Commit Graph

13372 Commits

Author SHA1 Message Date
Sam
0c03ccb01e FEATURE: allow plugins to transform, the transformed post
This allows plugins to amend posts prior to rendering.
2017-03-07 17:12:31 -05:00
Sam
99f4d5082b FIX: Improve token rotation and increase logging
- avoid access denied on bad cookie, instead just nuke it
- avoid marking a token unseen for first minute post rotation
- log path in user auth token logs
2017-03-07 13:27:43 -05:00
Sam
9f8cfee450 remove dupe code, correct logging logic 2017-03-07 13:27:43 -05:00
Robin Ward
42fd4f987e When viewing yourself, default to activity, not summary. 2017-03-07 12:03:05 -05:00
Neil Lalonde
d95e4102c1 FIX: tags created in secured categories should not be forbidden outside those categories 2017-03-07 11:46:46 -05:00
Robin Ward
dad57fa033 FIX: More errors with non-ascii URLs 2017-03-07 11:21:41 -05:00
Guo Xiang Tan
d1e587c10a Merge pull request #4737 from oblakeerickson/approve_invited_user
FIX: approve invited user
2017-03-07 21:14:34 +08:00
Guo Xiang Tan
60b7453f3f FIX: Do not trigger fullpage search when selecting autocomplete term with enter. 2017-03-07 11:56:40 +08:00
Guo Xiang Tan
f3a7e398ca Merge pull request #4717 from cpradio/autocomplete-search
FEATURE: Autocomplete support on search
2017-03-07 06:40:45 +08:00
Sam
443bce6466 add a descriptive comment 2017-03-06 15:15:07 -05:00
Sam
3227d79430 FIX: extra-nav-item outlet no longer adds a DIV to UL
This amends the extensibility on navigation bar so extra nav items are not
added to a DIV nested into the UL, instead the LIs are rendered as usual
2017-03-06 15:00:13 -05:00
Robin Ward
3905778fc0 FIX: Put back the back button fix again. 2017-03-06 12:24:27 -05:00
Rafael dos Santos Silva
c3477cd40d Merge pull request #4716 from discourse/bounced_emails_details
FEATURE: Allow checking the raw response of a bounced email
2017-03-06 13:30:19 -03:00
Régis Hanol
0abe433495 Merge pull request #4736 from techAPJ/group-bulk-add
FIX: grant trust level when bulk adding users to group
2017-03-06 12:43:26 +01:00
Guo Xiang Tan
1e8573ac75 Merge pull request #4738 from rimian/patch-4
less restrictive to allow plugin outlets
2017-03-06 17:25:18 +08:00
Guo Xiang Tan
7d82a53dfe FIX: Group#name is case insensitive. 2017-03-06 17:24:03 +08:00
Arpit Jalan
d5bcc70e9c FIX: grant trust level when bulk adding users to group 2017-03-06 14:39:53 +05:30
Guo Xiang Tan
66b5f97743 Merge pull request #4739 from tgxworld/fix_cant_recover_a_topic_that_belongs_to_a_deleted_user
Fix cant recover a topic that belongs to a deleted user
2017-03-06 15:12:54 +08:00
Guo Xiang Tan
8aea3caf00 FIX: Ensure that we only move posts that belong to the original topic. 2017-03-06 15:04:10 +08:00
Guo Xiang Tan
477eb0591e FIX: Posts in a deleted topic couldn't be moved.
https://meta.discourse.org/t/moving-posts-to-new-topic/58436/4
2017-03-06 14:56:20 +08:00
Rimian Perkins
95f7b60212 less restrictive to allow plugin outlets
for extra-nav-items
2017-03-06 14:38:57 +11:00
Blake Erickson
dbb3ddc7a6 FIX: approve invited user
This commit fixes the case where invited users who typed in a password
would not be approved by default. Because we moved the user create logic
for an invited user there was a clash with the `save` in the user model
and the `save` in the invite_redeemer class.

