Commit Graph

59 Commits

Author SHA1 Message Date
Robin Ward
5f01814397 FIX: Handle nil case for avatar, just in case 2019-10-28 11:30:34 -03:00
Robin Ward
afea20953f FIX: Broken certificates 2019-10-24 14:13:27 -03:00
Roman Rizzi
3a73f29928 FIX: Rate limit and hijack certificate generation. (#8215)
To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.
2019-10-22 15:39:58 -03:00
Krzysztof Kotlarek
5bcc1c1cd5 FIX: Narrative Bot certificates are ERB templates (#8174)
There are at least two ways of rendering templates outside of the controller. The first one is Rails way enabled with Rails 5 https://evilmartians.com/chronicles/new-feature-in-rails-5-render-views-outside-of-actions
The downside of this method is that all variables need to be passed as params (I could find a way to pass the whole context)

Another way is to use instance_eval described in Erubi documentation
https://github.com/jeremyevans/erubi#usage - it works perfectly fine, however, I didn't feel very confident about using eval unless necessary.

An additional benefit of using `ApplicationController.render` is that if Rails would change the ERB engine in the future, this code should still work.

If you want to test it on your local, you need to be signed in and then that two URLs are generating certificates:
http://localhost:3000/discobot/certificate.svg?date=Oct+07+2019&type=standard&user_id=1
http://localhost:3000/discobot/certificate.svg?date=Oct+07+2019&type=advanced&user_id=1

Dev: https://dev.discourse.org/t/discourse-narrative-bot-should-not-be-storing-giant-strings/17130
2019-10-22 15:39:42 -03:00
Gerhard Schlager
b788948985 FEATURE: English locale with international date formats
Makes en_US the new default locale
2019-05-20 13:47:20 +02:00
Guo Xiang Tan
c00dab89e4 Fix the build take 2. 2019-05-13 11:22:48 +08:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan
c72f16d927 Follow up to 329969ea20. 2019-05-08 15:36:12 +08:00
Guo Xiang Tan
329969ea20 FIX: Discobot mention tutorial should be case insensitive. 2019-05-07 10:54:22 +08:00
Guo Xiang Tan
61cc0f8c5f Follow up to 152238b4cf. 2019-05-07 09:57:27 +08:00
Guo Xiang Tan
152238b4cf DEV: Prefer public_send over send. 2019-05-07 09:33:21 +08:00
Tim Lange
d5d784b9f2 FIX: Narration Bot now gets site setting for automatic post deletion (#7432) 2019-04-25 07:29:20 +08:00
Robin Ward
fd6513b516 FIX: Incorrect API in narrative bot 2019-03-28 14:29:33 -04:00
Robin Ward
b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
Guo Xiang Tan
6fde58ff90 FIX: Make Discobot image tutorial accept URL that points to images. 2018-11-15 10:52:18 +08:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
Gerhard Schlager
24e5be3f0c FIX: Relative links in translations should work with subfolder 2018-11-08 23:31:05 +00:00
Vinoth Kannan
9a0e4eec16 REFACTOR: discobot/TL4 :off_topic flag will hide the post 2018-10-11 17:12:35 +05:30
Guo Xiang Tan
b5b4e2602a Formatting fixes. 2018-09-07 10:21:11 +08:00
Guo Xiang Tan
c1c9637b39 Skip Discobot flag tutorial if allow_flagging_staff is disabled.
https://meta.discourse.org/t/interacting-with-discobot/96574
2018-09-07 08:33:27 +08:00
Guo Xiang Tan
ff0979553d Skip discobot mention tutorial if mentions are disabled. 2018-08-23 14:58:07 +08:00
Guo Xiang Tan
038de4e037 FIX: Incorrect title on new user narrative cert. 2018-08-20 11:26:20 +08:00
Guo Xiang Tan
ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Guo Xiang Tan
9f873fa66c FIX: Invalid setex expire time in DiscourseNarrativeBot::Actions#reset_rate_limits. 2018-05-25 16:02:15 +08:00
Michael Brown
b01a4c0ada lint: fix whitespace 2018-03-27 12:11:17 -04:00
Michael Brown
ed4d7ae1b9 FIX: discobot fails when max_emojis_in_title=0 (#5710)
* If discobot is enabled but max_emojis_in_title==0,
  try to strip emoji from the title when creating a new post
2018-03-27 18:00:29 +02:00
Régis Hanol
0187423c68
FIX: discobot certificate description wasn't escaped 2018-03-27 17:57:53 +02:00
Guo Xiang Tan
2f65393706 REFACTOR: Use Topic#private_message? to reduce duplication. 2018-03-05 15:39:22 +08:00
Guo Xiang Tan
d80aca0484 FIX: Don't start discobot poll tutorial if polls are disabled.
https://meta.discourse.org/t/discobot-dont-take-users-through-the-poll-tutorial-if-its-not-enabled/76604/3
2017-12-22 15:46:46 +08:00
Guo Xiang Tan
32171ad286 FIX: Invalid logo in discobot's certificate when SiteSetting.logo_small_url is blank.
https://meta.discourse.org/t/broken-image-in-discobot-certificate-with-no-logo-small-url/76594/2
2017-12-22 09:36:53 +08:00
Guo Xiang Tan
ee1b90503c FIX: Error when an invalid date is passed to certificate generator.
https://meta.discourse.org/t/broken-image-in-discobot-certificate-with-no-logo-small-url/76594/2
2017-12-22 09:36:52 +08:00
Guo Xiang Tan
6cb29e3e20 Remove custom symlinks in discourse-narrative-bot. 2017-10-10 13:46:58 +08:00
Guo Xiang Tan
950fa9e3a8 FIX: Skip trigger match should be case insensitive.
https://meta.discourse.org/t/discobot-not-skipping-tutorial/68498
2017-08-22 07:45:46 +09:00
Guo Xiang Tan
0eb7159e51 UX: Discobot advanced tutorial certificate does not work with dark theme.
https://meta.discourse.org/t/discobot-assets-certificate-svg/65523/11?u=tgxworld
2017-07-31 15:27:47 +09:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Guo Xiang Tan
78bb367b0a FIX: Discobot's certificate shouldn't blow up on non 200 response.
https://meta.discourse.org/t/discobot-assets-certificate-svg/65523/6
2017-07-14 15:16:29 +09:00
Guo Xiang Tan
f1141ee4f6 Revert "Convert emoji keywords in bot narrative to use native characters."
This reverts commit bfc4f15b93.

