Commit Graph

196 Commits

Author SHA1 Message Date
Robin Ward
71f211f0b3 FEATURE: Allow users to select a badge with an image to appear on their
user card
2014-10-20 16:35:38 -04:00
Robin Ward
1cf4a0d604 Rename "User Expansion" to the much clearer "User Card" 2014-10-20 12:11:59 -04:00
Régis Hanol
10094a0bcd FIX: resolve flags as good when deleting a spam user 2014-10-20 16:59:06 +02:00
Robin Ward
4d465362b5 FEATURE: Allow a user to upload an image for their expansion background. 2014-10-16 15:05:36 -04:00
Robin Ward
f9a8f6d6ce FEATURE: Support for a required setting on user fields. 2014-10-08 15:10:19 -04:00
Sam
0e7be81e60 FIX: badge granted titles were not being revoked when badge was revoked 2014-10-08 10:26:18 +11:00
Robin Ward
381814fd5d Adds support for a description to user fields. 2014-10-02 15:56:52 -04:00
Arpit Jalan
41af2d79b5 add user email on account created page 2014-10-02 12:43:44 +05:30
Robin Ward
be93f224a6 Revert "add user email on account created page"
This reverts commit 164fc1108a.
2014-10-01 10:30:26 -04:00
Arpit Jalan
164fc1108a add user email on account created page 2014-10-01 13:53:50 +05:30
Robin Ward
edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
Régis Hanol
7e309a21cf FEATURE: hide emails behind a button for staff members 2014-09-29 22:31:05 +02:00
Sam
a901d682fe raise not found if user is not found 2014-09-25 17:45:45 +10:00
Sam
8f8ea735ee FIX: allow retry activation of account by username or password 2014-09-25 17:42:48 +10:00
Arpit Jalan
b3838c2c1c Trigger browser password manager after sigining up 2014-09-24 01:04:36 +05:30
Sam
7a4082cbad FIX: allow API to create users when invite_only is true 2014-09-23 09:06:19 +10:00
Neil Lalonde
c4e285f3ec SECURITY: rate limit change email requests 2014-09-18 10:48:56 -04:00
riking
2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Robin Ward
56eda5abf9 FIX: Don't allow profile bios longer than 3k chars 2014-09-08 15:23:21 -04:00
Robin Ward
c9262a8390 FIX: Resend activation email was busted 2014-08-28 12:07:13 -04:00
Robin Ward
ed125975a1 SECURITY: Prefix session key and validate token format. 2014-08-25 15:31:49 -04:00
Arpit Jalan
4cd8abc905 FEATURE: dynamically load invites 2014-08-05 22:20:23 +05:30
Neil Lalonde
939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde
01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Robin Ward
4f416bf6ce Check honeypot/challenge value on activation too 2014-07-15 14:07:35 -04:00
riking
915f60b0fc Don't redirect to login when activating account... 2014-07-15 10:50:28 -07:00
Neil Lalonde
766196af87 FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations 2014-07-14 15:42:22 -04:00
Robin Ward
cce7cf8c85 FEATURE: Require Javascript to activate an account via email link 2014-07-14 12:26:10 -04:00
Sam
4a2cc269ab FIX: allow selection of no title 2014-07-14 18:07:07 +10:00
Sam
833c50c460 FEATURE: Read Faq badge 2014-07-11 17:32:29 +10:00
Sam
9a9ad9bda8 FEATURE: Badge progress
- Refactor model so it stores backfill query
- Implement autobiographer
- Remove sample badge
- Correct featured badges to only include a badge once
2014-07-03 17:29:44 +10:00
Sam
5a0aed2bfa FIX: regression, forgot password broken
also... mocks were invented by the devil
2014-07-02 13:06:55 +10:00
Robin Ward
9000c358d1 REFACTOR: Use common path for RESTful DELETE action from upload image
component
2014-06-30 14:13:59 -04:00
Robin Ward
4088fba4f2 REFACTOR: Convert profile background uploader to be an ember component 2014-06-30 14:13:59 -04:00
Andrew Bezzub
386d1e231a move profile_background from User to UserProfile 2014-06-26 12:30:07 -04:00
riking
6e698315d6 Allow all /my URLs
Previously, URLs like /my/activity/posts were denied. This change allows those URLs.
