Commit Graph

179 Commits

Author SHA1 Message Date
Régis Hanol
2585ada5ca FIX: don't allow spaces in 'reply_by_email_address' site setting 2018-04-17 17:08:12 +02:00
Robin Ward
e27edfe597 FIX: Don't give two errors about not being able to post links 2018-04-05 12:54:48 -04:00
Arpit Jalan
10759677db FIX: when uploading image newuser restrictions should not apply to staff 2018-04-05 09:51:03 +05:30
Guo Xiang Tan
142571bba0 Remove use of rescue nil.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Joffrey JAFFEUX
ce1994beea FIX: do not treat :: as a valid emoji 2018-03-05 15:35:24 +01:00
Régis Hanol
6a78669ca3 FIX: 'reply by email addresses' site settings should allow email addresses without a 'reply_key' when 'find related post with key' is disabled 2018-03-02 17:53:18 +01:00
Neil Lalonde
baf1c385eb UX: when a post is blocked due to a watched word, message includes the word being blocked 2018-02-28 11:22:18 -05:00
Neil Lalonde
3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Robin Ward
3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Arpit Jalan
c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh
f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Erick Guan
03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Robin Ward
5466389f4e FIX: Consider oneboxes links wrt to min_trust_level_to_post_links 2018-02-08 18:27:40 -05:00
Robin Ward
dedeb2deb8 FIX: Don't show the link button in the composer if linking is disabled 2018-02-08 12:56:10 -05:00
Robin Ward
6a5dad0b86 FIX: Too much Javascript :) 2018-02-07 11:46:05 -05:00
Robin Ward
016b9cd0e9 FIX: Count the links in the post 2018-02-06 20:16:48 -05:00
Robin Ward
1bab15c757 FEATURE: A site setting for a minimum TL to post links 2018-02-06 18:07:58 -05:00
Gerhard Schlager
2a22b90538 SECURITY: email domain whitelist could be bypassed 2018-01-17 21:45:32 +01:00
Arpit Jalan
1208254961 FIX: validate presence of 'top menu' setting 2018-01-17 01:43:53 +05:30
Guo Xiang Tan
805d1c25d3
Merge pull request #5451 from tgxworld/treat_non_ascii_urls_as_valid
Treat non-ascii URLs in `UrlValidator`.
2017-12-27 14:14:20 +08:00
Arpit Jalan
0514ac4ee2 FIX: verify presence of 'sso url' before enabling 'enable sso' 2017-12-23 13:30:49 +05:30
Guo Xiang Tan
4b51871f6a Treat non-ascii URLs in UrlValidator. 2017-12-21 14:22:55 +08:00
Guo Xiang Tan
6ecf37c482 Improve URL validation to check for a valid host.
Parsing a URL with `URI` is not sufficient as the following cases
are considered valid:

URI.parse("http://https://google.com")
=> #<URI::HTTP http://https//google.com>
2017-12-21 13:50:15 +08:00
Matt Palmer
f315c142b1 BUG: Load the appropriate file for AlternativeReplyByEmailAddressesValidator
Autoloading only works when the class names are namespaced appropriately.
2017-12-19 09:43:41 +11:00
Vinoth Kannan
7f2eeaf767 FIX: Password required flag should be cleared whenever clearing the raw password (#5384) 2017-12-01 15:19:24 +11:00
Neil Lalonde
ddbd1d5ab8 allow regex options on username site settings 2017-10-04 15:08:51 -04:00
Gerhard Schlager
7f50380221 FIX: respect email domain whitelist/blacklist when creating staged users 2017-10-03 16:36:08 +02:00
Bianca Nenciu
bb3a5910d7 Support for sending PMs to email addresses (#4988)
* Added support for sending PMs to email addresses.

* Made changes after review.

* Added settings validator.

