github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 14:19:49 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
30,322 Commits 190 Branches 500 Tags 938 MiB
f6fb079129
Commit Graph

2645 Commits

Author SHA1 Message Date
Bianca Nenciu
34e4d82f1a FEATURE: Report edit conflicts when saving draft. (#6585) 2018-11-14 12:56:25 +01:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
David Taylor
17bc82765b FEATURE: Log password changes in UserHistory (#6600) 2018-11-14 08:32:42 +08:00
Robin Ward
467be59d75 FEATURE: Allow expanded posts to return user custom fields 2018-11-13 12:44:54 -05:00
Sam
80ceb57c76 DEV: add API endpoint to destroy_timings only of last post 
Previously API only allowed you to nuke all timings from a topic,
new API is less punishing and allows you just to remove 1 post.
 2018-11-13 16:07:48 +11:00
Vinoth Kannan
dda1824270 Use hijack in inline onebox controller 2018-11-13 02:39:20 +05:30
David Taylor
d89ffbeffd
FEATURE: Add button to delete unused tags (#6587) 
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
 2018-11-12 16:24:34 +00:00
Bianca Nenciu
5af9a69a3b FIX: Do not check for suspicious login when impersonating. (#6534) 
* FIX: Do not check for suspicious login when impersonating.

* DEV: Add 'impersonate' parameter to log_on_user.
 2018-11-12 15:34:12 +01:00
Joffrey JAFFEUX
9c616e0679
FIX: handles not found reports in bulk loading (#6582) 2018-11-12 13:47:24 +01:00
Gerhard Schlager
7c4d4331bc FEATURE: Better handling of quotation marks in site text search 
It also matches 3 dots with the ellipsis symbol.
 2018-11-12 13:26:41 +01:00
Sam
64d9be726f the protection I placed was in the wrong path moved to /session/sso 
correct previous commit
 2018-11-09 17:18:01 +11:00
Sam
3ae4fcd1f7 Improve redirect avoidance for /sso paths 
e6b3310577 was missing an ege case
where return url included current_hostname
 2018-11-09 17:03:58 +11:00
Sam
e6b3310577 FIX: never redirect back to /sso it will cause a loop 
If for any reason our return url is set to `/sso` bypass using it
for login redirect
 2018-11-09 14:27:36 +11:00
Sam
15991677d4 FIX: ensure we never cache login redirects by mistake 2018-11-09 11:14:35 +11:00
Robin Ward
242a5fc5ef Add DiscourseEvents for when users as unsuspended/unsilenced 2018-11-08 16:33:38 -05:00
Sam
42572ff138 Revert font awesome 5 changes 
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
 2018-11-08 16:12:18 +11:00
Penar Musaraj
09dc922b3b Fix several FontAwesome 5 issues 
add missing icons, update SvgSprite methods (to fix ruby 2.4 issues), update whisper icon in composer, fix alignment issues
 2018-11-07 22:20:53 -05:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557) 
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
 2018-11-07 13:05:43 -05:00
Sam
0a442e319c FIX: correct svg handling for images 
We regressed and optimized images no longer worked with svg

The following adds the correct logic to simply copy file for svgs
and bypasses resizing for svg avatars
 2018-11-07 15:29:26 +11:00
Robin Ward
931c3d165b Revert "FIX: We shouldn't include topics when mobile view is enabled" 
This reverts commit 2feadcdafb.
 2018-11-02 10:29:44 -04:00
Robin Ward
2feadcdafb FIX: We shouldn't include topics when mobile view is enabled 
This setting was set to be the opposite of what we want
 2018-11-01 14:47:06 -04:00
Sam
ceafcbc898 FEATURE: show added date when looking at group members 2018-11-01 15:33:28 +11:00
Sam
aa044623bd FIX: do not create superflous sessions when logged on 
In some SSO implementations we may want to issue SSO pipelines for
already logged on users

In these cases do not re-log-in a user if they are clearly logged on
 2018-11-01 12:54:01 +11:00
Bianca Nenciu
fa0e421af3 FIX: Do not leak information about post revisions. (#6536) 2018-10-31 14:47:00 +00:00
Blake Erickson
589e3fcaa0 FIX: return 400 for missing required params (#6546) 
If a required param is missing return a 400 and show a message
displaying which param was missing. Added this to the application
controller so that we don't have to add this logic to every controller
action.
 2018-10-31 13:02:48 +11:00
Sam
32b1f34910 PERF: avoid DNS lookups when getting IP info 
Also cleans up interface in DiscourseIpInfo
grew cache to 2000 entries
 2018-10-31 12:38:57 +11:00
Bianca Nenciu
e1e392f15b DEV: Use DiscourseIpInfo for all IP queries. (#6482) 
* DEV: Use DiscourseIpInfo for all IP queries.

