Commit Graph

768 Commits

Author SHA1 Message Date
Guo Xiang Tan
bf78c228f4 FIX: User created web hook being enqueued before record has been saved.
* Improve web hook tests as well.
2017-03-16 14:44:09 +08:00
Guo Xiang Tan
4d4a1a1552 Add scope for human users. 2017-03-11 14:25:09 +08:00
Guo Xiang Tan
08ffbf6c61 Use Time.zone.now instead. 2017-03-05 11:10:40 +08:00
Bianca Nenciu
30909ec54e Add support for username regex. 2017-03-02 13:53:45 +02:00
Régis Hanol
cb99f59ec3 reset bounce score when email is successfully changed 2017-02-20 10:37:01 +01:00
Neil Lalonde
3fb50d587d FIX: invited users and new TL1 users will see their first notification highlighted 2017-02-17 10:30:29 -05:00
Robin Ward
0e58e393a1 FIX: === and a better constant, thanks @ZogStriP 2017-02-13 13:14:19 -05:00
Robin Ward
e1d358ffbf FIX: Don't clear the login hint when the system user is saved 2017-02-13 10:54:20 -05:00
Sam
ff49f72ad9 FEATURE: per client user tokens
Revamped system for managing authentication tokens.

- Every user has 1 token per client (web browser)
- Tokens are rotated every 10 minutes

New system migrates the old tokens to "legacy" tokens,
so users still remain logged on.

Also introduces weekly job to expire old auth tokens.
2017-02-07 09:22:16 -05:00
Régis Hanol
84af84dc52 prevent inactive & staged users from being automatically added to a group 2017-02-06 17:49:27 +01:00
Guo Xiang Tan
ec73224b5e PERF: Remove N+1 query when saving a user. 2017-02-03 15:03:33 +08:00
Guo Xiang Tan
c01cee4aa6 PERF: N+1 query when saving a user. 2017-01-27 10:53:42 +08:00
Robin Ward
86c52c72f6 FIX: Deleting a user was not deleting their directory items 2017-01-16 11:46:52 -05:00
Guo Xiang Tan
63954c1b33 FIX: Same user record being saved twice causing validation to fail. 2017-01-16 16:41:03 +08:00
Guo Xiang Tan
ed5fa20b0c Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
This reverts commit 9c40657ba4.

Calling this whenever a user is initialize is hurting us bad
on performance.
2017-01-16 09:44:10 +08:00
Guo Xiang Tan
980cea7081 FIX: Add length validation for User#name. 2017-01-03 13:42:33 +08:00
Guo Xiang Tan
f1beef43a8 Merge pull request #4618 from tgxworld/fix_invalid_emails
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Neil Lalonde
9c40657ba4 FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level 2016-12-28 17:36:04 -05:00
Sam
0a78ae739d Remove SearchObserver, aim is to remove all observers
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan
13c6191e89 FIX: Don't allow invalid email to be saved. 2016-12-21 17:47:11 +08:00
Neil Lalonde
239d06b218 add Likes Recieved to possible stats in summary email 2016-12-12 14:20:25 -05:00
Guo Xiang Tan
05f55dbc10 FEATURE: Group logs. 2016-12-12 17:29:54 +08:00
Guo Xiang Tan
f812415c52 Update annotations. 2016-11-24 10:13:03 +08:00
Guo Xiang Tan
8c6d8c85db Stop showing first notification prompt once user sees the notification. 2016-11-17 09:44:00 +08:00
Guo Xiang Tan
98c1e0832c FIX: Track first notification read using Redis. 2016-11-16 16:20:38 +08:00
Guo Xiang Tan
16fdcdfc00 FIX: Add conditions on when to show first pm notification. 2016-11-16 14:17:47 +08:00
Leo McArdle
784366f1a0 FIX: display only 1 trust level badge on user card
refactoring graciously provided by @xfalcox
2016-11-14 20:53:24 +00:00
Arpit Jalan
9e69798285 FEATURE: watch first post default site setting 2016-11-10 00:09:52 +05:30
Guo Xiang Tan
b18439a1e2 Fix build. 2016-11-08 17:00:44 +08:00
Guo Xiang Tan
a8b7599d4a FEATURE: Add a radial ping when user's first notification has not been read. 2016-11-08 16:23:12 +08:00
Erick Guan
c463cf63d4 FEATURE: Webhook for user creation and approval 2016-09-19 10:12:55 +08:00
Sam
25a82e7d22 PERF: only publish notification state if we changed it
also publish seen_notification_id so we can tell what is new and what is old
cleanup controller so it correctly checks user
fix bug around clearing notification when people click mark read
2016-09-16 12:02:19 +10:00
Robin Ward
9609a47016 Ability to skip email validation via a plugin 2016-09-07 14:05:46 -04:00
Guo Xiang Tan
90a0327fd2 FIX: Check against reserved usernames should be case insensitive. 2016-08-31 21:53:41 +08:00
Sam
416e7e0d1e FEATURE: basic UI to view user api keys 2016-08-16 17:06:52 +10:00
Jeff Atwood
f8144f07fd purge 2x the unactivated old users 2016-07-27 03:29:00 -07:00
Sam
df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan
a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
cpradio
64bdededd3 Allow plugins that implement OAuth and OAuth2 to show up under associated accounts in the Admin area. (#4333) 2016-07-18 09:02:41 +02:00
Guo Xiang Tan
e4a82cdd85 Merge pull request #4306 from tgxworld/add_discourse_event_trigger_when_user_logs_out
FEATURE: Add event trigger when a user is logged out.
2016-07-05 19:50:46 +08:00
Régis Hanol
59680af329 disable email white/blacklisting for staged users 2016-07-04 16:05:01 +02:00
Guo Xiang Tan
22ade1f811
FEATURE: Add event trigger when a user is logged out. 2016-07-04 17:20:30 +08:00
Neil Lalonde
487c20959c FEATURE: max topics/replies per day for new users now starts counting from the first post, not signup date 2016-06-20 16:55:11 -04:00
Régis Hanol
470da6205c FIX: staged users should not watch/track/mute categories by default 2016-06-14 16:45:47 +02:00
Guo Xiang Tan
cb5be1fe8f
Upgrade rspec to 3.4.0. 2016-05-30 11:38:38 +08:00
Sam
089b1d164c annotate models
(reminder run RAILS_ENV=test bin/annotate once in a while)
2016-05-30 10:45:32 +10:00
Neil Lalonde
f13470b96b Use db schema for tags instead of plugin store and custom fields 2016-05-26 14:29:48 -04:00
James Kiesel
feffe23cc5 FEATURE: More granular mailing list mode (#4068)
* Rearrange frontend to account for mailing list mode

* Allow update of user preference for mailing list frequency

* Add mailing list frequency estimate

* Simplify frequency estimate; disable activity summary for mailing list mode

* Remove combined updates

* Add specs for enqueue mailing list mode job

* Write mailing list method for mailer

* Fix linting error

* Account for stale topics

* Add translations for default mailing list setting

* One query for mailing list topics

* Fix failing spec

* WIP

* Flesh out html template

* First pass at text-based mailing list summary

* Add user avatar

* Properly format posts for mailing list

* Move make_all_links_absolute into Email::Styles

* Apply first_seen_at to user

* Send mailing list email summary hourly based on first_seen_at

* Branch and test cleanup

* Use existing mailing list mode estimate

* Fix failing specs
2016-05-21 15:17:54 +02:00
Arpit Jalan
74b3807f60 FEATURE: new bootstrap mode settings for brand new Discourse community (#4193)
* FEATURE: new bootstrap mode settings for brand new Discourse community

