Commit Graph

15977 Commits

Author SHA1 Message Date
Guo Xiang Tan
b16471edfb FIX: Invalid token error incorrectly displayed on email login page. 2018-02-21 15:46:53 +08:00
Guo Xiang Tan
8964e75ad6
Merge pull request #5612 from discourse/featheredtoast-two-factor-login
Featheredtoast two factor login
2018-02-21 15:00:10 +08:00
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Robin Ward
5c40ae9e63 FIX: Links in quotes should be counted for rate limits 2018-02-20 20:42:01 -05:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Kris
ce97bdb472 Flag badge too wide in header panels 2018-02-20 17:31:02 -05:00
Kris
677e126fbf UX: Implementing a box-shadow system, cleaning up existing shadows 2018-02-20 12:18:20 -05:00
Guo Xiang Tan
226ace1643 Update annotations. 2018-02-20 14:28:58 +08:00
Sam
86d12bd44b FEATURE: search within title using in:title
Also

- Significantly improved search ranking, title is treated most strongly
- Adds tag names to the index
- Run search re-indexer more aggressively
- Re-index topic and all posts on category change
2018-02-20 14:41:21 +11:00
Régis Hanol
60ec483caa FIX: include title in local onebox when linking to a different topic 2018-02-19 22:40:14 +01:00
Arpit Jalan
614b1c8e68 FIX: admin was not able to unblock screened IP address 2018-02-20 00:36:13 +05:30
Arpit Jalan
c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh
f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Zach Whitehead
afa2b36842 Add class to category link for easy styling (#5606) 2018-02-19 10:22:27 +01:00
Leo McArdle
5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
Joffrey JAFFEUX
b3b6373f77
FIX: do not show mail-forward icon if not needed 2018-02-19 09:52:35 +01:00
Arpit Jalan
33df2d6a02 FIX: data export should fill missing dates with zero value 2018-02-18 23:52:09 +05:30
Robin Ward
02093ecbdd Extensibility: Allow plugins to munge user params 2018-02-16 19:12:02 -05:00
Kris
a2327b4897 login button alignment fix 2018-02-16 17:13:10 -05:00
Kris
35a49a240a UX: Improving header scalability for large font themes 2018-02-16 15:58:10 -05:00
Kris
67526907cd Tags should wrap on mobile topic-list 2018-02-15 15:15:42 -05:00
Kris
5de78a719b Fixing emoji admin page column 2018-02-15 15:07:26 -05:00
Robin Ward
32e8cef0ad
Merge pull request #5596 from discourse/mobile-landscape-timeline
UX: Make mobile timeline extra short in landscape
2018-02-15 11:34:03 -08:00
Robin Ward
3faeb4f093 Calculate the heights when we need them 2018-02-15 14:33:20 -05:00
Neil Lalonde
991dfadad7 FIX: CategoryTagStat queries need to exclude PMs with tags 2018-02-15 12:13:42 -05:00
Neil Lalonde
fdd8ce9722 empty category_tag_stats table before running init job 2018-02-15 11:28:25 -05:00
Joffrey JAFFEUX
2cf40096d1
FIX: makes mini-tag-chooser search more efficient 2018-02-15 15:01:19 +01:00
Arpit Jalan
585fc26f8e FIX: allow discourse app to link directly to upgrade page 2018-02-15 18:20:25 +05:30
Joffrey JAFFEUX
e1883ba828
minor select-kit css improvements 2018-02-15 12:56:20 +01:00
Arpit Jalan
b43ac801d1 FIX: show create new topic link in advanced search mode 2018-02-15 17:23:34 +05:30
hnb-ku
afdc559f4f FEATURE: Whitelist div[data-theme-*] (#5598)
* Whitelist div[data-theme-*]

Whitelisting data attributes on <div> elements that match [data-theme-*] allows theme authors to target elements in posts and not have those attributes sanitized. 