* Fixed tests.
2017-08-28 12:07:30 -04:00
Sam
fdc5c080ea FIX: bump default max for int site settings to a much higher number
(close to long int)
2017-08-24 10:16:41 -04:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde
68b3dd43ce fix intermittent failing tests, some watched word refactoring 2017-07-27 12:27:01 -04:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan
2255724637 UX: Add validator for SiteSetting#sso_overrides_email. 2017-07-10 10:08:55 +09:00
Robin Ward
b93edc9945 FIX: Make sure censored words are on boundaries in topic titles 2017-06-28 13:13:40 -04:00
Régis Hanol
54e8fb0d89 FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting 2017-06-12 22:41:29 +02:00
Sam
bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Guo Xiang Tan
59b906ab0d FEATURE: Disable minimum post length check when in PM with non human users.
https://meta.discourse.org/t/discourse-narrative-bot-beta-feedback/58621/65?u=tgxworld
2017-04-27 16:00:22 +08:00
Arpit Jalan
dad2024094 FIX: do not impose default min/max validation on hidden site setting 2017-04-22 12:08:39 +05:30
Arpit Jalan
9eff4f0807 FIX: all basic integer settings should have max value validation 2017-04-21 07:09:41 +05:30
Régis Hanol
2be14a604c FIX: censored_pattern with group capturing wasn't working 2017-04-10 23:38:48 +02:00
Sam
dacfdd4dc8 use chars as opposed to split 2017-02-14 09:40:15 -05:00
Sam
8feb94e13f FIX: password validator was being too strict 2017-02-14 09:18:04 -05:00
Neil Lalonde
94e1105af7 fix unique char counting in password validator 2017-02-10 10:38:17 -05:00
Neil Lalonde
1bcb835446 FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting 2017-02-09 15:00:22 -05:00
Rimian Perkins
25516874b5 FIX: Escape regexp chars in SiteSetting.censored_words. 2017-01-31 10:14:51 +08:00
Guo Xiang Tan
eafd0a7497 Bye bye bygbug. 2017-01-24 14:07:55 +08:00
Guo Xiang Tan
ce07da1d8b UX: Only display the words that fails censored words validations. 2017-01-24 13:11:05 +08:00
Guo Xiang Tan
429b02a5d5 oops fix specs. 2017-01-09 17:08:24 +08:00
Guo Xiang Tan
3d21ccd4a5 FIX: Add validation to disallow censored words in topic title. 2017-01-09 16:55:41 +08:00
Guo Xiang Tan
13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Neil Lalonde
fb2633366a FIX: featured link topics shouldn't require the same min post length 2016-12-09 15:46:26 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Neil Lalonde
86522a52b7 FEATURE: add censored_pattern setting to censor posts using regex 2016-11-08 16:39:26 -05:00
Régis Hanol
35a79a70c3 FIX: uploading custom avatar was always hidden 2016-10-20 19:53:41 +02:00
Guo Xiang Tan
d312c82474 Revert "FIX: wasn't able to update category's settings"
This reverts commit 282f9948cb.
2016-09-22 11:29:44 +08:00
Robin Ward
64094954bc FIX: Broken posting 2016-09-16 13:12:05 -04:00
Neil Lalonde
7a81669c18 SECURITY: don't allow re-using the current password during password reset 2016-08-24 12:27:21 -04:00
Neil Lalonde
d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Régis Hanol
282f9948cb FIX: wasn't able to update category's settings 2016-08-09 20:14:49 +02:00
Régis Hanol
e92f5e4fbf FEATURE: new email attachment blacklists site settings 2016-08-03 17:55:54 +02:00
Robin Ward
2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Régis Hanol
376881845c always strip s/mime signatures in incoming emails 2016-06-27 22:26:05 +02:00
Régis Hanol
dffe50a2e6 new alternative reply by email addresses 2016-06-10 16:14:42 +02:00
Régis Hanol
de9136a8f2 FIX: bypass TL0-specific validations on posts in a PM 2016-04-18 22:08:42 +02:00
Régis Hanol
20ce7f29e0 FEATURE: new 'manual_polling_enabled' site setting 2016-03-16 22:28:01 +01:00
scossar
1914495e88 make error message translatable 2016-03-15 10:02:10 -07:00
scossar
0cbeda8414 add site setting for setting locale from header 2016-03-14 16:18:19 -07:00
Arpit Jalan
