github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 18:54:13 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
32,944 Commits 190 Branches 500 Tags 938 MiB
d110f252bb
Commit Graph

2640 Commits

Author SHA1 Message Date
Sam
06b9d8223a FIX: search within topic not working correctly in CJK 
We were splitting the term prior to search causing everything to miss
 2018-11-07 09:41:55 +11:00
Jeff Atwood
afbdf9c2d2
Merge pull request #6558 from pmusaraj/disallow-flagging-deleted-post 
FIX: disable flagging hidden posts
 2018-11-05 11:05:32 -08:00
Penar Musaraj
7b3432f711 Enforce disabling flagging hidden posts server-side 2018-11-05 10:00:59 -05:00
Maja Komel
1ac3e5473a FIX: don't strip eml attachments from received emails 2018-11-05 09:35:22 +01:00
Sam
9933059426 FEATURE: push related PMs to take first 3 slots 
Previously the related PMs were last meaning you would have to work through
all unread to see them.

Also amends it so it either asks for related by group OR user not both.
 2018-10-29 10:47:59 +11:00
Régis Hanol
306d77b54f FIX: don't use srcset on cropped thumbnails 2018-10-25 16:08:10 +02:00
David Taylor
56e0f47bcd FIX: Do not update last_seen for API access 
This regressed in 2dc3a50. I have now added tests for the behavior.
 2018-10-25 13:38:57 +01:00
Sam
e955a7b49d Revert "Revert "FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder (#6523)"" 
This reverts commit 322b27b6dc.

Oops rushed on the revert here... should be good
 2018-10-24 15:14:01 +11:00
Sam
322b27b6dc Revert "FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder (#6523)" 
This reverts commit 63356d883e.

This caused an outage, got to revert
 2018-10-24 15:03:58 +11:00
Kyle Zhao
63356d883e FIX: GlobalPath#upload_cdn_path when S3 bucket has a folder (#6523) 2018-10-24 14:34:10 +11:00
Daniel Hollas
cee51672c9 FIX: Strip accents from search query 
4481836 introduced accent stipping in search_indexer,
but we need to strip it from the query itself as well

TODO in search with diacritics:
 - Still need to fix excerpts on search page
 - need to support accent stripping in in_topic search
 - need to make sure that in:title works correctly
 - need to fix "word boldening" in titles
 2018-10-23 12:10:33 +11:00
Arpit Jalan
ce0a51665e FIX: count emoji shortcuts in topic title 
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
 2018-10-22 13:44:05 +05:30
Penar Musaraj
b06dccac49 FIX: force enable a user's email_private_messages option when user replies via email (#6478) 
* Enable user email PM when posting to group or replying to topic via email

* remove extra line

* Add test and fix snake_case

* Only reenable email_private_messages for PM replies
 2018-10-16 10:51:57 +11:00
Davide Porrovecchio
005e1f5373 Add Cache-Control header to CORS (#6490) 2018-10-16 10:46:55 +11:00
Neil Lalonde
0724948878 fix failing spec when HUB_BASE_URL is present 2018-10-15 15:06:02 -04:00
Neil Lalonde
d166c38ab7 REFACTOR: distributed_cache is moved to the message_bus gem 2018-10-15 15:01:45 -04:00
Guo Xiang Tan
8fa59f0548 FIX: Can't clean a tag if the given string is frozen. 2018-10-15 14:48:45 +08:00
Sam
057087e0e8 FEATURE: log long running jobs in the defer queue 
If a job in the defer queue takes longer than 90 seconds log an error
 2018-10-12 17:03:47 +11:00
Bianca Nenciu
048cdfbcfa FIX: Do not allow revoking the token of current session. (#6472) 
* FIX: Do not allow revoking the token of current session.

* DEV: Add getter of current auth_token from Guardian.
 2018-10-12 10:40:48 +11:00
Gerhard Schlager
7a41a783a4 FIX: Don't reply to Unsubscribe email sent to mailing list mirror 2018-10-11 16:09:22 +02:00
Guo Xiang Tan
5039a6c3f1 FIX: Strip null bytes in mail subjects. 2018-10-11 09:46:32 +08:00
Vinoth Kannan
59be289084 FIX: Do not add lightbox to onebox images (#6479) 2018-10-11 08:57:21 +11:00
Robin Ward
a566ed42ae FEATURE: Option to disable user presence and profile 
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
 2018-10-10 17:34:33 -04:00
Bianca Nenciu
4e0533a20b FIX: Generate Onebox for posts of type moderator_action. (#6466) 2018-10-10 18:39:03 +08:00
Sam
45f01e637b FIX: when associating Github account disassociate others 
There are some cases where an email floats from one GitHub account to another
if this happens just take over the Github mapping record
 2018-10-10 15:46:50 +11:00
Guo Xiang Tan
f26804394a DEV: Remove the use of stubs on Rails.logger in our test suite. 2018-10-10 09:34:50 +08:00
Bianca Nenciu
1fb1f4c790 FIX: Make error in Discourse Hub more descriptive. (#6438) 2018-10-09 22:05:31 +08:00
David Taylor
ac89a728f8 DEV: Remove autospec hacks for social auth providers 
This was causing erratic test failures. Autospec continues to work after
removing, so this 5-year-old code is no longer needed.
 2018-10-09 12:42:57 +01:00
Erin Kosewic
51aba32651 FEATURE: add branch option to remote theme import 
* FEATURE: add branch option to remote theme import

* FIX: Add missing variable in params

* FIX: Add missing param for import_theme method

* SPEC: Add test methods for branch support in git import

* FIX: Add missing space to scss style

* Do not assume default branch as master

* Change branch field placeholder

* FIX: add missing div start tag
 2018-10-09 17:01:08 +11:00
Gerhard Schlager
4881fb028f FIX: allow_uppercase_posts didn't work for topic titles 2018-10-08 23:50:06 +02:00
Guo Xiang Tan
40fa96777d
FEATURE: Post deployment migrations. (#6406) 
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.

