github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-12-16 14:05:59 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
11,981 Commits 214 Branches 500 Tags 960 MiB
f5e0cf63f6
Commit Graph

1939 Commits

Author SHA1 Message Date
Robin Ward
f5e0cf63f6 SECURITY: The SSO return_path was an open redirect 
This security fix needs SSO to be configured, and the user has to go
through the entire auth process before being redirected to the wrong host so
it is probably lower priority for most installs.
 2015-01-22 12:33:07 -05:00
Régis Hanol
e0a4a7a9cd FEATURE: don't limit registration from an IP address if a staff member has that IP address 2014-11-21 00:34:31 +01:00
Régis Hanol
c5f9dd4ef3 FEATURE: only limit new registrations from that IP if all the users from that IP are TL1 or TL0 2014-11-17 15:02:10 +01:00
Régis Hanol
7641d88224 FEATURE: new 'maximum new user accounts per registration IP' site setting 2014-11-17 12:04:29 +01:00
Sam
8240a00829 correct spec 2014-11-14 18:10:52 +11:00
Sam
6125b675b6 remove broken spec 2014-11-14 18:03:01 +11:00
Sam
a2ee213100 correct spec 2014-11-13 20:25:49 +11:00
Sam
564fb0b100 FIX: distributed cache leak and potential infinite loop 2014-11-13 18:31:42 +11:00
Régis Hanol
a8a0be0b34 FIX: change the unlisted/invisible topic state only when unhiding the first post 2014-11-12 16:34:30 +01:00
Régis Hanol
a036ac7bdc FIX: users can see the raw email source of their own posts 2014-11-12 14:49:42 +01:00
Sam
5fd0841563 correct broken spec 2014-11-12 10:27:34 +11:00
Sam
c55fa9d5c8 PERF: distributed cache class to help sync caches between processes 2014-11-12 09:44:44 +11:00
Sam
a2ba9a735e Merge pull request #2943 from fantasticfears/slug 
Add stringex for Chinese slug generation
 2014-11-12 08:57:59 +11:00
Erick Guan
667758ff40 Add stringex for Chinese slug generation 2014-11-11 21:12:07 +08:00
Sam
4e85fc9dae PERF: cache all site_text in memory 2014-11-11 16:28:59 +11:00
Godfrey Chan
bddaf8193a HAX: check the message object, not the MessageDelivery object 
See 669bf73 for background. It's probably better to rewrite these test without
using the internal `NullMail` class anyway.
 2014-11-10 01:05:47 -08:00
Godfrey Chan
568ed3beaa HAX: force the lazy MessageDelivery object to create the mailer 
Starting from Rails 4.2, calling MyMailer.some_method no longer result in an
immediate call to MyMailer#some_method. Instead, a "lazy proxy" is returned
(this is changed to support #deliver_later). As a quick hack to fix the test,
calling #message (or anything, really) would force the Mailer object to be
created and the method invoked.
 2014-11-10 01:05:46 -08:00
Godfrey Chan
b1a0cd417d Avoid a deprecation warning by poly-filling #deliver_now and #deliver_now 2014-11-10 01:05:46 -08:00
David McClure
efc4109902 update specs to remove deprecation warnings 2014-11-07 06:05:44 -08:00
Régis Hanol
bb2d538194 FEATURE: log impersonations 2014-11-06 10:58:47 +01:00
Régis Hanol
a5616146eb FIX: remove meta data from lightbox in both excerpt (html & text) 2014-11-05 20:37:00 +01:00
Robin Ward
068d22e9b3 Add API support for querying admin reports by date range 2014-11-05 13:11:37 -05:00
Robin Ward
c9eb809dad FIX: The text to users who signed up when approval was required was 
misleading.