* new SiteSetting.set_and_log method
2016-04-26 13:08:19 -04:00
Régis Hanol
2194ccec6e slightly better automatic flag reason messages 2016-04-25 23:03:17 +02:00
Régis Hanol
7d9f2265b9 FIX: improve support for handling emails coming from screened email addresses 2016-04-18 23:01:54 +02:00
Régis Hanol
de9136a8f2 FIX: bypass TL0-specific validations on posts in a PM 2016-04-18 22:08:42 +02:00
Régis Hanol
868e70e817 FIX: ensure we only ever enqueue 1 UpdateGravatar job 2016-04-18 12:44:09 +02:00
Régis Hanol
8fcd359e2a Revert "FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues"
This reverts commit b7c16991f7.
2016-04-13 18:30:25 +02:00
Régis Hanol
b7c16991f7 FIX: Jobs.cancel_scheduled_job wasn't working anymore due to our move to using multiple queues
FIX: Don't queue more than 1 'update_gravatar' job per user
2016-04-13 18:12:28 +02:00
James Kiesel
609969bf6f Remove has_many :views from User (#4150) 2016-04-08 00:37:10 +02:00
Sam
a130cb8305 FEATURE: move more urgent emails notifications to critical queue
Move signup, admin login and password change email notifications
to critical queue
2016-04-07 14:39:01 +10:00
Régis Hanol
0bf001ccd7 FIX: badge grant count wasn't filtered to the current user in the user summary 2016-03-30 23:11:00 +02:00
Neil Lalonde
54f8bdd13b FIX: only validate username when changing it 2016-03-29 11:53:21 -04:00
Robin Ward
1006b1ba94 Various Plugin Enhancements and Extension Points 2016-03-11 15:53:37 -05:00
Robin Ward
5771d2aee2 SECURITY: Support for confirm old as well as new email accounts 2016-03-08 14:52:22 -05:00
Sam
32c681c96b annotate models 2016-02-23 10:33:53 +11:00
Sam
f0e942f647 PERF: move 3 more option columns out of the user table 2016-02-18 16:57:22 +11:00
Sam
3829c78526 PERF: shift most user options out of the user table
As it stands we load up user records quite frequently on the topic pages,
this in turn pulls all the columns for the users being selected, just to
discard them after they are loaded

New structure keeps all options in a discrete table, this is better organised
and allows us to easily add more column without worrying about bloating the
user table
2016-02-17 18:08:25 +11:00
Sam
dd6ebde824 FIX: Always ensure notifications are treated as read once clicked
UX: improve messaging so notifications list is far more stable
PERF: improve performance of notifcation lookup queries

- Add feature "SetTransientHeader" that allows shipping info to server
   in the next Ajax request
- remove local storage hack used for notifications
- amend lookupStale to return hydrated objects, move logic into store
- stop magically clearing various notifications (likes, invitee accepted, group_summary, granted badge)
2016-02-15 19:29:47 +11:00
Arpit Jalan
eec8436cfe FEATURE: filter admin reports via user group 2016-02-04 11:23:49 +05:30
Sam Saffron
a764cc3a42 FEATURE: by default users track a group (as opposed to watch)
FEATURE: a rollup counting number of messages in the group inbox to tracking users
2016-01-27 21:38:33 +11:00
Sam Saffron
7303f8f309 FEATURE: first pass at user summary page 2016-01-20 15:14:25 +11:00
Régis Hanol
3083657358 FEATURE: better email in support
FEATURE: new incoming_email model
FEATURE: infinite scrolling in emails admin
FEATURE: new 'emails:import' rake task
2016-01-19 00:57:55 +01:00
Sam Saffron
c2e45c8377 Update annotate and annotate models 2016-01-11 17:30:56 +11:00
Sam
03ea0bfe22 FEATURE: allow users to archive messages
Messages are now in 3 buckets

- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with

You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly

Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
Sam
a8b5192efd FEATURE: User page refactor
Re-organise user page so it is easier to find interesting info
split it into tabs

- Introduce notifications and messages tabs
- Stop couting stuff for the user page to speed up rendering
- Suppress more information when viewing your own profile
2015-12-20 16:45:49 +11:00
Régis Hanol
1cde276656 FEATURE: ability to send emails to a group 2015-12-07 17:01:08 +01:00
Sam
88f1a8f0b1 Merge pull request #3821 from mpalmer/letter-avatar-proxy
Proxy letter avatars by default
2015-11-19 20:02:16 +11:00
Régis Hanol
92ba6125c4 FEATURE: new 'automatically_unpin_topics' user preference 2015-11-17 18:21:40 +01:00
Sam Saffron
6dd4bc7d57 FEATURE: support group owner, capable of controlling group membership
Group owners are regular users that can add or remove users to a group
The Admin UX allows admins to appoint group owners
The public group UX will display group owners first and unlock UI to
add and remove members

Group owners can only be appointed on non automatic groups
Group owners may not appoint another group owner
2015-11-10 00:56:57 +11:00
Matt Palmer
af4a48a67c Use Discourse.current_hostname
Much cleaner.
2015-11-06 14:13:44 +11:00
Matt Palmer
c09f345cff Proxy letter avatars by default
On sites that don't otherwise configure an avatar fallback, Discourse will
now tell the client to get its letter avatars from a location which nginx
proxies to the centralised `avatars.discourse.org` service.  This alleviates
privacy concerns, whilst still providing some degree of performance benefit
(no need for every site to delay avatar response by 300ms for image
rendering).

It is still possible to gain the benefits of global image caching and the
lower latency of requesting directly from a CDN, by explicitly changing the
`external_system_avatars_url` site setting to
`https://avatars.discourse.org/letter/{first_letter}/{color}/{size}.png`.
2015-11-06 14:13:44 +11:00
Arpit Jalan
a439500bac FIX: do not mark post as spam if the previous flag was disagreed 2015-10-17 01:30:53 +05:30
Régis Hanol
fe656fb04d FIX: select appropriate period when redirecting to top 2015-09-21 20:28:20 +02:00
Sam
c1ecd6f4ce update annotations 2015-09-18 10:41:10 +10:00
Régis Hanol
b9a9a91335 FIX: couldn't set 'never' for the default email digest frequency setting 2015-09-14 10:36:25 +02:00
Sam
f948ee9e26 FIX: ensure letter avatar service uses same algorithm 2015-09-14 09:42:21 +10:00
Régis Hanol
93f9dcfcec FIX: don't overwrite custom uploaded avatar when selecting gravatar
FIX: remove unecessary serialized fields
2015-09-11 15:10:56 +02:00
Régis Hanol
0c58f08207 FIX: profile picture selector 2015-09-11 15:10:56 +02:00
Sam
6437cd0341 FEATURE: add support for generic external avatar services
This changes it so we only ship an avatar template down to the client
it has no magic, all it knows is how to plug in size
2015-09-11 15:10:56 +02:00
Sam
90d49d1497 correct paths used for external service 2015-09-11 13:18:07 +10:00
Régis Hanol
2742602254 FEATURE: support for external letter avatars service 2015-09-11 02:12:40 +02:00
Régis Hanol
e43034f08f Revert "FEATURE: SVG letter avatars (based on @eviltrout's spike)"
This reverts commit cd77465788.
2015-09-11 00:23:52 +02:00
Régis Hanol
cd77465788 FEATURE: SVG letter avatars (based on @eviltrout's spike) 2015-09-11 00:11:48 +02:00
Sam
335be272ff FEATURE: implement capping of new/unread
We cap new and unread at 2/5th of SiteSetting.max_tracked_new_unread

This dynamic capping is applied under 2 conditions:

1. New capping is applied once every 15 minutes in the periodical job, this effectively ensures that usually even super active sites are capped at 200 new items

2. Unread capping is applied if a user hits max_tracked_new_unread,
  meaning if new + unread == 500, we defer a job that runs within 15 minutes that will cap user at 200 unread

