Commit Graph

1910 Commits

Author SHA1 Message Date
Jeff Atwood
6fae1cee34 better help for typographer setting 2018-04-25 12:46:45 -07:00
Arpit Jalan
4f55fbfefa FEATURE: include report title in PM subject and filename 2018-04-24 22:25:54 +05:30
Robin Ward
fd14ee4797 FEATURE: Allow safe mode to be disabled 2018-04-24 11:03:33 -04:00
Neil Lalonde
70f2c5d3fd FEATURE: move staff tags setting to tag group settings 2018-04-20 15:34:23 -04:00
Joffrey JAFFEUX
0e414d0890
dashboard next: trending search report
This commit also improves how data is loaded sync and async
2018-04-19 18:19:21 +02:00
Joffrey JAFFEUX
01c061d20d
dashboard next: perf and UI tweaks
* cache CORE reports
* adds backups/uploads section
* few css tweaks
2018-04-18 21:30:41 +02:00
Arpit Jalan
8d1e8fa712 SECURITY: do not show private topic title on /unsubscribed page 2018-04-16 20:05:31 +05:30
Joffrey JAFFEUX
06b6c805d5
dashboard next: adds report for user types 2018-04-16 13:03:43 +02:00
Arpit Jalan
a1ef455c78 SECURITY: do not show private topic title on /unsubscribed page 2018-04-16 10:35:57 +05:30
Jeff Atwood
3d5a55b55b update copy for post hidden twice 2018-04-11 18:28:19 -07:00
Arpit Jalan
9ca6ebe8fe FEATURE: enforce tagging on categories 2018-04-11 07:15:24 +05:30
Sam
afaeb20f27 FEATURE: Add option to have sso synchronize group membership
In some cases add_groups and remove_groups is too much work, some sites
may wish to simply synchronize group membership based on a list.

When sso_overrides_groups is on all not automatic group membership is
sourced from SSO. Note if you omit to specify groups, they will be cleared
out.
2018-04-10 13:17:23 +10:00
Sam
6995382323 update copy 2018-04-10 09:51:29 +10:00
Sam
c081130601 remove uneeded words 2018-04-09 17:28:25 +10:00
Guo Xiang Tan
c82b2dcc24 Remove admin group management pages. 2018-04-09 15:14:50 +08:00
jose-hms
b87205831b FEATURE: Staged user moderation (#5721) 2018-04-06 11:41:25 +02:00
Sam
3a7b696703 FEATURE: allow for setting crawl delay per user agent
Also moved to default crawl delay bing so no more than a req every 5 seconds is allowed

New site settings:

"slow_down_crawler_user_agents" - list of crawlers that will be slowed down
"slow_down_crawler_rate" - how many seconds to wait between requests

Not enforced server side yet
2018-04-06 10:15:23 +10:00
Gerhard Schlager
cd6a99a027 FEATURE: Send a different PM when a post has been hidden more than once 2018-04-05 14:03:21 +02:00
Jeff Atwood
e591f08495 remove "for today" text from rate limit copy 2018-03-29 15:00:42 -07:00
Neil Lalonde
7311023a52
Merge pull request #5700 from discourse/crawl-block
FEATURE: control web crawlers access with white/blacklist
2018-03-27 15:06:03 -04:00
Arpit Jalan
518f7ba91b FIX: show private message topic count on admin dashboard reports 2018-03-27 17:10:33 +05:30
Guo Xiang Tan
35745166b5 UX: New group membership management workflow.
https://meta.discourse.org/t/adding-owners-members-ux-is-inconsistent-and-misleading/58084
2018-03-26 16:15:02 +08:00
Jeff Atwood
90af1659ff very minor copyedits on 2fa 2018-03-22 17:17:47 -07:00
Jeff Atwood
1d3a142f35 minor copyedits 2018-03-22 15:27:07 -07:00
Neil Lalonde
ced7e9a691 FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-22 15:41:02 -04:00
Jeff Atwood
448f4afa68 copyedits on login via email link 2018-03-22 04:19:34 -07:00
Jeff Atwood
096c3a0bf8 copyedits on 2 factor auth 2018-03-22 03:39:06 -07:00
Robin Ward
b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Neil Lalonde
4d44024c82 FIX: error when trying to block an IP address. Return a message when IP address matches an existing screened IP address, including ranges. 2018-03-19 14:34:43 -04:00
Régis Hanol
9de134caa0
Better copy for redirect_warning' 2018-03-19 16:02:07 +01:00
Régis Hanol
89f5c90ce0 FIX: show an error page on click tracking error 2018-03-17 00:33:11 +01:00
AhmadFCheema
d75eb23231 Fix typos in server.en.yml (#5668)
* Fix typos in server.en.yml

