discourse/app/models
David Taylor 5ff505cea6
SECURITY: Respect topic permissions when loading draft metadata
Co-authored-by: Sam Saffron <sam.saffron@gmail.com>
2020-03-23 11:30:40 +00:00
..
concerns PERF: Allow user serializer to make use of preloaded custom fields (#9074) 2020-03-03 13:56:54 +00:00
reports FIX: removes limit for trust level growth report (#8908) 2020-02-10 11:56:29 +01:00
about.rb PERF: speed up about page render time and limit category mods (#8112) 2019-10-03 21:48:56 +03:00
admin_dashboard_data.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
admin_dashboard_general_data.rb FIX: Allow dashboard to load even when git version cannot be found 2019-08-28 12:37:42 +01:00
admin_dashboard_index_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
anonymous_user.rb FEATURE: introduce dedicated storage and DB constraints for anon users 2019-05-29 14:26:24 +10:00
api_key.rb FEATURE: Hash API keys in the database (#8438) 2019-12-12 11:45:00 +00:00
application_request.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
auto_track_duration_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
backup_draft_post.rb FEATURE: experimental hidden setting for draft backups 2019-10-17 16:58:21 +11:00
backup_draft_topic.rb FEATURE: experimental hidden setting for draft backups 2019-10-17 16:58:21 +11:00
backup_file.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
backup_location_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
backup_metadata.rb FEATURE: Drop "backup" schema 7 days after restore 2020-01-16 17:48:47 +01:00
badge_grouping.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge_type.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge.rb PERF: Cache ranks for featured badges, to simplify user serialization (#8698) 2020-01-14 14:26:49 +00:00
bookmark.rb FIX: Make sure bookmark serializer works with deleted topics + posts (#9195) 2020-03-13 10:44:39 +10:00
category_and_topic_lists.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_custom_field.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_featured_topic.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
category_group.rb PERF: Add index on group to category_groups (#8231) 2019-10-23 10:30:43 +01:00
category_list.rb FEATURE: Demote muted categories on category list (#9226) 2020-03-17 15:33:15 -05:00
category_page_style.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_tag_group.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_tag_stat.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_tag.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_user.rb DEV: Update annotations 2019-11-19 10:21:06 +00:00
category.rb FIX: Include entire slug path in permalinks 2020-03-20 10:43:13 +00:00
child_theme.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
color_scheme_color.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
color_scheme.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
custom_emoji.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
developer.rb DEV: Update annotations 2019-11-29 15:49:08 +00:00
digest_email_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
directory_item.rb FIX: user directory should not include unapproved users 2019-09-11 15:18:17 -04:00
discourse_single_sign_on.rb DEV: Replace User.unstage and User#unstage API with User#unstage! (#8906) 2020-03-17 16:48:24 +01:00
discourse_version_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
draft_sequence.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
draft.rb SECURITY: Respect topic permissions when loading draft metadata 2020-03-23 11:30:40 +00:00
email_change_request.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_level_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_log.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_style.rb FIX: backwards compatibility for uncompiled email style css 2019-10-23 19:22:33 -04:00
email_token.rb FIX: reload the user record instead of fetching via email 2019-05-13 15:16:53 +05:30
embeddable_host.rb FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
embedding.rb DEV: Remove RSS feed polling in favor of plugin (#8233) 2019-11-12 09:49:02 -06:00
emoji_set_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
emoji.rb FEATURE: do not replace &harr; with an emoji 2019-08-30 15:06:23 +10:00
github_user_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
given_daily_like.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_setting.rb FEATURE: Option to connect to Redis using SSL 2020-03-05 20:49:05 -03:00
group_archived_message.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_custom_field.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_history.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_mention.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_request.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
group_user.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
group.rb FIX: Throw error when removing a user from group fails (#9162) 2020-03-10 15:25:00 -06:00
ignored_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
incoming_domain.rb FIX: make frozen string mutable in incoming_domain 2019-05-14 17:44:53 +02:00
incoming_email.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
incoming_link.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
incoming_links_report.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