* UX: Use latitude and longitude for more precision.
 2018-10-30 22:08:57 +00:00
Bianca Nenciu
4b7ab97a01 FIX: Add 'log in via link' to email templates. (#6545) 2018-10-30 19:15:05 +00:00
Vinoth Kannan
92bf3c667e FIX: Flash authentication data not rendered in latest iOS safari browser 2018-10-30 04:00:36 +05:30
Rafael dos Santos Silva
84f858fc23 FIX: Remove orientation from the webmanifest 
We don't really care about orientation, so let the user OS handle it.
 2018-10-26 13:48:14 -03:00
Rafael dos Santos Silva
2450f178ca FEATURE: Allow admins to control PWA display mode per user agent 2018-10-26 13:47:22 -03:00
Joffrey JAFFEUX
8e274f7296 UX: bumps the user-api-key version to 3 (#6526) 
* UX: bumps the user-api-key version to 3

* fix spec
 2018-10-25 09:46:34 +00:00
Bianca Nenciu
6a3767cde7 FEATURE: Warn users via email about suspicious logins. (#6520) 
* FEATURE: Warn users via email about suspicious logins.

* DEV: Move suspicious login check to a job.
 2018-10-25 09:45:31 +00:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy (#6514) 
do not register new MIME type, parse raw body instead
 2018-10-22 13:22:23 -04:00
Régis Hanol
3e232412e3 UX: show error when hitting the rate limit on password reset 2018-10-22 19:00:30 +02:00
David Taylor
3377f26eba FIX: Clean tag before searching for matches 2018-10-22 11:09:06 +01:00
Kyle Zhao
dca830cb73 Revert "FEATURE: [Experimental] Content Security Policy (#6504)" 
This reverts commit fb8231077a.
 2018-10-19 11:53:29 -04:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy (#6504) 2018-10-19 10:39:22 -04:00
David Taylor
7166d7de9a
FIX: Prevent duplicate tags in tag-choosers (#6512) 
* FIX: Prevent duplicate tags in tag-choosers

This reverts 5685b45, which fixes the duplicate tags problem.
The fix introduced by 5685b45 is re-implemented on the server.
 2018-10-19 13:44:43 +01:00
Blake Erickson
93485facaf FIX: lowercase username for add/rem group members 
This fix searches for users based on the downcased username so that if
you pass in usernames to add/remove from a group and you don't have the
casing just right it will still find the correct users.

I updated the tests to add a username that has a mix of upper and
lowercase letters to verify this functionality.
 2018-10-18 13:17:24 -06:00
Bianca Nenciu
f60b10d090 UX: Warn users if the post that's currently edited has changed. (#6498) 2018-10-17 15:35:32 +02:00
Arpit Jalan
42c405a820 FIX: use topic summary for meta description if topic excerpt is blank 2018-10-17 14:13:30 +05:30
Kyle Zhao
99d1ded3b3
rename route /javascripts to /theme-javascripts (#6495) 2018-10-15 11:32:52 -04:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV (#6484) 2018-10-15 09:12:54 +01:00
Maja Komel
27e732a58d FEATURE: allow multiple secrets for Discourse SSO provider 
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.

This allows for better auditing of the SSO provider feature
 2018-10-15 16:03:53 +11:00
Kyle Zhao
6acdea37c4 DEV: extract inline js when baking theme fields (#6447) 
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields

This work is needed to support CSP work
 2018-10-15 15:55:23 +11:00
Guo Xiang Tan
aa60936115 DEV: Add order to avoid randomly failing test. 2018-10-15 11:42:45 +08:00
Guo Xiang Tan
84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3. 
This reverts commit 3c59106bac.
 2018-10-15 09:43:31 +08:00
Sam
a1c912b630 Return 400 instead of 404 for bad token 2018-10-12 10:51:41 +11:00
Bianca Nenciu
048cdfbcfa FIX: Do not allow revoking the token of current session. (#6472) 
* FIX: Do not allow revoking the token of current session.

* DEV: Add getter of current auth_token from Guardian.
 2018-10-12 10:40:48 +11:00