Commit Graph

1027 Commits

Author SHA1 Message Date
Joffrey JAFFEUX
bf9b7f1f25
UX: reserved_usernames should be a compact list (#6330) 2018-08-29 12:12:35 +02:00
Sam
740308675b FEATURE: erode bounce score every time an email is sent
Introduces a hidden setting (default is 0.1) that erodes bounce score
every time we send an email. This means that erratic failures are less
painful cause system auto corrects
2018-08-28 17:02:12 +10:00
Sam
4205c528d0 FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages
These site settings are very hard to explain and only applicable for very
specific Discourse setups.

If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".

The setting allows you to extend this to TL4 or any trust level.

Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
2018-08-27 11:38:22 +10:00
Kris
faf09bb8c8 Replacing default brown category color 2018-08-24 14:18:14 -04:00
Guo Xiang Tan
36a7028f19 FEATURE: Clean up PostReplyKey records.
* Default retention of 90 days.
2018-08-23 10:40:02 +08:00
Jeff Atwood
8da2d8df3d reduce default post deletions per day 2018-08-22 15:22:28 -07:00
Bianca Nenciu
860c1c3dcd FEATURE: Automatically expire keys if not used for a configurable amount of time. (#6264) 2018-08-20 17:36:14 +02:00
David Taylor
812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Joffrey JAFFEUX
47bed23a5f
FIX: set existing lists to compact when appropriate (#6234) 2018-08-03 18:27:57 -04:00
Joffrey JAFFEUX
066010db7d
FEATURE: introduces list/compact_list components 2018-08-03 16:41:37 -04:00
Sam
b76d17881b FEATURE: bump default max size of uploads from 3072K to 4096K 2018-08-02 15:06:30 +10:00
Régis Hanol
474a01f338
Support new mailgun's API key format 2018-08-01 19:04:49 +02:00
Vinoth Kannan
b89906e194 Enable rich text pasting by default 2018-08-01 16:36:16 +05:30
Arpit Jalan
afe3b00c0f FIX: use hidden setting for max export file size 2018-07-31 11:25:28 +05:30
Vinoth Kannan
ece3cb73df Rename humburger_menu_categories_count site setting to header_dropdown_category_count 2018-07-31 09:12:30 +05:30
Vinoth Kannan
78d91b1daf
UX: Changes in top categories of hamburger menu (#6200) 2018-07-30 14:13:00 +05:30
Arpit Jalan
fc3b904e1f remove "track external right clicks" feature 2018-07-29 15:01:33 +05:30
Dan Ungureanu
f540020d1d Add different trigger for the emoji popup of French users. (#6140) 2018-07-25 16:39:06 +10:00
Vinoth Kannan
f8e9190617 FEATURE: Retry web hook when it is failed 2018-07-23 10:12:04 +08:00
Régis Hanol
6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Rishabh
a6c589d882 FEATURE: Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups (#6045)
- Add custom S3 Endpoints and DigitalOcean Spaces support
- Add Minio support using 'force_path_style' option and fix uploads to custom endpoint
2018-07-16 14:44:55 +10:00
OsamaSayegh
decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Sam
4f41ccd975 FEATURE: MauiBot is abusive and is now blocked
We have now seen multiple forums where MauiBot uses a large amount of
traffic, due to this bad behavior it is blocked out-of-the-box
2018-07-06 16:46:33 +10:00
Neil Lalonde
eabc8f7fbd
Merge pull request #6023 from misaka4e21/only-staff-can-create-tag
FEATURE: Support disabling tag creation for non-staff users.
2018-07-05 11:12:44 -04:00
Patrick Gansterer
28dd7fb562 FEATURE: Create hidden posts for received spam emails (#6010)
* Add possibility to add hidden posts with PostCreator

