Arpit Jalan
d1632c1dbd
FIX: new-topic URL should survive login redirection
2015-06-14 20:24:47 +05:30
Régis Hanol
189cb3ff12
FEATURE: move migrate_to_new_scheme into a background job
...
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron
c58b495e15
SECURITY: Query @usernames in bulk
...
Otherwise you could add many requests at once while composing.
2015-06-11 13:03:49 -04:00
Robin Ward
ae277e28a6
FEATURE: Allow embedding topics without creating them, by id
2015-06-09 16:24:20 -04:00
Sam Saffron
e3fa27a01c
FEATURE: serialize and update category custom_fields
...
- send to client
- update from client
2015-06-10 06:13:36 +10:00
Robin Ward
7b6d6b76eb
FEATURE: Multiple embeddable hosts
...
- Also refactors two site settings components into one, with tests
2015-06-09 13:25:43 -04:00
Arpit Jalan
71ee84f848
FEATURE: latest posts RSS feed
2015-06-09 21:45:06 +05:30
Robin Ward
5da5269652
FIX: Bad page title for categories view by google crawler
2015-06-08 12:07:35 -04:00
Arpit Jalan
74141cc475
FIX: send 404 error when unauthorized user tries to download user archive
2015-06-08 11:32:31 +05:30
Sam Saffron
4409a3072d
FEATURE: we need admin login always
2015-06-05 18:43:59 +10:00
Régis Hanol
81a699e2b0
better support for mixed content
2015-06-01 17:49:58 +02:00
Sam Saffron
9787cb07aa
FIX: when missing a static topic we were returning an error
2015-06-01 11:40:52 +10:00
Sam
fc2a08731a
FIX: sso_not_approved_url not working correctly
2015-05-30 13:19:07 +10:00
Régis Hanol
80a108e3cf
FIX: don't break user avatars route
2015-05-29 19:19:41 +02:00
Régis Hanol
acafa491b2
user avatar urls/templates refactor
2015-05-29 18:51:17 +02:00
Régis Hanol
0483f05154
make sure we pass in the user_id when creating avatar thumbnails
2015-05-29 18:11:19 +02:00
Régis Hanol
cb025a65e0
FIX: make sure we also save the user_avatar.custom_upload_id
2015-05-29 10:21:41 +02:00
Régis Hanol
c3227b69fa
FIX: proper support for pixel ratios up to 3
2015-05-29 09:57:54 +02:00
Sam
bddbf70697
FIX: order post_actions by date
2015-05-28 16:16:36 +10:00
Sam
bb3fb37650
FIX: when uploading same file was pasted into multiple composers
2015-05-28 15:08:54 +10:00
Neil Lalonde
ea8cf1a208
FIX: topic auto-close uses the client's time zone
2015-05-27 18:01:46 -04:00
Sam
02fa7448ca
FEATURE: custom url to redirect to on account pending approval for sso
2015-05-27 14:06:45 +10:00
Sam
a988cd5abe
FIX: redirect to CDN avatar for s3 avatars
2015-05-27 12:02:57 +10:00
Sam
918034aa7b
remove less useful error reporting
2015-05-27 11:17:28 +10:00
Régis Hanol
992154533f
remove debugging letfovers
2015-05-26 20:08:19 +02:00
Régis Hanol
7b03c7dbc4
Merge pull request #3504 from techAPJ/patch-4
...
FIX: add missing translation keys
2015-05-26 16:08:39 +02:00
Régis Hanol
85d4d3223c
FIX: crop avatars on the server instead of the client
...
FIX: support for dots in S3 bucket names
2015-05-26 15:54:25 +02:00
Arpit Jalan
d21944a0b6
FIX: add missing translation keys
2015-05-26 19:11:37 +05:30
Sam
147ea002f7
FIX: allow handling for avatars that are not in the set of "resized sizes"
2015-05-26 15:41:50 +10:00
Sam
eeda367e70
FIX: should be able to serve optimized image from local if its ... local...
2015-05-26 12:32:52 +10:00
Neil Lalonde
eaa1afeaf5
remove Google OpenID auth, since Google doesn't support it anymore
2015-05-25 15:13:44 -04:00
Régis Hanol
bb0c2813ac
FEATURE: generate (avatar) thumbnails in a background task
...
FIX: keep the "uploading..." indicator until the server replies via the MessageBus
FIX: text was disapearing when uploading an avatar
PERF: always use a region for S3 (defaults to 'us-east-1')
FEATURE: ApplyCDN middleware when using S3
FIX: use the same pattern to store files on S3 and locally
PERF: keep a local cache of uploads when generating thumbnails
FEATURE: migrate_to_s3 rake task
2015-05-25 17:59:00 +02:00
Sam
bcaed90744
fix missing rtl stylesheets
2015-05-23 15:25:05 +10:00
Sam
fe46d1dd3b
PERF: avoid cookies for all static, public, cached forever assets
2015-05-22 16:15:46 +10:00
Sam
96dbeb8608
fix stylesheet cache to recover if file is on disk
2015-05-22 11:22:12 +10:00
Robin Ward
0ed1c8011c
FIX: About page error when login_required
2015-05-21 14:37:49 -04:00
Sam
a0090a4585
fix incorrect handling of date on "globally enabled" stylesheet.
