riking
2c6d03f87f
SECURITY: Limit passwords to 200 characters
...
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Sam
6d5e6b3e33
FIX: max 1 day of view time per topic
...
we were overflowing ints in some conditions and flooding error logs
2014-09-12 16:59:43 +10:00
Sam
0f585bcdbe
FIX: PM should never be allowed to have a category
...
FIX: TL3 should not be allowed to muck with PM titles
2014-09-11 17:39:34 +10:00
Sam
42104685f7
FIX: badge flood
2014-09-11 13:34:19 +10:00
Sam
43e132d5a6
FEATURE: sharing badges (nice share, good share, great share)
...
FIX: bad translation
2014-09-11 13:10:37 +10:00
Sam
7f3797b635
FEATURE: Nice Topic, Good Topic and Great Topic badges
...
Note we will revoke all old badges post badges that went to post #1
and instead get topic badges
2014-09-11 12:36:37 +10:00
Régis Hanol
18f8038015
FEATURE: add new 'convert to staff message' in post wrench menu
2014-09-10 23:08:33 +02:00
Régis Hanol
8f45091ba5
FIX: don't try to feature a topic more than once per category
2014-09-10 16:18:28 +02:00
Sam
ca2100d012
PERF: work around LIMIT breaking query plan
...
(CTE is a optimisation boundary, so limit no longer has any effect on plan)
2014-09-10 22:19:49 +10:00
Sam
91dcc56fb3
Revert "PERF: avoid OR in complex query"
...
This reverts commit a8dc6daa38
.
2014-09-10 17:10:57 +10:00
Sam
a8dc6daa38
PERF: avoid OR in complex query
...
10x perf improvement on front page for sitepoint
2014-09-10 16:33:39 +10:00
Régis Hanol
598a3f3e10
FIX: 'disable_edit_notifications' will only disable revisions made by the system user
2014-09-09 18:56:04 +02:00
Régis Hanol
7f498a8795
FIX: N+1 query on /categories page
2014-09-09 15:32:58 +02:00
Robin Ward
56eda5abf9
FIX: Don't allow profile bios longer than 3k chars
2014-09-08 15:23:21 -04:00
Robin Ward
4f6b9815ae
FEATURE: List moderator warnings on admin dashboard
2014-09-08 13:25:02 -04:00
Robin Ward
334e21a03a
Revert "Revert "FEATURE: Can create warnings for users via PM""
...
This reverts commit 1c7559380c
.
2014-09-08 11:11:56 -04:00
Robin Ward
1c7559380c
Revert "FEATURE: Can create warnings for users via PM"
...
This reverts commit b0bfc1f93f
.
2014-09-08 10:38:59 -04:00
Robin Ward
b0bfc1f93f
FEATURE: Can create warnings for users via PM
2014-09-08 10:27:06 -04:00
Gerhard Schlager
970aafecb4
FIX: Some default group names could not be translated
2014-09-07 14:48:03 +02:00
Neil Lalonde
ca5f361d0a
FEATURE: restrict admin access based on IP address
2014-09-05 12:06:01 -04:00
Sam
59d04c0695
Internal renaming of elder,leader,regular,basic to numbers
...
Changed internals so trust levels are referred to with
TrustLevel[1], TrustLevel[2] etc.
This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Jeff Atwood
fcca64c0cf
rename site settings for trust levels as numbers
2014-09-04 13:16:51 -07:00
riking
54484ca18a
"FIX": Add error reporting to NotifyMailingListSubscribers
...
Also skip unactivated users, which may actually fix this
2014-09-03 14:53:05 -07:00
Robin Ward
b04a52676e
FIX: Don't show wrong flag choices after undo
2014-09-02 17:37:54 -04:00
Sam
22fbae8556
Merge pull request #2674 from akshaymohite/optimization-fixes
...
renamed unused variables properly
2014-09-02 08:22:43 +10:00
Sam
e0c8abc911
Merge pull request #2717 from riking/badge-solid
...
Admin badge interface improvements
2014-09-02 08:21:06 +10:00
riking
808460a28f
Fix magic numbers, extra param references
2014-08-31 19:36:31 -07:00
Kamil Bielawski
bf679f1626
FIX: destroy CategoryGroup when Category or Group is destroyed
2014-08-31 22:10:38 +02:00
riking
1833b43ae2
FEATURE: Badge query validation, preview results, and EXPLAIN
...
Upon saving a badge or requesting a badge result preview,
BadgeGranter.contract_checks! will examine the provided badge SQL for
some contractual obligations - namely, the returned columns and use of
trigger parameters.
