Arpit Jalan
a6d50d1ff7
FEATURE: new settings to control posts deletions rate limit
2018-06-28 17:03:37 +05:30
Arpit Jalan
c352f8eb15
FEATURE: rate limit post deletions to 50 per day
2018-06-28 16:38:58 +05:30
Maja Komel
ec3e6a81a4
FEATURE: Second factor backup
2018-06-28 10:12:32 +02:00
Arpit Jalan
6bcdc3ba4b
FEATURE: allow author to delete posts irrespective of post_edit_time_limit
2018-06-26 21:43:06 +05:30
Arpit Jalan
7efdccdbc5
FIX: allow staff to remove tags from queued topics
2018-06-26 17:08:40 +05:30
Joffrey JAFFEUX
95d99de7b4
FIX: hides durability section in dashboard if backups are disabled
2018-06-20 22:26:37 +02:00
Guo Xiang Tan
0365806b93
FIX: Properly display error when post action fails to create.
2018-06-20 21:20:23 +08:00
Sam
5f64fd0a21
DEV: remove exec_sql and replace with mini_sql
...
Introduce new patterns for direct sql that are safe and fast.
MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API
- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder
See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Joffrey JAFFEUX
f2dbe66367
FEATURE: adds a /admin/reports route to list all reports
2018-06-18 12:31:56 +02:00
Rafael dos Santos Silva
51cb38783e
FIX: start_url was wrong in non-subfolder
2018-06-15 14:29:33 -03:00
Rafael dos Santos Silva
8fc08aad09
FEATURE: Update the webmanifest
...
- Remove share target because the spec is changing
- Allow any orientation again because natural is too restrictive
- Use correct file and mime types for the manifest
2018-06-14 00:13:28 -03:00
Sam Saffron
030e322a39
FEATURE: block top level /my/ routes
2018-06-12 19:47:45 +10:00
Jeff Wong
44ee26721a
FIX: add check for missing assets file in development
2018-06-11 11:18:34 -07:00
Arpit Jalan
f9ab3848ed
FEATURE: support disabling emails for non-staff users
2018-06-07 18:31:08 +05:30
Guo Xiang Tan
ad5082d969
Make rubocop happy again.
2018-06-07 13:28:18 +08:00
Sam
89ad2b5900
DEV: Rails 5.2 upgrade and global gem upgrade
...
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated
Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Vinoth Kannan
d8e641cd98
FIX: avatar_url includes upload_path twice when local storage used
2018-06-06 18:27:30 +05:30
Guo Xiang Tan
a83ab01264
REFACTOR: Remove extra param for group mentionable and messableable route.
2018-06-06 09:42:09 +08:00
Arpit Jalan
f8d82f135f
FIX: do not verify group visibility when checking for mentionable/messageable
2018-06-05 16:59:21 +05:30
Guo Xiang Tan
95f9b72351
FIX: Update activation email route was returning a generic json error.
2018-05-31 14:19:43 +08:00
Guo Xiang Tan
21e9315416
FIX: Use user account email instead of auth email when totp is enabled.
...
https://meta.discourse.org/t/github-2fa-flow-broken/88674
2018-05-30 12:15:12 +08:00
Guo Xiang Tan
a081771950
Merge pull request #5872 from OsamaSayegh/users-controller-specs-to-request
...
REFACTOR: users contollers specs => request specs
2018-05-28 13:32:37 +08:00
OsamaSayegh
449399bef3
return 403 forbidden when local logins disabled
2018-05-26 05:18:19 +03:00
Régis Hanol
5b2e7c8d10
fix the build
2018-05-26 03:11:10 +02:00
Robin Ward
4195c7c9ea
FEATURE: Ability to clear a user's penalty history
...
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
2018-05-25 12:54:22 -04:00
Guo Xiang Tan
569f63b8a2
Merge pull request #5825 from featheredtoast/extend-service-worker-cache
...
FIX: update cache times for service workers
2018-05-25 09:28:17 +08:00
Sam
53b97b28f0
FIX: in rare conditions post timing would miss the user
2018-05-24 15:38:33 +10:00
Neil Lalonde
3db1032bfd
FIX: not found page shouldn't include the Google search form for sites with login_required enabled
2018-05-23 16:59:02 -04:00
Blake Erickson
3edca8b104
Return a 403 instead of 200 when trying to delete a user with posts
...
