Commit Graph

672 Commits

Author SHA1 Message Date
Robin Ward
a2fec165d5 Disable editing of hidden posts within a timeframe from when the post
was initially hidden.
2014-06-20 15:38:03 -04:00
Sam
af86014fd0 BUGFIX: bypass fulltext for search in topic 2014-06-20 15:48:34 +10:00
Neil Lalonde
4f523ae1b9 Don't allow invites if local logins are disabled, since it provides a way to bypass external auth 2014-06-18 16:46:20 -04:00
Neil Lalonde
3eb65885d1 Add validation of string site settings with regex, and min and max lengths 2014-06-18 11:15:40 -04:00
Sam
a288ff331d BUGFIX/FEATURE: call out context for search. 2014-06-17 17:53:45 +10:00
Sam
983a22004a FEATURE: register_custom_field_type, support bool and integer 2014-06-17 12:42:12 +10:00
Sam
56dcd00570 BUGFIX: trust_level_0 group not including trust_level_1
BUGFIX: manual trust level change not adding user to groups
BUGFIX: system not in correct trust level groups
2014-06-17 10:52:02 +10:00
Neil Lalonde
2cd55b1fa2 FIX: topics in private sub-categories were visible to everyone on the categories page 2014-06-16 15:12:14 -04:00
Robin Ward
88b5e78424 Merge branch 'add_custom_embed_by_username' of github.com:justinleveck/discourse into justinleveck-add_custom_embed_by_username
Conflicts:
	config/site_settings.yml
2014-06-16 10:52:15 -04:00
Arpit Jalan
5ea1b0742f Fix typo in XSS test 2014-06-16 08:40:19 +05:30
Sam Saffron
fbbe9f7a19 collapse tests to improve perf of suite 2014-06-16 12:13:28 +10:00
Sam Saffron
d65efe7304 SECURITY: fix XSS 2014-06-16 10:24:54 +10:00
Jeff Atwood
a1482f24d9 remove borked test 2014-06-13 17:03:45 -07:00
Jeff Atwood
679b3fab79 correct broken test, List-ID is correct
see http://www.ietf.org/rfc/rfc2919.txt
2014-06-13 16:45:34 -07:00
Jeff Atwood
beaa145572 some email notification header fixes 2014-06-13 15:42:20 -07:00
Robin Ward
c690fa0d19 FIX: Replace protocol relative URLs in emails 2014-06-13 17:11:04 -04:00
Neil Lalonde
ba65aa3f6c Add a way to validate min and max value of an integer site setting 2014-06-12 18:04:37 -04:00
Neil Lalonde
9611a1ac47 Validate username site settings 2014-06-11 16:20:57 -04:00
Sam
d13d4fc158 correct state leak 2014-06-11 12:00:02 +10:00
Sam
62abb873df FEATURE: support serializing user custom fields by plugins 2014-06-11 11:57:22 +10:00
Sam
a044e3de58 Remove min_posts_for_search_in_topic
no longer needed, we always search in topic
2014-06-10 15:07:38 +10:00
Neil Lalonde
c61462662b Add ability to run validation on site settings. notification_email and other email address settings are now validated. 2014-06-09 16:59:20 -04:00
Justin Leveck
a78df3d57d Add custom embed_by_username feature
Feature to allow each imported post to be created using a different discourse
username. A possible use case of this is a multi-author blog where discourse
is being used to track comments. This feature allows authors to receive
updates when someone leaves a comment on one of their articles because each of
the imported posts can be created using the discourse username of the author.
2014-06-09 12:35:38 -07:00
Neil Lalonde
faed17aa18 Moderators should always be able to create topics too 2014-06-09 15:28:03 -04:00
Neil Lalonde
f97d434174 Fix the spec for enum site settings 2014-06-09 15:28:03 -04:00
Robin Ward
c176dc07c1 Merge pull request #2421 from peternlewis/reply_to_name
Use an appropriate name in the Reply-To header
2014-06-09 11:04:53 -04:00
Neil Lalonde
4d50d0d109 FIX: admins should be able to create topics, even if min_trust_to_create_topic is higher than their trust level 2014-06-09 11:03:21 -04:00
Peter N Lewis
93f5f98b58 Corrected and added appropriate specs to confirm correct behaviour.
Tests ensure that the site name is used for public replies and the username is used for private replies.
2014-06-09 18:26:19 +08:00
Sam Saffron
05ca1e6e46 Added code block normalization routing for import 2014-06-06 10:34:21 +10:00
Régis Hanol
0df666277d BUGFIXES: properly deal with bookmarks and deleted posts
BUGFIX: removing a bookmark from the activity feed was busted for deleted posts
BUGFIX: delete associated user actions when deleting a post
2014-06-04 17:41:11 +02:00
Sam
c6c412fd45 BUGFIX: no reading credit for posts you create 2014-06-04 14:10:54 +10:00
Neil Lalonde
3e16ac62c3 Add register_color_scheme for plugins 2014-06-03 12:37:29 -04:00
Sam
3405253405 FEATURE: rush posting read times for newly read posts
FEATURE: "read" indicator on posts
CHANGE: anon is now assumed to have read everything
2014-06-03 11:48:52 +10:00
Sam
2ad756464e SECURITY: TopicView not correctly restricting to topic 2014-05-29 21:56:26 +10:00
Sam
0bc3525b10 BUGFIX: more robust onebox implementation 2014-05-28 17:15:10 +10:00
Sam Saffron
330ea82ce4 FIX broken spec 2014-05-27 13:52:39 +10:00
Sam
033cbc61bf BUGFIX: broken spec 2014-05-27 10:08:03 +10:00
Sam
504cfcff96 Fix specs for avatars
Implement avatar picker
Correct avatar related jobs
2014-05-27 10:08:03 +10:00
Sam
6c1c8be794 Work in progress, keeping avatars locally
This introduces a new model to store the avatars and 3 uploads per user (gravatar, system and custom)

