Commit graph

1077 commits

Author SHA1 Message Date
Neil Lalonde
92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Neil Lalonde
52b0c1c45f When logging the deletion of a user, don't store its id in the target_user_id column. It will never match a user record. 2013-11-01 10:47:26 -04:00
Robin Ward
744cd93f28 FIX: Non-English category name regression 2013-10-31 16:25:26 -04:00
Neil Lalonde
ce5ebc3eb5 On sites with login_required enabled, after signup, don't show the /login page again 2013-10-30 16:37:36 -04:00
Robin Ward
704adc00ca FIX: Broken test. No idea why the name randomly changed! 2013-10-30 16:04:26 -04:00
Robin Ward
3d6d7c8abe SiteSetting to hide regular names from users 2013-10-30 15:45:34 -04:00
Neil Lalonde
c8d5db38d6 Emails to banned users will be sent for notifications of PMs from staff users 2013-10-30 15:31:16 -04:00
Robin Ward
6063b52d6a Support for choosing a destination category when splitting topics. 2013-10-29 15:30:06 -04:00
Manoj
9650dbb97c Refactor topics controller
Refactor: 1) TopicsController to reduce code climate complexity.
2) Topic model, addressed comments

fix typo
2013-10-28 11:42:07 +05:30
Sam
95e936c299 cleanup API for looking up a user by email or username, add specs, fix invalid auto association in open id provider 2013-10-28 16:29:07 +11:00
Sam
370e961a90 add failing test for AMS upgrade 2013-10-28 15:55:27 +11:00
Robin Ward
f4d9bf9181 Merge pull request #1573 from railsaholic/use_existing_find_by_username_or_email
Utilize already existing method 'find_by_username_or_email'
2013-10-25 12:57:18 -07:00
Neil Lalonde
4e46d91b8d Refactor SpamRulesEnforcer so that each spam rule is in its own class 2013-10-25 13:25:02 -04:00
Sam
4929c5db71 FIX: when allow_uncategorized_topics was false, PMs can not be created 2013-10-25 09:33:39 +11:00
Manoj
96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Sam
cc83b55134 fix incorrect test, that fails if shared test state gets corrupt 2013-10-24 14:55:55 +11:00
Sam
666264879c change it so all topics MUST include a category, we store a special uncategorized category to compensate
this cleans up a bunch of internals and removes some settings
2013-10-24 12:08:02 +11:00
Neil Lalonde
8aab2253d0 Whitelisted ip addresses will not be flagged as spam by flag_sockpuppets 2013-10-23 17:11:35 -04:00
Robin Ward
541620c115 Routes and support for sub-categories 2013-10-23 15:22:49 -04:00
Robin Ward
c814fc16a3 Database structure to support sub categories 2013-10-23 15:22:49 -04:00
Robin Ward
f73a64982a Raise an error if a api_username is supplied and does not match the key 2013-10-23 11:05:49 -04:00
Brian Alexander
e2a5415aca fix #1567; nil reference in spam_rules_enforcer.rb 2013-10-22 19:14:31 -06:00
Neil Lalonde
c1008f4359 Fixes for postgresql inet columns in Rails 4. They're backed by an IPAddr class now, which breaks sql parameter marker support, and automatically sets the attribute to nil when trying to assign an invalid ip address. 2013-10-22 19:19:32 -04:00
Robin Ward
348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Neil Lalonde
7d582fbee3 Screened ip address can be edited, deleted, and changed to allow or block. 2013-10-22 16:30:46 -04:00
Régis Hanol
9b2f821012 Merge pull request #1512 from ScotterC/avatar-from-url
Build out a URI Adapter to allow uploading an avatar via a url
2013-10-21 13:17:37 -07:00
Robin Ward
2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Scott Carleton
cbef844a57 Build out a URI Adapter to allow uploading an avatar via a url
Currently only really accessible via the API. The UriAdapter creates a
tempfile from a url and gives a ActionDispatch::HTTP::UploadedFile back
to the controller to process as normal.
This will help a lot in being able to transfer avatar urls from another
app without monkey patching a lot of discourse code.
