10:32:53 +10:00
Sam
01ad88f1ed FEATURE: min_first_post_typing_time
If a user spends less than 3 seconds typing
first post they will automatically enter the approval queue
2015-08-04 10:57:34 +10:00
Sam
7b8b96446e FEATURE: track statistics around post creation
- how long were people typing?
- how long was composer open?
- how many drafts were created?
- correct, draft saved to go away after you continue typing

store in Post.find(xyz).post_stat
2015-08-03 14:29:15 +10:00
Robin Ward
cf91bca0cd FIX: Small actions should show descriptions on the user stream 2015-07-31 14:25:49 -04:00
Robin Ward
aa6f792ce1 FEATURE: Custom orders for user fields 2015-07-30 14:53:13 -04:00
Robin Ward
9911e92e24 Merge pull request #3609 from riking/patch-7
FEATURE: Localization fallbacks
2015-07-30 10:44:29 -04:00
Régis Hanol
faf4f44776 FEATURE: make pin expiration mandatory 2015-07-29 16:34:21 +02:00
Régis Hanol
9e2632badd FIX: title translation for crawlers 2015-07-29 15:39:20 +02:00
Robin Ward
5f45e5361f FIX: Moderation actions can have their messages removed 2015-07-28 16:58:56 -04:00
Robin Ward
dc8a68fd29 FEATURE: New "Dropdown" user field type 2015-07-28 12:30:21 -04:00
Arpit Jalan
d6069e8c90 UX: fix container layout 2015-07-28 13:58:30 +05:30
Sam
41ceff8430 UX: move search to its own route
previously search was bundled with discovery, something that makes stuff confusing internally
2015-07-27 16:47:06 +10:00
Sam
0c267e5952 maintain exact old behavior 2015-07-24 09:44:16 +10:00
Sam
719f558746 multisite fix, allow show through (security is handled in the controller) 2015-07-24 09:41:46 +10:00
Sam
3a54923116 FIX: permalink normalization not applied at constraint
implement permalink import for lithium
2015-07-22 13:40:45 +10:00
Sam
4491813d22 Revert "Revert "PERF: optimise query that gathers topic tracking state""
This reverts commit 909be09f1a.
2015-07-21 21:48:07 +10:00
Sam
909be09f1a Revert "PERF: optimise query that gathers topic tracking state"
This reverts commit 343e417a55.
2015-07-21 17:35:50 +10:00
Sam
343e417a55 PERF: optimise query that gathers topic tracking state
(this query runs on the front page to figure out new and unread topics)
2015-07-21 17:14:30 +10:00
Arpit Jalan
5fc7545c01 UX: include more details on Permalinks page 2015-07-17 21:39:23 +05:30
Arpit Jalan
dc90c396f2 FEATURE: manage Permalinks 2015-07-17 01:26:02 +05:30
Kane York
ecfa17b5a7 FEATURE: Localization fallbacks (server-side)
The FallbackLocaleList object tells I18n::Backend::Fallbacks what order the
languages should be attempted in. Because of the translate_accelerator patch,
the SiteSetting.default_locale is *not* guaranteed to be fully loaded after the
server starts, so a call to ensure_loaded! is added after the locale is set for
the current user.

The declarations of config.i18n.fallbacks = true in the environment files were
actually garbage, because the I18n.default_locale was
SiteSetting.default_locale, so there was nothing to fall back to. *derp*
2015-07-15 10:17:36 -07:00
Régis Hanol
b0802abae2 FIX: crop & optimize user background profile/card images 2015-07-15 17:15:43 +02:00
Kane York
2a897a8a6b SECURITY: Remove email validation check bypass
- Increase size of email column to varchar(513)
 - Give error message on signup when email is too large

Overall impact: Low, allows signups from blocked domains. Main risk is increased spam.
2015-07-13 15:36:17 -07:00
Arpit Jalan
e0c9054748 FEATURE: invite page tabs 2015-07-13 09:42:51 +05:30
Neil Lalonde
782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Doug
5e615ef26e Fixed bug that caused substrings of reserved usernames to be treated as reserved. 2015-07-06 23:54:25 -07:00
Robin Ward
be664857be Merge pull request #3585 from riking/patch-3
FEATURE: Reserved usernames
2015-07-03 10:02:24 -04:00
Robin Ward
7676c5dfe7 Can add topic templates to categories, prepopulated on compose 2015-07-03 10:01:46 -04:00
Kane York
df988a20eb FEATURE: Reserved usernames
A list of usernames that will be blocked from being used to sign up.
2015-07-01 13:50:55 -07:00
Robin Ward
6422d5efbd Use the same component for similar topics as search results. 2015-06-24 15:08:22 -04:00
Robin Ward
b4960d48b4 Better support for passing up errors when OmniAuth fails after auth 2015-06-24 12:12:43 -04:00
Régis Hanol
f18098fd9b FEATURE: category dropdown in admin reports 2015-06-24 15:19:39 +02:00
Sam
b052179ae6 Merge pull request #3163 from rcfox/fix-by-external
Allow periods in the external_id value used in the /users/by-external route.