https://meta.discourse.org/t/79520/16

* Update white-lister.js.es6
2018-02-15 04:32:41 -05:00
Guo Xiang Tan
7902296c11 Oops we should register a service worker as long as it is supported. 2018-02-15 15:02:14 +08:00
Kris
5ab44833ab UX: Make mobile timeline extra short in landscape 2018-02-14 23:27:06 -05:00
Guo Xiang Tan
9c7d609575 UX: Restore width of composer user selector.
* This fixes the build as well as a short width
  resulted in the user selector collapsing into
  the compressed display.
2018-02-15 11:49:10 +08:00
Guo Xiang Tan
28365f8ae5 PERF: Have nginx cache and serve the service worker file. 2018-02-15 10:50:39 +08:00
Sam
d8b4627fc8 we have to define this for tests to pass 2018-02-15 13:30:34 +11:00
Sam
b5b866aab3 oops 2018-02-15 13:13:31 +11:00
Sam
c89b42c488 PERF: only require the rss library if used
Before:

Total allocated: 257909321 bytes (2514134 objects)
Total retained:  39681579 bytes (343387 objects)

allocated memory by gem
-----------------------------------
  42875979  rss

retained memory by gem
-----------------------------------
   2080188  rss

retained objects by gem
-----------------------------------
     13052  rss

After:

Total allocated: 210562047 bytes (2252030 objects)
Total retained:  37433816 bytes (328635 objects)

----

So, 2 less megabytes on boot and 13000 objects stuck in ruby heaps forever.
2018-02-15 13:11:33 +11:00
Robin Ward
a03e7cee63 FIX: Group posts had the wrong paths in subfolders 2018-02-14 20:33:31 -05:00
Guo Xiang Tan
96e5a7da46 Prefer success_Json over custom success JSON payload. 2018-02-15 07:47:35 +08:00
Rafael dos Santos Silva
218c8e8623
Merge pull request #5595 from discourse/new-gfycat-onebox
New gfycat onebox
2018-02-14 19:03:28 -02:00
Robin Ward
a3e5a31674 FIX: Allow 404 pages to use the current theme 2018-02-14 15:29:01 -05:00
Kris
dffdff91a6 Fix avatar flair alignment on mobile user profiles 2018-02-14 13:39:30 -05:00
Kris
e85458e1b9 Removing old bootstrap columns 2018-02-14 12:27:34 -05:00
Joffrey JAFFEUX
3ad0266dd8
FIX: better handling of category badge when displaying sub and parent cat 2018-02-14 16:42:20 +01:00
Arpit Jalan
f07b1a5c05 FIX: activate user even if email token is already confirmed 2018-02-14 20:44:48 +05:30
Joffrey JAFFEUX
8ae2c4555a
FIX: do not translate the same string two times when rendering icon label 2018-02-14 12:41:24 +01:00
Joffrey JAFFEUX
23ef5f10e9
FIX: check can_create_tag on create and not on select 2018-02-14 12:20:07 +01:00
Joffrey JAFFEUX
e3774c7bed
FEATURE: displays category badge in {{category-chooser}} header 2018-02-14 11:49:23 +01:00
Joffrey JAFFEUX
e7761db60f
FIX: improves contrast on period-chooser when using dark-theme 2018-02-14 11:16:57 +01:00
Joffrey JAFFEUX
5d00a97ae9
FIX: regression preventing uncategorized badge to be shown 2018-02-14 11:03:33 +01:00