The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.

```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```

To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
 2018-10-08 15:47:38 +08:00
Arpit Jalan
c0bb04d89d FIX: convert tag string to array when filtering topic list by tags 2018-10-08 08:56:25 +05:30
Penar Musaraj
26956bbe1a FIX: Safari issue with some emojis (#6456) 
https://meta.discourse.org/t/emojis-selected-on-ios-displaying-additional-rectangles/86132/8
 2018-10-08 10:32:25 +08:00
Vinoth Kannan
4000dddd32
Merge pull request #6458 from vinothkannans/fix-giphy 
FIX: Display large/broken image placeholders for image oneboxes
 2018-10-07 18:08:54 +05:30
Vinoth Kannan
c499872597 FIX: Display large/broken image placeholders for image oneboxes 2018-10-07 17:42:41 +05:30
David Taylor
9bf522f227
FEATURE: Mixed case tagging (#6454) 
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.

- If force_lowercase_tags is disabled, then mixed case tags are allowed.

- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.

- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.

- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.

- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
 2018-10-05 10:23:52 +01:00
Vinoth Kannan
8430ea927e FIX: Generate webhook payloads before destroy events (#6325) 2018-10-05 16:53:59 +08:00
David Taylor
5b56a8cd09 DEV: Merge multiple discourse_tagging_spec files 2018-10-04 15:44:29 +01:00
Maja Komel
361ad7ed2b FEATURE: add indication if incoming email attachment was rejected and inform sender about it (#6376) 
* FEATURE: add indication if incoming email attachment was rejected and inform sender about it

* include errors for rejected attachments in email

* don't send warning email to staged users

* use user object instead of user_id in add_attachments method
 2018-10-04 22:08:28 +08:00
Guo Xiang Tan
d43ed4afa2 Remove unused variable. 2018-10-04 13:21:37 +08:00
Lucas Nicodemus
1907338834 FIX: No longer educate users who are editing 
A user editing a post will no longer get composer messages that are
meant for new users posting replies and threads. These messages don't
make sense in an edit context at all -- they're usually discussing
making salient replies or topics, or adding avatars. They make even less
sense when a user is an admin attempting to change the default topics
for the first time.

Since these messages actually do make sense for a user when they have a
low post count, though, they're still going to occur. They just occur
when a user is creating new content (and thus, more likely to read the
notice), not during edits.

This is in response to this issue:
https://meta.discourse.org/t/education-message-for-editing-wiki-topic/66682
 2018-10-04 13:20:13 +08:00
Sam
ad0e768742 FEATURE: add support for responsive images in posts 
When creating lightboxes we will attempt to create 1.5x and 2x thumbnails
for retina screens, this can be controlled with a new hidden site setting
called responsice_post_image_sizes, if you wish to create 3x images run

SiteSetting.responsive_post_image_sizes = "1|1.5|2|3"


The default should be good for most of the setups as it balances filesize
with quality. 3x thumbs can get big.
 2018-10-03 13:44:53 +10:00
Penar Musaraj
34516c72bd
FIX: Recover public actions (likes) when recovering a post (#6412) 2018-10-02 11:25:08 -04:00
Bianca Nenciu
e0d7cdac12 UX: Improve error messages for minimum and maximum username lengths. 2018-10-02 13:10:20 +08:00
Penar Musaraj
da9eee5262 FIX: Force enable user PM emails option when user posts to a group by email. 2018-10-02 12:38:10 +08:00
Gerhard Schlager
e2770bc1c4 FIX: async reload of locales could result in missing translations 2018-10-01 17:14:36 +02:00
Penar Musaraj
70d74f8fc1 FIX: advanced search ordering broken when using tags 2018-09-28 17:27:08 +08:00
Kyle Zhao
4bb980b9f7
FEATURE: do not allow moderators to export user list (#6418) 2018-09-21 09:07:13 +08:00
Sam
df45e82377 SECURITY: only allow picking of avatars created by self (#6417) 
* SECURITY: only allow picking of avatars created by self

Also adds origin tracking to all uploads including de-duplicated uploads
 2018-09-19 22:33:10 -07:00
Jeff Wong
d5442fbf08 FIX: do not send tl1 welcome message when a user has the basic user badge 2018-09-19 12:53:36 -07:00
Sam
5302709343 FIX: in redis readonly raise an exception from DistributedMutex 
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller

When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb

In redis readonly no thumbnails will be generated
 2018-09-19 15:50:58 +10:00
Arpit Jalan
fadcd36f92 FIX: do not treat ignore_redirects domains as blacklisted 
This fix prevents domains present in `ignore_redirects` to be treated as
blacklisted domains and makes sure that onboxing happens for those domains.
Issue reported here: https://meta.discourse.org/t/steam-store-oneboxing-no-longer-works/97266
 2018-09-18 10:38:02 +05:30
Guo Xiang Tan
ce6a0a5e9e FIX: Moving upload to tombstone should update modification time. 
A upload created a long time ago will be nuked from the tombstone
immediately if it gets deleted.
 2018-09-18 10:48:29 +08:00
Sam
37c5280f73 correct spec 2018-09-17 11:37:01 +10:00
Rishabh
4f46aa1ba3 FEATURE: Add SiteSetting for s3_configure_tombstone_policy 
Add SiteSetting for s3_configure_tombstone_policy, skip policy generation if turned off (default on)
 2018-09-17 10:57:50 +10:00
Neil Lalonde
526ffc4966 FIX: error in response body to blocked crawlers, showing 500 Internal Server Error with status of 403 2018-09-14 15:40:20 -04:00
Neil Lalonde
b87a089822 FIX: don't block api requests when whitelisted_crawler_user_agents is set 2018-09-14 15:40:20 -04:00
Guo Xiang Tan
c3f6b4d966 DEV: Test against real Upload#url format. 2018-09-14 13:43:33 +08:00
Arpit Jalan
d288462abf
Merge pull request #6393 from techAPJ/bad-json 
FIX: ignore and log bad json values for custom fields
 2018-09-13 15:54:01 +05:30
Arpit Jalan
e364547ff7 FIX: ignore and log bad json values for custom fields 2018-09-13 14:26:30 +05:30
Guo Xiang Tan
6c65718301 Include response body when raising an error in FileHelper#download. 2018-09-13 15:43:58 +08:00
Gerhard Schlager
1a01385e88 FIX: "false" didn't work as locale_default 2018-09-11 13:42:10 +02:00
Rishabh Nambiar
81c87df18a FIX: don't raise an error on integer usernames 2018-09-10 22:17:56 +05:30
Guo Xiang Tan
df04e69cde FIX: S3Helper#list creates incorrect prefix. 2018-09-10 16:34:40 +08:00
Sam
879067d000 FIX: check admin theme cookie against user selectable 
previously admin got a free pass and could set theme via cookie to anything
including themes that are not selectable

