github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-04 18:03:43 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
27,551 Commits 214 Branches 500 Tags 960 MiB
93b40d5e59
Commit Graph

242 Commits

Author SHA1 Message Date
Sam
bc0b9af576 FEATURE: support uploads for themes 
This allows themes to bundle various assets
 2017-05-10 15:47:11 -04:00
Sam Saffron
c2829dce22 FIX: base sql vanishes after badge creation 2017-05-09 09:25:57 -04:00
Arpit Jalan
e89d0a6b20 FIX: importing a theme via file was broken 2017-05-08 12:03:24 +05:30
Guo Xiang Tan
3eb920e2b0 Merge pull request #4841 from fantasticfears/webhook-ping 
add event name for ping webhooks in the header
 2017-05-04 04:54:40 +08:00
Sam
342ef5f81a FEATURE: out-of-the-box dark/light user selectable themes 2017-05-03 11:31:33 -04:00
Sam
946f25098f Refactor theme fields so they support custom theme defined vars 
This paves the way to allowing themes to specify uploads and so on.
 2017-05-02 16:02:14 -04:00
Erick Guan
9f8a917d65 add event name for ping webhooks in the header 2017-05-02 08:13:23 +02:00
Arpit Jalan
285c167fae FEATURE: provide more details when performing a bulk add to group 2017-04-27 01:37:51 +05:30
Guo Xiang Tan
423f2ab228 FIX: Processing incoming email should be done in a background job. 2017-04-24 13:57:28 +08:00
Sam
d4111c8676 correct spec 2017-04-20 17:24:21 -04:00
Sam
809fbb25ce FIX: blanking theme field was not properly removing it 2017-04-13 17:24:15 -04:00
Guo Xiang Tan
3d76fb9c2c FIX: Don't show category options for reports that can't be scoped to a category. 2017-04-13 17:10:55 +08:00
Sam
a3e8c3cd7b FEATURE: Native theme support 
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
 2017-04-12 10:53:49 -04:00
Robin Ward
17f2974d0a SECURITY: Confirm new administrator accounts via email 2017-04-04 15:59:01 -04:00
Guo Xiang Tan
3ef82bb32c SECURITY: CSRF vulnerabilities in Admin::BackupsController. 2017-03-23 10:29:35 +08:00
Guo Xiang Tan
1a7e954e09 FIX: Store custom emojis as uploads. 
* Depending on a hardcoded directory was a flawed design
  which made it impossible to debug when custom emojis go
  missing.
 2017-03-14 13:07:18 +08:00
Arpit Jalan
d5bcc70e9c FIX: grant trust level when bulk adding users to group 2017-03-06 14:39:53 +05:30
Blake Erickson
80858bae2c FEATURE: further restrict downloading of backups 
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
 2017-03-01 08:28:34 -07:00
Régis Hanol
f51e3b2131 FIX: should not be able to rename a system badge 2017-02-20 14:35:05 +01:00
Sam
2dec731da3 SECURITY: correctly validate input when admin searches for screened ips 2017-02-06 16:11:16 -05:00
Régis Hanol
fbf9172db8 FIX: log backups download/destroy staff action 
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
 2017-01-16 19:53:31 +01:00
Guo Xiang Tan
515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00
Guo Xiang Tan
7c7c233c1c FIX: Can't update Groups#allow_membership_requests in admin. 2016-12-20 15:14:35 +08:00
