Skip to content
Permalink
Branch: master
Commits on Nov 19, 2019
  1. DEV: Use enum instead of id for topic timer query

    oblakeerickson committed Nov 19, 2019
    Follow up to 266e486
  2. FIX: Turn off auto bumping for topics with scheduled bumps

    oblakeerickson committed Nov 19, 2019
    If a topic has a timer scheduled to bump a topic it should be excluded
    from being auto bumped.
Commits on Nov 15, 2019
  1. DEV: Improve mail-receiver update instructions

    oblakeerickson committed Nov 15, 2019
Commits on Nov 14, 2019
  1. FIX: Confirm new email with backup codes enabled

    oblakeerickson committed Nov 14, 2019
    This is a fix for this bug:
    
    https://meta.discourse.org/t/-/133185?u=blake
    
    where rails would throw a missing template error when trying to confirm
    a new email address when you had two factor backup codes enabled.
    
    Apparently this feature broke during this commit:
    
    68d35b1
    
    when a partial that contained a lot of javascript was removed most
    likely because it didn't comply with our Content Security Policy, so as
    a fix I rewrote the previous js functionality without using any
    javascript and then added a spec to verify that the correct backup code
    form is displayed when that page is loaded.
  2. DEV: send url string to FileHelper and refactor another open-uri call

    oblakeerickson committed Nov 14, 2019
    FileHelper.download requires a string not a URI. I also found another
    instance of using open-uri directly and swapped it out to use
    FileHelper.
    
    I also updated it to not `read` a file if it comes back nil.
    
    Follow up to: fe01099
  3. DEV: Be sure to read the file into string before base64

    oblakeerickson committed Nov 14, 2019
    Follow up to: 08b4753
    
    If you don't use `read` base64 will error out with: "no implicit
    conversion of Tempfile into String"
  4. DEV: Use FileHelper instead for downloading narrative bot avatar

    oblakeerickson committed Nov 14, 2019
    Follow up to
    
    b69450b
    
    Using FileHelper here allows us to not have to use another require for
    open-uri and gives us all the benefits of FileHelper.
  5. FIX: need to require open-uri for discourse-narrative-bot plugin

    oblakeerickson committed Nov 14, 2019
    By requiring open-uri this will fix the following error:
    
    ```
    NoMethodError (private method `open' called for #<URI::Generic...
    ```
    
    also switched to the shorter syntax and removed default options. Since
    ruby 2.4 redirect is on by default.
Commits on Nov 9, 2019
  1. DEV: Add update message for an outdated mail-receiver

    oblakeerickson committed Nov 9, 2019
    Previous versions of the mail-receiver used query based api credentials,
    if we detect this we will show a message in the admin panel to update
    the mail receiver.
Commits on Nov 8, 2019
  1. DEV: Add deprecation warning of non-header based API auth

    oblakeerickson committed Nov 7, 2019
    This change adds a message to the admin panel if it detects an api
    requests that doesn't use the new header based authentication method.
    
    The message is to warn people to switch to header based auth and links
    to the api documention topic on meta for more info.
Commits on Oct 22, 2019
  1. FIX: Prevent null-byte searches causing 500 error (#8226)

    oblakeerickson committed Oct 22, 2019
    This fix ensures that searches that contain a null byte return a 400
    error instead of causing a 500 error.
    
    For some reason from rspec we will reach the raise statement inside
    of the `rescue_from ArgumentError` block, but outside of rspec it will
    not execute the raise statement and so a 500 is thrown instead of
    reaching the `rescue_from Discourse::InvalidParameters` block inside of
    the application controller.
    
    This fix raises Discourse::InvalidParameters directly from the search
    controller instead of relying on `PG::Connection.escape_string` to
    raise the `ArgumentError`.
  2. FEATURE: Include image url in topic serializer

    oblakeerickson committed Oct 22, 2019
    The `image_url` is already included when fetching a list of topics, and
    this commit adds it to the individual topic serializer so that it is
    available via the api.
    
