Commit Graph

4144 Commits

Author SHA1 Message Date
Vinoth Kannan
fb78414229 Add missing safe navigation operator 2018-12-05 16:23:43 +05:30
Vinoth Kannan
d33d031742
FEATURE: Filter topic and post web hook events by tags (#6726)
* FEATURE: Filter topic and post web hook events by tags

* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
Régis Hanol
3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
Sam
aa97f6fdba FEATURE: disable notifications for small actions that are whispers
Previously we would notify on small actions if they were whispers
this inconsistently lead to all sorts of problems including

- collapsed "N replies" after assign
- empty push notifications

New behavior adds an api to explicitly send push notifications as well
if needed: create_notification_alert
2018-12-04 17:54:42 +11:00
David Taylor
9248ad1905 DEV: Enable Style/SingleLineMethods and Style/Semicolon in Rubocop (#6717) 2018-12-04 11:48:13 +08:00
Penar Musaraj
f8e6a37858 FIX: raise exception when getting dimensions of missing image
- follow-up on 0eacd45ab1
2018-12-03 10:19:49 -05:00
Guo Xiang Tan
125bb46052 Remove unused constant in the codebase. 2018-12-03 11:04:47 +08:00
Sam
236c755d62 FIX: do not store key tracking last seen time indefinitely
UserStat has some special logic to keep adding time read if repeat calls
are made in intervals less than 100 seconds. This is called regularly
when we update read timings on a topic.

We only need to cache this key in redis for 100 seconds, however previously
we would keep it forever, 1 key per user. This has potential of bloating
a very large amount of keys for no longer active users in redis.
2018-12-03 08:35:26 +11:00
Kyle Zhao
488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP (#6704)
* FEATURE: allow plugins and themes to extend the default CSP

For plugins:

```
extend_content_security_policy(
  script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'],
  style_src: ['https://domain.com/style.css']
)
```

For themes and components:

```
extend_content_security_policy:
  type: list
  default: "script_src:https://domain.com/|style_src:https://domain.com"
```

* clear CSP base url before each test

we have a test that stubs `Rails.env.development?` to true

* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
David Taylor
208005f9c9 REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
Changes to functionality
  - Removed syncing of user metadata including gender, location etc.
    These are no longer available to standard Facebook applications.
  - Removed the remote 'revoke' functionality. No other providers have
    it, and it does not appear to be standard practice in other apps.
  - The 'facebook_no_email' event is no longer logged. The system can
    cope fine with a missing email address.

Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
David Taylor
534e1b1b18 DEV: Introduce Auth::ManagedAuthenticator
A generic implementation of Auth::Authenticator which stores data in the
new UserAssociatedAccount model. This should help significantly reduce the duplicated
logic across different auth providers.
2018-11-30 11:18:11 +00:00
Penar Musaraj
0eacd45ab1 FIX: refactor ImageSizer.resize
reverts 140d9c2
2018-11-29 15:28:45 -05:00
Penar Musaraj
140d9c2910 FIX: call ImageSizer only if width/height are available 2018-11-29 15:03:02 -05:00
Penar Musaraj
03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Bianca Nenciu
172b3bf4d3 FIX: Fix broken theme field URLs. (#6622) 2018-11-23 16:11:05 +01:00
Guo Xiang Tan
3f636b2d19 FIX: Check whether group is mentionable by user when cooking post. 2018-11-22 16:16:33 +08:00
Saurabh Patel
d984323e23 FEATURE: Show change name of user in staff logs (#6647)
https://meta.discourse.org/t/admins-changing-users-name-not-username-should-be-logged/99511
2018-11-22 10:13:02 +08:00
Joffrey JAFFEUX
e860c8b844
FIX: adds support for missing reports from old dashboard (#6624) 2018-11-19 12:20:05 +01:00
Joffrey JAFFEUX
078705bcc0
minor refactoring (#6615) 2018-11-15 21:41:05 +01:00
Joffrey JAFFEUX
761003c8bd
FIX: makes sure an hex is always at 6 chars (#6608)
eg: #aaa should be converted to #aaaaaa
2018-11-15 00:52:47 +01:00
Maja Komel
c701036034 FIX: reset bump date resets bumped_at to the last regular post in topic (#6605) 2018-11-14 18:56:22 +01:00
Régis Hanol
c78dcde973 FIX: only send originalText when we need to 2018-11-14 17:47:59 +01:00
Bianca Nenciu
fce0a0ccc8 FEATURE: Compute distance between logins to generate login alerts. (#6562) 2018-11-14 13:26:47 +01:00
Guo Xiang Tan
2220345a8b Fix the build. 2018-11-14 17:32:32 +08:00
Guo Xiang Tan
72370b9c36 Add deprecation warnings for url based site settings. 2018-11-14 16:09:26 +08:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
David Taylor
17bc82765b FEATURE: Log password changes in UserHistory (#6600) 2018-11-14 08:32:42 +08:00
Kyle Zhao
38a9bc740d FIX: change title when primary group changes (#6602) 2018-11-14 08:28:41 +08:00
Sam
80ceb57c76 DEV: add API endpoint to destroy_timings only of last post
Previously API only allowed you to nuke all timings from a topic,
new API is less punishing and allows you just to remove 1 post.
2018-11-13 16:07:48 +11:00
Robin Ward
0cb33d2b52 UX: Rename Most Disagreed Flaggers report to "User Flagging Ratio" 2018-11-12 16:23:37 -05:00
David Taylor
d89ffbeffd
FEATURE: Add button to delete unused tags (#6587)
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
2018-11-12 16:24:34 +00:00
Bianca Nenciu
5af9a69a3b FIX: Do not check for suspicious login when impersonating. (#6534)
* FIX: Do not check for suspicious login when impersonating.

* DEV: Add 'impersonate' parameter to log_on_user.
2018-11-12 15:34:12 +01:00
Maja Komel
012da86a07 FIX user directory time period count (#6586) 2018-11-12 15:30:05 +01:00
Sam
d1684a1652 PERF: avoid left joins and distinct on posts_for query
Previously this was extremely expensive due to the `distict` and
`left join` clauses, this eliminates it and makes query much faster
2018-11-12 13:26:41 +11:00
David Taylor
c3c9299c44 FIX: Improve performance for Group.posts_for (#6588) 2018-11-12 08:44:20 +08:00
Joffrey JAFFEUX
f8838ac9cd
FIX: fix/removes broken elements of old dashboard 2018-11-09 17:18:19 +01:00
Gerhard Schlager
24e5be3f0c FIX: Relative links in translations should work with subfolder 2018-11-08 23:31:05 +00:00
Sam
42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Sam
0a442e319c FIX: correct svg handling for images
We regressed and optimized images no longer worked with svg

The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
2018-11-07 15:29:26 +11:00
Guo Xiang Tan
7534042427 DEV: Update annotations. 2018-11-07 11:11:19 +08:00
Bianca Nenciu
2070edf889 FIX: Clarify User.group_locked_trust_level.
* Rename User.group_locked_trust_level to User.group_granted_trust_level.

* Remove the column from users table.
2018-11-07 10:27:44 +08:00
Joffrey JAFFEUX
8067f8a32c
FIX: disables dates filtering on most_disagreed_flags report (#6556) 2018-11-02 14:42:52 +01:00
Joffrey JAFFEUX
4e0f033fae
FEATURE: adds ignored flags to most_disagreed_flags report (#6554) 2018-11-02 11:08:00 +01:00
Kyle Zhao
f9b36820ef
FIX: only extract script tags with certain types (#6553)
`script` tags with custom types (e.g. `text/template`) are not executed
by the browser, and should not be extracted into an external theme
JavaScript
2018-11-01 16:01:46 -04:00
Robin Ward
ec91450aae FEATURE: Track how many user flags are agreed/disagreed/ignored
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
Sam
23423ba112 correct spec and error reporting
previous commit misused warn_exception which caused a spec to fail
2018-10-31 13:38:05 +11:00
Bianca Nenciu
e0ccd36dbe FEATURE: Suspicious logins report. (#6544) 2018-10-30 22:51:58 +00:00
Joffrey JAFFEUX
b2585524a9
FEATURE: adds a most disagreed flaggers report 2018-10-26 15:59:04 +02:00
Penar Musaraj
ed9c21e42c FEATURE: hide muted categories from /categories list (#6531) 2018-10-26 11:34:39 +11:00
Régis Hanol
d17c8df926 Only check for suspicious login for staff members 2018-10-26 00:29:28 +02:00
Bianca Nenciu
6a3767cde7 FEATURE: Warn users via email about suspicious logins. (#6520)
* FEATURE: Warn users via email about suspicious logins.

* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Jeff Wong
0ead513fb0 PERF: remove total unread notifications from message bus (#6529) 2018-10-25 12:14:34 +11:00
Sam
5fd94d3211 PERF: limit unread count to 99 in blue circle
This revises: e605542c4e

Previous commit was faulty
2018-10-24 12:10:27 +11:00
Sam
e605542c4e PERF: limit unread count to 99 in the blue circle
This safeguard is in place to avoid very expensive queries on the server
side
2018-10-24 11:53:28 +11:00
Sam
b74dd7d379 FIX: stop logging every 404 error when searching for gravatars 2018-10-23 11:43:14 +11:00
Bianca Nenciu
b69652278f FEATURE: Add Wiki Editor badge. (#6511) 2018-10-19 15:30:27 +02:00
Joffrey JAFFEUX
5f86564da1
FEATURE: adds latest to user-api-key session scope 2018-10-19 09:54:06 +02:00
Sam
9bfc939692 cleanup so gravatar download failures are consistent
previously we would ignore socket error, but this would mean that
there could be conditions where we would keep trying to download
gravatars forever (in an hourly job)
2018-10-19 12:51:55 +11:00
Robin Ward
f0af61da41
FIX: User AvatarLookup for looking up avatar details (#6508)
This allows plugins with their own avatar logic to work in the user
summary sections.
2018-10-18 15:49:34 -04:00
Régis Hanol
3973823a33 FIX: always update 'last_gravatar_download_attempt' when updating gravatar 2018-10-18 11:02:54 +02:00
Kyle Zhao
0f1afad6da FIX: extracted theme JavaScripts for multisite (#6502)
* FIX: extracted theme javascripts for multisite

* onceoff to rebake all theme fields
2018-10-18 17:05:34 +11:00
Guo Xiang Tan
22408f93c9 FIX: Wrap custom fields database statements in a transaction.
Kind of strange that we don't do it because a database statement
may fail and leave us in a weird state.
2018-10-18 12:23:04 +08:00
Guo Xiang Tan
44eba0bb60 FIX: Don't rescue PG::UniqueViolation within a transaction.
Also acquire a transaction per link instead of failing when
any of the links can't be processed.

This prevents ActiveRecord from rolling back the transaction
and the next SQL statement sent to PG will fail. This is
however hard to test as it only happens when there are
two competing process trying to process this method at the
same time.
2018-10-18 10:54:30 +08:00
David Taylor
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display (#6499)
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
Sam
19d7543004 FIX: clear color scheme cache when clearing theme cache 2018-10-16 12:00:46 +11:00
Kyle Zhao
99d1ded3b3
rename route /javascripts to /theme-javascripts (#6495) 2018-10-15 11:32:52 -04:00
Joffrey JAFFEUX
f6eff38c0e
FEATURE: adds list#(unread|new) to user api key routes (#6494) 2018-10-15 15:48:35 +02:00
Kyle Zhao
6acdea37c4 DEV: extract inline js when baking theme fields (#6447)
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields

This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
Guo Xiang Tan
84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3.
This reverts commit 3c59106bac.
2018-10-15 09:43:31 +08:00
Neil Lalonde
12f132736b FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value 2018-10-11 15:11:48 -04:00
Vinoth Kannan
6a444eee56
Merge pull request #6476 from vinothkannans/tl4-flag
FEATURE: automatically hide non-TL4 posts when flagged by a TL4 user
2018-10-11 17:13:26 +05:30
Vinoth Kannan
227a49bb32 FEATURE: automatically hide non-TL4 posts when flagged by a TL4 user 2018-10-11 17:11:46 +05:30
Jeff Wong
b5b382dcd6 Feature: add boxes with subcategories option for desktop categories page (#6471)
* Feature: add boxes with subcategories option for desktop categories page

* only add subclass div when subclasses exist
2018-10-11 15:59:37 +08:00
Guo Xiang Tan
3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
This reverts commit c29a4dddc1.

We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
Guo Xiang Tan
ae6a5419e0 DEV: Report the backtrace as well. 2018-10-10 17:43:42 +08:00
Erin Kosewic
51aba32651 FEATURE: add branch option to remote theme import
* FEATURE: add branch option to remote theme import

* FIX: Add missing variable in params

* FIX: Add missing param for import_theme method

* SPEC: Add test methods for branch support in git import

* FIX: Add missing space to scss style

* Do not assume default branch as master

* Change branch field placeholder

* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
Jeff Wong
e55f220b33 add category style boxes with featured topics option 2018-10-08 16:19:54 -07:00
Gerhard Schlager
eb3ed7f6fd Add missing annotations 2018-10-08 18:01:21 +02:00
David Taylor
9bf522f227
FEATURE: Mixed case tagging (#6454)
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.

- If force_lowercase_tags is disabled, then mixed case tags are allowed.

- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.

- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.

- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.

- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Vinoth Kannan
8430ea927e FIX: Generate webhook payloads before destroy events (#6325) 2018-10-05 16:53:59 +08:00
Penar Musaraj
34516c72bd
FIX: Recover public actions (likes) when recovering a post (#6412) 2018-10-02 11:25:08 -04:00
Joffrey JAFFEUX
a515ba8612 FIX: corrects typo and adds a spec for likes report (#6439)
* FIX: corrects typo and adds a spec for likes report

* save!
2018-10-02 02:27:43 -07:00
Maja Komel
1add11d8c9 FIX: don't send multiple requests when changing category notification (#6435) 2018-10-01 23:41:23 +08:00
David Taylor
19c9a6699a FIX: Validate auto_close_hours category setting
This prevents server errors when the value is set too high
2018-09-26 16:04:49 +01:00
David Taylor
84f5448a92
FEATURE: Display trust level descriptions in site settings (#6421) 2018-09-21 15:10:38 +01:00
Kyle Zhao
e402394375 FEATURE: auto grant an available title when removing old title
* FEATURE: auto grant an available title when removing old title
2018-09-21 12:06:08 +10:00
Arpit Jalan
3e17ef0507
Merge pull request #6414 from techAPJ/user-field-unique-key
FEATURE: add external details to user fields
2018-09-20 22:29:39 +05:30
Sam
df45e82377 SECURITY: only allow picking of avatars created by self (#6417)
* SECURITY: only allow picking of avatars created by self

Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
Guo Xiang Tan
195bd02fce FIX: Avoid race condition when enqueuing job. 2018-09-20 11:24:01 +08:00
Arpit Jalan
72be638728 FEATURE: add external details to user fields 2018-09-20 08:10:51 +05:30
Sam
e0e6dae6a7 minor cleanup to previous commit from code review 2018-09-19 16:07:29 +10:00
Sam
5302709343 FIX: in redis readonly raise an exception from DistributedMutex
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller

When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb

In redis readonly no thumbnails will be generated
2018-09-19 15:50:58 +10:00
Guo Xiang Tan
4a92c5b2d6 UploadRecovery should recover attachments too. 2018-09-19 10:44:36 +08:00
Vinoth Kannan
9281b72308 FEATURE: Log entity export in staff logs 2018-09-19 03:16:45 +05:30
Sam
7d6b348d0b SECURITY: correct XSS on long topic titles 2018-09-18 08:54:44 +10:00
Kyle Zhao
6659417807 FEATURE: match user title when primary group changes
When primary group changes and the user's title is the previous primary
group's title, change the title to the new primary group's title
2018-09-17 15:08:39 +10:00
Sam
33541c4096 FEATURE: unconditionally omit no-follow for staff
Previously TL2 and below staff would have links
no-followed which was never intended
2018-09-17 12:02:20 +10:00
Joffrey JAFFEUX
e51c676135 refactors trending search report to use SearchLog 2018-09-17 10:19:40 +10:00
OsamaSayegh
5625461c05 clear error if you can contact theme repo again 2018-09-17 09:49:53 +10:00
OsamaSayegh
c7d81e2682 FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard 2018-09-17 09:49:53 +10:00
Sam
419b14e58b FIX: correctly keep stylesheet cache entries
The intent from day one was to keep MAX_TO_KEEP stylesheets per target
however the DELETE statement did not perform target filtering

This meant we often deleted the wrong stylesheets from the cache
2018-09-14 12:54:11 +10:00
Joffrey JAFFEUX
a6502ce879
FIX: ensures errors in report initialization fail nicely (#6392) 2018-09-13 17:36:55 +02:00
Joffrey JAFFEUX
18fcd483f2
FIX: ensures we have a color for reports (#6396) 2018-09-13 17:36:39 +02:00
Joffrey JAFFEUX
7bf8b0d305
FIX: treats users_(by_type|tl) as other reports (#6391) 2018-09-13 17:35:54 +02:00
Arpit Jalan
d288462abf
Merge pull request #6393 from techAPJ/bad-json
FIX: ignore and log bad json values for custom fields
2018-09-13 15:54:01 +05:30
Arpit Jalan
e364547ff7 FIX: ignore and log bad json values for custom fields 2018-09-13 14:26:30 +05:30
Guo Xiang Tan
529e4018f0 DEV: Avoid using send and make the method public instead. 2018-09-13 16:34:32 +08:00
Guo Xiang Tan
3884e99e88 Add extra protection in Upload#get_from_url.
In case the extension goes missing from the URL.
2018-09-12 00:12:14 -07:00
Guo Xiang Tan
b3469bea2d FIX: Uploads not being linked correctly to posts.
Regression due to 1f636c445b.
2018-09-11 23:50:23 -07:00
Sam
d1984a0b4d FIX: display a correct error when attempting to agree on a deferred flag
Previously we would raise a 500 error if a moderator tried to agree on a
flag another moderator deferred.

