Commit Graph

67 Commits

Author SHA1 Message Date
Martin Brennan
a896a69c50
SECURITY: Limit user profile field length (#18304)
Adds limits to location and website fields at model and DB level to
match the bio_raw field limits. A limit cannot be added at the DB level
for bio_raw because it is a postgres text field.

The migration here uses version `6.1` instead of `7.0` since `stable`
is not on that version of rails yet, otherwise this is the same as `beta`
apart from also removing the new tests which caused too many conflicts.

Co-authored-by: Alan Guo Xiang Tan gxtan1990@gmail.com
2022-09-21 13:49:25 +10:00
Bianca Nenciu
1c3c0f04d9
FEATURE: Pull hotlinked images in user bios (#14726) 2021-10-29 17:58:05 +03:00
Dan Ungureanu
da2889a7a8
DEV: Add more verbose logging for image uploads (#13270)
Image optimization fails randomly (very rare) without a trace and it is
near impossible to find culprit image, reproduce the issue and attempt
to fix.
2021-06-04 15:13:58 +03:00
Krzysztof Kotlarek
e0d9232259
FIX: use allowlist and blocklist terminology (#10209)
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
Gerhard Schlager
ea11ad4d99 DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
Jarek Radosz
531016f99b
DEV: Add missing indexes to user_profiles (#8691)
* DEV: Update model annotations
* DEV: Add missing indexes to user_profiles

The columns were changed in 24347ace10 (diff-baa5914c0c7cddf3c8b5cd9139e0d091)
2020-01-09 17:08:55 +01:00
Martin Brennan
473e39f4a4 DEV: model annotations 2019-12-30 16:13:27 +10:00
Mark VanLandingham
14cb386f1e
FEATURE: Featured topic for user profile & card (#8461) 2019-12-09 11:15:47 -08:00
Daniel Waterworth
7886a3e58a DEV: Update annotations 2019-11-19 10:21:06 +00:00
Martin Brennan
56d3e29a69
FIX: Badge and user title interaction fixes (#8282)
* Fix user title logic when badge name customized
* Fix an issue where a user's title was not considered a badge granted title when the user used a badge for their title and the badge name was customized. this affected the effectiveness of revoke_ungranted_titles! which only operates on badge_granted_titles.
* When a user's title is set now it is considered a badge_granted_title if the badge name OR the badge custom name from TranslationOverride is the same as the title
* When a user's badge is revoked we now also revoke their title if the user's title matches the badge name OR the badge custom name from TranslationOverride
* Add a user history log when the title is revoked to remove confusion about why titles are revoked
* Add granted_title_badge_id to user_profile, now when we set badge_granted_title on a user profile when updating a user's title based on a badge, we also remember which badge matched the title
* When badge name (or custom text) changes update titles of users in a background job
* When the name of a badge changes, or in the case of system badges when their custom translation text changes, then we need to update the title of all corresponding users who have a badge_granted_title and matching granted_title_badge_id. In the case of system badges we need to first get the proper badge ID based on the translation key e.g. badges.regular.name
* Add migration to backfill all granted_title_badge_ids for both normal badge name titles and titles using custom badge text.
2019-11-08 15:34:24 +10:00
Krzysztof Kotlarek
427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
Bianca Nenciu
227c45107d FEATURE: Implement Onebox for posts including polls. (#7539) 2019-05-29 17:05:52 +02:00
Guo Xiang Tan
fd0eff6ce3 Revert "FIX: Add missing unique index on user_id for user_profiles."
Oops `user_id` is the primary key.