 2014-11-04 15:48:03 -05:00
Régis Hanol
862c8a19a3 FEATURE: use img's title attribute in overlay information when provided 2014-11-03 22:03:06 +01:00
Régis Hanol
bdb78ce76a FEATURE: consider SVG as an image when authorized 2014-11-03 19:54:10 +01:00
Régis Hanol
fd5677808c SPEC: make sure digest doesn't pick any topics in categories that are muted 2014-11-03 16:57:50 +01:00
Régis Hanol
b09ad87098 FIX: add 'show emails' button from moderators in user admin section 2014-11-03 12:46:08 +01:00
Jason W. May
bdc7947cd6 rspec expect...to deprecations 2014-10-31 10:44:26 -07:00
Sam
2251877332 FIX: "Dismiss Posts" corrupting read state 
REFACTOR: seen_post_count was a bad name, renamed to highest_seen_post_number
 2014-10-31 09:40:35 +11:00
Robin Ward
316f1bea04 SECURITY: Don't allow redirects with periods in case you don't control 
other tlds on the same domain.
 2014-10-30 11:31:44 -04:00
Régis Hanol
6e053942a4 FIX: moderators should be able to search users by email 2014-10-29 22:08:41 +01:00
Régis Hanol
7e94f9d6f9 FIX: insert different message when auto-closing a topic based on the last post 2014-10-29 21:26:32 +01:00
Régis Hanol
ada750b384 fixed some more deprecations. 20 to go 2014-10-29 16:06:50 +01:00
Régis Hanol
865194f409 FIX: cannot show email for pending/inactive users 2014-10-29 01:07:27 +01:00
Sam
3a11e5b52e Merge pull request #2921 from techAPJ/patch-1 
FIX: email replies should not be accepted for deleted topics
 2014-10-28 14:11:33 +11:00
Sam
7d6d8bd0a3 FEATURE: admin end point to sync sso /admin/users/sync_sso 
Must be admin to invoke (api is fine too), uses same sso payload nonce is ignored
 2014-10-28 11:25:21 +11:00
Régis Hanol
e7f251c105 LOTS of changes to properly handle post/topic revisions 
FIX: history revision can now properly be hidden
FIX: PostRevision serializer is now entirely dynamic to properly handle
hidden revisions
FIX: default history modal to "side by side" view on mobile
FIX: properly hiden which revision has been hidden
UX: inline category/user/wiki/post_type changes with the revision
details
FEATURE: new '/posts/:post_id/revisions/latest' endpoint to retrieve
latest revision
UX: do not show the hide/show revision button on mobile (no room for
them)
UX: remove CSS transitions on the buttons in the history modal
FIX: PostRevisor now handles all the changes that might create new
revisions
FIX: PostRevision.ensure_consistency! was wrong due to off by 1
mistake...
refactored topic's callbacks for better readability
extracted 'PostRevisionGuardian'
 2014-10-27 22:06:43 +01:00
Arpit Jalan
370f50250b FIX: attachment links in mail lacks protocol 2014-10-28 00:08:51 +05:30
Arpit Jalan
b37d845dd3 FIX: email replies should not be accepted for deleted topics 2014-10-27 13:05:33 +05:30
Sam
1cc37e32b9 FEATURE: add max_reply_history to limit number of replies 
that can be expanded, when clicking "in-reply-to"
 2014-10-27 09:44:42 +11:00
Arpit Jalan
08dc0e6ee6 FIX: email replies to closed topic should not be accepted 2014-10-25 23:47:13 +05:30
cpradio
38d901ac91 FIX: Do not show unconfirmed users in search results 2014-10-24 19:20:41 -04:00
Arpit Jalan
a826840540 Moderators can search users by ip address 2014-10-23 23:30:11 +05:30
Arpit Jalan
1035df46bf FEATURE: search by ip address on admin user list page 2014-10-23 08:02:02 +05:30
Sam
e20e6b4524 PERF: stop using jQuery to sanitize strings 2014-10-22 15:48:18 +11:00
Neil Lalonde
7659d491fd Merge pull request #2897 from techAPJ/patch-1 
FEATURE: show full user name in emails
 2014-10-21 15:47:31 -04:00
Arpit Jalan
8700716fcd separate site setting for showing full name in emails 2014-10-22 00:50:39 +05:30
Arpit Jalan
83068fab94 FEATURE: show full name in emails 2014-10-21 23:34:44 +05:30
Robin Ward
4eb1288dba FIX: Broken spec from @coding-horror 2014-10-20 17:13:45 -04:00
Robin Ward
71f211f0b3 FEATURE: Allow users to select a badge with an image to appear on their 
user card
 2014-10-20 16:35:38 -04:00