Commit Graph

774 Commits

Author SHA1 Message Date
Régis Hanol
4d674acc25 FEATURE: AWS SNS bounce notifications webhooks 2019-02-13 21:26:40 +01:00
David Taylor
f3cfce4a93
FEATURE: Calculate sprite-sheet based on currently active themes (#6973)
Previously there was only one sprite sheet, which always included icons from all themes even if they were disabled
2019-02-06 15:51:23 +00:00
David Taylor
afd449089f
FEATURE: Import and export themes in a .tar.gz format (#6916) 2019-01-23 14:40:21 +00:00
Joffrey JAFFEUX
e655e1863f
UX: Adding reports dashboard tab, new layout, report descriptions (#6790)
Co-Authored-By: Kris  <shout@k-ris.com>
2018-12-19 14:44:43 +01:00
Neil Lalonde
6774b64aef FEATURE: add /conduct as an alias for /guidelines 2018-12-18 16:40:24 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel
9f89aadd33 FIX: delete all posts in batches without hijack (#6747) 2018-12-14 11:04:18 +01:00
Bianca Nenciu
56890efd7a FEATURE: Add 'Advanced Test' for admin panel. 2018-12-05 21:56:18 +01:00
Penar Musaraj
03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
David Taylor
a3ed570124
FIX: Fix routes ending in :username for usernames containing periods (#6660) 2018-11-23 17:41:41 +00:00
Guo Xiang Tan
a19780d7a6 DEV: Don't expose wizard qunit route in production. 2018-11-23 13:49:31 +08:00
David Taylor
d89ffbeffd
FEATURE: Add button to delete unused tags (#6587)
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
2018-11-12 16:24:34 +00:00
Sam
42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy (#6514)
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Kyle Zhao
dca830cb73 Revert "FEATURE: [Experimental] Content Security Policy (#6504)"
This reverts commit fb8231077a.
2018-10-19 11:53:29 -04:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy (#6504) 2018-10-19 10:39:22 -04:00
Kyle Zhao
99d1ded3b3
rename route /javascripts to /theme-javascripts (#6495) 2018-10-15 11:32:52 -04:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV (#6484) 2018-10-15 09:12:54 +01:00
Kyle Zhao
6acdea37c4 DEV: extract inline js when baking theme fields (#6447)
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields

This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
Guo Xiang Tan
84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3.
This reverts commit 3c59106bac.
2018-10-15 09:43:31 +08:00
Guo Xiang Tan
3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
This reverts commit c29a4dddc1.

We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
Robin Ward
a566ed42ae FEATURE: Option to disable user presence and profile
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Bianca Nenciu
1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335)
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Sam
0e9841b995 SECURITY: remove admin memory diagnostics routes 2018-09-18 08:35:09 +10:00
Neil Lalonde
6f1b8ad16d FIX: tag groups page should only be visible to staff
No security concern here because nothing private was visible,
and no actions could be taken by non-staff users.
2018-09-17 11:41:18 -04:00
Bianca Nenciu
931cffcebe FEATURE: Let users see their user auth tokens. (#6313) 2018-08-31 10:18:06 +02:00
Joffrey JAFFEUX
82dcc5cbfa
FEATURE: makes reports loadable in bulk (#6309) 2018-08-24 15:28:01 +02:00
Gerhard Schlager
b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Osama Sayegh
0b7ed8ffaf FEATURE: backend support for user-selectable components
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
Neil Lalonde
b829452c75
Merge pull request #6209 from discourse/mini_scheduler
REFACTOR: extract scheduler to the mini_scheduler gem
2018-08-01 10:28:24 -04:00
Penar Musaraj
1f45215537 FEATURE: Drafts view in user profile
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Guo Xiang Tan
919e8db686 FIX: Check for group name availability should skip reserved usernames. 2018-08-01 11:09:33 +08:00
Neil Lalonde
4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
Neil Lalonde
1708ff1808 UX: add a route /rules as an alias for /faq and /guidelines 2018-07-26 15:38:08 -04:00
Joffrey JAFFEUX
330cf78c83
FIX: don’t break browser history on dashboard visit (#6186) 2018-07-26 14:59:28 -04:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Joffrey JAFFEUX
1d5096eb46 FIX: lazy load more reports in dashboard 2018-07-20 23:35:53 -04:00
Joffrey JAFFEUX
1a78e12f4e
FEATURE: part 2 of dashboard improvements
- moderation tab
- sorting/pagination
- improved third party reports support
- trending charts
- better perf
- many fixes
- refactoring
- new reports

