Ian Christian Myers
0d01c33482
Enabled strong_parameters across all models/controllers.
...
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.
The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.
It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Neil Lalonde
b55182b983
Use PostDestroyer when deleting all of a user's posts; deleting a post removes its flags and resets its flag counts
2013-06-05 16:05:13 -04:00
Robin Ward
dfba2b6e0a
FIX: Strip links from google indexed bios when the users are new.
2013-06-05 15:28:10 -04:00
Robin Ward
4392a17b54
Strip out links when displaying a new user's bio
2013-06-04 12:06:25 -04:00
Neil Lalonde
2259e97d42
Add a count of blocked users on the dashboard
2013-06-04 11:53:19 -04:00
Sam
d2c1eb090e
Merge pull request #921 from nirnanaaa/postgres-truefalse
...
removed t's and f's from models
2013-05-30 21:38:26 -07:00
Sam
e93b7a3b20
more progress towards live unread and new counts, unread message implemented, still to implement delete messages
2013-05-30 16:49:57 +10:00
Sam
33ff87bf44
work in progress, live unread / new counters
2013-05-30 16:49:57 +10:00
nirnanaaa
364113a4d5
removed t and f 's from group model
...
removed t and f 's from user model as mentioned in #919
removed t's and f's from category model
2013-05-29 22:10:43 +02:00
Sam
46389754d6
Merge pull request #892 from eriko/cas_support
...
Cas support
2013-05-28 16:13:29 -07:00
Sam
ca2dee52db
moved comments to the bottom, they are way less intrusive there
2013-05-24 12:48:32 +10:00
Sam
2cd95bc649
lets try out annotations
2013-05-24 12:35:14 +10:00
Erik Ordway
1575ce7b10
add cas support with a few tests
2013-05-23 13:40:50 -07:00
Robin Ward
7a31630837
Search Refactor: Remove some manual SQL, make search data tables more idomatic Rails/AR
2013-05-22 16:31:13 -04:00
Robin Ward
27828c5ec2
Merge pull request #871 from avdi/refactoring-with-josh-and-avdi
...
Various refactorings towards Ruby/Rails idiom from Josh Susser and Avdi Grimm
2013-05-21 07:18:50 -07:00
Leonard Garvey
b16705be0d
Clean up update_visit_record!
...
update_visit_record! appears to add user_visit record if one
doesn't exist and days_visited is simply a counter for the number
of visit records.
2013-05-18 16:02:06 +10:00
Leonard Garvey
32f4dfd2fb
DRY up the user model slightly
...
regular? is just the inverse of staff?
2013-05-18 16:00:35 +10:00
Josh Susser and Avdi Grimm
2acc80d192
Various idiomatic User refactorings.
2013-05-17 15:44:35 -04:00
Robin Ward
d554a59102
Support for a new site setting: newuser_spam_host_threshold
. If a new user posts a link
...
to the same host enough tiles, they will not be able to post the same link again.
Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam
eb71e9de24
opening move, don't get rid of green notification till the pm is read
...
TODO a way to list all unread PMs
2013-05-16 16:37:47 +10:00
Sam
b6bf95e741
speed up startup (avoid loading some gems on startup)
...
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam
942f168ab6
UI still a tad rough, but we have a first pass of secure categories
2013-05-10 16:47:47 +10:00
Neil Lalonde
f35a44aeae
Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account
2013-05-08 10:10:47 -04:00
Sam
e9fc272db7
remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
...
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam
be1ab8b275
automatic group infrustructure
2013-05-06 14:49:56 +10:00
Sam
5ec52bd2e9
:s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff
2013-05-02 17:22:27 +10:00
Sam
e4a76812a6
this is a slightly round about way of making our self oneboxes sane
...
shrunk avatar to 60px, added global whitelisting
2013-05-01 16:38:13 +10:00
Sam
5cfcdc7ef0
backend for secure categories mostly done (todo pm groups)
2013-04-29 16:33:43 +10:00
Neil Lalonde
75cfcbfa4f
Need to require email in user.rb because specs can start failing when running guard
2013-04-18 14:27:04 -04:00
Régis Hanol
b24c1a1ad9
better consistency around email case sensitivity
2013-04-15 02:20:33 +02:00
Philipp Weissensteiner
3dcb1905e3
Refactor user controller, create action, mostly.
...
The gist of the commit are a few improvements in the
create action, where:
* long boolean statemenst have been wrapped in smaller more readable
methods.
* the 3rd party user info creation has been extracted (still in controller)
* a small helper method for creating a new user from params (to reduce
visual clutter)
* specs have been added where I came across untested methods/branches
Other changes are more trivial like formatting and whitespace fixes.
Hope this helps. Regards.