- added approve logic into invite_redeemer class.
- added tests to verify that the user is approved
- added a check to see if must_approve_users is on
- added a check to see if the inviter is staff
- go ahead and approve the user if must_approve_users is off
- keep existing User.approve workflow if user exists
- improve if/else logic to remove duplicate code
- use `Time.zone.now`
2017-03-05 06:58:23 -07:00
Guo Xiang Tan
08ffbf6c61 Use Time.zone.now instead. 2017-03-05 11:10:40 +08:00
Neil Lalonde
9c7a02192a FIX: flag action buttons are missing when visiting flags from the hamburger menu 2017-03-04 11:36:58 -05:00
cpradio
3eb51f0d77 FIX: Make it a tad bit harder to accidentally redirect to full page search while autocomplete is open 2017-03-03 22:48:28 -05:00
Sam
3e3fdfc717 FEATURE: plugin can now extend list of classes for topic-post 2017-03-03 16:57:25 -05:00
Sam
31a81d4eee FEATURE: allow for for empty description in list 2017-03-03 16:13:05 -05:00
Sam
c99f4260c0 Merge pull request #4729 from tgxworld/dont_mark_user_as_valid
FIX: Don't mark user as `active` if verified email is different.
2017-03-03 15:57:30 -05:00
Neil Lalonde
6aab8cb331 FEATURE: new category setting for whether to show latest topics or top topics by default 2017-03-03 11:30:44 -05:00
Guo Xiang Tan
bcf634ca85 Merge pull request #4728 from nbianca/username-regex
Add support for username regex.
2017-03-03 22:59:23 +08:00
Rafael dos Santos Silva
aac4a4ed94 Handle invalid parameters and missing bounced emails 2017-03-02 20:37:28 -03:00
Sam
abc4dff0fe FEATURE: add bumped_before query param for topic list 2017-03-02 15:11:50 -05:00
Neil Lalonde
ca20cb9941 FEATURE: subcategories can be discovered by web crawlers on page 1 of the parent category topics list 2017-03-02 15:06:56 -05:00
Sam
4dac4c69a6 FEATURE: add before topic list filter 2017-03-02 14:54:33 -05:00
Neil Lalonde
7496f373cd add headline itemprop to DiscussionForumPosting for crawlers 2017-03-02 12:35:50 -05:00
Neil Lalonde
797313a28d FIX: subcategories need the num featured topics setting too 2017-03-02 11:31:28 -05:00
Sam
7431c30c1f Correct test and remove uneeded outlet 2017-03-02 09:17:14 -05:00
Bianca Nenciu
30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Guo Xiang Tan
442bef2df9 Merge pull request #4706 from gsambrotta/add-name-search-dropbox
FEATURE: Add user name in search results
2017-03-02 15:22:15 +08:00
Guo Xiang Tan
3d347fb9c4 FIX: Don't mark user as active if verified email is different. 2017-03-02 14:24:30 +08:00
Sam
dbfea9b5b0 correct refactor 2017-03-01 18:26:26 -05:00
Guo Xiang Tan
f5bf6256a9 Merge pull request #4732 from nbianca/typo
Fixed typo.
2017-03-02 06:02:43 +08:00
Sam
c79b146283 FEATURE: make list controller a bit more extensible 2017-03-01 16:41:09 -05:00
Sam
f0b79cf54b FEATURE: Add outlet for messages nave extension 2017-03-01 16:41:09 -05:00
Bianca Nenciu
2c22a7f78b Fixed typo. 2017-03-01 23:02:29 +02:00
Neil Lalonde
d848916357 FEATURE: Greek language support, thanks to Vasilis Vlachokyriakos 2017-03-01 15:52:55 -05:00
Sam
7895b71817 move to use let, missed a spot 2017-03-01 15:15:36 -05:00
Neil Lalonde
262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
Sam
ca951f2cf2 FIX: render custom tag extensions even when tags disabled 2017-03-01 13:38:44 -05:00
Sam
89bd538742 add callback priority to tags html 2017-03-01 12:56:45 -05:00
Blake Erickson
0b81a93020 Merge pull request #4718 from oblakeerickson/email_discourse_backups
FEATURE: further restrict downloading of backups
2017-03-01 08:57:44 -07:00
Sam
8c8de1c2d4 FEATURE: addUserMenuGlyph extensibility point 2017-03-01 10:32:01 -05:00
Blake Erickson
80858bae2c FEATURE: further restrict downloading of backups
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
cpradio
4c7a21c76e FEATURE: Autocomplete support on advanced search
PERF: Extract autocomplete initialization to a function
PERF: Create a REGEXP_TAGS_REPLACE regex to remove a chained .replace call

FIX: autocomplete positioning

FIX: Collapsing/Expanding Advanced Search doesn't wipe out Advanced Search Terms from search query.