user can then pick which they want.
2014-05-27 10:08:03 +10:00
Sam
cf254000cf Revert "Revert "BUGFIX: improve error messages for invalid API keys""
This reverts commit e9afe28586.
2014-05-23 08:43:19 +10:00
Neil Lalonde
e9afe28586 Revert "BUGFIX: improve error messages for invalid API keys" 2014-05-22 14:55:36 -04:00
Sam
eeef775f21 BUGFIX: improve error messages for invalid API keys
BUGFIX: don't track last seen for message bus
2014-05-22 09:01:29 +10:00
Neil Lalonde
742841ddce Add Google Oauth2 authenticator. The current Google OpenID authentication has been deprecated by Google and will NOT work for any new websites. 2014-05-21 18:35:10 -04:00
Robin Ward
64355c989e FIX: Don't extract links from empty quotes 2014-05-20 17:20:52 -04:00
Neil Lalonde
27cbc06563 Add fixed_category_positions site setting to handle whether categories are ordered by specified positions or by activity. 2014-05-16 11:33:52 -04:00
Robin Ward
3211c60bbe FEATURE: A new site setting public_user_custom_fields which allows you
to whitelist custom fields that will be exposed to the Ember client
application.
2014-05-14 14:39:01 -04:00
Neil Lalonde
c4d3aa3d47 Theming: a UI to choose some base colors that are applied to all the site css. CSS compiled outside of asset pipeline. 2014-05-14 10:18:12 -04:00
Wojciech Zawistowski
960d64930c Wiki Post 2014-05-13 08:53:11 -04:00
Neil Lalonde
e68e97d986 FIX: moderators can't see private topics that they aren't invited to see. 2014-05-12 15:26:46 -04:00
Sam
a2e2d0e886 Merge pull request #2316 from mutiny/refactor-where-first
Refactor `where(...).first` to `find_by(...)`
2014-05-08 09:10:45 +10:00