discourse/app/models
Martin Brennan 56b16bc68e
FIX: Never allow custom emoji to be marked secure (#8965)
* Because custom emoji count as post "uploads" we were
marking them as secure when updating the secure status for post uploads.
* We were also giving them an access control post id, which meant
broken image previews from 403 errors in the admin custom emoji list.
* We now check if an upload is used as a custom emoji and do not
assign the access control post + never mark as secure.
2020-02-14 11:17:09 +10:00
..
concerns REFACTOR: Edit title respects min trust to edit post 2020-02-05 10:36:24 -07:00
reports FIX: removes limit for trust level growth report (#8908) 2020-02-10 11:56:29 +01:00
about.rb PERF: speed up about page render time and limit category mods (#8112) 2019-10-03 21:48:56 +03:00
admin_dashboard_data.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
admin_dashboard_general_data.rb FIX: Allow dashboard to load even when git version cannot be found 2019-08-28 12:37:42 +01:00
admin_dashboard_index_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
anonymous_user.rb FEATURE: introduce dedicated storage and DB constraints for anon users 2019-05-29 14:26:24 +10:00
api_key.rb FEATURE: Hash API keys in the database (#8438) 2019-12-12 11:45:00 +00:00
application_request.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
auto_track_duration_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
backup_draft_post.rb FEATURE: experimental hidden setting for draft backups 2019-10-17 16:58:21 +11:00
backup_draft_topic.rb FEATURE: experimental hidden setting for draft backups 2019-10-17 16:58:21 +11:00
backup_file.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
backup_location_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
backup_metadata.rb FEATURE: Drop "backup" schema 7 days after restore 2020-01-16 17:48:47 +01:00
badge_grouping.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge_type.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge.rb PERF: Cache ranks for featured badges, to simplify user serialization (#8698) 2020-01-14 14:26:49 +00:00
bookmark.rb FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954) 2020-02-13 16:26:02 +10:00
category_and_topic_lists.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_custom_field.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_featured_topic.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
category_group.rb PERF: Add index on group to category_groups (#8231) 2019-10-23 10:30:43 +01:00
category_list.rb UX: Include muted categories on the category page by default (#8842) 2020-02-03 10:40:02 -08:00
category_page_style.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_tag_group.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_tag_stat.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_tag.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_user.rb DEV: Update annotations 2019-11-19 10:21:06 +00:00
category.rb FIX: Linking to a category via hashtag had a broken URL. 2020-02-12 14:23:09 -05:00
child_theme.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
color_scheme_color.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
color_scheme.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
custom_emoji.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
developer.rb DEV: Update annotations 2019-11-29 15:49:08 +00:00
digest_email_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
directory_item.rb FIX: user directory should not include unapproved users 2019-09-11 15:18:17 -04:00
discourse_single_sign_on.rb DEV: Implement a faster Discourse.cache 2019-11-27 16:11:49 +11:00
discourse_version_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
draft_sequence.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
draft.rb FIX: under rare conditions saving a new draft could error temporarily 2020-01-02 11:38:14 +11:00
email_change_request.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_level_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_log.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_style.rb FIX: backwards compatibility for uncompiled email style css 2019-10-23 19:22:33 -04:00
email_token.rb FIX: reload the user record instead of fetching via email 2019-05-13 15:16:53 +05:30
embeddable_host.rb FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
embedding.rb DEV: Remove RSS feed polling in favor of plugin (#8233) 2019-11-12 09:49:02 -06:00
emoji_set_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
emoji.rb FEATURE: do not replace ↔ with an emoji 2019-08-30 15:06:23 +10:00
github_user_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
given_daily_like.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_setting.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
group_archived_message.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_custom_field.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_history.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_mention.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_request.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_user.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
group.rb FIX: group membership leak 2020-01-15 11:21:58 +01:00
ignored_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