FIX: Populate Category when query/search term is updated

FIX: Using enter to complete autocomplete doesn't automatically send you to full page search
2017-03-01 10:25:49 -05:00
giorgia
d308638a18 create searchResultUserSerializer, display name next to username in search results 2017-03-01 13:11:01 +01:00
Régis Hanol
b20b568039 FIX: allow for empty translated strings 2017-03-01 11:30:44 +01:00
Arpit Jalan
e27b1b98d1 FIX: handle new user when logging name change 2017-03-01 13:43:57 +05:30
Guo Xiang Tan
112ca20c96 Merge pull request #4675 from tgxworld/fix_polls_forever_broken_if_approval_required
FIX: Polls permanently broken if post requires approval.
2017-03-01 12:56:03 +08:00
Guo Xiang Tan
76dd6933d2 Revert "Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."""
This reverts commit e6d75f6844.

This is why we should not be pushing directly to master.
2017-03-01 10:16:59 +08:00
Sam
f918951d42 FEATURE: clean up tags extensibility
centralizes all logic for topic tag rendering and provides API for extension
2017-02-28 17:08:43 -05:00
Robin Ward
e863d66e33 FIX: Back button was broken after clicking flags in hamburger 2017-02-28 13:53:48 -05:00
Sam
122fb8025d FIX: last seen date erroneously updated when browser in background
In some cases user may be "last seen" even though browser tab is in
the background or computer is locked
2017-02-28 12:35:10 -05:00
Neil Lalonde
292dd8623c Merge pull request #4622 from dmacjam/master
FEATURE: Append tags bulk action for topics
2017-02-28 11:36:58 -05:00
Sam
3ac4709903 FIX: on initial token issue stop unmarking token as unseen
prev and current are the same so we need special logic to bypass
2017-02-28 10:38:22 -05:00
Sam
ffd8fa7481 FEATURE: move_to_inbox and archive_message events 2017-02-28 09:56:41 -05:00
Régis Hanol
5738253998 FIX: locale fallback with pluralized strings 2017-02-28 10:02:29 +01:00
Guo Xiang Tan
54577db8a4 Don't assign variable when not required to do so. 2017-02-28 14:14:57 +08:00
Guo Xiang Tan
e6d75f6844 Revert "Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email.""
This reverts commit 0e3def7d2b.
2017-02-28 11:27:14 +08:00
Sam
1e980ad4e6 Merge pull request #4721 from oblakeerickson/sort_admin_users_api
FEATURE: Add order logic to admin users controller
2017-02-27 16:13:42 -05:00
Robin Ward
b2b7f4d905 FIX: Query parameters were not being cleared when changing filtering. 2017-02-27 15:49:14 -05:00
Neil Lalonde
cfedbad0e9 FIX: hamburger shouldn't show subcategories if show_subcategory_list is enabled on the parent 2017-02-27 15:34:07 -05:00
Arpit Jalan
6661cebff8 FIX: do not log duplicate username changes 2017-02-28 01:32:00 +05:30
Arpit Jalan
b32d3d66e5 FEATURE: log all username and name changes 2017-02-28 00:23:27 +05:30
Robin Ward
0e3def7d2b Revert "SECURITY: Ensure oAuth authenticated email is the same as created user's email."
This reverts commit 1060239e2d.
2017-02-27 13:19:26 -05:00
Robin Ward
bf9626d031 FIX: Embedding was broken with non-english URLs and ports 2017-02-27 12:17:52 -05:00
Arpit Jalan
877957ae88 Merge pull request #4715 from techAPJ/login-per-ip
FEATURE: new site setting for max logins per ip per hour/minute
2017-02-27 18:24:53 +05:30
Arpit Jalan
cba51e1c38 FEATURE: new site setting for max logins per ip per hour/minute 2017-02-27 16:58:03 +05:30
Guo Xiang Tan
0e8c849572 UX: "See more" on not found page should redirect to /top. 2017-02-27 13:33:19 +08:00
Guo Xiang Tan
ac37bd3dbc FIX: Search menu results does not refresh when search context is changed. 2017-02-27 12:23:41 +08:00
Guo Xiang Tan
758e3e52f7 FIX: Mobile topic timeline broken on Chrome 56.
* See https://developers.google.com/web/updates/2017/01/scrolling-intervention.
  From Chrome 56 onwards, `touchstart` event listeners are treated as passive
  by default which does not call `preventDefault` resulting in the page
  scrolling when topic timeline handle is being dragged.
2017-02-27 11:39:57 +08:00
Sam Saffron
7e8f0dc967 FIX: attempt to handle ios edge case where token is seen but unsaved
This relaxes our security in the following way