This logic ensures that at worst case a user gets "bad" numbers for 15 minutes and then the system goes ahead and fixes itself up
2015-09-07 12:03:17 +10:00
Sam
a54e8f3c5e FEATURE: live refresh notifications as they happen 2015-09-04 13:20:33 +10:00
Régis Hanol
5984b62347 FIX: ensure we remove 'category_users' records when a user is deleted 2015-09-02 20:43:15 +02:00
Robin Ward
f9717da28f Merge pull request #3695 from riking/patch-10
FIX: Consider reserved usernames as not 'available'
2015-08-26 10:51:50 -04:00
Sam
ea9bc68ee5 PATCH: in some cases this is being turned to a string workaround for now 2015-08-26 16:19:21 +10:00
Kane York
1586886bf9 FIX: Consider reserved usernames as not 'available'
https://meta.discourse.org/t/reserved-usernames-ignored-by-invites/32490
2015-08-25 17:24:07 -07:00
Sam
84fdc655ad correct retry logic 2015-08-24 10:28:38 +10:00
Régis Hanol
bef80633b1 FEATURE: global admin override of most of the user preferences 2015-08-21 20:39:21 +02:00
Régis Hanol
49996bcdea FIX: don't suggest name when email is empty 2015-08-20 11:59:28 +02:00
Arpit Jalan
eb941475fa FIX: mark invite accepted notification as read 2015-08-13 11:11:54 +05:30
Neil Lalonde
782dd13e78 FEATURE: track user visits on mobile and display on admin dashboard in a new Mobile section 2015-07-07 14:06:42 -04:00
Robin Ward
b52e5d1536 FIX: default_avatars wasn't being used for some server side templates 2015-06-26 13:38:09 -04:00
Régis Hanol
189cb3ff12 FEATURE: move migrate_to_new_scheme into a background job
- new hidden site setting 'migrate_to_new_scheme' (defaults to false)
- new rake tasks to toggle migration to new scheme
- FIX: migrate_to_new_scheme also works with CDN
- PERF: improve perf of the DbHelper.remap method
- REFACTOR: UrlHelper is now a class
2015-06-12 12:07:57 +02:00
Sam Saffron
feeb509a97 SECURITY: expire all existing email tokens on password reset 2015-06-06 03:50:06 +10:00
Sam Saffron
4171eb758c SECURITY: expire all existing sessions if user changes passwords 2015-06-06 03:09:19 +10:00
Sam Saffron
83559bbf45 posts read may enter concurrently, retry 2015-06-01 11:55:07 +10:00
Régis Hanol
acafa491b2 user avatar urls/templates refactor 2015-05-29 18:51:17 +02:00
Luke Granger-Brown
9f9825bb6b FIX: don't send emails to anonymous users
Also changes behaviour of real to not return anonymous users.

This means user counts will no longer include them, and the
mailing list system will ignore them even if they somehow end up
with the feature turned on.
2015-05-11 00:56:34 +01:00
Neil Lalonde
963ebf5963 FIX: if approving a user when must_approve_users is false, don't send an email 2015-05-04 15:30:25 -04:00
Robin Ward
4745eca4ad FIX: Don't abort PurgeInactive if they have posts. Just skip. 2015-05-04 11:37:49 -04:00
Sam
803feefd54 MessageBus handles readonly redis now, no need to wrap it 2015-05-04 12:21:00 +10:00
Neil Lalonde
b2fd69a675 FIX: avatar_template when using relative_url_root 2015-04-28 20:58:46 -04:00
Robin Ward
151b559e4c FIX: If you delete a user, delete their queued posts as well. 2015-04-24 16:04:44 -04:00
Robin Ward
5b3f99aa50 Don't blow up if Redis switches to READONLY 2015-04-24 14:37:16 -04:00
Régis Hanol
80b2935e11 FIX: prevent DOS when fixing avatar in quotes 2015-04-24 11:14:10 +02:00
Régis Hanol
a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Sam Saffron
296add56e6 correct letter avatar template 2015-04-20 13:07:12 +10:00
Sam
51b747346e PREF: speed up grabbing unread counts 2015-04-17 16:01:20 +10:00
Sam
4bfca12b11 FEATURE: anonymous_account_duration_minutes , cycle anon accounts after N minutes from last post
fixes it so anon users can not like stuff
2015-04-08 12:30:02 +10:00
Neil Lalonde
30b063c08b FEATURE: make full names a required field of user profiles with the full_name_required setting 2015-04-02 17:08:04 -04:00
Régis Hanol
10b8eca9a6 fix the build 2015-03-30 12:48:20 +02:00
Régis Hanol
588667b1e4 FEATURE: fix avatar in quotes when changing avatars 2015-03-30 12:31:10 +02:00
Sam
5aa1272f05 clean up first day user definition and object model 2015-03-26 16:48:36 +11:00
Sam
9834d11503 Staff and TL2 up are immune to newuser checks and not considered new users 2015-03-26 16:04:46 +11:00
Sam
92e371f0b3 FEATURE: civilized mute
Allow user to mute all notifications generated by specific users
2015-03-24 11:55:22 +11:00
Régis Hanol
6cd4330335 FIX: show all deleted posts 2015-03-11 18:07:47 +01:00
Neil Lalonde
608647d02f FEATURE: Anonymize User. A way to remove a user but keep their topics and posts. 2015-03-10 11:59:08 -04:00
Régis Hanol
e74b9ee5da FIX: should not count disagreed flags 2015-02-19 18:11:07 +01:00
Sam
67f404d281 FIX: remove notifications on deleted topics from the stream 2015-02-19 12:40:00 +11:00
Robin Ward
3ce2077aa8 Migrate unsubscribe keys to the database.
This should reduce a lot of the keys in redis.
2015-02-13 14:24:15 -05:00
riking
06f02ce9fc FIX: 🈂️ Allow closing polls in multi-locale sites 2015-02-05 19:55:03 -08:00
Arpit Jalan
6c410ed093 FIX: strip whitespaces from user email 2015-01-30 01:44:24 +05:30
Régis Hanol
efd65dcc8c hard match domains for automatic group membership 2015-01-26 23:17:29 +01:00
Régis Hanol
256519dddf FEATURE: automatic group membership based on email address 2015-01-23 18:25:43 +01:00
riking
1ab0d6bd82 FEATURE: Log username changes by staff
Also fix the tests for changing username
2015-01-17 02:26:12 -08:00
Jason W. May
a2b284a0a4 table & model changes for group managers with permission to edit membership 2015-01-15 11:44:42 -08:00
Régis Hanol
e20078a9dc PERF: fix performance issue when displaying the user card for admins 2015-01-05 19:49:32 +01:00
Erick Guan
97b3914b70 FIX: use utc time when generate reports; set boundary 2014-12-30 22:43:03 +08:00
Régis Hanol
521226f4c9 FIX: registration fails with timeout on gravatar 2014-12-15 22:10:27 +01:00
Régis Hanol
929ff00741 FIX: use excerpt instead of the summary 2014-12-06 18:48:39 +01:00
Jeff Atwood
ea269ccfb2 rename purge_inactive to purge_unactivated 2014-12-02 21:36:25 -08:00
Robin Ward
cb0e7a5724 For performance reasons, use delete_all when removing a user's email logs 2014-11-28 14:20:43 -05:00
Sam
6bed4e1bf0 add allowed_ips to api_keys
update annotations
2014-11-20 14:53:15 +11:00
Robin Ward
068d22e9b3 Add API support for querying admin reports by date range 2014-11-05 13:11:37 -05:00
cpradio
8f390c979b FEATURE: Mark All as Read button for Notifications page
Added a Mark All as Read button to the top/bottom of the notifications user page
https://meta.discourse.org/t/possibility-to-selectively-or-completely-mark-notifications-as-read/20227