2015-05-21 17:23:54 +10:00
Sam
44fc8e42dc
nginx is stripping ETags, just use last modified instead
2015-05-21 17:05:22 +10:00
Sam
4fbfc6ddbc
PERF: missing caching on CSS and Site Customizations
2015-05-21 16:09:23 +10:00
Régis Hanol
b7f8680618
fix build (:fired:)
2015-05-20 17:51:33 +02:00
Régis Hanol
bcd98c8f0f
FIX: API can provide a URL to create an upload
2015-05-20 17:38:06 +02:00
Régis Hanol
c91634c09a
FIX: support for async uploads of emojis
2015-05-20 16:45:48 +02:00
Régis Hanol
8d967d9065
FEATURE: move all uploads to a single endpoint + defer upload creation in a background thread
2015-05-20 16:45:48 +02:00
Robin Ward
7d23826cee
FIX: Keep around the page when redirecting
2015-05-20 10:16:17 -04:00
Régis Hanol
7d3b7a5657
fix the build
2015-05-20 15:32:31 +02:00
Régis Hanol
b44488b618
FIX: keep to old attachment route
2015-05-20 14:55:42 +02:00
Sam
e5888cf090
PERF: avoid preloading json in cases where it is not needed
...
(uploads / avatars / non GET requests)
2015-05-20 17:12:16 +10:00
Sam
14ab9c45b6
Merge pull request #3470 from ahuling13/expired-nonce-return-status
...
In the case of an expired nonce, return a 400 status code instead of 500
2015-05-20 12:08:17 +10:00
Sam
d1d703718a
Merge pull request #3476 from paulkaplan/sso-distrust-email
...
Add SSO setting to not trust emails automatically
2015-05-20 12:07:14 +10:00
riking
d112f39031
Change extension back to .dcstyle.json
2015-05-19 18:35:16 -07:00
Andrew Huling
e44ddff9bb
Change the expired nonce return status code from 400 to 419.
2015-05-19 13:13:14 -04:00
Régis Hanol
9ded21e4c6
FIX: consistent and future-proof upload storage pattern
2015-05-19 12:31:12 +02:00
riking
fbc06d044f
Use .dcstylejson instead of .dcstyle.json
2015-05-16 20:41:35 -07:00
riking
1e53c179a3
FEATURE: Export customizations as JSON files
2015-05-16 20:24:13 -07:00
Ryan Fox
14d2b76354
Merge branch 'master' into fix-by-external
...
Conflicts:
app/controllers/users_controller.rb
2015-05-15 19:54:11 -04:00
Paul Kaplan
b8a43e153c
Use session controller to prevent inactive SSO users
2015-05-15 12:15:06 -05:00
Régis Hanol
93273cd17a
Merge pull request #3451 from ossobv/sso_login_unapproved_account
...
Stop sso login processing after rendering error
2015-05-15 14:33:19 +02:00
Antonin Hildebrand
11852056a8
Add missing events for discourse-hipchat-plugin
...
https://github.com/binaryage/discourse-hipchat-plugin
2015-05-15 15:52:12 +08:00
Andrew Huling
e1d2ecef10
In the case of an expired nonce, return a 400 status code instead of a 500.
...
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Robin Ward
0b65c88003
Upgrade Notifications to fix deprecations and use store
2015-05-11 11:20:45 -04:00
Harm Geerts
d9a3e82516
Stop sso login processing after rendering error
...
This prevents a DoubleRenderError triggered on the redirect_to.
2015-05-11 14:17:32 +02:00
Arpit Jalan
fc30b771cf
FIX: reply count is off by one
2015-05-11 13:58:53 +05:30
Sam
8277a586bb
usage of raise corrected
2015-05-07 11:00:51 +10:00
Sam
77cc087b13
FIX: proper error message when account created is hit with no session
2015-05-07 11:00:22 +10:00
Sam
376b28b0ed
FIX: raise a 404 if click tracker gets no url
2015-05-06 11:27:41 +10:00
Sam
0f53fc8328
correct emergency regeneration in the controller
2015-05-06 07:33:32 +10:00
Sam
ea670118c1
Add better error handling, correct the location on disk of stylesheet
2015-05-05 23:28:40 +10:00
Sam
f58d85edea
FEATURE: move stylesheet cache out of the uploads directory
2015-05-05 15:50:13 +10:00
Sam
803feefd54
MessageBus handles readonly redis now, no need to wrap it
2015-05-04 12:21:00 +10:00
Arpit Jalan
23fd16850a
FIX: include youtube link in embedded comments
2015-05-01 18:34:45 +05:30
Robin Ward
16408cee06
Allow Postgres to trigger readonly mode for the site.
