Sam
2dec731da3
SECURITY: correctly validate input when admin searches for screened ips
2017-02-06 16:11:16 -05:00
Régis Hanol
84af84dc52
prevent inactive & staged users from being automatically added to a group
2017-02-06 17:49:27 +01:00
Régis Hanol
ba115480ba
FIX: wasn't extracting links to quoted posts
2017-02-06 14:45:04 +01:00
Régis Hanol
27fb9c8804
FIX: bounce webhooks should also use recipient address
2017-02-05 19:06:35 +01:00
Robin Ward
f1e7bca3c9
FEATURE: Warn a user when they're replying to the same user too much
2017-02-03 17:00:54 -05:00
Neil Lalonde
c4e10f2a9d
FEATURE: redesign the change password page to use javascript and validations
2017-02-03 16:09:24 -05:00
Robin Ward
b251d11518
FIX: If you make a new banner, clear the old dismissed values
2017-02-03 15:07:38 -05:00
Guo Xiang Tan
61111a3f9b
FIX: Show groups that user is owner of on groups page.
2017-02-03 16:51:32 +08:00
Arpit Jalan
6b8691ecea
Merge pull request #4685 from techAPJ/approve-users-invite-fix
...
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:22:18 +05:30
Arpit Jalan
dc2171960b
FIX: allow existing users to be invited to topic/message when must_approve_users is enabled
2017-02-03 13:01:23 +05:30
Guo Xiang Tan
c392994793
Fix specs.
2017-02-03 08:38:19 +08:00
Neil Lalonde
b91cb92af0
FIX: reports for time to first reply and topics without replies were counting whispers and moderator actions
2017-02-02 17:27:41 -05:00
Guo Xiang Tan
3c28d94706
FIX: Don't configure Redis connector if Redis slave config is not set.
2017-02-02 13:48:55 +08:00
Régis Hanol
82555ca761
FIX: mail threading wasn't working properly in Mac Mail
2017-02-01 23:02:41 +01:00
Viet Hoang
40164ccd4a
Add user title to SSO payload
2017-01-31 16:42:27 -08:00
Arpit Jalan
a525563eea
Optimize spec for ProcessPost job
2017-01-31 14:10:56 +05:30
Rimian Perkins
25516874b5
FIX: Escape regexp chars in SiteSetting.censored_words
.
2017-01-31 10:14:51 +08:00
Régis Hanol
8fc7420f83
FIX: prevent huge custom emojis in emails
2017-01-30 18:06:48 +01:00
Arpit Jalan
19f7beaa2c
FIX: topic links were getting dropped when post is rebaked
2017-01-30 14:55:53 +05:30
Arpit Jalan
28e8d32d53
Suppress console output when running RSpec
2017-01-28 11:04:47 +05:30
Guo Xiang Tan
0e5d490b05
No need for special helper to reset SiteSetting state.
...
* SiteSetting in tests uses a local provider that resets it.
2017-01-28 10:55:49 +08:00
Neil Lalonde
7ead3e1f18
fix failing specs
2017-01-27 16:17:10 -05:00
Arpit Jalan
c36dda70ae
spec for posts:remap rake task
2017-01-28 00:13:08 +05:30
Leo McArdle
c76f6856ea
FEATURE: reply as new message to the same recipients
2017-01-27 12:24:31 +08:00
Robin Ward
496682c442
Merge pull request #4662 from tgxworld/fix_localized_group_name_change
...
Fix localized group name change
2017-01-26 10:50:00 -05:00
Arpit Jalan
9dd09e453b
FEATURE: add explicit confirmation button to accept the invite
2017-01-25 15:50:30 +05:30
Guo Xiang Tan
781d83a46f
FIX: Toggling a post's wiki status should not skip revision.
2017-01-25 13:34:55 +08:00
Guo Xiang Tan
ce07da1d8b
UX: Only display the words that fails censored words validations.
2017-01-24 13:11:05 +08:00
Régis Hanol
7e52d29a5b
Merge pull request #4643 from LeoMcA/fix-pull-img
...
FIX: Handle img src starting with "//" in pull_hotlinked_images job
2017-01-23 17:56:53 +01:00
Guo Xiang Tan
32846aad2a
FIX: Toggling post's wiki status should not create a new version.
2017-01-20 15:42:33 +08:00
Jeff Atwood
521ced38c5
fix spec for default email title
2017-01-19 14:01:51 -08:00
Neil Lalonde
6b93b09404
FIX: when blocking a user results in hiding their posts, only hide posts made in the last 24 hours
2017-01-19 15:56:22 -05:00
Régis Hanol
07660ecedb
bump onebox
2017-01-19 00:28:37 +01:00
Guo Xiang Tan
706b4f6b9f
FEATURE: Remap group mentions when group name has been changed.
2017-01-18 13:39:34 +08:00
Guo Xiang Tan
59dfb51a35
FIX: Don't change automatic group name if localized name has been taken.