Remove notifications property (no longer used)
2014-10-13 06:31:27 -04:00
Sam
0e7be81e60 FIX: badge granted titles were not being revoked when badge was revoked 2014-10-08 10:26:18 +11:00
Sam
37af13f6ea FIX: badge notifications are marked read by the system after opening 2014-10-02 16:08:31 +10:00
Sam
72a28aeb7c FEATURE: always show highest trust level badge in card
FEATURE: fa-user icon for trust level badges
2014-10-02 16:08:31 +10:00
Robin Ward
edb34c178a FEATURE: Show user fields when the user is signing up 2014-09-30 10:45:18 -04:00
riking
bff95a6a97 Rename 'leader' -> 'tl3' 2014-09-30 13:16:34 +10:00
riking
c8111ada6e FEATURE: Allow admins to lock users from TL3 promotion/demotion
Also, update the display logic for the leader promotion screen to
account for the demotion grace period.
2014-09-30 13:15:13 +10:00
Régis Hanol
7e309a21cf FEATURE: hide emails behind a button for staff members 2014-09-29 22:31:05 +02:00
Sam
c248d28c38 FEATURE: display associated accounts in admin user 2014-09-25 16:15:01 +10:00
Régis Hanol
7bc223ef7c FEATURE: improve flags reminder email 2014-09-23 18:37:31 +02:00
riking
2c6d03f87f SECURITY: Limit passwords to 200 characters
Prevents layer 8 attack.
2014-09-12 12:07:11 -04:00
Robin Ward
334e21a03a Revert "Revert "FEATURE: Can create warnings for users via PM""
This reverts commit 1c7559380c.
2014-09-08 11:11:56 -04:00
Robin Ward
1c7559380c Revert "FEATURE: Can create warnings for users via PM"
This reverts commit b0bfc1f93f.
2014-09-08 10:38:59 -04:00
Robin Ward
b0bfc1f93f FEATURE: Can create warnings for users via PM 2014-09-08 10:27:06 -04:00
Sam
59d04c0695 Internal renaming of elder,leader,regular,basic to numbers
Changed internals so trust levels are referred to with

TrustLevel[1], TrustLevel[2] etc.

This gives us much better flexibility naming trust levels, these names
are meant to be controlled by various communities.
2014-09-05 15:20:52 +10:00
riking
54484ca18a "FIX": Add error reporting to NotifyMailingListSubscribers
Also skip unactivated users, which may actually fix this
2014-09-03 14:53:05 -07:00
Robin Ward
0ae3c327de Add a message to the staff logs indicating why a user was purged 2014-08-27 16:05:07 -04:00
Sam
414c6d191f FIX: remove nullable dates post upgrade to Rails 4 2014-08-27 15:19:25 +10:00
Neil Lalonde
00c28f2391 Show total likes given. Put likes given/received and flags given/received together. 2014-08-22 15:23:19 -04:00
Neil Lalonde
dafc63e3a0 Show how many likes users received in the last 100 days on their admin profile page 2014-08-22 14:37:07 -04:00
Neil Lalonde
5454c1ed24 Updated model anotations 2014-08-22 13:01:44 -04:00
Robin Ward
3235f2c477 FIX: Don't try and delete inactive admins, rare as they may be. 2014-08-19 13:47:01 -04:00
Akshay
3fd784b513 removed useless assignments at some places 2014-08-19 18:10:23 +05:30
Robin Ward
ba15a6a9ea PERF: Only delete 100 inactive users at once 2014-08-13 17:56:40 -04:00
Régis Hanol
4c4ce05964 FIX & PERF: vanilla import
PERF: disabled refresh_avatar callback when importing users
PERF: avoid using UsernameSuggester when not needed
FIX: categories wasn't working
FIX: posts from deleted users are now from the system user
2014-08-13 22:20:06 +02:00
Robin Ward
7ed969f0c7 Site Setting to customize how frequently inactive users are purged 2014-08-13 15:11:19 -04:00
Robin Ward
3c6673aceb Purge inactive accounts that are older than 7 days 2014-08-13 14:13:41 -04:00
Sam
22cd259687 FIX: remove faulty "ensure consistency" badge job 2014-08-11 09:21:06 +10:00
Sam
b5045a005f PERF: last seen index on users 2014-08-07 13:33:11 +10:00
Sam
cb0ecd9ff1 PERF: store topic views in a topic view table
* cut down on storage of the work Topic, 3 times per row (in 2 indexes)
* only store one view per user per topic
* only store one view per ip per topic
2014-08-04 19:07:55 +10:00
Sam
e7e70d14da Merge pull request #2591 from BenLubar/benlubar-edit-history-public
add profile option for edit history visibility
2014-07-30 14:09:10 +10:00
Régis Hanol
bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00
Ben Lubar
44dc4b4a17 add profile option for edit history, visible only when edit history is disabled globally. 2014-07-26 23:04:46 -05:00
Sam
0f9678fe49 FIX: faster update of all badges
Introduced badge triggers, introduced concept of badge that happens due to a post but has the post hidden