Co-Authored-By: Simon Cossar <scossar@users.noreply.github.com>
2018-07-19 14:33:11 -04:00
Joffrey JAFFEUX
a2281fbb19
FEATURE: allows to jump to a date in a topic 2018-07-19 16:00:13 +02:00
Régis Hanol
6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Guo Xiang Tan
711371e8c8 FIX: Select+below will ask server for post ids on megatopics. 2018-07-13 15:10:39 +08:00
OsamaSayegh
decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Maja Komel
ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Sam
5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Joffrey JAFFEUX
f2dbe66367
FEATURE: adds a /admin/reports route to list all reports 2018-06-18 12:31:56 +02:00
Rafael dos Santos Silva
8fc08aad09 FEATURE: Update the webmanifest
- Remove share target because the spec is changing
- Allow any orientation again because natural is too restrictive
- Use correct file and mime types for the manifest
2018-06-14 00:13:28 -03:00
OsamaSayegh
1dbe13886f REFACTOR: admin site texts controller specs to requests (#5958) 2018-06-11 12:59:21 +08:00
Guo Xiang Tan
a50cd8675a FIX: Permalink route matcher should always be last. 2018-06-06 14:55:22 +08:00
Robin Ward
4195c7c9ea FEATURE: Ability to clear a user's penalty history
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
2018-05-25 12:54:22 -04:00
Guo Xiang Tan
e78f1d7589 Fix the build take 2. 2018-05-21 14:35:59 +08:00
Guo Xiang Tan
b7b08b4173 Fix regression introduced in 2ceb107074. 2018-05-21 13:26:23 +08:00
Guo Xiang Tan
2ceb107074 Refactor tests to use the json extension instead of headers. 2018-05-21 09:49:46 +08:00
Sam
2271869c6b old dashboard needs a route 2018-05-16 11:42:45 +10:00
Jeff Wong
dc93c1b433 FIX: temporary redirect for service worker scripts 2018-05-08 10:40:02 -07:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Neil Lalonde
bd77795d7a REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-26 13:25:24 -04:00
Gerhard Schlager
ed4c0c4a63 FEATURE: Add option to delete all replies of flagged post 2018-04-24 11:08:05 -04:00
Sam
54d153068a DEV: remove qunit rails fork and add a couple of async tests 2018-04-23 16:42:40 +10:00
Arpit Jalan
91bf10bd12 FIX: create upload record for exported csv files 2018-04-20 00:27:49 +05:30
Joffrey JAFFEUX
2b8307c6c3
dashboard next: minor improvements
* rename route to dashboard-next
* better scaling of charts for large data sets
* adjust trend position to avoid overlap
* makes sure silenced/suspended is made on real users
* correctly format data when only one data point
* minor refactoring
2018-04-17 11:01:06 +02:00
Robin Ward
3d7dbdedc0 FEATURE: An API to help sites build robots.txt files programatically
This is mainly useful for subfolder sites, who need to expose their
robots.txt contents to a parent site.
2018-04-16 15:43:20 -04:00
Arpit Jalan
9353ae4b5d Remove obsolete per topic unsubscribe page. 2018-04-16 16:11:20 +05:30
Joffrey JAFFEUX
0e15a575f4
EXPERIMENTAL: new dashboard UI
This is the first iteration of an effort towards making a very good dashboard.