Guo Xiang Tan
43ee9f884e FEATURE: Add Group#full_name. 2016-12-13 16:16:26 +08:00
Guo Xiang Tan
da7009a968 FEATURE: Add request membership button for allowed groups. 2016-12-12 22:48:08 +08:00
Guo Xiang Tan
05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Guo Xiang Tan
be5b5f6bea FEATURE: Public groups. 2016-12-12 17:00:30 +08:00
Guo Xiang Tan
37b256e7f2 Fix specs. 2016-12-05 17:13:58 +08:00
Guo Xiang Tan
31acd311e5 FEATURE: Allow group owners to edit group name and avatar flair. 2016-12-05 14:27:46 +08:00
Guo Xiang Tan
5794f1619d PERF: Fix N+1 queries when loading groups. 2016-11-26 02:20:26 +08:00
Régis Hanol
81e2a0099f FIX: ensure the group 'everyone' is never shown when using a different locale 2016-10-24 10:53:31 +02:00
cpradio
0d2d8797b6 FIX: Backup validation wasn't escaping hyphens 2016-09-16 15:20:42 -04:00
Guo Xiang Tan
a04dadf9b4 FIX: Randomly failing specs try 2. 2016-09-16 15:10:37 +08:00
Guo Xiang Tan
903d1dd326 FIX: Randomly failing specs. 2016-09-16 14:56:59 +08:00
Guo Xiang Tan
512922d776 SECURITY: Add filename validation for backup uploads. 2016-09-16 11:58:14 +08:00
Neil Lalonde
2251104e32 FEATURE: avatar flair can be font awesome icons 2016-08-26 17:15:37 -04:00
Neil Lalonde
d079f69b7b FEATURE: add flair to avatars using new settings in the groups admin UI 2016-08-17 15:13:15 -04:00
Sam
c6dbaca0dc SECURITY: disable user entered badge SQL by default 
- Hidden site settings now must be change via rails console
 2016-07-28 09:03:00 +10:00
Arpit Jalan
c626558d36 UX: group pages should not show Messages tab to unauthorised users (#4318) 2016-07-09 00:50:04 +05:30
Robin Ward
ccf9b70671 When restoring a backup, disable emails. 
This prevents accidental sending of emails after a restore before
the admin has had a chance to review everything.
 2016-06-24 17:15:15 -04:00
Sam
a130cb8305 FEATURE: move more urgent emails notifications to critical queue 
Move signup, admin login and password change email notifications
to critical queue
 2016-04-07 14:39:01 +10:00
Guo Xiang Tan
9a5ded48cf FIX: Return a proper error message when sync sso fails. 2016-03-26 13:30:15 +08:00
Arpit Jalan
bfaa4cdb37 FEATURE: compose a new pre-filled private message to a group via URL 2016-03-03 00:19:06 +05:30
Erick Guan
35142847ba FIX: Prepend the user id before username in admin user routes 2016-02-09 15:14:13 +01:00
Sam
b75353c26f correct specs 2016-01-27 23:40:45 +11:00
Sam
d20f6e0cb0 fix test and comment out js test for now 2015-12-20 17:34:15 +11:00
Arpit Jalan
4c967d11b4 FEATURE: log site text changes 2015-12-18 19:42:06 +05:30
Régis Hanol
15c229195f FEATURE: notification_level on a per-group basis 2015-12-14 23:17:09 +01:00
Régis Hanol
578f606a1a add 'incoming_email' to groups 2015-12-07 12:39:28 +01:00
Andy Waite
3e50313fdc Prepare for separation of RSpec helper files 
Since rspec-rails 3, the default installation creates two helper files:
* `spec_helper.rb`
* `rails_helper.rb`