* FEATURE: Create hidden posts for received spam emails

Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
Guo Xiang Tan
b59c17d484 Update title site setting defaults for ja locale.
https://meta.discourse.org/t/updating-title-when-using-japanese-characters-does-not-work/88718/7
2018-06-28 23:23:00 +08:00
Arpit Jalan
a6d50d1ff7 FEATURE: new settings to control posts deletions rate limit 2018-06-28 17:03:37 +05:30
misaka4e21
47cb46671a FEATURE: Support disabling tag creation for non-staff users. 2018-06-27 07:15:02 +08:00
Ernesto Serrano
f57375a5ce Update site_settings.yml 2018-06-25 16:18:07 +10:00
Jeff Wong
41f76a74f8 FEATURE: send message when a user reaches tl1 2018-06-22 13:20:00 -07:00
Sam
f66efc601d FIX: cubot android devices were detected as crawlers 2018-06-21 10:56:46 +10:00
Sam
591512fcb8 adjust defaults for search log retention 2018-06-20 10:46:07 +10:00
riking
38a8e52ca4 FIX: Add time retention limit to search logs
3 years is a very conservative limit that allows for a very wide buffer
for year-over-year analysis. The max is set to 5 years because that is
the policy listed for logging in hosted Discourse.
2018-06-20 10:44:11 +10:00
Robin Ward
fd54c92a52 FEATURE: New site setting, whitelisted_link_domains
If provided, users who normally couldn't post links (say, due to a
low trust level), can post links to those specific hosts.
2018-06-13 16:11:22 -04:00
Arpit Jalan
f9ab3848ed FEATURE: support disabling emails for non-staff users 2018-06-07 18:31:08 +05:30
Arpit Jalan
d069f4ecba Revert "Revert "allow codepen iframe by default""
This reverts commit 174bf98572.
2018-06-06 06:48:08 +05:30
Régis Hanol
dc61eaad37 FEATURE: new 'min ratio to crop' site setting 2018-06-05 17:13:00 +02:00
Arpit Jalan
174bf98572 Revert "allow codepen iframe by default"
This reverts commit dc00089ab2.
2018-06-05 18:21:21 +05:30
Arpit Jalan
dc00089ab2 allow codepen iframe by default 2018-06-05 18:17:23 +05:30
Arpit Jalan
46fc57222f FEATURE: improve handling of site setting secrets 2018-06-04 21:31:34 +05:30
Sam
c677877e4f FIX: Korean needs no word segmentation 2018-05-28 09:37:57 +10:00
Neil Lalonde
30fbf6fe81 Add min and max to digest topic and post settings. Email clients may truncate messages that are too long. 2018-05-24 14:39:28 -04:00
Joffrey JAFFEUX
ba0cec2091
UX: minor fixes to new dashboard UI
- adds a link to search log
- display a text if log search queries is disabled
- adds link to trust level and user types
- adds a description for eeach report when browsing a report directly
2018-05-14 14:23:51 +02:00
Guo Xiang Tan
186623acd0 FEATURE: Keep EmailLogs records without a reply_key for 90 days by default. 2018-05-10 15:33:49 +08:00
Arpit Jalan
83245aa508 FIX: better handling of invite links after they are redeemed
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
Robin Ward
8262fc5d15
Merge pull request #5807 from discourse/min-flags-by-topic
FEATURE: New site setting `min_flags_staff_visibility`
2018-05-08 09:17:29 -04:00
Robin Ward
ac60a84329 FEATURE: New site setting min_flags_staff_visibility
When set higher than 1, flags won't show up for staff in the admin
section unless the minimum threshold of flags on a post is reached.
2018-05-07 16:05:13 -04:00
Misaka 0x4e21
ff6be3c2e3 FEATURE: add profile_background fields into SSO (#5701)
Add profile_background and card_background fields into Discourse SSO.
2018-05-07 10:03:26 +02:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Sam
88f5251415 FIX: disallow invalid top_menu and post_menu and share_links
In the past any text could be entered there causing big potential issues
2018-04-26 17:00:56 +10:00
Sam
c7a0ced656 FIX: remove facebook_request_extra_profile_details
Since this no longer works
2018-04-26 14:14:35 +10:00
Robin Ward
fd14ee4797 FEATURE: Allow safe mode to be disabled 2018-04-24 11:03:33 -04:00
Neil Lalonde
70f2c5d3fd FEATURE: move staff tags setting to tag group settings 2018-04-20 15:34:23 -04:00
Arpit Jalan
91bf10bd12 FIX: create upload record for exported csv files 2018-04-20 00:27:49 +05:30
Guo Xiang Tan
28fbee04df Allow auto close site settings to be shadowed by global. 2018-04-17 14:23:44 +08:00
Sam
6179c0ce51 FEATURE: bingbot heavily throttled till it plays nice 2018-04-13 14:24:22 +10:00
Sam
afaeb20f27 FEATURE: Add option to have sso synchronize group membership
In some cases add_groups and remove_groups is too much work, some sites
may wish to simply synchronize group membership based on a list.

When sso_overrides_groups is on all not automatic group membership is
sourced from SSO. Note if you omit to specify groups, they will be cleared
out.
2018-04-10 13:17:23 +10:00
jose-hms
b87205831b FEATURE: Staged user moderation (#5721) 2018-04-06 11:41:25 +02:00
Sam
cf19982fca ban bingbot 2018-04-06 15:40:03 +10:00
Sam
3a7b696703 FEATURE: allow for setting crawl delay per user agent
Also moved to default crawl delay bing so no more than a req every 5 seconds is allowed

New site settings:

"slow_down_crawler_user_agents" - list of crawlers that will be slowed down
"slow_down_crawler_rate" - how many seconds to wait between requests

Not enforced server side yet
2018-04-06 10:15:23 +10:00
Sam
91a4fee03d FEATURE: block bing from crawling all discourse sites
bing is crawling our properties 10x faster than any other crawler,
until default behavior is improved we are blocking it out-of-the-box

You may enable it by setting the blacklist back to empty
2018-04-05 16:03:02 +10:00
Arpit Jalan
03725c7c8a FIX: add reserved usernames for ‘/u/’ static routes 2018-03-28 11:15:38 +05:30
Neil Lalonde
ced7e9a691 FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-22 15:41:02 -04:00
Robin Ward
b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Arpit Jalan
12706c4b29 FEATURE: support markdown rendering for embedded posts 2018-03-11 08:00:48 +05:30
Sam
5b6e49ae1d FEATURE: split out max diff to 2 settings
We trust staff + tl2 and up to perform edits in grace period.
Allow them significantly more edit room in grace period prior to storing
a revision.

editing_grace_period_max_diff_high_trust applies to users with tl2 and up.

So

tl0 / 1 : we store an extra revision if more than 100 chars change
tl2 and up : we store an extra revision if more than 400 chars change

We may tweak these numbers as we go.
2018-03-09 11:58:50 +11:00
Jeff Atwood
4132c37add increase grace period max diff to 100 chars 2018-03-07 01:45:48 -08:00
Sam
e162cd16b6 FEATURE: editing_grace_period_max_diff to force revisions in grace period
If a user performs a substantive edit of 20 chars or more during grace period
we will store a revision to track the change

