Commit Graph

422 Commits

Author SHA1 Message Date
Arpit Jalan
f5febe5843 FIX: date range was inconsistent for admin dashboard reports 2018-04-08 16:49:41 +05:30
Neil Lalonde
3fab5267be fix web crawler stats sorted in reverse 2018-03-27 14:10:39 -04:00
Neil Lalonde
df345d80f9 fix wrong case 2018-03-27 13:53:47 -04:00
Neil Lalonde
ced7e9a691 FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-22 15:41:02 -04:00
Sam
5ff857d770 remove theme yaml from UI, it only causes troubles 2018-03-09 11:01:46 +11:00
OsamaSayegh
282f53f0cd FEATURE: Theme settings (2) (#5611)
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward
556ab8480e FIX: ESlint 2018-02-13 16:06:40 -05:00
Robin Ward
713993d150 UX: Link post ids in staff action logs to the post 2018-02-13 15:59:10 -05:00
Robin Ward
34ed6088b9 FEATURE: New modal to show flags received for a user 2018-01-17 15:08:08 -05:00
Arpit Jalan
b7ba490df7 FIX: graphs should go to zero for missing dates 2018-01-15 10:16:34 +05:30
Guo Xiang Tan
f7642e076d REFACTOR: Avoid duplicated logic on server and client. 2017-11-21 17:10:04 +08:00
Robin Ward
971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Robin Ward
41c3941c4c FEATURE: Support regular expressions for watched words 2017-09-27 15:48:57 -04:00
Robin Ward
d1ebc62065 The ability to display errors on flagging actions. 2017-09-25 12:28:01 -04:00
Robin Ward
09ed2ed749 Add Suspend User to flags page 2017-09-25 12:28:00 -04:00
Robin Ward
079f108ceb UX: Improve interface for flagging with many flaggers 2017-09-25 12:28:00 -04:00
Robin Ward
677b016387 Send a suspension message via email to a user 2017-09-25 12:26:41 -04:00
Robin Ward
2a56cf8bb6 Tests + Refactoring for Suspension Modal 2017-09-25 12:26:06 -04:00
Robin Ward
6e48884274 Extract out common "cancel" link functionality from modals 2017-09-25 12:25:15 -04:00
Robin Ward
d7c37d9369 Add front end service for staff controls 2017-09-25 12:25:14 -04:00
Robin Ward
5cf50f0034 Adjust flagged posts to use the store 2017-09-25 12:25:14 -04:00
Robin Ward
cc1a461254 Convert flags admin to flexbox 2017-09-25 12:25:14 -04:00
Robin Ward
1af4acbb3d Add tests to flagged topics 2017-09-25 12:25:14 -04:00
Robin Ward
be0eb0a554 Refactor flagged posts into components 2017-09-25 12:25:14 -04:00
Robin Ward
40eba8cd93 FEATURE: View flags grouped by topic 2017-09-25 12:25:14 -04:00
Guo Xiang Tan
3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Erick Guan
468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Neil Lalonde
ec85b41078 UX: Move watched words to the Logs section of admin 2017-07-31 17:06:50 -04:00
Robin Ward
5b590b9637 REFACTOR: Replace some fa-* uses with helpers 2017-07-27 14:55:41 -04:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan
2a17f1ccd7 FIX: Group owners should be able to invite users to their groups.