incoming_domain.rb FIX: make frozen string mutable in incoming_domain 2019-05-14 17:44:53 +02:00
incoming_email.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
incoming_link.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
incoming_links_report.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
incoming_referer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
invite_redeemer.rb FIX: Use updated_at date to denote expired invites (#8521) 2019-12-17 10:13:49 -05:00
invite.rb DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
invited_group.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
javascript_cache.rb FEATURE: Multi-file javascript support for themes (#7526) 2019-06-03 10:41:00 +01:00
like_notification_frequency_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
locale_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
mailing_list_mode_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
muted_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_topic_duration_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
notification_level_when_replying_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
notification.rb Fix the build - take 3. 2019-12-05 20:35:39 +05:30
oauth2_user_info.rb FIX: allow storage of non unique rows in oauth2_user_infos 2019-10-25 11:57:34 +11:00
onceoff_log.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
optimized_image.rb Log error when optimized image file fails to store. (#8840) 2020-02-03 12:28:45 -05:00
permalink.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_store_row.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_action_type.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
post_analyzer.rb FIX: Ignore group mentions inside quotes (#8905) 2020-02-10 18:31:42 +01:00
post_custom_field.rb DEV: Update annotations 2019-05-13 15:24:24 +01:00
post_detail.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_mover.rb PERF: Speed up moving posts on large databases 2020-02-04 12:30:43 +01:00
post_reply_key.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_reply.rb Merge pull request #8736 from gschlager/rename_reply_id_column 2020-01-17 17:24:49 +01:00
post_revision.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_stat.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_timing.rb FIX: We don't want to update the post read count and user stats if the post timing wasn't created due to a conflict. (#8824) 2020-01-31 10:23:24 -03:00
post_upload.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post.rb FIX: Never allow custom emoji to be marked secure (#8965) 2020-02-14 11:17:09 +10:00
previous_replies_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
push_subscription.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
quoted_post.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
remote_theme.rb DEV: correct a few Ruby 2.7 deprecations 2019-11-28 13:13:29 +11:00
remove_muted_tags_from_latest_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
report.rb FEATURE: adds trust_level_growth report (#8878) 2020-02-06 19:44:30 +01:00
reviewable_claimed_topic.rb FIX: Don't log a claimed topic database error during tests 2020-01-09 12:32:05 -05:00
reviewable_flagged_post.rb FIX: Only agree with the first post when using the 'Delete post + replies and agree' option 2020-01-06 13:38:23 -03:00
reviewable_history.rb FEATURE: Add logging when claiming and unclaiming reviewable flagged posts (#8920) 2020-02-10 15:40:01 -08:00
reviewable_priority_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
reviewable_queued_post.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
reviewable_score.rb FIX: Reload the ReviewableScore types when extending flags (#8740) 2020-01-17 11:59:38 -03:00
reviewable_sensitivity_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
reviewable_user.rb FEATURE: Send suspect users to the review queue (#8811) 2020-01-29 15:38:27 -03:00
reviewable.rb FEATURE: Pending queued posts are included even if they don't pass the minimum priority threshold (#8925) 2020-02-11 15:29:22 -03:00
s3_region_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_ip_address.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_url.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
search_log.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
shared_draft.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
single_sign_on_record.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting.rb DEV: Remove SiteSetting.default_categories_selected (#8138) 2019-10-04 15:57:17 +10:00
site.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
skipped_email_log.rb FIX: Don't send notification email when user isn't allowed to see topic 2019-07-01 14:03:03 +02:00
slug_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheet_cache.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_group_membership.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_group_permission.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_group.rb FEATURE: add support for tag group search 2019-06-27 17:53:26 +10:00
tag_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_user.rb FEATURE: Tag synonyms 2019-12-04 13:33:51 -05:00
tag.rb FIX: Use new tag routes (#8683) 2020-01-21 19:23:08 +02:00
theme_field.rb DEV: Use .hbr for raw template file extension (#8883) 2020-02-11 13:38:12 -06:00