2013-10-21 14:53:03 -04:00
Neil Lalonde
648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Régis Hanol
fcd85b8a72 allow plugins to be symlinked 2013-10-21 19:59:28 +02:00
Sam
451a1620f9 Merge pull request #1545 from railsaholic/lists_controller_refactor
Remove duplication of action defintion
2013-10-20 22:19:40 -07:00
Sam
31b73171dc correct ordering algorithm 2013-10-21 16:14:09 +11:00
Manoj
7dfa99998f Remove duplication of action defintion, add missing spec for topics_by, extract out URL construction logic 2013-10-21 08:34:18 +05:30
Sam
25723de9c8 no need for the undefine 2013-10-21 09:52:28 +11:00
Manoj
868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Robin Ward
d7182d0b14 FIX: Only wrap inline html tags in <p> 2013-10-18 15:21:05 -04:00
Sam
5f74cb6bf9 category is not "positionable" 2013-10-18 18:09:30 +11:00
Sam
1ee49798b2 work in progress wide category list 2013-10-18 11:10:10 +11:00
Sam
7bf96ee690 naive implementation of post_count on categories 2013-10-18 11:10:10 +11:00
Robin Ward
0a4f5af4a8 Merge pull request #1531 from railsaholic/topics_model_refactoring
Refactored Topic#limit_topics_per_day to improve Code Climate Complexity
2013-10-17 06:56:41 -07:00
Sam
1b81f73325 logged in requests were being treated as anon, causing major havoc 2013-10-17 10:37:18 +11:00
Neil Lalonde
cabe8f0d2d Clean up ScreenUrl normalization and matching 2013-10-16 16:39:29 -04:00
Robin Ward
2a8db38c7a FIX: Smoke test failure 2013-10-16 16:01:41 -04:00
Robin Ward
f27413219e Support for MDTest 2013-10-16 10:28:42 -04:00
Manoj
7c03076c2a Refactored Topic#limit_topics_per_day to reduce code climate complexity
Extracted  1) #apply_per_day_rate_limit_for, method as generic
RateLimiter , 2) #limit_first_day_topics_per_day as a separate method,
3) Added User#added_a_day_ago?, 4) Fixed private methods indentation.
2013-10-16 14:58:18 +05:30
Sam
3d647a4b41 remove rack cache, it has been causing trouble
instead implement an aggressive anonymous cache that is stored in redis
this cache is sitting in the front of the middleware stack enabled only in production
TODO: expire it more intelligently when stuff is created
2013-10-16 16:39:18 +11:00
Robin Ward
b62913695c Merge pull request #1528 from JEG2/master
Adding post details in preparation for the API importer code.
2013-10-15 08:19:19 -07:00
Robin Ward
5281b7f80c Upgraded and refactored Sanitizing. Much less crap should get through now!
Conflicts:
	app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-15 10:53:11 -04:00
James Edward Gray II
1aa9fc982d Adding post details in preparation for the API importer code. 2013-10-15 09:21:30 -05:00
Régis Hanol
4536b5fe04 added a job to clean up orphan uploads 2013-10-15 11:15:48 +02:00
Régis Hanol
d80f4fa3f7 Merge pull request #1523 from dbarbera/avatar_formats_fix
add image authorization on upload_avatar
2013-10-14 05:33:25 -07:00
Sam
7df4e4afb9 security fix, anon should not be treated as though they can create anything 2013-10-13 09:54:48 +11:00
dbarbera
9106596a9a add image authorization on upload_avatar 2013-10-12 14:11:44 +02:00
Régis Hanol
23bf4436f5 FIX: avatar was attached to the user who uploaded it... 2013-10-12 10:55:41 +02:00
Robin Ward
af931f0444 Reverting the Sanitizer commit in case we have to do something urgent
before we deploy it early next week. It's in the branch `sanitizer` for
now.

This reverts commit 9e93d8ed52.
2013-10-11 16:44:26 -04:00
Robin Ward
9e93d8ed52 Upgraded and refactored Sanitizing. Much less crap should get through now!