This can happen cause the UX for flags does not live refresh as flags
are handled
2018-09-12 13:16:59 +10:00
Guo Xiang Tan
71185c13b5
Merge pull request #6377 from tgxworld/remove_tif_tiff
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
2018-09-12 09:32:32 +08:00
Guo Xiang Tan
e1b16e445e Rename FileHelper.is_image? -> FileHelper.is_supported_image?. 2018-09-12 09:22:28 +08:00
Osama Sayegh
16bd3f2cf2 FIX: use current user color scheme when filling theme-color attribute (#6384)
* FIX: use current user color scheme when filling `meta` attribute `theme-color`

* update manifest.webmanifest colors
2018-09-12 11:04:58 +10:00
Sam
e64402cb3b SECURITY: correct edge case when SSO provides unvalidated emails 2018-09-11 08:24:02 +10:00
Guo Xiang Tan
04d26c65e2 Refactor Upload.get_from_url to check length of sha1. 2018-09-10 10:10:39 +08:00
Gerhard Schlager
797cbf8653 FIX: Remove user fields when anonymizing user 2018-09-07 00:02:56 +02:00
Guo Xiang Tan
1f636c445b PERF: Add fast path to find uploads before resorting to LIKE query.
For a normal upload url

Before

```
Warming up --------------------------------------
                       264.000  i/100ms
Calculating -------------------------------------
                          2.754k (± 8.4%) i/s -     13.728k in   5.022066s
```

After

```
Warming up --------------------------------------
                       341.000  i/100ms
Calculating -------------------------------------
                          3.435k (±11.6%) i/s -     17.050k in   5.045676s
```
2018-09-06 14:44:24 +08:00
Guo Xiang Tan
d4b05d7bc5 Always link post to uploads in post process.
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
Guo Xiang Tan
434035f167 FIX: Link post to uploads in PostCreator.
* This ensures that uploads are linked to their post on creation
  instead of a background job which may be delayed if Sidekiq
  is facing difficulties.
2018-09-06 11:18:11 +08:00
Joffrey JAFFEUX
e59622f2ba
FIX: deactivate chart trends for now (#6364) 2018-09-05 23:33:29 +02:00
David Taylor
4382fb5fac DEV: Allow plugins to whitelist specific user custom_fields for editing (#6358) 2018-09-04 20:45:36 +10:00
Sam
ad70502ab8 FIX: ignore invalid usernames in incoming link tracker
If an incoming link username has NULL in it simply ignore it
2018-09-04 12:28:32 +10:00
Guo Xiang Tan
8dc1463ab3 Enable Lint/ShadowingOuterLocalVariable for Rubocop. 2018-09-04 10:16:42 +08:00
Bianca Nenciu
931cffcebe FEATURE: Let users see their user auth tokens. (#6313) 2018-08-31 10:18:06 +02:00
Sam
e1975e293f FIX: when uploads are destroyed clear up avatar refs in user table
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
Joffrey JAFFEUX
bb93179609
FEATURE: charts will now use tertiary color (#6342) 2018-08-30 14:56:11 +02:00
David Taylor
f0abb4d09a FIX: Allow user actions to be saved even if the post has nil user
This issue made it impossible to delete users if they had flagged a post with nil user
2018-08-30 01:03:32 +01:00
Sam
e6970151a6 FEATURE: allow specifying locale via SSO
Use:

locale
locale_force_update

To force user locale on users where SiteSetting.allow_user_locale is enabled

Note: If an invalid locale is specified no action will occur
2018-08-30 09:58:03 +10:00
Kyle Zhao
e25a6e085e FIX: drop title updates through RSS feeds
can create an update loop
2018-08-28 16:25:04 +10:00
Sam
9ab1fb7dfc FEATURE: correctly store width and height on uploads
Previously we used width and height for thumbnails, new code ensures

1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
 by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions

Also

- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
Joffrey JAFFEUX
c8ffe0fda3
FIX: term should be handled as text (#6321) 2018-08-27 11:58:46 +02:00
Raul Tambre
2271918be2 FEATURE: Use S3 dualstack endpoints
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
2018-08-27 11:22:46 +10:00
Kris
faf09bb8c8 Replacing default brown category color 2018-08-24 14:18:14 -04:00
Guo Xiang Tan
932195d828 DEV: Update test case for TopicEmbed. 2018-08-24 09:42:12 +08:00
Guo Xiang Tan
1ba24496ab
Merge pull request #6261 from xrav3nz/fix/topic-embed-import-updates
FIX: update TopicEmbed's title and user correctly
2018-08-24 09:32:03 +08:00
Osama Sayegh
e0cc29d658 FEATURE: themes and components split
* FEATURE: themes and components split

* two seperate methods to switch theme type

* use strict equality operator
2018-08-24 11:30:00 +10:00
Gerhard Schlager
409ee66839 Add optional "ignore_case" parameter to posts:remap rake task 2018-08-23 14:49:17 +02:00
Gerhard Schlager
3d176d9984 Add missing copy 2018-08-23 09:44:15 +02:00
Guo Xiang Tan
72ed6ae951 Raise an error if update fails. 2018-08-23 15:40:21 +08:00
Osama Sayegh
2711f173dc FIX: don't allow inviting more than max_allowed_message_recipients
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows

* add specs for guardian

* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)

Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences

* groups take only 1 slot in PM

* just return if topic is a PM
2018-08-23 14:36:49 +10:00
Joffrey JAFFEUX
c08dea386b
FIX: better handling of no prev30Days (#6301) 2018-08-22 18:00:11 +02:00
Régis Hanol
f01169d6ff FIX: don't send email when the post was deleted 2018-08-22 13:13:58 +02:00
Kyle Zhao
baf413d527 FIX: update TopicEmbed's title and user correctly 2018-08-21 18:31:01 +08:00
Guo Xiang Tan
7c69fa8cfd PERF: Memoize SkippedEmailLog.reason_types. 2018-08-21 10:25:06 +08:00
Bianca Nenciu
860c1c3dcd FEATURE: Automatically expire keys if not used for a configurable amount of time. (#6264) 2018-08-20 17:36:14 +02:00
Gerhard Schlager
14af90df5b UX: Stop putting usernames in edit reason when changing post owner 2018-08-20 12:28:04 +02:00
Sam
8b5e42ea16 FIX: always test and coerce to image on upload
In the past the filename of the origin was used as the source
for the extension of the file when optimizing on upload.

