Commit Graph

14634 Commits

Author SHA1 Message Date
Sam
2955507a57 FEATURE: badges for inviting users
First invite = Promoter
3 TL2 = Campaigner
10 TL3 = Champion
2015-05-15 12:04:41 +10:00
Sam
cb09c0d7a5 Merge pull request #3471 from riking/style-inject
FIX: Properly whitelist li styles
2015-05-15 09:46:37 +10:00
riking
9d232dac9a FIX: Properly whitelist li styles 2015-05-14 16:43:01 -07:00
Robin Ward
8e395a94d4 FIX: Modal asking where to post was missing 2015-05-14 18:18:28 -04:00
Andrew Huling
e1d2ecef10 In the case of an expired nonce, return a 400 status code instead of a 500.
500 status codes are for unexpected server-side error scenarios. When an expired nonce is used by the client, a 4XX-level error is more appropriate because the client has submitted a bad request (by using an expired nonce). A 500 also causes Internet Explorer to show its default 500 page which does not show the error message and leads to a bad end user experience. I am choosing 400 for the new status rather than 401 or 403 because 401 requires a WWW-Authenticate header which would be difficult to generate in an SSO scenario and a 403 implies that no re-authentication will address the failure.
2015-05-14 16:03:02 -04:00
Neil Lalonde
4451c8802a FIX: post gutter links are broken when using a subfolder 2015-05-14 14:26:18 -04:00
Robin Ward
32606f82f6 FIX: replaceWith on leaf routes changed behavior in latest ember 2015-05-14 13:44:57 -04:00
Robin Ward
2e85a817b2 Merge pull request #3467 from boushley/enable-cors-logout
Enable CORS requests to pass necessary headers.
2015-05-14 13:21:05 -04:00
Robin Ward
f1b9a389d9 Merge pull request #3468 from fantasticfears/fix-dashboard
FIX: unhandle show report action
2015-05-14 13:19:40 -04:00
Erick Guan
2c09e97ca0 FIX: unhandle show report action 2015-05-15 00:59:31 +08:00
Robin Ward
6a3086843d OOPS, left debugging stuff in last push. 2015-05-14 12:48:12 -04:00
Robin Ward
cd27ba3478 FIX: Properly add no-conflict to ace editor 2015-05-14 12:46:51 -04:00
Aaron Boushley
60aa52b753 Enable CORS requests to pass necessary headers.
To fully enable session deletion over CORS we need support for passing the
`X-Requested-With` header so that these requests can pass the `check-xhr` filter.