This allows for better auditing of changes that happen during the grace period
2018-03-07 18:34:34 +11:00
Robin Ward
0f66a99eb2 Setting to prevent logging details when anonymizing 2018-03-05 14:38:18 -05:00
Régis Hanol
6a78669ca3 FIX: 'reply by email addresses' site settings should allow email addresses without a 'reply_key' when 'find related post with key' is disabled 2018-03-02 17:53:18 +01:00
Neil Lalonde
3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Guo Xiang Tan
66062ed6d9 Add missing default choice for SiteSetting.google_oauth2_prompt. 2018-02-23 11:23:08 +08:00
Robin Ward
9b704b21b5 Don't include client when false 2018-02-22 21:22:09 -05:00
Robin Ward
69af881f7f New site setting trusted_users_can_edit_others
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan
24d0a7a4c7 Take 2 on f74d6bb605.
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
Vinoth Kannan
84867c1c07 Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm 2018-02-22 06:48:34 +05:30
Vinoth Kannan
2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Vinoth Kannan
84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Gerhard Schlager
210939de68 FEATURE: Use HTML instead of text for incoming emails by default 2018-02-21 11:14:36 +01:00
Robin Ward
3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Arpit Jalan
c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh
f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Leo McArdle
5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Sam
7af9ed6674 FEATURE: add goanna rendering engine to non crawler list
Goanna the fork of Gecko which is used by Pale Moon browser is not a crawler.
2018-02-16 06:30:47 +11:00
Erick Guan
03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Robin Ward
4dfe659189 Rename allow staff flags to allow flagging staff 2018-02-12 15:27:26 -05:00
Robin Ward
6287631745 FEATURE: New site setting, allow staff flags, false by default
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
Robin Ward
1bab15c757 FEATURE: A site setting for a minimum TL to post links 2018-02-06 18:07:58 -05:00
Robin Ward
b2b6dc68a6 FEATURE: a setting to customize the minimum TL to flag a post 2018-02-06 17:12:27 -05:00
Kane York
cd19d546a8
Update default linkify TLDs to top 15
Also kept gov, but moved it to the end because it was in the previous version.
2018-02-02 17:45:42 -08:00
Joshua Rosenfeld
e262939590
Add .org to default linkified TLDs 2018-02-02 16:31:40 -05:00
Robin Ward
96710754d9
Merge pull request #5540 from discourse/mixed-text-direction-support
FEATURE: Mixed text direction support
2018-02-01 07:29:15 -08:00
Arpit Jalan
f88b8a8945 rename 'default_email_private_messages' to 'default_email_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
6be536ca50 rename 'max_private_messages_per_day' to 'max_personal_messages_per_day' 2018-02-01 13:25:29 +05:30
Arpit Jalan
7cda3a37af rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds' 2018-02-01 13:25:29 +05:30
Arpit Jalan
7e48c47d37 rename 'enable_private_email_messages' to 'enable_personal_email_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
ff0376a80b rename 'enable_private_messages' to 'enable_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
25ec077eca rename 'min_private_message_{post/title}_length' to 'min_personal_message_{post/title}_length' 2018-02-01 13:25:29 +05:30
Sam
ee0d3f15c1 FEATURE: allow better fidelity for auto linkify, disable most tlds based linkify
New site settings:

enable_markdown_linkify: which is default on, auto links https:// and http:// and mail://

markdown_linkify_tlds: which allows control of what tlds get autolinked for cases such as www.site.com, default is com|net|gov
2018-02-01 13:22:38 +11:00
Arpit Jalan
1f6adbea5c FEATURE: log private message views 2018-01-29 08:08:08 +05:30
scossar
caa38aaaad Add support for mixed text directions 2018-01-28 18:33:55 -08:00
Robin Ward
44e2038b53 Setting to automatically lock posts when edited by staff 2018-01-26 14:01:30 -05:00
Sam
95ac1655bc revert settings 2018-01-24 13:21:23 +11:00
Sam
3492a91056 FEATURE: allow site operators to disable emoji shortcuts 2018-01-24 12:21:44 +11:00
Sam
7ba06de0d6 FEATURE: disable service worker for all browsers except for android
Service worker is still quite experimental, only enable on android
where it provides many benefits
2018-01-24 12:03:08 +11:00
Robin Ward
782d75069e FIX: UX improvements for system messages when PMs are disabled 2018-01-23 13:12:11 -05:00
Arpit Jalan
1208254961 FIX: validate presence of 'top menu' setting 2018-01-17 01:43:53 +05:30
Sam
7b562d2f46 FEATURE: much improved and simplified crawler detection
- phase one does it match 'trident|webkit|gecko|chrome|safari|msie|opera'
    yes- well it is possibly a browser

- phase two does it match 'rss|bot|spider|crawler|facebook|archive|wayback|ping|monitor'
    probably a crawler then

Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53
2018-01-16 15:41:45 +11:00
Neil Lalonde
4d50feb6bd FEATURE: add setting to display tags by tag groups 2018-01-12 11:03:02 -05:00
Neil Lalonde
edb3a7f646 FIX: support for watched_words_regular_expressions when censoring words 2018-01-10 14:11:23 -05:00
Régis Hanol
e3f8182125 FIX: Google Calendar oneboxes weren't working 2018-01-07 19:15:11 +01:00
Arpit Jalan
6ce422feab FIX: respect 'topic page title includes category' client side 2017-12-30 09:06:02 +05:30
Arpit Jalan
0514ac4ee2 FIX: verify presence of 'sso url' before enabling 'enable sso' 2017-12-23 13:30:49 +05:30
Robin Ward
69a90f31fb FEATURE: Allow Forums to disable the Backups feature 2017-12-21 15:22:04 -05:00
Sam
f18dda2adc FEATURE: full rebake of all old posts
This limits to 100 post per 15 minutes, so it will take a while.

This will pick up CommonMark and a large amount of onebox fixes.
2017-12-15 10:28:25 +11:00
Gerhard Schlager
76e8a28420 Ignore winmail.dat in incoming emails 2017-12-13 22:03:31 +01:00
Arpit Jalan
6acf0693a5 make crawler_user_agents a hidden setting 2017-12-11 11:10:15 +05:30
Sam
68d3c2c74f FEATURE: add global rate limiter for admin api 60 per minute
Also move configuration of admin and user api rate limiting into global
settings. This is not intended to be configurable per site
2017-12-11 11:07:22 +11:00
Vinoth Kannan
b9c0488687 New site setting to enable or disable rich text pasting 2017-12-08 14:09:39 +05:30
Joffrey JAFFEUX
fd99e1ef56 FEATURE: site setting enable_mentions to turn on/off mentions 2017-12-07 16:27:58 -05:00
Arpit Jalan
5003f07b2c FEATURE: new site setting show_inactive_accounts 2017-12-07 19:22:41 +05:30
Guo Xiang Tan
4531563717 Hide new advanced editor and preview sync behind a hidden site settings. 2017-12-06 12:34:58 +08:00
Robin Ward
77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Robin Ward
ad07e6e172 FEATURE: group_removes_trust_level setting
By default in Discourse, if a group grants a user a particular trust
level that is locked even if they are removed from the group.