this refactor ensures that only "preview" gets a free pass, all the rest
goes through the same pipeline
 2018-09-07 10:47:28 +10:00
Guo Xiang Tan
d4b05d7bc5 Always link post to uploads in post process. 
The operation is cheap anyway so no point skipping.
 2018-09-06 14:08:03 +08:00
Guo Xiang Tan
434035f167 FIX: Link post to uploads in PostCreator. 
* This ensures that uploads are linked to their post on creation
  instead of a background job which may be delayed if Sidekiq
  is facing difficulties.
 2018-09-06 11:18:11 +08:00
Guo Xiang Tan
f3aef2cc83 FIX: Incorrect/missing extension in short_url fails to map to upload. 
`Hash#invert` causes us to lose keys if the hash contains similar
values.
 2018-09-05 21:48:58 +08:00
Guo Xiang Tan
3b337bfc6b Revert "FIX: Don't rate limit admin and staff constraints when matching routes." 
This reverts commit 651b50b1a1.
 2018-09-04 14:27:21 +08:00
Guo Xiang Tan
19182c0c8f DEV: Skip fragile tests for now. 2018-09-04 13:58:09 +08:00
Guo Xiang Tan
651b50b1a1 FIX: Don't rate limit admin and staff constraints when matching routes. 
* When an error is raised when checking route constraints, we
  can only return true/false which either lets the request
  through or return a 404 error. Therefore, we just skip
  rate limiting here and let the controller handle the
  rate limiting.
 2018-09-04 13:52:58 +08:00
Guo Xiang Tan
08b268c5bc Be more forceful in disconnecting connections during failover. 2018-09-04 10:32:43 +08:00
Gerhard Schlager
eeedc3901e FIX: Replying to deleted post via email should create new reply to topic 2018-09-03 23:06:40 +02:00
Vinoth Kannan
24a14af15a FIX: Respect invalidate_oneboxes option for inline oneboxes 2018-09-03 22:33:43 +05:30
Guo Xiang Tan
ecf60c0c33 DEV: More attempts at stablizing specs in Travis. 
Re-enable skipped test because it doesn't fail locally
for me to debug it.
 2018-09-03 14:52:15 +08:00
Guo Xiang Tan
747c9bb47f
Merge pull request #6317 from nbianca/ignore_blacklisted_domains 
FIX: Ignore OneBox blacklisted domains.
 2018-09-03 11:10:52 +08:00
Guo Xiang Tan
0fac6cdba9 DEV: Better debugging information when test fails. 2018-09-03 10:55:25 +08:00
Maja Komel
182d9a4666 FIX: escape regex chars when searching site texts 2018-09-02 17:25:57 +10:00
Osama Sayegh
60eff9421a FIX: precompile desktop_theme and mobile_theme stylesheets 
required for environments that pre stage docker images and keep old image running during the deploy
 2018-08-31 21:23:55 +10:00
Guo Xiang Tan
ae2f00ee73 DEV: Include the thread in the error message. 2018-08-31 17:14:19 +08:00
Sam
9b7cab589a FIX: revert diacritic stripping 
See more details in test case and at: https://meta.discourse.org/t/discourse-should-ignore-if-a-character-is-accented-when-doing-a-search/90198/16?u=sam
 2018-08-31 11:46:55 +10:00
Guo Xiang Tan
81b99efc68 DEV: Raise an error if thread doesn't return within expected time. 2018-08-31 09:26:28 +08:00
Vinoth Kannan
297e8aaf2e FIX: Escape regex pattern variable before using it 2018-08-31 03:02:24 +05:30
Osama Sayegh
9efbf2c49f FIX: changing component settings should trigger refresh for parent theme CSS (#6340) 2018-08-30 20:53:03 +10:00
Sam
44cf3cf975 FIX: queue heartbeats in readonly modes 
If sidekiq is paused or Discourse is in readonly continue to queue
heartbeats

If we do not do that then a master process can end up reaping sidekiq
workers and causing various badness

This also impacts restore which can do weird stuff TM in cases like this
 2018-08-29 12:36:59 +10:00
Davide Porrovecchio
1826626272 FEATURE: Add Content-Type header to CORS 
- add Content-Type to Access-Control-Allow-Headers
- update test accordingly
 2018-08-28 11:19:38 +10:00
Neil Lalonde
ebe7835316 FIX: links in rss feeds are sometimes wrong on subfolder installs 2018-08-27 18:05:15 -04:00
Bianca Nenciu
b6963b8ffb FIX: Ignore OneBox blacklisted domains. 2018-08-27 20:40:55 +02:00
Sam
dc17ae3b2f correct specs 2018-08-27 14:50:56 +10:00
Sam
4205c528d0 FEATURE: hide enable_personal_email_messages and min_trust_to_send_email_messages 
These site settings are very hard to explain and only applicable for very
specific Discourse setups.

If an admin "enables staged users" which is used in support scenarios then
all staff can send "messages" directly to an "email".

The setting allows you to extend this to TL4 or any trust level.

Actual use case would be a support type setup with restricted staff. It is
quite rare so hiding this for now and re-evaluate keeping the setting in
2019
 2018-08-27 11:38:22 +10:00
Raul Tambre
2271918be2 FEATURE: Use S3 dualstack endpoints 
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
 2018-08-27 11:22:46 +10:00
Maja Komel
020eba4623 FIX: find tags with non-latin names (#6312) 2018-08-27 11:05:28 +10:00
Osama Sayegh
e0cc29d658 FEATURE: themes and components split 
* FEATURE: themes and components split

* two seperate methods to switch theme type

* use strict equality operator
 2018-08-24 11:30:00 +10:00
Sam
ac11f8df52 correct regression searching with diacritics 2018-08-24 10:00:51 +10:00
Arpit Jalan
7a91df3248
Merge pull request #6290 from techAPJ/latest-full-name 
UX: show full name on /latest page
 2018-08-23 17:34:54 +05:30
Arpit Jalan
1a7cd6648b UX: show full name on /latest page 2018-08-23 14:41:06 +05:30
Guo Xiang Tan
dd810b8b05
Merge pull request #6304 from tgxworld/create_functions_in_different_schema 
FIX: Create `BaseDropper` functions in a different schema.
 2018-08-23 15:01:41 +08:00
Guo Xiang Tan
212ee15804 FIX: Create BaseDropper functions in a different schema. 
https://meta.discourse.org/t/error-when-restore-db-backup/93145/25?u=tgxworld
 2018-08-23 12:52:21 +08:00
Osama Sayegh
2711f173dc FIX: don't allow inviting more than max_allowed_message_recipients 
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows

* add specs for guardian

* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)

Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences

* groups take only 1 slot in PM

* just return if topic is a PM
 2018-08-23 14:36:49 +10:00
Guo Xiang Tan
36a7028f19 FEATURE: Clean up PostReplyKey records. 
* Default retention of 90 days.
 2018-08-23 10:40:02 +08:00
Régis Hanol
f01169d6ff FIX: don't send email when the post was deleted 2018-08-22 13:13:58 +02:00
Sam
272de95175 FIX: client duplicate registration should be cleaned up 
If for any reason we are unable to correct client id on a user api key
invalidate old keys for client/user
 2018-08-22 12:56:49 +10:00
Sam
5d96809abd FIX: improve support for subfolder S3 CDN 2018-08-22 12:31:13 +10:00
Sam
f5142861e5 Revert "Revert "FIX: upload URLs from S3 on subfolder installs"" 