theme_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_override.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme.rb DEV: remove uneeded distinct from relation 2019-12-09 14:24:38 +11:00
top_lists.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
top_menu_item.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
top_topic.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topic_allowed_group.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_allowed_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_converter.rb FEATURE: Update upload security status on post move, topic conversion, category change (#8731) 2020-01-23 12:01:10 +10:00
topic_custom_field.rb annotate models 2019-05-29 14:26:24 +10:00
topic_embed.rb FIX: Skip absolutizing URLs when source URI is invalid 2020-02-07 10:54:24 -05:00
topic_featured_users.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_group.rb Changed CONFLICT to SQL for multiline strings 2019-12-13 11:51:40 -05:00
topic_invite.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_link_click.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
topic_link.rb FIX: inbound link when the only slug available (#8457) 2019-12-04 17:13:20 +11:00
topic_list.rb FEATURE: Dismiss new per category (#8330) 2019-11-14 11:16:13 +11:00
topic_notifier.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_participants_summary.rb FIX: Include 5 participants in topic summary 2019-11-15 15:11:09 -05:00
topic_poster.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_posters_summary.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topic_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_tag.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_timer.rb DEV: Use enum instead of id for topic timer query 2019-11-19 10:10:14 -07:00
topic_tracking_state.rb FIX: topic_tracking_state when mute_all_categories_by_default is enabled 2020-01-06 18:22:42 +00:00
topic_user.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
topic_view_item.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
topic.rb FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954) 2020-02-13 16:26:02 +10:00
translation_override.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
trust_level_and_staff_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
trust_level_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
trust_level3_requirements.rb FEATURE: allow TL3 promotions for overturned penalties 2019-12-20 15:25:21 -08:00
unsubscribe_key.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload.rb FIX: Never allow custom emoji to be marked secure (#8965) 2020-02-14 11:17:09 +10:00
user_action.rb DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
user_api_key.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
user_archived_message.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_associated_account.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_auth_token_log.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_auth_token.rb FEATURE: Limit the number of active sessions for a user (#8411) 2019-11-27 12:39:31 +00:00
user_avatar.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
user_badge.rb PERF: Cache ranks for featured badges, to simplify user serialization (#8698) 2020-01-14 14:26:49 +00:00
user_badges.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_custom_field.rb DEV: Add missing indexes to user_profiles (#8691) 2020-01-09 17:08:55 +01:00
user_email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
user_export.rb REVERT: DEV: should ignore missing post uploads when a user export destroyed 2019-07-25 19:41:25 +05:30
user_field_option.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_field.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_history.rb FIX: Mark secure media upload insecure automatically if used for theme component (#8413) 2019-11-28 07:32:17 +10:00
user_open_id.rb DEV: Drop legacy OpenID 2.0 support (#8894) 2020-02-07 17:32:35 +00:00
user_option.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
user_profile_view.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
user_profile.rb DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
user_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_search.rb SECURITY: Check permissions when autocompleting mentions 2019-10-28 11:01:47 +00:00
user_second_factor.rb SECURITY: Improve second factor auth logic 2020-01-10 10:45:56 +10:00
user_security_key.rb DEV: annotate models 2019-10-17 16:58:22 +11:00
user_stat.rb DEV: Add missing indexes to user_profiles (#8691) 2020-01-09 17:08:55 +01:00
user_summary.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_upload.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_visit.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_warning.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user.rb DEV: Drop legacy OpenID 2.0 support (#8894) 2020-02-07 17:32:35 +00:00
username_validator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
watched_word.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
web_crawler_request.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
web_hook_event_type.rb FEATURE: Add a webhook for user notifications 2019-08-15 14:47:25 -04:00
web_hook_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
web_hook.rb DEV: Remove code deprecated by the new Reviewable API (#8023) 2019-08-26 10:33:26 -03:00