github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-01-19 23:22:55 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
26,546 Commits 214 Branches 500 Tags 960 MiB
97e19a7d02
Commit Graph

4717 Commits

Author SHA1 Message Date
Gerhard Schlager
97e19a7d02 Fix the build 2018-02-21 11:26:41 +01:00
Guo Xiang Tan
c7c8f38eac Use proper encoding for email fixtures. 2018-02-21 17:06:35 +08:00
Vinoth Kannan
1446753fd2 FIX: Include deleted topics in the post serializer 2018-02-21 14:31:52 +05:30
Guo Xiang Tan
b16471edfb FIX: Invalid token error incorrectly displayed on email login page. 2018-02-21 15:46:53 +08:00
Guo Xiang Tan
8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login 
Featheredtoast two factor login
 2018-02-21 15:00:10 +08:00
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Arpit Jalan
94fb8094c6 further optimize spec 
thanks @tgxworld for the review.
 2018-02-21 11:32:40 +05:30
Robin Ward
5c40ae9e63 FIX: Links in quotes should be counted for rate limits 2018-02-20 20:42:01 -05:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP 
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
 2018-02-21 09:04:07 +08:00
Guo Xiang Tan
b6e82815bd Fix rspec description. 2018-02-21 09:02:42 +08:00
Robin Ward
3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Régis Hanol
0799831dbe FIX: use the avatar of the post rather than the topic in local oneboxes 2018-02-20 19:49:39 +01:00
Arpit Jalan
a4bc54a686 FIX: strip zero width spaces from topic title 2018-02-21 00:12:39 +05:30
Arpit Jalan
ed422285f0 optimize spec 2018-02-20 22:03:13 +05:30
Sam
86d12bd44b FEATURE: search within title using in:title 
Also

- Significantly improved search ranking, title is treated most strongly
- Adds tag names to the index
- Run search re-indexer more aggressively
- Re-index topic and all posts on category change
 2018-02-20 14:41:21 +11:00
Régis Hanol
6b67192d99 fix the build 2018-02-19 22:52:54 +01:00
Régis Hanol
60ec483caa FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
Arpit Jalan
c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
Gerhard Schlager
b6277e208b FIX: Cookies header didn't have the right format 2018-02-19 12:46:57 +01:00
OsamaSayegh
f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364) 
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
 2018-02-19 10:44:24 +01:00
Leo McArdle
5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Régis Hanol
61930e092a FIX: support incoming emails with just an attachment 2018-02-16 18:14:56 +01:00
Sam
cda3f72ab8 SECURITY: don't onebox whispers 2018-02-16 08:57:20 +11:00
Sam
57e140dc07 FIX: oneboxing to private messages 2018-02-16 08:00:22 +11:00
Sam
e456ae1b6c Revert "Upgrade mail gem to drop dependency on mime-types." 
This reverts commit 498cc15aa9.

Noticed a certain amount of extra allocations due to this upgrade,
reverting to confirm if this is the case
 2018-02-16 07:04:22 +11:00
Régis Hanol
8e0da35857 FIX: allow local oneboxes to public topics/posts in PM 2018-02-15 18:14:41 +01:00
Arpit Jalan
c66405df7e correct spec description 2018-02-15 17:49:57 +05:30
Guo Xiang Tan
498cc15aa9 Upgrade mail gem to drop dependency on mime-types. 
Boot Memory Usage

```
Total allocated: 225695379 bytes (1990663 objects)
Total retained:  32795116 bytes (291607 objects)
```

```
Total allocated: 218342892 bytes (1897350 objects)
Total retained:  30123426 bytes (261198 objects)
```
 2018-02-15 16:24:26 +08:00
Sam
94b2c70c0d PERF: remove oga gem 
oga gem is automatically required by the aws gem
the oga gem retains about 1mb of memory, aws now uses nokogiri

This also removes the html normalize from the pretty text specs that was
a fair bit buggy as the polls test shows.
 2018-02-15 14:36:40 +11:00
Robin Ward
b4aa0b096e FIX: Couldn't like staff when allow_flagging_staff was set 2018-02-14 15:46:04 -05:00
Arpit Jalan
f07b1a5c05 FIX: activate user even if email token is already confirmed 2018-02-14 20:44:48 +05:30
Sam
38f4acd55a FIX: rate limiter text is confusing, should not say daily 
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
 2018-02-14 15:29:50 +11:00
Sam
f028ffaf29 SECURITY: correct local onebox category checks 
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
 2018-02-14 10:40:46 +11:00
Gerhard Schlager
5a56746610 FIX: Embedded topic was not found when URL contained query string 2018-02-14 00:28:30 +01:00
Robin Ward
7348513848 FIX: Include post in staff action logs when silencing a user 2018-02-13 15:59:10 -05:00
Erick Guan
03b3e57a44 FEATURE: login by a link from email 
Co-authored-by: tgxworld <tgx@discourse.org>
 2018-02-13 16:14:39 +08:00
Maja Komel
1c27d93dcf anonymous shadow users are approved on creation if must_approve_users is enabled (#5569) 2018-02-13 01:58:38 -05:00
Vinoth Kannan
e924de71e7 Spec test to make sure we do not skip trashed post 2018-02-13 12:23:47 +05:30
Muhlis Cahyono
cc3cf6588b FEATURE: Notification API Endpoints for Admins 
* create/update/delete notification api with external url
* remove external url feature
* Fix Travis CI build error (add new line)
* Fix Travis CI build error
 2018-02-13 01:38:26 -05:00
Robin Ward
4c9959f795 FIX: Don't allow silenced users to reach TL3 2018-02-12 17:20:11 -05:00
Neil Lalonde
1bafbc8c5c
Merge pull request #5576 from discourse/top-tags 
PERF: a faster way to count tags used per category
 2018-02-12 16:25:18 -05:00
Robin Ward
4dfe659189 Rename allow staff flags to allow flagging staff 2018-02-12 15:27:26 -05:00
Neil Lalonde
76c309fe6b PERF: a faster way to count tags used per category 2018-02-12 15:16:47 -05:00
Robin Ward
6287631745 FEATURE: New site setting, allow staff flags, false by default 
For some large communities, it makes sense to disable flagging of
staff posts.
 2018-02-12 14:56:21 -05:00
Robin Ward
cee3337357 Don't allow users to auto-hide staff posts 2018-02-09 19:53:58 -05:00
Robin Ward
569e57f0a9 FIX: Delete the invalid auth cookie even if you hit the rate limit 2018-02-09 19:09:54 -05:00
Robin Ward
5466389f4e FIX: Consider oneboxes links wrt to min_trust_level_to_post_links 2018-02-08 18:27:40 -05:00
Robin Ward
dedeb2deb8 FIX: Don't show the link button in the composer if linking is disabled 2018-02-08 12:56:10 -05:00
Gerhard Schlager
0ecdf90023 FIX: Validations could prevent moving posts 2018-02-08 13:36:13 +01:00
Gerhard Schlager
8ab6689f43 FIX: Preserve original date when moving first post 2018-02-08 12:55:32 +01:00