`spec_helper.rb` is intended as a way of running specs that do not
require Rails, whereas `rails_helper.rb` loads Rails (as Discourse's
current `spec_helper.rb` does).

For more information:

https://www.relishapp.com/rspec/rspec-rails/docs/upgrade#default-helper-files

In this commit, I've simply replaced all instances of `spec_helper` with
`rails_helper`, and renamed the original `spec_helper.rb`.

This brings the Discourse project closer to the standard usage of RSpec
in a Rails app.

At present, every spec relies on loading Rails, but there are likely
many that don't need to. In a future pull request, I hope to introduce a
separate, minimal `spec_helper.rb` which can be used in tests which
don't rely on Rails.
 2015-12-01 20:39:42 +00:00
Robin Ward
5e93140f85 FEATURE: Can override any translation via an admin interface 2015-11-27 11:35:19 -05:00
Sam Saffron
6dd4bc7d57 FEATURE: support group owner, capable of controlling group membership 
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members

Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
 2015-11-10 00:56:57 +11:00
Leo McArdle
fe5264f9e9 filter by username in email digest preview 
adds a user prompt on the email digest preview page to generate a preview for a particular user
also fixes some broken styling on the page
 2015-10-30 18:11:38 +00:00
Robin Ward
23371b026d FIX: Don't raise an error if you try to assign a group that exists 2015-10-28 12:21:54 -04:00
Robin Ward
47e25648df FEATURE: Change user groups in bulk via admin 2015-10-26 15:57:30 -04:00
Neil Lalonde
1bd0f5b015 FEATURE: group can grant a trust level when a user is added 2015-09-01 16:52:12 -04:00
Régis Hanol
1a82a59f47 fix the build 2015-08-27 22:46:30 +02:00
Régis Hanol
73624e63c5 FIX: revoke any api keys when suspending an user 2015-08-23 22:33:37 +02:00
Robin Ward
d1c69189f3 FEATURE: Can edit category/host relationships for embedding 2015-08-20 15:56:04 -04:00
Jonathan Brachthaeuser
c0e88724c2 Preserve user-field options when updating user-fields 
Avoid deleting options of the user-field when no options are
transmitted.
 2015-08-17 19:01:20 +02:00
Robin Ward
118763df50 FIX: Broken spec 2015-08-10 10:34:40 -04:00
Robin Ward
dc8a68fd29 FEATURE: New "Dropdown" user field type 2015-07-28 12:30:21 -04:00
Arpit Jalan
dc90c396f2 FEATURE: manage Permalinks 2015-07-17 01:26:02 +05:30
Régis Hanol
c91634c09a FIX: support for async uploads of emojis 2015-05-20 16:45:48 +02:00
Arthur Neves
b8cbe51026
Convert specs to RSpec 2.99.2 syntax with Transpec 
This conversion is done by Transpec 3.1.0 with the following command:
    transpec

* 424 conversions
    from: obj.should
      to: expect(obj).to

* 325 conversions
    from: == expected
      to: eq(expected)

* 38 conversions
    from: obj.should_not
      to: expect(obj).not_to

* 15 conversions
    from: =~ /pattern/
      to: match(/pattern/)

* 9 conversions
    from: it { should ... }
      to: it { is_expected.to ... }

* 5 conversions
    from: lambda { }.should_not
      to: expect { }.not_to

* 4 conversions
    from: lambda { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should
      to: expect { }.to

* 2 conversions
    from: -> { }.should_not
      to: expect { }.not_to

* 1 conversion
    from: === expected
      to: be === expected

* 1 conversion
    from: =~ [1, 2]
      to: match_array([1, 2])