* Minor typo correction

Emoji = Emojis
2018-03-12 20:21:04 +08:00
Arpit Jalan
12706c4b29 FEATURE: support markdown rendering for embedded posts 2018-03-11 08:00:48 +05:30
Sam
7c0e6b820e move key so it does not interfere with other errors 2018-03-09 16:42:11 +11:00
Sam
39e679d3cb FEATURE: allow themes to live in private git repos
This feature allows themes sourced from git to live on private
servers, it automatically generates key pairs.
2018-03-09 16:14:38 +11:00
Sam
5b6e49ae1d FEATURE: split out max diff to 2 settings
We trust staff + tl2 and up to perform edits in grace period.
Allow them significantly more edit room in grace period prior to storing
a revision.

editing_grace_period_max_diff_high_trust applies to users with tl2 and up.

So

tl0 / 1 : we store an extra revision if more than 100 chars change
tl2 and up : we store an extra revision if more than 400 chars change

We may tweak these numbers as we go.
2018-03-09 11:58:50 +11:00
Sam
e162cd16b6 FEATURE: editing_grace_period_max_diff to force revisions in grace period
If a user performs a substantive edit of 20 chars or more during grace period
we will store a revision to track the change

This allows for better auditing of changes that happen during the grace period
2018-03-07 18:34:34 +11:00
AhmadFCheema
95dd5e30c1 Fix minor typo in server.en.yml (#5649) 2018-03-05 17:27:51 -05:00
Robin Ward
0f66a99eb2 Setting to prevent logging details when anonymizing 2018-03-05 14:38:18 -05:00
OsamaSayegh
282f53f0cd FEATURE: Theme settings (2) (#5611)
Allows theme authors to specify custom theme settings for the theme. 

Centralizes the theme/site settings into a single construct
2018-03-04 19:04:23 -05:00
Sam
e7f83358aa SECURITY: ensure users have permission when moving categories 2018-03-02 12:13:53 +11:00
Sam
75172024ca SECURITY: ensure users have permission when moving categories 2018-03-02 12:13:27 +11:00
Neil Lalonde
baf1c385eb UX: when a post is blocked due to a watched word, message includes the word being blocked 2018-02-28 11:22:18 -05:00
Joshua Rosenfeld
48aea2a9fc
backup_frequency copy edit 2018-02-27 15:41:37 -05:00
Neil Lalonde
3313072957 Remove censored_pattern site setting, which is replaced by watched words 2018-02-26 16:29:27 -05:00
Guo Xiang Tan
2e2da3a6e2 Update copy for 2FA. 2018-02-23 10:36:48 +08:00
Robin Ward
69af881f7f New site setting trusted_users_can_edit_others
The default is true to keep with previous discourse behavior. If
disabled, high trust level users cannot edit the topics or posts of
other users.
2018-02-22 20:39:24 -05:00
Guo Xiang Tan
24d0a7a4c7 Take 2 on f74d6bb605.
New options are left out by default when not configured so that an
incorrect default configuration doesn't blow up google oauth for
everyone.
2018-02-23 07:53:01 +08:00
Guo Xiang Tan
dd26bbe868
Merge pull request #5610 from discourse/pm-tags
FEATURE: Allow staffs to tag PMs
2018-02-23 07:07:41 +08:00
Guo Xiang Tan
ef1b82a226 Add missing site setting description. 2018-02-22 13:52:36 +08:00
Vinoth Kannan
84867c1c07 Rename site setting to allow_staff_to_tag_pms from allow_staff_to_tag_in_pm 2018-02-22 06:48:34 +05:30
Joshua Rosenfeld
3ec8b38796
A few more 'private message' strings to update
Follow up from a08832bd08
2018-02-21 15:28:26 -05:00
Vinoth Kannan
2b509eaa91
Merge branch 'master' into pm-tags 2018-02-21 23:55:59 +05:30
Joshua Rosenfeld
23f7c3607c
Update Twitter login site setting description text 2018-02-21 13:07:33 -05:00
Vinoth Kannan
84ce1acfef FEATURE: Allow staffs to tag PMs 2018-02-21 20:11:46 +05:30
Guo Xiang Tan
14f3594f9f Review Changes for f4f8a293e7. 2018-02-21 14:55:49 +08:00
Jeff Wong
f4f8a293e7 FEATURE: Implement 2factor login TOTP
implemented review items.