2015-06-24 13:07:12 +10:00
Sam
65ac5b6475 Merge pull request #3562 from riking/no-index
Add noindex directive on unlisted topics
2015-06-23 15:50:53 +10:00
Robin Ward
76bfd723f6 Merge pull request #3482 from riking/patch-3
Import/Export site customizations
2015-06-22 14:03:07 -04:00
Kane York
2f0bd6294c Add noindex directive on unlisted topics 2015-06-22 11:00:39 -07:00
Régis Hanol
efb02ae561 FIX: take into account unlisted banners 2015-06-22 14:08:30 +02:00
Sam
41e427bd2e Work in progress, full page search 2015-06-22 18:09:08 +10:00
Konstantin Ilchenko
131cf643ce FIX: Allow api to send uploads with :url 2015-06-21 14:54:59 +03:00
Robin Ward
4e898c604e UX: Update suggested topics to include topic status + category 2015-06-18 15:53:10 -04:00
Sam
f26eee8431 FEATURE: add username to NGINX logs 2015-06-16 17:43:53 +10:00
Arpit Jalan
d37c2a2c98 Merge pull request #3550 from techAPJ/patch-1
FIX: new-topic URL should survive login redirection
2015-06-16 07:19:42 +05:30
Sam
690f4a4c37 add X so it shows up at the end of chrome 2015-06-16 10:27:42 +10:00
Sam
9b8b1d0034 FEATURE: add special header that names the action for the request 2015-06-16 09:54:44 +10:00
Régis Hanol
1ac3941130 FEATURE: allow API to upload files synchronously 2015-06-15 16:12:15 +02:00
Arpit Jalan
d1632c1dbd FIX: new-topic URL should survive login redirection 2015-06-14 20:24:47 +05:30
Régis Hanol
189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron
c58b495e15 SECURITY: Query @usernames in bulk
Otherwise you could add many requests at once while composing.
2015-06-11 13:03:49 -04:00
Robin Ward
ae277e28a6 FEATURE: Allow embedding topics without creating them, by id 2015-06-09 16:24:20 -04:00
Sam Saffron
e3fa27a01c FEATURE: serialize and update category custom_fields
- send to client
- update from client
2015-06-10 06:13:36 +10:00
Robin Ward
7b6d6b76eb FEATURE: Multiple embeddable hosts
- Also refactors two site settings components into one, with tests
2015-06-09 13:25:43 -04:00
Arpit Jalan
71ee84f848 FEATURE: latest posts RSS feed 2015-06-09 21:45:06 +05:30
Robin Ward
5da5269652 FIX: Bad page title for categories view by google crawler 2015-06-08 12:07:35 -04:00
Arpit Jalan
74141cc475 FIX: send 404 error when unauthorized user tries to download user archive 2015-06-08 11:32:31 +05:30
Sam Saffron
4409a3072d FEATURE: we need admin login always 2015-06-05 18:43:59 +10:00
Régis Hanol
81a699e2b0 better support for mixed content 2015-06-01 17:49:58 +02:00
Sam Saffron
9787cb07aa FIX: when missing a static topic we were returning an error 2015-06-01 11:40:52 +10:00
Sam
fc2a08731a FIX: sso_not_approved_url not working correctly 2015-05-30 13:19:07 +10:00
Régis Hanol
80a108e3cf FIX: don't break user avatars route 2015-05-29 19:19:41 +02:00
Régis Hanol
acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Régis Hanol
0483f05154 make sure we pass in the user_id when creating avatar thumbnails 2015-05-29 18:11:19 +02:00
Régis Hanol
cb025a65e0 FIX: make sure we also save the user_avatar.custom_upload_id 2015-05-29 10:21:41 +02:00
Régis Hanol
c3227b69fa FIX: proper support for pixel ratios up to 3 2015-05-29 09:57:54 +02:00
Sam
bddbf70697 FIX: order post_actions by date 2015-05-28 16:16:36 +10:00
Sam
bb3fb37650 FIX: when uploading same file was pasted into multiple composers 2015-05-28 15:08:54 +10:00
Neil Lalonde
ea8cf1a208 FIX: topic auto-close uses the client's time zone 2015-05-27 18:01:46 -04:00
Sam
02fa7448ca FEATURE: custom url to redirect to on account pending approval for sso 2015-05-27 14:06:45 +10:00
Sam
a988cd5abe FIX: redirect to CDN avatar for s3 avatars 2015-05-27 12:02:57 +10:00
Sam
918034aa7b remove less useful error reporting 2015-05-27 11:17:28 +10:00
Régis Hanol
992154533f remove debugging letfovers 2015-05-26 20:08:19 +02:00
Régis Hanol
7b03c7dbc4 Merge pull request #3504 from techAPJ/patch-4
FIX: add missing translation keys