Delta badge grant happens once a minute, backed by redis
2014-07-23 11:46:07 +10:00
Sam
bfb37054e8 Badge Grouping work in progress 2014-07-17 16:11:10 +10:00
Neil Lalonde
939e8505a9 Remove hub username integration 2014-07-16 12:25:24 -04:00
Neil Lalonde
01a68f8cc7 Emails are case insensitive 2014-07-16 10:22:01 -04:00
Sam
59c399c50a FIX: count distinct badges for totals. 2014-07-16 16:21:46 +10:00
Robin Ward
f2dd35ab08 Improve the unsubscribe to digest experience. Give a link in case it
fails, provide a different message if you are logged in as a different
user, increase expiry to 2 months from 1 week.
2014-07-15 17:20:59 -04:00
Sam
88469721b9 FEATURE: Allow admins to disable specific badges 2014-07-14 17:40:36 +10:00
Sam
8fcc019ff8 FIX: only allow badge title selection if it exists 2014-07-09 15:31:49 +10:00
Sam
9a9ad9bda8 FEATURE: Badge progress
- Refactor model so it stores backfill query
- Implement autobiographer
- Remove sample badge
- Correct featured badges to only include a badge once
2014-07-03 17:29:44 +10:00
Régis Hanol
c0cd109e9d TRIVIAL: code formatting 2014-06-26 19:50:29 +02:00
Andrew Bezzub
386d1e231a move profile_background from User to UserProfile 2014-06-26 12:30:07 -04:00
Sam
56dcd00570 BUGFIX: trust_level_0 group not including trust_level_1
BUGFIX: manual trust level change not adding user to groups
BUGFIX: system not in correct trust level groups
2014-06-17 10:52:02 +10:00
Andrew Bezzub
9ffd173873 move bio to UserProfile from User 2014-06-13 14:55:32 -04:00
Andrew Bezzub
7db31adf35 move website from User to UserProfile 2014-06-06 21:54:32 -07:00
Sam
fa6f22dd39 Move letter avatars out of upload system
FIX: S3 issues around system avatars
FIX: reduced backup file size
2014-05-30 14:45:55 +10:00
Sam
5adc486cef BUGFIX: missing avatars in topic map
Cleanup uneeded column
2014-05-29 14:59:14 +10:00
Sam
d9f51961c4 BUGFIX: pick gravatar if it was just downloaded
BUGFIX: don't go rebaking unless all avatars are downloaded
2014-05-28 16:54:21 +10:00
Sam
b1d5f4440b Annotate models 2014-05-28 12:30:57 +10:00
Robin Ward
7c22d738b6 FEATURE: Add a location field to a user's profile 2014-05-27 13:54:04 -04:00
Sam
1e28668e9f missed one spot where route changed 2014-05-28 01:09:01 +10:00
Sam
504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam
6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam
ff6755f1e5 Merge pull request #2343 from knutaldrin/patch-1
Fix suspended scope
2014-05-23 12:56:32 +10:00
Knut Aldrin Wikström
579f2bf7b8 Fix suspended scope
:non_suspended should check if suspension is <= NOW, else one could end up in neither group.
2014-05-15 15:47:49 +02:00
Vikhyat Korrapati
c07244a4e6 Refactor BadgeGranter.update_trust_level_badges! -> update_badges. 2014-05-14 21:01:41 +05:30
Vikhyat Korrapati
b144b75565 Add automatically assigned trust level badges. 2014-05-14 20:47:21 +05:30
Sam
34d1668f9f FEATURE: backend for inviting a user to a group 2014-05-09 18:22:35 +10:00
Louis Rose
1574485443 Perform the where(...).first to find_by(...) refactoring.
This refactoring was automated using the command: bundle exec "ruby refactorings/where_dot_first_to_find_by/app.rb"
2014-05-06 14:41:59 +01:00
Régis Hanol
c21d3f41d0 BUGFIX: only redirect new users to top page once
Actually, new users will still be redirected to the top page during the first 30 seconds of their first visit.
2014-05-05 19:00:40 +02:00
Sam
f6c22cc299 Merge pull request #2297 from ligthyear/custom-fields
Custom fields for Topic, Category, Post and Group
2014-04-30 13:15:50 +10:00
Benjamin Kampmann
0cf07d41ae Move Concern from lib into app/models. refs #2279 2014-04-29 19:26:43 +02:00
Benjamin Kampmann
e6e03a1a96 move custom fields into its own concern 2014-04-29 19:26:42 +02:00
Robin Ward
359d59242e If a new user receives a mention, quote or response to their post, allow
them to continue posting in a topic.
2014-04-29 12:59:14 -04:00
Sam
e88e43bfb6 Merge pull request #2279 from fantasticfears/concern
move concerns to the model/concerns
2014-04-28 09:48:33 +10:00
Régis Hanol
f8d9fb7bdc Revert "Merge pull request #2284 from jaimeiniesta/patch-1"
This reverts commit a6b88d1e7e, reversing
changes made to 9bee0b6e2d.
2014-04-25 11:40:38 +02:00
Sam
a6b88d1e7e Merge pull request #2284 from jaimeiniesta/patch-1
escape gravatar URLs to comply with W3C standards
2014-04-24 12:56:16 +10:00
Sam
05efc8df16 BUGFIX: likes would cause whole post to re-render 2014-04-24 12:42:04 +10:00
Robin Ward
af877781b7 Allow admins to choose if groups are visible or not. 2014-04-22 16:43:46 -04:00
Sam
a3b2b4baca FEATURE: custom fields on User 2014-04-22 13:52:13 +10:00
Jaime Iniesta
6084cb969d escape gravatar URLs to comply with W3C standards
This fixes an HTML validation error due to & not being properly escaped on the gravatar URLs.
2014-04-21 00:46:00 +02:00
Erick Guan
6d45f71254 move concerns to the model/concerns 2014-04-19 12:00:40 +08:00
Vikhyat Korrapati
843023d7c9 Fix user_badges n+1 query. 2014-04-17 21:58:05 +05:30
Vikhyat Korrapati
4c0f85650e Display badge count in the user admin page. 2014-04-16 18:08:10 +05:30
Vikhyat Korrapati
e0a4959dc9 Sort featured badges by badge type first, followed by grant count. 2014-04-16 18:08:10 +05:30
Sam
862a6696c0 Correct annotations
allow longer usernames (up to 60)
2014-04-15 15:53:48 +10:00
Régis Hanol
2505d18aa9 FEATURE: support email attachments 2014-04-14 22:55:57 +02:00
Sam
b0ed9082b3 FEATURE: Hidden site setting for max username length 2014-04-14 12:55:33 +10:00
Régis Hanol
6373de550f update annotations 2014-04-08 17:35:44 +02:00
Sam
d71f62a9f9 Merge pull request #2180 from tomciopp/master
More idiomatic approach to finding drafts
2014-04-08 16:46:24 +10:00
Régis Hanol
ef24a4c71c FEATURE: add redirect_users_to_top_page site setting (default to true) 2014-03-31 21:53:38 +02:00
Thomas Cioppettini
38882eb1a7 Remove threequals from ruby files 2014-03-26 12:20:41 -07:00
Sam
7e7c4efcc0 FEATURE: on initial boot hint users on how to get admin 2014-03-24 18:03:39 +11:00
Sam
5c148faeb9 annotations were out of date 2014-03-20 15:35:51 +11:00
Sam
02963b03dc BUGFIX: last_seen_at can be nil 2014-03-17 12:42:51 +11:00
Sam
fe63db7953 Merge pull request #2115 from vikhyat/badge-system
Initial badge system implementation
2014-03-17 10:06:37 +11:00
Vikhyat Korrapati
9b26c8584e Initial badge system implementation. 2014-03-14 21:49:26 +05:30
Neil Lalonde
9ca516e58d Rename nickname to username in the code. Use new hub routes. (Old routes still exist as aliases for old Discourse instances.) 2014-03-12 12:39:36 -04:00
Régis Hanol
8214536614 BUGFIX: don't show redirect reason if you aren't redirected
Move the redirect to top page logic server-side and make sure the reason
is not shown when top is not in the navigation menu (top_menu).
2014-03-07 18:58:53 +01:00
Stephen Birarda
4a2dab9c5e allow for custom min_username_length
change constant in user to be global range and not default
2014-03-04 16:37:05 -08:00
Robin Ward
4b61d6af28 BUGFIX: new date was incorrect 2014-03-03 16:11:59 -05:00
Robin Ward
3abe84941f FEATURE: Add new_since column to UserStat so we can reset the "New"
date.
2014-03-03 15:47:00 -05:00
Sam
6f31d3f0e5 FEATURE: single sign on support
Added support for outsourcing auth to a different website, documentation on meta
2014-02-25 14:31:03 +11:00
Neil Lalonde
b696c96a19 Look at the age of a user's first post to determine if the user can be nuked, instead of looking at when the user registered. 2014-02-20 12:29:40 -05:00
Erik Ordway
8fc5c66c55 this needs to go but did not show up in my tests but did on travis 2014-02-11 18:13:24 -08:00
Robin Ward
e511e8a80b Link to groups from user profile 2014-02-07 10:44:51 -05:00
Sam
93434be16d SECURITY: reduce moderator rights
You can now hide particular categories from certain moderators
2014-02-07 14:11:52 +11:00
Sam
be560d4eb6 Update annotations 2014-02-07 11:07:52 +11:00
Sam
227873df78 FEATURE: proper mailing list mode
once enable_mailing_list_mode is enabled any user can elect
to get every post via email unless they opt out of category or topic
2014-02-07 11:07:52 +11:00
Neil Lalonde
c8bc9bd5db Show discourse logo as system user avatar 2014-01-29 12:29:05 -05:00
Neil Lalonde
7cc5da08fe Track how many posts a user reads each day in user_visits 2014-01-27 11:20:19 -05:00
Neil Lalonde
ae3b53bb76 Add a page in admin to view trust level 3 requirements for a user. Only shows for users who are currently at trust level 2. 2014-01-22 18:17:45 -05:00
Neil Lalonde
ba74226346 FIX: invited users get clearer messaging when setting a password for the first time 2014-01-21 12:42:26 -05:00
Régis Hanol
129617b415 Lots of bugfixes
BUGFIX: navigation bar should always activate the right tab (even when diging into a top period)
BUGFIX: /top pages titles
BUGFIX: no "edit category" button on /top page after visiting a category
BUGFIX: properly hide category columns when there is no children category (on both filter + top pages)
BUGFIX: promises not caught when scrolling down a topic list to load more of them
BUGFIX: CSS on category dropdowns
Updated `top_menu` i18n with available filters
2014-01-18 19:27:25 +01:00
Régis Hanol
c1a66b70bb BUGFIX: use previous_visit_at instead of last_seen_at to determine the best period to display in the top summary 2014-01-16 01:36:32 +01:00
Neil Lalonde
4f6b208e8d Posts by trust level 3 users do not have nofollow on their external links. 2014-01-15 11:40:51 -05:00
Régis Hanol
e732aa8a86 BUGFIX: we should not store absolute urls for locally uploaded avatar templates
Highly recommended to run: `RAILS_ENV=production bundle exec rake avatars:regenerate` to fix the avatar templates stored in the database.
2014-01-07 17:45:06 +01:00
Neil Lalonde
a897c2b091 Add default_external_links_in_new_tab site setting 2014-01-02 15:27:37 -05:00
Robin Ward
f145060315 Don't employ the "too many replies" if the user is staff, or if they created the topic.
See: http://meta.discourse.org/t/what-is-the-point-of-limiting-new-users-to-three-replies-per-topic/11696
2014-01-02 12:57:40 -05:00
DV Suresh
24886c300b Correct few spelling in the comments 2013-12-21 01:19:22 -06:00
Neil Lalonde
33c6997ded Move password validation into PasswordValidator 2013-12-19 16:15:47 -05:00
Robin Ward
1cac9fa257 New users can only post newuser_max_replies_per_topic times per topic. 2013-12-19 13:45:55 -05:00
Sam
2db3cfb16b annotate models 2013-12-05 17:40:35 +11:00
Régis Hanol
82b78ec6ba schemaless avatar urls 2013-11-22 19:18:45 +01:00
Régis Hanol
3cf5a363f7 do not destroy uploads when destroying a user 2013-11-22 18:29:07 +01:00
railsaholic
34bba737ff Refactor SessionController#create, reduce complexity.
Don't compromise readablity
2013-11-15 22:09:03 +05:30
sirMackk
af67284995 User ctrl refactor - breaks up large methods, moves some logic into model
Includes missing methods from backup for travis to pass