Until we feel confident this is good, this dashboard will only be accessible through /admin/dashboard_next
2018-04-16 10:42:06 +02:00
Guo Xiang Tan
a389baeb07 FIX: Group pages should work when group name contains periods.
https://meta.discourse.org/t/group-name-cant-have-dot-inside/48658
2018-04-12 17:11:36 +08:00
Jeff Wong
32f919ea34 Fix - service worker registrations
* register service workers in a development env

* register service worker from ember initialize fn
2018-04-10 15:17:32 -07:00
Blake Erickson
0337a8f6d5 ensure correct '/'s for relative_url_root in route file 2018-04-10 14:24:29 -06:00
Blake Erickson
2fd31f2b2a FIX: use root path for service_worker_asset and handle subfolder installs for the '/c' route 2018-04-10 14:06:32 -06:00
Guo Xiang Tan
c82b2dcc24 Remove admin group management pages. 2018-04-09 15:14:50 +08:00
Guo Xiang Tan
4319273cf5 UX: Split up group form into smaller sections. 2018-04-09 15:14:50 +08:00
Guo Xiang Tan
21ae49ab92 Simplify log in for request specs. 2018-03-28 11:32:47 +08:00
Guo Xiang Tan
70be8124a3 SECURITY: Don't expose development route in production. 2018-03-28 11:32:47 +08:00
Guo Xiang Tan
7edab1c0b9 UX: Add groups/custom/new route for admins to create a new group. 2018-03-27 17:39:05 +08:00
Guo Xiang Tan
2ecd234e27 UX: Consolidation group manangement into a single tab. 2018-03-27 13:34:46 +08:00
Robin Ward
38af67eb73 Update the destination category id when a user changes it 2018-03-23 11:12:56 -04:00
Robin Ward
b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Arpit Jalan
e9bc763440 FIX: show only allowed tags on PM tags page and display correct count
FIX: tags page should link to user profile we are browsing
2018-03-17 00:17:48 +05:30
Guo Xiang Tan
fe96ef6ed2 UX: Use topic list for displaying group messages on group page.
https://meta.discourse.org/t/group-inbox-on-a-groups-page-mockup/71319
2018-03-16 11:56:40 +08:00
Guo Xiang Tan
a35227918f UX: Display group topics in a topic list. 2018-03-15 11:37:55 +08:00
Arpit Jalan
24338fbbe8 FEATURE: replace PM tags dropdown with a dedicated tags page 2018-03-13 13:06:58 +05:30
Sam
39e679d3cb FEATURE: allow themes to live in private git repos
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Robin Ward
31e3bf6d8d FEATURE: New "Categories and Top" homepage style
Select this option if you want to show top topics on the homepage
instead of latest topics.
2018-03-03 14:26:57 -05:00
Guo Xiang Tan
06891ce51d FIX: Direct link to group activity page results in 400 error.
https://meta.discourse.org/t/following-a-direct-link-to-group-activity-results-in-400-error/81596
2018-02-27 13:43:22 +08:00
Vinoth Kannan
2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Vinoth Kannan
84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Guo Xiang Tan
d601a6b23c FIX: Support old Service Worker source file path to avoid routing errors. 2018-02-19 08:04:45 +08:00
Guo Xiang Tan
28365f8ae5 PERF: Have nginx cache and serve the service worker file. 2018-02-15 10:50:39 +08:00
Erick Guan
03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Muhlis Cahyono
cc3cf6588b FEATURE: Notification API Endpoints for Admins
* create/update/delete notification api with external url
* remove external url feature
* Fix Travis CI build error (add new line)
* Fix Travis CI build error
2018-02-13 01:38:26 -05:00
Robin Ward
6b04967e2f FEATURE: Staff members can lock posts
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Robin Ward
d0b44520bd Put back removed constants with deprecations for plugin compatibility 2017-12-21 17:18:01 -05:00
Robin Ward
aed37770e3 FIX: Load the route format before discourse 2017-12-21 16:29:11 -05:00
Robin Ward
063e449ce5 FIX: RouteFormat is a better class name than RouteFormats 2017-12-21 15:30:32 -05:00
Robin Ward
2908aab0da Allow extensibility on username route format (non-english usernames) 2017-12-21 14:32:51 -05:00
Arpit Jalan
eab66065d1 FEATURE: search log term details page (#5445) 2017-12-20 13:41:31 +11:00
Régis Hanol
1b4483c942 FEATURE: Added 'select +below' and 'select +all replies' options to selecting posts 2017-12-13 22:12:06 +01:00
Robin Ward
410994b7f5 FEATURE: Show a button to Staff for "Moderation History" on posts/topics
When clicked, it pops up a modal showing a history of moderation actions
taken on the post or topic.
2017-12-05 15:20:20 -05:00
Vinoth Kannan
6e054b2572 FEATURE: Convert HTML to Markdown while pasting in composer 2017-12-05 12:23:39 -05:00
Jeff Wong
b094894c94 Feature: Add service worker registration method to plugin API 2017-11-28 14:01:41 +08:00
Robin Ward
628275fc31 FIX: Some badge routes were still working even with badges disabled 2017-11-21 12:22:44 -05:00
Arpit Jalan
3831663fea FEATURE: search logs page (#5313) 2017-11-15 11:13:50 +11:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Penar Musaraj
bd1616d3d9 Add offline route and service worker to fix Android app install banner (#5217)
* set up static offline.html route and service worker for Android Web App Banner

