19c9a6699a
FIX: Validate auto_close_hours category setting
...
This prevents server errors when the value is set too high
2018-09-26 16:04:49 +01:00
84f5448a92
FEATURE: Display trust level descriptions in site settings ( #6421 )
2018-09-21 15:10:38 +01:00
e402394375
FEATURE: auto grant an available title when removing old title
...
* FEATURE: auto grant an available title when removing old title
2018-09-21 12:06:08 +10:00
3e17ef0507
Merge pull request #6414 from techAPJ/user-field-unique-key
...
FEATURE: add external details to user fields
2018-09-20 22:29:39 +05:30
df45e82377
SECURITY: only allow picking of avatars created by self ( #6417 )
...
* SECURITY: only allow picking of avatars created by self
Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
195bd02fce
FIX: Avoid race condition when enqueuing job.
2018-09-20 11:24:01 +08:00
72be638728
FEATURE: add external details to user fields
2018-09-20 08:10:51 +05:30
e0e6dae6a7
minor cleanup to previous commit from code review
2018-09-19 16:07:29 +10:00
5302709343
FIX: in redis readonly raise an exception from DistributedMutex
...
If we detect redis is in readonly we can not correctly get a mutex
raise an exception to notify caller
When getting optimized images avoid the distributed mutex unless
for some reason it is the first call and we need to generate a thumb
In redis readonly no thumbnails will be generated
2018-09-19 15:50:58 +10:00
4a92c5b2d6
UploadRecovery should recover attachments too.
2018-09-19 10:44:36 +08:00
9281b72308
FEATURE: Log entity export in staff logs
2018-09-19 03:16:45 +05:30
7d6b348d0b
SECURITY: correct XSS on long topic titles
2018-09-18 08:54:44 +10:00
6659417807
FEATURE: match user title when primary group changes
...
When primary group changes and the user's title is the previous primary
group's title, change the title to the new primary group's title
2018-09-17 15:08:39 +10:00
33541c4096
FEATURE: unconditionally omit no-follow for staff
...
Previously TL2 and below staff would have links
no-followed which was never intended
2018-09-17 12:02:20 +10:00
e51c676135
refactors trending search report to use SearchLog
2018-09-17 10:19:40 +10:00
5625461c05
clear error if you can contact theme repo again
2018-09-17 09:49:53 +10:00
c7d81e2682
FIX/FEATURE: don't blow up when can't reach theme's repo, show problem themes on dashboard
2018-09-17 09:49:53 +10:00
419b14e58b
FIX: correctly keep stylesheet cache entries
...
The intent from day one was to keep MAX_TO_KEEP stylesheets per target
however the DELETE statement did not perform target filtering
This meant we often deleted the wrong stylesheets from the cache
2018-09-14 12:54:11 +10:00
a6502ce879
FIX: ensures errors in report initialization fail nicely ( #6392 )
2018-09-13 17:36:55 +02:00
18fcd483f2
FIX: ensures we have a color for reports ( #6396 )
2018-09-13 17:36:39 +02:00
7bf8b0d305
FIX: treats users_(by_type|tl) as other reports ( #6391 )
2018-09-13 17:35:54 +02:00
d288462abf
Merge pull request #6393 from techAPJ/bad-json
...
FIX: ignore and log bad json values for custom fields
2018-09-13 15:54:01 +05:30
e364547ff7
FIX: ignore and log bad json values for custom fields
2018-09-13 14:26:30 +05:30
529e4018f0
DEV: Avoid using send and make the method public instead.
2018-09-13 16:34:32 +08:00
3884e99e88
Add extra protection in Upload#get_from_url.
...
In case the extension goes missing from the URL.
2018-09-12 00:12:14 -07:00
b3469bea2d
FIX: Uploads not being linked correctly to posts.
...
Regression due to 1f636c445b
2018-09-11 23:50:23 -07:00
d1984a0b4d
FIX: display a correct error when attempting to agree on a deferred flag
...
Previously we would raise a 500 error if a moderator tried to agree on a
flag another moderator deferred.