fix missing code, failing specs

keep params handling in the controller.
2013-11-09 18:44:13 +05:30
Neil Lalonde
0c6f794eb0 Used the term suspended instead of banned. 2013-11-07 13:53:49 -05:00
Neil Lalonde
92a0729937 When banning a user, a reason can be provided. The user will see this reason when trying to log in. Also log bans and unbans in the staff action logs. 2013-11-01 10:47:26 -04:00
Robin Ward
f7d6ab579c Merge pull request #1571 from novemberkilo/master
Refactor User#update_last_seen! and User#update_tracked_topics
2013-10-29 08:28:08 -07:00
Sam
95e936c299 cleanup API for looking up a user by email or username, add specs, fix invalid auto association in open id provider 2013-10-28 16:29:07 +11:00
Manoj
96ae3cdacc Utilize already existing method 'find_by_username_or_email'
check presence of email using include, dont use =~
2013-10-24 19:26:06 +05:30
Navin Keswani
6ce80fd148 Refactor User#update_last_seen! and User#update_tracked_topics 2013-10-23 23:27:30 +02:00
Robin Ward
348e2e3ef2 Support for per-user API keys 2013-10-22 17:34:39 -04:00
Robin Ward
2308784713 Merge pull request #1543 from railsaholic/small_users_controller_refactoring
refactor UsersController to reduce complexity
2013-10-21 12:21:03 -07:00
Neil Lalonde
648b11a0eb Add screening by IP address. When deleting a user as a spammer, block all signups from the same IP address. 2013-10-21 14:50:18 -04:00
Manoj
868e4ffe6d refactor UsersController to reduce complexity
Refactored: UsersController#create
2013-10-19 15:18:11 +05:30
Neil Lalonde
0eaf32db45 Add a message to flags created because of the newuser_spam_host_threshold site setting 2013-10-17 15:08:11 -04:00
Manoj
7c03076c2a Refactored Topic#limit_topics_per_day to reduce code climate complexity
Extracted  1) #apply_per_day_rate_limit_for, method as generic
RateLimiter , 2) #limit_first_day_topics_per_day as a separate method,
3) Added User#added_a_day_ago?, 4) Fixed private methods indentation.
2013-10-16 14:58:18 +05:30
Neil Lalonde
3c2c6ab24b Add sockpuppet spammer detection. Automatically flag posts if they are from new users (registered less than 24 hours ago) at the same IP address and one of them started the topic. 2013-10-11 13:34:05 -04:00
Sam
5bf26ec34e large refactor, ship a few columns from the user table into user_stats 2013-10-07 15:04:59 +11:00
Sam
441010ac65 optimise view count calculation query 2013-10-02 17:08:53 +10:00
Robin Ward
7d9a84b496 New User Education goes through a server side ComposerMessages check. Composer message for users
who don't have avatars.
2013-09-13 12:23:53 -04:00
Robin Ward
fcff4e80d1 New user_stats table to keep track of queried information on a user.
This is information that is not usually needed when representing a user
and is in a separate table with a has one relationship to avoid querying
it all the time.
2013-09-11 14:50:26 -04:00
Robin Ward
2319924206 Adds a class that can detect whether a user has uploaded a custom avatar 2013-09-10 15:39:11 -04:00
Sam
162d94aa02 improve secure_category_id query 2013-09-10 14:29:02 +10:00
Sam
41a1b6942d notify moderators now goes to the "community" user, that saves our poor mods from a flood of pms
if any staff respond to a pm they are automatically added to the list of recipients and will start
getting email notifications
2013-09-06 14:07:23 +10:00
Neil Lalonde
117fc8db58 Change the way nuked users' posts are handled. Allow null in the user_id column of posts. Show these posts in the posts stream. 2013-09-04 15:42:21 -04:00
Sam
61281a3c81 invite only forums had very wonky logic, invited users were not being activated, invite_only forums were still registering users 2013-08-28 17:18:31 +10:00
Sam
dfa5a8a83f annotate models 2013-08-28 10:52:06 +10:00
Navin Keswani
d87389b38e No more rails 4 deprecation warnings 2013-08-25 23:18:11 +02:00
Neil Lalonde
6e79197519 Enum site settings can have translatable names in dropdown. Add setting for how often users get digest emails by default: default_digest_email_frequency. 2013-08-23 17:36:25 -04:00
Sam
472f0684c3 Merge pull request #1345 from salbertson/refactor-find_by_username_or_email
Improve test coverage and refactor User.find_by_username_or_email
2013-08-22 17:14:06 -07:00
Neil Lalonde
3b15e2e58e Banned users are not returned as pending review users 2013-08-22 19:23:49 -04:00
Scott Albertson
1dbe1fb1bc Refactor User.find_by_username_or_email
* Improve test coverage
2013-08-22 09:40:07 -07:00
Sam
c0c929be5a optimise query that runs every 10 minutes and takes out the user table 2013-08-20 17:40:22 +10:00
Michael Kirk
4af8a9102e Authenticate with Discourse via OAuth2
See https://github.com/michaelkirk/discourse_oauth2_example for an
example of how you might integrate your existing oauth2 provider's
authentication via a Discourse plugin.
2013-08-17 21:45:20 -07:00
Régis Hanol
2119774fb6 FIX: custom avatars in email 2013-08-16 09:58:20 +02:00
Régis Hanol
c9969738bf FIX: N+1 query for avatars when searching for users 2013-08-16 00:26:49 +02:00
Sam
b55c9e391d Merge pull request #1333 from fabianoleittes/fix_type_url
Fix url not to be nil
2013-08-14 20:04:00 -07:00
Fabiano Leite
4df8babb9a Fix url not to be nil 2013-08-14 21:55:25 -03:00
Robin Ward
8fa9c51bf4 FIX: New avatar regression with mixed case email addresses. 2013-08-14 13:05:57 -04:00
Régis Hanol
4866f4d8f5 FIX: N+1 query for avatars 2013-08-14 15:25:05 +02:00
Régis Hanol
5ca187ba57 only the host part of an email address is case insensitive 2013-08-14 19:31:35 +02:00
Régis Hanol
c867b67a0b custom avatar support 2013-08-13 22:08:29 +02:00
Robin Ward
6452962f36 FIX: Notification counters were being updated incorrectly. 2013-08-09 12:12:56 -04:00
Neil Lalonde
5f8a130277 Add BlockedEmail, to block signups based on email. Track stats of how many times each email address is blocked, and last time it was blocked. Move email validation out of User model and into EmailValidator. Signup form remembers which email addresses have failed and shows validation error on email field. 2013-07-29 15:29:43 -04:00
Doug Alcorn
35a2bb7919 Parameterize the PBKDF2 algorithm in application config
http://meta.discourse.org/t/sso-between-discourse-and-xmpp/8567/5
2013-07-22 21:36:01 -04:00
Sam
ecf17cfebb work in progress, add fidelity to category group permissions (full, create posts, readonly) 2013-07-16 15:46:11 +10:00
Sam
1aef6de4b0 automatically approve invited users on forum where moderators must approve (keep in mind only moderators can invite)
speed up specs a touch
allow invite controller to accept an email in absence of user (cleans up API)
2013-07-11 11:22:00 +10:00
Neil Lalonde
9b0f63627b Add blocked users count to dashboard 2013-07-08 12:44:13 -04:00
Juan de Dios Herrero
27b038cd40 Refactored username validations to avoid repeated code 2013-07-07 13:05:18 +02:00
Juan de Dios Herrero
e4fc6e02ed Added discourse hub nickname operations simplify and avoid repeated code 2013-07-07 12:40:35 +02:00
Stephan Kaag
89b621d31a Refactor update_all statements in order to prevent deprecation warnings in Rails 4 2013-07-02 18:36:47 +02:00
Neil Lalonde
a352b70bfc Permit changing my own username's case without an error saying it is already taken 2013-06-28 16:21:46 -04:00
Sam
6b82f1047a that date there is on purpose for date boundries 2013-06-28 16:08:48 +10:00
Sam
1ec12fc808 this spec is just refusing to work on jenkins 2013-06-28 16:07:36 +10:00
Sam
3c67cf8acd remove timecop, specs were failing and we can avoid it here anyway 2013-06-28 15:14:44 +10:00
Neil Lalonde
8e50b49cf1 Try to fix specs that are failing in jenkins 2013-06-27 17:23:06 -04:00
Neil Lalonde
b1d0f30379 Fix AdminUser bulkApprove; add a way to approve a user without sending them the welcome email for cases when must_approve_users is enabled and there are existing users 2013-06-26 13:24:30 -04:00
Dmitriy Budnik
d12288de49 adding a missing User association 2013-06-24 17:08:49 +03:00
Sam
298949a343 missing dependency 2013-06-23 14:32:46 +10:00
Sam
4a8a663a67 flagging workflow changes per http://meta.discourse.org/t/we-need-an-archive-flag-notification-button/7450 2013-06-20 17:42:15 +10:00
Sam
799b402778 fix horribly broken invite code, could lead to inviting the wrong person to a conversation 2013-06-19 10:31:19 +10:00
Régis Hanol
454636abf1 annotate models 2013-06-17 02:49:34 +02:00
Juan de Dios Herrero
36fe8fbc6d Added role scopes to roleable 2013-06-07 18:26:06 +02:00
Juan de Dios Herrero
1b92d9d7f8 Added roleable module for User model 2013-06-07 12:33:48 +02:00
Chris Hunt
f6ce985121 Send activation email after user approved 2013-06-06 18:37:25 -07:00
Robin Ward
bac03a3369 Merge pull request #975 from jd-erreape/username_refactor
[WIP] Refactored user_name suggestion methods into a module
2013-06-06 08:12:29 -07:00
Juan de Dios Herrero
96d23ddd8d Refactored user_name suggestion methods into a module to reduce the complexity of User model 2013-06-06 16:40:10 +02:00
Ian Christian Myers
0d01c33482 Enabled strong_parameters across all models/controllers.
All models are now using ActiveModel::ForbiddenAttributesProtection, which shifts the responsibility for parameter whitelisting for mass-assignments from the model to the controller. attr_accessible has been disabled and removed as this functionality replaces that.

