Commit Graph

468 Commits

Author SHA1 Message Date
Sam
5ff857d770 remove theme yaml from UI, it only causes troubles 2018-03-09 11:01:46 +11:00
OsamaSayegh
282f53f0cd FEATURE: Theme settings (2) (#5611)
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward
556ab8480e FIX: ESlint 2018-02-13 16:06:40 -05:00
Robin Ward
713993d150 UX: Link post ids in staff action logs to the post 2018-02-13 15:59:10 -05:00
Robin Ward
34ed6088b9 FEATURE: New modal to show flags received for a user 2018-01-17 15:08:08 -05:00
Arpit Jalan
b7ba490df7 FIX: graphs should go to zero for missing dates 2018-01-15 10:16:34 +05:30
Guo Xiang Tan
f7642e076d REFACTOR: Avoid duplicated logic on server and client. 2017-11-21 17:10:04 +08:00
Robin Ward
971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Robin Ward
41c3941c4c FEATURE: Support regular expressions for watched words 2017-09-27 15:48:57 -04:00
Robin Ward
d1ebc62065 The ability to display errors on flagging actions. 2017-09-25 12:28:01 -04:00
Robin Ward
09ed2ed749 Add Suspend User to flags page 2017-09-25 12:28:00 -04:00
Robin Ward
079f108ceb UX: Improve interface for flagging with many flaggers 2017-09-25 12:28:00 -04:00
Robin Ward
677b016387 Send a suspension message via email to a user 2017-09-25 12:26:41 -04:00
Robin Ward
2a56cf8bb6 Tests + Refactoring for Suspension Modal 2017-09-25 12:26:06 -04:00
Robin Ward
6e48884274 Extract out common "cancel" link functionality from modals 2017-09-25 12:25:15 -04:00
Robin Ward
d7c37d9369 Add front end service for staff controls 2017-09-25 12:25:14 -04:00
Robin Ward
5cf50f0034 Adjust flagged posts to use the store 2017-09-25 12:25:14 -04:00
Robin Ward
cc1a461254 Convert flags admin to flexbox 2017-09-25 12:25:14 -04:00
Robin Ward
1af4acbb3d Add tests to flagged topics 2017-09-25 12:25:14 -04:00
Robin Ward
be0eb0a554 Refactor flagged posts into components 2017-09-25 12:25:14 -04:00
Robin Ward
40eba8cd93 FEATURE: View flags grouped by topic 2017-09-25 12:25:14 -04:00
Guo Xiang Tan
3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Erick Guan
468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Neil Lalonde
ec85b41078 UX: Move watched words to the Logs section of admin 2017-07-31 17:06:50 -04:00
Robin Ward
5b590b9637 REFACTOR: Replace some fa-* uses with helpers 2017-07-27 14:55:41 -04:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan
2a17f1ccd7 FIX: Group owners should be able to invite users to their groups.
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Robin Ward
c53eeaaa68 REFACTOR: Remove requirejs calls 2017-07-05 17:24:27 -04:00
Robin Ward
754c1e5438 Upgrade to Babel 6 2017-07-05 15:25:23 -04:00
Robin Ward
f6222ff225 FIX: Populate the Email Digest preview with the current username 2017-06-28 15:38:57 -04:00
Sam
607998af33 FEATURE: dropdown to filter staff action logs 2017-05-30 11:25:42 -04:00
Neil Lalonde
a0f03936ff FIX: saving invisible primary group field that you don't belong to 2017-05-17 12:46:50 -04:00
Sam
a5c4ddd334 oops my linter is not running automatically 2017-05-10 16:09:33 -04:00
Sam
bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Sam
a9b953ac5a FIX: on create you could not add a theme component 2017-04-20 17:37:13 -04:00
jomaxro
b3eef0513f Remove console logging 2017-04-20 16:08:16 -04:00
Sam
7eabb90b71 FEATURE: added error messages for bad theme CSS / JS 2017-04-19 16:46:46 -04:00
Sam
c5ee448713 FEATURE: Only show overridden option for theme css
also fixes bad styling of mobile glyph
2017-04-19 15:24:00 -04:00
Sam Saffron
a19c02f0d3 FEATURE: allow copying of color schemes to clipboard 2017-04-18 09:37:55 -04:00
Sam
5e3a0846f7 FEATURE: allow themes to share color schemes 2017-04-17 15:56:24 -04:00
Sam
a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Robin Ward
17f2974d0a SECURITY: Confirm new administrator accounts via email 2017-04-04 15:59:01 -04:00
Robin Ward