We now use the actual calculated extension based on upload data.
2018-08-20 12:18:59 +10:00
Joffrey JAFFEUX
37d4f27c44
FIX: quality/bugfix dashboard/reports pass (#6283) 2018-08-17 16:19:25 +02:00
Sam
9628c3cf97 FEATURE: automatically correct extension for bad uploads
This fixes with post thumbnails on the fly
2018-08-17 14:00:27 +10:00
Régis Hanol
93201d8dbe FIX: don't trigger 'flag_reviewed' when no flags were reviewed 2018-08-16 18:11:29 +02:00
Joffrey JAFFEUX
3fbf7b164d
FEATURE: emoji 11.0 "recently added" update (#6275)
Adds support for emojis in the http://www.unicode.org/emoji/charts-11.0/emoji-released.html list
2018-08-16 11:59:45 +02:00
Sam
f62073a22a correct regression uploading images 2018-08-16 18:49:08 +10:00
Sam
796164b58c FIX: automatically correct bad avatars on access
Also start relying on upload extension for optimized images
2018-08-16 16:32:56 +10:00
Sam
243fc9d0f9 FIX: refreshing auto groups when min_username_length is long 2018-08-15 16:59:56 +10:00
Sam
33b5cc6bbd FIX: Add gif to list of allowed decoders 2018-08-15 13:56:57 +10:00
Sam
cf788582cc DEV: split optimize image failure warnings in logs 2018-08-15 13:27:24 +10:00
Gerhard Schlager
c358421ca5 FIX: Bulk updating category failed when topic title was too short 2018-08-14 16:37:52 +02:00
Régis Hanol
de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Sam
83fd308963 FEATURE: group error message regarding image optimization failures 2018-08-13 14:48:25 +10:00
Gerhard Schlager
6d813c2b52 FIX: Importers failed to import avatars 2018-08-12 22:02:17 +02:00
Simon Cossar
093c3510e6 Rework moderators activity query (#6230)
* Order rows in query

* Don't increment revisions when moderator revises their own post
2018-08-10 10:51:31 +10:00
Gerhard Schlager
b9072e8292 FEATURE: Add "Reset Bump Date" action to topic admin wrench (#6246) 2018-08-10 10:51:03 +10:00
Misaka 0x4e21
6db623ef6b UX: Improve category filtering and include subcategories
* category_filtering
  1. report_top_referred_topics
  2. report_top_traffic_sources
  3. report_post_edit
* category_filtering with subcategory topics
  1. report_top_referred_topics
  2. report_top_traffic_sources
  3. report_post_edit
  4. report_posts
  5. report_topics
  6. report_topics_with_no_response
* category_filtering tests (without subcategory topics)
  1. report_posts
  2. report_topics_with_no_response
* subcategory topics tests `in_category_and_subcategories` in `topic_spec.rb`
  1. `in_category_and_subcategories` in `topic_spec.rb`
  2. topics, posts, flags and topics_with_no_response in `report_spec.rb`
2018-08-10 10:50:05 +10:00
Kris
b53d3457c8 updating color scheme attribution 2018-08-08 16:01:21 -04:00
Osama Sayegh
0b7ed8ffaf FEATURE: backend support for user-selectable components
* FEATURE: backend support for user-selectable components

* fix problems with previewing default theme

* rename preview_key => preview_theme_id

* omit default theme from child themes dropdown and try a different fix

* cache & freeze stylesheets arrays
2018-08-08 14:46:34 +10:00
David Taylor
aa9a9a5a72 FIX: Include auth_providers for anonymous users when login_required 2018-08-07 09:24:16 +01:00
Joffrey JAFFEUX
7f2f3b8b22
FIX: improves reports resilience (#6239)
This commit makes most of the reports now lazy loaded, and making them benefits from graceful failures.
2018-08-06 16:57:40 -04:00
David Taylor
812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Guo Xiang Tan
4e11811321 FIX: UserAvatar#update_gravatar! does not update User#uploaded_avatar.
https://meta.discourse.org/t/missing-user-profile-pictures/93844/4
2018-08-06 13:29:44 +08:00
Osama Sayegh
18b396ad56 FEATURE: add link to see new commits when updates are available for themes (#6233)
* FEATURE: add link to see new commits when updates are available for themes

* shorten regexp
2018-08-06 15:29:15 +10:00
Régis Hanol
0cd9e2acb9 fix build 2018-08-04 01:56:26 +02:00
Régis Hanol
bf4d98e89d FIX: always store topic links using the upload url 2018-08-04 01:29:32 +02:00
Osama Sayegh
880462a41c FEATURE: display out of date themes on admin dashboard
* FEATURE: disaply out of date themes on admin dashboard

* Update copy
2018-08-03 09:53:48 +10:00
Joffrey JAFFEUX
9073e11943
FIX: improves number/percent support in reports 2018-08-01 18:40:59 -04:00
Penar Musaraj
4a872823e7 Improvements to user drafts (#6226)
* drafts in user profile: only show to user herself (not to admins), use avatar replying to (instead of topic OP), add keyboard shortcut for drafts, simplify display labels

* use JSON when testing Draft.stream
2018-08-02 07:41:27 +10:00
Dan Ungureanu
1a0ffc5ace FEATURE: Added method to get multiple values at once from PluginStore. (#6225) 2018-08-01 18:42:40 +02:00
Gerhard Schlager
f4ca105498 FIX: Moving posts to existing topic didn't update topic metadata 2018-08-01 18:05:43 +02:00
Joffrey JAFFEUX
0b9437cee7
FIX: more resilient/consistent dashboard caching (#6223) 2018-08-01 09:45:50 -04:00
Joffrey JAFFEUX
7c7dfa4e5e
FIX: wraps any query with the slow query guard (#6222) 2018-08-01 07:39:57 -04:00
Penar Musaraj
1f45215537 FEATURE: Drafts view in user profile
* add drafts.json endpoint, user profile tab with drafts stream

* improve drafts stream display in user profile

* truncate excerpts in drafts list, better handling for resume draft action

* improve draft stream SQL query, add rspec tests

* if composer is open, quietly close it when user opens another draft from drafts stream; load PM draft only when user is in /u/username/messages (instead of /u/username)

* cleanup

* linting fixes

* apply prettier styling to modified files

* add client tests for drafts, includes a fixture for drafts.json

* improvements to code following review

* refresh drafts route when user deletes a draft open in the composer while being in the drafts route; minor prettier scss fix

* added more spec tests, deleted an acceptance test for removing drafts that was too finicky, formatting and code style fixes, added appEvent for draft:destroyed

* prettier, eslint fixes

* use "username_lower" from users table, added error handling for rejected promises

* adds guardian spec for can_see_drafts, adds improvements following code review

* move DraftsController spec to its own file

* fix failing drafts qunit test, use getOwner instead of deprecated this.container

* limit test fixture for draft.json testing to new_topic request only
2018-08-01 16:34:54 +10:00
Joffrey JAFFEUX
5febe71baa
FIX: prevents crash if flagger doesn’t exist (#6219) 2018-07-31 23:48:54 -04:00
Joffrey JAFFEUX
849f0d00f6
FEATURE: adds revision_count to moderators_activity (#6218)
Co-Authored-By: Simon Cossar <scossar@users.noreply.github.com>
2018-07-31 23:40:45 -04:00
Guo Xiang Tan
919e8db686 FIX: Check for group name availability should skip reserved usernames. 2018-08-01 11:09:33 +08:00
Joffrey JAFFEUX
2b2a506a7b
FIX: makes dashboard more resilient to errors (#6217)
This commit is an attempt to limit cases where the dashboard will generate a full exception page and also make it easier to track the error.
2018-07-31 21:23:28 -04:00
Joffrey JAFFEUX
37252c1a5e
UI: improves dashboard table reports
- support for avatars
- support for topic/post/user type in reports
- improved totals row UI
- minor css tweaks
2018-07-31 17:35:13 -04:00
Neil Lalonde
fd29ecb91a UX: include a flag reason in the post-deleted-by-staff-because-of-flags message 2018-07-30 16:45:46 -04:00
Guo Xiang Tan
87537b679c Drop reply_key, skipped and skipped_reason from email_logs. 2018-07-30 11:39:28 +08:00
Guo Xiang Tan
b94633e844 FIX: FileHelper should prioritize response content-type.
Request to a URL with `.png` extension may return a jpg
instead causing us to attach the wrong extension to an
upload.
2018-07-30 10:54:36 +08:00
Guo Xiang Tan
6f9a91cbd5
Merge pull request #6175 from vinothkannans/post_approval_webhook
FEATURE: Webhook for post approval events
2018-07-27 10:50:49 +08:00
Vinoth Kannan
af5b88f8e2 Rename approval web hook event type to queued post 2018-07-26 10:29:38 +05:30
Guo Xiang Tan
f8b367cc9c Fix the build. 2018-07-26 10:17:51 +08:00
Guo Xiang Tan
30242972d3 Add spec for 4bf3bf6786. 2018-07-26 09:16:14 +08:00
Régis Hanol
f94aeaf6cf SECURITY: force IM decoder based on file extension - part 3 2018-07-25 23:55:06 +02:00
Régis Hanol
800c57c6ab SECURITY: force IM decoder based on file extension - part 2 2018-07-25 23:08:02 +02:00
Régis Hanol
4bf3bf6786 SECURITY: force IM decoder based on file extension 2018-07-25 22:00:04 +02:00
Kris
3fd2571abc Fix typo in color scheme 2018-07-25 15:12:01 -04:00
Vinoth Kannan
5059dad8f0 FEATURE: Webhook for post approval events 2018-07-25 23:43:19 +05:30
David Taylor
0d0d78841b
FIX: Remove plugin.enabled? checks at initialization time (#6166)
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
  - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
  - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.

Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.

I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
  - `post_custom_fields_whitelist`
  - `whitelist_staff_user_custom_field`
  - `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
Joffrey JAFFEUX
578c8e861b
FIX: refreshes disk_space on backup create/destroy (#6169) 2018-07-25 08:26:30 -04:00
Joffrey JAFFEUX
7a3c541077
UX: Preview multiple color schemes in wizard (#6151)
It was a dropdown to provide choices of color schemes,
and only one scheme could be shown.
With this commit, multiple color scheme previews can be displayed on
one page at the same time, making admins choose color schemes more
easily.

Theme preview windows are shrinked.

Imported default color schemes.

Co-Authored-By: Misaka 0x4e21 <misaka4e21@gmail.com>
2018-07-24 09:00:20 -04:00
Guo Xiang Tan
fa19d3a53c
Merge pull request #6108 from discourse/transaction-sidekiq-fix
Fix notifications for topics moved between categories
2018-07-24 17:44:03 +08:00
David Taylor
20a21b1240 Move into MiniSQLMultisiteConnection, and add test for rollback 2018-07-24 09:41:55 +01:00
Guo Xiang Tan
98f84d1a4e Update annotations. 2018-07-24 15:49:55 +08:00
Guo Xiang Tan
7a2bf8e368 Fix invalid query syntax when CategoryCustomField#value is blank. 2018-07-24 14:48:27 +08:00
Guo Xiang Tan
fad9c2b971 PERF: Move EmailLog#reply_key into new post_reply_keys table. 2018-07-24 13:51:53 +08:00
Guo Xiang Tan
ae8b0a517f PERF: Split skipped email logs into a seperate table. 2018-07-24 13:14:37 +08:00
Guo Xiang Tan
9b84e78fdf Update annotations. 2018-07-24 11:14:19 +08:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Joffrey JAFFEUX
32062864d3
FIX: removes system from user to user report (#6144) 2018-07-23 10:33:12 -04:00
Vinoth Kannan
84ab825e41
FEATURE: Webhook for user destroyed event (#6124) 2018-07-23 13:19:49 +05:30
Guo Xiang Tan
5c1bd38d84
Merge pull request #6131 from jjaffeux/lazy-load-reports
FIX: lazy load more reports in dashboard
2018-07-21 17:24:17 +08:00
Simon Cossar
d705f859db Exclude System user from post_edits report (#6130) 2018-07-21 11:17:25 +02:00
Joffrey JAFFEUX
1d5096eb46 FIX: lazy load more reports in dashboard 2018-07-20 23:35:53 -04:00
Guo Xiang Tan
7cf6c2825e
Merge pull request #6106 from OsamaSayegh/watch-when-splitting
FIX: topic owner should watch the new topic when moving posts to a new topic
2018-07-20 15:18:59 +08:00
OsamaSayegh
69450750d1 shorter method name and better specs 2018-07-20 10:13:27 +03:00
Joffrey JAFFEUX
64f0cf425b
FIX: removes uncessary reports loading (#6119) 2018-07-19 19:30:13 -04:00
Joffrey JAFFEUX
a0793387cf
FEATURE: differentiates pms in moderators activity report (#6117)
Co-Authored-By: Simon Cossar <scossar@users.noreply.github.com>
2018-07-19 19:29:42 -04:00
Joffrey JAFFEUX
1a78e12f4e
FEATURE: part 2 of dashboard improvements
- moderation tab
- sorting/pagination
- improved third party reports support
- trending charts
- better perf
- many fixes
- refactoring
- new reports

Co-Authored-By: Simon Cossar <scossar@users.noreply.github.com>
2018-07-19 14:33:11 -04:00
Guo Xiang Tan
4765507585 Remove code that is no longer required. 2018-07-19 16:56:53 +08:00
Sam
a755ff7b35 FIX: not checking for 0 correctly
0.blank? == false
2018-07-19 07:45:26 +10:00
Maja Komel
a9ebad3f6c FIX: do not add a moderator post when post is flagged via direct message (#6100) 2018-07-18 23:18:14 +02:00
David Taylor
32db976156 FIX: Stop race condition when topic notification jobs are scheduled during a database transaction
This was not picked up by tests because scheduled jobs are run immediately
and in the current thread (and therefore the current database transaction).

This particular case sometimes occurs inside multiple nested transactions,
so simply moving the offending line outside of the transaction is not enough.

Implemented TransactionHelper, which allows us to use `TransactionHelper.after_commit`
to define code to be run after the current transaction has been committed.
2018-07-18 22:04:43 +01:00
Neil Lalonde
afc94ac9e4 FEATURE: add a Top Categories section to the user summary page, showing the categories in which a user has the most activity 2018-07-18 16:39:16 -04:00
OsamaSayegh
547b571d84 FIX: topic owner should watch the new topic when moving posts to a new topic 2018-07-18 15:23:32 +03:00
Régis Hanol
6d6e026e3c FEATURE: selectable avatars 2018-07-18 12:57:43 +02:00
Guo Xiang Tan
487ef9773f Better logging when optimizing image fails. 2018-07-18 14:11:23 +08:00
Guo Xiang Tan
b068a8a771 Fix the build. 2018-07-18 14:03:27 +08:00
Guo Xiang Tan
be71f9ff82 REFACTOR: Don't load entire AR object just to get a column. 2018-07-18 13:53:57 +08:00
Arpit Jalan
7da22e395b FIX: do not show links with 0 click on topic map 2018-07-18 10:50:01 +05:30
OsamaSayegh
281538ae61 FIX: theme JS should only run when needed global objects exist (#6098) 2018-07-18 15:13:47 +10:00
Guo Xiang Tan
3874d40910 Prepare to drop EmailLog#topic_id. 2018-07-18 10:22:24 +08:00
Sam
5adf5b527d FEATURE: support filter_auto_bump_topics event
Use this event to filter the list of auto bumped topics.

EG:

  on(:filter_auto_bump_topics) do |_category, filters|
    filters.push(->(r) { r.where(<<~SQL)
        NOT EXISTS(
          SELECT 1 FROM topic_custom_fields
          WHERE topic_id = topics.id
          AND name = 'accepted_answer_post_id'
        )
      SQL
    })
  end
2018-07-18 10:56:09 +10:00
Sam
02628883d2 FEATURE: adjust autobump system
- We spread out bumping through the day, if you are bumping
 4 topics then a topic will be bumped every 6 hours

- We add a small, bumping action at the bottom of the post to
 denote a topic got bumped
2018-07-18 10:17:33 +10:00
Guo Xiang Tan
3553375dd2 PERF: Store EmailLog#reply_key as uuid data type. 2018-07-17 17:05:42 +08:00
Guo Xiang Tan
1d74ccaaf8 Add compatibility for ImageMagick7. 2018-07-17 15:50:58 +08:00
Guo Xiang Tan
fe230f29cd Update annotations. 2018-07-17 13:11:45 +08:00
Sam
91266cdabb correct auto bump topic logic 2018-07-17 09:33:33 +10:00
Guo Xiang Tan
c0c263405a
PERF: Store EmailLog#bounce_key as uuid data type. (#6093)
PERF: Store `EmailLog#bounce_key` as `uuid` data type.
2018-07-16 20:05:54 +08:00
Sam
ac0053f491 FEATURE: navigate to first post and auto bump category settings
### navigate_to_first_post_after_read setting for categories

When enabled on categories logged on users will return to OP after
reading the entire category. (useful for documentation categories)

### num_auto_bump_daily

Set a number of topics that will automatically bump daily on a category.

