David Taylor
52387be4a4
SECURITY: Add confirmation screen when logging in via email link
2019-06-17 16:18:37 +01:00
David Taylor
5f6f707080
Revert "Merge pull request from GHSA-hv9p-jfm4-gpr9"
...
This reverts commit b8340c6c8e
.
2019-06-17 16:17:10 +01:00
David Taylor
b8340c6c8e
Merge pull request from GHSA-hv9p-jfm4-gpr9
...
* SECURITY: Add confirmation screen when logging in via email link
* SECURITY: Add confirmation screen when logging in via user-api OTP
* FIX: Correct translation key in session controller specs
* FIX: Use .email-login class for page
2019-06-17 15:59:41 +01:00
Robin Ward
89e0d8c521
FIX: There is new behavior on a live site, staff are granted access.
2019-06-17 08:17:39 -04:00
Arpit Jalan
863d8014d0
FIX: respond with 400 error on invalid redirect param
2019-06-17 16:44:30 +05:30
Joffrey JAFFEUX
59e84e8e05
DEV: skip tests instead of commenting them ( #7774 )
2019-06-17 10:24:20 +02:00
Arpit Jalan
102be5a9e3
DEV: optimize fix for sub-categories not getting pre-filled.
2019-06-17 13:28:08 +05:30
tshenry
c909033f2b
Add plugin outlets to login/create-account modals ( #7770 )
2019-06-17 16:22:00 +10:00
Sam Saffron
10b94e4530
Attempt to get travis to run tests correctly
2019-06-17 16:14:26 +10:00
Sam Saffron
704c579550
FIX: do not allow unbound membership lookups
...
Previously we would allow looking up membership limits in an unbound way
via the API, this introduces an upper limit of 1000 per page.
2019-06-17 15:32:06 +10:00
Sam Saffron
fe4f0a4369
FIX: staged users should not be included in TL groups
...
staged users should not be included in any automatic groups cause for all
purposes they do not exist.
2019-06-17 15:10:47 +10:00
Joffrey JAFFEUX
32cd9ba59b
FIX: ensures local-dates modal is not taking full height on mobile ( #7772 )
2019-06-16 08:48:07 +02:00
Arpit Jalan
48b9e0d749
FIX: sub-categories was not getting selected for pre-filled topics
2019-06-15 13:46:15 +05:30
Kris
9cb656250d
FIX: Allow tall tables to scroll vertically on iOS
2019-06-14 14:26:59 -04:00
Penar Musaraj
4bbb43cb2b
DEV: pull plugin repos before linting them
2019-06-14 13:50:15 -04:00
Robin Ward
035e63c81f
FIX: Allow the clear callbacks to execute in acceptance tests
2019-06-14 13:29:13 -04:00
Penar Musaraj
73bce82c82
Exclude plugins from RuboCop checks
...
Since official plugins are now in the discourse_test image, rubocop catches issues in plugins.
This is a temporary measure.
2019-06-14 10:06:26 -04:00
Robin Ward
a8793d0d9a
REFACTOR: Test Memory Usage Fixes ( #7769 )
...
* Calling `Discourse.reset()` creates a new container
We should run our de-initializers only after acceptance tests,
since initializers are not run outside of acceptance tests anyway,
and the container at this point can be passed properly to the
`teardown()` method.
* Remove `Discourse.reset` from tests
This would cause a new container to be created which leaks many objects.
* `updateCurrentUser` is more accurate than `replaceCurrentUser`
2019-06-14 14:54:20 +02:00
Guo Xiang Tan
c3381b845b
DEV: Install diffy in production for rake posts:inline_uploads
task.
2019-06-14 14:42:53 +08:00
Guo Xiang Tan
77c06384c0
Fix the build.
2019-06-14 13:56:35 +08:00
Guo Xiang Tan
5d16d10a9e
DEV: Fix edge case for InlineUploads
.
2019-06-14 13:48:03 +08:00
Sam Saffron
ecb2fd8222
DEV: improve db:create to catch all cases
...
- No RAILS_ENV - create multisite / dev / test
- `test` RAILS_ENV - create multisite / test
2019-06-14 15:47:05 +10:00
Guo Xiang Tan
befb074c98
DEV: InlineUploads
should process CDN upload URLs as well.
2019-06-14 13:14:37 +08:00
Sam Saffron
a01488ae67
DEV: improve on rake db:create
...
Followup on 3af00a65
which broke build
2019-06-14 15:06:07 +10:00
Guo Xiang Tan
41abebcbce
DEV: Support both http
and https
for InlineUploads
.
2019-06-14 12:48:31 +08:00
Guo Xiang Tan
7bb94e8716
DEV: Increase wait duration between smoke test further during edit.
...
Otherwise, the app detects that we're replying too quickly.