2013-04-13 00:53:59 +02:00
Neil Lalonde
651cfba93f
Add ability to destroy a user with 0 posts
2013-04-12 16:53:00 -04:00
Sam
5273657537
a method called "adding_user_record" is annoying me. 5 lines of code replaced with 2
2013-04-05 17:53:39 +11:00
Sam
ea8d69fbd6
fix my broken test
2013-04-05 17:47:54 +11:00
Sam
a2cca2540e
some minimal site settings diags
...
fix issue where days_visited was totally out of sync
2013-04-05 17:47:54 +11:00
Sam
a7f92ec0c1
topic reply count resync for each new post
2013-04-05 17:47:54 +11:00
Neil Lalonde
bb18b6cb9b
Dashboard: split out private messages from topic and post counts; re-enable report_spec because I think I fixed it...
2013-04-03 13:26:09 -04:00
Philipp Weissensteiner
c34f476b31
Improve suggest_username method in user.rb
...
The suggest_username method showed up on codeclimate
so I thought I'd give it some love and make it more readable.
In the process removed trailing whitespaces and had to fix a
terrible spelling error :)
2013-03-31 19:01:11 +02:00
Gosha Arinich
bdfa9b0508
create the User.admins and User.moderators scopes
2013-03-29 09:52:09 +03:00
Sam Bauch
77e3434d81
added email whitelist SiteSetting feature to replicate email blacklist. email_validator method now also uses the regex method for both the whitelist and blacklist.
2013-03-22 14:49:42 -04:00
Sam
62c60540be
pull moderator into own column, rename trust levels
2013-03-19 21:06:11 -07:00
Sam
2a047df4f1
cache reply_to_user_id in post to eliminate a very nasty n+1 query
2013-03-19 16:54:23 -07:00
Sam
1cd26a7dcf
oops
2013-03-18 23:44:21 -07:00
Sam
dd03f44968
optimise
2013-03-18 23:18:15 -07:00
Neil Lalonde
d9cdde9aa7
Add user counts for each trust level to admin dashboard
2013-03-15 18:09:02 -04:00
Sam
e62bb9922e
exceptions are BAD
...
the old code wacked on 10ms to every home page request, for no real reason.
2013-03-10 19:11:33 -07:00
Neil Lalonde
8927432a93
Add stats to the admin dashboard
2013-03-09 15:34:27 -05:00
Sam
325e28c3c8
wrong conditional
2013-03-08 17:24:54 -08:00
Robin Ward
4c7b0a42b5
Oops escape everything but image urls
2013-03-08 16:17:56 -05:00
Robin Ward
908bba8c13
First stab at oneboxing of meta.discourse.org
2013-03-08 15:59:12 -05:00
Robin Ward
d1d4530efd
User Profile enhancements:
...
- Added PreloadStore support to avoid duplicate requests
- preliminary SEO
- Support for opengraph/twitter cards
2013-03-08 15:04:37 -05:00
Robin Ward
f8d8272406
Cleaned up TopicUserSpec, introduces clearing of pinned topics
2013-03-07 12:19:25 -05:00
Robin Ward
6a63178411
Merge pull request #377 from kubabrecka/typos5
...
various typos in comments
2013-03-06 09:14:16 -08:00
Sam Saffron
8f56a09e82
PBKDF2 gem is trouble, removing and hand coding for now
2013-03-06 23:12:16 +11:00
Kuba Brecka
dc62136642
various typos in comments
2013-03-06 08:52:24 +01:00
Régis Hanol
239cbd2d58
enforce coding convention
...
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Gosha Arinich
0c99dea153
introduce Enum
2013-03-01 21:16:36 +03:00
Robin Ward
b66b17bf19
Merge pull request #300 from goshakkk/cleanup
...
Minor cleanup, using AR querying DSL over raw SQL in some places
2013-03-01 07:52:34 -08:00
Kirill Pimenov
a168dc915e
Secure gravatar
2013-03-01 00:58:36 +04:00
Gosha Arinich
6e5399d544
minor cleanup, using AR querying DSL over raw SQL in some places
2013-02-28 21:54:12 +03:00
Gosha Arinich
d2f3c829db
refactor User and TrustLevel a bit
...
* rename `User#password_required` to `User#password_required!`
* emails with "i" @ something are a special case as well
* get rid of `self.` and returns where possible
* prefer "unless a" instead of "if !a"
* `unread_notifications` without manually iterating
* introduce `User#moderator?`
* introduce `TrustLevel#valid_key?`, `TrustLevel#compare`, and
`TrustLevel#level_key`
2013-02-28 19:15:54 +03:00
Robin Ward
cf867a35ff
Merge pull request #271 from goshakkk/topic-refactor
...
