github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-16 10:58:23 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
28,476 Commits 214 Branches 500 Tags 960 MiB
aeaf6b5a7c
Commit Graph

516 Commits

Author SHA1 Message Date
Vinoth Kannan
b96ae14261 FEATURE: Display force_https warning in admin problems dashboard 2018-01-11 12:16:10 +05:30
Arpit Jalan
ed4b845930 FIX: render error message when backup download fails 2018-01-05 19:46:43 +05:30
Robin Ward
69a90f31fb FEATURE: Allow Forums to disable the Backups feature 2017-12-21 15:22:04 -05:00
Arpit Jalan
eab66065d1 FEATURE: search log term details page (#5445) 2017-12-20 13:41:31 +11:00
Guo Xiang Tan
97ceebb570 SECURITY: Don't pass email backup token to sidekiq as a parameter. 
* This exposes the token in the Sidekiq dashboard which can be
  viewed by an admin and defeats the purpose of using a token
  in the download backup email ink.
 2017-12-18 11:25:22 +08:00
Sam
433ef4513b FEATURE: upload images and fonts in themes via hijack 2017-12-18 10:40:10 +11:00
Sam
5e90abfaea FIX: use hijack for emoji uploads 2017-12-18 10:31:19 +11:00
Joffrey JAFFEUX
001abfc4cb Revert "FIX: not permitted theme params when importing theme" 
This reverts commit 813df1a3fb.
 2017-12-14 11:40:14 +01:00
Joffrey JAFFEUX
041deac67a Revert "FIX: constant lookup error when exporting theme" 
This reverts commit 1eda8c50f0.
 2017-12-14 11:40:08 +01:00
Joffrey JAFFEUX
813df1a3fb
FIX: not permitted theme params when importing theme 2017-12-14 11:25:58 +01:00
Joffrey JAFFEUX
1eda8c50f0
FIX: constant lookup error when exporting theme 2017-12-14 11:25:11 +01:00
Robin Ward
410994b7f5 FEATURE: Show a button to Staff for "Moderation History" on posts/topics 
When clicked, it pops up a modal showing a history of moderation actions
taken on the post or topic.
 2017-12-05 15:20:20 -05:00
Arpit Jalan
e3925278e2 FEATURE: support search click through tracking for user, category and tags 
https://meta.discourse.org/t/search-logs-page/73281/11?u=techapj

This commit adds following features:

- support for tracking click through to user, tag and category
- new filter for search type (header, full page)

This commit also removes "most viewed topic" field from search logs page because we are now tracking multiple click through entities, so topic is not a special entity anymore. This also improves query perf. The query now takes `20.5ms` to runs, as opposed to `655.9ms` previously.
 2017-12-01 12:04:55 +05:30
Robin Ward
77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Régis Hanol
4addc5e329 Add missing contexts when destroying users 2017-11-22 15:43:54 +01:00
Régis Hanol
2d48caffdf FIX: be more lenient when deleting a custom emoji 2017-11-20 23:50:23 +01:00
Robin Ward
0a9daba627 FIX: Support for long suspension emails 2017-11-20 12:45:46 -05:00
Arpit Jalan
3831663fea FEATURE: search logs page (#5313) 2017-11-15 11:13:50 +11:00
Robin Ward
971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Sam
47e4c9bb46 FIX: import/export theme should work with uploads 2017-11-14 16:30:23 +11:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Gerhard Schlager
5bb326a452 Add specs for EmailTemplatesController 2017-10-02 14:53:27 +02:00
Régis Hanol
6a7920ad75 FIX: wasn't able to change default theme 2017-09-27 20:05:31 +02:00
Gerhard Schlager
1a37812625 FIX: show error message when keys are missing in email template 
FIX: log email template changes in the Staff Log
 2017-09-27 13:50:04 +02:00
Robin Ward
d1ebc62065 The ability to display errors on flagging actions. 2017-09-25 12:28:01 -04:00
Robin Ward
09ed2ed749 Add Suspend User to flags page 2017-09-25 12:28:00 -04:00
Robin Ward
6bce3004d9 UX: Nicer selection of suspend duration 2017-09-25 12:28:00 -04:00
Robin Ward
677b016387 Send a suspension message via email to a user 2017-09-25 12:26:41 -04:00
Robin Ward
2a56cf8bb6 Tests + Refactoring for Suspension Modal 2017-09-25 12:26:06 -04:00
Robin Ward
d7c37d9369 Add front end service for staff controls 2017-09-25 12:25:14 -04:00
Robin Ward
5cf50f0034 Adjust flagged posts to use the store 2017-09-25 12:25:14 -04:00
Robin Ward
5e69217793 Add filtering support to flags 2017-09-25 12:25:14 -04:00
Robin Ward
40eba8cd93 FEATURE: View flags grouped by topic 2017-09-25 12:25:14 -04:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Bianca Nenciu
6bc74ceb50 Split alias levels in mentionable and messageable levels. (#5065) 
* Split alias levels in mentionable and messageable levels.

