Commit Graph

1754 Commits

Author SHA1 Message Date
Robin Ward
570e3b3e79 SECURITY: Stripping links could unescape html fragments 2014-09-17 12:09:06 -04:00
Robin Ward
e4287d9de9 FIX: Resend activation email was busted 2014-09-16 10:24:02 -04:00
riking
3d3313d5ee SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:21:06 -04:00
Robin Ward
9ad246affe SECURITY: Only redirect to our host by path on the login action 2014-08-28 17:57:38 -04:00
Robin Ward
55249750ff FIX: Some specs were leaking state, causing other tests to run in
different languages and randomly failing with some seeds.
2014-08-26 12:29:46 -04:00
Robin Ward
8d68e67fc5 Merge pull request #2693 from riking/sorted_badges
Fix the tests
2014-08-25 16:10:37 -04:00
riking
7317c6ed6a Fix tests for new route 2014-08-25 13:07:22 -07:00
Robin Ward
ed125975a1 SECURITY: Prefix session key and validate token format. 2014-08-25 15:31:49 -04:00
Régis Hanol
77ba2015eb FEATURE: new disable_emails site setting 2014-08-23 11:07:37 +02:00
Neil Lalonde
bbb358b356 Add likes given and likes received requirement for being TL3. Configure with site settings leader_requires_likes_given and leader_requires_likes_received. 2014-08-22 17:33:39 -04:00
Robin Ward
e8cade40c7 Improve search results by introducing an aggregate post search data
filter. It seems performant despite the extra content being searched.
2014-08-22 16:56:26 -04:00
Sam
ac4f6d9c97 Merge pull request #2647 from riking/multiple-addresses
Allow processing of email sent to multiple addresses
2014-08-22 10:32:42 +10:00
riking
5ae0b9ba42 Remove debugging prints 2014-08-21 17:29:33 -07:00
Robin Ward
268ea0206e FIX: Broken locale specs 2014-08-20 15:01:31 -04:00
Robin Ward
506dca6d4e FIX: Moving posts was not updating reply_count and
`reply_to_post_number` so reply linkage was broken.
2014-08-20 14:15:23 -04:00
Régis Hanol
d7f8146a17 FIX the build 2014-08-20 19:20:29 +02:00
Neil Lalonde
96eecf18ef FIX: moving a post to a topic with a deleted post should use correct post_number. Was getting unique index violation on (topic_id, post_number). 2014-08-20 12:28:53 -04:00
Robin Ward
6ef85ea014 UX: Don't highlight the latest poster in the topic list if there is only
one avatar shown.
2014-08-20 12:09:39 -04:00
Neil Lalonde
2672857aee FIX: public_user_custom_fields are returned by UserSerializer 2014-08-19 11:05:44 -04:00
Régis Hanol
f2b0228164 FIX: unhide post when a moderator undos the flag on which s/he took action 2014-08-19 16:14:17 +02:00
Sam
85317e7658 unhack spec 2014-08-19 20:57:34 +10:00
Sam
76e74f6a3b Workaround: Make sure this spec can not hang our spec suite 2014-08-19 17:44:20 +10:00
Sam
cb686792df FIX: add safety so sidekiq can no longer be paused indefinitely
If the process pausing sidekiq dies sidekiq will come out of pause mode
2014-08-19 14:04:58 +10:00
Neil Lalonde
d273374f1a FIX: before nuking a user, do a real count of posts instead of relying on user_stat record 2014-08-18 12:07:29 -04:00
Neil Lalonde
1445ad61da FIX: case-insensitive category lookup when creating topics 2014-08-18 11:07:49 -04:00
Régis Hanol
d7b1313d5e FEATURE: acting on a flag should not post an automated status message if you already replied to it 2014-08-18 17:00:14 +02:00
Akshay
fa8d18fb97 updated test with proper change of Rails.env during test 2014-08-18 15:38:25 +05:30
Sam
5193c9fd16 FIX: ensure consistency on topic featured users 2014-08-18 17:13:32 +10:00
Sam
e0a82d3088 FIX: rate limit password reset email 2014-08-18 10:55:30 +10:00
Robin Ward
0ce2df36e0 Merge pull request #2662 from techAPJ/patch-3
FEATURE: add additional fields in user list export
2014-08-15 16:03:16 -04:00
Arpit Jalan
8d7f4c1944 FEATURE: add additional fields in user list export 2014-08-16 00:39:28 +05:30
Neil Lalonde
2f32af3941 FIX: staff should be able to edit topics that have been archived 2014-08-15 12:45:05 -04:00
Sam
347aa343b0 fix spec, I don't agree with allowing mods and staff to edit this 2014-08-15 12:56:03 +10:00
Robin Ward
167f393a03 Merge pull request #2655 from techAPJ/patch-3
FEATURE: export user list
2014-08-14 17:19:49 -04:00
Robin Ward
6e67fab9aa Merge pull request #2656 from akshaymohite/optimization-fixes
Avoid using to_s when performing String Interpolation
2014-08-14 17:17:57 -04:00
Arpit Jalan
d0736a06b6 FEATURE: export user list 2014-08-15 01:46:57 +05:30
Neil Lalonde
658cdd2c9e FIX: PostDestroyer needs to update user stats. Delete All Posts button was broken, making it impossible to delete users. 2014-08-14 15:21:16 -04:00
Akshay
7ef61144e7 Avoid using to_s when performing String Interpolation 2014-08-14 23:55:27 +05:30
Neil Lalonde
5caf72510c Prevent deleting the static page doc topics 2014-08-13 17:03:45 -04:00
Régis Hanol
6201b82a67 FIX: keep the post_number parameter when redirecting to proper slug 2014-08-13 22:19:41 +02:00
Robin Ward
74d9293ca9 FIX: Allow duplicate slugs when the parent category is not the same 2014-08-13 14:45:25 -04:00
riking
90091972b9 Use same reply-to format in all email fixtures 2014-08-13 11:43:49 -07:00
riking
cce8b4720a Have reciever handle multiple To addresses 2014-08-13 11:43:49 -07:00
Robin Ward
3c6673aceb Purge inactive accounts that are older than 7 days 2014-08-13 14:13:41 -04:00
Robin Ward
9a1580244a FIX: Don't show profile pages for inactive users and don't show them in
search results.
2014-08-13 13:30:25 -04:00
Sam
1baa55fe45 FIX: preview bust when no params 2014-08-13 12:25:56 +10:00
Robin Ward
c74550fbad Merge pull request #2644 from xfix/y3k
Year 3000 problem while displaying thread pins.
2014-08-12 12:20:10 -04:00
Neil Lalonde
e40e9351f6 FIX: don't allow same category name with different case 2014-08-12 11:40:33 -04:00
Konrad Borowski
3189296e5f
Fix ordering of posts in posts in order unit test. 2014-08-12 10:31:21 +02:00
Konrad Borowski
3e5ff66bed
Add unit tests for testing if infinity as highest_date works. 2014-08-12 09:51:54 +02:00