This can happen cause the UX for flags does not live refresh as flags
are handled
2018-09-12 13:16:59 +10:00
71185c13b5
Merge pull request #6377 from tgxworld/remove_tif_tiff
...
Drop `tif`, `tiff`, `webp` and `bmp` from supported images.
2018-09-12 09:32:32 +08:00
e1b16e445e
Rename FileHelper.is_image? -> FileHelper.is_supported_image?.
2018-09-12 09:22:28 +08:00
16bd3f2cf2
FIX: use current user color scheme when filling theme-color attribute ( #6384 )
...
* FIX: use current user color scheme when filling `meta` attribute `theme-color`
* update manifest.webmanifest colors
2018-09-12 11:04:58 +10:00
e64402cb3b
SECURITY: correct edge case when SSO provides unvalidated emails
2018-09-11 08:24:02 +10:00
04d26c65e2
Refactor Upload.get_from_url to check length of sha1.
2018-09-10 10:10:39 +08:00
797cbf8653
FIX: Remove user fields when anonymizing user
2018-09-07 00:02:56 +02:00
1f636c445b
PERF: Add fast path to find uploads before resorting to LIKE query.
...
For a normal upload url
Before
```
Warming up --------------------------------------
264.000 i/100ms
Calculating -------------------------------------
2.754k (± 8.4%) i/s - 13.728k in 5.022066s
```
After
```
Warming up --------------------------------------
341.000 i/100ms
Calculating -------------------------------------
3.435k (±11.6%) i/s - 17.050k in 5.045676s
```
2018-09-06 14:44:24 +08:00
d4b05d7bc5
Always link post to uploads in post process.
...
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
434035f167
FIX: Link post to uploads in PostCreator.
...
* This ensures that uploads are linked to their post on creation
instead of a background job which may be delayed if Sidekiq
is facing difficulties.
2018-09-06 11:18:11 +08:00
e59622f2ba
FIX: deactivate chart trends for now ( #6364 )
2018-09-05 23:33:29 +02:00
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
ad70502ab8
FIX: ignore invalid usernames in incoming link tracker
...
If an incoming link username has NULL in it simply ignore it
2018-09-04 12:28:32 +10:00
8dc1463ab3
Enable Lint/ShadowingOuterLocalVariable for Rubocop.
2018-09-04 10:16:42 +08:00
931cffcebe
FEATURE: Let users see their user auth tokens. ( #6313 )
2018-08-31 10:18:06 +02:00
e1975e293f
FIX: when uploads are destroyed clear up avatar refs in user table
...
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
bb93179609
FEATURE: charts will now use tertiary color ( #6342 )
2018-08-30 14:56:11 +02:00
f0abb4d09a
FIX: Allow user actions to be saved even if the post has nil user
...
This issue made it impossible to delete users if they had flagged a post with nil user
2018-08-30 01:03:32 +01:00
e6970151a6
FEATURE: allow specifying locale via SSO
...
Use:
locale
locale_force_update
To force user locale on users where SiteSetting.allow_user_locale is enabled
Note: If an invalid locale is specified no action will occur
2018-08-30 09:58:03 +10:00
e25a6e085e
FIX: drop title updates through RSS feeds
...
can create an update loop
2018-08-28 16:25:04 +10:00
9ab1fb7dfc
FEATURE: correctly store width and height on uploads
...
Previously we used width and height for thumbnails, new code ensures
1. We auto correct width and height
2. We added extra columns for thumbnail_width and height, this is determined
by actual upload and no longer passed in as a side effect
3. Optimized Image now stores filesize which can be used for analysis, decisions
Also
- fixes Android image manifest as a side effect
- fixes issue where a thumbnail generated that is smaller than the upload is no longer used
2018-08-28 12:59:22 +10:00
c8ffe0fda3
FIX: term should be handled as text ( #6321 )
2018-08-27 11:58:46 +02:00
2271918be2
FEATURE: Use S3 dualstack endpoints
...
Allows S3 without a CDN to serve images from dualstack domains that also support ipv6
2018-08-27 11:22:46 +10:00
faf09bb8c8
Replacing default brown category color
2018-08-24 14:18:14 -04:00