See [this commit][1] for more info
[1]: bd352a17bf
2018-05-22 17:02:02 -06:00
Sam
3e06def856
FIX: If we have no logo defined use sketch in manifest
2018-05-22 12:10:59 +10:00
Sam
788ca1f112
FIX: stop adding email to unsubscribe url
...
Instead of adding email to unsubscribe url store it in redis for 1 hour
rate limit calls to unsubscribe endpoint to ensure there is no risk of
bloating redis
Also move controller to request specs
2018-05-22 09:07:03 +10:00
Guo Xiang Tan
467d91347a
Missing specs for Group
, Tag
, Category
and Flag
web hooks.
2018-05-21 17:29:58 +08:00
Arpit Jalan
9f422c93f6
FIX: restrict updates on confirm_old_email
email templates
2018-05-19 12:19:59 +05:30
Arpit Jalan
003b7f06ad
FIX: rescue specific error
2018-05-18 09:52:16 +05:30
Jeff Wong
04c7dbafa3
FIX: manifest.json better detection at mime type. Find size if uploaded
2018-05-17 14:45:24 -07:00
Jeff Wong
41ffafb65e
FIX: best effort at returning correct mime types in manifest.json
2018-05-17 12:14:39 -07:00
Régis Hanol
53f8f6095d
FEATURE: staff action logs when creating/updating/deleting badges
2018-05-17 18:09:27 +02:00
Arpit Jalan
9532d9a555
FIX: handle invalid tags
2018-05-17 19:33:12 +05:30
Régis Hanol
131b7f5da5
make 🤖 rubocop happy
2018-05-16 16:35:04 +02:00
Joe Buhlig
3cd4c82c49
Allow parameters for group and username filters on directory ( #5815 )
2018-05-16 16:20:17 +02:00
Régis Hanol
5e97a9bfb7
FIX: tags in a 'visible by everyone but usable only by staff' group weren't visible by everyone
2018-05-16 09:48:19 +02:00
Sam
ff90881238
DEV: fix live refresh if you have a custom theme selected in dev
2018-05-16 17:25:49 +10:00
Sam
21e0b7c818
avoid async report pattern and replace with simpler hijack
2018-05-16 16:05:03 +10:00
Sam
193b6d5651
UX: improve new dashboard
...
- top referred topics
- limit search logs to 8 results
2018-05-15 15:08:36 +10:00
Jeff Wong
e4a33cbc0a
FIX: update cache times for service workers
...
Add a last modified time.
Register newer service workers and claim clients more quickly.
2018-05-14 12:29:24 -07:00
Régis Hanol
e9abdaebbe
UX: show an enveloppe icon when a badge is used in messages
...
- the badge count now includes messages
- only show the message badges to admins
2018-05-14 19:02:00 +02:00
Sam
6332d5040d
UX: switch dashboard to be the new dashboard
...
Also:
- add pageviews
- add problems and version sections
2018-05-14 13:07:59 +10:00
Sam
bc9e0d46af
PERF: use cached reports for dashboard if available
2018-05-14 12:01:44 +10:00
Régis Hanol
37232fcb58
FIX: staff members should see all tags
2018-05-13 17:50:21 +02:00
Régis Hanol
2cf6fb7359
FIX: always unstage users when they log in
2018-05-13 17:00:02 +02:00
Régis Hanol
be6404d651
FIX: redirect users after signing up with a social login when using SSO provider
2018-05-13 16:03:11 +02:00
Régis Hanol
09cf35c760
FIX: redirect users after signing up using SSO provider
2018-05-12 00:41:27 +02:00
Régis Hanol
abda21a41f
Revert "FIX: redirect to sso_destination_url after account activation"
...
This reverts commit 0402e97368
.
2018-05-11 22:55:45 +02:00
Régis Hanol
0402e97368
FIX: redirect to sso_destination_url after account activation
2018-05-11 19:57:04 +02:00
Régis Hanol
2958e17cde
remove duplicate code
2018-05-11 12:16:37 +02:00
Sam
8a783412b7
UX: improvements to new dashboard
...