* Fixed some tests.

* Set messageable level to everyone by default.

* By defaults, groups are not mentionable or messageable.

* Made staff groups messageable by the system.
 2017-08-28 12:32:08 -04:00
Sam
2f0c6c99e0 FIX: ip lookup not working 
Also add a powered by line so it is clear this makes an external service call
 2017-08-21 14:18:49 -04:00
Guo Xiang Tan
b77aa29e71 Merge pull request #5013 from LeoMcA/alternate-emails-phase-1.5 
FIX: add additional email to tests and clean up resulting mess
 2017-08-16 16:19:28 +09:00
Guo Xiang Tan
a9613163b5 FEATURE: Force user to enter reason when requesting for group membership. 2017-08-09 15:45:28 +09:00
Guo Xiang Tan
3f24ed2b3e Can't revert due to incompatibility of new site setting types. 
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
 2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24 Revert "FEATURE: Site settings defaults per locale" 
This reverts commit 468a8fcd20.
 2017-08-07 10:31:50 +09:00
Régis Hanol
3c0de22bf0 FIX: wasn't able to remove a user's primary group 2017-08-04 18:13:20 +02:00
Erick Guan
468a8fcd20 FEATURE: Site settings defaults per locale 
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
 2017-08-02 12:24:19 -04:00
Guo Xiang Tan
33e22cf598 Add back Admin::GroupsController#index route for now. 
* The endpoint is being used by discourse_api.
 2017-08-03 00:24:23 +09:00
Leo McArdle
836dee1120 FIX: add additional email to tests and clean up resulting mess 2017-07-31 22:27:29 +00:00
Arpit Jalan
0b01d0e95d FIX: staff cannot manually activate accounts after 48 hours has elapsed 
https://meta.discourse.org/t/staff-cannot-manually-activate-invited-accounts-after-48-hours-has-elapsed/66292/14?u=techapj
 2017-07-31 22:24:09 +05:30
Guo Xiang Tan
4620dfe92d FEATURE: Add group settngs to allow users to leave a group freely. 
https://meta.discourse.org/t/split-join-leave-freely-setting-on-groups/65565
 2017-07-28 15:00:25 +09:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Guo Xiang Tan
2442bba131 UX: Better group creation workflow. 
* Owners and users can now be added to a group during creation.