With this new setting, when a user is removed from a group their
trust level is set to either the next highest trust level based on group
membership, or they are unlocked and promoted based on the default
mechanisms.
2017-11-23 13:03:24 -05:00
Robin Ward
8d98752b57 Allow sites to bootstrap the error page.
This will display working dropdowns and such even if the page is a 404.
2017-11-21 16:13:09 -05:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Guo Xiang Tan
6090994cdf FEATURE: Retain the latest 30 days of WebHookEvent records by default. 2017-11-08 14:11:01 +08:00
Sam
56412adad5 FEATURE: custom setting for large square site icon
This icon is used for android splash screen
2017-11-03 16:19:31 +11:00
Neil Lalonde
7dc3671490 FEATURE: remove obsolete settings ga_tracking_code and ga_domain_name. Use ga_universal_tracking_code and ga_universal_domain_name instead. 2017-11-01 11:41:51 -04:00
Gordon Mohr
da72ecc3fc add alt 'archive.org_bot' user-agent (#5273)
add `archive.org_bot' – another user-agent used by Internet Archive when crawling for Wayback Machine
2017-10-29 10:30:29 +01:00
Neil Lalonde
bbf48d395e FIX: set minimum values for topic title length settings 2017-10-27 14:08:37 -04:00
Guo Xiang Tan
90d6677d97 EXPERIMENTAL: Allow lograge to be selected as the logging library. 2017-10-27 17:54:45 +08:00
Robin Ward
e9159e49f3 FEATURE: Site Setting to determine whether flags defaults to topics 2017-10-20 12:37:20 -04:00
Neil Lalonde
1faae3c765 rename forgot_password_strict to hide_email_address_taken 2017-10-03 15:28:31 -04:00
Sam
8f7062bd7b FEATURE: reduce API key permission to TL0 2017-10-02 10:59:55 +11:00
Sam
f6fdc1ebe8 FEATURE: flexible crawler detection
You can use the crawler user agents site setting to amend what user agents
are considered crawlers based on a string match in the user agent

Also improves performance of crawler detection slightly
2017-09-29 12:31:50 +10:00
Robin Ward
41c3941c4c FEATURE: Support regular expressions for watched words 2017-09-27 15:48:57 -04:00
Robin Ward
561fa7d0cd FEATURE: Site Setting to hide suspension reason on the public profile 2017-09-25 12:25:14 -04:00
Régis Hanol
8ed318c4fe display 'similar to' earlier when composing a post 2017-09-16 01:03:29 +02:00
Neil Lalonde
16fe7aa307 FEATURE: automatically handle flags and posts that have been waiting in a queue for a long time. Flags will be deferred. Posts waiting for approval will be rejected. Control how old the records need to be with the auto_handle_queued_age site setting. 2017-09-14 12:01:06 -04:00
Sam Saffron
e283e6aea0 FEATURE: allowed_iframes site setting for allowing iframes
This allows you to whitelist custom iframes if needed in posts
2017-09-01 10:15:44 -04:00
Bianca Nenciu
bb3a5910d7 Support for sending PMs to email addresses (#4988)
* Added support for sending PMs to email addresses.

* Made changes after review.

* Added settings validator.

* Fixed tests.
2017-08-28 12:07:30 -04:00
Erick Guan
1646bc0031 FIX: fails loud if default setting is not set
Noted:
- `push_api_secret_key` is set in initializer. Shimed with ''
- `default_theme_key` is set in seeding. Shimed with ''
2017-08-15 12:07:25 +02:00
Robin Ward
6ecb7cdff4 UX: Support for none style of category badge 2017-08-07 12:49:19 -04:00
Guo Xiang Tan
3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Robin Ward
a3ef814245 UX: Show proper HTML for category preview in site settings 2017-08-04 13:56:27 -04:00
Neil Lalonde
d1576298ef add shadowed_by_global to allow_restore 2017-08-03 15:10:11 -04:00
Sam
f6bc572fb8 FEATURE: option to enable inline oneboxes for all domains
Also, change to prefer title over open graph which is often way too sparse
2017-08-02 14:27:31 -04:00
Erick Guan
468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Régis Hanol
88ba052446 secure default for the 'find_related_post_with_key' site setting 2017-08-01 00:03:04 +02:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Régis Hanol
c7c93e7159 FEATURE: new 'strip image metadata' site setting 2017-07-25 11:48:39 +02:00
Robin Ward
2f8f2aa1dd FEATURE: Whitelists for inline oneboxing 2017-07-21 15:41:47 -04:00
Sam Saffron
d0c5205a52 Feature: Change markdown engine to markdown it
This commit removes the old evilstreak markdownjs engine.