- remove inactive user report and replace with posts
- clean up internals so grouping by week happens on client
- when switching periods old report was not destroyed leading to bugs
- calculate trend based on previous interval ... not previous 30 days
- show percentages for mau/dau
- be more careful about utc date usage
- show uniqu and click through rate on search panel
- publish key of report with report so we only load the correct one
- subscribe earlier in channel in case of concurrency issues
2018-05-11 13:30:32 +10:00
Blake Erickson
bd352a17bf
FIX: Show a json api response when deleting a user with posts
...
A 500 error was actually caused with no response when using the api, so
it wasn't very clear that you need to delete the posts first when using
the api.
2018-05-10 13:04:36 -06:00
Guo Xiang Tan
bbc85258c9
Rename display_plugins
-> visible_plugins
.
2018-05-09 07:52:45 +08:00
Arpit Jalan
83245aa508
FIX: better handling of invite links after they are redeemed
...
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
Guo Xiang Tan
c6f45fcfdb
Expose an API for plugins to be hidden on the admin plugin page.
2018-05-08 13:24:58 +08:00
Arpit Jalan
3a6e137e70
FIX: add context for deactivated user logs
2018-05-08 08:18:04 +05:30
Misaka 0x4e21
ff6be3c2e3
FEATURE: add profile_background fields into SSO ( #5701 )
...
Add profile_background and card_background fields into Discourse SSO.
2018-05-07 10:03:26 +02:00
Guo Xiang Tan
aa0d32231c
FIX: Incorrect query when removing a group owner.
...
https://meta.discourse.org/t/group-rename-and-group-owners-removal-problems/85596
2018-05-07 13:57:00 +08:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android ( #5792 )
...
* Feature: Push notifications for Android
Notification config for desktop and mobile are merged.
Desktop notifications stay as they are for desktop views.
If mobile mode, push notifications are enabled.
Added push notification subscriptions in their own table, rather than through
custom fields.
Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Neil Lalonde
a0447b47e0
UX: when deleting a user, show a modal indicating that the delete is happening. User hijack so requests don't time out.
2018-05-03 16:18:19 -04:00
Joffrey JAFFEUX
980972182f
dashboard next: caching, mobile support and new charts
2018-05-03 15:41:41 +02:00
Neil Lalonde
bd77795d7a
REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges
2018-04-26 13:25:24 -04:00
Robin Ward
a5172a37e0
Allow staff members to enable safe mode, even if disabled
2018-04-25 11:49:57 -04:00
Gerhard Schlager
ed4c0c4a63
FEATURE: Add option to delete all replies of flagged post
2018-04-24 11:08:05 -04:00
Sam
146a6c3592
FIX: exclude topics from latest in /categories on refresh
...
When you hit refresh on categories page it would not supress correctly
2018-04-24 11:07:26 -04:00
Robin Ward
fd14ee4797
FEATURE: Allow safe mode to be disabled
2018-04-24 11:03:33 -04:00
Sam
54d153068a
DEV: remove qunit rails fork and add a couple of async tests
2018-04-23 16:42:40 +10:00
Guo Xiang Tan
70d181bff8
FIX: Better error message in GroupsController#add_members
.
...
https://meta.discourse.org/t/cant-add-members-to-a-group/85738?u=tgxworld
2018-04-20 10:28:52 +08:00
Rafael dos Santos Silva
9014ca4624
FEATURE: Enable the Web Share Target API
...
This will allow a Discourse instance that was installed[1] to receive share events.
See https://wicg.github.io/web-share-target/ for the spec.
1: https://developers.google.com/web/fundamentals/app-install-banners/
2018-04-19 17:00:05 -03:00
Arpit Jalan
91bf10bd12
FIX: create upload record for exported csv files
2018-04-20 00:27:49 +05:30
Joffrey JAFFEUX
0e414d0890
dashboard next: trending search report
...
This commit also improves how data is loaded sync and async
2018-04-19 18:19:21 +02:00
Joffrey JAFFEUX
01c061d20d
dashboard next: perf and UI tweaks
...