https://meta.discourse.org/t/you-cannot-allow-membership-requests-without-any-owners/64760/3
 2017-07-27 16:12:42 +09:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Guo Xiang Tan
b59dfb86f4 UX: Include group name in email when group is invited to a PM. 
https://meta.discourse.org/t/xyz-invited-you-to-a-message-but-really-invited-a-group-im-in/65996
 2017-07-26 15:51:44 +09:00
Guo Xiang Tan
1b0750d7ef Merge pull request #4983 from tgxworld/group_owners_can_invite_users_to_groups 
Group owners can invite users to groups
 2017-07-24 16:21:19 +09:00
Leo McArdle
407a23663d FEATURE: send rejection email for unrecognized errors 2017-07-21 18:26:52 +01:00
Guo Xiang Tan
2a17f1ccd7 FIX: Group owners should be able to invite users to their groups. 
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
 2017-07-21 23:48:25 +09:00
Leo McArdle
d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Sam
340a3ee5cb correct spec to handle not null visibility_level 2017-07-03 16:03:26 -04:00
Sam
845170bd6b FEATURE: add support for group visibility level 
There are 4 visibility levels

- public (default)
- members only
- staff
- owners

Note, admins and group owners ALWAYS have visibility to groups

Migration treated old "non public" as "members only"
 2017-07-03 15:26:57 -04:00
Guo Xiang Tan
b5ec241716 FIX: Validate interpolation keys used in translation overrides. 
https://meta.discourse.org/t/discobot-translation-missing-error/64429/6?u=tgxworld
 2017-06-16 08:54:48 +09:00
Sam
607998af33 FEATURE: dropdown to filter staff action logs 2017-05-30 11:25:42 -04:00
Sam
2a5a01af2e improve error on theme upload, add gif to allowed uploads 2017-05-17 16:29:09 -04:00
Neil Lalonde
a0f03936ff FIX: saving invisible primary group field that you don't belong to 2017-05-17 12:46:50 -04:00
Pat David
4bf8548dc5 Add embed class name setup for embeddable hosts 2017-05-11 15:16:16 -04:00
Régis Hanol
9641d2413d REFACTOR: upload workflow creation into UploadCreator 
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
 2017-05-11 00:16:57 +02:00
Sam
04b5516bf2 improve upload functionality 2017-05-10 15:47:11 -04:00
Sam
bc0b9af576 FEATURE: support uploads for themes 
This allows themes to bundle various assets
 2017-05-10 15:47:11 -04:00
Sam Saffron
c2829dce22 FIX: base sql vanishes after badge creation 2017-05-09 09:25:57 -04:00
Arpit Jalan
e89d0a6b20 FIX: importing a theme via file was broken 2017-05-08 12:03:24 +05:30
Guo Xiang Tan
3eb920e2b0 Merge pull request #4841 from fantasticfears/webhook-ping 
add event name for ping webhooks in the header
 2017-05-04 04:54:40 +08:00
Sam
946f25098f Refactor theme fields so they support custom theme defined vars 
This paves the way to allowing themes to specify uploads and so on.
 2017-05-02 16:02:14 -04:00
Erick Guan
9f8a917d65 add event name for ping webhooks in the header 2017-05-02 08:13:23 +02:00
Guo Xiang Tan
e4b9f72f9e FIX: Force the right encoding when handling email. 2017-04-27 16:51:54 +08:00
Arpit Jalan
b755279cf0 remove unneeded code 2017-04-27 08:47:47 +05:30
Arpit Jalan
e3f82140d8 more readable code for filtering username/email when bulk adding to group 2017-04-27 08:43:28 +05:30
Arpit Jalan
b41d96fac1 FIX: properly initialize hashes 2017-04-27 02:56:14 +05:30
Arpit Jalan
285c167fae FEATURE: provide more details when performing a bulk add to group 2017-04-27 01:37:51 +05:30
Guo Xiang Tan
423f2ab228 FIX: Processing incoming email should be done in a background job. 2017-04-24 13:57:28 +08:00
Sam
7a9eee1b71 FEATURE: default notification level for group messages 
also fixes it so staff can amend other user's group notification level
 2017-04-20 15:47:35 -04:00
Sam
86904e9cd6 FIX: better error handling for theme import 2017-04-17 16:55:53 -04:00
Sam
def7348777 FIX: display custom sections with default theme 
also cleans up mechanism for previewing themes, cleans up naming,
gets rid of old janky "preview_style", secures local theme key
 2017-04-14 13:35:12 -04:00
Guo Xiang Tan
3d76fb9c2c FIX: Don't show category options for reports that can't be scoped to a category. 2017-04-13 17:10:55 +08:00
Sam
a3e8c3cd7b FEATURE: Native theme support 
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
 2017-04-12 10:53:49 -04:00
Sam Saffron
0013a23dc1 SECURITY: prefer render plain/html to render text where possible 2017-04-10 08:01:42 -04:00
Ryan C. Gordon
888d1512ec Corrected indentation. 2017-04-06 01:49:34 -04:00
Ryan C. Gordon
c51af13338 smtp_should_reject API: use better approach to find user email. 2017-04-05 23:10:36 -04:00
Ryan C. Gordon
a51c191a66 Make Email::Receiver.check_address() into a class method. 2017-04-05 23:10:36 -04:00
Ryan C. Gordon
e15d11df18 Added an API to ask if an incoming email should be dropped at the SMTP level. 
This lets an SMTP server optionally decide if it should reject a mail without
passing it on to Discourse at all, possibly before even reading the
email's payload, to prevent spam-induced backscatter and save resources.