2015-05-26 16:08:39 +02:00
Régis Hanol
85d4d3223c FIX: crop avatars on the server instead of the client
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Arpit Jalan
d21944a0b6 FIX: add missing translation keys 2015-05-26 19:11:37 +05:30
Sam
147ea002f7 FIX: allow handling for avatars that are not in the set of "resized sizes" 2015-05-26 15:41:50 +10:00
Sam
eeda367e70 FIX: should be able to serve optimized image from local if its ... local... 2015-05-26 12:32:52 +10:00
Neil Lalonde
eaa1afeaf5 remove Google OpenID auth, since Google doesn't support it anymore 2015-05-25 15:13:44 -04:00
Régis Hanol
bb0c2813ac FEATURE: generate (avatar) thumbnails in a background task
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar

PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Sam
bcaed90744 fix missing rtl stylesheets 2015-05-23 15:25:05 +10:00
Sam
fe46d1dd3b PERF: avoid cookies for all static, public, cached forever assets 2015-05-22 16:15:46 +10:00
Sam
96dbeb8608 fix stylesheet cache to recover if file is on disk 2015-05-22 11:22:12 +10:00
Robin Ward
0ed1c8011c FIX: About page error when login_required 2015-05-21 14:37:49 -04:00
Sam
a0090a4585 fix incorrect handling of date on "globally enabled" stylesheet. 2015-05-21 17:23:54 +10:00
Sam
44fc8e42dc nginx is stripping ETags, just use last modified instead 2015-05-21 17:05:22 +10:00
Sam
4fbfc6ddbc PERF: missing caching on CSS and Site Customizations 2015-05-21 16:09:23 +10:00
Régis Hanol
b7f8680618 fix build (:fired:) 2015-05-20 17:51:33 +02:00
Régis Hanol
bcd98c8f0f FIX: API can provide a URL to create an upload 2015-05-20 17:38:06 +02:00
Régis Hanol
c91634c09a FIX: support for async uploads of emojis 2015-05-20 16:45:48 +02:00
Régis Hanol
8d967d9065 FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread 2015-05-20 16:45:48 +02:00
Robin Ward
7d23826cee FIX: Keep around the page when redirecting 2015-05-20 10:16:17 -04:00
Régis Hanol
7d3b7a5657 fix the build 2015-05-20 15:32:31 +02:00
Régis Hanol
b44488b618 FIX: keep to old attachment route 2015-05-20 14:55:42 +02:00
Sam
e5888cf090 PERF: avoid preloading json in cases where it is not needed
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam
14ab9c45b6 Merge pull request #3470 from ahuling13/expired-nonce-return-status
In the case of an expired nonce, return a 400 status code instead of 500
2015-05-20 12:08:17 +10:00
Sam
d1d703718a Merge pull request #3476 from paulkaplan/sso-distrust-email
Add SSO setting to not trust emails automatically
2015-05-20 12:07:14 +10:00
riking
d112f39031 Change extension back to .dcstyle.json 2015-05-19 18:35:16 -07:00
Andrew Huling
e44ddff9bb Change the expired nonce return status code from 400 to 419. 2015-05-19 13:13:14 -04:00
Régis Hanol
9ded21e4c6 FIX: consistent and future-proof upload storage pattern 2015-05-19 12:31:12 +02:00
riking
fbc06d044f Use .dcstylejson instead of .dcstyle.json 2015-05-16 20:41:35 -07:00
riking
1e53c179a3 FEATURE: Export customizations as JSON files 2015-05-16 20:24:13 -07:00
Ryan Fox
14d2b76354 Merge branch 'master' into fix-by-external
Conflicts:
	app/controllers/users_controller.rb
2015-05-15 19:54:11 -04:00
Paul Kaplan
b8a43e153c Use session controller to prevent inactive SSO users 2015-05-15 12:15:06 -05:00
Régis Hanol
93273cd17a Merge pull request #3451 from ossobv/sso_login_unapproved_account
Stop sso login processing after rendering error
2015-05-15 14:33:19 +02:00
Antonin Hildebrand
11852056a8 Add missing events for discourse-hipchat-plugin
https://github.com/binaryage/discourse-hipchat-plugin
2015-05-15 15:52:12 +08:00
Andrew Huling
e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Robin Ward
0b65c88003 Upgrade Notifications to fix deprecations and use store 2015-05-11 11:20:45 -04:00
Harm Geerts
d9a3e82516 Stop sso login processing after rendering error
This prevents a DoubleRenderError triggered on the redirect_to.
