Commit Graph

1007 Commits

Author SHA1 Message Date
Toby Zerner
e8a4e5e0ef Add log out confirmation if CSRF token is invalid. fixes #1282 2017-11-29 13:03:16 +10:30
Toby Zerner
295193eb3c Use HtmlResponse in AbstractHtmlController 2017-11-29 12:54:11 +10:30
Toby Zerner
a065c8e6f5 Make URLs more verbose 2017-11-29 12:53:39 +10:30
Toby Zerner
9392e1bec3 New design for reset password view 2017-11-29 12:53:06 +10:30
Toby Zerner
479e44dd04 Restructure views
- Use Laravel's view namespacing rather than the full file path
- Organise views into directories
2017-11-29 12:51:24 +10:30
Toby Zerner
0aa74c987c Fix email gambit 2017-11-20 09:17:44 +10:30
Toby Zerner
a28dbccf1a Performance: Assign parent discussions to posts so they don't have to be reloaded 2017-11-12 21:14:19 +10:30
Toby Zerner
3c80612d80 Performance: Load only basic information about post discussion/users 2017-11-11 23:15:36 +10:30
Toby Zerner
dedcbae359 Performance: Load only basic information about terminal/relevant posts 2017-11-11 22:57:41 +10:30
Toby Zerner
9cc67fe312 Performance: Cache translation catalogue to avoid reparsing YAML 2017-11-11 22:45:38 +10:30
Toby Zerner
5f7060fb4a Performance: Assign parent discussion to posts so it doesn't have to be reloaded 2017-11-11 22:44:45 +10:30
Toby Zerner
15b573bd93 Update asset revision whenever custom LESS is changed
This should remove the need for a hard browser refresh whenever you
update the custom LESS.
2017-11-05 16:27:28 +10:30
Franz Liedke
914b94b62d
Remove user bio feature (#1214)
The feature is very limited in scope, and we hope for community
extensions to take over this feature and make it much better.
2017-11-02 01:12:49 +01:00
Lukas
1b7cb3bec2 The CookieFactory now also works if no configuration exists (#1258)
* Returning the $default value if there's no config

This is especially important for the CookieFactory which accesses
the configuration before the application is installed

* Injecting the configuration values into the CookieFactory
2017-11-02 00:51:31 +01:00
Toby Zerner
40ebc13292 Only apply custom CSS and header HTML on forum, not admin 2017-10-25 13:40:57 +10:30
Toby Zerner
5a43f915cb Let avatarUrl attribute delete the avatar as well 2017-10-07 20:28:15 +10:30
Franz Liedke
cb92deee98
Fix namespace imports 2017-10-07 11:20:38 +02:00
Toby Zerner
bedf710768 Fix variable 2017-10-07 19:17:59 +10:30
Toby Zerner
3b1f8771c4 No need to set a remember cookie if only logging in for session 2017-10-07 17:51:30 +10:30
Toby Zerner
2dbcfe02d8 Consolidate avatar uploading, allow avatarUrl to be used when updating user 2017-10-07 17:39:27 +10:30
Toby Zerner
87bf84ef6e Allow configuring cookie attributes
I decided to put this in config.php because if cookie settings were to
be stored in the database and configured via admin UI, entering
incorrect settings could cause the admin session to be destroyed,
requiring manual database intervention to fix. But it's a good prompt
for discussion as to which kind of settings belong in config.php vs the
database. Thoughts?
2017-10-05 13:00:15 +10:30
Toby Zerner
096e552c74 Add the ApiKey model as a request attribute 2017-10-05 12:26:05 +10:30
Toby Zerner
8ccfb1aac6 Use a constant instead of a property 2017-10-05 12:25:30 +10:30
Tobias Weichart
02377663ce minor change for getting the path
* should be used via x_path() methods + parameter
2017-10-04 08:38:36 +02:00
Toby Zerner
eb72307a54 User display names (#1246)
* Introduce user display names

It is not uncommon for forums to be intergrated with sites where users
don't have a unique "handle" - they might just have their first name,
or a full name, which is not guaranteed to be unique.

This commit introduces the concept of "display names" for users. By
default display names are the same as usernames, but extensions may
override this and set them to something different. The important thing
is that all code should use `display_name` whenever intending to output
a human-readable name - `username` is reserved for cases where you want
to output a unique identifier (which may or may not be human-friendly).

