Karina Kwiatek
7357e92865
Eager load relationships for questions, answers and users
2021-12-30 22:15:59 +01:00
Andreas Nedbal
dcc781df3d
Put all security related actions behind authentication
2021-12-29 22:35:17 +01:00
Karina Kwiatek
1b4aa8600d
Set Sentry user context
2021-12-28 19:19:27 +01:00
Karina Kwiatek
065e56ccf1
Replace New Relic with Sentry
2021-12-28 18:32:03 +01:00
Karina Kwiatek
053ebafbc5
Merge pull request #213 from Retrospring/refactor/profile
...
Move profile fields to seperate table
2021-12-25 22:44:10 +01:00
Karina Kwiatek
f28f714457
Allow retries for ShareWorker
2021-12-25 13:40:21 +01:00
Karina Kwiatek
8fa4feb469
Add endpoint for updating profile
2021-12-22 00:03:19 +01:00
Andreas Nedbal
58588d22b1
use .where.not instead of in-query condition for user confirm date
2021-10-03 20:49:33 +02:00
Andreas Nedbal
6639f6646a
only count active users on about page
2021-10-03 20:40:25 +02:00
Karina Kwiatek
56786ebb38
Add direct field to questions
...
Co-authored-by: Georg Gadinger <nilsding@nilsding.org>
2021-08-11 16:56:58 +02:00
Dominik Kwiatek
2e6f49819a
Address @nilsding's review comments
2020-11-15 22:08:18 +01:00
Dominik Kwiatek
aeb1396422
Add tests for recovery codes
2020-11-15 10:21:06 +01:00
Dominik Kwiatek
e16896fac1
Provide the user a way to generate new codes.
2020-11-01 18:52:42 +01:00
Dominik Kwiatek
61d82bdbec
Display count of remaining recovery codes
2020-11-01 18:41:37 +01:00
Dominik Kwiatek
5eb4f32660
Clean up after TOTP is disabled.
2020-11-01 18:31:20 +01:00
Dominik Kwiatek
5dd920eba2
Allow recovery codes to be used to sign in in place of a OTP
2020-11-01 18:29:11 +01:00
Dominik Kwiatek
b4f479a00f
Generate recovery keys on TOTP setup
2020-11-01 17:55:31 +01:00
Dominik Kwiatek
d20f527d8c
Add drift period
2020-10-24 00:24:04 +02:00
Dominik Kwiatek
0f80bcef14
Remove I18n. prefix
2020-10-23 21:01:00 +02:00
Dominik Kwiatek
702156258c
Remove user/sessions#two_factor_entry
2020-10-23 21:00:06 +02:00
Dominik Kwiatek
66cccbb5d6
Use the same string for 2FA failures
2020-10-23 20:58:42 +02:00
Dominik Kwiatek
d7a1750694
Implement @nilsding's review changes
2020-10-23 20:45:06 +02:00
Dominik Kwiatek
556050aa66
Add tests for security settings page
2020-10-21 13:44:00 +02:00
Dominik Kwiatek
3211f8f59b
Make OTP secret longer
2020-10-19 20:25:18 +02:00
Dominik Kwiatek
433f1d45e5
Use controller for setting up QR Code
2020-10-19 14:56:13 +02:00
Dominik Kwiatek
00da21a13d
Redirect away from two factor entry page if no target user is set in session
2020-10-19 12:20:44 +02:00
Dominik Kwiatek
4ce5dfc92a
Fix detaching, improve UI for attaching 2FA
2020-10-18 19:48:12 +02:00
Dominik Kwiatek
25410e111d
Fix OTP auth triggering for users who haven't set it up
...
I thought I could be clever by using a null secret key as an indicator of it being disabled
2020-10-18 11:39:28 +02:00
Dominik Kwiatek
141ff59f63
Implement Two Factor Authentication
2020-10-18 10:39:46 +02:00
Dominik M. Kwiatek
a92dd54be3
Address @nilsding's review comments
2020-05-27 20:07:39 +01:00
Dominik M. Kwiatek
984976a2f7
Omit hCaptcha if it is disabled
2020-05-27 20:07:39 +01:00
Dominik M. Kwiatek
7cac93ad4e
Add hCaptcha
2020-05-27 20:07:39 +01:00
Georg Gadinger
b58883e004
Remove "ask a group" feature
2020-05-25 18:34:43 +02:00
Georg Gadinger
ea0685136e
Rename Groups to Lists
...
haha regexp go brrr
special thanks to @seatsea for helping me out with the French locales
2020-05-25 18:04:54 +02:00
Karina Kwiatek
ff9741589d
Implement cropping; make uploaders DRY
2020-05-17 20:38:40 +01:00
Georg Gadinger
9b4c8027b8
Fix pagination for ajax views
2020-05-09 04:39:09 +02:00
Andreas Nedbal
928eeb28f3
Redirect user to edit_user_theme_path after deletion
2020-05-06 22:19:30 +02:00
Andreas Nedbal
880429f5f9
Add new fields for themes
...