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Robin Ward
c53eeaaa68 REFACTOR: Remove requirejs calls 2017-07-05 17:24:27 -04:00
Robin Ward
754c1e5438 Upgrade to Babel 6 2017-07-05 15:25:23 -04:00
Robin Ward
f6222ff225 FIX: Populate the Email Digest preview with the current username 2017-06-28 15:38:57 -04:00
Sam
607998af33 FEATURE: dropdown to filter staff action logs 2017-05-30 11:25:42 -04:00
Neil Lalonde
a0f03936ff FIX: saving invisible primary group field that you don't belong to 2017-05-17 12:46:50 -04:00
Sam
a5c4ddd334 oops my linter is not running automatically 2017-05-10 16:09:33 -04:00
Sam
bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Sam
a9b953ac5a FIX: on create you could not add a theme component 2017-04-20 17:37:13 -04:00
jomaxro
b3eef0513f Remove console logging 2017-04-20 16:08:16 -04:00
Sam
7eabb90b71 FEATURE: added error messages for bad theme CSS / JS 2017-04-19 16:46:46 -04:00
Sam
c5ee448713 FEATURE: Only show overridden option for theme css
also fixes bad styling of mobile glyph
2017-04-19 15:24:00 -04:00
Sam Saffron
a19c02f0d3 FEATURE: allow copying of color schemes to clipboard 2017-04-18 09:37:55 -04:00
Sam
5e3a0846f7 FEATURE: allow themes to share color schemes 2017-04-17 15:56:24 -04:00
Sam
a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Robin Ward
17f2974d0a SECURITY: Confirm new administrator accounts via email 2017-04-04 15:59:01 -04:00
Robin Ward
14410b71fb Convert server side paths to use /u/ 2017-03-30 10:23:24 -04:00
Guo Xiang Tan
3ef82bb32c SECURITY: CSRF vulnerabilities in Admin::BackupsController. 2017-03-23 10:29:35 +08:00
Rafael dos Santos Silva
5296f00c28 FEATURE: Allow checking the raw response of a bounced email 2017-02-22 14:51:33 -03:00
Guo Xiang Tan
4a7d6ea751 Make eslint happy. 2017-01-09 11:24:55 +08:00
Guo Xiang Tan
c260a4e34d FIX: Can't add categories when creating a new web hook. 2017-01-09 11:22:35 +08:00
Claas Augner
9710b04c31
UX: Add icon for bookmarks report 2017-01-05 02:07:38 +01:00
Régis Hanol
c302ffe08f FIX: buttons in user admin page weren't working 2016-12-20 12:26:53 +01:00
Neil Lalonde
d23da5b641 FIX: digest email preview error in Persian and other languages 2016-12-14 11:10:32 -05:00
Neil Lalonde
47aa3d94aa FEATURE: send digest preview to an email address 2016-11-23 17:51:57 -05:00
Robin Ward
bf91532260 Fixes some Ember Deprecations for 1.13:
- Remove ArrayController
- Remove {{view}} from templates
- Replace many cases of needs: [‘controller’] with inject
- Enable Ember Legacy Views
2016-10-21 11:06:07 -04:00
Guo Xiang Tan
547750e9dd Unify API keys and web hooks into a single admin nav header. 2016-09-20 05:22:03 +08:00
Erick Guan
9ce61b4586 FEATURE: Webhooks. 2016-09-05 18:44:00 +08:00
safaalfulaij
291c32aa69 Fix Plural Strings 2016-08-10 20:24:28 +03:00
Régis Hanol
cb809784df refactor version-check to ES6 2016-08-03 16:13:02 +02:00
cpradio
1b89c2f0ef FEATURE: Installed Version link shows GitHub Compare to branch being followed 2016-08-02 06:18:44 -04:00
Robin Ward
bba0fd0654 REFACTOR: PreloadStore to ES6 2016-07-11 12:57:05 -04:00
Robin Ward
b8125b3512 REFACTOR: Remove Discourse.Ajax 2016-07-11 12:57:05 -04:00
Robin Ward
a546395397 REFACTOR: Migrate markdown functionality in ES6 2016-07-11 12:57:05 -04:00
Régis Hanol
8a04b78909 add a link to bounce emails list in user admin profile 2016-05-18 22:38:35 +02:00
Régis Hanol
d6ab54378c FIX: screened IP addresses list wasn't working anymore - TAKE 2 2016-05-18 19:27:39 +02:00
Régis Hanol
1e57bbf5c8 Lots bounce emails related fixes
- Show bounce score on user admin page
- Added reset bounce score button on user admin page