* add viewport meta tag to offline view for android app banner

* add i18n support for offline.html pages, cleanup

* fix html syntax, add page title, remove license for service-worker.js
2017-10-31 10:46:48 +11:00
Neil Lalonde
beca02c046 FIX: moderators couldn't see flagged topics list 2017-10-05 14:12:07 -04:00
Robin Ward
d7c37d9369 Add front end service for staff controls 2017-09-25 12:25:14 -04:00
Robin Ward
40eba8cd93 FEATURE: View flags grouped by topic 2017-09-25 12:25:14 -04:00
Bianca Nenciu
6bc74ceb50 Split alias levels in mentionable and messageable levels. (#5065)
* Split alias levels in mentionable and messageable levels.

* Fixed some tests.

* Set messageable level to everyone by default.

* By defaults, groups are not mentionable or messageable.

* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Sam
d7a2584c6e FEATURE: image uploads now have short urls
Shorten all image uploads to use short urls, this is the client
side implementation.
2017-08-22 16:40:08 -04:00
Neil Lalonde
ec85b41078 UX: Move watched words to the Logs section of admin 2017-07-31 17:06:50 -04:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan
2a17f1ccd7 FIX: Group owners should be able to invite users to their groups.
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Robin Ward
3882722195 FEATURE: Inline (Mini) Oneboxing
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Robin Ward
cdb3706025 Track clicks on topics in search results 2017-07-17 15:42:32 -04:00
Robin Ward
f1a6449e4b SECURITY: Remove disposable invite feature 2017-07-07 20:24:39 -04:00
Arpit Jalan
e7b9b1312e FEATURE: remove all invites
https://meta.discourse.org/t/remove-all-invitations-button-for-the-admin-panel/65207
2017-06-29 22:30:10 +05:30
Guo Xiang Tan
117d5f1b6a FIX: /u.json should return 404 instead of 500. 2017-06-27 10:11:48 +09:00
Guo Xiang Tan
47ca0f7f09 FIX: Foward requests to /u/new to our Ember router. 2017-06-21 13:06:28 +09:00
Guo Xiang Tan
a5d3abc9b6 FIX: Create group membership request on behalf of user. 2017-06-13 17:49:21 +09:00
Neil Lalonde
55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
Robin Ward
01d2685c60 FIX: users_account_created_path should point to /u/ 2017-05-11 11:18:06 -04:00
Sam
bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Robin Ward
552e01a266 FIX: Support updating the google+ key 2017-05-09 14:08:32 -04:00
Neil Lalonde
7f09bc9a09 Merge pull request #4849 from discourse/prefs
User preferences in tabs
2017-05-03 16:53:26 -04:00
Robin Ward
12fb20fe1b FEATURE: Allow users to resend/update email from confirmation page 2017-05-03 11:18:01 -04:00
Neil Lalonde
2503241ce5 FEATURE: rebuild user preferences page to use tabs 2017-05-02 16:52:18 -04:00
Arpit Jalan
a2be68bacf FIX: add route for '/admin/users/list' 2017-04-27 08:35:02 +05:30
Sam
def7348777 FIX: display custom sections with default theme
also cleans up mechanism for previewing themes, cleans up naming,
gets rid of old janky "preview_style", secures local theme key
2017-04-14 13:35:12 -04:00
Sam
a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Ryan C. Gordon
e15d11df18 Added an API to ask if an incoming email should be dropped at the SMTP level.
This lets an SMTP server optionally decide if it should reject a mail without
passing it on to Discourse at all, possibly before even reading the
email's payload, to prevent spam-induced backscatter and save resources.