2014-06-14 10:58:20 -07:00
Sam
91b6459f2b BUGFIX: allow users to pick no avatar 2014-05-30 14:45:55 +10:00
Sam
5adc486cef BUGFIX: missing avatars in topic map
Cleanup uneeded column
2014-05-29 14:59:14 +10:00
Sam
504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam
6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Neil Lalonde
6e0eb89697 Don't show suspended users in autocomplete fields unless you are staff 2014-05-13 11:44:15 -04:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Neil Lalonde
f61f29439e Track the ip address where user was registered 2014-04-29 14:37:56 -04:00
Vikhyat Korrapati
b4e037dfb2 Allow badges to be marked as "titleable". 2014-04-28 10:30:38 +05:30
Régis Hanol
64b8f2f759 TRIVIAL: remove puts statement (cc. @eviltrout) 2014-04-21 23:00:13 +02:00
Robin Ward
b9ca124756 Support for /my/preferences to automatically redirect to the logged in
user.
2014-04-21 11:52:11 -04:00
Vikhyat Korrapati
8113e8d897 Basic UI for selecting gold/silver badges as titles. 2014-04-18 09:20:51 +05:30
Régis Hanol
2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam
be06156629 SECURITY: when enabled_local_logins is false users could log in via API
thanks @Nicholas Blanco
2014-03-26 15:39:44 +11:00
Robin Ward
539890afdf Let's not show tons of extra information about invites unless you're the
person who invited them.
2014-03-21 14:16:11 -04:00
Sam
619fa50d4b BUGFIX: twitter auth asking for a password 2014-03-20 14:49:25 +11:00
Neil Lalonde
9ca516e58d Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.) 2014-03-12 12:39:36 -04:00
Johan Jatko
98c479c3c4 FEATURE: Profile Backgrounds
Shares a modified codebase with avatars called "user_image"
2014-03-05 15:10:44 +01:00
Neil Lalonde
8711762143 Users who have made no more than one post can delete their own accounts from their user preferences page. 2014-02-13 13:52:06 -05:00
Leonard Teo
c13aa8852b Whitelist :active param so that we can automatically create users that are active via API 2014-02-04 15:40:30 -05:00
Neil Lalonde
da825451d0 Invite link can't be used to log in after you set a password or sign in with 3rd party 2014-01-21 16:56:41 -05:00
Benjamin Kampmann
c743a985a4 Allow groups to be used as aliases for user mention
when configured by the admin a group can be found through the @mentions
feature in both the compose/reply and the private message user-selectors
and once selected the mention will be replaced by the list of users in
the group
2014-01-08 02:36:24 +11:00
Neil Lalonde
854d9c8fc6 Minimum password length is configurable with the min_password_length site setting. FIX: reset password needs to validate password length. 2013-12-19 16:15:47 -05:00
Sam
05a3c8090f Merge pull request #1658 from salbertson/sa-refactor-users-controller-create
Refactor UsersController#create
2013-12-12 22:16:50 -08:00
Neil Lalonde
561961eff6 FIX: can grant titles to regular users. Guardian initializer needs current_user, not the target user. 2013-12-10 12:46:35 -05:00
Scott Albertson
51eff92170 Refactor UsersController#create
* Simplify controller action
* Extract service classes
2013-12-05 10:11:16 -08:00
Neil Lalonde
981d8f6aea Signup form: prefill username if Discourse Hub has a match for the email address. Also, fix some bad specs in username_checker_service_spec that were passing... 2013-11-19 14:15:28 -05:00
Robin Ward
32a3da86da Merge pull request #1640 from salbertson/sa-refactor-users-controller-invites
Refactor UsersController#invited
2013-11-12 08:18:52 -08:00
Scott Albertson
77b59b54ce Refactor UsersController#invited
* Add test coverage
* Simplify controller action
* Move finder code to Invite class
2013-11-11 13:23:49 -08:00
railsaholic
58f78e9001 Refactor Users#upload_avatar method
Moved avatar file upload to ```AvatarUploadService``` class and
```AvatarUploadPolicy```

Address review comments + require missing file in spec
2013-11-11 23:21:14 +05:30
Sam
3473734af0 FIX: bust broken password 2013-11-11 22:28:26 +11:00
sirMackk
af67284995 User ctrl refactor - breaks up large methods, moves some logic into model
Includes missing methods from backup for travis to pass

fix missing code, failing specs

keep params handling in the controller.