This just does the bare minimum sanity checking that could prevent obvious
backscatter. For legit errors from legit users, Discourse will still send a
much more pleasant reply email.
 2017-04-05 23:10:36 -04:00
Robin Ward
17f2974d0a SECURITY: Confirm new administrator accounts via email 2017-04-04 15:59:01 -04:00
Robin Ward
14410b71fb Convert server side paths to use /u/ 2017-03-30 10:23:24 -04:00
Guo Xiang Tan
a818fa9831 FIX: Show stats of the last 30 days be default for admin reports. 
* `1.month.ago + 1.month` uses the calendar month for calculations
  such that `1.month.ago` from the 30th of March 2017 will give
  us the 28th of February 2017. Adding one month ahead from
  28th February 2017 will be 28th of March 2017.
 2017-03-30 09:48:10 +08:00
Guo Xiang Tan
1a7e954e09 FIX: Store custom emojis as uploads. 
* Depending on a hardcoded directory was a flawed design
  which made it impossible to debug when custom emojis go
  missing.
 2017-03-14 13:07:18 +08:00
Régis Hanol
00380d84c5 UX: display text & html parts alongside raw email in incoming email modal 2017-03-08 23:15:42 +01:00
Rafael dos Santos Silva
c3477cd40d Merge pull request #4716 from discourse/bounced_emails_details 
FEATURE: Allow checking the raw response of a bounced email
 2017-03-06 13:30:19 -03:00
Rafael dos Santos Silva
aac4a4ed94 Handle invalid parameters and missing bounced emails 2017-03-02 20:37:28 -03:00
Blake Erickson
80858bae2c FEATURE: further restrict downloading of backups 
- send email to logged in admin when they press the "download" button
- show pop-up that email was sent
- create email template
- require a valid token to download backup
 2017-03-01 08:28:34 -07:00
Rafael dos Santos Silva
5296f00c28 FEATURE: Allow checking the raw response of a bounced email 2017-02-22 14:51:33 -03:00
Régis Hanol
f51e3b2131 FIX: should not be able to rename a system badge 2017-02-20 14:35:05 +01:00
Régis Hanol
cb99f59ec3 reset bounce score when email is successfully changed 2017-02-20 10:37:01 +01:00
Sam
ff49f72ad9 FEATURE: per client user tokens 
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
 2017-02-07 09:22:16 -05:00
Sam
2dec731da3 SECURITY: correctly validate input when admin searches for screened ips 2017-02-06 16:11:16 -05:00
Régis Hanol
fbf9172db8 FIX: log backups download/destroy staff action 
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
 2017-01-16 19:53:31 +01:00
Guo Xiang Tan
515f50e42e FEATURE: Log admin action when readonly mode is changed. 2017-01-12 09:41:02 +08:00