This reverts commit 26c96e97e5.

We have no choice but to run this code
 2018-08-22 11:31:33 +10:00
Sam
26c96e97e5 Revert "FIX: upload URLs from S3 on subfolder installs" 
This reverts commit 357df2ff4f.
 2018-08-22 10:51:40 +10:00
Neil Lalonde
357df2ff4f FIX: upload URLs from S3 on subfolder installs 2018-08-21 14:58:55 -04:00
Guo Xiang Tan
7dcc69aef4 DEV: Refactor test to not call private method. 2018-08-21 14:29:58 +08:00
Guo Xiang Tan
48f499b324 DEV: Refactor some mail receiver related specs. 2018-08-21 14:00:45 +08:00
Guo Xiang Tan
d104de2a09 Remove line that is no longer required. 2018-08-21 11:48:58 +08:00
Robin Ward
a83f662492 FIX: Allow silenced users to like / bookmark, just not flag. 2018-08-17 11:06:18 -04:00
Guo Xiang Tan
010fe479cb Fix linting. 2018-08-17 17:34:25 +08:00
Guo Xiang Tan
16c0ebe8a8 Fix the build. 2018-08-17 16:53:07 +08:00
Guo Xiang Tan
a26ef7738f FIX: FileHelper#download should return nil if max size is exceeded. 2018-08-17 16:19:59 +08:00
Guo Xiang Tan
fae8757cd4 FIX: Guardian#post_can_act? shouldn't raise an error if user of post has been deleted. 2018-08-17 15:11:30 +08:00
Joffrey JAFFEUX
10a3499d68
uses emoji versions for specs (#6276) 2018-08-16 13:45:30 +02:00
Sam
91e0a77a60 FEATURE: silenced users should not be allowed to edit posts 2018-08-15 14:29:36 +10:00
Robin Ward
87fa26b6c8 FIX: Silenced users shouldn't be able to act on posts 2018-08-14 11:43:39 -04:00
Régis Hanol
de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Neil Lalonde
d77dccc636 FIX: user-deleted posts with deferred flags can be destroyed 2018-08-09 14:54:31 -04:00
Guo Xiang Tan
1ea23b1eae FIX: Wrong order for S3Helper#copy_file. 2018-08-08 15:58:54 +08:00
Sam
a35f2984e9 FIX: support Arrays with Marshal dump in distributed cache 
Theme cache uses arrays here
 2018-08-08 16:44:56 +10:00
Osama Sayegh
0b7ed8ffaf FEATURE: backend support for user-selectable components 
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
 2018-08-08 14:46:34 +10:00
Guo Xiang Tan
aafff740d2 Add FileStore::S3Store#copy_file. 2018-08-08 11:30:34 +08:00
Guo Xiang Tan
d1860a4f7d DEV: Fix test to use an actual PNG instead of a GIF. 2018-08-07 12:02:35 +08:00
David Taylor
812add18bd REFACTOR: Serve auth provider information in the site serializer. 
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
 2018-08-06 09:25:48 +01:00
Régis Hanol
bf4d98e89d FIX: always store topic links using the upload url 2018-08-04 01:29:32 +02:00
Joffrey JAFFEUX
066010db7d
FEATURE: introduces list/compact_list components 2018-08-03 16:41:37 -04:00
Régis Hanol
ac2513b0f2 FEATURE: automatic PM when a user's email is revoked 2018-08-03 16:39:22 +02:00
Sam
280c318c49 FEATURE: allow ruby tags in Markdown 2018-08-03 11:47:36 +10:00
Jeff Atwood
c81bad3232
Merge pull request #6232 from OsamaSayegh/message-email-short-reply 
UX: better rejection message when reply via email is too short
 2018-08-02 14:25:04 -07:00
OsamaSayegh
a157dfd418 UX: better rejection message when reply via email is too short 2018-08-02 22:43:53 +03:00
Sam
0b3d51a8bc FEATURE: whitelist lang attribute 2018-08-02 16:53:08 +10:00
Penar Musaraj
4a872823e7 Improvements to user drafts (#6226) 
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels

* use JSON when testing Draft.stream
 2018-08-02 07:41:27 +10:00
Neil Lalonde
b829452c75
Merge pull request #6209 from discourse/mini_scheduler 
REFACTOR: extract scheduler to the mini_scheduler gem
 2018-08-01 10:28:24 -04:00
Penar Musaraj
1f45215537 FEATURE: Drafts view in user profile 
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
 2018-08-01 16:34:54 +10:00
Vinoth Kannan
6aee22b88f FIX: Onebox images are not downloaded locally without css class 2018-08-01 02:51:02 +05:30
Neil Lalonde
4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
Arpit Jalan
afe3b00c0f FIX: use hidden setting for max export file size 2018-07-31 11:25:28 +05:30
Guo Xiang Tan
b94633e844 FIX: FileHelper should prioritize response content-type. 
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
 2018-07-30 10:54:36 +08:00
David Taylor
5f1fd0019b FEATURE: Allow revoke and connect for GitHub logins 2018-07-27 17:18:53 +01:00
David Taylor
6296f63804 FEATURE: Revoke and connect for Yahoo logins 2018-07-27 16:20:47 +01:00
David Taylor
9c72c00206 FEATURE: Revoke and reconnect for Twitter logins 2018-07-27 12:28:51 +01:00
Neil Lalonde
135c803f49 FIX: don't send PM if flagged post is deleted but flags were deferred or cleared 2018-07-26 15:12:31 -04:00
David Taylor
fa399ce1c5 FEATURE: Add revoke and reconnect functionality for google logins 2018-07-25 16:03:14 +01:00
Gerhard Schlager
84d14fd8a0 FIX: Don't rely on setting data type read from database 2018-07-25 11:40:59 +02:00
Neil Lalonde
417bcf7d2e add checks for staff and system user before sending flags_agreed_and_post_deleted message 2018-07-24 19:25:11 -04:00
Neil Lalonde
fe39cdc90a FEATURE: when a post is deleted because a moderator agreed with flags, send a message to the post author 2018-07-24 17:17:56 -04:00
Robin Ward
7058205f70 FIX: Broken specs 2018-07-24 12:00:34 -04:00
Robin Ward
236243f38a SECURITY: Consider 0.0.0.0 a private IP 2018-07-24 11:16:27 -04:00
Joffrey JAFFEUX
7a3c541077
UX: Preview multiple color schemes in wizard (#6151) 
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.

Theme preview windows are shrinked.

Imported default color schemes.

Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
 2018-07-24 09:00:20 -04:00
Guo Xiang Tan
fad9c2b971 PERF: Move EmailLog#reply_key into new post_reply_keys table. 2018-07-24 13:51:53 +08:00
Davide Porrovecchio
dd9d815178 FIX: Add User Api Key headers to CORS 
- add User-Api-Key and User-Api-Client-Id to Access-Control-Allow-Headers
- update test
 2018-07-24 10:28:23 +10:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099) 
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
 2018-07-23 16:51:57 +01:00
David Taylor
2dc3a50dac FIX: Do not update last seen time for suspended users 2018-07-18 16:04:57 +01:00
Régis Hanol
6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Sam
379384ae1e FIX: never block /srv/status which is used for health checks 
This route is also very cheap so blocking it is not required

It is still rate limited and so on elsewhere
 2018-07-18 12:37:01 +10:00
Guo Xiang Tan
3874d40910 Prepare to drop EmailLog#topic_id. 2018-07-18 10:22:24 +08:00
Leo McArdle
21ebb1cd54 FEATURE: Secondary emails support. 2018-07-16 11:09:49 +08:00
Arpit Jalan
b1082924b9 FIX: do not validate topic deletions 2018-07-13 22:53:36 +05:30
Guo Xiang Tan
c722b07057 FIX: /t/:topic_id/last route did not return any posts. 2018-07-13 14:26:10 +08:00
