Matteo Contrini
520ac6fdb9
Change rel for external links to nofollow ugc ( #1884 )
2019-09-23 23:37:49 +02:00
Daniël Klabbers
2bb81ba03f
added author Daniel Klabbers
2019-09-16 10:37:51 +02:00
David Sevilla Martín
44dba542b1
Prepare beta.10 release ( #1885 )
...
* Update Application version string to beta 10
* Add beta.10 changelog
2019-09-16 09:28:17 +02:00
Franz Liedke
cbe7d4dfdb
Restore beta.9 behavior of assertCan()
...
In flarum/core#1854 , I changed the implementation of `assertCan()` to be
more aware of the user's log-in status. I came across this when unifying
our API's response status code when actors are not authenticated or not
authorized to do something.
@luceos rightfully had to tweak this again in 8e3eb59
2019-09-14 21:32:00 +02:00
Franz Liedke
26d2031aa4
Add a test for viewUserList guest permission
...
This test would have failed without commit 8e3eb59#1854 , so we need this test to ensure the
API continues to behave as desired.
2019-09-14 21:30:09 +02:00
Franz Liedke
f4219b0de6
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2019-09-14 18:57:28 +00:00
Franz Liedke
9120e556eb
Convert more controller tests to feature tests
2019-09-14 13:09:56 +02:00
Franz Liedke
cad6ab1e6e
Update vulnerable JS dependencies
2019-09-13 15:26:10 +02:00
Franz Liedke
eca288f525
Send a HTTP 401 for incorrect login credentials
...
This fixes a regression from #1843 and #1854 . Now, the frontend again
shows the proper "Incorrect login details" message instead of "You
do not have permission to do that".
2019-09-13 15:03:03 +02:00
Franz Liedke
b75e8284da
Convert another controller test to feature test
...
Decouple from implementation, test closer to HTTP...
2019-09-13 14:58:45 +02:00
flarum-bot
9f8aeb7927
Bundled output for commit 5e53145bab [skip ci]
2019-09-12 22:36:12 +00:00
David Sevilla Martín
5e53145bab
Fix errors caused by deletion alert when deleting users ( #1883 )
...
Refs #1788
TypeError: t.showDeletionAlert is not a function
at onSuccess(./src/forum/utils/UserControls.js:104:12)
Also, don't override 'this' param with user object for editAction
2019-09-13 00:34:05 +02:00
Daniël Klabbers
4bfcf4e052
moved the artisan binary override and commented some of the bindings for queue
2019-09-12 09:11:12 +02:00
flarum-bot
c1e03b0436
Bundled output for commit 5530422210 [skip ci]
2019-09-11 22:16:20 +00:00
David Sevilla Martin
5530422210
Fixes an issue where deleting a nonexistent model would error instead of resolving gracefully
2019-09-11 18:14:37 -04:00
Daniël Klabbers
c4806e19b5
prevent constant to be duplicated during tests
2019-09-11 12:20:35 +02:00
Daniël Klabbers
55d7e86a38
Merge branch 'master' of github.com:flarum/core
2019-09-11 11:59:10 +02:00
Daniël Klabbers
8e3eb5986f
Fixes an issue where permission checks aren't made for guest users,
...
due to the gate being accessed after the check whether the user
is registered/signed in.
2019-09-11 11:58:27 +02:00
luceos
8b029f9cd4
Apply fixes from StyleCI
...
[ci skip] [skip ci]
2019-09-11 09:43:46 +00:00
Daniël Klabbers
58e1c6cd99
Fixes the queue listen command. We might need to rectify this implementation before stable.
2019-09-11 11:42:52 +02:00
Daniël Klabbers
923eea1cd8
Fixes an issue where a different cache driver is used and Formatter
...
attempts to load the s9e Renderer from the wrong cache. It has
to be saved locally so that it can be properly loaded using
the spl auto register functionality.
2019-09-10 12:33:25 +02:00
Franz Liedke
d4ad62c9b0
Fix instructions in PR template
2019-09-10 00:18:04 +02:00
flarum-bot
361d2e5ec2
Bundled output for commit 80ff7eb4ea [skip ci]
2019-09-09 21:37:54 +00:00
David Sevilla Martín
80ff7eb4ea
Mark notification as read without visiting discussion ( #1874 )
2019-09-09 23:36:06 +02:00
flarum-bot
10bd406e18
Bundled output for commit 827c8ff50f [skip ci]
2019-09-09 21:07:00 +00:00
David Sevilla Martín
827c8ff50f
Fix error thrown if textarea doesn't exist in TextEditor ( #1852 )
...
