Commit Graph

418 Commits

Author SHA1 Message Date
Robin Ward
e4287d9de9 FIX: Resend activation email was busted 2014-09-16 10:24:02 -04:00
riking
3d3313d5ee SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:21:06 -04:00
Robin Ward
9ad246affe SECURITY: Only redirect to our host by path on the login action 2014-08-28 17:57:38 -04:00
Robin Ward
8d68e67fc5 Merge pull request #2693 from riking/sorted_badges
Fix the tests
2014-08-25 16:10:37 -04:00
riking
7317c6ed6a Fix tests for new route 2014-08-25 13:07:22 -07:00
Robin Ward
ed125975a1 SECURITY: Prefix session key and validate token format. 2014-08-25 15:31:49 -04:00
Régis Hanol
d7f8146a17 FIX the build 2014-08-20 19:20:29 +02:00
Neil Lalonde
d273374f1a FIX: before nuking a user, do a real count of posts instead of relying on user_stat record 2014-08-18 12:07:29 -04:00
Sam
e0a82d3088 FIX: rate limit password reset email 2014-08-18 10:55:30 +10:00
Arpit Jalan
d0736a06b6 FEATURE: export user list 2014-08-15 01:46:57 +05:30
Régis Hanol
6201b82a67 FIX: keep the post_number parameter when redirecting to proper slug 2014-08-13 22:19:41 +02:00
Robin Ward
9a1580244a FIX: Don't show profile pages for inactive users and don't show them in
search results.
2014-08-13 13:30:25 -04:00
Sam
f4b2a83f29 remove broken spec 2014-08-08 09:15:52 +10:00
Régis Hanol
3ae1ebdfc3 FIX: use PostDestroyer when deleting/recovering a topic 2014-08-07 19:12:35 +02:00
Arpit Jalan
262d4b2fa6 add test for email parameter fix 2014-08-06 20:36:06 +05:30
Sam
cb0ecd9ff1 PERF: store topic views in a topic view table
* cut down on storage of the work Topic, 3 times per row (in 2 indexes)
* only store one view per user per topic
* only store one view per ip per topic
2014-08-04 19:07:55 +10:00
Sam
0920c4bea6 PERF: reduce storage requirements for incoming links
Only store incoming links for topics.
2014-08-04 11:06:48 +10:00
Sam
5a3466a6c3 FIX: keep correct ordering on admin badges 2014-07-30 08:46:59 +10:00
Robin Ward
2096861d79 FIX: Response is no longer forbidden with JSON errors for changing trust
level.
2014-07-29 16:10:04 -04:00
Robin Ward
7cc4a157f6 Merge pull request #2603 from techAPJ/patch-1
FEATURE: allow staff to send multiple invites to same email
2014-07-29 14:58:39 -04:00
Arpit Jalan
f571abfaaf FEATURE: allow staff to send multiple invites to same email 2014-07-30 00:13:11 +05:30
Sam
c96a84456d FIX: broken tests 2014-07-29 16:36:52 +10:00
Régis Hanol
bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
Sam
1a6aa07611 FEATURE: editable badge groups 2014-07-27 18:22:01 +10:00
Régis Hanol
3d6e2713d1 BUGFIX: login was broken when login was required 2014-07-26 23:16:08 +02:00
Neil Lalonde
5a33e6f00c Move FAQ, Terms of Service, and Privacy Policy into topics in the Staff category. First post of those topics will be rendered on their respective pages. Site settings and content are not used for these documents anymore. Translations of the default text is moved into the standard YML files. 2014-07-25 14:41:20 -04:00
Sam
0f9678fe49 FIX: faster update of all badges
Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden

Delta badge grant happens once a minute, backed by redis
2014-07-23 11:46:07 +10:00
Robin Ward
fb8dda7f42 FIX: We should use category_id instead of category_name to perform
operations, now that the subcategory names are not unique.
2014-07-16 15:40:35 -04:00
Régis Hanol
7dcf2a2c4f FEATURE: show the user's flagged/deleted posts 2014-07-16 21:04:55 +02:00
Neil Lalonde
939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde
01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Robin Ward
f2dd35ab08 Improve the unsubscribe to digest experience. Give a link in case it
fails, provide a different message if you are logged in as a different
user, increase expiry to 2 months from 1 week.
2014-07-15 17:20:59 -04:00
Robin Ward
6d7531f690 Merge pull request #2542 from techAPJ/patch-1
FEATURE: topic support in disposable invites
2014-07-15 15:15:19 -04:00
Robin Ward
4f416bf6ce Check honeypot/challenge value on activation too 2014-07-15 14:07:35 -04:00
Arpit Jalan
8862a881f8 FEATURE: topic support in disposable invites 2014-07-15 23:11:06 +05:30
Neil Lalonde
766196af87 FEATURE: add site setting allow_new_registrations which can be used to block all new account registrations 2014-07-14 15:42:22 -04:00
Robin Ward
cce7cf8c85 FEATURE: Require Javascript to activate an account via email link 2014-07-14 12:26:10 -04:00
Robin Ward
c12780eb2b Merge pull request #2538 from techAPJ/patch-1
FEATURE: disposable invite tokens
2014-07-14 12:13:44 -04:00
Arpit Jalan
575b5e3d13 FEATURE: disposable invite tokens 2014-07-14 21:30:46 +05:30
Régis Hanol
b5c57fa947 FIX: don't mess with fixtures when running the specs 2014-07-14 17:34:23 +02:00
Sam
88469721b9 FEATURE: Allow admins to disable specific badges 2014-07-14 17:40:36 +10:00
Sam
6618358586 FIX: dupe protection is API only now
make optional later on (was introduced for wordpress plugin)
2014-07-14 15:59:58 +10:00
riking
783454ebe1 Fix /p/post/user route not saving referrals
Make user id optional for /p/id/uid
Add /posts/id/raw route for debugging failed post processing
2014-07-11 14:44:07 -07:00
Sam
8fcc019ff8 FIX: only allow badge title selection if it exists 2014-07-09 15:31:49 +10:00
Régis Hanol
59b5ba7c0f BUGFIX: IP lookup wasn't working when using HTTPS
REFACTOR: the ip locator into a ip-lookup component
2014-07-07 22:18:18 +02:00
Sam
7909ca2a17 fix spec 2014-07-05 09:13:53 +10:00
Sam
5a0aed2bfa FIX: regression, forgot password broken
also... mocks were invented by the devil
2014-07-02 13:06:55 +10:00
Robin Ward
e22688a204 FEATURE: Can upload images to categories 2014-06-30 14:14:00 -04:00
Robin Ward
9000c358d1 REFACTOR: Use common path for RESTful DELETE action from upload image
component
2014-06-30 14:13:59 -04:00
Robin Ward
4088fba4f2 REFACTOR: Convert profile background uploader to be an ember component 2014-06-30 14:13:59 -04:00