Joffrey JAFFEUX
b0eed424f7
FIX: continue discussion when creating new topic from composer-actions 2018-02-14 10:32:46 +01:00
Joffrey JAFFEUX
480c94d298
minor visual improvements to mini-tag-chooser 2018-02-14 10:26:43 +01:00
Sam
38f4acd55a FIX: rate limiter text is confusing, should not say daily
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
2018-02-14 15:29:50 +11:00
Sam
f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Joffrey JAFFEUX
548db91c76
FIX: displays an error when reaching tags limit 2018-02-14 00:30:09 +01:00
Gerhard Schlager
5a56746610 FIX: Embedded topic was not found when URL contained query string 2018-02-14 00:28:30 +01:00
Neil Lalonde
22f0b0096d FEATURE: show avatar flair on user profile page 2018-02-13 17:13:38 -05:00
Robin Ward
556ab8480e FIX: ESlint 2018-02-13 16:06:40 -05:00
Robin Ward
713993d150 UX: Link post ids in staff action logs to the post 2018-02-13 15:59:10 -05:00
Robin Ward
7348513848 FIX: Include post in staff action logs when silencing a user 2018-02-13 15:59:10 -05:00
Joffrey JAFFEUX
ed114177e7
Mini tag chooser tweaks 2018-02-13 19:41:03 +01:00
Joffrey JAFFEUX
d525a644d2
fix linting 2018-02-13 18:12:30 +01:00
Joffrey JAFFEUX
20123271d2
FIX: override backspaceFromFilter only if defined 2018-02-13 17:48:00 +01:00
Neil Lalonde
20e44b3c14 Revert "FIX: 404 page when clicking a badge notification from before changing username" 2018-02-13 11:39:33 -05:00
Régis Hanol
7d501058d7 FIX: don't grant new user of the month badge to suspended users or based on deleted topics/posts 2018-02-13 17:32:38 +01:00
Joffrey JAFFEUX
6bfc25d895
FEATURE: new {{mini-tag-chooser}} replaces {{tag-chooser}} in composer 2018-02-13 17:23:12 +01:00
Vinoth Kannan
0a95d2a21f FIX: Upload fails silently if it is bigger than max allowed size 2018-02-13 14:39:25 +05:30
Erick Guan
03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Guo Xiang Tan
f9280617d0 Remove redundant comment. 2018-02-13 15:58:13 +08:00
Maja Komel
1c27d93dcf anonymous shadow users are approved on creation if must_approve_users is enabled (#5569) 2018-02-13 01:58:38 -05:00
Muhlis Cahyono
cc3cf6588b FEATURE: Notification API Endpoints for Admins
* create/update/delete notification api with external url
* remove external url feature
* Fix Travis CI build error (add new line)
* Fix Travis CI build error
2018-02-13 01:38:26 -05:00
Sam
14d0450bef FEATURE: Only load service worker for Android
TBD an interface for plugin to enable service workers on desktop if they need them
2018-02-13 16:23:36 +11:00
Sam
074d590abd FIX: stop counting offline page as a page view 2018-02-13 16:19:43 +11:00
Sam
b34b1b6fe3 FIX: invite to message was not allowing groups
Previously we were incorrectly checking mentionable instead of messageable