- Adds specs to WhiteLister and changes it to stop using globals
    (Fixes large memory leak)
- Fixes edge cases around bbcode handling
- Removes mdtest which is no longer valid (to be replaced with
    CommonMark)
- Updates MiniRacer to correct minor unmanaged memory leak
- Fixes plugin specs
2017-07-17 11:41:34 -04:00
Robin Ward
6b6ad9391b Clean up job for search logs 2017-07-14 14:30:58 -04:00
Robin Ward
97e211f837 FEATURE: Log Search Queries 2017-07-14 14:30:58 -04:00
Neil Lalonde
3ebd8838af FEATURE: cross-domain tracking for Google universal analytics 2017-07-13 15:21:44 -04:00
Sam
79a084dd58 Revert "remove old markdown engine work-in-progress"
This reverts commit ee470b5317.
2017-07-12 18:10:51 -04:00
Sam Saffron
ee470b5317 remove old markdown engine work-in-progress 2017-07-12 17:44:40 -04:00
Jeff Atwood
5be9bee230 safe to default to read only off during backups 2017-07-12 04:52:17 -07:00
Sam
d29a0eeedf allow global shadow for new markdown engine 2017-07-10 12:22:15 -04:00
Guo Xiang Tan
2255724637 UX: Add validator for SiteSetting#sso_overrides_email. 2017-07-10 10:08:55 +09:00
Arpit Jalan
5b67cd1937 Merge pull request #4956 from techAPJ/pm-recipients
FEATURE: new site setting to limit message recipients
2017-07-06 22:57:33 +05:30
Arpit Jalan
7cffbc8ba8 FEATURE: new site setting to limit message recipients
New site setting `max_allowed_message_recipients` to limit message
recipients

https://meta.discourse.org/t/one-of-my-users-just-group-messaged-100-other-user-with-a-spam-offer/65612/7?u=techapj
2017-07-06 22:52:49 +05:30
Robin Ward
4f66083121 Allow version_checks to be shadowed by global 2017-07-06 10:41:53 -04:00
Sam
fbb5600c8e expose enable_experimental_markdown_it
expose the site setting that enables the CommonMark engine
2017-06-28 16:51:49 -04:00
Sam
4c5109ff5b FEATURE: site setting for Markdown typographer
It ships anyway with markdown.it so we might as well expose it
2017-06-27 16:50:13 -04:00
Sam
e6cc07fc43 FEATURE: twitter is the new default emoji set 2017-06-26 16:51:55 -04:00
Sam
234694b50f Feature: CommonMark support
This adds the markdown.it engine to Discourse.
https://github.com/markdown-it/markdown-it

As the migration is going to take a while the new engine is default
disabled. To enable it you must change the hidden site setting:
enable_experimental_markdown_it.

This commit is a squash of many other commits, it also includes some
improvements to autospec (ability to run plugins), and a dev dependency
on the og gem for html normalization.
2017-06-23 12:01:33 -04:00
Leo McArdle
5e0efb3410 FEATURE: setting to only use the key when finding the related post of an email reply
this fixes email-in threading problems when using a SMTP server which modifies the message_id
header, like Amazon SES
2017-06-19 12:22:44 +01:00
Robin Ward
009f0921dc FEATURE: Whitelist hosts for internal crawling 2017-06-13 12:59:54 -04:00
Guo Xiang Tan
c5caa9cf71 Revert "FIX: Disable request membership button if user does not have sufficient trust level."
This reverts commit 5f441a2614.
2017-06-13 17:49:21 +09:00
Régis Hanol
54e8fb0d89 FEATURE: new 'allow_staff_to_upload_any_file_in_pm' site setting 2017-06-12 22:41:29 +02:00
Arpit Jalan
a1ebd67237 Revert "FEATURE: new setting to prioritize open topics in search" 2017-06-03 01:54:35 +05:30
Arpit Jalan
b8a87a0996 FEATURE: new setting to prioritize open topics in search 2017-06-03 00:33:53 +05:30
Guo Xiang Tan
5f441a2614 FIX: Disable request membership button if user does not have sufficient trust level. 2017-06-02 16:06:25 +09:00
Arpit Jalan
796a2967af hide invites_per_page site setting 2017-05-24 11:30:43 +05:30
Robin Ward
93a5fc62bf FEATURE: A site setting to prevent crawling on private IP blocks 2017-05-23 11:56:06 -04:00
Sam
2a5a01af2e improve error on theme upload, add gif to allowed uploads 2017-05-17 16:29:09 -04:00
Sam
47ce674798 PERF: bypass wizard check after 15 topics are created 2017-05-12 10:18:43 -04:00
Régis Hanol
9641d2413d REFACTOR: upload workflow creation into UploadCreator
- Automatically convert large-ish PNG/BMP to JPEG
- Updated fast_image to latest version
2017-05-11 00:16:57 +02:00
Sam
bc0b9af576 FEATURE: support uploads for themes
This allows themes to bundle various assets
2017-05-10 15:47:11 -04:00
Robin Ward
4db76796b9 FEATURE: Setting to poll feeds more frequently 2017-05-10 14:30:12 -04:00
Robin Ward
57a2042ef6 FIX: Quiet server side errors for requesting json for account-created 2017-05-04 12:30:13 -04:00
Régis Hanol
1706036f2b Allow a post_edit_time_limit of up to 1 year 2017-05-03 16:06:55 +02:00
Neil Lalonde
0722ffadf1 Remove site settings enforce_global_nicknames and discourse_org_access_key 2017-05-01 14:53:16 -04:00
Jeff Atwood
a26483bfd6 missed a file again 2017-04-27 16:39:27 -07:00
Jeff Atwood
52007222fc more realistic maximum password values 2017-04-27 16:38:50 -07:00
Régis Hanol
0ec15af970 restore the 'incoming_email_prefer_html' site setting 2017-04-27 14:31:11 +02:00
Robin Ward
bf9c4a7828 FEATURE: secure_email site setting to prevent data going out in email 2017-04-26 13:05:56 -04:00
Régis Hanol
b76674f640 FEATURE: convert incoming emails in HTML to markdown
- remove incoming_email_prefer_html site setting
- remove HtmlCleaner class
2017-04-26 16:49:06 +02:00
Arpit Jalan
6bafb74e67 raise max value for max_image_size_kb to 102400 2017-04-25 15:22:35 +05:30
Arpit Jalan
4e0b18544e FIX: sane max value for max_image_size_kb & max_attachment_size_kb setting 2017-04-25 15:16:33 +05:30
Arpit Jalan
9eff4f0807 FIX: all basic integer settings should have max value validation 2017-04-21 07:09:41 +05:30
Arpit Jalan
c9c7ec799f FIX: add minimum value for invites_per_page setting 2017-04-14 17:58:18 +05:30
Sam
a3e8c3cd7b FEATURE: Native theme support
This feature introduces the concept of themes. Themes are an evolution
of site customizations.