Kyle Zhao
2901691e87 FEATURE: per-category approval settings (#5778) 
- disallow moving topics to a category that requires topic approval
 2018-07-13 12:51:08 +10:00
Guo Xiang Tan
79ba418edd DEV: Don't join on a thread forever. 2018-07-12 15:46:07 +08:00
Guo Xiang Tan
258e9e35ca PERF: Make mega topics work without a stream. 
There are tradeoffs that we took here. For the complete
story see
https://meta.discourse.org/t/performance-improvements-on-long-topics/30187/27?u=tgxworld.
 2018-07-12 12:46:12 +08:00
OsamaSayegh
decf1f27cf FEATURE: Groundwork for user-selectable theme components 
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
 2018-07-12 14:18:21 +10:00
Guo Xiang Tan
4163f9e61e DEV: Better clean up for PostgreSQL failover test. 2018-07-10 09:53:25 +08:00
Guo Xiang Tan
96aca6d7e6
Remove legacy vote post action code. (#6009) 2018-07-09 16:54:18 +08:00
Andrew Schleifer
dba22bbde2 rollback changes 
This reverts:
* 1baba84c438e "fix s3 subfolders harder"
* ea5e57938edf "fix test for absolute_base_url change"
 2018-07-06 17:16:40 -05:00
Andrew Schleifer
f8b90226cb fix test for absolute_base_url change 2018-07-06 17:08:18 -05:00
Andrew Schleifer
52e9f49ec1 fix s3 subfolders harder 
specifically, include the folder in absolute_base_url
 2018-07-06 16:28:40 -05:00
Neil Lalonde
211981ef23 add specs for min_trust_to_create_tag set to staff and admin 2018-07-05 11:39:32 -04:00
Patrick Gansterer
28dd7fb562 FEATURE: Create hidden posts for received spam emails (#6010) 
* Add possibility to add hidden posts with PostCreator

* FEATURE: Create hidden posts for received spam emails

Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
 2018-07-05 11:07:46 +02:00
Sam
0408e87e00 remove uneeded specs 2018-07-05 15:34:58 +10:00
Sam
b54ba4c952 FIX: mentions broken after adding an <abbr> tag 
A previous shortcut used was not allowing for <abbr and other tags starting with a

If <abbr> appeared anywhere in the text all mentions would fail to link
 2018-07-05 09:27:11 +10:00
Régis Hanol
272646c1df FIX: only show the sequential replies warning for regular posts 2018-07-04 22:51:19 +02:00
Neil Lalonde
24882ce1a5 make rubocop happy 2018-07-04 09:42:31 -04:00
Neil Lalonde
f134701c7b FIX: user topic and post counts can become negative when staff deletes posts in personal messages 2018-07-04 09:31:16 -04:00
Sam
e72fd7ae4e FIX: move crawler blocking into anon cache 
This refinement of previous fix moves the crawler blocking into
anonymous cache

This ensures we never poison the cache incorrectly when blocking crawlers
 2018-07-04 11:14:43 +10:00
Neil Lalonde
e8a6323bea remove crawler blocking until multisite support 2018-07-03 17:54:45 -04:00
Kasia Bułat
b71cf6d422 FEATURE: Add search not operator for tags. 2018-07-03 15:57:34 +08:00
Jeff Wong
d7f6d37a98 refactor: promotion spec 2018-07-02 16:23:45 -07:00
hellekin
25cfc98b67 Fix 'asscoiated' typo 
I know that **Naming is CRITICAL** and that **Refactoring only NOT welcome**.

But since I spotted this (consistent) typo and the change does not affect any
functionality -- I checked the presence of "asscoiated" in the code base, I
guess the first rule trumps the second one.

It also gave me a false pretext to bypass my reluctance to use Google forms and
sign de CLA. Typos hurt the eye.
 2018-06-29 11:10:05 +10:00
Sam
db14e10943 SECURITY: category badges should HTML escape names 2018-06-28 18:15:07 +10:00
Maja Komel
ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
Guo Xiang Tan
cfa7898c2d Rename TopicView#last_read_post_id to TopicView#filtered_post_id. 2018-06-27 12:33:57 +08:00
Guo Xiang Tan
cb69888758 PERF: Don't pluck all the columns just to retrieve a single value. 2018-06-27 11:41:35 +08:00
Arpit Jalan
6bcdc3ba4b FEATURE: allow author to delete posts irrespective of post_edit_time_limit 2018-06-26 21:43:06 +05:30
Guo Xiang Tan
49ffc1eb61 Revert "PERF: Send down gaps as the relevant posts load instead of front loading." 
This reverts commit 4c3352528e.
 2018-06-26 12:54:14 +08:00
Guo Xiang Tan
4c3352528e PERF: Send down gaps as the relevant posts load instead of front loading. 2018-06-26 12:49:06 +08:00
Guo Xiang Tan
0b6a2e9d1f Remove force summary mode for megatopics for now. 
The logic is too hairy and we can't reliably determine
when to force summary mode. Work is underway to improve
perf for megatopics so this will not be required
eventually.
 2018-06-26 12:49:06 +08:00
Jeff Wong
41f76a74f8 FEATURE: send message when a user reaches tl1 2018-06-22 13:20:00 -07:00
Guo Xiang Tan
f69356e628 FIX: Users can't "show all posts" in forced summary topics. 2018-06-22 11:32:45 +08:00
Guo Xiang Tan
9a7a079f4d Force summary mode when user enters at the top of megalodoon topics. 2018-06-21 15:18:52 +08:00
Guo Xiang Tan
f7d22bad90 FEATURE: Forced summary mode for megalodon topics. 
This is mainly done for performance reasons and megalodon
topics are usually a byproduct of imports where site setting
limits are not respected.
 2018-06-21 14:00:20 +08:00
Sam
f66efc601d FIX: cubot android devices were detected as crawlers 2018-06-21 10:56:46 +10:00
Guo Xiang Tan
ff5fc3cb08 Use a fixed limit for mega topic posts count. 2018-06-20 16:58:52 +08:00
Guo Xiang Tan
9c925a66ff PERF: Don't display days ago on timeline for megatopics. 
Analysis using `pg_stat_statements` showed this query
to be eating up a significant portion of CPU.
 2018-06-20 16:25:54 +08:00
Sam
44091f20c6 DEV: allow for method deprecation using Discourse.deprecate 
New method deprecator will ensure one log message an hour happens
for all deprecated method calls per call site

Also removes unused monkey patches to ActiveRecord::Base
 2018-06-20 17:53:49 +10:00
Sam
cb824a6b33 DEV: remove all calls to SqlBuilder use DB.build instead 
This is part of the migration to mini_sql, SqlBuilder.new is being
deprecated and replaced with DB.build
 2018-06-20 17:53:49 +10:00
Guo Xiang Tan
806f0ca19d FIX: URL with params for svg images should not be light boxed. 2018-06-20 10:47:14 +08:00
Sam
94124ee2a6 skip erratic spec 2018-06-20 10:08:06 +10:00
Sam
4d984a5a63 extra diagnostics for thread issues 2018-06-20 09:19:16 +10:00
Arpit Jalan
aedc61a3b4 FEATURE: allow large icon to be uploaded in wizard 2018-06-19 21:08:02 +05:30
Michael Brown
ae5d255f83 FIX: Reference example.com instead of somesite.com in examples 
* somesite.com actually exists...
* example.com should be used in examples and is harmless to visit
 2018-06-19 10:37:24 -04:00
Joffrey JAFFEUX
24c27b5321
FEATURE: adds a add_report method accessible in plugin.rb 2018-06-19 15:00:11 +02:00
Sam
5f64fd0a21 DEV: remove exec_sql and replace with mini_sql 
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