2015-05-11 14:17:32 +02:00
Arpit Jalan
fc30b771cf FIX: reply count is off by one 2015-05-11 13:58:53 +05:30
Sam
8277a586bb usage of raise corrected 2015-05-07 11:00:51 +10:00
Sam
77cc087b13 FIX: proper error message when account created is hit with no session 2015-05-07 11:00:22 +10:00
Sam
376b28b0ed FIX: raise a 404 if click tracker gets no url 2015-05-06 11:27:41 +10:00
Sam
0f53fc8328 correct emergency regeneration in the controller 2015-05-06 07:33:32 +10:00
Sam
ea670118c1 Add better error handling, correct the location on disk of stylesheet 2015-05-05 23:28:40 +10:00
Sam
f58d85edea FEATURE: move stylesheet cache out of the uploads directory 2015-05-05 15:50:13 +10:00
Sam
803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Arpit Jalan
23fd16850a FIX: include youtube link in embedded comments 2015-05-01 18:34:45 +05:30
Robin Ward
16408cee06 Allow Postgres to trigger readonly mode for the site. 2015-04-29 11:49:58 -04:00
Sam
729aaa826b Merge pull request #3404 from techAPJ/patch-1
FEATURE: magic login route for admin when SSO is enabled
2015-04-28 07:47:50 +10:00
Robin Ward
ecafbb0a63 Can delete users via the moderation queue 2015-04-27 15:06:20 -04:00
Robin Ward
3cb4554bbb Can refresh queued posts via button 2015-04-27 13:52:54 -04:00
Neil Lalonde
cce8693354 FIX: canonical link tag when using relative_url_root 2015-04-27 13:34:22 -04:00
Arpit Jalan
2932284293 FEATURE: magic login route for admin when SSO is enabled 2015-04-27 22:54:48 +05:30
Robin Ward
3a6efa25f0 Allow ReadOnly to propogate up to the Ember app via Response Header 2015-04-24 14:37:16 -04:00
Robin Ward
5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Neil Lalonde
ae028a5bb1 FIX: support for redirects to external url in permalinks table was broken 2015-04-23 16:45:28 -04:00
Régis Hanol
a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward
53ca51654d FIX: Avoid cookie overflows by truncating the referer we store in flash 2015-04-22 12:41:49 -04:00
Robin Ward
5bf8c31af4 Users can see their pending posts 2015-04-21 16:44:47 -04:00
Robin Ward
2cdd967188 Adds support for invisible approval queues, which we'll need for Akismet 2015-04-20 17:19:05 -04:00
Neil Lalonde
a3b6e3cb97 FIX: permalinks redirects with relative_url_root 2015-04-19 23:36:09 -04:00
Sam Saffron
6d2e651862 Revert "FIX: Missing letter avatars"
This reverts commit 03943554c6.
2015-04-20 06:41:08 +10:00
Sam
72ab1b9714 Merge pull request #3385 from tancnle/each-key-refactor
Replace Hash#keys.each with Hash#each_key for some perf boost
2015-04-20 06:17:27 +10:00
Robin Ward
03943554c6 FIX: Missing letter avatars
cc @zogstrip

It seems that the version string was ammended to return the ImageMagick
version. This caused the guard in the user avatars method to fail as the
versions weren't the same.

I changed it so it is comparing the right version, but I wonder if this
is bad as the controller is no longer using the ImageMagick version. Can
you please review?
2015-04-19 10:48:53 -04:00
Tan Le
9fbc763902 Replace Hash#keys.each with Hash#each_key for some perf boost 2015-04-18 21:53:53 +10:00
Robin Ward
2459f52c71 Merge pull request #3375 from techAPJ/patch-2
FEATURE: invite existing users to private topic
2015-04-16 11:13:42 -04:00
Arpit Jalan
866d1cd8e3 FIX: handle error for duplicate email_in address 2015-04-16 16:23:22 +05:30
Robin Ward
08b4b7b7ff Moderators can edit posts that are queued before they approve/reject 2015-04-15 17:20:34 -04:00
Arpit Jalan
d491d4f997 FEATURE: invite existing users to private topic 2015-04-16 00:52:54 +05:30
Robin Ward
0c233e4e25 Interface is wired up for Approving/Rejecting posts 2015-04-15 14:54:37 -04:00
Robin Ward
96d2c5069b Interface for reviewing queued posts 2015-04-15 14:54:37 -04:00
Robin Ward
22ffcba8e6 Convert Discourse.Post to ES6 and use Store model
- Includes acceptance tests for composer (post, edit)
- Supports acceptance testing of bootbox
2015-04-15 14:54:36 -04:00
Robin Ward
19a9a8b408 NewPostManager determines whether to queue a post or not 2015-04-15 14:54:36 -04:00
Arpit Jalan
499bed69e2 FIX: show error message if user already exist in group 2015-04-15 14:15:58 +05:30
Sam
2a3f71a9a1 SECURITY: log off all existing sessions when resetting password 2015-04-15 08:57:43 +10:00
Robin Ward
db4c04d606 FIX: Moderators shouldn't be able to see secure deleted posts 2015-04-13 11:48:31 -04:00
Sam
75890aed26 FEATURE: allow admins to choose a group as a primary group
FEATURE: allow admins to set a default title for a group
2015-04-10 12:17:28 +10:00
Régis Hanol
babbbc06d1 FIX: add support for .tgz and .gz backup files 2015-04-07 15:26:47 +02:00
Sam
f5d89169e2 FEATURE: initial implemenation of anonymous posting mode 2015-04-07 18:05:31 +10:00
Sam
5d31290dbc FIX: cleanup old letter avatars if needed
FEATURE: use image magick version as a key for letter avatars
2015-04-07 13:03:43 +10:00
Régis Hanol
33879e1311 Merge pull request #3199 from fantasticfears/seo
FEATURE: add microdata prop and more links for crawler
2015-04-06 11:18:34 +02:00
Robin Ward
82124b3222 UX: Login to decide when to show you near the top of the directory
Don't show yourself there if you are close to the top already.