This just does the bare minimum sanity checking that could prevent obvious
backscatter. For legit errors from legit users, Discourse will still send a
much more pleasant reply email.
2017-04-05 23:10:36 -04:00
Robin Ward
40ab2e5667 FEATURE: Let users update their emails before confirming
This allows users who entered a typo or invalid email address when
signing up an opportunity to fix it and resending the confirmation
email to that address.
2017-04-05 16:44:49 -04:00
Robin Ward
17f2974d0a SECURITY: Confirm new administrator accounts via email 2017-04-04 15:59:01 -04:00
Guo Xiang Tan
34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Guo Xiang Tan
12e02873fc Remove duplications in routes.rb. 2017-03-31 10:14:08 +08:00
Robin Ward
14410b71fb Convert server side paths to use /u/ 2017-03-30 10:23:24 -04:00
Robin Ward
45a257815a Convert front end paths from /users/ to /u/ 2017-03-30 10:23:24 -04:00
Robin Ward
6b976433c9 Support for both /users/ and /u/ paths 2017-03-30 10:23:24 -04:00
Guo Xiang Tan
3ef82bb32c SECURITY: CSRF vulnerabilities in Admin::BackupsController. 2017-03-23 10:29:35 +08:00
Joe Buhlig
8d06833e51 FIX: Add route for user TL3 requirements page 2017-03-16 10:05:28 -05:00
Arpit Jalan
848120c098 FEATURE: RSS feed for top page period filters 2017-03-13 15:23:46 +05:30
Arpit Jalan
f7e7ca3937 FEATURE: anonymized site statistics 2017-03-10 18:50:26 +05:30
Rafael dos Santos Silva
c3477cd40d Merge pull request #4716 from discourse/bounced_emails_details
FEATURE: Allow checking the raw response of a bounced email
2017-03-06 13:30:19 -03:00
Neil Lalonde
6aab8cb331 FEATURE: new category setting for whether to show latest topics or top topics by default 2017-03-03 11:30:44 -05:00
Blake Erickson
80858bae2c FEATURE: further restrict downloading of backups
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
2017-03-01 08:28:34 -07:00
Blake Erickson
5ba8f8d1a6 FIX: typo in a routes.rb comment
sidekiq was spelled wrong
2017-02-25 10:03:19 -07:00
Rafael dos Santos Silva
5296f00c28 FEATURE: Allow checking the raw response of a bounced email 2017-02-22 14:51:33 -03:00
Arpit Jalan
9dd09e453b FEATURE: add explicit confirmation button to accept the invite 2017-01-25 15:50:30 +05:30
Robin Ward
41307c3d1c SECURITY: Moderators should not be able to access customizations 2017-01-06 14:42:53 -05:00
Guo Xiang Tan
ad4a96d387 FIX: Only send membership request to the last 5 active group owners. 2017-01-03 15:33:57 +08:00
Guo Xiang Tan
a5fead3857 UX: Redesign group page to follow user page. 2016-12-22 13:08:59 +08:00
Arpit Jalan
563bcfb705 FIX: make upload extension optional in route 2016-12-19 15:06:03 +05:30
Arpit Jalan
ab6843dcde FIX: username route was broken 2016-12-16 23:56:22 +05:30
Guo Xiang Tan
d8541c589a FIX: Incorrect route for updating username. 2016-12-17 00:23:12 +08:00
Régis Hanol
197517d55e FIX: locally uploaded audio & video files should onebox even when the extension is uppercase 2016-12-15 23:21:44 +01:00
Guo Xiang Tan
8bd1ac53f1 FIX: Don't include format in route ids. 2016-12-14 13:57:51 +08:00
Guo Xiang Tan
05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Arpit Jalan
ce974da9e5 FIX: simplify CSV file upload 2016-12-05 14:09:08 +05:30
Sam
39a524aac8 FEATURE: brotli cdn bypass for assets
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Guo Xiang Tan
559918c6c6 PERF: Add endpoint to check if a group can be mentioned by user. 2016-11-26 02:20:46 +08:00
Guo Xiang Tan
5794f1619d PERF: Fix N+1 queries when loading groups. 2016-11-26 02:20:26 +08:00
Sam
88a46be051 FEATURE: display text excerpts when scrolling on mobile 2016-11-25 11:35:29 +11:00
Guo Xiang Tan
0b28075c00 Revert "REFACTOR: ajax defaults to json data type for GET requests."
This reverts commit af0b6ce53d.
2016-11-24 16:47:18 +08:00
Guo Xiang Tan
af0b6ce53d REFACTOR: ajax defaults to json data type for GET requests. 2016-11-24 16:20:17 +08:00
Neil Lalonde
47aa3d94aa FEATURE: send digest preview to an email address 2016-11-23 17:51:57 -05:00
Sam
e2c87da42a FEATURE: Add basic support for Safe Mode
In Safe Mode all JS extensions and site customizations are disabled.