 2018-06-19 16:13:36 +10:00
Guo Xiang Tan
630b4570ef Add specs for RateLimiter::LimitExceeded#description. 2018-06-19 07:48:03 +08:00
Guo Xiang Tan
c18b86d9b2 UX: Don't add light box for SVG images. 2018-06-18 17:11:06 +08:00
Arpit Jalan
c7ee70941e FEATURE: show category page options on wizard 'homepage' step 2018-06-15 19:11:41 +05:30
OsamaSayegh
2427c0a17c FIX: theme CSS should recompile when theme uploads change 2018-06-15 13:12:09 +10:00
Sam
87fabdc2f3 FIX: correct pool reaper 
This removes a freedom patch and replaces with a custom reaper thread
it also captures an issue where reaper would fail when connections where
empty
 2018-06-14 18:22:02 +10:00
Sam
71aa20bd30 FIX: pool drainer to use Rails 5.2 implementation 
old implementation did not reap abandoned connections
 2018-06-14 15:54:48 +10:00
Robin Ward
fd54c92a52 FEATURE: New site setting, whitelisted_link_domains 
If provided, users who normally couldn't post links (say, due to a
low trust level), can post links to those specific hosts.
 2018-06-13 16:11:22 -04:00
Guo Xiang Tan
7c173265d5 FIX: Don't clear connections on the same process. 2018-06-12 13:06:25 +08:00
Guo Xiang Tan
646ed87aba Clear all connections once master recovers. 2018-06-12 12:13:59 +08:00
Guo Xiang Tan
fd75e54793 Disconnect the pool during failover and fallback. 2018-06-12 11:09:19 +08:00
Jeff Wong
4599cc8435 FIX: PM participants listed inline 2018-06-11 18:14:25 -07:00
Guo Xiang Tan
bfa0f71e2b FIX: Discouse.keep_readonly_mode incorrect extends expiry. 2018-06-12 00:21:29 +08:00
Guo Xiang Tan
204db00563 Skip postgres failover tests until we figure out why. 2018-06-11 15:51:16 +08:00
Guo Xiang Tan
f9761c41a9 DEV: Stablize postgresql fallback adapter spec. 2018-06-11 13:58:04 +08:00
Guo Xiang Tan
91557063d8 Fix the build. 2018-06-11 13:39:52 +08:00
Guo Xiang Tan
5656e8f366 FIX: Can't boot Discourse with a read-only PG connection. 2018-06-11 12:29:23 +08:00
Neil Lalonde
b8cf0788c6 FIX: broken mailto href's in emails 2018-06-08 13:11:58 -04:00
Guo Xiang Tan
8e0c1c8782 Re-enable skipped specs. 2018-06-08 10:04:06 +08:00
Arpit Jalan
f9ab3848ed FEATURE: support disabling emails for non-staff users 2018-06-07 18:31:08 +05:30
Sam
945cb90e7e update specs 2018-06-07 20:55:42 +10:00
Sam
f331d2603d DEV: improve design of site setting default provider 
This refactors it so "Defaults provider" is only responsible for "defaults"

Locale handling and management of locale settings is moved back into
SiteSettingExtension

This eliminates complex state management using DistributedCache and makes
it way easier to test SiteSettingExtension
 2018-06-07 14:33:41 +10:00
Sam
89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade 
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
 2018-06-07 14:21:33 +10:00
Arpit Jalan
46fc57222f FEATURE: improve handling of site setting secrets 2018-06-04 21:31:34 +05:30
Blake Erickson
7750b30016 FIX: Allow a user to remove their title 
Somewhere there was a regression and a user couldn't remove their own
title. If they selected '(none)' in the UI it would say it was saved,
but it would not actually be updated in the db.
 2018-05-31 17:16:52 -06:00
Guo Xiang Tan
7fc8a36529 DEV: Take 2 Queue jobs in tests by default. 
On my machine this cuts the time taken to run our test suite
from ~11mins to ~9mins.
 2018-05-31 16:23:23 +08:00
Guo Xiang Tan
56e9ff6853 Revert "DEV: Queue jobs in tests by default." 
Too risky for now

This reverts commit be28154d3b.
 2018-05-31 15:34:46 +08:00
Sam
5086fdc76d FIX: add protection for scss removal during upgrade 
In some cases plugins would remove scss files or change them, but CSS
was still calculated based off stale data in old instance cache
 2018-05-31 17:02:48 +10:00
Guo Xiang Tan
be28154d3b DEV: Queue jobs in tests by default. 2018-05-31 14:45:47 +08:00
Guo Xiang Tan
f623740ffc DEV: Stablize DiscourseRedis tests. 2018-05-30 14:45:19 +08:00
Guo Xiang Tan
543b7cddfb FIX: Extra comma resulted in Github auth email result being an array. 
https://meta.discourse.org/t/github-2fa-flow-broken/88674
 2018-05-30 12:15:12 +08:00
Guo Xiang Tan
81b5d61fa7 FIX: topic_destroyed web hook couldn't find topic. 2018-05-28 17:38:02 +08:00
Sam
e501936405 FIX: search server side error in rare condition 2018-05-28 15:28:18 +10:00
Sam
9c91c2509e improve spec stability 2018-05-25 15:16:40 +10:00
Sam
610bfec73e DEV: correct fragile spec 2018-05-25 14:29:11 +10:00
Sam
80adc1ee80 DEV: stabilize site setting spec 
side effects could cause specs to fail in rare conditions
 2018-05-25 12:16:00 +10:00
Sam
d366f8d888 remove hack that destabliazed tese suite 2018-05-24 10:48:16 +10:00
Andrew Schleifer
4be0e31459 fix s3_cdn_url when the s3 bucket contains a folder 2018-05-23 15:51:02 -05:00
Ryan Mulligan
fac4bf2f85 ignore emails that are from the reply by email addresses (#5843) 2018-05-23 10:04:45 +02:00
Guo Xiang Tan
ad9e0d6bea
Merge pull request #5848 from OsamaSayegh/fix-social-login-groups 
FIX: apply automatic group rules when using social login providers
 2018-05-23 08:17:42 +08:00
OsamaSayegh
f6d412465b FIX: apply automatic group rules when using social login providers 2018-05-23 02:26:07 +03:00
Sam
1ac1ee4287 FEATURE: allow registration of an array custom field 2018-05-22 16:48:39 +10:00
Sam
bcfd9cf8b5 attempt to stabilize spec 2018-05-22 16:15:24 +10:00
Guo Xiang Tan
f21a47eadd Improve specs to assert for the right record instead of just a count. 2018-05-17 08:47:24 +08:00
Régis Hanol
a9ebde5111 FEATURE: new 'staged' users list for admins 2018-05-17 01:52:49 +02:00
Arpit Jalan
abcb6af8f9 FIX: scrub secret setting values from logs 2018-05-15 09:19:26 +05:30
Régis Hanol
2cf6fb7359 FIX: always unstage users when they log in 2018-05-13 17:00:02 +02:00
Régis Hanol
86eb3528ec FEATURE: clearer error message when receiving a reply to an old notification 2018-05-09 18:51:01 +02:00
Régis Hanol
6b1ff0edd3 FIX: always update bounce score (instead of doing it once per day) 2018-05-09 16:40:52 +02:00
Robin Ward
8262fc5d15
Merge pull request #5807 from discourse/min-flags-by-topic 
FEATURE: New site setting `min_flags_staff_visibility`
 2018-05-08 09:17:29 -04:00
Sam
858a266031 FIX: exact matching should also match on title 2018-05-08 15:59:03 +10:00
Guo Xiang Tan
8cf0f51eb2 UX: Display site settings shortcut for poll and discourse-nginx-performance-report. 
https://meta.discourse.org/t/improving-admin-plugins/84585/29?u=tgxworld
 2018-05-08 10:34:32 +08:00
Robin Ward
ac60a84329 FEATURE: New site setting min_flags_staff_visibility 
When set higher than 1, flags won't show up for staff in the admin
section unless the minimum threshold of flags on a post is reached.
