Commit Graph

107 Commits

Author SHA1 Message Date
Neil Lalonde
6ca71e1319 FIX: when creating a topic in a category that only allows tags from a tag group, don't allow creation of new tags 2018-03-19 11:42:10 -04:00
Neil Lalonde
58508e553d FIX: tag input should not include tags you've already chosen in the search results 2018-03-13 17:17:16 -04:00
Kyle Zhao
f7bd05e534 FEATURE: set 'Retry-After' header for 429 responses (#5659) 2018-03-13 23:12:41 +08:00
Neil Lalonde
baf1c385eb UX: when a post is blocked due to a watched word, message includes the word being blocked 2018-02-28 11:22:18 -05:00
Sam
38f4acd55a FIX: rate limiter text is confusing, should not say daily
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
2018-02-14 15:29:50 +11:00
Neil Lalonde
76c309fe6b PERF: a faster way to count tags used per category 2018-02-12 15:16:47 -05:00
Robin Ward
569e57f0a9 FIX: Delete the invalid auth cookie even if you hit the rate limit 2018-02-09 19:09:54 -05:00
Sam
49ed382c2a FIX: return 429 when admin api key is limited on admin route
This also handles a general case where exceptions leak out prior to being handled by the application controller
2018-01-12 14:15:26 +11:00
Sam
63bdc4056d More log suppressions for rate limit exceeded 2017-12-11 17:52:57 +11:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Joffrey JAFFEUX
73aa7edb8b
Temporarily skip multisite spec 2017-11-09 15:38:34 -08:00
Sam
86e6732f78 FEATURE: update rails multisite
always allow /srv/status through even if host does not match
2017-11-09 15:40:56 +11:00
Neil Lalonde
c53f41f4f2 FIX: don't flag watched words when rebaking posts 2017-10-12 15:34:22 -04:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Guo Xiang Tan
8779490ce4 Move new controller specs to reqeusts folder. 2017-08-24 12:01:11 +09:00
Guo Xiang Tan
f7d3702454 FIX: Return 404 if API access is invalid. 2017-08-10 18:27:01 +09:00
Guo Xiang Tan
90d7dd1f05 FIX: Ensure that post action moderation post uses the site's default locale.
https://meta.discourse.org/t/a-post-in-looking-for-someone-to-customize-discourse-to-create-a-forum-site-requires-staff-attention/67468/5?u=tgxworld
2017-08-09 18:20:20 +09:00
Guo Xiang Tan
a9613163b5 FEATURE: Force user to enter reason when requesting for group membership. 2017-08-09 15:45:28 +09:00
Guo Xiang Tan
b6ce93a965 Add specs for 1c80c233cf 2017-08-02 20:58:35 +09:00
Guo Xiang Tan
4620dfe92d FEATURE: Add group settngs to allow users to leave a group freely.
https://meta.discourse.org/t/split-join-leave-freely-setting-on-groups/65565
2017-07-28 15:00:25 +09:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde
68b3dd43ce fix intermittent failing tests, some watched word refactoring 2017-07-27 12:27:01 -04:00
Guo Xiang Tan
2442bba131 UX: Better group creation workflow.
* Owners and users can now be added to a group during creation.

https://meta.discourse.org/t/you-cannot-allow-membership-requests-without-any-owners/64760/3
2017-07-27 16:12:42 +09:00
Neil Lalonde
24cb950432 FEATURE: Watched Words: when posts contain words, do one of flag, require approval, censor, or block 2017-07-26 11:01:09 -04:00
Sam Saffron
045a2abcec FEATURE: remove the timecop gem
We should only have one way of mocking time, misuse of timecop
was causing build stability issues
2017-07-24 12:11:10 -04:00
Guo Xiang Tan
1b0750d7ef Merge pull request #4983 from tgxworld/group_owners_can_invite_users_to_groups
Group owners can invite users to groups
2017-07-24 16:21:19 +09:00
Guo Xiang Tan
fa09a02201 Fix specs. 2017-07-24 15:56:08 +09:00
Guo Xiang Tan
2a17f1ccd7 FIX: Group owners should be able to invite users to their groups.
https://meta.discourse.org/t/group-owner-cannot-send-an-invite-to-a-group/60617/12
2017-07-21 23:48:25 +09:00
Leo McArdle
d0b027d88d FEATURE: phase 1 of supporting multiple email addresses 2017-07-20 11:22:27 +09:00
Sam
845170bd6b FEATURE: add support for group visibility level
There are 4 visibility levels

- public (default)
- members only
- staff
- owners

Note, admins and group owners ALWAYS have visibility to groups

Migration treated old "non public" as "members only"
2017-07-03 15:26:57 -04:00
Guo Xiang Tan
b5249fb4ca FIX: Send request membership PM to last 5 active group owner. 2017-06-15 11:37:09 +08:00
Guo Xiang Tan
a5d3abc9b6 FIX: Create group membership request on behalf of user. 2017-06-13 17:49:21 +09:00
Régis Hanol
038454bde2 FIX: always confirm emails when SSO says so 2017-06-08 01:05:33 +02:00
Guo Xiang Tan
2ee144c27f FEATURE: Add DiscourseEvent trigger when a user logs in.
* Also adds a event trigger when user logs in for the first time.
2017-06-01 17:44:49 +09:00
Neil Lalonde
7821400141 FEATURE: staff can set a timer to remind them about a topic 2017-05-16 14:49:50 -04:00
Guo Xiang Tan
8eecd42856 FIX: Delete topic timer after completion. 2017-05-12 10:28:51 +08:00
Neil Lalonde
55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
Guo Xiang Tan
55d3547540 Fix random test failure. 2017-05-09 11:27:05 +08:00
Robin Ward
fc00032ec8 Check for 404 from spec rather than failure 2017-05-08 16:33:43 -04:00
Robin Ward
777f1f0f47 FIX: Return a 404 if the auth session is not present 2017-05-04 15:35:24 -04:00
Sam
4b6c49b13f correct specs 2017-04-14 15:25:34 -04:00
Guo Xiang Tan
c076f7b1aa Fix broken specs. 2017-04-11 10:43:34 +08:00
Guo Xiang Tan
f4758a4c4d FEATURE: Allow admins to schedule a topic to be published in the future. 2017-04-04 11:16:05 +08:00
Guo Xiang Tan
dc5a6e7cda Remove empty test. 2017-04-03 21:12:20 +08:00
Guo Xiang Tan
b6e9871b4b Update Topic#closed client side when closing/opening a topic temporarily. 2017-03-31 15:05:00 +08:00
Guo Xiang Tan
34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Robin Ward
14410b71fb Convert server side paths to use /u/ 2017-03-30 10:23:24 -04:00
Guo Xiang Tan
7cf0f39066 Require Sidekiq::Testing in rails helper. 2017-03-29 11:10:25 +08:00
Guo Xiang Tan
3ef82bb32c SECURITY: CSRF vulnerabilities in Admin::BackupsController. 2017-03-23 10:29:35 +08:00
Guo Xiang Tan
1a7e954e09 FIX: Store custom emojis as uploads.
* Depending on a hardcoded directory was a flawed design
  which made it impossible to debug when custom emojis go
  missing.
2017-03-14 13:07:18 +08:00