Robin Ward
2766b2edc3
FIX: Allow redirection for slugs that start with digits
2016-09-19 13:31:19 -04:00
Sam
8dc4329094
FEATURE: optionally get extra profile info from facebook
...
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
Sam
5b3cd3fac9
FEATURE: Import facebook avatars when logging in via facebook
...
FIX: warning about popup dimensions when using facebook login
Rules are:
- On account creation we always import
- If you already have an avatar uploaded, nothing is changed
- If you have no avatar uploaded, we upload from facebook on login
- If you have no avatar uploaded, we select facebook unless gravatar already selected
This also fixes SSO issues where on account creation accounts had missing avatar uploads
2016-09-19 15:10:23 +10:00
Erick Guan
c463cf63d4
FEATURE: Webhook for user creation and approval
2016-09-19 10:12:55 +08:00
cpradio
0d2d8797b6
FIX: Backup validation wasn't escaping hyphens
2016-09-16 15:20:42 -04:00
Guo Xiang Tan
a04dadf9b4
FIX: Randomly failing specs try 2.
2016-09-16 15:10:37 +08:00
Guo Xiang Tan
903d1dd326
FIX: Randomly failing specs.
2016-09-16 14:56:59 +08:00
Sam
75f3f7fcbd
FEATURE: clean API method for reading a single notification
2016-09-16 16:14:15 +10:00
Guo Xiang Tan
512922d776
SECURITY: Add filename validation for backup uploads.
2016-09-16 11:58:14 +08:00
Sam
33578a2c17
FIX: always import avatars during SSO if they are missing
2016-09-16 09:45:00 +10:00
Arpit Jalan
e46204d195
FIX: allow long words if they contain periods
2016-09-13 09:15:05 +05:30
Robin Ward
2c9a47dda5
FIX: Validate the raw content of posts before enqueuing them
2016-09-12 12:26:49 -04:00
Neil Lalonde
06eb256d0a
FIX: blocking users should never hide all posts if they are trust level 1 or higher
2016-09-12 11:58:10 -04:00
Sam
2d859ba0ed
FIX: user api should always be available to staff
2016-09-12 15:42:06 +10:00
Robin Ward
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
Robin Ward
9609a47016
Ability to skip email validation via a plugin
2016-09-07 14:05:46 -04:00
Guo Xiang Tan
35bc0c943f
More randomly failing specs fixes.
2016-09-05 19:33:03 +08:00
Erick Guan
9ce61b4586
FEATURE: Webhooks.
2016-09-05 18:44:00 +08:00
Guo Xiang Tan
1f70fc9e11
Make sure we reset global in specs.
2016-09-05 18:18:14 +08:00
Guo Xiang Tan
31d900f7e7
Fix build.
2016-09-05 17:03:41 +08:00
Guo Xiang Tan
aa1f306894
Properly clean up plugin event in specs..
2016-09-05 16:10:03 +08:00
Guo Xiang Tan
aabb7a8592
FIX: DiscourseEvent should not be triggered from within the controller.
2016-09-05 15:58:04 +08:00
Guo Xiang Tan
ec90655c41
FIX: Clean up specs properly.
2016-09-05 15:48:59 +08:00
Guo Xiang Tan
aa9decf6fd
Remove DiscourseEvent.clear
.
2016-09-05 15:17:49 +08:00
Sam
e0a2346b92
no more protocol-less CDN urls
2016-09-05 16:05:48 +10:00
Sam
59640bae3b
FIX: absolute URL for CDN should always be rooted with a protocol
2016-09-05 15:57:46 +10:00
Guo Xiang Tan
e4b75f604c
FIX: Make clean up upload script a safer task to run.
2016-09-05 10:06:02 +08:00
Sam
340874d345
FIX: post notifications in JSON so we properly support arrays and so on
2016-09-04 15:51:16 +10:00
Sam
1d281e02c7
id is optional if already specified in header
2016-09-02 17:08:46 +10:00
Sam
be0fd5b4cc
FEATURE: allow user api key revocation for read only keys
2016-09-02 17:04:00 +10:00
Sam
0a39ba43ed
FIX: always respect avatar_force_update
2016-09-02 12:04:22 +10:00
Sam
211c374df6
Merge pull request #4213 from fantasticfears/sso
...
FIX: Importing user avatar when new user login by SSO
2016-09-01 18:05:18 -07:00
Guo Xiang Tan
90a0327fd2
FIX: Check against reserved usernames should be case insensitive.
2016-08-31 21:53:41 +08:00
Robin Ward
7da44e3bf0
FEATURE: Support author meta tags for embedding
2016-08-30 12:01:04 -04:00
Erick Guan
0217973374
FIX: Importing user avatar when new user login by SSO
2016-08-29 20:47:19 +08:00
Neil Lalonde
2251104e32
FEATURE: avatar flair can be font awesome icons
2016-08-26 17:15:37 -04:00
Robin Ward
20241a01e9
FIX: Run the regular expression against query parameters
2016-08-26 12:47:47 -04:00
Sam
ca79c4b276
stop eating up push_urls
2016-08-26 13:23:06 +10:00
Sam
fcdf13f52d
add some more testing
2016-08-26 13:18:20 +10:00
Sam
a37db9448f
correctly return access rights in auth redirect
2016-08-26 13:12:38 +10:00
Sam
4fe52c8cbe
FEATURE: backend support for pushing notifications to clients
2016-08-26 12:47:10 +10:00
Guo Xiang Tan
2f39293867
FIX: User enabled readonly mode was not working.
2016-08-25 23:31:59 +08:00
Neil Lalonde
7a81669c18
SECURITY: don't allow re-using the current password during password reset
2016-08-24 12:27:21 -04:00
Régis Hanol
038eb6f645
FIX: translations with a symbol as key should also be overridable
2016-08-24 11:53:03 +02:00
Robin Ward
c3a3aff120
FEATURE: Support for a whitelist for embeddable host paths
2016-08-23 14:56:12 -04:00
Robin Ward
1468616465
FIX: Support links with google analytics tracking and hashes
2016-08-23 12:13:31 -04:00
Guo Xiang Tan
17f0727b04
FIX: Don't track user profile view when viewed by system user.
2016-08-23 16:25:31 +08:00
Robin Ward
884bdf7240
FEATURE: Ability to scrub titles when importing embeddable content
2016-08-22 12:43:02 -04:00
Arpit Jalan
4a2f0e772c
add specs for post ownership change without revision
2016-08-20 01:27:48 +05:30
Robin Ward
4061725a95
FIX: Don't ever grant badges when they're disabled
2016-08-19 15:16:37 -04:00