 2018-05-07 16:05:13 -04:00
Régis Hanol
a98aae3bcd FIX: topic search wasn't working for unlisted topics 2018-05-07 11:43:55 +02:00
Sam
3a06cb461e FEATURE: remove support for legacy auth tokens 2018-05-04 10:12:10 +10:00
Jeff Wong
62a8904729
Feature: Include participants at the bottom of PM emails (#5797) 
* Feature: Include participants at the bottom of PM emails

... as undecorated links.

https://meta.discourse.org/t/email-notification-recipients-unclear-when-pm-is-sent-to-multiple-users/26934/13?u=featheredtoast

Fix: missing translation for PM mentions

* display membership count as `group (count)`
 2018-05-03 15:50:06 -07:00
Joffrey JAFFEUX
980972182f
dashboard next: caching, mobile support and new charts 2018-05-03 15:41:41 +02:00
Sam
a0cd54750c FIX: inline [code] not handled properly 
The text

a
[code]test[/code]

Would eat up the `test` text cause translation from inline to block
for replace rule was not properly handled
 2018-04-26 15:18:22 +10:00
Régis Hanol
ddb092f397 FIX: update mail gem to fix UTF-8 parsing issue 2018-04-25 21:53:37 +02:00
Robin Ward
a5172a37e0 Allow staff members to enable safe mode, even if disabled 2018-04-25 11:49:57 -04:00
Sam
035312d501 FIX: specify path for dosp cookie 2018-04-24 11:07:58 -04:00
Guo Xiang Tan
c148500d51 FIX: Deadlock when topic with auto close topic timers exceeds auto_close_topics_post_count. 2018-04-23 13:34:24 +08:00
Sam
ded84a4b58 PERF: improve performance once logged in rate limiter hits 
If "logged in" is being forced anonymous on certain routes, trigger
the protection for any requests that spend 50ms queueing

This means that ...

1. You need to trip it by having 3 requests take longer than 1 second in 10 second interval
2. Once tripped, if your route is still spending 50m queueuing it will continue to be protected

This means that site will continue to function with almost no delays while it is scaling up to handle the new load
 2018-04-23 11:55:25 +10:00
Neil Lalonde
70f2c5d3fd FEATURE: move staff tags setting to tag group settings 2018-04-20 15:34:23 -04:00
Guo Xiang Tan
98d880b67a Missed a spot in 45fe5dc793 2018-04-20 13:59:19 +08:00
Arpit Jalan
9a912b9b35 fix the build 2018-04-20 00:39:12 +05:30
Arpit Jalan
91bf10bd12 FIX: create upload record for exported csv files 2018-04-20 00:27:49 +05:30
Neil Lalonde
5b93d69939 FIX: error when non-staff user edits their topic after a hidden tag is added to it 2018-04-18 12:51:25 -04:00
Arpit Jalan
c61ce66411 fix the build 2018-04-18 13:38:45 +05:30
Sam
59cd7894d9 FEATURE: if site is under extreme load show anon view 
If a particular path is being hit extremely hard by logged on users,
revert to anonymous cached view.

This will only come into effect if 3 requests queue for longer than 2 seconds
on a *single* path.

This can happen if a URL is shared with the entire forum base and everyone
is logged on
 2018-04-18 16:58:57 +10:00
Arpit Jalan
3566c6f02b FIX: strip emoji string from slug 2018-04-18 11:32:32 +05:30
Neil Lalonde
b87fa6d749 FIX: blacklisted crawlers could get through by omitting the accept header 2018-04-17 12:39:30 -04:00
Régis Hanol
2585ada5ca FIX: don't allow spaces in 'reply_by_email_address' site setting 2018-04-17 17:08:12 +02:00
Sam
9980f18d86 FEATURE: track request queueing as early as possible 2018-04-17 18:06:17 +10:00
Guo Xiang Tan
828bfd9d27 Add specs for c74c933996. 2018-04-17 10:08:39 +08:00
Arpit Jalan
0183656631 FIX: verify filtered tags when checking for category minimum required tags 2018-04-14 23:20:43 +05:30
Régis Hanol
a0a06492d8 FIX: make get_hostname more lenient to user input 2018-04-12 17:09:09 +02:00
Régis Hanol
3c8b43bb01 FIX: non-oneboxed links on separate lines should stay on separate lines 2018-04-11 21:33:45 +02:00
Arpit Jalan
48d43b33cc add client side validation for category minimum_required_tags 2018-04-11 07:17:52 +05:30
Arpit Jalan
9ca6ebe8fe FEATURE: enforce tagging on categories 2018-04-11 07:15:24 +05:30
Joffrey JAFFEUX
45f657336e
FEATURE: adds support for loading existing core asset in pretty text 2018-04-10 08:37:16 +02:00
Neil Lalonde
f6cfff3cea UX: user preferences allows users to choose which title to use from their badges and groups 2018-04-06 14:34:36 -04:00
jose-hms
b87205831b FEATURE: Staged user moderation (#5721) 2018-04-06 11:41:25 +02:00
Gerhard Schlager
f2d00e5eff FEATURE: Use Message-ID for detecting email replies to group 
Ignores the site setting "find_related_post_with_key" and always tries to honor the `In-Reply-To` and `References` header for emails sent to a group.

The senders email address must be included in the `To` or `CC` header of a previous email sent to the group and the `Message-ID` of that email must be included in the current email's `In-Reply-To` or `References` header.
 2018-04-05 11:00:38 +02:00
Arpit Jalan
10759677db FIX: when uploading image newuser restrictions should not apply to staff 2018-04-05 09:51:03 +05:30
Robin Ward
d690ae0281 FIX: Broken specs too. Quotes are fragile! 2018-04-02 14:23:10 -04:00
Guo Xiang Tan
142571bba0 Remove use of rescue nil. 
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
 2018-04-02 13:52:51 +08:00
Neil Lalonde
7311023a52
Merge pull request #5700 from discourse/crawl-block 
FEATURE: control web crawlers access with white/blacklist
 2018-03-27 15:06:03 -04:00
Neil Lalonde
4d12ff2e8a when writing cache, remove elements from the user agents list. also return a message and content type when blocking a crawler. 2018-03-27 13:44:14 -04:00
Gerhard Schlager
fcd352e089 FIX: Try fixing unparsable email addresses 
The mail gem returns `UnstructuredField` when it fails to parse email addresses, but the `Receiver` always expects an `AddressList`.
 2018-03-27 18:28:54 +02:00
Sam
31dea5d5fc correct flaky spec 2018-03-27 17:57:19 +11:00
Gerhard Schlager
b945a2dc39 Call on_drop only when tables/columns are dropped 2018-03-27 13:18:13 +11:00
Gerhard Schlager
4ad401bac5 Ignore delay when first migration was < 10min ago 2018-03-27 13:18:13 +11:00
Gerhard Schlager
cd17f60952 Improve specs for accidental table/column drops and renames 2018-03-27 13:18:13 +11:00
Gerhard Schlager
19c5afc69d Protect against accidental table renames 2018-03-27 13:18:13 +11:00
Neil Lalonde
f2c060bdf2 FEATURE: option for tags in a tag group to be visible only to staff 2018-03-26 17:05:09 -04:00
Robin Ward
f03b6bd8c9 FIX: Update last_version_at when publishing 2018-03-26 16:06:20 -04:00
Robin Ward
d4296f33ff FIX: Publishing should update the public_version too 2018-03-26 15:46:25 -04:00
Robin Ward
2b161a2391 FIX: Don't include shared drafts in global latest 2018-03-26 10:43:55 -04:00
Arpit Jalan