To access Safe Mode visit `sitename.org/safe-mode`
2016-11-21 16:46:14 +11:00
Dmitry Demenchuk
6df6b59259 Remove useless routing for ForumsController 2016-10-27 15:25:16 +01:00
Robin Ward
19e2eec219 Allow step 0 to resend the confirmation email 2016-10-21 11:34:19 -04:00
Robin Ward
c03d25f170 FEATURE: Configure Admin Account
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.

Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Arpit Jalan
12894a4876 FIX: dots in group name was breaking route 2016-10-12 23:36:10 +05:30
Sam
6031e692f0 Merge pull request #4366 from xfalcox/print
Print Support
2016-10-11 11:47:20 +11:00
Sam
3e513f5c05 Merge pull request #4459 from vibol/master
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Blake Erickson
5c131d3e10 Remove route to action that doesn't exist
Removed the `post "t"` route from the routes file because the
`topics#create` action doesn't exist in the topics controller. New
topics are created in the posts controller.
2016-10-03 07:17:13 -06:00
Vibol Hou
34af73c7cb FEATURE: sparkpost webhook 2016-09-26 22:13:34 -07:00
Rafael dos Santos Silva
c12e533273 Feature: Adds a button to print a topic 2016-09-26 20:44:50 -03:00
Robin Ward
c94e6f1b96 Add locale step 2016-09-22 09:52:19 -04:00
Robin Ward
3a4615c205 Wizard: Step 1 2016-09-22 09:48:58 -04:00
Robin Ward
0471ad393c Scaffold for new Wizard - Rails / Ember / Tests 2016-09-22 09:48:58 -04:00
Robin Ward
6070939daa Support for other i18n bundles 2016-09-22 09:48:58 -04:00
Guo Xiang Tan
547750e9dd Unify API keys and web hooks into a single admin nav header. 2016-09-20 05:22:03 +08:00
Erick Guan
00d5facf36 FEATURE: prompts new webhook events 2016-09-19 12:07:17 +08:00
Sam
75f3f7fcbd FEATURE: clean API method for reading a single notification 2016-09-16 16:14:15 +10:00
Erick Guan
9ce61b4586 FEATURE: Webhooks. 2016-09-05 18:44:00 +08:00
Régis Hanol
e064e6f7a3 FEATURE: new 'categories_and_latest' endpoint 2016-08-29 22:47:44 +02:00
Sam
416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Sam
b7cea24d76 FEATURE: more user API flow, support key creation 2016-08-16 17:06:52 +10:00
Neil Lalonde
3b792054f2 Merge pull request #4387 from gdpelican/feature/tags-intersection
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
James Kiesel
037e9bb7b8 Support any number of tag intersections 2016-08-15 15:30:17 -04:00
Sam
fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
James Kiesel
7e73b933c7 First pass 2016-08-12 15:28:46 -04:00
Sam
7e4503dd99 FEATURE: basic info route for all sites, even ones that require login
This information is public in meta tags already on home page, providing a
route allows consumers to check it way more cheaply
2016-08-12 17:10:35 +10:00
Sam
afaba56de3 FEATURE: missing API endpoint for topic tracking states 2016-08-12 17:10:35 +10:00
Guo Xiang Tan
0a942dbc73 FEATURE: Avoid creating an archive for database only backups. 2016-08-03 16:23:46 +08:00
Régis Hanol
c4b52b1a19 GET is a more RESTy verb for '/users/:username/emails' 2016-07-27 20:15:28 +02:00
Andre Pereira
8cbd585e20 FEATURE: Allow staff users to merge posts. 2016-07-27 12:04:14 +08:00
Neil Lalonde
11b3b5e30a FIX: when topic list is filtered by tag and category, subsequent page fetches would ignore the category filter 2016-07-25 16:16:18 -04:00
Sam
8866169879 FEATURE: can invite/revoke groups on private messages 2016-06-20 16:29:27 +10:00
Sam
852860de66 FEATURE: simpler and friendlier unsubscribe workflow
- All unsubscribes go to the exact same page
- You may unsubscribe from watching a category on that page
- You no longer need to be logged in to unsubscribe from a topic
- Simplified footer on emails
2016-06-17 11:28:49 +10:00
Régis Hanol
49f8a2baa7 FEATURE: support for mandrill webhooks 2016-06-13 12:32:14 +02:00
zachGlasgow
42ec8a7c3d Add constraints to remove dots from username. (#4255)
Rails is using dots as a separator for formatted routes. As a result
if the username has more than one dot it will not match the route.

