Commit Graph

680 Commits

Author SHA1 Message Date
Robin Ward
58ec4d04c0 FIX: Rails has bugs when a has_one has no id column :( 2018-03-23 12:25:10 -04:00
Gerhard Schlager
43f63c435d FIX: Drop unused tables with a delay 2018-03-21 16:45:44 +01:00
Sam
6a3c8fe69c FEATURE: protect against accidental column or table drops
Often we need to amend our schema, it is tempting to use
drop_table, rename_column and drop_column to amned schema
trouble though is that existing code that is running in production
can depend on the existance of previous schema leading to application
breaking until new code base is deployed.

The commit enforces new rules to ensure we can never drop tables or
columns in migrations and instead use Migration::ColumnDropper and
Migration::TableDropper to defer drop the db objects
2018-03-21 15:43:32 +11:00
Robin Ward
b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Sam
39e679d3cb FEATURE: allow themes to live in private git repos
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Guo Xiang Tan
10d6101eae Fix incorrect function name. 2018-03-08 15:52:07 +08:00
Guo Xiang Tan
3ef5661608 Clean up unused function left in the database. 2018-03-08 15:25:10 +08:00
Gerhard Schlager
8e48b339fa Drop unused tables (#5630) 2018-03-05 17:27:30 -05:00
OsamaSayegh
282f53f0cd FEATURE: Theme settings (2) (#5611)
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
Neil Lalonde
3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Guo Xiang Tan
4ac5fc8cd3 Fix incorrect data type for SiteSetting.google_oauth2_prompt. 2018-02-23 12:20:21 +08:00
Sam
720e1965e3 FEATURE: add category suppress from latest
In the past we used suppress_from_homepage, it had mixed semantics
it would remove from category list if category list was on home and
unconditionally remove from latest.

New setting explicitly only removes from latest list but leaves the
category list alond
2018-02-22 09:56:35 +11:00
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Neil Lalonde
76c309fe6b PERF: a faster way to count tags used per category 2018-02-12 15:16:47 -05:00
Sam Saffron
fb91d24deb PERF: add index on user email logs
This index makes it much faster to figure out if a user reached
email limit on sites where lots of emails are skipped
2018-02-07 11:33:28 -05:00
Arpit Jalan
f88b8a8945 rename 'default_email_private_messages' to 'default_email_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
6be536ca50 rename 'max_private_messages_per_day' to 'max_personal_messages_per_day' 2018-02-01 13:25:29 +05:30
Arpit Jalan
7cda3a37af rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds' 2018-02-01 13:25:29 +05:30
Arpit Jalan
7e48c47d37 rename 'enable_private_email_messages' to 'enable_personal_email_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
ff0376a80b rename 'enable_private_messages' to 'enable_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
25ec077eca rename 'min_private_message_{post/title}_length' to 'min_personal_message_{post/title}_length' 2018-02-01 13:25:29 +05:30
Guo Xiang Tan
55f47491a4 Remove stale GA site setting records from the DB. 2018-01-27 09:15:46 +08:00
Robin Ward
6b04967e2f FEATURE: Staff members can lock posts
Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.
2018-01-26 14:01:30 -05:00
Guo Xiang Tan
9c66473c4c Add index for EmailLog#topic_id and EmailLog#post_id. 2018-01-11 17:28:14 +08:00
Arpit Jalan
84026ad1fd FIX: check for existing translation keys before replacing blocked with silenced 2017-12-28 18:58:18 +05:30
Arpit Jalan
5ca558c7c5 FIX: add migration to replace 'blocked_by_staff' with 'silenced_by_staff' 2017-12-28 18:11:39 +05:30
Sam
67aecff59c FEATURE: store twitter supplied email for auditing 2017-12-14 15:54:32 +11:00
Arpit Jalan
895cc0666b FIX: replace invitee_name to inviter_name in translation overrides 2017-12-13 18:17:52 +05:30
Arpit Jalan
e3925278e2 FEATURE: support search click through tracking for user, category and tags
https://meta.discourse.org/t/search-logs-page/73281/11?u=techapj

This commit adds following features:

- support for tracking click through to user, tag and category
- new filter for search type (header, full page)

This commit also removes "most viewed topic" field from search logs page because we are now tracking multiple click through entities, so topic is not a special entity anymore. This also improves query perf. The query now takes `20.5ms` to runs, as opposed to `655.9ms` previously.
2017-12-01 12:04:55 +05:30
Robin Ward
77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Gerhard Schlager
8f6d35aa59 FEATURE: category setting for mailinglist mirror 2017-11-17 15:29:14 +01:00
Neil Lalonde
b37e40eea9 FEATURE: show read time in last 60 days 2017-11-16 15:46:51 -05:00
Robin Ward
971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Michael Howell
38b8d68c68 FEATURE: Allow the user to select a custom home page (#5268)
* Add user_home configuration option

* Use the new user_home preference to actually show the right home page

* Fix trailing whitespace

* Update user_option_serializer.rb

* Fix JavaScript default homepage tests

* Use an object instead of a giant switch

* Remove trailing whitespace

* Make the default `user_home` set to `null` instead of `0`

* Rename user_home to homepage_id
2017-11-10 06:45:19 +11:00
Guo Xiang Tan
b3237d37f0 Drop unused email column from users table. 2017-11-07 10:12:33 +08:00
Guo Xiang Tan
79de10b212 FEATURE: Allow users to disable new PMs.
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
Neil Lalonde
1faae3c765 rename forgot_password_strict to hide_email_address_taken 2017-10-03 15:28:31 -04:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Arpit Jalan
66f2925348 SECURITY: do not include links from whispers in topic summary map
https://meta.discourse.org/t/staff-whispers-links-in-whispers-showing-up-publicly-in-topics-summary/69134?u=techapj
2017-08-31 23:44:54 +05:30
Sam
e282f10d94 defer drop alias_level 2017-08-28 13:26:13 -04:00
Bianca Nenciu
6bc74ceb50 Split alias levels in mentionable and messageable levels. (#5065)
* Split alias levels in mentionable and messageable levels.

* Fixed some tests.

* Set messageable level to everyone by default.

* By defaults, groups are not mentionable or messageable.

* Made staff groups messageable by the system.
2017-08-28 12:32:08 -04:00
Neil Lalonde
2c56f8df7c FEATURE: show tags in search results 2017-08-25 11:52:59 -04:00
Sam
237968b1b7 PERF: add an index on slug to make sure that slug lookups are quick 2017-08-24 13:33:25 -04:00
Erick Guan
6e59149a77 FIX: rebuild index when engine replaced (#5021) 2017-08-16 07:38:34 -04:00
Guo Xiang Tan
b404a4b97c Merge pull request #5034 from tgxworld/fix_staged_primary_email
FIX: Staged users are still missing primary email.
2017-08-10 10:30:51 +09:00
Guo Xiang Tan
7a4aee4a7e FIX: updated_at needs to be set in migration as well. 2017-08-09 20:52:13 +09:00
Guo Xiang Tan
a9613163b5 FEATURE: Force user to enter reason when requesting for group membership. 2017-08-09 15:45:28 +09:00
Guo Xiang Tan
0bc690ed11 FIX: Staged users are still missing primary email. 2017-08-09 12:03:49 +09:00