Themes introduce two very big conceptual changes:

- A theme may include other "child themes", children can include grand
children and so on.

- A theme may specify a color scheme

The change does away with the idea of "enabled" color schemes.

It also adds a bunch of big niceties like

- You can source a theme from a git repo

- History for themes is much improved

- You can only have a single enabled theme. Themes can be selected by
    users, if you opt for it.

On a technical level this change comes with a whole bunch of goodies

- All CSS is now compiled using a custom pipeline that uses libsass
    see /lib/stylesheet

- There is a single pipeline for css compilation (in the past we used
    one for customizations and another one for the rest of the app

- The stylesheet pipeline is now divorced of sprockets, there is no
   reliance on sprockets for CSS bundling

- CSS is generated with source maps everywhere (including themes) this
    makes debugging much easier

- Our "live reloader" is smarter and avoid a flash of unstyled content
   we run a file watcher in "puma" in dev so you no longer need to run
   rake autospec to watch for CSS changes
2017-04-12 10:53:49 -04:00
Régis Hanol
2d9b31b147 allow 'max_image_megapixels' up to 150MB 2017-04-11 07:44:10 +02:00
Arpit Jalan
ac051d70ef FIX: use enum values for trust level settings 2017-04-03 14:23:48 +05:30
Guo Xiang Tan
ed577fbff8 FEATURE: Pause a topic instead of permanently closing when flag threshold is reached. 2017-03-31 14:35:05 +08:00
Arpit Jalan
8bf12502bd Merge pull request #4780 from techAPJ/send-statistics
FEATURE: Send anonymized usage statistics to Discourse if "Discourse Hub" can't reach the site
2017-03-28 10:02:05 +05:30
Arpit Jalan
f3cd5f61c5 FEATURE: Send anonymized usage statistics to Discourse if Discourse Hub can't reach the site 2017-03-28 09:07:23 +05:30
Erick Guan
e3e3a04cd2 enable_noscript_support is not used anymore 2017-03-27 11:09:50 +02:00
Arpit Jalan
f7e7ca3937 FEATURE: anonymized site statistics 2017-03-10 18:50:26 +05:30
Arpit Jalan
b2cfad5f47 Minimum password length should be 8 2017-03-05 14:38:37 +05:30
Neil Lalonde
262016604d FEATURE: each category can control how many topics to show on categories page 2017-03-01 15:12:57 -05:00
Arpit Jalan
877957ae88 Merge pull request #4715 from techAPJ/login-per-ip
FEATURE: new site setting for max logins per ip per hour/minute
2017-02-27 18:24:53 +05:30
Arpit Jalan
cba51e1c38 FEATURE: new site setting for max logins per ip per hour/minute 2017-02-27 16:58:03 +05:30
Sam
ea1007e954 FEATURE: add support for same site cookies
Defaults to Lax, can be disabled or set to Strict.

Strict will only work if you require login and use SSO. Otherwise when clicking on links to your site you will appear logged out till you refresh the page.
2017-02-23 12:01:28 -05:00
Neil Lalonde
a702330ccd FEATURE: make show_subcategory_list a per-category setting 2017-02-22 11:42:36 -05:00
Guo Xiang Tan
9baf89a901 Remove database vacuum task from Discourse. 2017-02-20 09:02:38 +08:00
Jeff Atwood
9b263a0559 increase req min unique pw chars from 5 to 6 2017-02-16 17:06:19 -08:00
Sam
0ab96a7691 FEATURE: add hidden setting for verbose auth token logging
This is only needed to debug auth token issues, will result in lots
of logging
2017-02-13 14:01:09 -05:00
Neil Lalonde
1bcb835446 FEATURE: passwords must have a minimum number of unique characters, configurable with a new setting 2017-02-09 15:00:22 -05:00
Régis Hanol
f07b4b310a should not have renamed this setting in 460665895c 2017-02-08 18:11:34 +01:00
Jeff Atwood
fcfaa71e85 copyedit on "get a room" 2017-02-04 12:04:15 -08:00
Robin Ward
f1e7bca3c9 FEATURE: Warn a user when they're replying to the same user too much 2017-02-03 17:00:54 -05:00
Arpit Jalan
1d2dceda32 FIX: add max value validation for settings containing days 2017-01-27 17:54:41 +05:30
Arpit Jalan
74a46dce68 FIX: set max value for purge_unactivated_users_grace_period_days setting 2017-01-27 14:22:13 +05:30
Régis Hanol
887e9af84f FEATURE: new 'max_image_megapixels' site setting 2017-01-11 23:37:12 +01:00
Jeff Atwood
0303047446 SECURITY: disallow csv as default upload file type 2017-01-10 13:24:10 -08:00
Rafael dos Santos Silva
d7c8c2d5e3 FEATURE: Opt-in native Discourse app install banner on Android/iOS 2017-01-03 15:50:45 -02:00
Jeff Atwood
aad01a9f27 strengthen TL3 flag-based block of new users 2016-12-31 13:37:31 -08:00
Arpit Jalan
d72cbcb2a4 FEATURE: new setting to validate user website 2016-12-26 21:29:27 +05:30
Guo Xiang Tan
8551d821a0 FEATURE: Add site setting to disable group directory. 2016-12-22 14:14:22 +08:00
Guo Xiang Tan
1df8c7a4b6 Revert "Don't vacuum for a long time until we fix it"
This reverts commit 88712bc548.
2016-12-20 09:10:08 +08:00
Robin Ward
e03d5e2140 Reapply Ember 2.10 for good this time!
This reverts commit ddd299f4aa.
2016-12-19 11:19:10 -05:00
Sam
eb2db23b40 FEATURE: remove email_token_grace_period_hours
The site setting email_token_grace_period_hours just causes confusion and
should not be used anyway.