14410b71fb Convert server side paths to use /u/ 2017-03-30 10:23:24 -04:00
Guo Xiang Tan
3ef82bb32c SECURITY: CSRF vulnerabilities in Admin::BackupsController. 2017-03-23 10:29:35 +08:00
Rafael dos Santos Silva
5296f00c28 FEATURE: Allow checking the raw response of a bounced email 2017-02-22 14:51:33 -03:00
Guo Xiang Tan
4a7d6ea751 Make eslint happy. 2017-01-09 11:24:55 +08:00
Guo Xiang Tan
c260a4e34d FIX: Can't add categories when creating a new web hook. 2017-01-09 11:22:35 +08:00
Claas Augner
9710b04c31
UX: Add icon for bookmarks report 2017-01-05 02:07:38 +01:00
Régis Hanol
c302ffe08f FIX: buttons in user admin page weren't working 2016-12-20 12:26:53 +01:00
Neil Lalonde
d23da5b641 FIX: digest email preview error in Persian and other languages 2016-12-14 11:10:32 -05:00
Neil Lalonde
47aa3d94aa FEATURE: send digest preview to an email address 2016-11-23 17:51:57 -05:00
Robin Ward
bf91532260 Fixes some Ember Deprecations for 1.13:
- Remove ArrayController
- Remove {{view}} from templates
- Replace many cases of needs: [‘controller’] with inject
- Enable Ember Legacy Views
2016-10-21 11:06:07 -04:00
Guo Xiang Tan
547750e9dd Unify API keys and web hooks into a single admin nav header. 2016-09-20 05:22:03 +08:00
Erick Guan
9ce61b4586 FEATURE: Webhooks. 2016-09-05 18:44:00 +08:00
safaalfulaij
291c32aa69 Fix Plural Strings 2016-08-10 20:24:28 +03:00
Régis Hanol
cb809784df refactor version-check to ES6 2016-08-03 16:13:02 +02:00
cpradio
1b89c2f0ef FEATURE: Installed Version link shows GitHub Compare to branch being followed 2016-08-02 06:18:44 -04:00
Robin Ward
bba0fd0654 REFACTOR: PreloadStore to ES6 2016-07-11 12:57:05 -04:00
Robin Ward
b8125b3512 REFACTOR: Remove Discourse.Ajax 2016-07-11 12:57:05 -04:00
Robin Ward
a546395397 REFACTOR: Migrate markdown functionality in ES6 2016-07-11 12:57:05 -04:00
Régis Hanol
8a04b78909 add a link to bounce emails list in user admin profile 2016-05-18 22:38:35 +02:00
Régis Hanol
d6ab54378c FIX: screened IP addresses list wasn't working anymore - TAKE 2 2016-05-18 19:27:39 +02:00
Régis Hanol
1e57bbf5c8 Lots bounce emails related fixes
- Show bounce score on user admin page
- Added reset bounce score button on user admin page
- Only whitelisted email types are sent to emails with high bounce score
- FIX: properly detect bounces even when there is no TO: header in the email
- Don't desactivate a user when reaching the bounce threshold
2016-05-06 19:34:33 +02:00
Neil Lalonde
3b18a5d59d FIX: redirect url after anonymizing a user 2016-03-03 11:59:07 -05:00
Régis Hanol
91bb38626c FEATURE: new incoming email details modal 2016-02-10 22:00:27 +01:00
Erick Guan
35142847ba FIX: Prepend the user id before username in admin user routes 2016-02-09 15:14:13 +01:00
Arpit Jalan
eec8436cfe FEATURE: filter admin reports via user group 2016-02-04 11:23:49 +05:30
Régis Hanol
cf4c256b17 FEATURE: new 'raw email' modal when listing rejected emails 2016-02-01 21:41:49 +01:00
Régis Hanol
5018a8033d FIX: add link to user profile for staged users 2016-01-19 16:41:07 +01:00
Régis Hanol
3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Neil Lalonde
12790d8dcc FEATURE: staff can block users, which prevents them from creating topics and replies 2016-01-14 14:42:06 -05:00
Arpit Jalan
f40249faad FEATURE: make trust level 3 time period admin setting 2015-12-22 23:26:19 +05:30
Neil Lalonde
ddd4500d7a FIX: admin reports were broken 2015-12-01 18:31:30 -05:00
Robin Ward
5e93140f85 FEATURE: Can override any translation via an admin interface 2015-11-27 11:35:19 -05:00
Robin Ward
434deb1bd3 SECURITY: Backported XSS fixes from Handlebars 2015-11-24 16:08:08 -05:00
Régis Hanol
753f4d1b7b FIX: redirect to forum home page when impersonating 2015-11-23 15:44:44 +01:00
Sam
5c899c765b Revert "Revert "REFACTOR: support booting discourse with DISCOURSE_NO_CONSTANTS""
This reverts commit c21457d6a7.
