Commits on Sep 21, 2018
Commits on Sep 13, 2018
  1. DEV: apply plugin migrations when testing in Travis and Docker

    davidtaylorhq committed Sep 13, 2018
    In `RAILS_ENV=test`, plugins are not loaded by default. Therefore we need to explicitly specify `LOAD_PLUGINS=1` when we want to apply plugin migrations.
Commits on Sep 12, 2018
Commits on Sep 10, 2018
Commits on Sep 4, 2018
Commits on Aug 30, 2018
  1. FIX: Allow user actions to be saved even if the post has nil user

    davidtaylorhq committed Aug 30, 2018
    This issue made it impossible to delete users if they had flagged a post with nil user
Commits on Aug 17, 2018
Commits on Aug 15, 2018
Commits on Aug 8, 2018
Commits on Aug 7, 2018
Commits on Aug 6, 2018
  1. Merge pull request #6238 from LeoMcA/fix-fsl

    davidtaylorhq committed Aug 6, 2018
    FIX: don't require auth providers to set full_screen_login_setting
  2. REFACTOR: Serve auth provider information in the site serializer.

    davidtaylorhq committed Jul 31, 2018
    At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
Commits on Jul 30, 2018
Commits on Jul 27, 2018
Commits on Jul 26, 2018
  1. Add missing semicolon

    davidtaylorhq committed Jul 26, 2018
Commits on Jul 25, 2018
  1. FIX: Remove `plugin.enabled?` checks at initialization time (#6166)

    davidtaylorhq committed Jul 25, 2018
    Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
      - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
      - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.
    Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.
    I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
      - `post_custom_fields_whitelist`
      - `whitelist_staff_user_custom_field`
      - `add_permitted_post_create_param`
Commits on Jul 24, 2018
  1. Rubocop fix

    davidtaylorhq committed Jul 24, 2018
Commits on Jul 23, 2018
  1. FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)

    davidtaylorhq committed Jul 23, 2018
    Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
  2. Fix indentation

    davidtaylorhq committed Jul 23, 2018
Commits on Jul 18, 2018
  1. Correct typo

    davidtaylorhq committed Jul 18, 2018
  2. FIX: Stop race condition when topic notification jobs are scheduled d…

    davidtaylorhq committed Jul 18, 2018
    …uring a database transaction
    This was not picked up by tests because scheduled jobs are run immediately
    and in the current thread (and therefore the current database transaction).
    This particular case sometimes occurs inside multiple nested transactions,
    so simply moving the offending line outside of the transaction is not enough.
    Implemented TransactionHelper, which allows us to use `TransactionHelper.after_commit`
    to define code to be run after the current transaction has been committed.