- prev auth token is always accepted as long as rotation
date is within our window of SiteSetting.maximum_session_age.hours
(previously old token expired within a minute of new one being seen)

- new auth token is marked unseen if we are presented with an old token
after we already saw new one

This attempts to fix an issue where ios webkit is not committing new cookies
2017-02-26 17:09:57 -05:00
Blake Erickson
0a41da6bad FEATURE: Add order logic to admin users controller
Added order and direction parameters for sorting admin user pages. This
commit only includes backend api changes.

https://meta.discourse.org/t/make-admin-users-list-sortable-suggestion/47649

Now you can pass in `order` and `asc` parameters to the
`/admin/users/list/<query>.json` endpoint.

Example:

`/admin/users/list/active.json?&order=post_count` which defaults to desc

and

`/admin/users/list/active.json?order=post_count&asc=true`
2017-02-24 17:11:17 -07:00
Régis Hanol
fdf749770b remove unecessary '.limit(1)' 2017-02-24 12:56:13 +01:00
Régis Hanol
a2c04be718 FIX: eradicate I18n fallback issues 💣
FIX: client's translation overrides were not working when the current locale was missing a key
FIX: ExtraLocalesController.show was not properly handling multiple translations
FIX: JsLocaleHelper#output_locale was not properly handling multiple translations

FIX: ExtraLocalesController.show's spec which was randomly failing
FIX: JsLocaleHelper#output_locale was muting cached translations hashes

REFACTOR: move 'enableVerboseLocalization' to the 'localization' initializer
REFACTOR: remove unused I18n.js methods (getFallbacks, localize, parseDate, toTime, strftime, toCurrency, toPercentage)
REFACTOR: remove all I18n.pluralizationRules and instead use MessageFormat's pluralization rules

TEST: add tests for localization initializer
TEST: add tests for I18n.js
2017-02-24 11:31:21 +01:00
Guo Xiang Tan
1060239e2d SECURITY: Ensure oAuth authenticated email is the same as created user's email. 2017-02-24 13:13:10 +08:00
Guo Xiang Tan
0847b4258a Revert "SECURITY: Ensure that user has been authenticated."
This reverts commit fbe51d68a7.

