Guo Xiang Tan
db41af1c3c
SECURITY: CSRF vulnerabilities in Admin::BackupsController
.
2017-03-23 10:42:21 +08:00
Robin Ward
41307c3d1c
SECURITY: Moderators should not be able to access customizations
2017-01-06 14:42:53 -05:00
Guo Xiang Tan
ad4a96d387
FIX: Only send membership request to the last 5 active group owners.
2017-01-03 15:33:57 +08:00
Guo Xiang Tan
a5fead3857
UX: Redesign group page to follow user page.
2016-12-22 13:08:59 +08:00
Arpit Jalan
563bcfb705
FIX: make upload extension optional in route
2016-12-19 15:06:03 +05:30
Arpit Jalan
ab6843dcde
FIX: username route was broken
2016-12-16 23:56:22 +05:30
Guo Xiang Tan
d8541c589a
FIX: Incorrect route for updating username.
2016-12-17 00:23:12 +08:00
Régis Hanol
197517d55e
FIX: locally uploaded audio & video files should onebox even when the extension is uppercase
2016-12-15 23:21:44 +01:00
Guo Xiang Tan
8bd1ac53f1
FIX: Don't include format in route ids.
2016-12-14 13:57:51 +08:00
Guo Xiang Tan
05f55dbc10
FEATURE: Group logs.
2016-12-12 17:29:54 +08:00
Arpit Jalan
ce974da9e5
FIX: simplify CSV file upload
2016-12-05 14:09:08 +05:30
Sam
39a524aac8
FEATURE: brotli cdn bypass for assets
...
Allow CDNS that strip out brotli encoding to use brotli regardless
2016-12-05 13:57:09 +11:00
Guo Xiang Tan
559918c6c6
PERF: Add endpoint to check if a group can be mentioned by user.
2016-11-26 02:20:46 +08:00
Guo Xiang Tan
5794f1619d
PERF: Fix N+1 queries when loading groups.
2016-11-26 02:20:26 +08:00
Sam
88a46be051
FEATURE: display text excerpts when scrolling on mobile
2016-11-25 11:35:29 +11:00
Guo Xiang Tan
0b28075c00
Revert "REFACTOR: ajax
defaults to json data type for GET requests."
...
This reverts commit af0b6ce53d
.
2016-11-24 16:47:18 +08:00
Guo Xiang Tan
af0b6ce53d
REFACTOR: ajax
defaults to json data type for GET requests.
2016-11-24 16:20:17 +08:00
Neil Lalonde
47aa3d94aa
FEATURE: send digest preview to an email address
2016-11-23 17:51:57 -05:00
Sam
e2c87da42a
FEATURE: Add basic support for Safe Mode
...
In Safe Mode all JS extensions and site customizations are disabled.
To access Safe Mode visit `sitename.org/safe-mode`
2016-11-21 16:46:14 +11:00
Dmitry Demenchuk
6df6b59259
Remove useless routing for ForumsController
2016-10-27 15:25:16 +01:00
Robin Ward
19e2eec219
Allow step 0 to resend the confirmation email
2016-10-21 11:34:19 -04:00
Robin Ward
c03d25f170
FEATURE: Configure Admin Account
...
Adds a "Step 0" to the wizard if the site has no admin accounts where
the user is prompted to finish setting up their admin account from the
list of acceptable email addresses.
Once confirmed, the wizard begins.
2016-10-19 11:27:56 -04:00
Arpit Jalan
12894a4876
FIX: dots in group name was breaking route
2016-10-12 23:36:10 +05:30
Sam
6031e692f0
Merge pull request #4366 from xfalcox/print
...
Print Support
2016-10-11 11:47:20 +11:00
Sam
3e513f5c05
Merge pull request #4459 from vibol/master
...
FEATURE: sparkpost webhook
2016-10-10 17:17:17 +11:00
Blake Erickson
5c131d3e10
Remove route to action that doesn't exist
...
Removed the `post "t"` route from the routes file because the
`topics#create` action doesn't exist in the topics controller. New
topics are created in the posts controller.
2016-10-03 07:17:13 -06:00
Vibol Hou
34af73c7cb
FEATURE: sparkpost webhook
2016-09-26 22:13:34 -07:00
Rafael dos Santos Silva
c12e533273
Feature: Adds a button to print a topic
2016-09-26 20:44:50 -03:00
Robin Ward
c94e6f1b96
Add locale step
2016-09-22 09:52:19 -04:00
Robin Ward
3a4615c205
Wizard: Step 1
2016-09-22 09:48:58 -04:00
Robin Ward
0471ad393c
Scaffold for new Wizard - Rails / Ember / Tests
2016-09-22 09:48:58 -04:00
Robin Ward
6070939daa
Support for other i18n bundles
2016-09-22 09:48:58 -04:00
Guo Xiang Tan
547750e9dd
Unify API keys and web hooks into a single admin nav header.
2016-09-20 05:22:03 +08:00
Erick Guan
00d5facf36
FEATURE: prompts new webhook events
2016-09-19 12:07:17 +08:00
Sam
75f3f7fcbd
FEATURE: clean API method for reading a single notification
2016-09-16 16:14:15 +10:00
Erick Guan
9ce61b4586
FEATURE: Webhooks.
2016-09-05 18:44:00 +08:00
Régis Hanol
e064e6f7a3
FEATURE: new 'categories_and_latest' endpoint
2016-08-29 22:47:44 +02:00
Sam
416e7e0d1e
FEATURE: basic UI to view user api keys
2016-08-16 17:06:52 +10:00
Sam
b7cea24d76
FEATURE: more user API flow, support key creation
2016-08-16 17:06:52 +10:00
Neil Lalonde
3b792054f2
Merge pull request #4387 from gdpelican/feature/tags-intersection
...
FEATURE: Tags intersection page
2016-08-15 16:24:29 -04:00
James Kiesel
037e9bb7b8
Support any number of tag intersections
2016-08-15 15:30:17 -04:00
Sam
fc095acaaa
Feature: User API key support (server side implementation)
...
- Supports throttled read and write
- No support for push yet, but data is captured about intent
2016-08-15 17:59:36 +10:00
James Kiesel
7e73b933c7
First pass
2016-08-12 15:28:46 -04:00
Sam
7e4503dd99
FEATURE: basic info route for all sites, even ones that require login
...
This information is public in meta tags already on home page, providing a
route allows consumers to check it way more cheaply
2016-08-12 17:10:35 +10:00
Sam
afaba56de3
FEATURE: missing API endpoint for topic tracking states
2016-08-12 17:10:35 +10:00
Guo Xiang Tan
0a942dbc73
FEATURE: Avoid creating an archive for database only backups.
2016-08-03 16:23:46 +08:00
Régis Hanol
c4b52b1a19
GET is a more RESTy verb for '/users/:username/emails'
2016-07-27 20:15:28 +02:00
Andre Pereira
8cbd585e20
FEATURE: Allow staff users to merge posts.
2016-07-27 12:04:14 +08:00
Neil Lalonde
11b3b5e30a
FIX: when topic list is filtered by tag and category, subsequent page fetches would ignore the category filter
2016-07-25 16:16:18 -04:00
Sam
8866169879
FEATURE: can invite/revoke groups on private messages
2016-06-20 16:29:27 +10:00