For more details: https://github.com/yujinakayama/transpec#supported-conversions
 2015-04-25 11:18:35 -04:00
Arpit Jalan
499bed69e2 FIX: show error message if user already exist in group 2015-04-15 14:15:58 +05:30
Robin Ward
869d8e25ad Promotion fails if the user account isn't old enough yet. 2015-04-14 12:14:59 -04:00
Sam
75890aed26 FEATURE: allow admins to choose a group as a primary group 
FEATURE: allow admins to set a default title for a group
 2015-04-10 12:17:28 +10:00
Sam
89ea125c73 automatic need only be added once to the hash 2015-03-18 17:47:39 +11:00
Robin Ward
005b8bf7c3 FIX: When creating a SSO user via sync, do not user the IP address. 2015-02-25 14:41:23 -05:00
Dan Singerman
1c545d4c1e Allow adding and removing members of groups by username or id 
As discussed here: https://meta.discourse.org/t/discourse-gem-group-add/25668/2.
 2015-02-25 14:52:13 +00:00
Robin Ward
ca5730018a FIX: SSO code should respect IP address filters 2015-02-23 16:01:46 -05:00
Régis Hanol
c4e427cf73 FEATURE: filter screened IP addresses 2015-02-10 19:38:59 +01:00
Robin Ward
8d46de4819 Add a spec for the new plugins controller 2015-02-10 12:35:53 -05:00
Sam
e8323fa534 FIX: removing a group from a user was not removing primary group 2015-02-09 16:03:09 +11:00
Régis Hanol
f7f5e39f75 FIX: Minor Admin bug with a setting when creating a new group 2015-01-23 20:31:48 +01:00
Régis Hanol
256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
Régis Hanol
e300945879 FEATURE: split group admin in 2 tabs (custom & automatic) 
FIX: clear the user-selector when adding new members
 2015-01-21 20:52:48 +01:00
Luciano Sousa
bc73238c8f controllers with rspec3 syntax 2015-01-09 14:04:02 -03:00
Régis Hanol
060cda7772 FIX: proper handling of group memberships 2015-01-05 18:51:45 +01:00
Neil Lalonde
4c166942ad FEATURE: Invite admin api has an optional param send_email which can prevent sending an email to the invited user. The api will return the password reset url so that the caller can send an email with it instead. 2015-01-02 15:48:54 -05:00
Régis Hanol
bfbc49ef6f FIX: log only 1 'show email' record 2014-12-29 11:50:36 +01:00
Régis Hanol
9932bea7ce FEATURE: default emoji override 2014-12-25 17:58:15 +01:00
Arpit Jalan
bb152a5b3f FEATURE: download user posts archive 2014-12-24 15:13:48 +05:30
Régis Hanol
45dbdb6896 FEATURE: custom emojis 2014-12-23 01:12:26 +01:00
Blake Erickson
1d0eccf710 Have activate user return json 
- Change activate user from admin controller to return json
- Test that it returns json
- Remove unnessary test from log_out spec

This commit was created so that when you activate a user through the api
it returns a json response.
 2014-12-08 11:16:57 -07:00
Blake Erickson
bdc92eec70 Have log_out method return json. 
This commit helps improve the discourse_api experience so that we can
check the json response if it was a success or not. This commit also
checks that a 404 is sent instead of a 500 if a bad user_id is passed
in.
 2014-12-01 06:03:25 -07:00
Régis Hanol
5b90ceb71d FEATURE: rolls up 1.2.*.* IP ranges when number of entries > 10 2014-11-27 19:29:30 +01:00
Régis Hanol
7b0ae702e7 FEATURE: log a new staff action when rolling up banned IP addresses 2014-11-24 19:48:54 +01:00
Régis Hanol
1023191315 FEATURE: roll up function for 123.456.789.* ranges 2014-11-24 17:25:48 +01:00
Sam
1c498eb491 FEATURE: API endpoint for inviting an admin 2014-11-24 15:42:56 +11:00
Jason W. May
6f8119ebb8 Merge branch 'master' into group-admin-incremental 2014-11-21 10:04:05 -08:00
Régis Hanol
b8d806ee07 FEATURE: delete all accounts from this IP in the IP lookup modal 2014-11-20 19:59:20 +01:00
Jason W. May
50de22801f API addition: HTTP PATCH support for /groups/xxx: incremental membership changes 2014-11-20 09:29:56 -08:00
Arpit Jalan
aebf36c356 remove /download from csv file url 2014-11-20 00:34:38 +05:30
David McClure
efc4109902 update specs to remove deprecation warnings 2014-11-07 06:05:44 -08:00
Régis Hanol
bb2d538194 FEATURE: log impersonations 2014-11-06 10:58:47 +01:00
Robin Ward
068d22e9b3 Add API support for querying admin reports by date range 2014-11-05 13:11:37 -05:00
Régis Hanol
b09ad87098 FIX: add 'show emails' button from moderators in user admin section 2014-11-03 12:46:08 +01:00
Sam
7d6d8bd0a3 FEATURE: admin end point to sync sso /admin/users/sync_sso 
Must be admin to invoke (api is fine too), uses same sso payload nonce is ignored
 2014-10-28 11:25:21 +11:00