Saving the badge is wrapped in a transaction to make this easier, by
raising ActiveRecord::Rollback on a detected violation.
On the client, a modal view is added for the badge query sample run
results, named admin-badge-preview.
The preview action is moved up to the route.
The save action, on failure, triggers a 'saveError' action (also in the
route).
The preview action gains a new parameter, 'explain', which will give the
output of an EXPLAIN query for the badge sql, which can be used by forum
admins to estimate the cost of their badge queries.
The preview link is replaced by two links, one which omits (false) and
includes (true) the EXPLAIN query.
The Badge.save() method is amended to propogate errors.
Badge::Trigger gets some utility methods for use in the
BadgeGranter.contract_checks! method.
Additionally, extra checks outside of BadgeGranter.contract_checks! are
added in the preview() method, to cover cases of null granted_at
columns.
An uninitialized variable path is removed in the backfill() method.
TODO - it would be nice to be able to get the actual names of all
columns the provided query returns, so we could give more errors
2014-08-31 11:25:44 -07:00
Neil Lalonde
ec42b61a4d
FIX: suspended users cannot be trust level 3
2014-08-29 12:33:34 -04:00
riking
3396e6fea3
Centralize MessageBus post updates
...
After this change, only two files directly publish to MessageBus with a
topic interpolated in the channel: Post and TopicUser.
2014-08-28 20:40:36 -07:00
Sam
8ab9c57ca5
Merge pull request #2707 from eyalev/rtl-email
...
Enable RTL direction in emails.
2014-08-29 09:54:57 +10:00
Sam
5b696ca25a
Merge pull request #2708 from Wilhansen/sso_override_avatar
...
Fix SSO avatar downloading issues.
2014-08-29 09:53:48 +10:00
Neil Lalonde
14890a6002
FEATURE: add a way to map arbitrary urls to a topic, post, or category. Useful for sites that have migrated to Discourse and want to redirect from their old site to Discourse with 301 redirects.
2014-08-28 15:58:24 -04:00
Robin Ward
69cb5bc425
FIX: Centralize Top rendering, remove old code paths. Fix some bugs.
2014-08-28 14:34:31 -04:00
Robin Ward
0ae3c327de
Add a message to the staff logs indicating why a user was purged
2014-08-27 16:05:07 -04:00
Neil Lalonde
99d26cef1a
FIX: uncategorized counts were always 0. topics_year, topics_month, topics_week, topics_day
2014-08-27 15:58:32 -04:00
Wilhansen Li
bba3f7c0ac
Fix SSO avatar downloading issues.
...
* Follow redirects when downloading SSO avatars.
* Add proper image ext. to downloaded SSO avatars.
2014-08-27 21:35:54 +08:00
Eyal Levin
e0c2f3df3a
Enable RTL direction in emails.
2014-08-27 14:38:03 +03:00
Sam
87d2be3ecf
FIX: ensure triggered badges are never triggered if filter is missing
2014-08-27 18:02:13 +10:00
Sam
898d86fd9b
correct annotations
2014-08-27 15:30:17 +10:00
Sam
414c6d191f
FIX: remove nullable dates post upgrade to Rails 4
2014-08-27 15:19:25 +10:00
Sam
1ccfb4fa20
FIX: crashing job
2014-08-26 16:22:13 +10:00
Robin Ward
ed125975a1
SECURITY: Prefix session key and validate token format.
2014-08-25 15:31:49 -04:00
Neil Lalonde
bbb358b356
Add likes given and likes received requirement for being TL3. Configure with site settings leader_requires_likes_given and leader_requires_likes_received.
2014-08-22 17:33:39 -04:00
Neil Lalonde
00c28f2391
Show total likes given. Put likes given/received and flags given/received together.
2014-08-22 15:23:19 -04:00
Neil Lalonde
dafc63e3a0
Show how many likes users received in the last 100 days on their admin profile page
2014-08-22 14:37:07 -04:00
Neil Lalonde
5454c1ed24
Updated model anotations
2014-08-22 13:01:44 -04:00
Sam
c865bf0d71
Merge pull request #2670 from Wilhansen/sso_override_avatar
...
Implement SSO overriding avatars.
2014-08-22 10:22:06 +10:00
Robin Ward
506dca6d4e
FIX: Moving posts was not updating reply_count
and
...
`reply_to_post_number` so reply linkage was broken.
2014-08-20 14:15:23 -04:00