incoming_referer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
invite_redeemer.rb DEV: Replace User.unstage and User#unstage API with User#unstage! (#8906) 2020-03-17 16:48:24 +01:00
invite.rb DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
invited_group.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
javascript_cache.rb FIX: theme-javascripts using incorrect subfolder setting 2020-03-17 19:09:06 -07:00
like_notification_frequency_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
locale_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
mailing_list_mode_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
muted_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_topic_duration_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
notification_level_when_replying_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
notification.rb FEATURE: Send notifications for time-based and At Desktop bookmark reminders (#9071) 2020-03-12 10:16:00 +10:00
oauth2_user_info.rb FIX: allow storage of non unique rows in oauth2_user_infos 2019-10-25 11:57:34 +11:00
onceoff_log.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
optimized_image.rb PERF: avoid shelling to get hostname aggressively 2020-02-18 15:13:19 +11:00
permalink.rb FIX: Permalinks should redirect to category URL including the ID 2020-03-20 22:06:20 +00:00
plugin_store_row.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_action_type.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
post_analyzer.rb FIX: Ignore group mentions inside quotes (#8905) 2020-02-10 18:31:42 +01:00
post_custom_field.rb DEV: Update annotations 2019-05-13 15:24:24 +01:00
post_detail.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_mover.rb PERF: Speed up moving posts on large databases 2020-02-04 12:30:43 +01:00
post_reply_key.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_reply.rb Merge pull request #8736 from gschlager/rename_reply_id_column 2020-01-17 17:24:49 +01:00
post_revision.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_stat.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_timing.rb FIX: We don't want to update the post read count and user stats if the post timing wasn't created due to a conflict. (#8824) 2020-01-31 10:23:24 -03:00
post_upload.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post.rb SECURITY: Respect topic permissions when loading draft metadata 2020-03-23 11:30:40 +00:00
previous_replies_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
push_subscription.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
quoted_post.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
remote_theme.rb DEV: Allow plugins to add theme modifiers via db migrations (#9192) 2020-03-12 16:35:28 +00:00
remove_muted_tags_from_latest_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
report.rb FEATURE: alows to add a description link to a report (#9065) 2020-03-02 14:30:51 -05:00
reviewable_claimed_topic.rb FIX: Don't log a claimed topic database error during tests 2020-01-09 12:32:05 -05:00
reviewable_flagged_post.rb FIX: Only agree with the first post when using the 'Delete post + replies and agree' option 2020-01-06 13:38:23 -03:00
reviewable_history.rb FEATURE: Add logging when claiming and unclaiming reviewable flagged posts (#8920) 2020-02-10 15:40:01 -08:00
reviewable_priority_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
reviewable_queued_post.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
reviewable_score.rb FIX: Reload the ReviewableScore types when extending flags (#8740) 2020-01-17 11:59:38 -03:00
reviewable_sensitivity_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
reviewable_user.rb FEATURE: Send suspect users to the review queue (#8811) 2020-01-29 15:38:27 -03:00
reviewable.rb FIX: Moderators should be able to review flagged PMs since this has always been like this 2020-03-20 12:28:36 -03:00
s3_region_site_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_ip_address.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
screened_url.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
search_log.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
shared_draft.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
single_sign_on_record.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting.rb FEATURE: optional global invite_code for account registration 2020-03-15 21:17:28 +11:00
site.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
skipped_email_log.rb FIX: Add topic deleted check to email/sender (#9166) 2020-03-13 10:04:15 +10:00
slug_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
stylesheet_cache.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_group_membership.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_group_permission.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_group.rb FIX: remove parent tag from tag group 2020-03-13 12:25:58 -04:00
tag_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
tag_user.rb FEATURE: Tag synonyms 2019-12-04 13:33:51 -05:00
tag.rb FIX: Use new tag routes (#8683) 2020-01-21 19:23:08 +02:00
theme_field.rb DEV: Use .hbr for raw template file extension (#8883) 2020-02-11 13:38:12 -06:00
theme_modifier_set.rb DEV: Allow plugins to add theme modifiers via db migrations (#9192) 2020-03-12 16:35:28 +00:00
theme_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_override.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme.rb DEV: Allow plugins to add theme modifiers via db migrations (#9192) 2020-03-12 16:35:28 +00:00
