Toby Zerner
ac63665f8b
Boot new application instance before enabling extensions. fixes #1587 ( #1631 )
2018-11-12 00:01:17 +01:00
Franz Liedke
f346a51748
Remove unused default constructor
2018-11-11 23:52:47 +01:00
Clark Winkelmann
3d1578b89a
Clean PostStreamScrubber code
2018-11-11 19:03:22 +01:00
Clark Winkelmann
87f94e64e4
Fix scrubber index not limited to max items count when bypassing view()
2018-11-11 19:00:51 +01:00
Toby Zerner
95944e3630
Log errors that occur in the API stack
...
This takes place only in the FallbackExceptionHandler. Having a custom
exception handler implies that a friendly message is displayed in the
API response, in which case we can bet that the exception won't need to
be "debugged" per se.
2018-11-11 18:00:57 +10:30
Toby Zerner
4302687876
Stop logging errors that use a custom view
...
Having a custom view implies that a friendly message is displayed to
the user, in which case we can bet that the exception won't need to be
"debugged" per se.
2018-11-11 17:57:55 +10:30
Toby Zerner
2df5be7bcb
Catch Throwables so that we handle internal PHP errors too
2018-11-11 17:54:19 +10:30
flarum-bot
91e8d6820a
Bundled output for commit d9037fe472
[skip ci]
2018-11-11 06:35:34 +00:00
Toby Zerner
278bbd992b
Apply fixes from StyleCI ( #1632 )
...
[ci skip] [skip ci]
2018-11-11 17:01:34 +10:30
Toby Zerner
d9037fe472
Delete associated notifications when deleting discussions, posts, and users. fixes #1380
2018-11-11 16:59:24 +10:30
Toby Zerner
0e5c3aff1a
Perform visibility checks on notification subjects at the query level
...
This will prevent a notification from being seen by a user if its
subject is deleted or undergoes some kind of permission change (eg.
a discussion is moved into a private tag)
ref #1380
2018-11-11 16:58:08 +10:30
Toby Zerner
9b013a4136
Consolidate Post visibility logic into the PostPolicy
...
A post can only be seen if the discussion in which it resides can be
seen. The logic for this belongs in the policy, not the model.
2018-11-11 16:54:15 +10:30
Toby Zerner
e02b18d08e
Fix notification list not displaying "empty" message
2018-11-11 16:46:54 +10:30
Toby Zerner
b68f183e86
Always allow users to see their own account. fixes #1626
2018-11-11 14:25:21 +10:30
Franz Liedke
ebcc173496
Fix leak of private information when updating users
...
Fixes #1628 .
2018-11-09 12:02:26 +01:00
Franz Liedke
fad8ed335d
Add regression test for email crawling vulnerability
...
Refs #1628 .
2018-11-09 12:02:26 +01:00
Franz Liedke
99f9ec45f1
Move trait to base test class
...
This way, its properties can be overwritten in subclasses of
`ApiControllerTestCase`. This isn't allowed when those subclasses
use the trait directly.
2018-11-09 12:02:21 +01:00
Daniël Klabbers
f41ae92f1a
add security address in issue template as well ( #1630 )
...
as per suggestion by @CDK2020, let's also add an important statement in the issue template
2018-11-09 10:02:20 +01:00
Daniël Klabbers
ee386b8899
add security email address in flarum/core readme ( #1629 )
...
Let's make the security email address even more visible.
2018-11-08 23:41:51 +01:00
Daniël Klabbers
33b39137b9
[b8] master token fix ( #1622 )
...
* fixed not being able to use master token because id column no longer holds key
* added flexibility of user_id column
* added tests to confirm the api keys actually work as intended
2018-11-07 22:34:09 +01:00
flarum-bot
4eafba9189
Bundled output for commit 8e5099711f
[skip ci]
2018-11-07 21:20:16 +00:00
Franz Liedke
537e61ba00
Restore horizontal overflow for permission grid
...
Refs #1627 .
2018-11-07 22:17:16 +01:00
Clark Winkelmann
8e5099711f
Use ItemList for EditGroupModal fields ( #1625 )
2018-11-07 22:15:19 +01:00
David Sevilla Martín
e1dc724333
Remove overflow from .PermissionsPage-permissions ( #1627 )
2018-11-06 22:41:21 +01:00
Toby Zerner
1f2c24e404
Merge pull request #1623 from flarum/luceos-patch-1
...