- Only whitelisted email types are sent to emails with high bounce score
- FIX: properly detect bounces even when there is no TO: header in the email
- Don't desactivate a user when reaching the bounce threshold
2016-05-06 19:34:33 +02:00
Neil Lalonde
3b18a5d59d FIX: redirect url after anonymizing a user 2016-03-03 11:59:07 -05:00
Régis Hanol
91bb38626c FEATURE: new incoming email details modal 2016-02-10 22:00:27 +01:00
Erick Guan
35142847ba FIX: Prepend the user id before username in admin user routes 2016-02-09 15:14:13 +01:00
Arpit Jalan
eec8436cfe FEATURE: filter admin reports via user group 2016-02-04 11:23:49 +05:30
Régis Hanol
cf4c256b17 FEATURE: new 'raw email' modal when listing rejected emails 2016-02-01 21:41:49 +01:00
Régis Hanol
5018a8033d FIX: add link to user profile for staged users 2016-01-19 16:41:07 +01:00
Régis Hanol
3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Neil Lalonde
12790d8dcc FEATURE: staff can block users, which prevents them from creating topics and replies 2016-01-14 14:42:06 -05:00
Arpit Jalan
f40249faad FEATURE: make trust level 3 time period admin setting 2015-12-22 23:26:19 +05:30
Neil Lalonde
ddd4500d7a FIX: admin reports were broken 2015-12-01 18:31:30 -05:00
Robin Ward
5e93140f85 FEATURE: Can override any translation via an admin interface 2015-11-27 11:35:19 -05:00
Robin Ward
434deb1bd3 SECURITY: Backported XSS fixes from Handlebars 2015-11-24 16:08:08 -05:00
Régis Hanol
753f4d1b7b FIX: redirect to forum home page when impersonating 2015-11-23 15:44:44 +01:00
Sam
5c899c765b Revert "Revert "REFACTOR: support booting discourse with DISCOURSE_NO_CONSTANTS""
This reverts commit c21457d6a7.
2015-11-21 12:27:06 +11:00
Robin Ward
83d5b82c84 OOPS, remove console.log 2015-11-20 13:15:00 -05:00
Robin Ward
8eeb027c65 Can revert changes to email templates 2015-11-20 12:30:21 -05:00
Robin Ward
c21457d6a7 Revert "REFACTOR: support booting discourse with DISCOURSE_NO_CONSTANTS"
This reverts commit c0b277d273.
2015-11-20 10:00:12 -05:00
Sam
c0b277d273 REFACTOR: support booting discourse with DISCOURSE_NO_CONSTANTS
This change is discussed here: https://meta.discourse.org/t/deprecating-es6-compatibility-layer/35821

Prior to this change we were not booting correctly with DISCOURSE_NO_CONSTANTS
2015-11-21 00:14:50 +11:00
Leo McArdle
fe5264f9e9 filter by username in email digest preview
adds a user prompt on the email digest preview page to generate a preview for a particular user
also fixes some broken styling on the page
2015-10-30 18:11:38 +00:00
Robin Ward
46ca66771b FIX: Better error message for resending activation. Don't limit staff. 2015-10-27 16:25:30 -04:00
Rafael dos Santos Silva
dfed999ec8 Remove getUrl on impersonate redirect
As said by  @riking @nlalonde and @ZogStriP
2015-10-13 16:52:35 -03:00
Rafael dos Santos Silva
ccd46bf431 Fix impersonate redirect on subfolder install
Impersonate was redirecting to base site, instead of Discourse when using subfolder install.
2015-10-12 16:14:39 -03:00
Jeff Atwood
0b295150e7 UX: clearer delete user action buttons 2015-09-30 16:06:55 -07:00
Guo Xiang Tan
f39b9124b6 FEATURE: Log staff actions for Category changes. 2015-09-18 10:53:08 +08:00
Régis Hanol
96c23d51a2 FIX: don't break the message bus when restoring a backup 2015-08-27 20:02:13 +02:00
Régis Hanol
73e4c6ae4d FIX: backups index template wasn't properly bound 2015-08-17 16:21:23 +02:00
Robin Ward
02a968bd27 Remove ObjectController, Discouse Controllers + Presence 2015-08-13 10:49:08 -04:00
Robin Ward
b7e6eaa961 ES6ify some of the remaining files 2015-08-10 10:21:05 -04:00
Robin Ward
7fffd483f8 Fix deprecations with site text, upgrade to ES6 / store 2015-08-10 10:21:04 -04:00