Bug raised here -> https://meta.discourse.org/t/refreshing-a-users-detail-page-in-admin-doesnt-work-in-some-cases/44891
2016-06-09 09:52:42 +02:00
Neil Lalonde
a49ace0ffb FEATURE: ability to restrict tags to categories using groups 2016-06-07 15:36:20 -04:00
Robin Ward
6aaa484baa REFACTOR: Move composer messages to store 2016-06-07 14:47:22 -04:00
Neil Lalonde
f3f6c2f98f FEATURE: tag groups 2016-06-06 14:18:48 -04:00
Régis Hanol
fe595f1653 FEATURE: mailjet webhook 2016-06-06 19:47:45 +02:00
Arpit Jalan
c4e1ad0953 FEATURE: Resend all pending invitations 2016-06-03 12:23:13 +05:30
Régis Hanol
9704603fab FEATURE: sendgrid webhooks 2016-06-01 21:48:06 +02:00
Régis Hanol
116efffdaa FEATURE: webhooks support for mailgun 2016-05-30 17:11:17 +02:00
Régis Hanol
1e57bbf5c8 Lots bounce emails related fixes
- Show bounce score on user admin page
- Added reset bounce score button on user admin page
- Only whitelisted email types are sent to emails with high bounce score
- FIX: properly detect bounces even when there is no TO: header in the email
- Don't desactivate a user when reaching the bounce threshold
2016-05-06 19:34:33 +02:00
Arpit Jalan
82daf93eb3 Merge pull request #4206 from techAPJ/convert-topic
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-04 01:33:15 +05:30
Régis Hanol
8e611ec7a1 FEATURE: handle bounced emails 2016-05-02 23:15:32 +02:00
Arpit Jalan
acfb540952 FEATURE: move a topic from PM to regular topic or vice versa 2016-05-02 21:34:05 +05:30
Neil Lalonde
e5918c7d00 FEATURE: Merge tagging plugin into core 2016-04-27 11:58:53 -04:00
Régis Hanol
379bfac36d Merge pull request #4010 from riking/patch-sitelinks
FEATURE: Add /search discovery
2016-04-14 10:35:13 +02:00
Régis Hanol
7783ba46fc remove /error endpoint 2016-04-11 20:43:24 +02:00
Régis Hanol
42da8a9246 match is old school (cc @EvilTrout) 2016-04-06 21:57:54 +02:00
Robin Ward
8e50f0de6a FIX: Support editing translation keys with uppercase characters 2016-04-06 15:26:18 -04:00
Régis Hanol
d402a45781 FIX: hitting '/t/:id/posts.json' should return the first page of posts 2016-04-05 19:12:14 +02:00
Régis Hanol
332a1ea87e FIX: add support for 'space' in backup's filename 2016-04-04 17:24:02 +02:00
Arpit Jalan
41208b99a1 FEATURE: RSS feed for user posts and topics 2016-03-31 20:24:05 +05:30
Kane York
f2ddd44712 FEATURE: Add /search discovery
The opensearch.xml results in a "site search engine" being added to
Chrome, while the sitelinks search tag results in "Search this website"
being added to Google Search.
2016-03-28 15:07:59 -07:00
Sam
c650c2a16f FIX: regression in badge grant admin page 2016-03-29 07:58:45 +11:00
Neil Lalonde
476a5fd43c FIX: unhandled extensions like .php on static routes will show the usual not found page 2016-03-24 13:22:06 -04:00
Arpit Jalan