    See
    
    https://meta.discourse.org/t/single-topic-api-endpoint-should-contain-image-url/131020
    
    for more details.
Commits on Oct 21, 2019
  1. FIX: Include user id in notification webhook (#8195)

    oblakeerickson committed Oct 21, 2019
    The payload when receiving a notification webhook is pointless without
    knowing which user the notification is for. This fix adds the user_id to
    the notification serializer so that when you receive a notification
    webhook you can properly identify which user the notification is for.
    
    See
    
    https://meta.discourse.org/t/getting-the-target-user-for-notification-webhook-events/129052?u=blake
    
    for more details.
Commits on Oct 17, 2019
  1. DEV: Make max_tags_in_filter_list available clientside

    oblakeerickson committed Oct 17, 2019
    This will allow plugins that use this setting to read the value using
    javascript.
Commits on Aug 16, 2019
  1. Ran prettier to fix build

    oblakeerickson committed Aug 16, 2019
    Not sure why lefthook didn't pick this up before on my previous commit,
    but manually running prettier found this.
    
    Followup to: 893d30f
  2. REVERT: External auth when redeeming invites

    oblakeerickson committed Aug 15, 2019
    Reverting this commit:
    
    87a0a66
    
    because I'm extracting all of this logic into a plugin instead.
Commits on Aug 15, 2019
  1. FEATURE: Staff only poll results (#7984)

    oblakeerickson and ZogStriP committed Aug 15, 2019
    * FEATURE: Staff only poll results
    
    These changes allow only staff to see the results of a poll.
    
    Non-staff users will be shown a screen like this:
    
    https://review.discourse.org/uploads/default/original/1X/1b8bd76013363860f2bc455049cf35e69ef44e0a.png
    
    The "Votes are public" message has been removed from the info section,
    and the button to show the votes has been replaced with a message
    stating the results will only be shown to staff.
    
    * Update PR based on feedback
    
    * Update plugins/poll/app/models/poll.rb
    
    make sure we return a boolean
    
    Co-Authored-By: Régis Hanol <regis@hanol.fr>
Commits on Aug 13, 2019
  1. FIX: Downcase email coming back from auth-provider

    oblakeerickson committed Aug 13, 2019
Commits on Aug 12, 2019
Commits on Aug 11, 2019
  1. FEATURE: External auth when redeeming invites

    oblakeerickson committed Aug 11, 2019
    This feature (when enabled) will allow for invite_only sites to require
    external authentication before they can redeem an invite.
    
    - Created hidden site setting to toggle this
    - Enables sending invites with local logins disabled
    - OAuth button added to invite form
    - Requires OAuth email address to match invite email address
    - Prevents redeeming invite if OAuth authentication fails
Commits on Jul 19, 2019
  1. REFACTOR: Cleanup rake tasks based on feedback

    oblakeerickson committed Jul 19, 2019
    Follow up to: [FEATURE: Create a rake task for destroying categories][1]
    
    - `Discourse.system_user` is my friend
    - Remove puts statements from rake tasks that don't return anything
    - `for_each` is also my friend
    - Use `human_users` to also exclude discobot
    - Sort/format categories:list
    
    [1]: 092eeb5
Commits on Jul 18, 2019
  1. Remove file.

    oblakeerickson committed Jul 18, 2019
    I blame vim.
    
    Follow up to: b0c92bb
  2. REFACTOR: Clean up parameterized title

    oblakeerickson committed Jul 18, 2019
    Follow up to [FIX: Empty backup names with unicode site titles][1]
    
    - Use .presence - "It's cleaner"
    - Update spec to use System.system_user so it is more readable
    
    [1]: c866167
Commits on Jul 17, 2019
  1. FIX: Empty backup names with unicode site titles

    oblakeerickson committed Jul 17, 2019
    If a site title contains unicode it may end up with an empty backup
    filename because of the rails `parameterize` method we are calling.
    
    This fix ensures that the backup filenames default to "discourse" if the
    parameterized site title is empty.
    
    Bug reported [here][1].
    
    [1]: https://meta.discourse.org/t/backup-checksum-and-backup-name-missing-when-unicode-site-name/123192?u=blake
  2. FEATURE: Create a rake task for destroying categories

    oblakeerickson committed Jul 17, 2019
    Created a rake task for destroying multiple categories along with any
    subcategories and topics the belong to those categories.
    