The require_parameters method in the ApplicationController has been removed in favor of strong_parameters' #require method.

It is important to note that there is still some refactoring required to get all parameters to pass through #require and #permit so that we can guarantee that parameter values are scalar. Currently strong_parameters, in most cases, is only being utilized to require parameters and to whitelist the few places that do mass-assignments.
2013-06-06 00:30:59 -07:00
Neil Lalonde
b55182b983 Use PostDestroyer when deleting all of a user's posts; deleting a post removes its flags and resets its flag counts 2013-06-05 16:05:13 -04:00
Robin Ward
dfba2b6e0a FIX: Strip links from google indexed bios when the users are new. 2013-06-05 15:28:10 -04:00
Robin Ward
4392a17b54 Strip out links when displaying a new user's bio 2013-06-04 12:06:25 -04:00
Neil Lalonde
2259e97d42 Add a count of blocked users on the dashboard 2013-06-04 11:53:19 -04:00
Sam
d2c1eb090e Merge pull request #921 from nirnanaaa/postgres-truefalse
removed t's and f's from models
2013-05-30 21:38:26 -07:00
Sam
e93b7a3b20 more progress towards live unread and new counts, unread message implemented, still to implement delete messages 2013-05-30 16:49:57 +10:00
Sam
33ff87bf44 work in progress, live unread / new counters 2013-05-30 16:49:57 +10:00
nirnanaaa
364113a4d5 removed t and f 's from group model
removed t and f 's from user model as mentioned in #919

removed t's and f's from category model
2013-05-29 22:10:43 +02:00
Sam
46389754d6 Merge pull request #892 from eriko/cas_support
Cas support
2013-05-28 16:13:29 -07:00
Sam
ca2dee52db moved comments to the bottom, they are way less intrusive there 2013-05-24 12:48:32 +10:00
Sam
2cd95bc649 lets try out annotations 2013-05-24 12:35:14 +10:00
Erik Ordway
1575ce7b10 add cas support with a few tests 2013-05-23 13:40:50 -07:00
Robin Ward
7a31630837 Search Refactor: Remove some manual SQL, make search data tables more idomatic Rails/AR 2013-05-22 16:31:13 -04:00
Robin Ward
27828c5ec2 Merge pull request #871 from avdi/refactoring-with-josh-and-avdi
Various refactorings towards Ruby/Rails idiom from Josh Susser and Avdi Grimm
2013-05-21 07:18:50 -07:00
Leonard Garvey
b16705be0d Clean up update_visit_record!
update_visit_record! appears to add user_visit record if one
doesn't exist and days_visited is simply a counter for the number
of visit records.
2013-05-18 16:02:06 +10:00
Leonard Garvey
32f4dfd2fb DRY up the user model slightly
regular? is just the inverse of staff?
2013-05-18 16:00:35 +10:00
Josh Susser and Avdi Grimm
2acc80d192 Various idiomatic User refactorings. 2013-05-17 15:44:35 -04:00
Robin Ward
d554a59102 Support for a new site setting: newuser_spam_host_threshold. If a new user posts a link
to the same host enough tiles, they will not be able to post the same link again.