- Every 15 minutes we will check if any category has this setting
- Categories with the setting are shuffled
- We exclude pinned, closed, category description and archived topics
- Maximum of 1 topic for the list of categories is bumped till limit reached per category
- We always try to bump oldest first
- Limit is elastic using a RateLimiter that ensures that we only bump N per day

Also some minor organisation on category settings

Froze strings on category.rb
2018-07-16 18:10:35 +10:00
Guo Xiang Tan
6761f8ecbf PERF: Add missing index on user_id for user_second_factors table. 2018-07-16 14:21:07 +08:00
Guo Xiang Tan
214dac05de Update annotations. 2018-07-16 14:19:07 +08:00
Rishabh
a6c589d882 FEATURE: Add custom S3 Endpoint and DigitalOcean Spaces/Minio support for Backups (#6045)
- Add custom S3 Endpoints and DigitalOcean Spaces support
- Add Minio support using 'force_path_style' option and fix uploads to custom endpoint
2018-07-16 14:44:55 +10:00
Leo McArdle
21ebb1cd54 FEATURE: Secondary emails support. 2018-07-16 11:09:49 +08:00
Guo Xiang Tan
50e59fb9bd Fix the build. 2018-07-16 10:12:19 +08:00
Jay Pfaffman
0ed2834c2d FEATURE: Add users:disable_2factor rake task
https://meta.discourse.org/t/admin-locked-out-of-2fa/92156/2?u=pfaffman
2018-07-16 09:56:55 +08:00
Kyle Zhao
2901691e87 FEATURE: per-category approval settings (#5778)
- disallow moving topics to a category that requires topic approval
2018-07-13 12:51:08 +10:00
Arpit Jalan
db67c87916 fix purge unactivated users subquery 2018-07-13 07:58:58 +05:30
OsamaSayegh
decf1f27cf FEATURE: Groundwork for user-selectable theme components
* Phase 0 for user-selectable theme components

- Drops `key` column from the `themes` table
- Drops `theme_key` column from the `user_options` table
- Adds `theme_ids` (array of ints default []) column to the `user_options` table and migrates data from `theme_key` to the new column.
- Removes the `default_theme_key` site setting and adds `default_theme_id` instead.
- Replaces `theme_key` cookie with a new one called `theme_ids`
- no longer need Theme.settings_for_client
2018-07-12 14:18:21 +10:00
Sam
574d447254 FIX: don't attempt to bump draft sequence if no editor
Rare case on old installs
2018-07-11 17:06:49 +10:00
Guo Xiang Tan
a17f5052a3 FIX: ignored_columns was called twice. 2018-07-11 09:52:37 +08:00
OsamaSayegh
f2cc05c6c6 FIX: ignore self-quotes from the same post when saving (#6082) 2018-07-10 16:17:28 +08:00
Guo Xiang Tan
5374a0e720 Fix the build. 2018-07-10 09:48:57 +08:00
Jordan Seanor
10bc69a62f FEATURE: Event on topic merge (#6057) 2018-07-10 09:28:57 +08:00
Guo Xiang Tan
96aca6d7e6
Remove legacy vote post action code. (#6009) 2018-07-09 16:54:18 +08:00
Sam
330e848d4a FIX: if s3 set via global setting bypass config check in UI 2018-07-09 15:38:06 +10:00
michael@discoursehosting.com
81188060d6 Add S3 region eu-west-3 (Paris) 2018-07-09 14:18:35 +10:00
Andrew Schleifer
dba22bbde2 rollback changes
This reverts:
* 1baba84c438e "fix s3 subfolders harder"
* ea5e57938edf "fix test for absolute_base_url change"
2018-07-06 17:16:40 -05:00
Andrew Schleifer
52e9f49ec1 fix s3 subfolders harder
specifically, include the folder in absolute_base_url
2018-07-06 16:28:40 -05:00
Maja Komel
18f5f646b1 FEATURE: allow selecting a tag when moving posts to a new topic (#6072) 2018-07-06 18:21:32 +02:00
Guo Xiang Tan
875008522d FIX: Discourse.S3BaseUrl did not account for subfolder bucket names. 2018-07-06 15:53:57 +08:00
Guo Xiang Tan
7163bf9323 FIX: Upload.get_from_url not respective subfolder in s3 bucket names. 2018-07-06 11:37:11 +08:00
Neil Lalonde
eabc8f7fbd
Merge pull request #6023 from misaka4e21/only-staff-can-create-tag
FEATURE: Support disabling tag creation for non-staff users.
2018-07-05 11:12:44 -04:00
Patrick Gansterer
28dd7fb562 FEATURE: Create hidden posts for received spam emails (#6010)
* Add possibility to add hidden posts with PostCreator

* FEATURE: Create hidden posts for received spam emails

Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
Sam
7b26f5086b PERF: we have no use for topic percent rank
Prepare to remove this column
2018-07-05 15:10:19 +10:00
Maja Komel
cb89797e9a FEATURE: shows remaining backup codes in user preferences 2018-07-04 10:45:42 +02:00
Leo McArdle
c3129444ea FIX: allow multiple secondary emails 2018-07-03 18:21:35 +08:00
Arpit Jalan
7550e9ff95 FIX: purge unactivated users with a message from non-human users 2018-06-29 13:03:04 +05:30
hellekin
25cfc98b67 Fix 'asscoiated' typo
I know that **Naming is CRITICAL** and that **Refactoring only NOT welcome**.

But since I spotted this (consistent) typo and the change does not affect any
functionality -- I checked the presence of "asscoiated" in the code base, I
guess the first rule trumps the second one.

It also gave me a false pretext to bypass my reluctance to use Google forms and
sign de CLA. Typos hurt the eye.
2018-06-29 11:10:05 +10:00
Sam
e0bc6590fd minor cleanup 2018-06-29 10:30:22 +10:00
Robin Ward
5d1d7e0e7d PERF: Scanning the id for this is signficantly slower in production 2018-06-28 11:04:40 -04:00
Sam
db14e10943 SECURITY: category badges should HTML escape names 2018-06-28 18:15:07 +10:00
Maja Komel
ec3e6a81a4 FEATURE: Second factor backup 2018-06-28 10:12:32 +02:00
misaka4e21
47cb46671a FEATURE: Support disabling tag creation for non-staff users. 2018-06-27 07:15:02 +08:00
David Lee
4644d777bd FEATURE: add website field to SSO 2018-06-25 16:09:39 +10:00
Jeff Wong
41f76a74f8 FEATURE: send message when a user reaches tl1 2018-06-22 13:20:00 -07:00
Jeff Wong
bc52bdfa12 Feature: unconditionally consider TL0 users as "first day" users 2018-06-21 10:53:08 -07:00
Guo Xiang Tan
f7d22bad90 FEATURE: Forced summary mode for megalodon topics.
This is mainly done for performance reasons and megalodon
topics are usually a byproduct of imports where site setting
limits are not respected.
2018-06-21 14:00:20 +08:00
Guo Xiang Tan
ac80360bea PERF: Help postgres make use of index in Post.summary. 2018-06-21 13:29:16 +08:00
Guo Xiang Tan
6ddd214476 FIX: Post#summary returning posts from other topics. 2018-06-21 12:00:54 +08:00
Joffrey JAFFEUX
50d11fd582
FIX: improves durability display check 2018-06-20 23:15:11 +02:00
Guo Xiang Tan
0365806b93 FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
Joffrey JAFFEUX
fa43969fe2
FIX: crashes with date conversion in reports 2018-06-20 14:42:15 +02:00
Sam
35e0ccfc84 make linter happy 2018-06-20 18:03:27 +10:00
Sam
cb824a6b33 DEV: remove all calls to SqlBuilder use DB.build instead
This is part of the migration to mini_sql, SqlBuilder.new is being
deprecated and replaced with DB.build
2018-06-20 17:53:49 +10:00
riking
7f37ee9152 SearchLog: fix specs 2018-06-20 10:44:11 +10:00
riking
38a8e52ca4 FIX: Add time retention limit to search logs
3 years is a very conservative limit that allows for a very wide buffer
for year-over-year analysis. The max is set to 5 years because that is
the policy listed for logging in hosted Discourse.
2018-06-20 10:44:11 +10:00
riking
1de0ef137e FIX: SearchLog: Do not store IP of logged in users 2018-06-20 10:44:11 +10:00
Jeff Wong
2ff226e509 FIX: consider staged users mature (no spam checks) after 1 day 2018-06-19 09:41:10 -07:00
Sam
5f64fd0a21 DEV: remove exec_sql and replace with mini_sql
Introduce new patterns for direct sql that are safe and fast.