    Also created a rake task for listing all of your categories.
    
    Refactored existing destroy rake tasks to use new logging method, that
    allows for puts output in the console but prevents it from showing in
    the specs.
Commits on Jul 11, 2019
  1. FIX: Turn off search logging when read-only (#7877)

    oblakeerickson authored and coding-horror committed Jul 11, 2019
    If `SiteSetting.log_search_queries` is enabled 500 errors will occur
    when searching if the master db is down. This fix allows searching to
    still work under these conditions.
Commits on Jun 3, 2019
  1. create answerhub importer (#7671)

    oblakeerickson authored and SamSaffron committed Jun 3, 2019
Commits on May 27, 2019
  1. FIX: Consistently handle category param

    oblakeerickson authored and tgxworld committed May 24, 2019
    See https://meta.discourse.org/t/api-post-to-posts-json-inconsistent-between-users/118571
    for more info.
    
    This commit removes a 5 year old temporary fix that is no longer needed.
    
    bc1824a#diff-d8c648926664f849aec050757bfcb6f9R72
    
    The web interface uses category_id when creating a topic so I think we
    should unify on category_id when using the api.
Commits on May 24, 2019
  1. FIX: Undefined method when serializing a user

    oblakeerickson committed May 24, 2019
    Apparently is is possible to have a user without a user_profile. This
    fix will return nil for any user_profile fields during serialization
    (like the after delete web hook) instead of blowing up.
Commits on May 9, 2019
  1. REFACTOR: Shorten up category param check

    oblakeerickson committed May 9, 2019
    Follow up to d1dbafe
  2. FIX: Return error if new topic category not found take 2

    oblakeerickson committed May 9, 2019
    If creating a topic via the api as an admin and the category you specify
    cannot be found an error will now be returned instead of just creating
    the topic with no category. This will prevent accidental public topic
    creation originally intended for a private category.
    
    This commit is follow up to 535c594 and
    still allows for the creation of topics where the category param is
    blank.
Commits on May 8, 2019
  1. FIX: Return error if new topic category not found

    oblakeerickson committed May 8, 2019
    If creating a topic via the api as an admin and the category you specify
    cannot be found an error will now be returned instead of just creating
    the topic with no category. This will prevent accidental public topic
    creation originally intended for a private category.
Commits on May 7, 2019
  1. FIX: return an error if a user tries to whisper

    oblakeerickson committed May 7, 2019
    This commit fixes a bug where a user creates a whisper post via the api
    but is posted as a regular message because they don't have access to
    whisper. Now a 403 unauthorized will be returned instead of the whisper
    param just being ignored for regular users. Staff users should not be
    affected by this change.
    
    https://meta.discourse.org/t/a-whisper-is-posted-as-a-message-if-the-user-is-not-staff-moderator-admin-when-using-the-api/116601
Commits on Mar 12, 2019
  1. FIX: prevent mixed api auth headers & query params

    oblakeerickson committed Mar 12, 2019
    When using the api and you provide an http header based api key any other
    auth based information (username, external_id, or user_id) passed in as
    query params will not be used and vice versa.
    
    Followup to f03b293
Commits on Mar 8, 2019
  1. FEATURE: Header based auth for API requests (#7129)

    oblakeerickson committed Mar 8, 2019
    Now you can also make authenticated API requests by passing the
    `api_key` and `api_username` in the HTTP header instead of query params.
    
    The new header values are: `Api-key` and `Api-Username`.
    
    Here is an example in cURL:
    
    ``` text
    curl -i -sS -X POST "http://127.0.0.1:3000/categories" \
      -H "Content-Type: multipart/form-data;" \
      -H "Api-Key: 7aa202bec1ff70563bc0a3d102feac0a7dd2af96b5b772a9feaf27485f9d31a2" \
      -H "Api-Username: system" \
      -F "name=7c1c0ed93583cba7124b745d1bd56b32" \
      -F "color=49d9e9" \
      -F "text_color=f0fcfd"
    ```
    
    There is also support for `Api-User-Id` and `Api-User-External-Id`
    instead of specifying the username along with the key.
Older
You can’t perform that action at this time.