2017-01-18 12:20:23 +08:00
Guo Xiang Tan
1e1e40c75f
Dump the page's content as well on failure.
2017-01-17 18:40:46 +08:00
Régis Hanol
fbf9172db8
FIX: log backups download/destroy staff action
...
FIX: clean up junk left by the specs
RENAME: 'backup_operation' to 'backup_create' to match other backup log types
2017-01-16 19:53:31 +01:00
Robin Ward
86c52c72f6
FIX: Deleting a user was not deleting their directory items
2017-01-16 11:46:52 -05:00
Leo McArdle
b60e9b7330
FIX: Handle img src starting with "//" in pull_hotlinked_images job
2017-01-16 10:50:07 +00:00
Guo Xiang Tan
63954c1b33
FIX: Same user record being saved twice causing validation to fail.
2017-01-16 16:41:03 +08:00
Guo Xiang Tan
e3b6f9b8ae
FIX: Do not update user stats like counts for private messages.
2017-01-16 11:07:53 +08:00
Guo Xiang Tan
ed5fa20b0c
Revert "FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level"
...
This reverts commit 9c40657ba4
.
Calling this whenever a user is initialize is hurting us bad
on performance.
2017-01-16 09:44:10 +08:00
Neil Lalonde
e8307ac24c
FIX: mailing list mode digest emails included whispers
2017-01-13 13:46:33 -05:00
Robin Ward
adb73180f7
FEATURE: Let plugins register themes easily
2017-01-13 11:50:52 -05:00
Régis Hanol
499a83270a
FIX: don't onebox to IP addresses
2017-01-12 22:35:33 +01:00
Guo Xiang Tan
38496985ef
Fix syntax error.
2017-01-12 10:03:37 +08:00
Guo Xiang Tan
23d4435af1
Oops.
2017-01-12 09:56:20 +08:00
Guo Xiang Tan
515f50e42e
FEATURE: Log admin action when readonly mode is changed.
2017-01-12 09:41:02 +08:00
Régis Hanol
887e9af84f
FEATURE: new 'max_image_megapixels' site setting
2017-01-11 23:37:12 +01:00
Neil Lalonde
b177827841
more specs for staff action logging
2017-01-11 11:41:21 -05:00
Guo Xiang Tan
1758af9a1d
FIX: Perform emoji unescape for topic titles in quotes.
2017-01-11 17:23:13 +08:00
Guo Xiang Tan
cdd550e947
Use a different Redis key when PG failover sets site to readonly mode.
2017-01-11 16:38:49 +08:00
Régis Hanol
185dcb2ca1
handle emails with localized headers 😠
2017-01-09 22:59:30 +01:00
Guo Xiang Tan
3d21ccd4a5
FIX: Add validation to disallow censored words in topic title.
2017-01-09 16:55:41 +08:00
Régis Hanol
98c62bccb5
FIX: mark forwarded email as read by the forwarder
...
FIX: 'Re:' prefix is mostly used for replies and not forwarded emails
2017-01-06 15:33:55 +01:00
Guo Xiang Tan
58f3a2e9a9
Fix randomly failing spec.
2017-01-06 15:25:49 +08:00
Guo Xiang Tan
68300f515c
FIX: Return 404 if id is not valid.
2017-01-06 10:39:44 +08:00
Guo Xiang Tan
d10fe51b72
Fix broken specs since all urls will be oneboxed.
2017-01-06 10:05:51 +08:00
Guo Xiang Tan
f473a119ff
Remove unnecessary stub.
2017-01-06 08:53:30 +08:00
Arpit Jalan
7a1ff59822
FIX: PM email to suspended member was broken
2017-01-05 13:58:14 +05:30
Guo Xiang Tan
a89f60b85b
Merge pull request #4631 from tgxworld/prevent_users_from_changing_permissions_of_non_real_users
...
FIX: Do not allow admins to meddle with admin and moderation access o…
2017-01-04 09:10:27 +08:00
Robin Ward
cf7774bdd9
FEATURE: Block muted users from sending you PMs
2017-01-03 14:51:53 -05:00
Guo Xiang Tan
c68bcfeb72
Improve spec.
2017-01-03 15:36:36 +08:00
Guo Xiang Tan
ad4a96d387
FIX: Only send membership request to the last 5 active group owners.
2017-01-03 15:33:57 +08:00
Arpit Jalan
495a511862
simplify quote markup in emails
2017-01-02 21:37:01 +05:30
Guo Xiang Tan
f1beef43a8
Merge pull request #4618 from tgxworld/fix_invalid_emails
...
FIX: Don't allow invalid email to be saved.
2016-12-30 07:11:48 +08:00
Guo Xiang Tan
c7b151683d
FIX: Do not allow admins to meddle with admin and moderation access of non real users.
