github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-02 15:35:10 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
Files
6ff309aa801f5cd283c940cffa75269e9fada438
discourse/app/controllers
History
Sam 6ff309aa80 SECURITY: don't grant same privileges to user_api and api access 
User API is no longer gets bypasses that standard API gets.
Only bypasses are CSRF and XHR requirements.
2016-12-16 12:05:43 +11:00
..
admin
FEATURE: Add Group#full_name.
2016-12-13 16:16:26 +08:00
users
FIX: redirects back to origin for SSO and omniauth login
2016-09-16 13:48:50 +10:00
about_controller.rb
PERF: Rendering crawler's template is expensive.
2016-04-07 16:28:31 +02:00
application_controller.rb
SECURITY: don't grant same privileges to user_api and api access
2016-12-16 12:05:43 +11:00
badges_controller.rb
Advanced Search UI
2016-10-04 11:18:01 -04:00
categories_controller.rb
FIX: Associate category logo and background to uploads record.
2016-12-12 17:37:28 +08:00
category_hashtags_controller.rb
FIX: Query for category hashtag should be case sensitive.
2016-03-28 11:15:10 +08:00
clicks_controller.rb
PERF: avoid preloading json in cases where it is not needed
2015-05-20 17:12:16 +10:00
composer_messages_controller.rb
FIX: Duplicate link shouldn't happen on edit
2016-06-08 17:22:23 -04:00
directory_items_controller.rb
PERF: Remove ordering by username.
2016-10-15 01:13:58 +08:00
draft_controller.rb
PERF: avoid preloading json in cases where it is not needed
2015-05-20 17:12:16 +10:00
email_controller.rb
User interface for watching first post
2016-07-07 11:21:50 -04:00
embed_controller.rb
Better error messages when embedding fails
2016-12-13 14:38:05 -05:00
exceptions_controller.rb
FEATURE: hide google search on 404 page for private instance
2014-09-06 15:26:46 +05:30
export_csv_controller.rb
FIX: export user list based on trust level filter
2016-03-07 18:49:31 +05:30
extra_locales_controller.rb
FIX: Ensure that translations bundle exists before merging plugin bundle.
2016-09-30 14:29:30 +08:00
finish_installation_controller.rb
FIX: Show an error page if finish-installation can't run
2016-12-07 11:10:08 -05:00
forums_controller.rb
Delete useless home_redirect method from ForumsController.
2016-10-27 15:45:22 +01:00
groups_controller.rb
FEATURE: Add groups page.
2016-12-14 17:27:47 +08:00
highlight_js_controller.rb
PERF: avoid cookies for all static, public, cached forever assets
2015-05-22 16:15:46 +10:00
invites_controller.rb
FIX: simplify CSV file upload
2016-12-05 14:09:08 +05:30
list_controller.rb
FIX: Add tags to list options from params
2016-11-26 08:24:52 -06:00
metadata_controller.rb
Refactor desktop notifications to be more modular.
2016-07-01 00:11:32 +08:00
notifications_controller.rb
FEATURE: clean API method for reading a single notification
2016-09-16 16:14:15 +10:00
onebox_controller.rb
permalinks_controller.rb
FIX: permalinks redirect on subfolder installs could add the subfolder to the url twice
2015-10-12 16:54:53 -04:00
post_action_users_controller.rb
FIX: You can click to see your own PMs from flags
2015-09-30 12:28:55 -04:00
post_actions_controller.rb
Added spec tests
2016-04-03 19:44:14 -04:00
posts_controller.rb
SECURITY: don't grant same privileges to user_api and api access
2016-12-16 12:05:43 +11:00
queued_posts_controller.rb
FIX: better error message when trying to approve post for closed/deleted topic
2016-06-24 15:11:45 +05:30
robots_txt_controller.rb
FIX: robots.txt should be accessible even when login is required
2015-10-15 11:42:41 +02:00
safe_mode_controller.rb
FEATURE: Add basic support for Safe Mode
2016-11-21 16:46:14 +11:00
search_controller.rb
SECURITY: restrict constantize classes in search controller
2016-06-17 13:47:34 +10:00
session_controller.rb
PERF: Add endpoint to check if a group can be mentioned by user.
2016-11-26 02:20:46 +08:00
similar_topics_controller.rb
FIX: similar topics api shouldn't return error if params are below minimum lengths
2015-08-31 10:54:45 -04:00
site_controller.rb
FEATURE: basic info route for all sites, even ones that require login
2016-08-12 17:10:35 +10:00
site_customizations_controller.rb
FEATURE: Can create stylesheets for embedded comments
2015-08-10 10:21:04 -04:00
static_controller.rb
FIX: on 404 from brotli asset path return a correctly encoded doc
2016-12-15 16:05:20 +11:00
steps_controller.rb
FIX: You should be an admin to do the wizard
2016-09-22 11:12:51 -04:00
stylesheets_controller.rb
fix missing rtl stylesheets
2015-05-23 15:25:05 +10:00
tag_groups_controller.rb
PERF: tag groups index query
2016-07-15 17:16:26 -04:00
tags_controller.rb
FIX: topic list filters for bookmarked, posted, and read now work with tag filter
2016-12-02 15:58:14 -05:00
topics_controller.rb
FIX: regression unable to dismiss unread
2016-12-06 08:49:40 +11:00
uploads_controller.rb
Upload Logos Step
2016-09-22 09:52:19 -04:00
user_actions_controller.rb
got to be careful with integrity specs
2016-11-29 18:01:09 +11:00
user_api_keys_controller.rb
FEATURE: user API now contains scopes so permission is granular
2016-10-14 16:05:42 +11:00
user_avatars_controller.rb
SECURITY: limit route access when using external avatars
2016-07-28 09:00:43 +10:00
user_badges_controller.rb
FIX: badge grant count wasn't filtered to the current user in the user summary
2016-03-30 23:11:00 +02:00
users_controller.rb
FIX: whisper no longer experimental
2016-12-02 17:03:31 +11:00
users_email_controller.rb
SECURITY: Support for confirm old as well as new email accounts
2016-03-08 14:52:22 -05:00
webhooks_controller.rb
FIX: use metadata to hold the message_id with sparkpost
2016-10-27 19:35:50 +02:00
wizard_controller.rb
FIX: You should be an admin to do the wizard
2016-09-22 11:12:51 -04:00