2015-04-02 14:51:49 -04:00
Régis Hanol
1ec73b5ba0 FIX: use 'request.remote_ip' instead of 'request.ip' for better consistency 2015-04-02 16:24:27 +02:00
Robin Ward
28864e74bc FIX: Don't show the filter title on the default route 2015-03-30 11:40:44 -04:00
Sam
586cca352d move memory diagnostics into lib, so it can be reused elsewhere 2015-03-30 10:14:42 +11:00
Robin Ward
2cc5858163 Add site setting to disable User Directory, include restricted info 2015-03-26 11:26:19 -04:00
Robin Ward
33e35930b0 FIX: Server error when no results on user directory while logged in 2015-03-25 11:18:46 -04:00
Robin Ward
8fd339b994 Include the current user at the top AND in the user directory 2015-03-24 16:19:15 -04:00
Robin Ward
e3eaa7fa75 FIX: In long topics, filtering button was not always showing in card 2015-03-24 12:33:50 -04:00
Sam
bb20f64cb2 use standard error so its easier to catch 2015-03-23 12:20:50 +11:00
Robin Ward
6d38005a22 Allow staff to change uneditable user fields 2015-03-20 15:18:43 -04:00
Robin Ward
051a2a3d14 FEATURE: Can search the user directory by name 2015-03-19 18:07:48 -04:00
Robin Ward
1931850151 UX: Always show the current user at the top of the directory 2015-03-19 15:32:23 -04:00
Robin Ward
ae695d6438 UX: Show two lines per user on directory 2015-03-19 14:53:52 -04:00
Robin Ward
7ef306cd3b A bunch of tweaks to the Users directory
- Move user directory from `/directory` to `/users/`
- Defaults to 'weekly' time period
- Don't include deleted topics/posts in the results
- Move heart icon to header instead of on each row
- "Users" instead of "Users found"
2015-03-19 12:29:38 -04:00
Régis Hanol
df3b1f6968 FIX: editing a post wasn't showing error messages from the server 2015-03-19 12:25:15 +01:00
Robin Ward
3d2d224312 FEATURE: User Directory, with sorting and time period filter 2015-03-18 15:20:34 -04:00
Erick Guan
c955907f60 FEATURE: add microdata prop and more links for crawler
- add microdata based on schema.org
- add breadcrumb on the top of topic
- add navigations link on the bottom of every pages
- add category description on the category list
2015-03-16 22:52:10 +08:00
Régis Hanol
424a3b042a FEATURE: unified UI for pinning/banner topics
REFACTOR: ES6ified all the modals
2015-03-14 01:18:05 +01:00
Sam
a82530012a FEATURE: Allow selection of highlight js languages
PERF: stop loading highlight js on load

To get latest highlight js run bin/rake highlightjs:update
2015-03-13 16:18:59 +11:00
Régis Hanol
6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde
608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Robin Ward
3ad12d44f3 Use a mixin for the path function to DRY it up 2015-03-09 15:24:16 -04:00
Régis Hanol
fc962eb378 FEATURE: automatic daily roll-up for screened IP addresses 2015-03-09 18:55:17 +01:00
Sam
f5af4768eb FEATURE: add clean support for running Discourse in a subfolder
To setup set DISCOURSE_RELATIVE_URL_ROOT to the folder you wish
2015-03-09 13:14:29 +11:00
riking
cab92f947c FEATURE: All preload data available under /site/
This will be essential for entirely local Discourse clients.