2015-04-29 11:49:58 -04:00
Sam
729aaa826b
Merge pull request #3404 from techAPJ/patch-1
...
FEATURE: magic login route for admin when SSO is enabled
2015-04-28 07:47:50 +10:00
Robin Ward
ecafbb0a63
Can delete users via the moderation queue
2015-04-27 15:06:20 -04:00
Robin Ward
3cb4554bbb
Can refresh queued posts via button
2015-04-27 13:52:54 -04:00
Neil Lalonde
cce8693354
FIX: canonical link tag when using relative_url_root
2015-04-27 13:34:22 -04:00
Arpit Jalan
2932284293
FEATURE: magic login route for admin when SSO is enabled
2015-04-27 22:54:48 +05:30
Robin Ward
3a6efa25f0
Allow ReadOnly to propogate up to the Ember app via Response Header
2015-04-24 14:37:16 -04:00
Robin Ward
5b3f99aa50
Don't blow up if Redis switches to READONLY
2015-04-24 14:37:16 -04:00
Neil Lalonde
ae028a5bb1
FIX: support for redirects to external url in permalinks table was broken
2015-04-23 16:45:28 -04:00
Régis Hanol
a737090442
- FEATURE: revamped poll plugin
...
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward
53ca51654d
FIX: Avoid cookie overflows by truncating the referer we store in flash
2015-04-22 12:41:49 -04:00
Robin Ward
5bf8c31af4
Users can see their pending posts
2015-04-21 16:44:47 -04:00
Robin Ward
2cdd967188
Adds support for invisible approval queues, which we'll need for Akismet
2015-04-20 17:19:05 -04:00
Neil Lalonde
a3b6e3cb97
FIX: permalinks redirects with relative_url_root
2015-04-19 23:36:09 -04:00
Sam Saffron
6d2e651862
Revert "FIX: Missing letter avatars"
...
This reverts commit 03943554c6
.
2015-04-20 06:41:08 +10:00
Sam
72ab1b9714
Merge pull request #3385 from tancnle/each-key-refactor
...
Replace Hash#keys.each with Hash#each_key for some perf boost
2015-04-20 06:17:27 +10:00
Robin Ward
03943554c6
FIX: Missing letter avatars
...
cc @zogstrip
It seems that the version string was ammended to return the ImageMagick
version. This caused the guard in the user avatars method to fail as the
versions weren't the same.
I changed it so it is comparing the right version, but I wonder if this
is bad as the controller is no longer using the ImageMagick version. Can
you please review?
2015-04-19 10:48:53 -04:00
Tan Le
9fbc763902
Replace Hash#keys.each with Hash#each_key for some perf boost
2015-04-18 21:53:53 +10:00
Robin Ward
2459f52c71
Merge pull request #3375 from techAPJ/patch-2
...
FEATURE: invite existing users to private topic
2015-04-16 11:13:42 -04:00
Arpit Jalan
866d1cd8e3
FIX: handle error for duplicate email_in address
2015-04-16 16:23:22 +05:30
Robin Ward
08b4b7b7ff
Moderators can edit posts that are queued before they approve/reject
2015-04-15 17:20:34 -04:00
Arpit Jalan
d491d4f997
FEATURE: invite existing users to private topic
2015-04-16 00:52:54 +05:30
Robin Ward
0c233e4e25
Interface is wired up for Approving/Rejecting posts
2015-04-15 14:54:37 -04:00
Robin Ward
96d2c5069b
Interface for reviewing queued posts
2015-04-15 14:54:37 -04:00
Robin Ward
22ffcba8e6
Convert Discourse.Post
to ES6 and use Store model
...
- Includes acceptance tests for composer (post, edit)
- Supports acceptance testing of bootbox
2015-04-15 14:54:36 -04:00
Robin Ward
19a9a8b408
NewPostManager
determines whether to queue a post or not
2015-04-15 14:54:36 -04:00
Arpit Jalan
499bed69e2
FIX: show error message if user already exist in group
2015-04-15 14:15:58 +05:30
Sam
2a3f71a9a1
SECURITY: log off all existing sessions when resetting password
2015-04-15 08:57:43 +10:00
Robin Ward
db4c04d606
FIX: Moderators shouldn't be able to see secure deleted posts
2015-04-13 11:48:31 -04:00
Sam
75890aed26
FEATURE: allow admins to choose a group as a primary group
...
FEATURE: allow admins to set a default title for a group
2015-04-10 12:17:28 +10:00