2019-06-14 12:21:54 +08:00
Sam Saffron
3af00a65e6
FIX: site settings loading default values when no db
...
This fixes a condition where an intermittent db connection could cause
invalid site settings to be stored
It also removes a catch all we had.
Somewhere around Rails 5 `db:create` started wanting full environment
this is a problem for Discourse since it needs to boot up data from the
db.
This removes the catch all and surgically adds a db / redis bypass to
db:create task.
2019-06-14 14:21:07 +10:00
Sam Saffron
62f4284865
DEV: 302 status is normal in smoke test
...
Login can redirect there are potentially other cases
2019-06-14 14:21:07 +10:00
Guo Xiang Tan
eaa7527933
DEV: Switch posts:inline_uploads
scope to be more generic.
2019-06-14 11:53:34 +08:00
Guo Xiang Tan
c9db897777
FIX: Remove onebox src from Jobs::PullHotlinkedImages
.
...
The test that was added is incorrect because the post was not cooked.
2019-06-14 09:21:25 +08:00
Sam Saffron
457be89445
DEV: only skip migration if a non seeded upload exists
...
Followup to 667b9801
2019-06-14 09:52:02 +10:00
Sam Saffron
667b98017a
FIX: do not attempt to migrate pre-existing uploads
...
This makes this job re-runnable just in case cause it will skip creation
of new uploads if an upload already exists
2019-06-14 09:39:22 +10:00
Penar Musaraj
4182d8638c
Remove duplicate entry for discourse-yearly-review
2019-06-13 13:56:38 -04:00
Vinoth Kannan
35d6fff69e
PERF: use url instead of file key in temporary inventory table.
2019-06-13 22:03:58 +05:30
David Taylor
ed21128ee6
FIX: Do not change directory when decompressing S3 inventory
...
In sidekiq, jobs are run in multiple threads within the same process. `cd` affects the entire process, so can cause unexpected issues in other running jobs.
2019-06-13 17:13:50 +01:00
Penar Musaraj
66b15b9d87
DEV: support installing plugin gems in test images
...
- adds plugin:install_all_gems rake task
- adds UPDATE_ALL_PLUGINS env variable in docker:test
2019-06-13 09:58:57 -04:00
Arpit Jalan
efc05e7224
FIX: remove topic timer info on completion
2019-06-13 17:01:43 +05:30
Joffrey JAFFEUX
fbbce235ce
UX: improves change-timestamp modal ( #7766 )
2019-06-13 13:30:33 +02:00
Guo Xiang Tan
9bce3d5e65
DEV: Multisite support for rake posts:inline_uploads
.
2019-06-13 16:13:45 +08:00
Sam Saffron
215216df48
FIX: stop re-downloading backup maxmind
...
We omitted updating the mmdb_time which changed causing a constant
re-download of the maxmind db
2019-06-13 17:42:26 +10:00
Arpit Jalan
77f5577e30
DEV: Improvements to AnswerHub import script.
2019-06-13 11:46:17 +05:30
Sam Saffron
3ef4ae08f1
DEV: check for specifics when looking at ENABLE_LOGRAGE
...
prior to this change ENABLE_LOGRAGE=0 some_command would enable lograge
2019-06-13 15:59:20 +10:00
Guo Xiang Tan
9daed05ad0
Fix the build.
2019-06-13 13:53:43 +08:00
Guo Xiang Tan
7a0d031bc4
FIX: InlineUploads
matching on external bbcode img url.
2019-06-13 13:47:36 +08:00
Guo Xiang Tan
782e583844
FIX: Edge cases with markdown references for InlineUploads
.
2019-06-13 12:08:01 +08:00
Guo Xiang Tan
93c552afda
FIX: InlineUploads
does not correct urls with uppercase extension.
2019-06-13 11:19:33 +08:00
Sam
fa2a5f6f56
FEATURE: SKIP_DB_AND_REDIS env var ( #7756 )
...
Sometimes we would like to create a base image without any DB access, this
assists in creating custom base images with custom plugins that already
includes `public/assets`
Following this change set you can run:
```
SPROCKETS_CONCURRENT=1 DONT_PRECOMPILE_CSS=1 SKIP_DB_AND_REDIS=1 RAILS_ENV=production bin/rake assets:precompile
```
Then it is straight forward to create a base image without needing a DB or
Redis.
2019-06-13 12:58:27 +10:00
Guo Xiang Tan
5b55252e10
DEV: Add more wait between edit so we don't end up replying too quickly.
2019-06-13 09:14:17 +08:00
Penar Musaraj
e47ca6633b
DEV: Fix plugin:update_all task
...
Reenable subtask so it loops through all plugins.
Only run for plugins that are git repositories.
2019-06-12 17:21:56 -04:00
Maja Komel
b4686934dd
DEV: add spec for removed group bio
2019-06-12 18:03:29 +02:00