Also fix edge case where multiple groups sharing a name mean that exact match override is not working

Also cleans up params sent to user selector
2018-02-13 13:28:46 +11:00
Kris
5f8f691e2b FIX: Border issue with group inputs on high resolution displays 2018-02-12 21:09:40 -05:00
Robin Ward
ae15faeb34 FIX: Allow links from one relative uri to another 2018-02-12 18:27:08 -05:00
Robin Ward
4c9959f795 FIX: Don't allow silenced users to reach TL3 2018-02-12 17:20:11 -05:00
Neil Lalonde
1bafbc8c5c
Merge pull request #5576 from discourse/top-tags
PERF: a faster way to count tags used per category
2018-02-12 16:25:18 -05:00
Kris
32116654ec removing duplicate topic-map desktop/mobile styles 2018-02-12 15:20:14 -05:00
Neil Lalonde
76c309fe6b PERF: a faster way to count tags used per category 2018-02-12 15:16:47 -05:00
Vinoth Kannan
e700e3e882 FIX: post_destroyed webhook event not fired 2018-02-13 01:36:56 +05:30
Robin Ward
d962d6072e FIX: Don't auto select ALL topics, only keyboard chosen ones 2018-02-12 13:54:37 -05:00
Robin Ward
7b7f94d7df FIX: Using cmd-f to search in a topic wasn't restricting to that topic 2018-02-12 13:09:56 -05:00
Kris
44f39ddc86 prevent post-link clicks from being squished by long strings 2018-02-12 11:52:42 -05:00
Rafael dos Santos Silva
4644757785 FEATURE: Style new gfycat onebox 2018-02-12 13:39:52 -02:00
Joffrey JAFFEUX
3d5c4580bd
FIX: makes sure we add ellipsis to action-title 2018-02-12 16:27:24 +01:00
Kris
d30c43e8cc usercard overflow fix 2018-02-10 21:27:25 -05:00
Kris
3d22ba35bc usercard website fix 2018-02-09 21:45:38 -05:00
Robin Ward
cee3337357 Don't allow users to auto-hide staff posts 2018-02-09 19:53:58 -05:00
Robin Ward
b31e6e64fb FIX: After deleting a post, staff can recover it 2018-02-09 19:42:16 -05:00
Robin Ward
569e57f0a9 FIX: Delete the invalid auth cookie even if you hit the rate limit 2018-02-09 19:09:54 -05:00
Robin Ward
2faa4c2f5f FIX: Don't show personal messages if disabled as a composer action 2018-02-09 16:58:35 -05:00
Kris
56352137ca UX: Preventing usercard and profile URLs from overflowing 2018-02-09 16:55:43 -05:00
Kris
88a992014b Default modals were too wide 2018-02-09 15:45:34 -05:00
Kris
597f17bf70 button padding nitpick 2018-02-09 15:41:59 -05:00
Vinoth Kannan
91beedd0ca FEATURE: Composer HTML pasting ul tag support for MS Word 2018-02-10 01:18:56 +05:30
Kris
1e51be923c UX: Improving post-link alignment 2018-02-09 12:43:15 -05:00
Kris
6f094ee27e extra-info-wrapper titles were too short 2018-02-08 20:43:34 -05:00
Robin Ward
5466389f4e FIX: Consider oneboxes links wrt to min_trust_level_to_post_links 2018-02-08 18:27:40 -05:00
Kris
69bccb9e32 UX: Better alignment of small topic statuses 2018-02-08 17:04:29 -05:00
Jeff Wong
8e49033ed1 tab index composer actions
add styling for :focus
2018-02-08 12:16:13 -08:00
Kris
e17e6d2880 Removing unneeded width 2018-02-08 14:10:04 -05:00
Robin Ward
dedeb2deb8 FIX: Don't show the link button in the composer if linking is disabled 2018-02-08 12:56:10 -05:00
Joffrey JAFFEUX
8c89f5704d
FIX: makes sure we display whisper if we don’t have a post 2018-02-08 14:18:53 +01:00
Gerhard Schlager
0ecdf90023 FIX: Validations could prevent moving posts 2018-02-08 13:36:13 +01:00
Gerhard Schlager
8ab6689f43 FIX: Preserve original date when moving first post 2018-02-08 12:55:32 +01:00
Joffrey JAFFEUX
190d208631
FEATURE: improves composer-actions toggle menu
* only toggles
* fix a bug with presence
* more tests
* do not duplicate `continuing discussion...` text
* persist state to allow switching between toggles
2018-02-08 11:46:55 +01:00
Robin Ward
209a6cae2c FIX: Don't show messages setting if messages are disabled 2018-02-07 11:43:22 -05:00
Robin Ward
c0ef6ca01c UX: Show the footer on the user summary and preferences pages 2018-02-07 11:35:36 -05:00
Gerhard Schlager
8765279c90 FIX: Customizing site texts ignored current locale for _MF keys 2018-02-07 16:57:08 +01:00
Gerhard Schlager
890ffb1eb5 FIX: overriding _MF translations worked only for English 2018-02-07 12:47:15 +01:00
Neil Lalonde
ce26f48f97 FIX: only send up to 100 selected tags in the tag search request to avoid sending a query string that's too long 2018-02-06 17:54:57 -05:00
Joffrey JAFFEUX
cdded801c5
FIX: correctly shows link to post number when editing 2018-02-06 22:17:27 +01:00
Kris
900f37e5a9 UX: Allow history modal to scale down on smaller screens 2018-02-06 15:02:51 -05:00
Sam Saffron
884b9d4b78 PERF: optimize performance of new topics query (home page)
This ensures the bypass is always applied to query plan
also, add frozen strings
2018-02-06 12:37:23 -05:00
Joffrey JAFFEUX
b1593c0184
FIX: prevents exception when opening new topic on mobile
Repro:

- Visit https://meta.discourse.org/categories, refresh the page
- Navigate to Latest
- Click New Topic
- Error occurs
2018-02-06 14:48:04 +01:00
Kris
e7b732ad95 FIX: Desktop/mobile heatmap colors should be the same 2018-02-05 21:36:35 -05:00
Neil Lalonde
d7e90edeb5 PERF: Tl3Promotions job can limit the number of TL3 candidates by using some simple requirements in the query 2018-02-05 17:54:36 -05:00
Neil Lalonde
648a11a6a1 FIX: size of tags input field of tag group 2018-02-05 15:05:43 -05:00
Simon Cossar
e3de396091 Set text to empty string when null is passed as argument (#5560) 2018-02-06 07:05:32 +11:00
Joffrey JAFFEUX
c48761c628
s/select-box-kit/select-kit
Definitely remove legacy naming.
2018-02-05 18:25:39 +01:00
Neil Lalonde
8fe61c68a1 FIX: process_post job should update baked_at and baked_version if it rebakes the post 2018-02-05 11:47:04 -05:00
Régis Hanol
130974d58d FIX: automatically unsilence users 2018-02-05 17:45:47 +01:00
Kris
ad8c2c08a4 fixing link alignment in titles 2018-02-05 10:42:37 -05:00
Joffrey JAFFEUX
bd0a8ae792
FIX: makes scrollbar always on for small dropdowns 2018-02-05 10:51:06 +01:00
Joffrey JAFFEUX
5cd5d5aca5
FIX: prevents a regression where enter wasn't working in inputs 2018-02-05 09:55:58 +01:00
Robin Ward
0776340b29 SECURITY: Prevent robots from indexing more routes
These routes could contain sensitive material and should never be
indexed for content.
2018-02-04 13:24:36 -05:00
Kris
86bf6babf8 FIX: Prevent long composer overlapping controls 2018-02-02 22:31:55 -05:00
Kris
cf623e65e0 tag alignment fix 2018-02-02 21:29:51 -05:00
Kris
cd798e49d8 header text wrap fix 2018-02-02 19:33:00 -05:00
Kris
8bac9c7a09 header-extra wrap fix 2018-02-02 19:28:45 -05:00
Kris
9e690bf238
UX: Cleaning up category badge alignment (#5561) 2018-02-02 19:03:25 -05:00
Robin Ward
2f19588311 FIX: If personal messages are disabled, don't show messages for groups 2018-02-02 16:35:54 -05:00
Robin Ward
68d0d39ab7 FIX: Order the homepage box in the same order as the top menu
This is required because "no interface" is the same as showing
the first entry. But when the top menu has changed the first
entry is no longer the same, so it shows the wrong default.
2018-02-02 16:11:28 -05:00
Vinoth Kannan
e8559f222c FIX: After moving the posts topic timestamp should be updated with newest post 2018-02-02 19:30:52 +05:30
Joffrey JAFFEUX
b4aad15267
FIX: simplify styling of category-name when using category-drop/link 2018-02-02 10:31:20 +01:00
Joffrey JAFFEUX
cf592fa35d
remove debugging code 2018-02-02 09:31:47 +01:00
Joshua Rosenfeld
e5655f0b6b
UX: Add specific classes to ip address rows on user admin 2018-02-02 00:40:10 -05:00
Joffrey JAFFEUX
85db6cd2d7
FIX: makes sure we have a content to filter 2018-02-02 02:13:06 +01:00
Joffrey JAFFEUX
a4445b0c1e
FIX: improve dropdown-select-box on mobile 2018-02-02 00:47:12 +01:00
Robin Ward
d31417d3af FIX: Remove unused import 2018-02-01 18:03:22 -05:00
Joffrey JAFFEUX
ce507b7957
FEATURE: display search on large category-drop and tag-drop 2018-02-01 23:51:29 +01:00
Robin Ward
8ff4104555 Many enhancements to the flagging / suspending interface. 2018-02-01 17:13:02 -05:00
Joffrey JAFFEUX
f7df68c9a3
FIX: makes composer-actions toggling whisper instead of replying 2018-02-01 23:07:37 +01:00
Robin Ward
0156ae486d Apply extra classes to header avatar 2018-02-01 16:59:10 -05:00
Robin Ward
9f96d59a17 FIX: Unused import 2018-02-01 16:31:21 -05:00
Neil Lalonde
9fa71e198e FIX: admin reports charts should use same time of day as dashboard numbers 2018-02-01 15:59:39 -05:00
Neil Lalonde
ef2a7ac0f7 FIX: admin reports would sometimes return fewer than 30 days of data, causing current 30 day period counts to be too small and prev30day counts to count the wrong days 2018-02-01 15:50:51 -05:00
Robin Ward
08db10491e Adds a new plugin API for adding classes to be shown on user avatars 2018-02-01 15:24:26 -05:00