Conflicts:
	app/assets/javascripts/discourse/components/syntax_highlighting.js
2013-10-11 16:25:40 -04:00
Neil Lalonde
3c2c6ab24b Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic. 2013-10-11 13:34:05 -04:00
Régis Hanol
c38ba8acdd add rss links to anonymous homepages 2013-10-11 18:43:29 +02:00
Sam
172a85ae14 prettier twitter links, extracted mini api 2013-10-11 11:46:35 +11:00
Sam
b0465c517e (experimental) added framework for filtering all sorts of internals in discourse and consuming by plugins 2013-10-10 18:45:40 +11:00
Sam
ad2ed5fe51 rate limits for topics and posts on first day
max_topics_in_first_day and max_replies_in_first_day
2013-10-10 10:32:03 +11:00
Sam
7993845bfa add current_user_provider so people can override current_user bevior cleanly, see
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Neil Lalonde
bccb37b6f3 When creating a topic, don't select a category by default when allow_uncategorized_topics is false. Also, added category validation on the server to enforce allow_uncategorized_topics. 2013-10-08 14:41:20 -04:00
Sam
e18b93026a defer view creation on so updates are not performed when people navigate to topics 2013-10-07 15:04:59 +11:00
Sam
5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Robin Ward
c8487f6bc7 FIX: Amazon spec 2013-10-04 12:49:39 -04:00
Sam Saffron
ad93fc959c security issue, anon and logged in users could see the fact that a user sent another user a pm (but could not see the pm itself or title) 2013-10-03 16:48:03 -07:00
Robin Ward
3562d02905 Adjust smoke test to work with user expansion 2013-10-03 14:17:25 -04:00
Régis Hanol
af96ef2994 FIX: deleting a flagged post issue
cf. http://meta.discourse.org/t/deleting-a-flagged-post-issue/10061

The bug was only happening when you were about the delete the first post, which means deleting the entire topic.
2013-10-02 16:59:57 +02:00
Sam
f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Robin Ward
3f0c03a20c FIX: Prevent unauthorized list of private message titles. Also remove some unused code. 2013-09-30 14:35:11 -04:00
Régis Hanol
40c08eab14 do not break oneboxes' favicon after updating favicons 2013-09-30 19:09:57 +02:00
Robin Ward
37304b7eba FIX: Too many new lines in long quotes 2013-09-27 15:08:56 -04:00
Régis Hanol
cd4cda5b4c allow users to specify thumbnail size 2013-09-27 10:57:31 +02:00
Neil Lalonde
07d08b81c7 Show mobile view as default for nexus 7 tablet 2013-09-23 17:13:29 -07:00
Robin Ward
60abde2253 FIX: Broken spec 2013-09-19 18:40:46 -07:00
Robin Ward
99b6a62fcb New composer message for people dominating a topic 2013-09-17 14:38:39 -04:00
Robin Ward
16dc0a7001 New user education notification was off by one. Also, remove the "basic" restriction on the
"posting too often" message.
2013-09-17 12:12:03 -04:00
Neil Lalonde
0fafe124db Add enable_mobile_theme site setting. Uncheck it to disable the mobile theme. 2013-09-17 11:25:37 -04:00
Robin Ward
2baf5fda8e Merge pull request #1438 from Elegios/composer_use_category_id
Make the composer and TopicCreator use category id instead of category name
2013-09-17 08:03:48 -07:00
Neil Lalonde
b15e629f46 Strip trailing slashes from ScreeningUrl records 2013-09-17 10:26:05 -04:00
Viktor Palmkvist
37673e3412 Make the composer and TopicCreator use category id instead of category name
Also fixes #1171
Includes backwards compatibility for topic creation
2013-09-17 12:13:19 +02:00
Neil Lalonde
c845071066 Fix an error with mobile custom header 2013-09-16 12:55:44 -04:00
Neil Lalonde
13f17b2a5c Add ability to customize css and header for mobile 2013-09-16 12:28:02 -04:00
Nathan Nontell
d95172cb5d Allow TextSentinel#seems_unpretentious? to accept words joined with dashes or forward slashes. (Issue 1133) 2013-09-16 09:45:57 -04:00
Matthieu Guillemot
3ba1f20674 New site settings to enable/disable the possibility of editing user's nickname or email address 2013-09-14 21:34:21 +09:00
Robin Ward
b39d39dbb6 FIX: Use post_count instead of topic_reply_count in education for replies. 2013-09-14 00:32:18 -04:00
Robin Ward
c365bd0070 Notify users posting sequential replies that there's a better way to do it. 2013-09-13 13:49:34 -04:00
Robin Ward
7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Sam
4599e5d732 oops did not have autospec running 2013-09-12 15:55:18 +10:00
Robin Ward
fcff4e80d1 New user_stats table to keep track of queried information on a user.