Blocking previous codes - valid 2-factor auth tokens can only be authenticated once/30 seconds.
I played with updating the “last used” any time the token was attempted but that seemed to be overkill, and frustrating as to why a token would fail.
Translatable texts.
Move second factor logic to a helper class.
Move second factor specific controller endpoints to its own controller.
Move serialization logic for 2-factor details in admin user views.
Add a login ember component for de-duplication
Fix up code formatting
Change verbiage of google authenticator

add controller tests:
second factor controller tests
change email tests
change password tests
admin login tests

add qunit tests - password reset, preferences

fix: check for 2factor on change email controller
fix: email controller - only show second factor errors on attempt
fix: check against 'true' to enable second factor.

Add modal for explaining what 2fa with links to Google Authenticator/FreeOTP

add two factor to email signin link

rate limit if second factor token present

add rate limiter test for second factor attempts
2018-02-21 09:04:07 +08:00
Robin Ward
3ea272f4f1 New setting: minimum trust level to embed images in a post 2018-02-20 20:00:06 -05:00
Arpit Jalan
c419c26f56 FEATURE: new site setting 'max_emojis_in_title' 2018-02-19 18:15:26 +05:30
OsamaSayegh
f3815cd785 FEATURE: New site setting for additional allowed filetypes for staff (#5364)
* FEATURE: New site setting for additional allowed filetypes for staff

* Problematic variable name

* feedback

* small issues

* fix indentation

* failing tests

* Remove message bus and fix minor issues

* Missed this message bus
2018-02-19 10:44:24 +01:00
Leo McArdle
5d9d0fcb4f FEATURE: add setting which adds group name to PM email subject (#5475) 2018-02-19 10:20:17 +01:00
SidV
790c5facc9 Mailgun typo (#5593)
mailgun = Mailgun
2018-02-16 01:35:37 -05:00
Sam
38f4acd55a FIX: rate limiter text is confusing, should not say daily
Also, adds easily parseable JSON so users can figure out
how long to wait when the API is limited. ("extras" "wait_seconds")
2018-02-14 15:29:50 +11:00
Erick Guan
03b3e57a44 FEATURE: login by a link from email
Co-authored-by: tgxworld <tgx@discourse.org>
2018-02-13 16:14:39 +08:00
Robin Ward
4dfe659189 Rename allow staff flags to allow flagging staff 2018-02-12 15:27:26 -05:00
Robin Ward
6287631745 FEATURE: New site setting, allow staff flags, false by default
For some large communities, it makes sense to disable flagging of
staff posts.
2018-02-12 14:56:21 -05:00
AhmadF.Cheema
e48ae647f9 Fix typo in server.en.yml 2018-02-11 21:17:22 +01:00
scossar
dab0ec1d66 Add translation key/value for target_user_not_found error message 2018-02-07 11:35:17 +01:00
Robin Ward
1bab15c757 FEATURE: A site setting for a minimum TL to post links 2018-02-06 18:07:58 -05:00
Robin Ward
b2b6dc68a6 FEATURE: a setting to customize the minimum TL to flag a post 2018-02-06 17:12:27 -05:00
Robin Ward
96710754d9
Merge pull request #5540 from discourse/mixed-text-direction-support
FEATURE: Mixed text direction support
2018-02-01 07:29:15 -08:00
Joshua Rosenfeld
f85055d653 FIX: Remove activation link from account approved email (#5548) 2018-02-01 14:59:37 +01:00
Arpit Jalan
a08832bd08 rename 'private messages' to 'personal messages' in locale 2018-02-01 19:25:14 +05:30
Arpit Jalan
f88b8a8945 rename 'default_email_private_messages' to 'default_email_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
6be536ca50 rename 'max_private_messages_per_day' to 'max_personal_messages_per_day' 2018-02-01 13:25:29 +05:30
Arpit Jalan
7cda3a37af rename 'private_email_time_window_seconds' to 'personal_email_time_window_seconds' 2018-02-01 13:25:29 +05:30
Arpit Jalan
7e48c47d37 rename 'enable_private_email_messages' to 'enable_personal_email_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
ff0376a80b rename 'enable_private_messages' to 'enable_personal_messages' 2018-02-01 13:25:29 +05:30
Arpit Jalan
25ec077eca rename 'min_private_message_{post/title}_length' to 'min_personal_message_{post/title}_length' 2018-02-01 13:25:29 +05:30
Sam
ee0d3f15c1 FEATURE: allow better fidelity for auto linkify, disable most tlds based linkify
New site settings:

enable_markdown_linkify: which is default on, auto links https:// and http:// and mail://

markdown_linkify_tlds: which allows control of what tlds get autolinked for cases such as www.site.com, default is com|net|gov
2018-02-01 13:22:38 +11:00
Régis Hanol
c6fac68ccd FIX: don't blow up on badly encoding incoming email body 2018-01-30 23:47:58 +01:00
Maja Komel
018cb7f36b add a custom user onebox (#5542)
* add custom user onebox

* add specs
2018-01-30 11:03:08 +01:00
Arpit Jalan
1f6adbea5c FEATURE: log private message views 2018-01-29 08:08:08 +05:30
scossar
caa38aaaad Add support for mixed text directions 2018-01-28 18:33:55 -08:00
Robin Ward
44e2038b53 Setting to automatically lock posts when edited by staff 2018-01-26 14:01:30 -05:00
Arpit Jalan
7b4e6d508b improve reviving_old_topic education message 2018-01-26 00:06:53 +05:30
Gerhard Schlager
ba6cd83e3a ISO 639-1 codes aren't used in the UI anymore 2018-01-25 14:57:41 +01:00
Sam
3492a91056 FEATURE: allow site operators to disable emoji shortcuts 2018-01-24 12:21:44 +11:00
Robin Ward
782d75069e FIX: UX improvements for system messages when PMs are disabled 2018-01-23 13:12:11 -05:00
Régis Hanol
f74ac826c5 slightly more meaningful error message 2018-01-22 12:20:53 +01:00
Matt Palmer
133acfc805 UX: Improve description of s3_use_iam_profile
https://meta.discourse.org/t/s3-uploads-iam-user-backups-questions/78484
2018-01-20 20:19:59 +11:00
Joshua Rosenfeld
8a3c9ee3c5
FIX: notify_about_queued_posts_after copyedit
notify_about_queued_posts_after does not email contact_email anymore, notification is instead a group message to the moderators group.
2018-01-19 17:45:02 -05:00
Marcus Baw
604c189440 remove superfluous 'the' from translation file (#5508)
Original text 'Use the HTML instead of the text for incoming email.' sounds odd for native English speakers. 
I propose the slight modification 'Use HTML instead of text for incoming email.'
2018-01-17 16:52:41 +11:00
Neil Lalonde
4d50feb6bd FEATURE: add setting to display tags by tag groups 2018-01-12 11:03:02 -05:00
Sam
49ed382c2a FIX: return 429 when admin api key is limited on admin route
This also handles a general case where exceptions leak out prior to being handled by the application controller
2018-01-12 14:15:26 +11:00
Jeff Atwood
dcbaf2f213 copyedit: personal, not private, message throughout 2018-01-11 16:04:14 -08:00
Robin Ward
ee76636b76 FIX: Typo 2018-01-11 15:48:54 -05:00
Vinoth Kannan
b96ae14261 FEATURE: Display force_https warning in admin problems dashboard 2018-01-11 12:16:10 +05:30
Guo Xiang Tan
e90187cbf7
Merge pull request #5469 from tgxworld/add_guard_to_prevent_primary_email_from_being_reassigned
FIX: Add guard to prevent a primary `UserEmail` from being reassigned.
2018-01-09 13:35:08 +08:00
Arpit Jalan
fc68e3d223 📅 2018! 2018-01-05 10:09:52 +05:30
Guo Xiang Tan
8a3bbcb19a FIX: Add guard to prevent a primary UserEmail from being reassigned. 2018-01-04 19:40:50 +08:00
Neil Lalonde
f83a39f8ba Merge master 2018-01-03 16:49:06 -05:00
Arpit Jalan
222fab1435 Update default ToS 2018-01-02 11:26:22 +05:30
