Commit Graph

4326 Commits

Author SHA1 Message Date
Neil Lalonde
2db66072d7 SECURITY: signup without verified email using Google auth 2017-10-16 13:51:41 -04:00
Guo Xiang Tan
5f76e5062d Pause Sidekiq when postgres failovers. 2017-10-16 19:48:31 +08:00
Sam
229a10e142 Missed a whitelist, compensate for strict classes 2017-10-16 10:46:01 +11:00
Robin Ward
f73a3cc0d4 Don't include suspended_at or suspended_till unless suspended 2017-10-13 12:17:54 -04:00
Neil Lalonde
b124e5f19f FIX: TL0 users' messages to moderators were not being posted when flagging private messages 2017-10-13 11:55:49 -04:00
Neil Lalonde
c53f41f4f2 FIX: don't flag watched words when rebaking posts 2017-10-12 15:34:22 -04:00
Gerhard Schlager
c0bb97b5cb FIX: delete staged users when the incoming email is rejected 2017-10-11 16:17:01 +02:00
Guo Xiang Tan
9dcb11f553 Fix the build. 2017-10-11 17:45:19 +08:00
Guo Xiang Tan
09721090a3 FIX: Ensure that we revert back to default connection after running jobs. 2017-10-11 17:17:03 +08:00
Arpit Jalan
a2183c3f1d SECURITY: verify that inviter can invite new user to a topic 2017-10-09 15:59:41 +05:30
Guo Xiang Tan
a6f2533d38 SECURITY: Fix XSS on unsubscribed page. 2017-10-09 09:04:46 +08:00
Guo Xiang Tan
6fe604b93e Revert "SECURITY: Fix XSS on unsubscribed page."
This reverts commit 190558db9d.
2017-10-09 09:03:07 +08:00
Guo Xiang Tan
190558db9d SECURITY: Fix XSS on unsubscribed page. 2017-10-09 08:59:03 +08:00
Sam
4ea87b5ab8 Merge branch 's3_refactor' 2017-10-09 10:27:52 +11:00
Régis Hanol
3bdd8f57c1 FIX: invited staged users would sometimes not get notified of replies 2017-10-06 16:37:28 +02:00
Sam
70bb2aa426 FEATURE: allow specifying s3 config via globals
This refactors handling of s3 so it can be specified via GlobalSetting

This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3

It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Guo Xiang Tan
3efde2618d UX: Do not display non-human users on group page.
https://meta.discourse.org/t/members-of-groups-staff/71437
2017-10-06 10:35:40 +08:00
Neil Lalonde
beca02c046 FIX: moderators couldn't see flagged topics list 2017-10-05 14:12:07 -04:00
Guo Xiang Tan
b2127600fb Remove use of concurrent timer for Redis failover.
* Uses the same logic for Postgres failover.
2017-10-05 15:57:08 +08:00
Guo Xiang Tan
b0557c6692 UX: Allow users to remove a remind me topic timer. 2017-10-05 11:50:08 +08:00
Neil Lalonde
f5a2ed99b0 FIX: deleting category background images sometimes has no effect 2017-10-04 17:04:37 -04:00
Régis Hanol
e212435545 FIX: redirect to top wasn't working 2017-10-04 22:08:41 +02:00
Neil Lalonde
ddbd1d5ab8 allow regex options on username site settings 2017-10-04 15:08:51 -04:00
Neil Lalonde
c29334cf23 FEATURE: the hide_email_address_taken setting works with the change email address form in user preferences 2017-10-04 11:41:25 -04:00
Guo Xiang Tan
1310181664 FIX: Adding a public topic timer deletes a private topic timer. 2017-10-04 16:31:40 +08:00
Sam
5881355006 remove uneeded assertion 2017-10-04 15:59:16 +11:00
Kyle Zhao
0342324b47 FEATURE: support regex in rake post:remap (#5201) 2017-10-04 11:47:53 +11:00
Sam
4ee2fcd3d5 correct flaky spec 2017-10-04 10:47:24 +11:00
Neil Lalonde
1faae3c765 rename forgot_password_strict to hide_email_address_taken 2017-10-03 15:28:31 -04:00
Neil Lalonde
e47f5cedd2 FEATURE: forgot_password_strict setting also prevents reporting that an email address is taken during signup 2017-10-03 15:28:30 -04:00
Gerhard Schlager
7f50380221 FIX: respect email domain whitelist/blacklist when creating staged users 2017-10-03 16:36:08 +02:00
Gerhard Schlager
76706f9144 FIX: don't create staged users when incoming email is rejected
FIX: don't send subscription mail to new users
2017-10-03 16:36:08 +02:00
Régis Hanol
fafe7cc661 remove trailing whitespaces 2017-10-03 13:02:04 +02:00
Régis Hanol
daf1dda700 FIX: username autocomplete in assign modal wasn't working 2017-10-03 12:49:45 +02:00
Guo Xiang Tan
a5b7d34fe2 Merge pull request #5199 from xrav3nz/poll-feed-integration-test
TEST ONLY: PollFeed integration test
2017-10-03 14:33:22 +08:00
Guo Xiang Tan
a966f2134c Merge pull request #5215 from gschlager/email_templates
Add specs for EmailTemplatesController
2017-10-03 14:30:19 +08:00
Guo Xiang Tan
3e53dbcade UX: Only include tag hashtag postfix when necessary.
https://meta.discourse.org/t/links-to-tags-not-working-in-final-post-unless-autocompleted/69884/6?u=tgxworld
2017-10-03 13:54:50 +08:00
Guo Xiang Tan
85c5bb4ea4 Fix randomly failing spec. 2017-10-03 11:59:26 +08:00
Gerhard Schlager
5bb326a452 Add specs for EmailTemplatesController 2017-10-02 14:53:27 +02:00
Guo Xiang Tan
8140e54675 FIX: More fixes for Group#mentionable and Group#messageable feature. 2017-10-02 17:45:58 +08:00
OsamaSayegh
79f3d299a1 Don't allow category definition topics to be converted to PMs (#5216) 2017-10-02 10:04:58 +02:00
Kyle Zhao
15cd3b78ae integration test for PollFeed job 2017-10-02 01:16:11 -04:00
Guo Xiang Tan
b5bbb8ae8a Fix failing spec. 2017-10-02 13:16:01 +08:00
Guo Xiang Tan
0f2c5f5fc9 FIX: Don't raise error when trying to download avatar from URL. 2017-10-02 12:59:41 +08:00
Guo Xiang Tan
c872225762 Improve MessageBus.track_publish to allow filter by channel. 2017-10-02 11:34:57 +08:00
Guo Xiang Tan
b295a39977 Fix randomly failing spec. 2017-10-02 11:24:48 +08:00
Guo Xiang Tan
049d925213 Remove controller spec that is rewritten as request spec. 2017-10-02 10:47:22 +08:00
Guo Xiang Tan
4e07bbfbbf FIX: Only allow intergers for page params. 2017-10-02 10:45:54 +08:00
Eleanor Demis
ac04f5e0cc update response error when deleting tags (#5213) 2017-09-30 16:31:32 +02:00
Robin Ward
00b190af75 Revert "A safe way to create class variables in a multisite environment."
The approach taken by this interface was flawed. We need a better
solution.
2017-09-29 11:06:12 -04:00