Commit Graph

5156 Commits

Author SHA1 Message Date
Régis Hanol
b04b7c366c SECURITY: force IM decoder based on file extension 2018-07-25 22:01:08 +02:00
Robin Ward
878aee965b SECURITY: Consider 0.0.0.0 a private IP 2018-07-24 11:17:13 -04:00
David Taylor
6f25421a06 SECURITY: Do not allow authentication with disabled plugin-supplied a… (#6071)
Do not allow authentication with disabled plugin-supplied auth providers
2018-07-09 14:26:44 +10:00
Sam
849b4b5685 SECURITY: category badges should HTML escape names 2018-06-28 18:16:12 +10:00
Arpit Jalan
57f5f7d755 FIX: do not show SSO external_email to moderators 2018-06-12 11:48:10 -04:00
Neil Lalonde
a279e43025 FIX: broken mailto href's in emails 2018-06-12 11:48:07 -04:00
Vinoth Kannan
17e7d3b526 FIX: avatar_url includes upload_path twice when local storage used 2018-06-12 11:48:04 -04:00
Blake Erickson
afbbdfc05f FIX: Allow a user to remove their title
Somewhere there was a regression and a user couldn't remove their own
title. If they selected '(none)' in the UI it would say it was saved,
but it would not actually be updated in the db.
2018-06-12 11:48:01 -04:00
Neil Lalonde
b675f5fa6b Merge master 2018-05-31 18:19:36 -04:00
OsamaSayegh
d4848f2d58 REFACTOR: topics controller specs to requests (#5886)
* REFACTOR: topics controller specs to requests
2018-05-31 22:45:32 +08:00
Guo Xiang Tan
7fc8a36529 DEV: Take 2 Queue jobs in tests by default.
On my machine this cuts the time taken to run our test suite
from ~11mins to ~9mins.
2018-05-31 16:23:23 +08:00
Guo Xiang Tan
56e9ff6853 Revert "DEV: Queue jobs in tests by default."
Too risky for now

This reverts commit be28154d3b.
2018-05-31 15:34:46 +08:00
Guo Xiang Tan
2b783997fa Refactor tests to complete assertions within a single it block. 2018-05-31 15:05:47 +08:00
Sam
5086fdc76d FIX: add protection for scss removal during upgrade
In some cases plugins would remove scss files or change them, but CSS
was still calculated based off stale data in old instance cache
2018-05-31 17:02:48 +10:00
Guo Xiang Tan
be28154d3b DEV: Queue jobs in tests by default. 2018-05-31 14:45:47 +08:00
Guo Xiang Tan
95f9b72351 FIX: Update activation email route was returning a generic json error. 2018-05-31 14:19:43 +08:00
OsamaSayegh
4e21a031df Remove trailing whitespace 2018-05-31 12:31:46 +10:00
OsamaSayegh
23e3a68592 REFACTOR: session controller specs to requests 2018-05-31 12:31:46 +10:00
Guo Xiang Tan
f623740ffc DEV: Stablize DiscourseRedis tests. 2018-05-30 14:45:19 +08:00
Guo Xiang Tan
21e9315416 FIX: Use user account email instead of auth email when totp is enabled.
https://meta.discourse.org/t/github-2fa-flow-broken/88674
2018-05-30 12:15:12 +08:00
Guo Xiang Tan
543b7cddfb FIX: Extra comma resulted in Github auth email result being an array.
https://meta.discourse.org/t/github-2fa-flow-broken/88674
2018-05-30 12:15:12 +08:00
Neil Lalonde
e26a14dc29 FIX: error when flagging to notify moderators because message title is too long 2018-05-29 12:21:47 -04:00
Sam
df815d6c0e DEV: prefer using ordering in relation over default scope 2018-05-29 09:34:12 +10:00
Arpit Jalan
c8bc942333 FIX: do not add invited user to automatic groups 2018-05-28 17:17:48 +05:30
Guo Xiang Tan
81b5d61fa7 FIX: topic_destroyed web hook couldn't find topic. 2018-05-28 17:38:02 +08:00
Gerhard Schlager
ed2ae3cb0a FIX: Load post revisions in correct order 2018-05-28 11:25:24 +02:00
Guo Xiang Tan
123a22e6d8 DEV: Clean up omniauth after mocking. 2018-05-28 15:12:54 +08:00
Guo Xiang Tan
a081771950
Merge pull request #5872 from OsamaSayegh/users-controller-specs-to-request
REFACTOR: users contollers specs => request specs
2018-05-28 13:32:37 +08:00
Sam
e501936405 FIX: search server side error in rare condition 2018-05-28 15:28:18 +10:00
OsamaSayegh
0347c97520 tgxworld feedback 2018-05-28 06:20:47 +03:00
Sam
5a32a70d6c FIX: ColorScheme color missing was returning "nil" 2018-05-28 11:46:00 +10:00
Robin Ward
4195c7c9ea FEATURE: Ability to clear a user's penalty history
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
2018-05-25 12:54:22 -04:00
Gerhard Schlager
20b94bc714 FIX: Extraction of quoted posts failed in some cases
* It stored only oneboxed "quotes" when [quote] and links to topics or posts were mixed.
* Revising a post didn't add or remove records from the quoted_posts table.
2018-05-25 12:00:17 +02:00
riking
12e4dd59b7 Style fix for test 2018-05-25 15:54:14 +10:00
riking
501bc0e9af FIX: UserProfileView: Do not log IP of logged-in users 2018-05-25 15:54:14 +10:00
Sam
9c91c2509e improve spec stability 2018-05-25 15:16:40 +10:00
Sam
610bfec73e DEV: correct fragile spec 2018-05-25 14:29:11 +10:00
Sam
720a12ce76 correct time dependent spec 2018-05-25 14:26:05 +10:00
Sam
be1b8fc3a8 DEV: ensure specs run in consistent times 2018-05-25 14:22:43 +10:00
Guo Xiang Tan
755b511b5c PERF: Destroy collapsed notifications in 1 query instead of 3. 2018-05-25 12:01:36 +08:00
Sam
80adc1ee80 DEV: stabilize site setting spec
side effects could cause specs to fail in rare conditions
2018-05-25 12:16:00 +10:00
OsamaSayegh
bac0482061 REFACTOR: users contollers specs => request specs 2018-05-25 05:04:25 +03:00
Guo Xiang Tan
58fbe74b6f Remove assertion to_not raise_error.
If an error is raised the test would fail anyway.
2018-05-25 09:57:08 +08:00
Guo Xiang Tan
1f27c91924 DEV: Better diagnostic when topic tracking state tests fail. 2018-05-24 15:36:41 +08:00
Guo Xiang Tan
43f7cb05c9 FIX: Broken ping event for web hooks due to missing payload. 2018-05-24 15:16:52 +08:00
Sam
d366f8d888 remove hack that destabliazed tese suite 2018-05-24 10:48:16 +10:00
Neil Lalonde
3db1032bfd FIX: not found page shouldn't include the Google search form for sites with login_required enabled 2018-05-23 16:59:02 -04:00
Andrew Schleifer
4be0e31459 fix s3_cdn_url when the s3 bucket contains a folder 2018-05-23 15:51:02 -05:00
Ryan Mulligan
fac4bf2f85 ignore emails that are from the reply by email addresses (#5843) 2018-05-23 10:04:45 +02:00
Guo Xiang Tan
ad9e0d6bea
Merge pull request #5848 from OsamaSayegh/fix-social-login-groups
FIX: apply automatic group rules when using social login providers
2018-05-23 08:17:42 +08:00