Changing the commit message to correctly reflect what we're actually
fixing.
2017-02-24 13:12:29 +08:00
Guo Xiang Tan
fbe51d68a7 SECURITY: Ensure that user has been authenticated. 2017-02-24 10:47:48 +08:00
Sam Saffron
3754b038e8 fix brotli origin 2017-02-23 18:26:40 -05:00
Sam
f15f61da0a FEATURE: add immutable caching to rails site of things 2017-02-23 13:05:00 -05:00
Jeff Atwood
ad6cb3c638 force all iOS editors to minimum height for compat 2017-02-22 16:56:19 -08:00
Jeff Atwood
22fc761cc3 tweak iOS composer heights a bit 2017-02-22 15:48:39 -08:00
Neil Lalonde
c00ffabac3 search scope checkbox is default checked for your messages too 2017-02-22 17:45:12 -05:00
Neil Lalonde
0551b3f5ee FEATURE: replace emoji with unicode in title and description meta tags 2017-02-22 16:24:13 -05:00
Sam Saffron
0fc2b64f65 attempt 2 at adjusting class definition so its more easily extensible 2017-02-22 14:18:43 -05:00
Sam Saffron
08d56952df revert change, it is required 2017-02-22 14:10:55 -05:00
Sam Saffron
d0d60ffa89 make is slightly easier to extend 2017-02-22 14:06:18 -05:00
Neil Lalonde
57784ddf2b remove unused setting import 2017-02-22 13:05:57 -05:00
Rafael dos Santos Silva
5296f00c28 FEATURE: Allow checking the raw response of a bounced email 2017-02-22 14:51:33 -03:00
Neil Lalonde
00700da6b8 remove null class 2017-02-22 12:23:45 -05:00
Neil Lalonde
53ec4c44f4 FIX: N+1 in topic_list 2017-02-22 12:20:50 -05:00
Neil Lalonde
a702330ccd FEATURE: make show_subcategory_list a per-category setting 2017-02-22 11:42:36 -05:00
Arpit Jalan
2f657b0e32 FIX: do not refresh staff action logs every time the page is loaded 2017-02-22 17:25:39 +05:30
Arpit Jalan
213a496203 FIX: show all staff events related to the target user 2017-02-22 13:31:40 +05:30
Jeff Atwood
c191e2e84c more conservative editor heights on iOS 2017-02-21 16:25:46 -08:00
Neil Lalonde
c94fdcea38 FIX: admin dashboard posts count should not include system posts and whispers 2017-02-21 14:45:41 -05:00
Arpit Jalan
c216f59eaa fix the build 2017-02-22 00:43:37 +05:30
Sam Saffron
ce7c3bfc14 FIX: refresh header if message bus updates topic 2017-02-21 11:43:44 -05:00
Arpit Jalan
046cbad10b FEATURE: add a button on admin user page that links to action log 2017-02-21 21:38:37 +05:30
Neil Lalonde
b19dfba497 FIX: tag link in breadcrumbs on subfolder installs 2017-02-21 10:41:08 -05:00
Arpit Jalan
068ce19ae2 FEATURE: linked topics should be rendered under posts for crawlers 2017-02-21 12:43:24 +05:30
Neil Lalonde
1dda998a4e FEATURE: search should default scope to current category or user 2017-02-20 17:02:02 -05:00
Neil Lalonde
476ae57af3 FEATURE: primary group class on avatars in topic list 2017-02-20 15:55:10 -05:00
Jakub Macina
4a2f13348a ADD: Append tags bulk action for topics 2017-02-20 18:14:32 +01:00
Neil Lalonde
aa2c527c60 Remove "From" from every post in Popular Posts section of summary emails 2017-02-20 11:04:12 -05:00
Régis Hanol
3ce3abef8f FIX: add Content-Disposition and Content-Type headers when downloading attachments 2017-02-20 15:59:01 +01:00
Régis Hanol
fd62909819 UX: prevent post submission when uploading 2017-02-20 15:12:33 +01:00
Régis Hanol
97116c9276 Merge pull request #4714 from gdpelican/expose-safari-ua
Allow access to safari hack applicable function
2017-02-20 14:58:33 +01:00
James Kiesel
7dc0e11360 Rename exported function 2017-02-21 02:53:16 +13:00
Régis Hanol
f51e3b2131 FIX: should not be able to rename a system badge 2017-02-20 14:35:05 +01:00
James Kiesel
ffe41c9ae8 Allow access to safari hack applicable function 2017-02-21 02:32:01 +13:00
Régis Hanol