* cache CORE reports
* adds backups/uploads section
* few css tweaks
2018-04-18 21:30:41 +02:00
Robin Ward
3d7dbdedc0
FEATURE: An API to help sites build robots.txt files programatically
...
This is mainly useful for subfolder sites, who need to expose their
robots.txt contents to a parent site.
2018-04-16 15:43:20 -04:00
Arpit Jalan
9353ae4b5d
Remove obsolete per topic unsubscribe page.
2018-04-16 16:11:20 +05:30
Joffrey JAFFEUX
0e15a575f4
EXPERIMENTAL: new dashboard UI
...
This is the first iteration of an effort towards making a very good dashboard.
Until we feel confident this is good, this dashboard will only be accessible through /admin/dashboard_next
2018-04-16 10:42:06 +02:00
Arpit Jalan
a1ef455c78
SECURITY: do not show private topic title on /unsubscribed page
2018-04-16 10:35:57 +05:30
Arpit Jalan
a8a12eb2d9
SECURITY: do not disclose topic titles on /unsubscribed page to unauthorized users
2018-04-15 18:01:58 +05:30
Arpit Jalan
18f50ca01a
FIX: parameterize tag_id
2018-04-14 16:42:53 +05:30
Sam
3632b8d8d6
FEATURE: provide extra signal about content age to crawlers
...
Adds Last-Modified field to help teach crawlers not to crawl old content
2018-04-13 14:58:33 +10:00
Régis Hanol
df7970a6f6
prefix the robots.txt rules with the directory when using subfolder
2018-04-11 22:05:02 +02:00
Arpit Jalan
9ca6ebe8fe
FEATURE: enforce tagging on categories
2018-04-11 07:15:24 +05:30
Arpit Jalan
3a86a2588c
FIX: bulk append/replace tags was not working
2018-04-10 13:01:03 +05:30
Sam
5925a581db
array is not supported here, use a simple comma delimited list
2018-04-10 14:37:10 +10:00
Guo Xiang Tan
d9d86577ff
FIX: Staff users are not affected by enable_group_directory
site setting.
2018-04-10 09:22:01 +08:00
Guo Xiang Tan
c82b2dcc24
Remove admin group management pages.
2018-04-09 15:14:50 +08:00
Arpit Jalan
185d6ac747
FIX: use safe navigation operator when checking for totp_enabled
2018-04-09 12:33:41 +05:30
Guo Xiang Tan
0623785f69
FIX: Prevent group owners from editing admin only settings.
2018-04-06 11:44:58 +08:00
Sam
3a7b696703
FEATURE: allow for setting crawl delay per user agent
...
Also moved to default crawl delay bing so no more than a req every 5 seconds is allowed
New site settings:
"slow_down_crawler_user_agents" - list of crawlers that will be slowed down
"slow_down_crawler_rate" - how many seconds to wait between requests
Not enforced server side yet
2018-04-06 10:15:23 +10:00
Gerhard Schlager
cd6a99a027
FEATURE: Send a different PM when a post has been hidden more than once
2018-04-05 14:03:21 +02:00
Guo Xiang Tan
e36e9de28a
Allow admin to view logs of automatic groups.
2018-04-05 16:31:55 +08:00
Guo Xiang Tan
8760c4d68c
Fix GroupsController#group_params
to allow more group attributes to be updated.
2018-04-05 13:53:00 +08:00
Vinoth Kannan
434cbc649f
FEATURE: Webhook for tag events
2018-04-04 17:49:20 +05:30
Vinoth Kannan
16341219ab
Log exception if remote theme importing failed
2018-04-02 20:10:18 +05:30
Guo Xiang Tan
142571bba0
Remove use of rescue nil
.
...
* `rescue nil` is a really bad pattern to use in our code base.
We should rescue errors that we expect the code to throw and
not rescue everything because we're unsure of what errors the
code would throw. This would reduce the amount of pain we face
when debugging why something isn't working as expexted. I've
been bitten countless of times by errors being swallowed as a
result during debugging sessions.
2018-04-02 13:52:51 +08:00
Vinoth Kannan
efb19dbdaf
Merge pull request #5705 from discourse/new_webhooks
...
FEATURE: Webhook for group and category events
2018-04-02 10:53:21 +05:30