The new "GetDisplayName" API is probably sub-optimal, but I didn't worry
too much because we can come up with something better in `next-back`.

ref #557

* Apply fixes from StyleCI

[ci skip] [skip ci]
2017-09-20 16:42:18 +09:30
Toby Zerner
f917d1438c Use ::class 2017-09-19 19:45:31 +09:30
Toby Zerner
ef89b1f6b1 Remove unnecessary else statement 2017-09-19 19:44:43 +09:30
Toby Zerner
377d439c47 😅 2017-09-19 19:13:02 +09:30
Toby Zerner
37cf95f94d Don't include post content in the "basic" serializer
Currently all of a post's replies are loaded in full whenever the post
is loaded, which is kind of overkill - we really just need to know that
they exist (and who posted them) in order to render the "X replied to
this" line.
2017-09-19 19:10:07 +09:30
Toby Zerner
c31c1ea062 Allow full URLs to be used as the avatar path
This is useful for forums integrating with an external website (eg. a
WordPress site), so they can reference existing avatars directly.

For alternative storage locations (eg. S3) the best practice will still
be to store a relative path and then configure an external base "assets
URL" (this is not currently possible - TODO).

Given this change, I think it would probably make sense to rename the
column to `avatar_url` in the upcoming batch of database naming changes
- then it can contain either a relative or an absolute URL -
@franzliedke do you agree?
2017-09-19 19:03:12 +09:30
Toby Zerner
084f74946d Allow setting the raw content of a CommentPost 2017-09-19 12:13:24 +09:30
epoxa
cbe4464178 Fix oauth controller wrong session method call (#1226) 2017-08-19 14:43:21 +09:30
Toby Zerner
ce8a5b3e0f v0.1.0-beta.7 2017-07-22 12:48:58 +09:30
Toby Zerner
4f3e67714e Fix incorrect migration notes for extensions without any migrations
When running migrations for an extension without any migrations (eg.
BBCode), the migration notes for the previous extension were being
displayed, because the Migrator never had a chance to clear them.
2017-07-22 11:43:50 +09:30
Toby Zerner
54be3ad3c8 Define the default moderator group ID
This allows extensions to add default permissions for moderators,
without having to hardcode in the default moderator group ID.
2017-07-22 11:41:20 +09:30
Toby Zerner
0b00d56416 Add a new migration helper for adding default permissions 2017-07-22 11:40:06 +09:30
Toby Zerner
89d4a1e849 Remove MySQL port field from visual installer
Port can still be specified by suffixing the host with a :

closes #825
2017-07-22 11:32:07 +09:30
Daniël Klabbers
43ee7b59a4 Update Client.php (#1198)
* Update Client.php

Now forwarding exceptions from client to page in case debug mode is on. Fixes #1120.

* Update Client.php

Satisfying .. the unsatisfiable.

* Update Client.php

Satisfying again.
2017-07-19 22:14:00 +02:00
Toby Zerner
4b47adabcf Oops, that should be in seconds not minutes 2017-07-08 22:35:11 +09:30
Toby Zerner
93140b8fa4 Remember users forever (5 years) rather than 2 weeks 2017-07-08 22:29:26 +09:30
Franz Liedke
8ea13dc826
Flatten implementation of SelfDemotionGuard listener
Refs #736 and #1195.
2017-07-06 21:57:47 +02:00
David Sevilla Martín
99d42372c3 Prevent yourself from locking yourself out of admin group (#1195) 2017-07-06 21:43:01 +02:00
Franz Liedke
01b56eecdb Merge pull request #1201 from Luceos/patch-3
Update AbstractSerializer.php
2017-06-23 00:02:16 +02:00
Daniël Klabbers
d6c99eccdb Update WebAppView.php
Added argument type hinting where absent.
2017-06-22 16:27:10 +02:00
Daniël Klabbers
01cb8ab79d Update AbstractSerializer.php
Fixes missing argument in method. Verified it has to be a string.
2017-06-22 14:28:51 +02:00
Daniël Klabbers
57570d960e Update StartSession.php
Fixed CookieFactory typo in phpdoc.
2017-06-19 16:47:20 +02:00
Daniël Klabbers
04c4806f6f making posts and discussions private (#1153)
* flagrow/byobu#11 making posts and discussions private

* tested migrations and tested setting is_private on discussion and post manually

* added phpdoc for Post and Discussion and added the casting for these attributes

* satisfying styleci

* fixes for review

* added new private discussion event and included it in the access policy

* added new private post event and included it in the access policy
2017-05-27 14:19:15 +09:30
Davis
4c0339c30e Allow JSON to be used for Install Command (#1193)
* Allow JSON to be used for Install Command

* Return configuration as array instead of object.

* Update InstallCommand.php
2017-05-27 14:18:09 +09:30
David Sevilla Martín
e64dc4ea45 Add viewUserList permission (#1190) 2017-05-24 22:06:56 +09:30
David Sevilla Martín
23b423c6ce #1184 Fix /api/posts returning 500 (#1188)
* Fix ListPostsController::applyFilters not receiving array if argument not present

* Whoops! Use `[]` instead of `array()`

* Update AbstractSerializeController.php

* Update ListPostsController.php
2017-05-18 22:04:00 +02:00