Régis Hanol
f5e170c6b5 FIX: catch all server-side error when uploading a file
UX: always show a message to the user whenever an error happens on the server when uploading a file
2017-12-27 16:33:25 +01:00
Arpit Jalan
0514ac4ee2 FIX: verify presence of 'sso url' before enabling 'enable sso' 2017-12-23 13:30:49 +05:30
Jeff Atwood
3bc53f2946 very minor copyedit 2017-12-21 18:37:14 -08:00
Jeff Atwood
2a8da9a9cb minor copyedit on google id conflict message 2017-12-21 18:36:02 -08:00
Jeff Atwood
cedfd6b68c
Merge pull request #5449 from Supermathie/google_fix
FIX: google oauth flow should automatically update the google account used for login when appropriate
2017-12-21 17:46:43 -08:00
Robin Ward
69a90f31fb FEATURE: Allow Forums to disable the Backups feature 2017-12-21 15:22:04 -05:00
Joshua Rosenfeld
5a9c1c13ee
minor copyedit to username_change_period 2017-12-20 18:20:22 -05:00
Michael Brown
105cf61ed9 Implements https://meta.discourse.org/t/issue-user-changed-google-account-and-cant-connect-thru-his-profile/35028/18?u=supermathie 2017-12-20 17:59:36 -05:00
Arpit Jalan
eab66065d1 FEATURE: search log term details page (#5445) 2017-12-20 13:41:31 +11:00
Sam
f5b3652d97 HTML paste is experimental 2017-12-15 12:29:39 +11:00
Arpit Jalan
f15270a0df FIX: do not onebox flagged post link 2017-12-14 22:36:32 +05:30
Vinoth Kannan
98d19616dd FIX: translation for site setting enable_rich_text_paste 2017-12-12 14:45:19 +05:30
Arpit Jalan
6acf0693a5 make crawler_user_agents a hidden setting 2017-12-11 11:10:15 +05:30
Sam
68d3c2c74f FEATURE: add global rate limiter for admin api 60 per minute
Also move configuration of admin and user api rate limiting into global
settings. This is not intended to be configurable per site
2017-12-11 11:07:22 +11:00
Vinoth Kannan
fdef4e58f0 Skip markdown table conversion from rich text feature flag setting 2017-12-08 18:30:38 +05:30
Vinoth Kannan
b9c0488687 New site setting to enable or disable rich text pasting 2017-12-08 14:09:39 +05:30
Joffrey JAFFEUX
fd99e1ef56 FEATURE: site setting enable_mentions to turn on/off mentions 2017-12-07 16:27:58 -05:00
Arpit Jalan
5003f07b2c FEATURE: new site setting show_inactive_accounts 2017-12-07 19:22:41 +05:30
Gerhard Schlager
eda30c4cf2 FIX: spam posts get blocked, not silenced 2017-12-07 11:16:43 +01:00
Arpit Jalan
0e0794dff9 FIX: correct use of invitee vs inviter in email templates 2017-12-04 14:09:48 +05:30
Jeff Atwood
cf2ff76d09 FEATURE: link to meta release notes tag in version release email text 2017-12-01 12:55:03 -08:00
Régis Hanol
bf1a1764ce
FIX: translation for "destroy_reasons.same_ip_address"
Take 2
2017-12-01 18:46:12 +01:00
Régis Hanol
2366cdaefe
FIX: translation for "destroy_reasons.same_ip_address" 2017-12-01 17:38:33 +01:00
Guo Xiang Tan
1c2d1682ae
Merge pull request #5328 from tgxworld/reenable_interpolation_keys_check
FIX: Re-enable invalid interpolation keys check and allow default key…
2017-11-30 13:04:54 +08:00
Guo Xiang Tan
1d8b834301
Merge pull request #5369 from vinothkannans/queued
FIX: Error if queued post not found while updating