2015-03-04 20:49:03 -08:00
Robin Ward
84b84a9d7c Support for url_list site setting. 2015-03-03 16:19:29 -05:00
Neil Lalonde
7c14db44cc UX: improve message when admin login is blocked because of admin ip address whitelisting 2015-03-02 12:13:22 -05:00
Neil Lalonde
1bf4f34049 FIX: topic and post counts are not updated when ownership of a post is changed 2015-03-02 12:13:21 -05:00
Sam
f555bbb416 FEATURE: long descriptions for badges to help teach people 2015-02-27 17:19:18 +11:00
Sam
71d6266f98 REGRESSION: exceptions are handled natively by logster 2015-02-27 13:05:51 +11:00
Robin Ward
3e2ba5b30b FIX: If an IP is blocked, don't allow people to login using it 2015-02-25 16:02:40 -05:00
Robin Ward
005b8bf7c3 FIX: When creating a SSO user via sync, do not user the IP address. 2015-02-25 14:41:23 -05:00
Régis Hanol
cf00e73ed8 Merge pull request #3234 from fullfatthings/add_remove_group_members_by_id_or_name
Allow adding and removing members of groups by username or id
2015-02-25 17:30:25 +01:00
Arpit Jalan
a8b927da91 FEATURE: add canonical tag to category latest page 2015-02-25 20:46:45 +05:30
Dan Singerman
1c545d4c1e Allow adding and removing members of groups by username or id
As discussed here: https://meta.discourse.org/t/discourse-gem-group-add/25668/2.
2015-02-25 14:52:13 +00:00
Sam
fe578f9944 FEATURE: Allow manual assignment of related post to badge
PERF: clean up performance of user badges admin when large number of badges exist
2015-02-25 12:53:01 +11:00
Sam
130dbf7358 PERF: don't run stats query in user card 2015-02-24 13:31:23 +11:00
Sigurður Guðbrandsson
96e6fd3449 Cleaned up the sso codefix, thanks @SamSaffron
@SamSaffron showed me a cleaner way to use the if statements in the sso redirect code.

Thanks sam ;)
2015-02-23 22:10:44 +00:00
Sigurður Guðbrandsson
334a357363 FIX: Forward to SSO login automatically
Forward to SSO login URL automatically if SSO is enabled and login is required.

Makes it simpler for users to log in automatically.
2015-02-23 21:20:36 +00:00
Robin Ward
ca5730018a FIX: SSO code should respect IP address filters 2015-02-23 16:01:46 -05:00
Robin Ward
8186d86f38 FIX: Enforce max length for custom user fields 2015-02-23 13:02:30 -05:00
Sam
5266ad4539 Merge pull request #3183 from riking/json-errors-2
Consolidate custom exception handling
2015-02-23 16:58:05 +11:00
riking
ecb911285d Fix the render_json_error api 2015-02-22 21:28:50 -08:00
Sam
6960639c58 Merge pull request #3190 from riking/thrown_logging
Delete old ErrorLog, use Logster for 500 errors
2015-02-23 14:19:16 +11:00
Régis Hanol
20c9a312c7 FIX: clicks counter on attachments wasn't always working 2015-02-22 20:47:18 +01:00
Sam
17927b2e8b FIX: don't use flash cause we are not redirecting
(we should probably change that though)
2015-02-20 10:28:58 +11:00
Sam
67f404d281 FIX: remove notifications on deleted topics from the stream 2015-02-19 12:40:00 +11:00
Sam
59a28bf5c1 regression: bookmarked may be missing, do not fail 2015-02-19 11:42:01 +11:00
Sam
b041b3f67f FIX: bookmark topic was not working intuitively
- explicitly call out "clear bookmarks"
- correct keyboard shortcuts
- properly remove bookmarks when toggeling
2015-02-19 10:58:57 +11:00
Loïc Guitaut
395654bf24 Fix regression on editing private messages
v1.2.0beta9 has introduced a regression in edit of a private topic
(first post). Previously a check for no change in TopicsController was
made but it has been changed without considering that the topic could
be private.

By simply forcing a conversion of `topic.category_id` to integer, the case
where its value is nil is handled correctly as it was previously.
2015-02-18 00:41:16 +01:00
Sam
6c09b6739d BUG: minor, do not send access origin if not set 2015-02-17 09:58:43 +11:00
Régis Hanol
0b45054e2b FIX: couldn't uncategorize a topic 2015-02-16 10:31:36 +01:00
Robin Ward
3ce2077aa8 Migrate unsubscribe keys to the database.