2016-12-29 11:11:33 +08:00
Neil Lalonde
9c40657ba4
FIX: error during signup saying "Password is the same as your current password" due to automatic group membership granting a trust level
2016-12-28 17:36:04 -05:00
Sam
d28d8a1f85
FIX: order by op_likes leads to broken browsing
2016-12-27 19:08:54 +11:00
Arpit Jalan
d72cbcb2a4
FEATURE: new setting to validate user website
2016-12-26 21:29:27 +05:30
Guo Xiang Tan
5aee2673c7
FIX: Push null fields to last when sorting group members.
2016-12-22 14:55:24 +08:00
Guo Xiang Tan
8551d821a0
FEATURE: Add site setting to disable group directory.
2016-12-22 14:14:22 +08:00
Sam
c531f4ded5
remove rails-observers
...
Rails yanked out observers many many years ago, instead the functionality
was yanked out to a gem that is very lightly maintained.
For example: if we want to upgrade to rails 5 there is no published gem
Internally the usage of observers had quite a few problem.
The series of refactors renamed a bunch of classes to give us more clarity
and removed some magic.
2016-12-22 16:46:53 +11:00
Sam
019f1a1d06
UserEmailObserver is now removed
...
no big surprises here was pretty straightforward
after_commit semantics sure are weird though
2016-12-22 16:46:53 +11:00
Sam
2f6a4cc6de
remove UserActionObserver, replace with after_save and service
...
interestingly there was some left over dead code from when stars
existed in the topic_users table
2016-12-22 16:46:53 +11:00
Sam
0a78ae739d
Remove SearchObserver, aim is to remove all observers
...
rails-observers gem is mostly unmaintained and is a pain to carry forward
new implementation contains significantly less magic as a bonus
2016-12-22 13:13:14 +11:00
Guo Xiang Tan
28befcb5d4
Fix specs.
2016-12-21 21:21:39 +08:00
Guo Xiang Tan
076a08d8e1
FIX: Unactivated users should not be automatically added into groups as well.
2016-12-21 18:15:01 +08:00
Guo Xiang Tan
7228081820
FIX: Automatic group membership should not add staged or unactivated users.
2016-12-21 18:04:26 +08:00
Guo Xiang Tan
13c6191e89
FIX: Don't allow invalid email to be saved.
2016-12-21 17:47:11 +08:00
Guo Xiang Tan
5d7f3223f0
SECURITY: Users can only bookmark posts which they can see.
2016-12-21 12:01:26 +08:00
Neil Lalonde
c75bebdea2
FIX: uncategorized setting to control whether topic featured links are allowed
2016-12-20 15:55:30 -05:00
Guo Xiang Tan
9db5d5b6a7
FIX: Incorrect serializer for groups page.
2016-12-20 15:44:22 +08:00
Guo Xiang Tan
7c7c233c1c
FIX: Can't update Groups#allow_membership_requests
in admin.
2016-12-20 15:14:35 +08:00
Guo Xiang Tan
502e114c60
FIX: Incorrect count when loading more groups.
2016-12-20 14:39:44 +08:00
Guo Xiang Tan
193f8301a4
FIX: Do not show automatic groups to normal users.
2016-12-20 14:26:49 +08:00
Régis Hanol
52cd9972bb
FIX: prevent DDoS with lots of _oneboxable_ links
...
FIX: ensure the onebox route is only allowed to logged in users
FIX: only allow 1 outgoing onebox preview per user
FIX: client should only do 1 preview at a time
2016-12-20 00:31:10 +01:00
Sam
2b808ad9da
Merge pull request #4609 from joebuhlig/category-topics-wiki
...
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde
74956694e5
If summary email finds no topics, show topics more than 1 day old from new users
2016-12-19 14:54:08 -05:00
Neil Lalonde
923cf73c6e
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox.
2016-12-19 14:54:07 -05:00
Arpit Jalan
a2096a01fb
add test case for handling uploads without extension
2016-12-20 00:46:47 +05:30
Robin Ward
e03d5e2140
Reapply Ember 2.10 for good this time!
...
This reverts commit ddd299f4aa
.
2016-12-19 11:19:10 -05:00
Joe Buhlig
87251fded7
FEATURE: Category setting to make all topics wikis
...
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Guo Xiang Tan
18c8323987
FIX: Incorrect path for redirect.
2016-12-19 18:12:15 +08:00
Sam
e0ff57ca75
SECURITY: prevent reuse of password reset
2016-12-19 18:00:22 +11:00
Sam
eb2db23b40
FEATURE: remove email_token_grace_period_hours
...
The site setting email_token_grace_period_hours just causes confusion and
should not be used anyway.
Out of the box, tokens stop working once confirmed, no need to add complexity here
2016-12-19 17:15:20 +11:00
Sam
0599bd0154
FEATURE: add referrer never tag to password reset page
2016-12-19 11:01:58 +11:00
Sam
15b5fddd49
SECURITY: protect upload params, only allow very strict filenames
2016-12-19 10:16:18 +11:00
Arpit Jalan
ab6843dcde
FIX: username route was broken
2016-12-16 23:56:22 +05:30
Guo Xiang Tan
d8541c589a
FIX: Incorrect route for updating username.
2016-12-17 00:23:12 +08:00