2013-11-09 18:44:13 +05:30
Scott Albertson
72bfa4471f Move logic for updating a user into a service class 2013-11-07 08:39:39 -08:00
Robin Ward
25ef66c60b User invites page now has search, displays first invites_shown records 2013-11-05 17:53:26 -05:00
Robin Ward
3d6d7c8abe SiteSetting to hide regular names from users 2013-10-30 15:45:34 -04:00
Régis Hanol
9b2f821012 Merge pull request #1512 from ScotterC/avatar-from-url
Build out a URI Adapter to allow uploading an avatar via a url
2013-10-21 13:17:37 -07:00
Robin Ward
2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Scott Carleton
cbef844a57 Build out a URI Adapter to allow uploading an avatar via a url
Currently only really accessible via the API. The UriAdapter creates a
tempfile from a url and gives a ActionDispatch::HTTP::UploadedFile back
to the controller to process as normal.
This will help a lot in being able to transfer avatar urls from another
app without monkey patching a lot of discourse code.
2013-10-21 14:53:03 -04:00
Neil Lalonde
648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Manoj
868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
dbarbera
9106596a9a add image authorization on upload_avatar 2013-10-12 14:11:44 +02:00
Régis Hanol
23bf4436f5 FIX: avatar was attached to the user who uploaded it... 2013-10-12 10:55:41 +02:00
Sam
7993845bfa add current_user_provider so people can override current_user bevior cleanly, see
http://meta.discourse.org/t/amending-current-user-logic-in-discourse/10278
2013-10-09 15:11:54 +11:00
Sam
f0a122a66c move job files so they live underneath app/ and not in lib/
introduce new setting email_always, that will force emails to send to users regardless of presence on site
2013-10-01 17:04:02 +10:00
Matthieu Guillemot
3ba1f20674 New site settings to enable/disable the possibility of editing user's nickname or email address 2013-09-14 21:34:21 +09:00
Einar Jonsson
724b3aadcf Extracted nickname registration out of the UsersController and into its
own service.
2013-09-09 09:26:50 +00:00
Einar Jonsson
9085cec232 Move json hash from users controller to NicknameUnavailable 2013-08-26 15:00:11 +00:00
Sam
afd1a3ac7b yeah ... we should be installing the gem :) 2013-08-26 13:52:15 +10:00
Sam
b52aba15e0 major refactor of auth, break up the gigantic omniauth controller into sub classes for way better extensibitily 2013-08-26 12:59:17 +10:00
Sam
90dddb4395 store honeypot challenge in redis for extra security 2013-08-26 12:55:13 +10:00
Sam
c4a2e62a95 Merge pull request #1378 from justin808/justin808_cc
Lower Complexity of UsersController
2013-08-25 17:14:39 -07:00
Einar Jonsson
0d22a77c63 Added test case for nickname registration failure
* Also made a minor readability change by moving the auth.present? check
* from UsersController#create into #create_third_party_auth_records
* which is the method that relies on the check.
2013-08-25 20:18:07 +00:00
Robin Ward
b32e87c929 Merge pull request #1377 from ZogStriP/avatar-work
Improved specs for avatar + added a warning whenever the uploaded image is not a square
2013-08-25 07:30:34 -07:00
Justin Gordon
464595df5c Lower Complexity of UsersController
https://codeclimate.com/github/discourse/discourse/UsersController#method-complexity
2013-08-24 22:57:12 -10:00
Régis Hanol
3b9e62e6b9 improved specs for avatar 2013-08-24 22:45:05 +02:00
Einar Jonsson
84987cd835 Extracted nickname registration into a private controller method 2013-08-23 09:46:33 +00:00
Einar Jonsson
916a3f33f2 Refactored user activation business logic out of UsersController and
into a UserActivator class.
2013-08-21 09:22:34 +00:00
Michael Kirk
4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol
ea6e73076b change your avatar in a modal 2013-08-17 00:35:29 +02:00
Robin Ward
aec929b184 Screw it, don't choose columns. 2013-08-14 12:26:31 -04:00
Robin Ward
a05ffafd4c FIX: Direct link to Avatar 2013-08-14 12:22:44 -04:00
Régis Hanol
4866f4d8f5 FIX: N+1 query for avatars 2013-08-14 15:25:05 +02:00
Régis Hanol
3524b90d6a FIX: avatars in quotes/oneboxes
Avatars in quotes/oneboxes are still pointing to the old
`/users/:username/avatar(/:size)` route.
So, this adds back the old avatar route for the transition period.
2013-08-14 12:20:05 +02:00
Régis Hanol
c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Neil Lalonde
b36c6d7b78 Users cannot change their own username after 3 days since registering. Site setting username_change_period allows you to change the number of days. 2013-08-12 14:55:09 -04:00