MiniSql is not prone to memory bloat that can happen with direct PG usage.
It also has an extremely fast materializer and very a convenient API

- DB.exec(sql, *params) => runs sql returns row count
- DB.query(sql, *params) => runs sql returns usable objects (not a hash)
- DB.query_hash(sql, *params) => runs sql returns an array of hashes
- DB.query_single(sql, *params) => runs sql and returns a flat one dimensional array
- DB.build(sql) => returns a sql builder

See more at: https://github.com/discourse/mini_sql
2018-06-19 16:13:36 +10:00
Jeff Wong
68e4e6a575 FIX: staged users are still tl0 but do not trigger spam if 1 week old. 2018-06-18 17:20:04 -07:00
Jeff Wong
9e55767f6a FIX: don't punish a user for being previously staged for spam flags. 2018-06-15 12:25:25 -07:00
Régis Hanol
ff06ce4cce fix the build 2018-06-13 23:05:23 +02:00
Régis Hanol
051d1a3c36 PERF: faster Screened IP Address roll up 2018-06-13 22:47:23 +02:00
Robin Ward
fd54c92a52 FEATURE: New site setting, whitelisted_link_domains
If provided, users who normally couldn't post links (say, due to a
low trust level), can post links to those specific hosts.
2018-06-13 16:11:22 -04:00
Maja Komel
6c9190357c fix get from url for external uploads without CDN 2018-06-13 16:21:28 +10:00
riking
94f70c7b5c FIX: TopicViewItem: do not store IP of logged in users 2018-06-12 12:43:56 +10:00
riking
4b2e2ea8ef Change TopicViewItem to allow null IP address 2018-06-12 12:43:56 +10:00
Gerhard Schlager
150ae21489 FEATURE: Log user merge in staff logs 2018-06-11 18:43:56 +02:00
Vinoth Kannan
a6303073a0 Strip images from cooked for topic excerpt 2018-06-11 14:43:53 +05:30
Guo Xiang Tan
ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Sam
89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Guo Xiang Tan
d600e71b3d FIX: Clean up stale UserExport records daily.
* Add tests for `UserExport.remove_old_exports`
2018-06-05 09:43:40 +08:00
Robin Ward
fab59c66f0 FIX: Protection against dangling category group records 2018-06-04 15:43:26 -04:00
Arpit Jalan
89eca87f16 FEATURE: add staff action log for post rejections 2018-06-01 21:48:27 +05:30
Guo Xiang Tan
9ef61e0af5 PERF: Prefer exists? instead of loading AR object. 2018-06-01 09:44:14 +08:00
Neil Lalonde
e26a14dc29 FIX: error when flagging to notify moderators because message title is too long 2018-05-29 12:21:47 -04:00
Sam
df815d6c0e DEV: prefer using ordering in relation over default scope 2018-05-29 09:34:12 +10:00
Arpit Jalan
8d9c77e113 optimize group invitation code 2018-05-28 17:59:14 +05:30
Arpit Jalan
c8bc942333 FIX: do not add invited user to automatic groups 2018-05-28 17:17:48 +05:30
Gerhard Schlager
ed2ae3cb0a FIX: Load post revisions in correct order 2018-05-28 11:25:24 +02:00
Guo Xiang Tan
754458e6a2 PERF: Minor but we can just pass a hash to where.
```
Warming up --------------------------------------
          4 x .where     1.040k i/100ms
          1 x .where     1.677k i/100ms
Calculating -------------------------------------
          4 x .where     10.321k (± 5.2%) i/s -     52.000k in
5.053803s
          1 x .where     17.117k (± 3.8%) i/s -     85.527k in
5.004107s

Comparison:
          1 x .where:    17117.1 i/s
          4 x .where:    10321.3 i/s - 1.66x  slower
```
2018-05-28 16:41:38 +08:00
Sam
5a32a70d6c FIX: ColorScheme color missing was returning "nil" 2018-05-28 11:46:00 +10:00
Régis Hanol
5b2e7c8d10 fix the build 2018-05-26 03:11:10 +02:00
Régis Hanol
338d39265a FIX: don't publish notifications_state when user has been deleted 2018-05-26 02:27:54 +02:00
Régis Hanol
d23229df85 Let's use the same method 2018-05-26 02:16:53 +02:00
Régis Hanol
f988fa31aa FIX: ensure 'notifications_state' is up to date after creating a notification 2018-05-26 02:09:48 +02:00
Robin Ward
4195c7c9ea FEATURE: Ability to clear a user's penalty history
You can do this manually if you want to allow them to reach TL3 without
their penalty history counting against them.
2018-05-25 12:54:22 -04:00
Joffrey JAFFEUX
a8901efafe
FIX: flags report is now a lower is better kind of report 2018-05-25 12:59:39 +02:00
Gerhard Schlager
20b94bc714 FIX: Extraction of quoted posts failed in some cases
* It stored only oneboxed "quotes" when [quote] and links to topics or posts were mixed.
* Revising a post didn't add or remove records from the quoted_posts table.
2018-05-25 12:00:17 +02:00
riking
501bc0e9af FIX: UserProfileView: Do not log IP of logged-in users 2018-05-25 15:54:14 +10:00
Régis Hanol
71f66cd679 FIX: ensure PostAlerter is always run in sidekiq 2018-05-24 17:27:43 +02:00
Guo Xiang Tan
3bfd9698c7 PERF: Avoid running the same query twice in TopicViewSerializer#details. 2018-05-24 16:46:13 +08:00
Guo Xiang Tan
b3860c82da FIX: Don't enqueue web hooks inside a deferred queue.
* The deferred queue is meant for short lived jobs
  and does not guarantee execution. We need to ensure
  that web hooks are always run.
2018-05-24 15:03:17 +08:00
Guo Xiang Tan
8a1aab4e8a PERF: Select distinct active web hooks at the db level. 2018-05-24 14:56:40 +08:00
Gerhard Schlager
beed676b04 FIX: Check group names when checking username availability 2018-05-22 21:55:54 +02:00
Joffrey JAFFEUX
508b65b76a
UX: refactoring/refining tables of new dashboard 2018-05-22 16:47:23 +02:00
Guo Xiang Tan
f6becd6a4e
Merge pull request #5838 from discourse/fix-for-s3-subfolders
FIX for bucket name in GlobalSetting with folder
2018-05-22 18:10:44 +08:00
Sam
1ac1ee4287 FEATURE: allow registration of an array custom field 2018-05-22 16:48:39 +10:00
riking
9b0efe9c84 FIX: TopicLinkClick: do not log IP of logged in users 2018-05-22 16:05:38 +10:00
Guo Xiang Tan
ae3a7ca08d Fix unexpected return error. 2018-05-21 22:28:44 +08:00
Guo Xiang Tan
467d91347a Missing specs for Group, Tag, Category and Flag web hooks. 2018-05-21 17:29:58 +08:00
Guo Xiang Tan
bf84037f79 FIX: Payload for webhooks should be current as of the time the event was triggered.
https://meta.discourse.org/t/group-category-tag-user-deleted-webhooks-not-firing/87752
2018-05-21 17:29:58 +08:00
Arpit Jalan
290ee312e6 FIX: handle invalid mailto links 2018-05-18 18:02:52 +05:30
David Taylor
c168639be2 Add plugin outlet in admin theme list (#5837)
This will be used by discourse-theme-creator to add avatars next to each theme.
2018-05-18 10:09:21 +02:00
Guo Xiang Tan
416d19af27 FIX: Wrong target user displayed for user actions in activity stream.
https://meta.discourse.org/t/wrong-assigned-username-in-activity-list/73816
2018-05-18 11:28:13 +08:00
Joffrey JAFFEUX
af548c23c4
new dashboard quality pass (code, tests and UI) 2018-05-17 22:44:33 +02:00
Andrew Schleifer
bc89674b58 FIX for bucket name in GlobalSetting with folder
When `s3_bucket="bucket/folder` in discourse.conf, absolute_base_url
was bucket/folder.s3-region.amazonaws.com

