Roman Rizzi
733143cba3
SECURITY: Do not create a notification if a staged user post gets quoted/linked inside a restricted category
2020-01-16 15:37:03 -03:00
Sam Saffron
30990006a9
DEV: enable frozen string literal on all files
...
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.
Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Blake Erickson
5b5b5a5931
FIX: return an error if a user tries to whisper
...
This commit fixes a bug where a user creates a whisper post via the api
but is posted as a regular message because they don't have access to
whisper. Now a 403 unauthorized will be returned instead of the whisper
param just being ignored for regular users. Staff users should not be
affected by this change.
https://meta.discourse.org/t/a-whisper-is-posted-as-a-message-if-the-user-is-not-staff-moderator-admin-when-using-the-api/116601
2019-05-07 11:42:26 -06:00
Robin Ward
31e100530f
FEATURE: Flag count in post menu
...
This change shows a notification number besides the flag icon in the
post menu if there is reviewable content associated with the post.
Additionally, if there is pending stuff to review, the icon has a red
background.
We have also removed the list of links below a post with the flag
status. A reviewer is meant to click the number beside the flag icon to
view the flags. As a consequence of losing those links, we've removed
the ability to undo or ignore flags below a post.
2019-05-06 16:13:31 -04:00
Arpit Jalan
d68d29f37a
FIX: only staff can banner topics
2019-04-02 12:46:55 +05:30
Bianca Nenciu
034b8a7ecc
FIX: Let users delete topics.
...
Follow-up to 31053f30de
.
2019-03-29 22:00:36 +02:00
Bianca Nenciu
31053f30de
FEATURE: Let users delete their own topics. ( #7267 )
2019-03-29 17:10:05 +01:00
Gerhard Schlager
c30996129f
FEATURE: Allow TL4 users to reset bump date
2019-01-02 16:57:05 +01:00
Gerhard Schlager
b9072e8292
FEATURE: Add "Reset Bump Date" action to topic admin wrench ( #6246 )
2018-08-10 10:51:03 +10:00
Kyle Zhao
2901691e87
FEATURE: per-category approval settings ( #5778 )
...
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
Guo Xiang Tan
3bfd9698c7
PERF: Avoid running the same query twice in TopicViewSerializer#details
.
2018-05-24 16:46:13 +08:00
Robin Ward
b9abd7dc9e
FEATURE: Shared Drafts
...
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.
* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.
* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.
* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.
* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Guo Xiang Tan
2ad2ed2eb2
FIX: Couldn't move a topic into the uncategorized category.
2018-03-13 10:20:47 +08:00
Robin Ward
cd6c5fc5fb
FIX: Disable "Make Personal Message" if they are disabled
2018-03-02 20:28:39 -05:00
Sam
75172024ca
SECURITY: ensure users have permission when moving categories
2018-03-02 12:13:27 +11:00
Robin Ward
69af881f7f
New site setting trusted_users_can_edit_others
...
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan
25c25ae423
FEATURE: Allow user to leave a PM.
2017-10-19 12:32:55 +08:00
OsamaSayegh
79f3d299a1
Don't allow category definition topics to be converted to PMs ( #5216 )
2017-10-02 10:04:58 +02:00
Guo Xiang Tan
5012d46cbd
Add rubocop to our build. ( #5004 )
2017-07-28 10:20:09 +09:00
Guo Xiang Tan
a28704bcee
FIX: Can't recover a post when its user has been deleted.
...
https://meta.discourse.org/t/moving-posts-to-new-topic/58436
2017-03-06 14:29:06 +08:00
Leo McArdle
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics
2016-12-05 17:20:54 +01:00
Robin Ward
e78b7a243e
FIX: Don't enqueue posts if the user can't create them (ex: closed)
2016-09-09 12:15:56 -04:00
Régis Hanol
5eda2f43c6
small topic/category guardians refactor
2016-06-27 14:36:57 +02:00
Neil Lalonde
0f8b4dcc86
FIX: trust level 3 should not be able to edit topics in categories that restrict them from doing so
2016-06-01 15:42:10 -04:00
Arpit Jalan
b25d950d99
FEATURE: allow moderators to convert a private message to public topic or vice versa
2016-05-04 22:47:32 +05:30
Arpit Jalan
acfb540952
FEATURE: move a topic from PM to regular topic or vice versa
2016-05-02 21:34:05 +05:30
Sam
8ba57c0ffd
FIX: restrict moderators from creating/editing topics in readonly categories
...
In the past moderators had blanket access to all categories they were allowed
to see. This tightens down the restriction.
2016-04-13 15:59:38 +10:00
Arpit Jalan
106e3c897f
FIX: TL3 users should not be able to edit title of archived topics
2016-01-29 01:16:41 +05:30
Kane York
c9e4745fe8
FIX: Return 410 Gone for deleted topics you could otherwise see
2015-09-18 00:14:43 -07:00
Régis Hanol
d5a2029026
FIX: category permissions weren't properly loaded when /categories is the homepage
...
FIX: don't scope to a specific category when creating a new topic from /categories
2015-09-07 18:52:53 +02:00
Robin Ward
f9069c350f
FIX: Permission issues when editing topics
...
If a user can't create a topic in a category, they should'be be
able to edit topics.
2015-04-30 17:08:12 -04:00
riking
1c0658e204
FIX: People could retitle restricted topics
...
Sort of a security fix but not really
2015-02-25 21:09:53 -08:00
Régis Hanol
1a070b16e4
FIX: use the 'post edit time limit' for topics too
2015-02-25 20:53:21 +01:00
Robin Ward
e207ca36ee
Easier helper for filtering secured categories
2015-02-12 11:52:59 -05:00
Sam
0f585bcdbe
FIX: PM should never be allowed to have a category
...
FIX: TL3 should not be allowed to muck with PM titles
2014-09-11 17:39:34 +10:00
Sam
59d04c0695
Internal renaming of elder,leader,regular,basic to numbers
...
Changed internals so trust levels are referred to with
TrustLevel[1], TrustLevel[2] etc.
This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
Neil Lalonde
2f32af3941
FIX: staff should be able to edit topics that have been archived
2014-08-15 12:45:05 -04:00
Neil Lalonde
5caf72510c
Prevent deleting the static page doc topics
2014-08-13 17:03:45 -04:00
Sam
6eaaf6714c
FIX: logic for can_see_topic?
2014-08-05 14:37:53 +10:00
Neil Lalonde
fc22127726
FIX: only admin can edit faq, tos, and privacy policy
2014-07-29 10:40:09 -04:00
riking
19b757b058
FEATURE: Hide deleted posts by default for staff
2014-07-17 10:40:15 -07:00
Neil Lalonde
faed17aa18
Moderators should always be able to create topics too
2014-06-09 15:28:03 -04:00
Neil Lalonde
4d50d0d109
FIX: admins should be able to create topics, even if min_trust_to_create_topic is higher than their trust level
2014-06-09 11:03:21 -04:00
Neil Lalonde
e68e97d986
FIX: moderators can't see private topics that they aren't invited to see.
2014-05-12 15:26:46 -04:00
Régis Hanol
fca6738212
BUGFIX: could not see the revisions of a post in a deleted topic
2014-05-12 16:30:10 +02:00
Neil Lalonde
2c725e2779
FEATURE: Trust level 4 abilities: pin/unpin, close, archive, make invisible, split/merge topic
2014-03-17 14:50:28 -04:00
Régis Hanol
1fd71bb237
BUGFIX: make the system_user an elder (TL=4)
...
Otherwise it won't be able to create topic when the `min_trust_to_create_topic` is > 0
2014-01-21 15:21:38 +01:00