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00
Neil Lalonde
e8ef55c446 Rename StaffActionLog to UserHistory 2013-09-10 22:01:20 -04:00
Neil Lalonde
cc2acafc9a Enable mobile view. Use local storage to remember whether you chose mobile or desktop view. Mobile device detection needs to be replaced with a better solution. 2013-09-10 16:44:17 -04:00
Robin Ward
2319924206 Adds a class that can detect whether a user has uploaded a custom avatar 2013-09-10 15:39:11 -04:00
Neil Lalonde
78c15d5810 Move the unique post key storage code into the Post model 2013-09-09 16:17:31 -04:00
Einar Jonsson
724b3aadcf Extracted nickname registration out of the UsersController and into its
own service.
2013-09-09 09:26:50 +00:00
Robin Ward
b87a78f7b2 Merge branch 'master' of github.com:discourse/discourse 2013-09-06 18:01:33 -04:00
Robin Ward
c8ad977c8a Revert "Merge pull request #1215 from Elegios/composer_use_category_id"
This reverts commit 763859d439, reversing
changes made to b62caf80fb.
2013-09-06 18:00:57 -04:00
Neil Lalonde
10547848f0 Update importer_spec for system user 2013-09-06 16:51:43 -04:00
Robin Ward
763859d439 Merge pull request #1215 from Elegios/composer_use_category_id
Make the composer and TopicCreator use category id instead of category name
2013-09-06 11:55:27 -07:00
Régis Hanol
45b838009c proper content-disposition header when downloading attachments 2013-09-06 19:23:56 +02:00
Neil Lalonde
eae7e75611 FIX: recover post by a non-staff user fails because the post is not unique. Uniqueness check shouldn't happen when recovering a deleted post. 2013-09-06 11:50:15 -04:00
Sam
641c51367a fix broken build
hack to allow for PMs with no users for flagging needs
2013-09-06 18:03:30 +10:00
Sam
2ce4468aa5 rename system_username to site_contact_username , system_user is a special user with -1 id that is only used for certain admin tasks
for example system_user will autoclose stuff if needed, it will delete stubs and be the target for flag pms
2013-09-06 17:28:37 +10:00
Sam
41a1b6942d notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Sam
ee6882edfb ATTENTION NEIL, comment out a big pile of importer specs, this is code we never use and running a big slug of tests to ensure it keeps working is pointless.
We need to decide what we do with this. Either we get import/export working and used or strip it out till ready.
No point slowing down the test suite and fixing regressions in code this code
2013-09-06 12:56:08 +10:00
Neil Lalonde
341f8c8877 fix application_helper_spec 2013-09-05 17:01:10 -04:00
Neil Lalonde
9b526364ed Merge branch 'mobile' 2013-09-05 16:29:27 -04:00
Neil Lalonde
45d7765936 Merge branch 'master' into mobile 2013-09-05 15:54:22 -04:00
Emili Parreno
4a0f3b3ac2 fix user_controller_spec when testing too long usernames 2013-09-05 17:36:53 +02:00
Neil Lalonde
cde631cbd1 Change default of notify_mods_when_user_blocked to false 2013-09-05 11:27:24 -04:00
Robin Ward
71c1b8b9b9 When deleting a post as staff, ask if you want to delete direct replies too 2013-09-05 11:03:34 -04:00
Robin Ward
f157ec1f91 Select +Replies for bulk operations 2013-09-05 11:03:29 -04:00
Emili Parreno
9fdabd3b8a refactor spec_helper 2013-09-05 13:22:15 +02:00
Sam
5b08f73561 give god rights of impersonation to developers, must be edited into the production.rb config file 2013-09-05 10:27:34 +10:00
Neil Lalonde
d76486a48b Topic can have null user_id when user was nuked 2013-09-04 15:42:24 -04:00
Neil Lalonde
117fc8db58 Change the way nuked users' posts are handled. Allow null in the user_id column of posts. Show these posts in the posts stream. 2013-09-04 15:42:21 -04:00
Neil Lalonde
b47eedba00 Add min_trust_to_create_topic setting to require a certain trust level before users can start new topics 2013-09-03 19:12:22 -04:00
Robin Ward
3cec95a2c3 Better API for parsing out blocks in the parser. 2013-08-29 11:47:44 -04:00
Emili Parreno
1dedfb2251 fix user_name_suggester spec 2013-08-29 16:15:02 +02:00
Régis Hanol
e15982a476 FIX: convert error in test 2013-08-28 22:06:09 +02:00
Neil Lalonde
f611a5d898 If min entropy setting is greater than min post/body length setting, then use a sensible min entropy value instead 2013-08-28 11:04:28 -04:00
Sam
61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Sam
28466eb5b2 group the "suggested topics" by category correctly.