top_lists.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
top_menu_item.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
top_topic.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topic_allowed_group.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_allowed_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_converter.rb FEATURE: Update upload security status on post move, topic conversion, category change (#8731) 2020-01-23 12:01:10 +10:00
topic_custom_field.rb annotate models 2019-05-29 14:26:24 +10:00
topic_embed.rb FIX: Skip absolutizing URLs when source URI is invalid 2020-02-07 10:54:24 -05:00
topic_featured_users.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_group.rb Changed CONFLICT to SQL for multiline strings 2019-12-13 11:51:40 -05:00
topic_invite.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_link_click.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
topic_link.rb FIX: Various fixes to support posts with no user (#8877) 2020-03-11 14:03:20 +02:00
topic_list.rb FIX: Sync preload key format for category topic lists 2020-02-28 11:10:03 +02:00
topic_notifier.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_participants_summary.rb FIX: Include 5 participants in topic summary 2019-11-15 15:11:09 -05:00
topic_poster.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_posters_summary.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
topic_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_tag.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_timer.rb FEATURE: automatically delete replies on a topic after N days. (#9209) 2020-03-19 21:06:31 +05:30
topic_tracking_state.rb FIX: topic_tracking_state when mute_all_categories_by_default is enabled 2020-01-06 18:22:42 +00:00
topic_user.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
topic_view_item.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
topic.rb SECURITY: Respect topic permissions when loading draft metadata 2020-03-23 11:30:40 +00:00
translation_override.rb DEV: update rubocop to version 0.77 2019-12-10 11:48:39 +11:00
trust_level_and_staff_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
trust_level_setting.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
trust_level3_requirements.rb FEATURE: allow TL3 promotions for overturned penalties 2019-12-20 15:25:21 -08:00
unsubscribe_key.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload.rb DEV: Upload and secure media retroactive rake task improvements (#9027) 2020-03-03 10:03:58 +11:00
user_action.rb DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
user_api_key.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
user_archived_message.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_associated_account.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_auth_token_log.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_auth_token.rb FEATURE: Limit the number of active sessions for a user (#8411) 2019-11-27 12:39:31 +00:00
user_avatar.rb FEATURE: Add support for custom gravatar-like services (#9137) 2020-03-12 11:23:55 -04:00
user_badge.rb PERF: Cache ranks for featured badges, to simplify user serialization (#8698) 2020-01-14 14:26:49 +00:00
user_badges.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_custom_field.rb DEV: Add missing indexes to user_profiles (#8691) 2020-01-09 17:08:55 +01:00
user_email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
user_export.rb REVERT: DEV: should ignore missing post uploads when a user export destroyed 2019-07-25 19:41:25 +05:30
user_field_option.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_field.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_history.rb FIX: Mark secure media upload insecure automatically if used for theme component (#8413) 2019-11-28 07:32:17 +10:00
user_open_id.rb DEV: Drop legacy OpenID 2.0 support (#8894) 2020-02-07 17:32:35 +00:00
user_option.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
user_profile_view.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
user_profile.rb DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
user_search_data.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_search.rb SECURITY: Check permissions when autocompleting mentions 2019-10-28 11:01:47 +00:00
user_second_factor.rb SECURITY: Improve second factor auth logic 2020-01-10 10:45:56 +10:00
user_security_key.rb DEV: annotate models 2019-10-17 16:58:22 +11:00
user_stat.rb DEV: Add missing indexes to user_profiles (#8691) 2020-01-09 17:08:55 +01:00
user_summary.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_upload.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_visit.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user_warning.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
user.rb DEV: Replace User.unstage and User#unstage API with User#unstage! (#8906) 2020-03-17 16:48:24 +01:00
username_validator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
watched_word.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
web_crawler_request.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
web_hook_event_type.rb FIX: Don't display webhooks for inactive plugins (#9206) 2020-03-17 10:39:24 -06:00
web_hook_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
web_hook.rb DEV: Remove code deprecated by the new Reviewable API (#8023) 2019-08-26 10:33:26 -03:00