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
Sam
ca915e8ad7 correct issue under 2.0.0 2015-02-11 17:41:24 +11:00
Sam
9a59caf800 add regexp to reporting 2015-02-11 17:23:54 +11:00
Sam
e427d54191 FEATURE: show large objects in admin/memory_stats 2015-02-11 17:18:47 +11:00
Régis Hanol
c4e427cf73 FEATURE: filter screened IP addresses 2015-02-10 19:38:59 +01:00
Robin Ward
8d46de4819 Add a spec for the new plugins controller 2015-02-10 12:35:53 -05:00
Sam
39e828dee4 improve formatting 2015-02-10 15:59:08 +11:00
Sam
d5405eebde Add basic snapshot comparison for tracking memory leaks 2015-02-10 15:54:16 +11:00
Sam
1d99f5c9c0 FEATURE: add process stats to memory report 2015-02-10 12:34:01 +11:00
Sam
3aea00473b FEATURE: improve memory reporting of /admin/memory_stats 2015-02-10 11:48:30 +11:00
riking
68ccd2d664 FEATURE: All 500 errors now show up in Logster
Added Discourse.handle_request_exception()
2015-02-09 12:48:33 -08:00
riking
5657006aca Rename handle_exception to handle_job_exception 2015-02-09 12:47:46 -08:00
riking
8d39480831 use symbols for error types (squash me) 2015-02-09 10:20:00 -08:00
Régis Hanol
1e6f886886 FIX: use distributed mutex to prevent errors when uploading emojis in batches 2015-02-09 18:54:57 +01:00
Lincoln Lee
02f3f8c1b3 Fix customize HTML/CSS only show desktop code
custom_top and custom_footer method in SiteCustomization is setting
:desktop as default argument for `target`

It output the desktop version of the custom_top, custom_footer even
user in mobile_view.

This fix is adding the missing target into method argument.
2015-02-10 00:48:42 +08:00
Sam
e8323fa534 FIX: removing a group from a user was not removing primary group 2015-02-09 16:03:09 +11:00
riking
a16aa9fde8 HACK: Keep old behavior for topics#show 2015-02-08 13:56:56 -08:00
riking
8cf21f2363 FEATURE: Refactor error returns in application_controller 2015-02-08 13:40:38 -08:00
Robin Ward
3d7b534564 FEATURE: New "Plugins" admin section with extensibility support 2015-02-06 17:33:24 -05:00
Régis Hanol
8e2d84ee27 Merge pull request #3174 from riking/patch-poll
FIX: Allow closing polls in multi-locale sites
2015-02-06 09:44:44 +01:00
Sam
95f8b3ed4c FIX: status route should be served as text not html 2015-02-06 15:56:21 +11:00
riking
06f02ce9fc FIX: 🈂️ Allow closing polls in multi-locale sites 2015-02-05 19:55:03 -08:00
Sam
3a0cd0b760 make custom fields a bit more permissive input wise 2015-02-06 09:03:23 +11:00
Robin Ward
4e64d16a47 FEATURE: Allow plugins to log staff actions 2015-02-05 15:26:34 -05:00
Régis Hanol
f1403206ca Merge pull request #3169 from riking/patch-3
SECURITY: Don't leak topic title in the redirect
2015-02-05 12:47:58 +01:00
Arpit Jalan
026df5185e FIX: subcategory url was incorrect in rss 2015-02-05 13:22:28 +05:30
Robin Ward
25daca8f23 Helpers for plugins to support enabling/disabling 2015-02-04 16:23:56 -05:00
riking
4c8850108a SECURITY: Don't leak topic title in the redirect 2015-02-04 11:55:39 -08:00
Sam
67eccee990 FEATURE: basic disk space usage stats 2015-02-04 18:05:17 +11:00
Arpit Jalan
68377ba4ab add class for container div on 404 page 2015-02-04 00:40:21 +05:30
Régis Hanol
0e5c9b2590 small upload code refactor 2015-02-03 18:44:18 +01:00
Ryan Fox
c3f21dcdfc Remove the .json part from the external_id value when using it to lookup a user. 2015-02-02 12:58:02 -05:00
Ryan Fox
1f0915bf83 Allow periods in the external_id value used in the /users/by-external route. 2015-02-02 12:55:32 -05:00
Sam
b1f81c0dca Merge pull request #3080 from riking/misc
Miscellaneous fixes from PR#3000
2015-01-30 10:23:17 +11:00
Sam
ea7af7a83b Merge pull request #3135 from longhotsummer/fix-no-user-params
FIX: creating a user shouldn't error when optional fields aren't given
2015-01-30 10:12:57 +11:00
Neil Lalonde
67b262b93e Merge branch 'master' of github.com:discourse/discourse 2015-01-29 17:39:52 -05:00
Neil Lalonde
644c7a4675 FEATURE: Add an option to show custom user fields on profiles. Default is to not show them. 2015-01-29 17:38:39 -05:00
riking
85a7b925c7 Miscellaneous fixes from PR#3000
FIX: Don't require login to view post raw
FIX: Don't submit read-guidelines for anonymous users (causes
unnecessary 403 errors from ensure_logged_in)
FIX: Don't pass nil to an array serializer
2015-01-29 13:56:32 -08:00
Sam
a6ce188f35 Merge pull request #3126 from riking/latest-posts
Latest posts endpoint at /posts.json
2015-01-30 08:55:45 +11:00
Robin Ward
f028b51620 Add post parameters so plugins like akismet can use it for spam
prevention.