Refactor Topic
2013-02-27 10:32:44 -08:00
Robin Ward
007118b00c
Merge branch 'github-auth' of git://github.com/nverba/discourse
...
Conflicts:
config/locales/server.en.yml
db/structure.sql
spec/views/omniauth_callbacks/complete.html.erb_spec.rb
2013-02-27 12:09:22 -05:00
Alexander
8855a0bfbe
RSS of a topic via new route
...
Adds TopicView#recent_posts; Post#by_newest, #with_user, #author_readable; User#readable_name
Autodiscovery tag in topic show HTML.
2013-02-26 14:54:17 -08:00
Gosha Arinich
12d664a610
refactor Topic
...
* move finding by username/email to User
* make SiteSetting return a range of possible post title lengths
* remove unnecessary conditions
2013-02-26 19:27:59 +03:00
nverba
b45f872c04
Added Github authentication option, disabled by default with enable options in settings.
2013-02-26 05:00:21 +00:00
Gosha Arinich
cafc75b238
remove trailing whitespaces ❤️
2013-02-26 07:31:35 +03:00
Sam Saffron
77a2d8ccc4
fixed a pile of notification craziness
...
addes some tests around post timings
2013-02-25 18:42:42 +11:00
Sam Saffron
b0b0e222f7
missed a spot where channel can be out of sync
2013-02-25 09:32:06 +11:00
Sam Saffron
47fedd8f4d
correct breakage
...
don't set permanent cookie, kill session if it conflicts
2013-02-24 22:56:08 +11:00
Sam Saffron
b66db4153d
refactor and organise current_user better
2013-02-24 21:42:04 +11:00
Neil Lalonde
85f8f8f2d5
Better checking of blacklisted emails on create and when email is being updated
2013-02-20 16:25:08 -05:00
Neil Lalonde
046c330858
Changes to email_domains_blacklist shouldn't invalidate existing users
2013-02-20 12:16:16 -05:00
Neil Lalonde
39eab7c425
Replace mentions of mothership with discourse_hub
2013-02-14 12:57:26 -05:00
Robin Ward
b94b9d2383
Merge pull request #146 from ismaelga/moderators-buttons
...
Create moderators
2013-02-14 07:26:50 -08:00
Sam Saffron
87d83802b9
added option that allows users to decide when they consider topics new (default 2 days old or newer)
...
added site_setting to control the default new_topic_duration_minutes
added 10 minutes option for auto_track_topics_after_msecs, default bumped up to 5 mins
2013-02-14 17:36:14 +11:00
Neil Lalonde
aaf96f1e29
Replace email_blacklist_regexp with email_domains_blacklist site setting
2013-02-13 22:45:43 -05:00
Ismael Abreu
80bec6efc9
Adds grant and revoke moderation buttons so admins can make users moderators
2013-02-14 01:12:23 +00:00
Robin Ward
f00006ee7d
Fix broken Yahoo! signup.
2013-02-13 12:37:48 -05:00
Neil Lalonde
f850fe1e75
Implement the email_blacklist_regexp ssite setting
2013-02-13 12:28:39 -05:00
xdite
def442164f
Refactor last_updated_at
2013-02-13 11:40:32 -05:00
Neil Lalonde
824b09389f
Don't allow signups without a password
2013-02-12 15:42:16 -05:00
Neil Lalonde
4636b354b4
Use the new mothership change_nickname API
2013-02-12 10:19:02 -05:00
Neil Lalonde
238032051e
Users with no email_tokens return true from email_confirmed
2013-02-12 10:19:02 -05:00
Neil Lalonde
c18b85873f
Prevent login until email is confirmed
2013-02-11 11:18:37 -05:00
Neil Lalonde
ce7088f081
check_username api now returns correct error message for invalid lengths etc
2013-02-08 14:12:48 -05:00
Cyril Mougel
84191802df
Extract the validation of Username format in own class to avoid
...
complexity in user model object
2013-02-08 12:54:47 -05:00
Neil Lalonde
79dfccf717
Username validation in signup and username change forms
2013-02-07 18:23:52 -05:00
Jakub Arnold
61654ab8f0
Fix all the trailing whitespace
2013-02-07 16:45:24 +01:00
Sam Saffron
85973ce6b0
added delete all posts button
...
wired up the ability to enable all themes
2013-02-07 18:11:56 +11:00
Andy
66022f9faa
Updated email hash to Gravatar specifications
...
Gravatar email hashes have two requirements:
* Whitespace must be trimmed
* Email should be downcased
2013-02-05 21:16:15 -07:00
Robin Ward
21b5628528
Initial release of Discourse
2013-02-05 14:16:51 -05:00