* Prevent textarea not existing from causing errors to be thrown
* Replace [0] with .length
2019-09-09 17:05:11 -04:00
Daniël Klabbers
22f3c82e9a
listen and restart currently fail in the queue, see #1879
2019-09-09 15:47:56 +02:00
flarum-bot
405cc7b56e
Bundled output for commit 12cc20ad62 [skip ci]
2019-09-08 17:33:39 +00:00
Matthew Kilgore
12cc20ad62
Fix the new edit user permission label ( #1870 )
2019-09-08 13:31:57 -04:00
David Sevilla Martín
5b8d8667d6
Add DB prefix to PHP tests ( #1855 )
...
* Add test job with PHP 7.3, MySQL & custom prefix
* Add prefix MariaDB test
* Add PHP 7.4 to tests
* Remove PHP 7.4 from tests
This reverts commit 270cba2f5f
2019-09-08 13:28:39 -04:00
David Sevilla Martín
fb45773ecb
Add back defaults for language and direction attributes ( #1860 )
2019-09-05 08:28:52 +02:00
flarum-bot
56dbcf026d
Bundled output for commit cf16b6c20b [skip ci]
2019-09-05 00:34:59 +00:00
Franz Liedke
cf16b6c20b
Optimize ScrollListener performance
...
Listen to "scroll" event and throttle callback executions instead
of actively polling for changes to the scroll position.
Fixes #1222 .
2019-09-05 02:17:09 +02:00
Franz Liedke
ef38660f08
Fix failing test
2019-09-05 00:07:40 +02:00
Franz Liedke
9dc2f1eb8e
Debug mode: Include stacktrace in JSON-API errors
...
Refs #1843 , #1865 .
2019-09-04 23:35:32 +02:00
Franz Liedke
5048e097a5
Refactor JSON-API error formatter
2019-09-04 23:30:22 +02:00
Franz Liedke
e52a5d8353
Apply fixes from StyleCI ( #1867 )
...
[ci skip] [skip ci]
2019-09-04 01:44:59 +02:00
Franz Liedke
429b8e1a32
Restore error details in JSON-API error formatter
...
Fixes #1865 . Refs #1843 .
2019-09-04 01:44:22 +02:00
Franz Liedke
a7b19284b9
Convert controller test to request test
...
This further decouples these tests from the implementation (i.e. which
controller are we calling?).
2019-09-04 01:27:24 +02:00
Matteo Contrini
0005da3a0d
Allow formatting post content without a request ( #1848 )
2019-09-04 00:12:28 +02:00
Matthew Kilgore
e5e505e85a
Add Edit User permission to permissions grid ( #1859 )
2019-09-03 23:54:38 +02:00
Franz Liedke
a61f6d4453
Merge pull request #1854 from flarum/fl/1641-fix-status-codes
...
Error handling: Fix status codes
2019-09-02 16:33:48 +02:00
dependabot[bot]
e04d825ee2
Bump lodash from 4.17.11 to 4.17.15 in /js ( #1863 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.11 to 4.17.15.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.15 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-08-28 09:11:25 +02:00
dependabot[bot]
f95d2a8841
Bump mixin-deep from 1.3.1 to 1.3.2 in /js ( #1862 )
...
Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep ) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/jonschlinkert/mixin-deep/releases )
- [Commits](https://github.com/jonschlinkert/mixin-deep/compare/1.3.1...1.3.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-08-28 09:06:38 +02:00
Franz Liedke
6a6a915732
Remove unnecessary dependency
...
Refs #1773 .
2019-08-22 10:04:38 +02:00
Franz Liedke
54b4292c5e
Remove superfluous ForbiddenException
...
It has the same effect as the PermissionDeniedException, so let's
just use that.
Refs #1641 .
2019-08-22 00:06:26 +02:00
Franz Liedke
fbc940412c
When signups are prohibited, respond with HTTP 403
2019-08-21 23:48:24 +02:00
Franz Liedke
67aa8d5cef
Move authentication check into assertCan() method
...
This will cause the right error (HTTP 401) to be thrown whenever
we're checking for a specific permission, but the user is not even
logged in. Authenticated users will still get HTTP 403.
2019-08-21 23:48:03 +02:00
Franz Liedke
152b455acf
Remove unnecessary indirection
2019-08-21 00:06:32 +02:00
Franz Liedke
ee4a536de1
Document permission check methods
2019-08-21 00:06:31 +02:00
