Commit Graph

30955 Commits

Author SHA1 Message Date
Rishabh
c279792130 FIX: Allow sending test e-mails to any email address when disable_email is set to non-staff (#6792) 2018-12-18 16:12:05 +01:00
Gerhard Schlager
32784ad11a FIX: Disable multipart backup uploads to S3
Multipart upload from within the browser result in corrupt files on S3.
2018-12-18 16:01:15 +01:00
Gerhard Schlager
081aa6ad2b UX: Use new FA5 icons on Backups tab 2018-12-18 16:01:14 +01:00
Gerhard Schlager
86546bb5c6 DEV: Use locale fallback even in development mode
Making dev behave differently than prod is a bad idea.
2018-12-18 16:01:14 +01:00
Bianca Nenciu
825ae86857 FEATURE: Remove full quote only if first paragraph. (#6793) 2018-12-18 15:46:20 +01:00
Vinoth Kannan
a313b01148 DEV: raise error if search term length is less than required 2018-12-18 20:06:59 +05:30
Vinoth Kannan
341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column (#6791) 2018-12-18 19:13:46 +05:30
Gerhard Schlager
577af81e76 FIX: Font tag resulted in wrong email trimming 2018-12-18 11:40:54 +01:00
Gerhard Schlager
37461a6398 FIX: Weird mixture of line breaks resulted in wrong email trimming 2018-12-18 11:40:54 +01:00
Maja Komel
98d09c90ac Current user serializer groups (ef7f84b follow-up) 2018-12-18 09:05:45 +01:00
Guo Xiang Tan
5c2e194d01 SECURITY: Users can pick non-avatar uploads.
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:38:25 +08:00
Guo Xiang Tan
899caf35ba Revert "SECURITY: User could non-avatar uploads."
This reverts commit 89581fa301.
2018-12-18 13:37:31 +08:00
Guo Xiang Tan
89581fa301 SECURITY: User could non-avatar uploads.
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:35:33 +08:00
Guo Xiang Tan
d7660dfe40 FIX: Enabling readonly mode should clear anon cache as well. 2018-12-18 11:56:25 +08:00
Sam Saffron
abbbcb2622 DEV: allow creating users with random passwords via rake
Use: `RANDOM_PASSWORD=1 bin/rake admin:create`

Handy in conjunction with dev mode /session/username/become.
2018-12-18 11:43:16 +08:00
Jeff Atwood
f67cc2a540 minor copyedit 2018-12-17 19:31:02 -08:00
Kris
2a518c88d0 Prevent bullet badge from shrinking/growing as flex item 2018-12-17 21:05:32 -05:00
Kris
7d7b6baab9 Topic-list category width restriction no longer needed 2018-12-17 21:01:04 -05:00
Vinoth Kannan
efcea148eb DEV: Use destroy! method to raise error if any (#0d3c1cde) 2018-12-18 03:05:43 +05:30
Vinoth Kannan
ece44a44f8 UX: Change default date range of dashboard trending search report to a month 2018-12-18 03:00:30 +05:30
Gerhard Schlager
2bdbca3801 DEV: Remove unnecessary to_not raise_error from specs
Follow-up to 01cdbd3a13
2018-12-17 16:10:10 +01:00
Bianca Nenciu
5bda4d26b4 FIX: Rescue errors in job. (#6745) 2018-12-17 15:28:57 +01:00
Bianca Nenciu
f0027961c7 FIX: Properly reset controller of admin-user-index. (#6760) 2018-12-17 15:28:29 +01:00
Bianca Nenciu
1023003eba FIX: Strip remote url before import. (#6762) 2018-12-17 15:27:49 +01:00
Joffrey JAFFEUX
22cea9ce90
FIX: adusts select-kit position even if not expanded (#6785) 2018-12-17 12:29:51 +01:00
Joffrey JAFFEUX
6ee3900791
FIX: ensures nothing is triggering rendering loop in after render (#6784) 2018-12-17 12:15:03 +01:00
Gerhard Schlager
01cdbd3a13 FEATURE: Prohibit S3 bucket reusage
This validation makes sure that the s3_upload_bucket and the
s3_backup_bucket have different values. The backup bucket is
allowed to be a subfolder of the upload bucket. The other way
around is forbidden because the backup system searches by
prefix and would return all files stored within the backup
bucket and its subfolders.
2018-12-17 11:35:28 +01:00
Gerhard Schlager
1a8ca68ea3 FEATURE: Improve backup stats on admin dashboard
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
Maja Komel
040ddec63d Fix avatar flair styles 2018-12-17 10:44:34 +01:00
Guo Xiang Tan
c0aae16f6b FIX: Clear anon cache when disabling readonly mode.
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
Guo Xiang Tan
9e795b9d90 Follow up to 704a122656. 2018-12-17 16:39:46 +08:00
Guo Xiang Tan
e75ad37aaf FIX: Switch recently readonly mdoe cache to a DistributedCache.
A per process cache is hard to reason about. During PostgreSQL
failovers. The site may bounce in and out of readonly mode depending on
which server and process that a request hits.
2018-12-17 13:28:36 +08:00
Guo Xiang Tan
704a122656 Remove Ruby warning due to assignment in conditional. 2018-12-17 13:08:12 +08:00
Saurabh Patel
ed1a309fe4 FIX: use new key for delete topic to make it lowercased as all other buttons label around it (#6778) 2018-12-17 10:55:19 +08:00
Gerhard Schlager
7e1f20b07f FIX: Create CORS rule on S3 only before a backup upload 2018-12-17 00:15:37 +01:00
Joffrey JAFFEUX
d803dfc14a
FIX: makes more resilient select-kit positioning (#6776) 2018-12-15 16:23:23 +01:00
Kris
6213e020e6 Improving usercard badge alignment 2018-12-14 22:16:18 -05:00
Guo Xiang Tan
e9ea0102a5 FIX: Consistency about our response for invalid user id in Admin::UsersController. 2018-12-15 08:01:35 +08:00
Neil Lalonde
ef0e84e3d9 FIX: clear the site_contact_username setting if the user's staff privileges are revoked 2018-12-14 16:52:44 -05:00
Vinoth Kannan
0d3c1cde90 FIX: Use find_by_id method to prevent record not found exception 2018-12-15 03:19:45 +05:30
David Taylor
430083019d UX: Improve dashboard report title copy
Make capitalization consistent, and slightly improve clarity of two headings
2018-12-14 17:37:07 +00:00
Neil Lalonde
4ddaceda1a Version bump to v2.2.0.beta6 2018-12-14 12:21:55 -05:00
David Taylor
1960236822
FIX: Suspicious login detection (#6772) 2018-12-14 16:30:34 +00:00
David Taylor
77fe57f923 FEATURE: Rake task to list users which have been staff in the past month 2018-12-14 16:29:12 +00:00
David Taylor
9f3e2a9e34
FIX: Only serialize group membership domains for administrators (#6771) 2018-12-14 15:47:00 +00:00
Penar Musaraj
a19f69590a DEV: add "topic-list-before-relative-date" plugin outlet 2018-12-14 10:39:22 -05:00
Neil Lalonde
124ae46763 Update translations 2018-12-14 10:34:12 -05:00
Kris
2f70bd83a3 Increase contrast of pinned excerpt for dark themes 2018-12-14 10:04:44 -05:00
Kyle Zhao
b0c2e9bb05
minor changes to default script-src (#6770)
- add report-sample to force require a sample of the violating code
- do not whitelist GA/GTM's entire domain
2018-12-14 08:17:31 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00