in the past new topics were not prioritizing current category and
new topics in a category were not being inserted before other unread topics
in other categories
2013-08-28 10:52:06 +10:00
Sam
c0f610daf6 digest interfaces returning empty objects (except for id) interface needed correction 2013-08-28 10:52:06 +10:00
Neil Lalonde
9efa29e688 Detect whether to use mobile view. Session var mobile_view can override automatic detection. 2013-08-27 14:57:42 -04:00
Sam
83d8bcdc27 revert non queuing of emails 2013-08-27 11:52:28 +10:00
Robin Ward
29385f4898 Merge pull request #1387 from ZogStriP/fix-schemaless-urls-in-emails
FIX: schemaless urls in emails
2013-08-26 15:15:00 -07:00
Régis Hanol
561792a615 FIX: schemaless urls in emails 2013-08-27 00:08:38 +02:00
Robin Ward
1c3c468675 FIX: Single quotes in search terms would raise an error. 2013-08-26 16:25:54 -04:00
Neil Lalonde
3708d47c87 Check daily if there are new users who need to be approved and send a pm to moderators 2013-08-26 16:16:27 -04:00
Robin Ward
2d45c56ba5 Replace Markdown Linebreak Regexp with node parser. 2013-08-26 15:21:23 -04:00
Robin Ward
7c07079ed9 Revert "FIX: Failing spec"
This reverts commit 2df2838f40.
2013-08-26 12:46:28 -04:00
Robin Ward
2df2838f40 FIX: Failing spec 2013-08-26 11:54:05 -04:00
Einar Jonsson
9085cec232 Move json hash from users controller to NicknameUnavailable 2013-08-26 15:00:11 +00:00
Sam
d0b4c751b7 fix facebook authenticator 2013-08-26 17:36:20 +10:00
Sam
322b5c236c queue emails right away if a user is not online, no point waiting. 2013-08-26 14:55:35 +10:00
Sam
bb3725cfca correct spec 2013-08-26 14:39:34 +10:00
Sam
818bf1355d PluginStore for plugin specific bits of storage
Amended plugin interfaces so they work with the vk sample
2013-08-26 12:59:17 +10:00
Sam
213ce33af2 Fixed all broken specs
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
af356e58d4 work in progress, get specs to work. 2013-08-26 12:59:17 +10:00
Sam
075002a6d5 refactoring the plugin interfaces to allow for better extensible 2013-08-26 12:59:17 +10:00
Sam
f87ba0d88f Merge pull request #1381 from einarj/test_nickname_hub_registration_failure
Added test case for nickname registration failure
2013-08-25 17:12:52 -07:00
Sam
e0c99196a8 Merge pull request #1383 from ZogStriP/add-max-image-height-site-setting
add max_image_height site setting
2013-08-25 17:11:48 -07:00
Régis Hanol
32f717420d add max_image_height site setting 2013-08-26 00:24:24 +02:00
Navin Keswani
d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Einar Jonsson
0d22a77c63 Added test case for nickname registration failure
* Also made a minor readability change by moving the auth.present? check
* from UsersController#create into #create_third_party_auth_records
* which is the method that relies on the check.
2013-08-25 20:18:07 +00:00
Régis Hanol
3b9e62e6b9 improved specs for avatar 2013-08-24 22:45:05 +02:00
Neil Lalonde
1ef9354e21 Remove enum setting spec since I don't think it's testing anything useful and it's causing random failures 2013-08-24 13:48:07 -04:00
Robin Ward
e9663e5338 Merge pull request #1332 from locks/user_email_observer
User email observer (Code Climate improvements)
2013-08-24 08:34:11 -07:00