36f82aa68c FEATURE: enforce admin password validation when signing up via developer email 2016-03-04 00:28:47 +05:30
Arpit Jalan
50e65634d7 FEATURE: new setting min_admin_password_length and better default 2016-03-02 14:43:26 +05:30
Régis Hanol
be5a54d67d FEATURE: new 'allow_all_attachments_for_group_messages' site setting 2016-02-29 22:39:24 +01:00
Régis Hanol
8893d711e0 FEATURE: new pop3 polling configuration admin dashboard check 2016-02-17 11:25:49 +01:00
Régis Hanol
8944d62aa6 add validator for the 'reply_by_email_enabled' site setting 2016-02-09 23:35:40 +01:00
Arpit Jalan
99c4252ba6 FEATURE: Staff should be exempt from user mention limit 2016-02-01 21:19:56 +05:30
bgr11n
53fb84baa3 fixed password validator on equality with email 2016-01-05 22:43:11 +02:00
Régis Hanol
978a1539fa new pop3_polling_enabled setting validator to ensure credentials are working before enabling it 2015-12-10 22:23:54 +01:00
Régis Hanol
5b9594277a skip most post validations for staged accounts 2015-12-01 10:40:23 +01:00
Régis Hanol
7c694139ec trust staged accounts when validating posts 2015-11-30 19:08:35 +01:00
Gerhard Schlager
6e33a21a7a FIX: Replace invalid pluralizations in locale files 2015-11-13 21:25:15 +01:00
Sam
69ad0358c2 FIX: incorrect logic in email blocker
if mail.com was blocked, email.com was automatically blocked
2015-06-15 11:28:50 +10:00
Arpit Jalan
b7ac8448c6 Improve IP blocking error message 2015-06-02 07:48:26 +05:30
Arpit Jalan
6bf680882c Better error message when new registration limit from an IP address is reached 2015-06-01 10:16:25 +05:30
Arpit Jalan
220b9c5abe FIX: match subdomain with email domain blacklist 2015-05-13 21:02:02 +05:30
Gerhard Schlager
9a76ee8f8a FIX: error message used wrong filesize 2015-05-03 19:26:54 +02:00
Robin Ward
a5ee45ccbe PostEnqueuer object to handle validation of enqueued posts 2015-04-15 14:54:36 -04:00
Neil Lalonde
30b063c08b FEATURE: make full names a required field of user profiles with the full_name_required setting 2015-04-02 17:08:04 -04:00
Arpit Jalan
b706307ac7 FEATURE: new site setting min_first_post_length 2015-03-20 00:20:38 +05:30
Neil Lalonde
c04b214910 FEATURE: don't allow username and email to be the same 2015-02-27 13:47:43 -05:00
Sam
0742f340f9 FEATURE: allow for a localized error when a regex fails in site settings
FEATURE: apply string validation to list site settings (so we get regex)
2015-02-27 11:45:56 +11:00
Neil Lalonde
cf81b3f86d FEATURE: don't allow username and password to be the same 2015-02-25 12:00:13 -05:00
Régis Hanol
f7d2fc0524 FEATURE: 'reply by email address' validator
Prevent infinite email loophole when the 'reply_by_email_address' site setting is the same as the 'notification_email'.
2015-02-06 12:08:37 +01:00
Arpit Jalan
58f46137d6 FIX: allow developer emails to bypass email blacklist/whitelist restriction 2015-01-30 00:10:03 +05:30
Régis Hanol
7641d88224 FEATURE: new 'maximum new user accounts per registration IP' site setting 2014-11-17 12:04:29 +01:00
Arpit Jalan
fab2b95ab6 FIX: disposable invite was giving email validation error 2014-10-23 22:55:49 +05:30
Sam
59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Régis Hanol
e64d3b8a42 FIX: disagree flag should unhide hidden post 2014-08-11 10:48:00 +02:00
Neil Lalonde
443caaa8f7 FIX: don't let admins skip post validations, unless it's faq, tos, or privacy 2014-08-01 14:53:35 -04:00
Neil Lalonde
e1be478ef4 FIX: admins bypass some post validations. This allows them to edit legal docs even if those docs are longer than max post length, for example. 2014-07-28 16:40:14 -04:00
Jens Maier
bf9f3c1366 FIX: NoMethodError in on extension.upcase when upload's original filename has no extension. 2014-07-15 03:23:26 +02:00
Sam
5b310c21b4 FIX: less crazy error when post exceeds max length. 2014-07-04 16:39:15 +10:00
Neil Lalonde
3eb65885d1 Add validation of string site settings with regex, and min and max lengths 2014-06-18 11:15:40 -04:00