- In the settings view
- In the model validation
- In the controller parameter permissions
- In the CoffeeScript/Ruby helpers
2020-05-05 02:02:16 +02:00
Andreas Nedbal
53979580d8
Merge branch 'master' into feature/bootstrap
2020-05-04 23:19:54 +02:00
Andreas Nedbal
e7c5b1a4a3
Remove theme preview route and logic
2020-05-04 17:26:38 +02:00
Georg Gadinger
0109322610
add spec for Ajax::ModerationController
2020-05-01 22:41:26 +02:00
Georg Gadinger
3e95d5ebeb
add spec for Ajax::ReportController
2020-05-01 10:17:05 +02:00
Georg Gadinger
6f3f3afa2f
add spec for Ajax::GroupController
2020-05-01 10:17:05 +02:00
Georg Gadinger
54532c71e1
add spec for Ajax::QuestionController
...
also fix some minor annoyances
2020-05-01 10:17:05 +02:00
Georg Gadinger
1824fb1c25
add spec for Ajax::InboxController
2020-05-01 10:17:05 +02:00
Georg Gadinger
d492cd34f6
AjaxController: also rescue from StandardError
2020-05-01 10:17:05 +02:00
Andreas Nedbal
91a7f7ed33
Fix wrong partial in Ajax::CommentController#create
2020-04-29 14:01:48 +02:00
Andreas Nedbal
b22c7d358c
Fix wrong partial path in Ajax::AnswerController#create
2020-04-29 13:33:53 +02:00
Andreas Nedbal
45b11bddfd
Merge branch 'master' into feature/bootstrap
2020-04-29 02:49:07 +02:00
Georg Gadinger
29a5d0408c
ajax_controller: fix variable name
2020-04-28 21:42:41 +02:00
Georg Gadinger
2f2b9ab1f4
New Relic be like: *notices your errors* OwO what's this?
2020-04-28 20:32:36 +02:00
Georg Gadinger
e07d069c73
Refactor Ajax::*Controllers
...
Also removed the unused `Ajax::QuestionController#preview` method and
route
2020-04-28 20:28:00 +02:00
Andreas Nedbal
e9e0a222b0
Merge branch 'master' into feature/bootstrap
2020-04-27 02:11:54 +02:00
Georg Gadinger
aeef50ad78
Merge pull request #86 from Retrospring/cleanup
...
Minor Cleanup
2020-04-26 20:03:46 +02:00
Karina Kwiatek
926631eca3
Remove more left-over references to role fields
2020-04-25 22:23:37 +01:00
Karina Kwiatek
f42cc6aed9
Remove all other references to removed roles
2020-04-25 21:20:02 +01:00
Andreas Nedbal
96309eb8ba
Move all modals into shared views/modal directory
2020-04-25 15:16:45 +02:00
Georg Gadinger
445d9ebe2a
Fix user questions page
2020-04-23 03:31:07 +02:00
Georg Gadinger
101b3b68d3
Use cursored pagination, remove WillPaginate
2020-04-20 23:13:24 +02:00
Karina Kwiatek
391f4a28ed
Merge branch 'master' into feature/announcements
...
# Conflicts:
# db/schema.rb
2020-04-19 21:52:58 +01:00
Karina Kwiatek
a505e7ee71
Ensure we're logged in as an admin when using the AnnouncementController
2020-04-19 21:45:07 +01:00
Karina Kwiatek
b6d6c1fded
Add announcements to the top of the application template
2020-04-19 21:38:21 +01:00
Georg Gadinger
946bb3ae9d
Use Rolify for admin and moderator roles
2020-04-19 22:35:58 +02:00
Karina Kwiatek
473f2cdcc5
Show announcement validation errors on the frontend
2020-04-19 21:26:55 +01:00
Karina Kwiatek
6187cb0b6c
Add the ability to edit announcements
2020-04-19 20:58:57 +01:00
Karina Kwiatek
f14a168bce
Implement deletion of announcements
2020-04-19 20:50:33 +01:00
Karina Kwiatek
e3b89f7346
Implement creation of announcements
2020-04-19 20:34:48 +01:00
Karina Kwiatek
8a632a09cd
Create Announcement model & controller
2020-04-19 20:12:22 +01:00
Georg Gadinger
8b129bbbf4
Fix moderation panel.