* Transifex doesn't like those unicode strings.
2017-07-14 11:27:15 +09:00
Guo Xiang Tan
bfc4f15b93 Convert emoji keywords in bot narrative to use native characters.
* Makes the narrative work even when emoji is disabled.
2017-07-13 16:04:35 +09:00
Guo Xiang Tan
c049e18203 FEATURE: Allow tutorials to declare prerequisite before it starts. 2017-07-13 15:12:45 +09:00
Neil Lalonde
d1d43ff5d9 FIX: report discobot messages as system messages instead of user-to-user 2017-07-12 16:00:18 -04:00
Guo Xiang Tan
e7571d1c5d Merge pull request #4933 from tgxworld/use_username_in_cert
FIX: Use username in bot's certificate.
2017-06-19 07:24:55 +09:00
Guo Xiang Tan
f8a46c510f FIX: Recover post tutorial does not work when SiteSetting.delete_removed_posts_after is 0. 2017-06-16 13:03:34 +09:00
Guo Xiang Tan
716b0235f9 FIX: Use username in bot's certificate.
* The default name generated can be weird sometimes.
2017-06-16 10:32:43 +09:00
Guo Xiang Tan
e888369f51 UX: Don't send emails for discobot notifications. 2017-06-12 17:00:27 +09:00
Guo Xiang Tan
a7ed6bd9e1 Use User#username_lower instead. 2017-06-12 10:58:31 +09:00
Guo Xiang Tan
977bbb1f45 FIX: Bot mentioned check should be case insensitive. 2017-06-08 19:00:07 +09:00
Guo Xiang Tan
17c29c972b Move the constant as well. 2017-06-06 15:38:26 +09:00
Guo Xiang Tan
c1dc6f6cd7 FIX: Track should only continue if user is alone with bot in a PM. 2017-06-06 09:47:00 +09:00
Guo Xiang Tan
30f2758404 FIX: Ensure that we cancel any timeout jobs when terminating a track. 2017-06-05 16:23:25 +09:00
Guo Xiang Tan
3621647fb5 FIX: Bot should only respond to regular posts. 2017-06-05 15:21:19 +09:00