Out of the box, tokens stop working once confirmed, no need to add complexity here
2016-12-19 17:15:20 +11:00
Robin Ward
ddd299f4aa Revert "Revert "Revert Ember 2.10+ for a short while""
This reverts commit 76bbc481cb.
2016-12-16 10:29:30 -05:00
Robin Ward
76bbc481cb Revert "Revert Ember 2.10+ for a short while"
This reverts commit 21682fd60b.
2016-12-16 09:52:29 -05:00
Sam
61eb134181 FEATURE: setting to allow arbitrary redirects from sso origin
if sso_allows_all_return_paths is set to true you can redirect off-site from sso success
2016-12-16 13:37:44 +11:00
Robin Ward
21682fd60b Revert Ember 2.10+ for a short while 2016-12-15 16:43:38 -05:00
Neil Lalonde
f01f95d62d FEATURE: new settings to customize some colors in emails 2016-12-15 14:43:53 -05:00
Neil Lalonde
24d2973108 enable featured links by default 2016-12-09 16:08:17 -05:00
Neil Lalonde
5da52780e4 Default off for show_topic_featured_link_in_digest 2016-12-09 13:49:47 -05:00
Neil Lalonde
a62b028e16 Remove the open_topic_featured_link_in_external_window setting. Use the user preference. 2016-12-09 13:48:29 -05:00
Neil Lalonde
a4c4f13901 Remove the topic_featured_link_onebox setting. We will always try to onebox a link and add it to the body if topic_featured_link_enabled is enabled. 2016-12-09 13:28:12 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Arpit Jalan
ce974da9e5 FIX: simplify CSV file upload 2016-12-05 14:09:08 +05:30
Sam
96183dbf6b remove unused site setting, not really needed any more 2016-12-05 13:57:35 +11:00
Neil Lalonde
576a424130 FEATURE: number of new topics at the end of summary email can be controlled by a new setting, digest_other_topics 2016-12-01 14:20:24 -05:00
Régis Hanol
7e5121cbd3 Add 'x-vcard' content-type to default email attachment blacklist 2016-11-30 11:45:02 +01:00
Neil Lalonde
45f368126f FEATURE: New summary/digest email design 2016-11-18 14:03:42 -05:00
Régis Hanol
a69f45d0da FEATURE: new 'always_show_trimmed_content' site setting 2016-11-16 22:06:07 +01:00
Régis Hanol
17f2be9f88 FEATURE: new 'enable_forwarded_email' site setting 2016-11-16 19:42:11 +01:00
Régis Hanol
0dfac2dd24 Merge pull request #4545 from hiveeyes/pop3_polling_openssl_verify
Add “pop3_polling_openssl_verify” setting to turn off TLS server certificate verification
2016-11-15 19:33:44 +01:00
Andreas Motl
43fd3ebd4a Add “pop3_polling_openssl_verify” setting to turn off TLS server certificate verification like “smtp_openssl_verify_mode”. Defaults to “true”, so it does not change current behavior. 2016-11-11 21:59:15 +01:00
Arpit Jalan
9e69798285 FEATURE: watch first post default site setting 2016-11-10 00:09:52 +05:30
Neil Lalonde
86522a52b7 FEATURE: add censored_pattern setting to censor posts using regex 2016-11-08 16:39:26 -05:00
Régis Hanol
3841cd9a7f FEATURE: onebox everything by default
FEATURE: new 'max_oneboxes_per_post' site setting
FEATURE: change onebox whitelist to a blacklist
PERF: debounce the loading of oneboxes
PERF: improve perf of mention links in preview
FIX: sort loading of custom oneboxer
2016-10-24 12:46:22 +02:00
Neil Lalonde
761cc688b4 FEATURE: add a setting to allow url schemes other than http(s) 2016-10-21 12:21:31 -04:00
Sam
f4f5524190 FEATURE: user API now contains scopes so permission is granular
previously we supported blanket read and write for user API, this
change amends it so we can define more limited scopes. A scope only
covers a few routes. You can not grant access to part of the site and
leave a large amount of the information hidden to API consumer.
2016-10-14 16:05:42 +11:00
Sam
6031e692f0 Merge pull request #4366 from xfalcox/print
Print Support
2016-10-11 11:47:20 +11:00
Sam
0f0b657182 Merge pull request #4447 from pmusaraj/approve_new_topics_setting
FEATURE: add "Approve new topics unless user level" setting
2016-10-11 10:14:28 +11:00
Sam
ea1f0683c8 Merge pull request #4477 from cpradio/watching-state-on-reply
FEATURE: Add notification level user preference when replying to a topic
2016-10-11 10:05:37 +11:00
cpradio
6f1c31d777 Add notification level user preference when replying to a topic 2016-09-30 14:58:07 -04:00
Sam Saffron
4d8d5613e4 FEATURE: add min_trust_level_to_edit_post
add minimum trust level to edit post (default 0)
2016-10-01 02:12:27 +10:00
Rafael dos Santos Silva
0229df4c73 Second review fixes 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva
2a5a0bebb3 Adjusts from review 2016-09-26 20:46:55 -03:00
Rafael dos Santos Silva
acc70cc3de SiteSetting, admin passtrough, CSS, hide on mobile 2016-09-26 20:46:55 -03:00
Robin Ward
003e13316f Enable Wizard by default 2016-09-22 09:52:19 -04:00
Robin Ward
29cf47cfb2 Track steps the user has completed, nag them to finish it. 2016-09-22 09:52:19 -04:00
Robin Ward
35b767f6af Company Name Step which updates the TOS 2016-09-22 09:52:19 -04:00
Sam
ce841027e5 mobile can be a bit bursty, allow a few more reqs per minute 2016-09-20 10:47:40 +10:00
pmusaraj
5dbb3035d4 add "Approve new topics unless user level" setting 2016-09-19 14:07:15 -04:00
Arpit Jalan
332cc2bb95 FEATURE: new twitter_summary_large_image_url setting 2016-09-19 18:43:33 +05:30
Sam
8dc4329094 FEATURE: optionally get extra profile info from facebook
This feature requires the application be approved by facebook, so it is
default off
2016-09-19 16:14:11 +10:00
Sam
2f8c14fef1 FEATURE: allow write user api keys by default
app needs to write data regarding notifications and set read status etc
default allow.
2016-09-16 12:27:53 +10:00
Sam
4fe52c8cbe FEATURE: backend support for pushing notifications to clients 2016-08-26 12:47:10 +10:00
Régis Hanol
2690ef7050 prefix setting with 'desktop_' since it's only used for desktop 2016-08-22 23:43:42 +02:00
Régis Hanol
4d6028ea2d UX: new 'category_page_style' site setting 2016-08-22 23:01:43 +02:00
Robin Ward
2ce9d3d733 FIX: unhide embed_truncate since you can use it via wp plugin 2016-08-22 15:51:57 -04:00
Robin Ward
c297af8ba1 FIX: Force refresh when you change a forum's privacy settings 2016-08-22 14:07:30 -04:00
Robin Ward
884bdf7240 FEATURE: Ability to scrub titles when importing embeddable content 2016-08-22 12:43:02 -04:00
Arpit Jalan
61b49c2d03 move default_opengraph_image_url to required settings 2016-08-22 07:43:43 +05:30
Arpit Jalan
b02c9bef79 FIX: embed_truncate should default to true 2016-08-19 17:16:22 +05:30
Sam
206d056798 also support schema cause it is simpler to redirect 2016-08-18 13:52:30 +10:00
Régis Hanol
6d1d7b7c8f UX: new /categories layout 2016-08-17 23:23:16 +02:00
Arpit Jalan
a2220feaea FEATURE: new site setting rebake_old_posts_count 2016-08-15 16:34:13 +05:30
Guo Xiang Tan
0433163866 FEATURE: Support subfolders in SiteSetting.s3_backup_bucket. 2016-08-15 16:14:51 +08:00
Sam
fc095acaaa Feature: User API key support (server side implementation)
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
Guo Xiang Tan
aa5de3c40a FEATURE: Support subfolders in S3 bucket name.
This commit also fixes a bug where s3 uploads are not
moved to a tombstone folder when removed.
2016-08-15 13:07:41 +08:00
Robin Ward
9b840cac96 UX: Add "Search" category to site settings 2016-08-11 13:48:49 -04:00
Robin Ward
fc311dbe3b FEATURE: An option to search more recent posts for very large sites.
On very large forums searching posts can be slow, so this commit
introduces the ability to try and search only the most recent posts
first, and then going for a larger breadth search if there aren't
enough results.