2015-11-21 12:27:06 +11:00
Robin Ward
83d5b82c84 OOPS, remove console.log 2015-11-20 13:15:00 -05:00
Robin Ward
8eeb027c65 Can revert changes to email templates 2015-11-20 12:30:21 -05:00
Robin Ward
c21457d6a7 Revert "REFACTOR: support booting discourse with DISCOURSE_NO_CONSTANTS"
This reverts commit c0b277d273.
2015-11-20 10:00:12 -05:00
Sam
c0b277d273 REFACTOR: support booting discourse with DISCOURSE_NO_CONSTANTS
This change is discussed here: https://meta.discourse.org/t/deprecating-es6-compatibility-layer/35821

Prior to this change we were not booting correctly with DISCOURSE_NO_CONSTANTS
2015-11-21 00:14:50 +11:00
Leo McArdle
fe5264f9e9 filter by username in email digest preview
adds a user prompt on the email digest preview page to generate a preview for a particular user
also fixes some broken styling on the page
2015-10-30 18:11:38 +00:00
Robin Ward
46ca66771b FIX: Better error message for resending activation. Don't limit staff. 2015-10-27 16:25:30 -04:00
Rafael dos Santos Silva
dfed999ec8 Remove getUrl on impersonate redirect
As said by  @riking @nlalonde and @ZogStriP
2015-10-13 16:52:35 -03:00
Rafael dos Santos Silva
ccd46bf431 Fix impersonate redirect on subfolder install
Impersonate was redirecting to base site, instead of Discourse when using subfolder install.
2015-10-12 16:14:39 -03:00
Jeff Atwood
0b295150e7 UX: clearer delete user action buttons 2015-09-30 16:06:55 -07:00
Guo Xiang Tan
f39b9124b6 FEATURE: Log staff actions for Category changes. 2015-09-18 10:53:08 +08:00
Régis Hanol
96c23d51a2 FIX: don't break the message bus when restoring a backup 2015-08-27 20:02:13 +02:00
Régis Hanol
73e4c6ae4d FIX: backups index template wasn't properly bound 2015-08-17 16:21:23 +02:00
Robin Ward
02a968bd27 Remove ObjectController, Discouse Controllers + Presence 2015-08-13 10:49:08 -04:00
Robin Ward
b7e6eaa961 ES6ify some of the remaining files 2015-08-10 10:21:05 -04:00
Robin Ward
7fffd483f8 Fix deprecations with site text, upgrade to ES6 / store 2015-08-10 10:21:04 -04:00
Robin Ward
bd631e343a FEATURE: Can create stylesheets for embedded comments 2015-08-10 10:21:04 -04:00
Robin Ward
0932e82508 Refactor Customizations to have deeper URLs 2015-08-10 10:21:04 -04:00
Régis Hanol
80e6f54198 FIX: don't divide by 0, it's never worth it 2015-08-10 10:06:33 +02:00
Régis Hanol
64dd28d885 FIX: time to first response metric 2015-08-04 18:23:56 +02:00
Robin Ward
aa6f792ce1 FEATURE: Custom orders for user fields 2015-07-30 14:53:13 -04:00
Robin Ward
dc8a68fd29 FEATURE: New "Dropdown" user field type 2015-07-28 12:30:21 -04:00
Neil Lalonde
c78dbb7fa5 FIX: site customization preview links when deployed in a subfolder 2015-07-24 11:19:53 -04:00
Arpit Jalan
dc90c396f2 FEATURE: manage Permalinks 2015-07-17 01:26:02 +05:30
Régis Hanol
f18098fd9b FEATURE: category dropdown in admin reports 2015-06-24 15:19:39 +02:00
Robin Ward
76bfd723f6 Merge pull request #3482 from riking/patch-3
Import/Export site customizations
2015-06-22 14:03:07 -04:00
Régis Hanol
b25a16ee3e FEATURE: 2 new reports: time to first response, topics with no response
FIX: relativeAgeMediumSpan was off by 1
REFACTOR: extracted decimalAdjust & round functions from the poll plugin
2015-06-22 19:46:51 +02:00
Neil Lalonde
91588bed8b FIX: some admin actions redirect to wrong path when deployed to subdirectory 2015-05-21 15:03:00 -04:00
Robin Ward
4e0d7683ab Better error messages on admin for granting moderation
Also fixes up Ember deprecations.