Update AccessToken.php
2018-11-02 07:12:23 +10:30
Daniël Klabbers
dba160b9f1
Update AccessToken.php
...
Fixes phpdoc while working on #1622
2018-11-01 10:56:45 +01:00
flarum-bot
38259d2cd5
Bundled output for commit ddeb005a7a
[skip ci]
2018-10-31 13:35:47 +00:00
Daniël Klabbers
ddeb005a7a
Update EditGroupModal.js
...
fixed placeholder icon name fa 4 style to fa 5 style with `fas fa-bolt`
2018-10-31 14:28:50 +01:00
Daniël Klabbers
b64cdb1cfe
fixes author gambit when used with fulltext search, added test to cover ( #1620 )
...
* fixes author gambit when used with fulltext search, added test to cover
* Apply fixes from StyleCI
[ci skip] [skip ci]
2018-10-29 23:01:25 +01:00
flarum-bot
ac5a6349e4
Bundled output for commit 9b24edc391
[skip ci]
2018-10-28 21:00:22 +00:00
Toby Zerner
9b24edc391
Fix regression in admin routing in subdirectory. fixes #1606
...
Because admin routing uses the "hash" strategy, the base path does not
need to be taken into account.
2018-10-29 07:25:17 +10:30
Franz Liedke
5ad2a5a842
Fix installation in subdirectory
...
Fixes #1604 .
2018-10-26 00:27:35 +02:00
Franz Liedke
194808ec7c
Fix tests
2018-10-24 22:38:47 +02:00
Franz Liedke
196a4f6e65
Apply fixes from StyleCI ( #1616 )
...
[ci skip] [skip ci]
2018-10-24 22:20:15 +02:00
Franz Liedke
28eb5f27f2
Allow setting all paths when instantiating Site
...
Fixes #1592 .
2018-10-24 22:19:09 +02:00
flarum-bot
cce87c9fb2
Bundled output for commit cc1cc20a52
[skip ci]
2018-10-24 20:06:14 +00:00
Clark Winkelmann
cc1cc20a52
Update Font Awesome icons page link ( #1615 )
2018-10-24 21:20:49 +02:00
Toby Zerner
da5b3c26f4
Update forgotten column name
2018-10-23 20:52:09 +10:30
Franz Liedke
ec991cb9d7
Merge pull request #1608 from flarum/fl/1602-extend-frontend-document
...
New extender for adding variables to HtmlDocument payload
2018-10-21 22:34:22 +02:00
Franz Liedke
cbe52ff846
New extender for adding variables to HtmlDocument payload
...
Fixes #1602 .
2018-10-21 20:45:19 +02:00
Franz Liedke
d335ce8eef
Tweak ContentInterface so that callables can be used as well
2018-10-21 20:41:45 +02:00
Toby Zerner
52d7cd0461
Prevent long words/content from stretching the discussion list width
2018-10-21 14:47:41 +10:30
Daniël Klabbers
e28147a7ff
Fixes logging in with access token ( #1605 )
...
Seems the created_at column has no default value. This was always the case, at least that's what I can tell from a clean install and no migrations changing that default value.
```
$table->timestamp('created_at');
```
2018-10-21 01:21:34 +02:00
Toby Zerner
da5a97fd36
Load extensions in the configured order
2018-10-20 22:21:39 +10:30
Toby Zerner
ed23a25f44
Don't require paths to be set in config - use sensible defaults
2018-10-18 19:27:03 +10:30
Tristian Kelly
805f0b9a47
Broader system font stack ( #1600 )
2018-10-17 23:55:41 +02:00
David Sevilla Martín
58980e323b
Align search icon on search bar ( #1599 )
2018-10-16 20:40:39 +02:00
David Sevilla Martín
5f785c9473
Add migration to add 'fa fa-' to group icons ( #1597 )
...
* Add migration to add 'fa fa-' (FA v4 shim) to group icons
* StyleCI
* Change prefix to `fas fa-`
2018-10-10 00:39:19 +02:00
flarum-bot
a900bf5ffa
Bundled output for commit 08af258f3a
[skip ci]
2018-10-09 22:32:47 +00:00
Franz Liedke
ccf1110faf
Merge pull request #1594 from datitisev/item-list
...
Allow ItemList method chaining (add, merge, remove, replace)
2018-10-10 00:28:03 +02:00