These names are bad, but this mirrors the s3_bucket/s3_bucket_name in
S3Store

N.B. that nearby s3_upload_bucket _should_ include the folder
2018-05-17 12:59:34 -05:00
Régis Hanol
53f8f6095d FEATURE: staff action logs when creating/updating/deleting badges 2018-05-17 18:09:27 +02:00
Guo Xiang Tan
b3981ddc43 Shorten User.suggest_name further. 2018-05-17 16:35:03 +08:00
Guo Xiang Tan
147ea37115 FIX: Missing notification for watching first post users when topic is recategorized.
https://meta.discourse.org/t/not-receiving-notifications-for-announcements/87275/2?u=tgxworld
2018-05-17 16:15:29 +08:00
Arpit Jalan
33899664ce FIX: handle bad user profile website 2018-05-17 13:21:24 +05:30
Arpit Jalan
539cf32f87 FIX: handle encoded mailto links when looking for upload record 2018-05-17 12:44:53 +05:30
Guo Xiang Tan
117763493b Refactor User#suggest_name.
* Rename `email` to `string` as variable can be an email, username
  or any valid string.
2018-05-17 14:54:14 +08:00
Arpit Jalan
aee4045dd0 FIX: suggest name when username/name is provided 2018-05-17 10:36:36 +05:30
Sam
c381d60471 Replace the "posts" line with message count 2018-05-17 10:26:30 +10:00
Régis Hanol
39aceed63d FIX: don't purge unactivated users with a message 2018-05-16 18:24:11 +02:00
Gerhard Schlager
ae6236d090 FIX: Changing owner of deleted reply didn't work 2018-05-16 17:03:09 +02:00
Régis Hanol
4103783821 FIX: don't use PMs in Incoming Links reports 2018-05-16 16:55:54 +02:00
Régis Hanol
5e97a9bfb7 FIX: tags in a 'visible by everyone but usable only by staff' group weren't visible by everyone 2018-05-16 09:48:19 +02:00
Sam
21e0b7c818 avoid async report pattern and replace with simpler hijack 2018-05-16 16:05:03 +10:00
Sam
3864091f2d correct links to admins and moderators 2018-05-16 15:24:52 +10:00
Jeff Wong
74aecdfd9d Feature: add a 30 seconds grace window for 2-factor token checks 2018-05-15 16:13:21 -07:00
Joffrey JAFFEUX
9947c38e1c
UX: support for multiple datasets in one chart 2018-05-15 20:12:03 +02:00
Régis Hanol
a512b181d9 FIX: automatically in/decrement topic_tags.pm_topic_count 2018-05-15 16:05:48 +02:00
Sam
fe89f441ae correct reports 2018-05-15 15:12:27 +10:00
Sam
193b6d5651 UX: improve new dashboard
- top referred topics
- limit search logs to 8 results
2018-05-15 15:08:36 +10:00
Sam
eb33f6e9b9 correct daily engaged users to look at average 2018-05-15 10:17:17 +10:00
Régis Hanol
a28c58feb1 FIX: automatic group membership when using SSO 2018-05-15 01:48:30 +02:00
riking
cdcb0a396f FIX: IncomingLink: do not log IP of logged-in users 2018-05-15 09:32:29 +10:00
Joffrey JAFFEUX
e474351ae4
inactive users report is not used anymore 2018-05-14 21:31:14 +02:00
Régis Hanol
e9abdaebbe UX: show an enveloppe icon when a badge is used in messages
- the badge count now includes messages
- only show the message badges to admins
2018-05-14 19:02:00 +02:00
Joffrey JAFFEUX
34dbb32df4
FIX: makes report description optional 2018-05-14 16:34:56 +02:00
Joffrey JAFFEUX
83255d94d9
DateGroupable is not used anymore 2018-05-14 16:26:14 +02:00
Joffrey JAFFEUX
ba0cec2091
UX: minor fixes to new dashboard UI
- adds a link to search log
- display a text if log search queries is disabled
- adds link to trust level and user types
- adds a description for eeach report when browsing a report directly
2018-05-14 14:23:51 +02:00
Régis Hanol
3e06598e96 FIX: only unstage staged users 2018-05-14 12:03:15 +02:00
Sam
6332d5040d UX: switch dashboard to be the new dashboard
Also:
- add pageviews
- add problems and version sections
2018-05-14 13:07:59 +10:00
Sam
d6316ac4b9 add some more protection 2018-05-14 12:01:57 +10:00
Sam
9d97e1244e correct it so when we have no dates we still return graphs 2018-05-14 11:12:52 +10:00
Régis Hanol
2cf6fb7359 FIX: always unstage users when they log in 2018-05-13 17:00:02 +02:00
Sam
4f508b2358 correct sorting in dashboard 2018-05-11 16:32:12 +10:00
Sam
67054d524d correct missing day from async reports 2018-05-11 15:06:23 +10:00
Sam
8a783412b7 UX: improvements to new dashboard
- remove inactive user report and replace with posts
- clean up internals so grouping by week happens on client
- when switching periods old report was not destroyed leading to bugs
- calculate trend based on previous interval ... not previous 30 days
- show percentages for mau/dau
- be more careful about utc date usage
- show uniqu and click through rate on search panel
- publish key of report with report so we only load the correct one
- subscribe earlier in channel in case of concurrency issues
2018-05-11 13:30:32 +10:00
Guo Xiang Tan
630a8ba3d8 Update annotations. 2018-05-09 07:52:45 +08:00
Arpit Jalan
d2f99419b7
Merge pull request #5809 from techAPJ/invite-redeem-fixes
FIX: better handling of invite links after they are redeemed
2018-05-08 22:06:11 +05:30
Gerhard Schlager
badad80cdf FIX: Use default locale for flag reason 2018-05-08 17:31:00 +02:00
Arpit Jalan
83245aa508 FIX: better handling of invite links after they are redeemed
FIX: deprecate invite_passthrough_hours setting
2018-05-08 20:17:57 +05:30
Robin Ward
8262fc5d15
Merge pull request #5807 from discourse/min-flags-by-topic
FEATURE: New site setting `min_flags_staff_visibility`
2018-05-08 09:17:29 -04:00
Robin Ward
ac60a84329 FEATURE: New site setting min_flags_staff_visibility
When set higher than 1, flags won't show up for staff in the admin
section unless the minimum threshold of flags on a post is reached.
2018-05-07 16:05:13 -04:00
Guo Xiang Tan
ee1eb1a5bd FIX: Retrigger notification when a topic is recategorized.
https://meta.discourse.org/t/notifications-when-a-topic-is-recategorized/63079
2018-05-07 21:29:06 +08:00
Misaka 0x4e21
ff6be3c2e3 FEATURE: add profile_background fields into SSO (#5701)
Add profile_background and card_background fields into Discourse SSO.
2018-05-07 10:03:26 +02:00
Guo Xiang Tan
ad833c4485 FIX: Don't downcase group name. 2018-05-07 14:02:11 +08:00
Jeff Wong
91b31860a1
Feature: Push notifications for Android (#5792)
* Feature: Push notifications for Android

Notification config for desktop and mobile are merged.

Desktop notifications stay as they are for desktop views.

If mobile mode, push notifications are enabled.

Added push notification subscriptions in their own table, rather than through
custom fields.

Notification banner prompts appear for both mobile and desktop when enabled.
2018-05-04 15:31:48 -07:00
Gerhard Schlager
ee426623e4 Dashboard next: correctly group inactive member count 2018-05-04 07:48:55 +02:00
Gerhard Schlager
41cd8c169c Add specs for inactive users report 2018-05-04 07:48:55 +02:00
Sam
3a06cb461e FEATURE: remove support for legacy auth tokens 2018-05-04 10:12:10 +10:00
Joffrey JAFFEUX
581d362627
fix spec 2018-05-03 17:39:37 +02:00
Joffrey JAFFEUX
980972182f
dashboard next: caching, mobile support and new charts 2018-05-03 15:41:41 +02:00
osamasayegh
4ebf46dc08 FEATURE: theme settings in RAW hbs templates 2018-05-03 10:43:07 +10:00
Kyle Zhao
0cc4b42180 FIX: TopicEmbed.import should update title and author 2018-05-02 17:12:31 +10:00
Joffrey JAFFEUX
691174fa8f
FEATURE: adds emoji search aliases 2018-05-01 15:43:49 +02:00
Gerhard Schlager
14e700fa50 Adds query for daily engaged users 2018-04-28 01:20:13 +02:00
Arpit Jalan
67357b84b9 FIX: only allow one user to be created per invite 2018-04-27 19:21:10 +05:30
Neil Lalonde
bd77795d7a REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-26 13:25:24 -04:00
Joffrey JAFFEUX
73a1be0d57
Fix spec 2018-04-26 17:19:44 +02:00
Joffrey JAFFEUX
b9c7e09a4e
linting 2018-04-26 15:21:02 +02:00
Joffrey JAFFEUX
9fabf2543b
dashboard next: activity metrics and new contributors
This commit also introduces a better grouping of data points.
2018-04-26 14:49:41 +02:00
Gerhard Schlager
3f6d1a583e Add helper for grouping by periods
The methods are still experimental and might change without notice!

You need to add `include DateGroupable` to your model before you can use it like this:
`User.smart_group_by_date("users.created_at", start_date, end_date)`.count
2018-04-24 23:31:26 +02:00
Robin Ward
456e40a709 FIX: Don't allow a user to become TL3 if they've ever been penalized
Previously the code would only check if they were *currently* suspended
or silenced.
2018-04-24 15:15:32 -04:00