b58867b6e9
FEATURE: New 'Reviewable' model to make reviewable items generic
...
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.
Co-Authored-By: romanrizzi <romanalejandro@gmail.com >
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com >
2019-03-28 12:45:10 -04:00
a9798f0c47
FEATURE: Add page for all group membership requests. ( #6909 )
2019-03-27 13:30:59 +02:00
7e9afdace3
FEATURE: custom colors for default letter avatars ( #7167 )
2019-03-18 16:24:21 +01:00
c5808a8a25
PERF: N+1 queries admin users pages.
2019-03-15 15:09:44 +08:00
4a00772c19
FIX: invite approval StaffActionLogger bug ( #7151 )
...
* FIX: invite approval `StaffActionLogger` bug
2019-03-12 13:32:25 +00:00
191e31dccf
FEATURE: Log user approvals. ( #7121 )
2019-03-12 19:16:56 +11:00
32bae48fd3
DEV: Use User#human? User#bot? ( #7140 )
2019-03-12 07:58:14 +08:00
fc7938f7e0
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator ( #7120 )
...
https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
2019-03-07 11:31:04 +00:00
5d75bd4831
FIX: Don't try to rename group when username is taken
...
FIX: Always rename groups with the default locale instead of using the user's locale
2019-02-19 22:31:03 +01:00
c719658f9f
human? helper method on a user
...
This is cleaner than hard coding `id > 0` in ruby code.
2019-02-08 13:34:54 -05:00
e9ec5238fc
DEV: Remove ignored columns
2019-02-08 12:12:38 +01:00
d5ecf8e8c2
FIX: properly clean out post and user actions on destroy user
...
This corrects 2 issues:
First is a regression with d7c08e21 for some reason dependent :delete_all
respects default scopes where-as dependent :destroy bypasses it.
Secondly, we were keeping orphan user actions around on user destroy, this
ensures we remove all the user actions not only ones that originated by
the user.
So for example: if I like a post of user A we create a user action saying I
did that, but once user A is deleted we were not removing the action leading
to an orphan action in the database.
2019-01-17 12:40:30 +11:00
d7c08e217a
PERF: delete user and post actions vs destroy on user destroy
...
Users can have 100s of thousands of post and user actions, we do not want
to destroy each individually cause the tracking is enormous and the amount
of queries we would need is enormous.
This gives up on the `after_commit` hook on `post_actions` which ships a message
to clients to synchronize a post, so some phantom post_actions may remain
in the UX in the rare occasion we delete a user. The phantoms will be gone
on reload.
2019-01-17 11:19:37 +11:00
95f263995d
FIX: Previous annotations were broken
2019-01-11 14:30:19 -05:00
a3839495e0
Update annotations
2019-01-11 12:19:43 -05:00
98d09c90ac
Current user serializer groups (ef7f84b follow-up)
2018-12-18 09:05:45 +01:00
ef0e84e3d9
FIX: clear the site_contact_username setting if the user's staff privileges are revoked
2018-12-14 16:52:44 -05:00
9f89aadd33
FIX: delete all posts in batches without hijack ( #6747 )
2018-12-14 11:04:18 +01:00
160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator ( #6739 )
...
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00
3c9c95ac83
Update Rubocop to 0.60
2018-12-04 10:48:16 +01:00
208005f9c9
REFACTOR: Migrate FacebookAuthenticator to use ManagedAuthenticator
...
Changes to functionality
- Removed syncing of user metadata including gender, location etc.
These are no longer available to standard Facebook applications.
- Removed the remote 'revoke' functionality. No other providers have
it, and it does not appear to be standard practice in other apps.
- The 'facebook_no_email' event is no longer logged. The system can
cope fine with a missing email address.
Data is migrated to the new user_associated_accounts table.
facebook_user_infos can be dropped once we are confident the data has
been migrated successfully.
2018-11-30 11:18:11 +00:00
24e5be3f0c
FIX: Relative links in translations should work with subfolder
2018-11-08 23:31:05 +00:00
7534042427
DEV: Update annotations.
2018-11-07 11:11:19 +08:00
2070edf889
FIX: Clarify User.group_locked_trust_level.
...
* Rename User.group_locked_trust_level to User.group_granted_trust_level.
* Remove the column from users table.
2018-11-07 10:27:44 +08:00
0ead513fb0
PERF: remove total unread notifications from message bus ( #6529 )
2018-10-25 12:14:34 +11:00
5fd94d3211
PERF: limit unread count to 99 in blue circle
...
This revises: e605542c4e
2018-10-24 12:10:27 +11:00
e605542c4e
PERF: limit unread count to 99 in the blue circle
...
This safeguard is in place to avoid very expensive queries on the server
side
2018-10-24 11:53:28 +11:00
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display ( #6499 )
...
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
12f132736b
FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value
2018-10-11 15:11:48 -04:00
8430ea927e
FIX: Generate webhook payloads before destroy events ( #6325 )
2018-10-05 16:53:59 +08:00
e402394375
FEATURE: auto grant an available title when removing old title
...
* FEATURE: auto grant an available title when removing old title
2018-09-21 12:06:08 +10:00
df45e82377
SECURITY: only allow picking of avatars created by self ( #6417 )
...
* SECURITY: only allow picking of avatars created by self
Also adds origin tracking to all uploads including de-duplicated uploads
2018-09-19 22:33:10 -07:00
6659417807
FEATURE: match user title when primary group changes
...
When primary group changes and the user's title is the previous primary
group's title, change the title to the new primary group's title
2018-09-17 15:08:39 +10:00
797cbf8653
FIX: Remove user fields when anonymizing user
2018-09-07 00:02:56 +02:00
4382fb5fac
DEV: Allow plugins to whitelist specific user custom_fields for editing ( #6358 )
2018-09-04 20:45:36 +10:00
931cffcebe
FEATURE: Let users see their user auth tokens. ( #6313 )
2018-08-31 10:18:06 +02:00
e1975e293f
FIX: when uploads are destroyed clear up avatar refs in user table
...
This also auto corrects twice daily when we ensure consistency
2018-08-31 14:46:42 +10:00
812add18bd
REFACTOR: Serve auth provider information in the site serializer.
...
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
919e8db686
FIX: Check for group name availability should skip reserved usernames.
2018-08-01 11:09:33 +08:00
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 ( #6099 )
...
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
84ab825e41
FEATURE: Webhook for user destroyed event ( #6124 )
2018-07-23 13:19:49 +05:30
4765507585
Remove code that is no longer required.
2018-07-19 16:56:53 +08:00
6d6e026e3c
FEATURE: selectable avatars
2018-07-18 12:57:43 +02:00
214dac05de
Update annotations.
2018-07-16 14:19:07 +08:00
21ebb1cd54
FEATURE: Secondary emails support.
2018-07-16 11:09:49 +08:00
db67c87916
fix purge unactivated users subquery
2018-07-13 07:58:58 +05:30
7550e9ff95
FIX: purge unactivated users with a message from non-human users
2018-06-29 13:03:04 +05:30
5d1d7e0e7d
PERF: Scanning the id for this is signficantly slower in production
2018-06-28 11:04:40 -04:00
ec3e6a81a4
FEATURE: Second factor backup
2018-06-28 10:12:32 +02:00
41f76a74f8
FEATURE: send message when a user reaches tl1
2018-06-22 13:20:00 -07:00
