Commit Graph

80 Commits

Author SHA1 Message Date
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Sam
d2f2a8e218 refactoring 2013-05-28 09:13:53 +10:00
Sam
d84ae80074 Simplify user action make it more idiomatic 2013-05-27 10:22:37 +10:00
Janis Miezitis
f58bcf7fe3 Refactored duplication in user action 2013-05-26 16:07:20 +03:00
Sam
ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam
2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Sam
e91ed83586 the private message stream is different to normal streams, improving the ui a bit and collapsing conversations 2013-05-20 16:44:06 +10:00
Neil Lalonde
191d454589 Show Inbox before Sent Items 2013-05-17 14:11:33 -04:00
Sam
e9ebadb414 Nuke message_bus_observer move to service class and classes
Secure all messages triggered by post creation and all user actions so they don't leak
(meaning, if you have a browser open and secure topics are created you will only get them if you are allowed to see them)
2013-05-16 15:03:16 +10:00
Sam
5ec52bd2e9 :s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff 2013-05-02 17:22:27 +10:00
Sam
08ce46e7ed :s/POST/REPLY/g 2013-05-01 10:52:31 +10:00
Sam
5cfcdc7ef0 backend for secure categories mostly done (todo pm groups) 2013-04-29 16:33:43 +10:00
Kuba Brecka
d355e42d73 move i18n of UserActions to JS-side and make sentences translatable (take 3) 2013-04-18 12:08:13 +02:00
Sam
9b487953c4 collapse some db tests
ensure deleted topics do not show up in user stream
2013-04-10 12:50:00 +10:00
Robin Ward
1ce7a40084 Revert "Merge pull request #677 from kubabrecka/localization_user_actions2"
This reverts commit c3a426930b, reversing
changes made to 9f9072bd9d.
2013-04-09 12:33:32 -04:00
Kuba Brecka
8d927418e8 move i18n of UserActions to JS-side and make sentences translatable 2013-04-08 22:54:08 +02:00
Sam
4fbf017272 get regular trust level going, self heal inconsistent topic timings 2013-04-05 15:30:28 +11:00
Karan Misra
5dfb04e4b3 Convert a lot of :a => b to a: b and bring peace to the world 2013-03-25 05:07:36 +05:30
Sam
38f185355d added options to disable quoting and open links in new tabs
fixed a some regressions
removed some dead code
fixed messages about constants being re-defined
2013-03-12 20:06:58 -07:00
Gosha Arinich
6e5399d544 minor cleanup, using AR querying DSL over raw SQL in some places 2013-02-28 21:54:12 +03:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Sam
e8b3821b41 Merge pull request #179 from tms/users-like-like-posts
Users like like posts
2013-02-17 13:57:52 -08:00
tms
fb5710b5d6 Improved action descriptions/links on user stream items 2013-02-17 01:38:20 -05:00
tms
b7e392c7a3 Don't count bookmark stats for users who can't see them 2013-02-16 16:46:20 -05:00
tms
b91ac45359 Avoid grouping user stats by archetype (filter happens beforehand) 2013-02-16 16:33:51 -05:00
Robin Ward
b440e30f45 Better filtering out private messages on user stream. 2013-02-15 17:08:28 -05:00
Sam Saffron
6c73b3a971 bookmarks should only show up in a users stream 2013-02-15 11:44:14 +11:00
Sam Saffron
161420fac0 Added method for testing ember stuff
Collapse user actions in UI so it stops looking crazy
Removed dud dupe user action TOPIC_RESPONSE
Always show the owner of a post on the user page, actions by others at the bottom
2013-02-13 20:38:43 +11:00
Jakub Arnold
61654ab8f0 Fix all the trailing whitespace 2013-02-07 16:45:24 +01:00
Robin Ward
21b5628528 Initial release of Discourse 2013-02-05 14:16:51 -05:00