Commit Graph

30010 Commits

Author SHA1 Message Date
Vinoth Kannan
8a952a2cc2 Make prettier happy 2018-09-05 02:00:13 +05:30
Kris
5cf1a9a23a UX: primary & danger buttons should lighten on hover in dark themes 2018-09-04 16:18:10 -04:00
Vinoth Kannan
d8b543bb67 FIX: redirect to original URL after social signup 2018-09-05 01:44:23 +05:30
David Taylor
4382fb5fac DEV: Allow plugins to whitelist specific user custom_fields for editing (#6358) 2018-09-04 20:45:36 +10:00
Guo Xiang Tan
d1af89e3b3 DEV: Extract global admin api rate limiting into a dedicated method.
* We have a use case for overriding the rate limiting logic in a
  plugin.
2018-09-04 16:37:54 +08:00
Sam
6e3f249aea Disable auth token logging
We have a work in progress feature that required the logging,
This feature is not going to be shipped for a while so disabling this
for now.
2018-09-04 17:05:17 +10:00
Guo Xiang Tan
3b337bfc6b Revert "FIX: Don't rate limit admin and staff constraints when matching routes."
This reverts commit 651b50b1a1.
2018-09-04 14:27:21 +08:00
Sam
e4498d2a8a FIX: keep db and job correctly in multisite logs
This ensures we report job and db correctly, previously we were
only reporting this on default
2018-09-04 16:05:44 +10:00
Guo Xiang Tan
19182c0c8f DEV: Skip fragile tests for now. 2018-09-04 13:58:09 +08:00
Guo Xiang Tan
651b50b1a1 FIX: Don't rate limit admin and staff constraints when matching routes.
* When an error is raised when checking route constraints, we
  can only return true/false which either lets the request
  through or return a 404 error. Therefore, we just skip
  rate limiting here and let the controller handle the
  rate limiting.
2018-09-04 13:52:58 +08:00
Guo Xiang Tan
edbcc992d4 Allow unicorn timeout to be configurable via ENV. 2018-09-04 13:21:41 +08:00
Vinoth Kannan
f896d6b021 FIX: Skip keypress event if alt key is down 2018-09-04 10:45:35 +05:30
Guo Xiang Tan
08b268c5bc Be more forceful in disconnecting connections during failover. 2018-09-04 10:32:43 +08:00
Sam
ad70502ab8 FIX: ignore invalid usernames in incoming link tracker
If an incoming link username has NULL in it simply ignore it
2018-09-04 12:28:32 +10:00
Guo Xiang Tan
8dc1463ab3 Enable Lint/ShadowingOuterLocalVariable for Rubocop. 2018-09-04 10:16:42 +08:00
Sam
2f5c21e28c FIX: return a 400 error instead of 500 for null injections
Many security scanners like to inject NULL in inputs causing application
to exception out and return a 500

We now handle this exception and render a 400 status back
2018-09-04 12:11:52 +10:00
Guo Xiang Tan
0a14e0a256 Ensure params[:files] responds to map in Lograge. 2018-09-04 09:22:54 +08:00
Sam
fcae21c4fc remove test that is no longer relevant 2018-09-04 10:52:12 +10:00
Sam
3748d3e281 UX: hide associate accounts if second factor is enabled
Once second factor is enabled all login via associated accounts is banned
showing this section just leads to confusion
2018-09-04 10:42:39 +10:00
Sam
155eb02c7e UX: remove auth token log from user page
This feature is not quite ready so we are deferring on it for a few more weeks
2018-09-04 10:28:33 +10:00
Gerhard Schlager
eeedc3901e FIX: Replying to deleted post via email should create new reply to topic 2018-09-03 23:06:40 +02:00
Vinoth Kannan
fe6c3b7d2e Make prettier happy 2018-09-04 00:31:41 +05:30
Vinoth Kannan
24a14af15a FIX: Respect invalidate_oneboxes option for inline oneboxes 2018-09-03 22:33:43 +05:30
Guo Xiang Tan
ecf60c0c33 DEV: More attempts at stablizing specs in Travis.
Re-enable skipped test because it doesn't fail locally
for me to debug it.
2018-09-03 14:52:15 +08:00
Gerhard Schlager
f33433bf9e Validation of params should restrict to max int (#6331)
* FIX: Validation of params should restrict to max int