I also allowed the `X-CSRF-Token` to enable the alternative CSRF passing syntax.
2015-05-14 09:46:41 -07:00
Régis Hanol
635b31af7b FIX: editing a post with a poll breaks sometimes 2015-05-14 17:18:45 +02:00
Robin Ward
c23aeddccf Merge pull request #3466 from techAPJ/patch-2
FIX: user archive export was failing in some cases
2015-05-14 11:16:51 -04:00
Robin Ward
963b08f063 Allow OPTIONS requests when CORS is enabled 2015-05-14 11:14:47 -04:00
Arpit Jalan
750a275dcb FIX: user archive export was failing in some cases 2015-05-14 20:35:25 +05:30
Régis Hanol
0b62730382 Merge pull request #3465 from riking/patch-2
FEATURE: Multiple notifications at once (1/topic)
2015-05-14 10:05:48 +02:00
Sam
4a48f983fd PERF: hit all index conditions to speed up anon ip tracking 2015-05-14 17:21:02 +10:00
Sam
2b2d0e803f PERF: missing index on useractions making user page slow 2015-05-14 14:39:04 +10:00
Sam
e074651fdc PERF: refactor user search so works more efficiently
Stop scanning entire user table
2015-05-14 14:38:47 +10:00
Sam
1eeed5fed2 PERF: speed up counting of unread notifications 2015-05-14 12:33:43 +10:00
Sam
e6f73a1c80 PERF: optimise front page category security lookup query 2015-05-14 12:19:22 +10:00
Sam
b0306fd613 DEV: make autospec compatible with rspec 3 2015-05-14 11:24:48 +10:00
riking
28f32aff66 FEATURE: Multiple notifications at once (1/topic) 2015-05-13 18:23:42 -07:00
Régis Hanol
82cc467d93 FIX: move to new/another topic 2015-05-13 23:42:45 +02:00
Régis Hanol
7c545537a6 FIX: prevent pollception 2015-05-13 23:12:53 +02:00
Robin Ward
8fa109638b FIX: Double load if left a topic and came back into it. 2015-05-13 16:54:06 -04:00
Robin Ward
b0695a2fc6 Merge pull request #3459 from arturtr/patch-1
Add http-ip param for mailcatcher
2015-05-13 16:34:01 -04:00
Régis Hanol
43755a6fab keep closed status when migrating poll to new style 2015-05-13 22:30:27 +02:00
Robin Ward
d90063fc59 FIX: Error with ace editor and new ember.
Fix upgrades ace editor, which was a huge headache due to AMD.
2015-05-13 16:25:33 -04:00
Régis Hanol
06643fb625 add support for all types of unordered lists in migrate_old_polls 2015-05-13 22:10:02 +02:00
Robin Ward
01d4085125 Removed bad JS tests, upgrade QUnit + ember-qunit 2015-05-13 14:13:37 -04:00
Régis Hanol
4df868a420 FIX: update 'migrate_old_polls' rake task to support more cases
FIX: support list that uses double newlines
FIX: support list that uses spaces before the '-'
FIX: don't break lamentably when a poll wasn't created
2015-05-13 19:56:09 +02:00
Robin Ward
29631f65f1 Include the template compiler in production mode.
Some people use this for customizations.
2015-05-13 12:23:11 -04:00
Robin Ward
882dc8132d FIX: Invalid HTML on plugins page 2015-05-13 12:13:25 -04:00
Robin Ward
5fdbc6c4b2 FIX: Replies to PMs should never been enqueued 2015-05-13 12:08:53 -04:00
Régis Hanol
bb29bff5d8 Merge pull request #3463 from techAPJ/patch-2
FIX: match subdomain with email domain blacklist
2015-05-13 17:56:54 +02:00
Régis Hanol
b8005f0b1b FIX: link starting with '[poll' should not break polls 2015-05-13 17:50:25 +02:00
Arpit Jalan
220b9c5abe FIX: match subdomain with email domain blacklist 2015-05-13 21:02:02 +05:30
Neil Lalonde
76a95e4aaf FIX: profile background inputs always appear disabled 2015-05-13 11:27:54 -04:00
Robin Ward
bbef5fb3c7 FIX: Ember deprecations on user preferences 2015-05-13 11:18:35 -04:00
Robin Ward
ea51095ef9 Adds acceptance test for user preferences 2015-05-13 11:15:41 -04:00
Erick Guan
54ce66fc62 FIX: ensure not found category badge consistent with style 2015-05-13 19:30:19 +08:00
Régis Hanol
d90e0fe66b Merge pull request #3460 from techAPJ/patch-3
FIX: rate limit topic invitations
2015-05-13 12:55:20 +02:00
Sam
8362993099 PERF: add missing index on post actions 2015-05-13 19:43:51 +10:00
Arpit Jalan
4324a157e0 FIX: rate limit topic invitations 2015-05-13 14:44:37 +05:30
Erick Guan
4c00eef8b5 FIX: category custom slug can't be set when generation method is none 2015-05-13 16:54:19 +08:00
Sam
51d82fc25d PERF: Active Record #pluck is twice faster
PERF: SqlBuilder bypasses AR converters and uses PG directly
2015-05-13 16:46:17 +10:00
Sam
e81f122a3f EXTENSIBILITY: allow registration of custom post menu items 2015-05-13 16:46:17 +10:00