Additionally, the site will flag all their previous posts with links as spam and they will
be instantly hidden via the auto hide workflow.
2013-05-16 12:19:50 -04:00
Sam
eb71e9de24 opening move, don't get rid of green notification till the pm is read
TODO a way to list all unread PMs
2013-05-16 16:37:47 +10:00
Sam
b6bf95e741 speed up startup (avoid loading some gems on startup)
correct group permission leaks
add Discourse.cache for richer caching support
2013-05-13 18:04:03 +10:00
Sam
942f168ab6 UI still a tad rough, but we have a first pass of secure categories 2013-05-10 16:47:47 +10:00
Neil Lalonde
f35a44aeae Add ability for admins and mods to send another activation email to a user, to activate an account, and deactivate an account 2013-05-08 10:10:47 -04:00
Sam
e9fc272db7 remove acts_as_paranoid, use .trash! , .recover! and .with_deleted as needed
makes upgrading to rails 4 possible
2013-05-07 14:39:01 +10:00
Sam
be1ab8b275 automatic group infrustructure 2013-05-06 14:49:56 +10:00
Sam
5ec52bd2e9 :s/moderator?/staff/g ... our naming was kind of crazy, renamed moderator? to staff 2013-05-02 17:22:27 +10:00
Sam
e4a76812a6 this is a slightly round about way of making our self oneboxes sane
shrunk avatar to 60px, added global whitelisting
2013-05-01 16:38:13 +10:00
Sam
5cfcdc7ef0 backend for secure categories mostly done (todo pm groups) 2013-04-29 16:33:43 +10:00
Neil Lalonde
75cfcbfa4f Need to require email in user.rb because specs can start failing when running guard 2013-04-18 14:27:04 -04:00
Régis Hanol
b24c1a1ad9 better consistency around email case sensitivity 2013-04-15 02:20:33 +02:00
Philipp Weissensteiner
3dcb1905e3 Refactor user controller, create action, mostly.
The gist of the commit are a few improvements in the
create action, where:

* long boolean statemenst have been wrapped in smaller more readable
  methods.
* the 3rd party user info creation has been extracted (still in controller)
* a small helper method for creating a new user from params (to reduce
  visual clutter)
* specs have been added where I came across untested methods/branches

Other changes are more trivial like formatting and whitespace fixes.
Hope this helps. Regards.
2013-04-13 00:53:59 +02:00
Neil Lalonde
651cfba93f Add ability to destroy a user with 0 posts 2013-04-12 16:53:00 -04:00
Sam
5273657537 a method called "adding_user_record" is annoying me. 5 lines of code replaced with 2 2013-04-05 17:53:39 +11:00
Sam
ea8d69fbd6 fix my broken test 2013-04-05 17:47:54 +11:00
Sam
a2cca2540e some minimal site settings diags
fix issue where days_visited was totally out of sync
2013-04-05 17:47:54 +11:00
Sam
a7f92ec0c1 topic reply count resync for each new post 2013-04-05 17:47:54 +11:00
Neil Lalonde
bb18b6cb9b Dashboard: split out private messages from topic and post counts; re-enable report_spec because I think I fixed it... 2013-04-03 13:26:09 -04:00
Philipp Weissensteiner
c34f476b31 Improve suggest_username method in user.rb
The suggest_username method showed up on codeclimate
so I thought I'd give it some love and make it more readable.
In the process removed trailing whitespaces and had to fix a
terrible spelling error :)
2013-03-31 19:01:11 +02:00
Gosha Arinich
bdfa9b0508 create the User.admins and User.moderators scopes 2013-03-29 09:52:09 +03:00
Sam Bauch
77e3434d81 added email whitelist SiteSetting feature to replicate email blacklist. email_validator method now also uses the regex method for both the whitelist and blacklist. 2013-03-22 14:49:42 -04:00
Sam
62c60540be pull moderator into own column, rename trust levels 2013-03-19 21:06:11 -07:00
Sam
2a047df4f1 cache reply_to_user_id in post to eliminate a very nasty n+1 query 2013-03-19 16:54:23 -07:00
Sam
1cd26a7dcf oops 2013-03-18 23:44:21 -07:00
Sam
dd03f44968 optimise 2013-03-18 23:18:15 -07:00
Neil Lalonde
d9cdde9aa7 Add user counts for each trust level to admin dashboard 2013-03-15 18:09:02 -04:00
Sam
e62bb9922e exceptions are BAD
the old code wacked on 10ms to every home page request, for no real reason.
2013-03-10 19:11:33 -07:00
Neil Lalonde
8927432a93 Add stats to the admin dashboard 2013-03-09 15:34:27 -05:00
Sam
325e28c3c8 wrong conditional 2013-03-08 17:24:54 -08:00
Robin Ward
4c7b0a42b5 Oops escape everything but image urls 2013-03-08 16:17:56 -05:00
Robin Ward
908bba8c13 First stab at oneboxing of meta.discourse.org 2013-03-08 15:59:12 -05:00
Robin Ward
d1d4530efd User Profile enhancements:
- Added PreloadStore support to avoid duplicate requests
- preliminary SEO
- Support for opengraph/twitter cards
2013-03-08 15:04:37 -05:00
Robin Ward
f8d8272406 Cleaned up TopicUserSpec, introduces clearing of pinned topics 2013-03-07 12:19:25 -05:00
Robin Ward
6a63178411 Merge pull request #377 from kubabrecka/typos5
various typos in comments
2013-03-06 09:14:16 -08:00
Sam Saffron
8f56a09e82 PBKDF2 gem is trouble, removing and hand coding for now 2013-03-06 23:12:16 +11:00
Kuba Brecka
dc62136642 various typos in comments 2013-03-06 08:52:24 +01:00
Régis Hanol
239cbd2d58 enforce coding convention
replaced every `and` by `&&` and every `or` by `||`
2013-03-05 01:42:44 +01:00
Gosha Arinich
0c99dea153 introduce Enum 2013-03-01 21:16:36 +03:00
Robin Ward
b66b17bf19 Merge pull request #300 from goshakkk/cleanup
Minor cleanup, using AR querying DSL over raw SQL in some places
2013-03-01 07:52:34 -08:00
Kirill Pimenov
a168dc915e Secure gravatar 2013-03-01 00:58:36 +04:00
Gosha Arinich
6e5399d544 minor cleanup, using AR querying DSL over raw SQL in some places 2013-02-28 21:54:12 +03:00
Gosha Arinich
d2f3c829db refactor User and TrustLevel a bit
* rename `User#password_required` to `User#password_required!`
* emails with "i" @ something are a special case as well
* get rid of `self.` and returns where possible
* prefer "unless a" instead of "if !a"
* `unread_notifications` without manually iterating
* introduce `User#moderator?`
* introduce `TrustLevel#valid_key?`, `TrustLevel#compare`, and
  `TrustLevel#level_key`
2013-02-28 19:15:54 +03:00
Robin Ward
cf867a35ff Merge pull request #271 from goshakkk/topic-refactor
Refactor Topic
2013-02-27 10:32:44 -08:00
Robin Ward
007118b00c Merge branch 'github-auth' of git://github.com/nverba/discourse
Conflicts:
	config/locales/server.en.yml
	db/structure.sql
	spec/views/omniauth_callbacks/complete.html.erb_spec.rb
2013-02-27 12:09:22 -05:00
Alexander
8855a0bfbe RSS of a topic via new route
Adds TopicView#recent_posts; Post#by_newest, #with_user, #author_readable; User#readable_name
Autodiscovery tag in topic show HTML.
2013-02-26 14:54:17 -08:00
Gosha Arinich
12d664a610 refactor Topic
* move finding by username/email to User
* make SiteSetting return a range of possible post title lengths
* remove unnecessary conditions
2013-02-26 19:27:59 +03:00
nverba
b45f872c04 Added Github authentication option, disabled by default with enable options in settings. 2013-02-26 05:00:21 +00:00
Gosha Arinich
cafc75b238 remove trailing whitespaces ❤️ 2013-02-26 07:31:35 +03:00
Sam Saffron
77a2d8ccc4 fixed a pile of notification craziness
addes some tests around post timings
2013-02-25 18:42:42 +11:00
Sam Saffron
b0b0e222f7 missed a spot where channel can be out of sync 2013-02-25 09:32:06 +11:00
Sam Saffron
47fedd8f4d correct breakage
don't set permanent cookie, kill session if it conflicts
2013-02-24 22:56:08 +11:00
Sam Saffron
b66db4153d refactor and organise current_user better 2013-02-24 21:42:04 +11:00
Neil Lalonde
85f8f8f2d5 Better checking of blacklisted emails on create and when email is being updated 2013-02-20 16:25:08 -05:00
Neil Lalonde
046c330858 Changes to email_domains_blacklist shouldn't invalidate existing users 2013-02-20 12:16:16 -05:00
Neil Lalonde
39eab7c425 Replace mentions of mothership with discourse_hub 2013-02-14 12:57:26 -05:00