2017-11-28 17:51:05 +08:00
Robin Ward
77f90876d3 REFACTOR: Track manual locked user levels separately from groups 2017-11-27 11:23:44 -05:00
Vinoth Kannan
31aa21b5a4 FIX: Error if queued post not found while updating 2017-11-27 19:25:51 +05:30
Guo Xiang Tan
5805979e88 FIX: Re-enable invalid interpolation keys check and allow default keys to be left out of translation overrides.
https://meta.discourse.org/t/bulk-invite-from-file-resets-the-invite-forum-mailer-customized-text/67606/16
2017-11-27 11:00:08 +08:00
Robin Ward
e0dc4ea4fc FIX: Missing i18n key 2017-11-23 13:28:06 -05:00
Régis Hanol
4addc5e329 Add missing contexts when destroying users 2017-11-22 15:43:54 +01:00
Neil Lalonde
66e53f449a UX: Auth complete page/modal has a link to continue to the site to accomodate auth methods that can't automatically redirect to Discourse 2017-11-21 13:56:19 -05:00
Vinoth Kannan
7b494a65c9 NEW: large image placeholder added in cooked html (#5291) 2017-11-15 11:30:47 +01:00
Robin Ward
971e302ff2 FEATURE: Support an end date for user silencing 2017-11-14 13:20:19 -05:00
Joshua Rosenfeld
4dc29e5f9e
Missed a spot renaming block to silence 2017-11-13 15:35:52 -05:00
Sam
dfe9f70747 UX: warn that something must be selected with safe mode 2017-11-13 15:59:51 +11:00
Robin Ward
1f14350220 Rename "Blocked" to "Silenced" 2017-11-10 14:10:27 -05:00
Guo Xiang Tan
6090994cdf FEATURE: Retain the latest 30 days of WebHookEvent records by default. 2017-11-08 14:11:01 +08:00
Sam
56412adad5 FEATURE: custom setting for large square site icon
This icon is used for android splash screen
2017-11-03 16:19:31 +11:00
Neil Lalonde
7dc3671490 FEATURE: remove obsolete settings ga_tracking_code and ga_domain_name. Use ga_universal_tracking_code and ga_universal_domain_name instead. 2017-11-01 11:41:51 -04:00
Rafael dos Santos Silva
32b3847d52 FIX: Update mobile logo resolution
This makes Discourse compliant with latest Google PWA requirements,
so we get the App Install banner back.

Should bump our Lighthouse PWA Audit score to 11/11.
2017-11-01 01:51:51 -02:00
Neil Lalonde
ca8922e6f8 UX: Autobiographer badge description should link to profile preferences 2017-10-31 16:02:32 -04:00
Neil Lalonde
d753adab84 FIX: badge description links broken on subfolder 2017-10-31 15:18:52 -04:00
Penar Musaraj
bd1616d3d9 Add offline route and service worker to fix Android app install banner (#5217)
* set up static offline.html route and service worker for Android Web App Banner

* add viewport meta tag to offline view for android app banner

* add i18n support for offline.html pages, cleanup

* fix html syntax, add page title, remove license for service-worker.js
2017-10-31 10:46:48 +11:00
Neil Lalonde
a5afc08363 FIX: html links in text part of summary email 2017-10-30 15:43:01 -04:00
Guo Xiang Tan
0abc5f90cd FIX: Broken link in new user of the month post. 2017-10-30 13:11:29 +08:00
Guo Xiang Tan
ddd07773da FIX: Don't hardcode the path into translations. 2017-10-30 12:47:34 +08:00
Arpit Jalan
33f0d80ed5 UX: better title on search page 2017-10-27 09:13:04 +05:30