* FIX: Send status 400 when "page" param isn't between 1 and max int
2018-09-03 14:45:32 +10:00
Guo Xiang Tan
747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains
FIX: Ignore OneBox blacklisted domains.
2018-09-03 11:10:52 +08:00
Guo Xiang Tan
59c9051a2e REFACTOR: Rescue error at the specific spot that is raising the error. 2018-09-03 11:04:58 +08:00
Guo Xiang Tan
0fac6cdba9 DEV: Better debugging information when test fails. 2018-09-03 10:55:25 +08:00
Guo Xiang Tan
7256b3bf68 REFACTOR: Use UserAuthTokenLogSerializer instead of conditionals. 2018-09-03 10:44:22 +08:00
Guo Xiang Tan
45f092a49d Extract badge_posts view management logic into a service object.
* Avoid defininig a global constant and method.

Fixes https://github.com/discourse/discourse/pull/6318
2018-09-03 09:51:35 +08:00
Jeff Atwood
c3a898795a
Merge pull request #6351 from gschlager/btn_primary
UX: Primary button didn't have hover effect anymore
2018-09-02 14:26:40 -07:00
Maja Komel
182d9a4666 FIX: escape regex chars when searching site texts 2018-09-02 17:25:57 +10:00
Bianca Nenciu
f5e0356fb2 correct miscellaneous issues with user login history 2018-09-02 17:24:54 +10:00
Osama Sayegh
8e70b82baa FIX: maintain theme preview when refreshing (#6356) 2018-09-02 17:23:46 +10:00
Rishabh Nambiar
4194d1f875 UX: Add padding between fa-chevron-up/down and heading for groups page 2018-09-01 10:14:54 +05:30
Gerhard Schlager
16974df1e9 FIX: Resetting site setting didn't remove "overriden" state 2018-09-01 02:09:23 +02:00
Jeff Atwood
690908993f reduce default post deletions per day 2018-08-31 13:27:25 -07:00
Neil Lalonde
f0b551b684 UX: avatar on collapsed user profile was the wrong size 2018-08-31 10:38:58 -04:00
Bianca Nenciu
39414068ff FIX: User agent browser detection (#6352) 2018-08-31 14:49:38 +02:00
Gerhard Schlager
ddfd02ad36 FIX: Deleting backup failed after uploading backup 2018-08-31 13:50:32 +02:00
Osama Sayegh
60eff9421a FIX: precompile desktop_theme and mobile_theme stylesheets
required for environments that pre stage docker images and keep old image running during the deploy
2018-08-31 21:23:55 +10:00
Gerhard Schlager
91b3f200f4 UX: Primary button didn't have hover effect anymore 2018-08-31 12:14:41 +02:00
Gerhard Schlager
5310b4841d UX: Show Rollback and Backup buttons on same line 2018-08-31 12:01:59 +02:00
Arpit Jalan
8ce8edaf40 bump onebox version 2018-08-31 15:10:11 +05:30
Guo Xiang Tan
5a214a687c FIX: Exclude UserAuthToken and UserAuthTokenLog in user webhook. 2018-08-31 17:25:56 +08:00
Guo Xiang Tan
ae2f00ee73 DEV: Include the thread in the error message. 2018-08-31 17:14:19 +08:00
Régis Hanol
6ada825a4d fix linting 2018-08-31 10:49:44 +02:00
Bianca Nenciu
931cffcebe FEATURE: Let users see their user auth tokens. (#6313) 2018-08-31 10:18:06 +02:00
Sam
b3aab1770f FIX: set old last modified date for invalid avatars
In some cases Akami was holding tight to these invalid avatars,
to avoid this happening we explain the avatar image is ancient
then when a new upload is added it automatically is older than
this.
2018-08-31 17:07:31 +10:00
Sam
1866a8e8da correct invalid spec 2018-08-31 15:06:30 +10:00