Enable `search_prefer_recent_posts` and you can customize how many
recent posts to filter with `search_recent_posts_size`
2016-08-10 15:43:42 -04:00
Régis Hanol
e92f5e4fbf FEATURE: new email attachment blacklists site settings 2016-08-03 17:55:54 +02:00
Neil Lalonde
37162e476b FIX: remove gtm_ua_domain_name setting because it's preferable to configure it in Google Tag Manager settings 2016-08-02 14:54:35 -04:00
Régis Hanol
5b270b6b06 change 'clean_orphan_uploads_grace_period_hours' default value to 2 days 2016-08-01 18:36:39 +02:00
Sam
9018de39ed FEATURE: allow shipping bio markdown via SSO
- Also adds site setting for sso_overrides_bio to disable bio editing by end users
2016-08-01 15:29:28 +10:00
Sam
c6dbaca0dc SECURITY: disable user entered badge SQL by default
- Hidden site settings now must be change via rails console
2016-07-28 09:03:00 +10:00
Régis Hanol
6dac9075dc new 'convert_pasted_images_quality' site setting 2016-07-27 19:59:44 +02:00
Régis Hanol
749b981759 FEATURE: new 'convert_pasted_images_to_hq_jpg' site setting 2016-07-25 23:01:28 +02:00
Régis Hanol
b0f7e4ba00 FEATURE: deactive users after too many bounces 2016-07-25 18:57:06 +02:00
Régis Hanol
7648916314 new 'reset_bounce_score_after_days' site setting 2016-07-25 17:29:54 +02:00
Régis Hanol
d2e22ab215 extract bounce scores into site settings 2016-07-25 17:27:28 +02:00
Sam
df535c6346 FEATURE: refresh session cookie at most once an hour
This feature ensures session cookie lifespan is extended
when user is online.

Also decreases session timeout from 90 to 60 days.
Ensures all users (including logged on ones) get expiring sessions.
2016-07-25 12:07:31 +10:00
Arpit Jalan
a9207dafa7 FEATURE: configure session time via site setting for all the users (#4343) 2016-07-23 02:57:30 +05:30
Guo Xiang Tan
1adfa0a4b5 FEATURE: Add SiteSetting to disable readonly mode during backup. 2016-07-19 17:44:04 +08:00
Guo Xiang Tan
1ea1cefb35 Extract Nginx log analyzer into a plugin that ships with Discourse. 2016-07-19 15:44:00 +08:00
Jeff Atwood
fa5942f56c make email tokens (forgot,activate) live for 48 hours 2016-07-18 02:00:18 -07:00
Sam Saffron
46b34e3c62 FEATURE: remove user option for edit history public
Users can no longer opt-in for "public" edit history
if site owner disables it.

This feature adds cost and complexity to post rendering since
user options need to be premeptively loaded for every user in the
stream. It is also confusing to explain to communities with private edit
history.
2016-07-16 21:30:00 +10:00