34469e725b FEATURE: separate API endpoints for public and private posts 2016-03-21 18:21:15 +05:30
Arpit Jalan
bd83cf7f4c FEATURE: add group posts and mentions RSS 2016-03-18 22:29:10 +05:30
Sam Saffron
e84d5549ef FEATURE: only allow sidekiq in master site when hosted on multisite 2016-03-17 00:26:07 +11:00
Arpit Jalan
ff12b5bf57 FIX: newly created categories were not showing up 2016-03-14 23:17:02 +05:30
Arpit Jalan
89248580dc FEATURE: revert post to a specific revision 2016-03-11 02:46:55 +05:30
Robin Ward
5771d2aee2 SECURITY: Support for confirm old as well as new email accounts 2016-03-08 14:52:22 -05:00
Robin Ward
d62689fa76 Move updating a user's email to its own controller 2016-03-08 14:52:22 -05:00
Régis Hanol
341037d6fb FIX: less restricting 'BACKUP_ROUTE_FORMAT' 2016-03-03 18:52:32 +01:00
Régis Hanol
91bb38626c FEATURE: new incoming email details modal 2016-02-10 22:00:27 +01:00
Erick Guan
35142847ba FIX: Prepend the user id before username in admin user routes 2016-02-09 15:14:13 +01:00
Régis Hanol
cf4c256b17 FEATURE: new 'raw email' modal when listing rejected emails 2016-02-01 21:41:49 +01:00
Sam Saffron
7303f8f309 FEATURE: first pass at user summary page 2016-01-20 15:14:25 +11:00
Neil Lalonde
9ad226aaa8 FEATURE: add email query param to login, signup, and password-reset URLs to prefill form 2016-01-19 16:53:46 -05:00
Régis Hanol
3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Sam
06b5798fb9 fix activity pending route, hidden for now 2016-01-12 15:48:44 +11:00
Neil Lalonde
c7df6783a9 FIX: only invalidate password reset links using javascript 2016-01-04 11:48:54 -05:00
Guo Xiang Tan
c1dbf5c1c4 FEATURE: Autolinking to category using hashtags. 2016-01-05 00:12:24 +08:00
Sam
a4587b18f5 FEATURE: allow users to archive messages from message page 2015-12-30 13:26:39 +11:00
Arpit Jalan
3a28bafc0f FEATURE: onebox internal audio or video files 2015-12-25 01:52:14 +05:30
Sam
03ea0bfe22 FEATURE: allow users to archive messages
Messages are now in 3 buckets

- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with

You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly

Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
Sam
a8b5192efd FEATURE: User page refactor
Re-organise user page so it is easier to find interesting info
split it into tabs

- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
Régis Hanol
15c229195f FEATURE: notification_level on a per-group basis 2015-12-14 23:17:09 +01:00
Sam
8cf4d52cb6 FEATURE: split up group PMS on user page 2015-12-10 11:39:33 +11:00
Régis Hanol
3aa5129f54 FEATURE: allow group members to see all messages on group page 2015-12-07 23:19:33 +01:00
Régis Hanol
a37d575d7d FEATURE: new 'My Groups' messages filter in user page 2015-12-07 18:37:03 +01:00
Sam
d1a5d8ea62 FEATURE: show group mentions and topics in groups page 2015-12-01 16:52:43 +11:00