discourse/app/controllers
Guo Xiang Tan 1f6e8b642d SECURITY: Don't allow moderators to list PMs of all groups.
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
2020-09-08 10:43:13 +02:00
..
admin FIX: uploading an existing image as a site setting 2020-07-03 19:19:14 +02:00
users FIX: correctly remove authentication_data cookie on oauth login flow (#9238) 2020-03-23 16:01:39 -07:00
about_controller.rb Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse"" 2020-05-23 00:56:13 -04:00
application_controller.rb FIX: Preload readonly mode attribute seperately. 2020-06-12 09:54:05 +08:00
badges_controller.rb FEATURE: add noindex header to badges, groups, and /my pages (#9736) 2020-05-11 15:05:42 +10:00
bookmarks_controller.rb FEATURE: Optionally delete bookmark when reminder sent (#9637) 2020-05-07 13:37:39 +10:00
bootstrap_controller.rb New bootstrap.json endpoint for starting up Discourse 2020-06-03 14:45:23 -04:00
categories_controller.rb FEATURE: category setting for default list filter. (#9975) 2020-06-04 00:56:56 +05:30
category_hashtags_controller.rb DEV: Deprecate Category#url_with_id in favor of Category#url (#9972) 2020-06-18 11:32:14 +03:00
clicks_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
csp_reports_controller.rb DEV: Only include "report-sample" CSP directive when reporting is enabled (#9337) 2020-04-02 11:16:38 -04:00
directory_items_controller.rb FIX: move total rows count & load more URL inside meta. 2020-04-03 07:32:50 +05:30
draft_controller.rb FIX: Raise a 4xx error instead of a 5xx if draft data is invalid 2020-04-25 11:47:22 +03:00
drafts_controller.rb SECURITY: Respect topic permissions when loading draft metadata 2020-03-23 11:54:36 +00:00
email_controller.rb DEV: Remove unused routes 2020-06-08 10:26:29 +02:00
embed_controller.rb FEATURE: Create New Topic button on embed with params (#8280) 2019-11-01 14:19:10 -05:00
exceptions_controller.rb FEATURE: Add site setting to show more detailed 404 errors. (#8014) 2019-10-08 14:15:08 +03:00
export_csv_controller.rb FIX: Use include-subcategories filter in report export (#10007) 2020-06-10 18:57:39 +03:00
extra_locales_controller.rb FIX: Better error handling for invalid locale bundle versions 2019-11-11 22:30:32 +01:00
finish_installation_controller.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
forums_controller.rb DEV: shutdown_ok parameter to /srv/status 2020-03-09 14:06:13 -07:00
groups_controller.rb FEATURE: Send a private message when a group membership is accepted (#9822) 2020-05-26 16:28:03 +03:00
highlight_js_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
inline_onebox_controller.rb FIX: Make inline oneboxes work with secured topics in secured contexts (#8895) 2020-02-12 12:11:28 +02:00
invites_controller.rb FIX: Return 400 when invalid topic_id is provided when creating invite. 2020-06-10 09:29:28 +08:00
list_controller.rb SECURITY: Don't allow moderators to list PMs of all groups. 2020-09-08 10:43:13 +02:00
metadata_controller.rb PERF: cache all metadata for 60 seconds 2020-07-02 15:12:59 -04:00
notifications_controller.rb FIX: Avoid marking notifications as seen in readonly mode. 2020-07-02 15:08:13 -04:00
offline_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
onebox_controller.rb FIX: Cache failed onebox URL request server-side (#8421) 2019-11-28 07:48:29 +10:00
permalinks_controller.rb FIX: Check for permalinks before showing the 404 page 2020-03-23 16:31:07 -07:00
post_action_users_controller.rb FEATURE: Don't display muted/ignored users under "who liked" (#10084) 2020-06-19 10:44:21 -04:00
post_actions_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_readers_controller.rb DEV: '= true' is not necessary 2019-12-03 11:32:45 -03:00
posts_controller.rb FIX: hide rss feed & json if a user profile is hidden. 2020-06-03 19:03:02 +05:30
published_pages_controller.rb FEATURE: allows published pages to be public (#10053) 2020-06-17 12:42:20 +02:00
push_notification_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
qunit_controller.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable_claimed_topics_controller.rb FIX: Make reviewable claiming work with deleted topics (#9040) 2020-02-25 15:49:23 +02:00
reviewables_controller.rb FIX: Only show the review page to users that can see it. Do not publish the reviewable count update message to everyone. (#9556) 2020-04-27 14:51:25 -03:00
robots_txt_controller.rb FIX: Remove paths from robots.txt in favor of noindex header 2020-07-02 15:09:40 -04:00
safe_mode_controller.rb FEATURE: Always disable customizations on the /safe-mode route (#9052) 2020-02-28 10:53:11 +00:00
search_controller.rb FEATURE: Add global rate limit for anon searches (#10208) 2020-07-13 10:26:42 -07:00
session_controller.rb FEATURE: tighten rate limiting rules for forgot password 2020-05-08 13:30:51 +10:00
similar_topics_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
site_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
static_controller.rb FEATURE: add short site description on login page title 2019-10-14 11:40:09 +05:30
steps_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheets_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
svg_sprite_controller.rb DEV: Allow 3-digit HEX color code in single icon route 2020-05-14 16:37:45 -04:00
tag_groups_controller.rb DEV: Tag group improvements (#8252) 2019-10-30 16:57:13 +01:00
tags_controller.rb FIX: Negative limit values shouldn't cause error 500 (#10162) 2020-07-02 15:15:25 -04:00
theme_javascripts_controller.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
topics_controller.rb SECURITY: make find topic by slug adhere to SiteSetting.detailed_404 (#9898) 2020-05-28 13:54:10 -07:00
uploads_controller.rb SECURITY: Add content-disposition: attachment for SVG uploads 2020-07-09 13:54:45 +10:00
user_actions_controller.rb FEATURE: Quick access panels in user menu (#8073) 2019-09-09 11:03:57 -04:00
user_api_keys_controller.rb FEATURE: Hash user API keys in the database (#9344) 2020-04-07 16:42:52 +03:00
user_avatars_controller.rb FIX: Redirects containing Unicode usernames didn't work 2020-06-08 10:26:29 +02:00
user_badges_controller.rb FIX: identify slug-less topic urls everywhere 2020-07-02 15:11:36 -04:00
users_controller.rb FIX: A much nicer error message if you can't ignore/mute a user 2020-06-18 13:41:27 -04:00
users_email_controller.rb FEATURE: Improve UX support for multiple email addresses (#9691) 2020-06-10 19:11:49 +03:00
webhooks_controller.rb DEV: stop freezing frozen strings 2020-04-30 16:48:53 +10:00
wizard_controller.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00