cb99f59ec3 reset bounce score when email is successfully changed 2017-02-20 10:37:01 +01:00
Victor van Poppelen
b501c3c6c6 desktop/topic.scss: fix responsive width
#topic-closing-info max-width fix for responsive issues below 757px
2017-02-19 18:30:19 -08:00
Neil Lalonde
a6ebe495bf FEATURE: links that can't have no onebox can be used as featured topic links 2017-02-17 18:35:19 -05:00
Robin Ward
bebc55eebd FIX: Users page wasn't loading more on mobile 2017-02-17 16:36:45 -05:00
Robin Ward
41db9e0d94 FIX: Silence CSS errors in Safari 2017-02-17 16:21:35 -05:00
Sam
1b6a801d35 forgot import 2017-02-17 16:17:44 -05:00
Sam
7d8a11f636 Add header-topic-info:after-tags extension point 2017-02-17 15:59:52 -05:00
Robin Ward
e62c0a42fa FIX: Support multiple embeddable host records with the same host 2017-02-17 12:41:34 -05:00
Sam
1935f624b8 FEATURE: reset active record cache in sidekiq if needed
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Neil Lalonde
3fb50d587d FIX: invited users and new TL1 users will see their first notification highlighted 2017-02-17 10:30:29 -05:00
Jeff Atwood
a6dd1a2cd4 onebox last para needs less bottom margin 2017-02-16 15:39:46 -08:00
Neil Lalonde
868c489d5e FIX: plugin outlets in navigation bar need to be li elements instead of div and span 2017-02-16 15:08:13 -05:00
Neil Lalonde
6bb9c5ceee remove old code for global username registry 2017-02-16 13:06:37 -05:00
Régis Hanol
269f6e8c30 UX: top referrers headings are not numbers 2017-02-16 15:58:45 +01:00
Jeff Atwood
1444025e9c remove CSS table layout from user prefs page 2017-02-16 02:01:20 -08:00
Jeff Atwood
e6c6a9e2d3 minor user card spacing tweak 2017-02-16 01:49:29 -08:00
Jeff Atwood
34223dca4e minor CSS fix for custom user fields on user cards 2017-02-16 01:45:20 -08:00
Jeff Atwood
311b983c59 minor copyedit 2017-02-16 01:31:21 -08:00
Neil Lalonde
3e4dd513c9 show that password is optional on label 2017-02-15 19:59:16 -05:00
Jeff Atwood
f831e92c42 copyedit to improved invite page 2017-02-15 16:11:34 -08:00
Sam Saffron
040e10a627 reduce duplication 2017-02-15 17:27:10 -05:00
Neil Lalonde
4b28bfaa15 Merge pull request #4710 from ento/fix-s3-config-check
FIX: admin dashboard shouldn't complain when using IAM profile for S3 access
2017-02-15 17:02:07 -05:00
Neil Lalonde
d0fbb27f3e FEATURE: new invite acceptance page, where username can be chosen and password can be set 2017-02-15 16:51:57 -05:00
Sam
3818c196e0 remove disallowed params 2017-02-15 16:47:14 -05:00
Sam
023bd0e9e7 FEATURE: allow client side of topic list to accept custom params
- Also normalize API version to use a version comparison function instead of float
2017-02-15 16:14:43 -05:00
Sam
74d4209d24 FEATURE: allow plugins to register custom topic list filters 2017-02-15 15:25:43 -05:00
Sam
9c51e3e8e7 amend preloader api to supply topic list 2017-02-15 12:04:02 -05:00
Sam
2c59ffeb2c FIX: token rotation not accounting for overlapping tokens correctly
also... freeze_time has no block form, correct all usages and specs
2017-02-15 10:58:18 -05:00
Marica Odagaki
a9a585f66a Use && and || consistently so that there's less chance of copy paste errors in the future 2017-02-15 00:25:49 -08:00
Marica Odagaki
3bb1b98b0e FIX: admin dashboard shouldn't complain when using iam profile for s3 access
Previous code wasn't working as intended because it was parsed as

    (bad_keys = (access_key or secret_key)) and !use_iam_profile

because of Ruby's operator precedence: `=` binds more eagerly than `and`.

http://ruby-doc.org/core-2.3.1/doc/syntax/precedence_rdoc.html

See also: https://github.com/bbatsov/ruby-style-guide#no-and-or-or
2017-02-15 00:22:14 -08:00