2015-05-19 10:56:32 -04:00
riking
291d9fc65e FEATURE: Import customizations from a JSON file 2015-05-16 20:24:19 -07:00
riking
1e53c179a3 FEATURE: Export customizations as JSON files 2015-05-16 20:24:13 -07:00
Robin Ward
0d51c1f0a0 FIX: List views in admin were broken 2015-05-11 13:17:12 -04:00
Sam
4919ec4c44 FIX: don't hide "public invisible" groups from groups on user page 2015-04-16 10:44:55 +10:00
Régis Hanol
9cbd0f8e78 UX: separate custom from automatic groups in user admin
REFACTOR: some moar ES6 refactoring
2015-03-17 22:59:05 +01:00
Neil Lalonde
be446b7e50 use d-buttons, and other small tweaks 2015-03-10 13:06:24 -04:00
Neil Lalonde
608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Neil Lalonde
ddbe1c017b FIX: reason for not being able to delete a staff user's posts was wrong in admin 2015-03-06 14:12:01 -05:00
Robin Ward
84b84a9d7c Support for url_list site setting. 2015-03-03 16:19:29 -05:00
Robin Ward
3f729438ad ES6: Removed and renamed some admin views 2015-02-24 13:47:46 -05:00
Régis Hanol
c4e427cf73 FEATURE: filter screened IP addresses 2015-02-10 19:38:59 +01:00
Robin Ward
4e64d16a47 FEATURE: Allow plugins to log staff actions 2015-02-05 15:26:34 -05:00
Neil Lalonde
8689c85b54 add error handling when granting admin and moderator privileges 2015-02-03 17:42:08 -05:00
Régis Hanol
6734a51b6a move SiteText.{head,top,bottom} to SiteCustomization 2015-01-14 12:15:53 +01:00
Robin Ward
f3b72f5d96 Revert "move SiteText.{head,bottom} to SiteCustomization and remove redundant SiteText.top"
This reverts commit 6ee2849df6.
2015-01-12 20:21:22 -05:00
Régis Hanol
6ee2849df6 move SiteText.{head,bottom} to SiteCustomization and remove redundant SiteText.top 2015-01-12 19:59:43 +01:00
Régis Hanol
8edf2afb83 FIX: proper redirection when deleting a user 2014-12-25 18:25:07 +01:00
Arpit Jalan
bb152a5b3f FEATURE: download user posts archive 2014-12-24 15:13:48 +05:30
Sam
5b844f5320 FEATURE: more than 1 site customization can be enabled at once
FIX: more robust site customizations

Rewrote site customization to use distributed cache and a much cleaner
css delivery mechanism
2014-12-23 13:03:48 +11:00
Sam
f23eb475a4 FEATURE: remove override stylesheet option, too confusing 2014-12-23 13:03:48 +11:00
Robin Ward
f3babdb319 Fixes many Ember 1.9.0 deprecations 2014-12-17 09:31:42 -05:00
Robin Ward
2d6b15a34d Load fewer posts when the android platform is detected 2014-12-12 11:47:39 -05:00
Arpit Jalan
42cbe6ef2a FEATURE: export csv for all the logs 2014-12-11 23:33:26 +05:30
Régis Hanol
b4363de280 FIX: reload current page when deleting a user 2014-12-03 16:03:42 +01:00
Régis Hanol
f9f54e2626 refactor fix in 67c4c90159 2014-12-03 13:00:02 +01:00
Régis Hanol
1023191315 FEATURE: roll up function for 123.456.789.* ranges 2014-11-24 17:25:48 +01:00
Arpit Jalan
428b71687f return a promise instead of triggering bootbox in model 2014-11-22 01:16:10 +05:30
Arpit Jalan
515882d224 FEATURE: export screened IPs list in a CSV file 2014-11-22 00:59:48 +05:30
Neil Lalonde
ebcf21585c FEATURE: add a button for staff to delete a user on their profile page 2014-11-14 15:25:33 -05:00
Régis Hanol
ec76be964e UX: better footer handling 2014-11-10 21:51:55 +01:00
Robin Ward
2d9187cd9d Admin controls to select a date range for reports 2014-11-05 14:46:44 -05:00
Régis Hanol
10094a0bcd FIX: resolve flags as good when deleting a spam user 2014-10-20 16:59:06 +02:00
Neil Lalonde
a30e70e8f1 FEATURE: trust level 3: likes received must be on min_likes_received/3 different days, and be from min_likes_received/4 different users 2014-10-07 15:52:54 -04:00
Régis Hanol
ac069d22a9 FIX: delete spammer modal doesn't show the email address 2014-10-06 21:55:52 +02:00
Régis Hanol
98b6b9821a FEATURE: log topic/post deletions from staff members 2014-10-01 17:40:13 +02:00
Robin Ward
edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
Sam
0fc6c751cb FEATURE: implement lock/unlock trust level mechanics 2014-09-30 13:16:34 +10:00
riking
bff95a6a97 Rename 'leader' -> 'tl3' 2014-09-30 13:16:34 +10:00
riking
c8111ada6e FEATURE: Allow admins to lock users from TL3 promotion/demotion
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
Robin Ward
0fc0533134 FEATURE: Admin interface for adding custom fields for users 2014-09-25 16:17:51 -04:00
Robin Ward
d37ed80e8a FIX: CSS Customizations were showing as undefined 2014-09-25 12:08:58 -04:00