b75b6de982 FIX: respect nofollow settings for onebox links 2018-03-26 18:21:16 +05:30
Neil Lalonde
a84bb81ab5 only applies to get html requests 2018-03-22 17:57:44 -04:00
Neil Lalonde
ced7e9a691 FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-22 15:41:02 -04:00
Gerhard Schlager
eebe1d8c56 Allow delayed dropping and renaming of tables 2018-03-21 12:05:12 +01:00
Sam
6a3c8fe69c FEATURE: protect against accidental column or table drops 
Often we need to amend our schema, it is tempting to use
drop_table, rename_column and drop_column to amned schema
trouble though is that existing code that is running in production
can depend on the existance of previous schema leading to application
breaking until new code base is deployed.

The commit enforces new rules to ensure we can never drop tables or
columns in migrations and instead use Migration::ColumnDropper and
Migration::TableDropper to defer drop the db objects
 2018-03-21 15:43:32 +11:00
Robin Ward
b9abd7dc9e FEATURE: Shared Drafts 
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
 2018-03-20 17:15:26 -04:00
Vinoth Kannan
c5d26992d4 Prefer to use primary email for new user creation over other available emails 2018-03-19 17:10:35 +05:30
Guo Xiang Tan
ec57ca54b5 FEATURE: Admins should be able to view PMs of any group. 2018-03-19 14:12:01 +08:00
Guo Xiang Tan
7fad30dacc Refactor test case. 2018-03-19 13:39:29 +08:00
Guo Xiang Tan
aa91bd61a7 Improve specs for TopicQuery#list_group_topics. 2018-03-16 16:18:26 +08:00
Vinoth Kannan
58bb3967e5 SECURITY: Oneboxer should escape the URL before processing 2018-03-15 19:57:55 +05:30
Guo Xiang Tan
a35227918f UX: Display group topics in a topic list. 2018-03-15 11:37:55 +08:00
Robin Ward
135195363b FIX: Not logging old post contents properly 2018-03-14 15:01:36 -04:00
Neil Lalonde
58508e553d FIX: tag input should not include tags you've already chosen in the search results 2018-03-13 17:17:16 -04:00
Robin Ward
31a0c4a9be FEATURE: Add quote-modified class if a quote has been modified 2018-03-13 13:41:06 -04:00
Robin Ward
65ac80b014 FEATURE: Log Staff edits in Staff Action Logs 
Why? Some edits by staff are not tracked. For example, during the grace
period, or via the flags/silence dialog.

If a staff member is editing someone else's post, it now goes into the
Staff Action Logs so it can be audited by other staff members.
 2018-03-12 13:51:40 -04:00
Gerhard Schlager
d243b82fb3 FIX: Calculation of text length for <details> in excerpt was wrong 2018-03-12 16:55:23 +01:00
Sam
758b9a7dda FEATURE: prototype of local theme directory watcher 
(note this will be documented a bit late)
 2018-03-12 18:36:06 +11:00
Arpit Jalan
f862122978 FIX: do not log personal message view if there exists a similar log in previous hour 2018-03-11 09:23:32 +05:30
Sam
5b6e49ae1d FEATURE: split out max diff to 2 settings 
We trust staff + tl2 and up to perform edits in grace period.
Allow them significantly more edit room in grace period prior to storing
a revision.

editing_grace_period_max_diff_high_trust applies to users with tl2 and up.

So

tl0 / 1 : we store an extra revision if more than 100 chars change
tl2 and up : we store an extra revision if more than 400 chars change

We may tweak these numbers as we go.
 2018-03-09 11:58:50 +11:00
Arpit Jalan
a8149f8969 FIX: user should not be able to invite to PM if trust level requirment not met 
FIX: when personal messages are disabled let user invite to a public topic
 2018-03-08 14:59:04 +05:30
Sam
e162cd16b6 FEATURE: editing_grace_period_max_diff to force revisions in grace period 
If a user performs a substantive edit of 20 chars or more during grace period
we will store a revision to track the change

This allows for better auditing of changes that happen during the grace period
 2018-03-07 18:34:34 +11:00
Sam
f0d5f83424 FEATURE: limit assets less that non asset paths 
By default assets can be requested up to 200 times per 10 seconds
from the app, this includes CSS and avatars
 2018-03-06 15:20:39 +11:00
Robin Ward
17a615165c FIX: Don't lock wiki posts when they're edited 2018-03-05 14:50:06 -05:00
Arpit Jalan
003b03d939 allow staff to delete user if posts are 5 or less irrespective of delete_user_max_post_age 2018-03-05 23:31:29 +05:30
Joffrey JAFFEUX
ce1994beea FIX: do not treat :: as a valid emoji 2018-03-05 15:35:24 +01:00
OsamaSayegh
282f53f0cd FEATURE: Theme settings (2) (#5611) 
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
 2018-03-04 19:04:23 -05:00
Robin Ward
cd6c5fc5fb FIX: Disable "Make Personal Message" if they are disabled 2018-03-02 20:28:39 -05:00
Robin Ward
730201d423 New interface to upsert custom fields 2018-03-02 12:45:52 -05:00
Régis Hanol
6a78669ca3 FIX: 'reply by email addresses' site settings should allow email addresses without a 'reply_key' when 'find related post with key' is disabled 2018-03-02 17:53:18 +01:00
Sam
d39d2b9352 FEATURE: whitelist data for themes 2018-03-02 14:52:09 +11:00
Guo Xiang Tan
939180efa8 FIX: Missing 2FA guards when sso is enabled or when local login is disabled. 2018-03-02 10:39:10 +08:00
Guo Xiang Tan
4f301905b6 Make rubocop happy. 2018-03-02 10:15:53 +08:00
Robin Ward
b3883f5c32 FIX: Don't lock a post on edit unless the raw changes 2018-03-01 20:40:19 -05:00
Sam
75172024ca SECURITY: ensure users have permission when moving categories 2018-03-02 12:13:27 +11:00
Guo Xiang Tan
81ca3677f7 Add guard for nil in our RateLimiter. 2018-03-01 13:20:42 +08:00
Guo Xiang Tan
5d9f9c2614 FIX: RateLimiter max of zero or less should raise rate limit exceeded. 2018-03-01 13:14:46 +08:00
Guo Xiang Tan
e7a7356986 Remove ancient votes code that is no longer used. 2018-02-28 14:37:22 +08:00
Guo Xiang Tan
902c5d11cf FIX: Don't allow other flag actions after notify_moderator has happened. 
https://meta.discourse.org/t/receiving-sorry-an-error-has-occurred-during-flagging-step-of-discobot-tutorial/77233/5
 2018-02-28 11:27:56 +08:00
Sam
f295a18e94 FIX: stop double counting net calls in logs 2018-02-28 10:45:11 +11:00
Régis Hanol
fd33090646 FEATURE: automatically elides gmail quotes 2018-02-26 23:54:02 +01:00
Régis Hanol
26d5ae61dd FIX: handle <pre> inside <blockquote> in html_to_markdown 2018-02-26 23:28:02 +01:00
Neil Lalonde
3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Régis Hanol
3be0294465 FIX: local post onebox was always pointing to 1st post 2018-02-26 16:05:35 +01:00
Régis Hanol
7d7f6faf40 FIX: properly render emojis in local oneboxes 2018-02-26 11:16:53 +01:00
Arpit Jalan
b9a669ba32 FIX: do not log personal message view if user can't see the message 2018-02-25 22:39:25 +05:30
Régis Hanol
0559a4736a FIX: don't double request when downloading a file 2018-02-24 12:35:57 +01:00