This reverts commit 5478aa63ab.
2019-05-24 12:58:36 +08:00
Guo Xiang Tan
5478aa63ab FIX: Add missing unique index on user_id for user_profiles. 2019-05-24 12:11:49 +08:00
David Taylor
750c125707 DEV: Include foreign keys in model annotations 2019-05-13 15:53:42 +01:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam Saffron
3dc4ab905c DEV: annotate models
(also looks like renaming of bigint(8) -> bigint in annotate
which seems fine)
2019-05-03 08:34:12 +10:00
Guo Xiang Tan
24347ace10 FIX: Properly associate user_profiles background urls via upload id.
`Upload#url` is more likely and can change from time to time. When it
does changes, we don't want to have to look through multiple tables to
ensure that the URLs are all up to date. Instead, we simply associate
uploads properly to `UserProfile` so that it does not have to replicate
the URLs in the table.
2019-05-02 14:58:24 +08:00
Saurabh Patel
a901527057 DEV: remove user_profile events added for akismet (#7044) 2019-03-12 17:51:09 +01:00
Saurabh Patel
ed6f4dfc40 FEATURE: trigger user profile create and update event (#6958)
Adds `user_profile_created` DiscourseEvent on profile creation and `user_profile_updated` on profile update
2019-02-14 15:45:12 +11:00
Gerhard Schlager
e9ec5238fc DEV: Remove ignored columns 2019-02-08 12:12:38 +01:00
Robin Ward
95f263995d FIX: Previous annotations were broken 2019-01-11 14:30:19 -05:00
Robin Ward
a3839495e0 Update annotations 2019-01-11 12:19:43 -05:00
Régis Hanol
de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Arpit Jalan
33899664ce FIX: handle bad user profile website 2018-05-17 13:21:24 +05:30
Misaka 0x4e21
ff6be3c2e3 FEATURE: add profile_background fields into SSO (#5701)
Add profile_background and card_background fields into Discourse SSO.
2018-05-07 10:03:26 +02:00
Neil Lalonde
bd77795d7a REFACTOR: move support for user card badge images to a plugin discourse-user-card-badges 2018-04-26 13:25:24 -04:00
Guo Xiang Tan
226ace1643 Update annotations. 2018-02-20 14:28:58 +08:00
Guo Xiang Tan
6ecf37c482 Improve URL validation to check for a valid host.
Parsing a URL with `URI` is not sufficient as the following cases
are considered valid:

URI.parse("http://https://google.com")
=> #<URI::HTTP http://https//google.com>
2017-12-21 13:50:15 +08:00
Arpit Jalan
daeb7694bc update annotations 2017-12-05 21:03:20 +05:30
Régis Hanol
e43799134c fix the regexp used to valide user's website 2017-08-02 10:19:24 +02:00
Benjamin Elijah Griffin
d471ad08c6 Website RE validator without a 10 char limit on TLD. 2017-08-01 23:37:28 -07:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Robin Ward
ed4b2b6d8d FIX: Don't incluide a trailing <br> in the bio excerpt 2017-05-18 16:40:07 -04:00
Arpit Jalan
8dea70d354 Revert "FIX: User website allows new TLDs" 2017-04-18 13:18:51 +05:30
Rafael dos Santos Silva
4289dbe3e5 FIX: User website allows new TLDs 2017-04-18 00:30:37 -03:00
Arpit Jalan
d72cbcb2a4 FEATURE: new setting to validate user website 2016-12-26 21:29:27 +05:30
Guo Xiang Tan
f812415c52 Update annotations. 2016-11-24 10:13:03 +08:00
Robin Ward
1f5325e3f0 FIX: Only validate uploaded URLs if they change 2016-09-08 12:06:18 -04:00
Robin Ward
2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Arpit Jalan
58ceecd47b FIX: support 10 characters tld for user profile website 2016-05-25 22:32:57 +05:30
Neil Lalonde
cb8abd09a9 FIX: users with invalid website in profile get 422 error when viewing topics and other routes 2016-03-18 12:21:37 -04:00
Sam
32c681c96b annotate models 2016-02-23 10:33:53 +11:00
Gerhard Schlager
eb166e78b6 Don't try to import invalid websites 2016-02-21 17:38:04 +01:00
Arpit Jalan
8a7868be07 FIX: validate user website 2016-02-06 02:19:48 +05:30
Guo Xiang Tan
7acc93b2a0 FEATURE: Track user profile views. 2015-09-16 14:48:31 +08:00
Guo Xiang Tan
f41bcafe8d FEATURE: Add views to UserProfile. 2015-09-16 14:48:06 +08:00
Régis Hanol
fe007d08b3 FIX: remove links and html 'hellips' from topic/post summaries 2014-12-08 00:23:53 +01:00
Régis Hanol
929ff00741 FIX: use excerpt instead of the summary 2014-12-06 18:48:39 +01:00
Robin Ward
4c9f55d1e1 FIX: Suspended users should have links stripped from their profiles. 2014-11-25 16:14:39 -05:00