github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 22:43:33 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
48,633 Commits 260 Branches 512 Tags
08ff6eebad83d921ad0d175aa02332fb04333ff7
Commit Graph

37 Commits

Author SHA1 Message Date
David Taylor
5a003715d3 DEV: Apply syntax_tree formatting to app/* 2023-01-09 14:14:59 +00:00
David Taylor
68b4fe4cf8 SECURITY: Expand and improve SSRF Protections (#18815) 
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
 2022-11-01 16:33:17 +00:00
Jeff Wong
75e159f0ed FEATURE: add support for like webhooks (#12917) 
* FEATURE: add support for like webhooks

Add support for like webhooks. Webhook events only send on user membership
in the defined webhook group filters.

This also fixes group webhook events, as before this was never used, and
the logic was not correct.
 2021-04-30 17:08:38 -07:00
David Taylor
5a4d3e7576 FIX: Ensure UserField changes are reflected instantly in webhooks (#12291) 
The Guardian object memoizes a list of allowed user fields. Normally this is fine because Guardian objects only persist for a single request. However, the WebHook class was memoizing a guardian at the class level. This meant that an app restart was required for changes to be reflected. Plus, the Guardian was being shared across all sites in a multisite instance.

Initializing a guardian is cheap, so we can manage without memoization here.
 2021-03-04 21:41:57 +00:00
Roman Rizzi
3259ea60a6 DEV: Remove code deprecated by the new Reviewable API (#8023) 
* Remove flag hooks and endpoints

* Remove #reject_bulk for users

* Remove code for quued_posts_controller
 2019-08-26 10:33:26 -03:00
Robin Ward
ecebff5060 Only show deprecation warning if the webhook is active 2019-06-10 16:23:12 -04:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files 
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
 2019-05-13 09:31:32 +08:00
Robin Ward
b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic 
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
 2019-03-28 12:45:10 -04:00
Maja Komel
34730a0b16 UX: show if webhook is disabled (#7217) 
+ show in staff logs when webhook is created/updated/destroyed
 2019-03-21 16:13:09 +01:00
Vinoth Kannan
167d85c21f FIX: post & topic destroyed hooks not triggering with tag filter 2019-03-06 22:52:54 +05:30
Robin Ward
95f263995d FIX: Previous annotations were broken 2019-01-11 14:30:19 -05:00
Robin Ward
a3839495e0 Update annotations 2019-01-11 12:19:43 -05:00
Vinoth Kannan
57ba4b7cb2 DEV: remove unnecessary safe nav operators (#6730) 2018-12-05 20:07:18 +05:30
Vinoth Kannan
fb78414229 Add missing safe navigation operator 2018-12-05 16:23:43 +05:30
Vinoth Kannan
d33d031742 FEATURE: Filter topic and post web hook events by tags (#6726) 
* FEATURE: Filter topic and post web hook events by tags

* Add a spec test with unmatched tags
 2018-12-05 14:44:06 +05:30
Vinoth Kannan
8430ea927e FIX: Generate webhook payloads before destroy events (#6325) 2018-10-05 16:53:59 +08:00
Guo Xiang Tan
ad5082d969 Make rubocop happy again. 2018-06-07 13:28:18 +08:00
Guo Xiang Tan
b3860c82da FIX: Don't enqueue web hooks inside a deferred queue. 
* The deferred queue is meant for short lived jobs
  and does not guarantee execution. We need to ensure
  that web hooks are always run.
 2018-05-24 15:03:17 +08:00
Guo Xiang Tan
8a1aab4e8a PERF: Select distinct active web hooks at the db level. 2018-05-24 14:56:40 +08:00
Guo Xiang Tan
ae3a7ca08d Fix unexpected return error. 2018-05-21 22:28:44 +08:00
Guo Xiang Tan
bf84037f79 FIX: Payload for webhooks should be current as of the time the event was triggered. 
https://meta.discourse.org/t/group-category-tag-user-deleted-webhooks-not-firing/87752
 2018-05-21 17:29:58 +08:00
Guo Xiang Tan
226ace1643 Update annotations. 2018-02-20 14:28:58 +08:00
Guo Xiang Tan
9644569a28 FIX: Wildcard webhooks could send duplicated events. 2018-01-03 17:00:44 +08:00
Arpit Jalan
3c56c9b637 FIX: strip webhook payload_url 2017-12-11 13:48:11 +05:30
Arpit Jalan
daeb7694bc update annotations 2017-12-05 21:03:20 +05:30
Sam
c68999e128 annotate models 
WARNING annotators out there, be to run bin/annotate on RAILS_ENV=test on a clean db
 2017-08-16 10:38:11 -04:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Guo Xiang Tan
66a7b0c30b FIX: Add web hook DiscourseEvents in initializer. 2017-04-12 11:55:49 +08:00
Guo Xiang Tan
bf78c228f4 FIX: User created web hook being enqueued before record has been saved. 
* Improve web hook tests as well.
 2017-03-16 14:44:09 +08:00
Erick Guan
cfbfea0596 FEATURE: Allow easier customization to the web hook event serialization. 2017-03-16 10:09:05 +08:00
Guo Xiang Tan
69330f8bc2 Add user_updated event to webhooks. 2016-12-13 11:26:26 +08:00
Guo Xiang Tan
e51574bea0 FIX: No need to fetch the model. 2016-12-02 17:17:03 +08:00
Erick Guan
8c8549b27b FIX: missing post and topic edited webhooks 2016-11-30 20:49:45 +01:00
Arpit Jalan
e03c1e4cdf annotate models 2016-10-31 15:02:11 +05:30
Erick Guan
c463cf63d4 FEATURE: Webhook for user creation and approval 2016-09-19 10:12:55 +08:00
Erick Guan
7423140825 FIX: show event name in webhook headers 2016-09-12 17:48:54 +08:00
Erick Guan
9ce61b4586 FEATURE: Webhooks. 2016-09-05 18:44:00 +08:00