2020-04-19 18:33:20 +02:00
Georg Gadinger
6f6ac3cc7d
Merge remote-tracking branch 'origin/master' into rails5
2020-04-19 14:32:47 +02:00
Georg Gadinger
9fa8ef1501
enable 'Discover' page for mods
2020-04-19 13:55:13 +02:00
Karina Kwiatek
a19402af41
Upgrade to Rails 5.2
2020-04-19 00:45:50 +01:00
Georg Gadinger
d47991f379
Fixes for devise 4.x
2019-03-29 22:37:10 +01:00
Georg G
0deb4c4ccc
added export view/controller/routes
2016-01-05 20:54:38 +01:00
Yuki
e510a6e8b4
Do you feel it, Mr. Krabs?
2015-09-18 18:09:26 +09:00
Yuki
c107cb19cb
LEEDLE LEEDLE LEEE
2015-09-18 18:08:08 +09:00
Yuki
64ba41d9a6
Fix reports
2015-09-18 18:02:16 +09:00
pixeldesu
ede3ad1b92
Update notification design and behaviour
...
- Add display of content that was replied to/with
- Instead of marking notifications new, only show new items and hide seen entries
- Add a 'New Notifications' page and set it as default
- Add proper display if there are no new notifications
- Adjust theme to fit new changes
2015-09-16 22:18:40 +02:00
Yuki
8cbd85a89c
the copy paste is strong
2015-09-01 18:48:56 +05:30
Yuki
4b891b3f70
Fix dangerous send exploit
2015-09-01 18:44:50 +05:30
Yuki
5d3d3a68e7
Fix remote code execution exploit
2015-09-01 18:44:31 +05:30
pixeldesu
a9ad31b285
move check if user is logged in out of template
2015-08-28 16:36:49 +02:00
Yuki
71caf3cce5
Several changes to theming, solving a bunch of bugs
2015-08-27 05:30:26 +05:30
Yuki
a7c3acea76
ISHYGDDT
2015-08-26 02:14:14 +05:30
Yuki
c2da575955
invalid is invalid
2015-08-26 01:20:17 +05:30
Yuki
2e0a00e461
Braces
2015-08-26 00:50:18 +05:30
Yuki
7c68b2a167
PRODUCTION V DEVELOPMENT, ROUND 3 FIGHT
2015-08-26 00:45:08 +05:30
Yuki
906692e78f
Theming is finished
...
Previews, settings pane and presets!
2015-08-25 23:57:06 +05:30
Yuki
1912fc3766
Model goop
...
also made the theme selection logic for user profiles and current user, and the saving logic
2015-08-25 13:56:36 +05:30
Yuki
47344a5774
ThemeHelper.render_theme_with_context
2015-07-29 22:24:33 +05:30
Yuki
aec452cbd1
CSS -> SCSS
2015-07-29 22:01:34 +05:30
Yuki
9ef71a84e9
Merge branch 'master' of github.com:Retrospring/retrospring into feature-themes
2015-07-29 19:52:14 +05:30
Yuki
26a517a650
Fixes, workers now output to sidekiq, not rails
2015-07-27 12:42:12 +05:30
Yuki
92bbfef2df
Moved ask all + ask group to worker, validates user_id for ask person now
2015-07-27 12:29:56 +05:30
Yuki
54b051a7e7
Temp. layout for testing
2015-07-24 22:42:14 +05:30
Yuki
3b0646644a
Replace @users with Hash
2015-07-24 01:14:20 +05:30
Yuki
2aef9bd71f
Support for Ruby 2.0.0
2015-07-24 01:13:39 +05:30
Yuki
deb6d12108
Moderation Priority + IP
2015-07-23 23:21:13 +05:30
pixeldesu
36d6cd5816
remove strict case requirement
2015-07-17 22:46:05 +02:00
pixeldesu
19d6ccd855
change logic for deletion when no user or no question is found
2015-07-17 22:31:10 +02:00