2015-01-29 13:09:35 -05:00
Robin Ward
1f40807001 Add extensibility point for whenever a post is created 2015-01-29 12:46:29 -05:00
Arpit Jalan
4e4bb736a8 build is failing :fired: 2015-01-29 15:18:38 +05:30
Arpit Jalan
e8db47a1fe FIX: PMs were not allowed to be edited in some cases 2015-01-29 15:00:11 +05:30
Régis Hanol
cd2c9edb46 FIX: 🐛 upload on IE9 wasn't working :'(
- FIX: make sure we set a default name to a pasted image only on Chrome (the only browser that supports it)
- FIX: use ".json" extension to uploads endpoints since IE9 doesn't pass the correct header
- FIX: pass the CSRF token in a query parameter since IE9 doesn't pass it in the headers
- FIX: display error messages comming from the server when there is one over the default error message
- FIX: HACK around IE9 security issue when clicking a file input via JavaScript (use a label and set `visibility:hidden` on the input)
- FIX: hide the "cancel" upload on IE9 since it's not supported
- FIX: return "text/plain" content-type when uploading a file for IE9 in order to prevent it from displaying the save dialog
- FIX: check the maximum file size on the server 💥
- update jQuery File Upload Plugin to v. 5.42.2
- update JQuery IFram Transport Plugin to v. 1.8.5
- update jQuery UI Widget to v. 1.11.1
2015-01-28 19:43:20 +01:00
Robin Ward
8fc477ab07 More refactoring to support extensibility of history 2015-01-28 13:37:06 -05:00
Robin Ward
d43944b3ed Extensibility for tracking changes to a topic 2015-01-28 13:37:06 -05:00
Greg Kempe
d99ccf6d27 FIX: creating a user shouldn't error when optional fields aren't provided
This fixes a bug where the server would 500 if the only user fields
where optional ones, and the create_user call didn't provide any
values so that params[:user_fields] was nil.

Additionally, don't bother double-checked for required fields, since we
iterate over all fields and will catch any that are required and blank.
2015-01-27 11:48:27 +02:00
Sam
497042ddf2 FIX: don't restrict to local filesystem for df check
FIX: check correct directory when looking at backup limits
2015-01-27 08:25:57 +11:00
riking
9e9119d1c1 FEATURE: Enable pagination of /posts.json 2015-01-23 21:22:19 -08:00
riking
1d24d8471e FEATURE: Latest posts endpoint at /posts.json 2015-01-23 21:16:03 -08:00
riking
fb72e2665f PERF 🐎 Don't calculate preload data for non-xhr json requests
This will help out anyone querying as API instead of through a
browser.
2015-01-23 21:14:58 -08:00
Régis Hanol
f7f5e39f75 FIX: Minor Admin bug with a setting when creating a new group 2015-01-23 20:31:48 +01:00
Régis Hanol
256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
Robin Ward
b3a2c0c45b SECURITY: The SSO return_path was an open redirect
This security fix needs SSO to be configured, and the user has to go
through the entire auth process before being redirected to the wrong host so
it is probably lower priority for most installs.
2015-01-22 12:20:17 -05:00
Régis Hanol
e300945879 FEATURE: split group admin in 2 tabs (custom & automatic)
FIX: clear the user-selector when adding new members
2015-01-21 20:52:48 +01:00
Neil Lalonde
7412ff4da7 FIX: suspended users are logged out when they are suspended. Show a reason for suspension when they try to log in. 2015-01-19 12:37:02 -05:00
riking
1ab0d6bd82 FEATURE: Log username changes by staff
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
Régis Hanol
7a86abd105 Merge pull request #3084 from jmay/group-managers
table & model changes for group managers with permission to edit members
2015-01-16 12:02:38 +01:00
Robin Ward
987504c6ab Rename no_js layout to no_ember
While *sometimes* `no_js` was used for visitors without js (for example
disabling it on your browser) it was also used for some pages that were
disabled to JS capable browsers, including the 404 page.

Even worse, sometimes it was used on pages that *had* Javascript, such
as our `/activate-account` route. It has been renamed to `no_ember` to
indicate what it really is, a layout for the site that doesn't load our
Ember.js application.
2015-01-15 15:56:53 -05:00
Arpit Jalan
c619aed8f9 💄 add username and date-time in exported file name 2015-01-16 01:39:46 +05:30
Jason W. May
a2b284a0a4 table & model changes for group managers with permission to edit membership 2015-01-15 11:44:42 -08:00
Régis Hanol
6734a51b6a move SiteText.{head,top,bottom} to SiteCustomization 2015-01-14 12:15:53 +01:00