Commit Graph

43920 Commits

Author SHA1 Message Date
Jarek Radosz 9c6ad955aa
DEV: Fix one more use of `jQuery` global (#14910) 2021-11-12 20:22:43 +01:00
Jarek Radosz 7ea2bf52cc
DEV: Fix `hljs.highlightBlock` deprecation (#14908) 2021-11-12 20:20:47 +01:00
Rafael dos Santos Silva 6645243a26
SECURITY: Disallow caching of MIME/Content-Type errors (#14907)
This will sign intermediary proxies and/or misconfigured CDNs to not
cache those error responses.
2021-11-12 15:52:25 -03:00
Jarek Radosz 9ca93f57cc
DEV: Remove `jQuery` global usage where possible (#14905) 2021-11-12 19:23:20 +01:00
Jarek Radosz 97aa56bdc3
FIX: Prevent `PreloadStore` from calling the finder when value is falsy (#14899) 2021-11-12 17:45:06 +01:00
Joffrey JAFFEUX 79f49dfb7a
DEV: reduces jquery usage in composer-editor (#14903) 2021-11-12 16:40:10 +01:00
Daniel Waterworth 4724f3cbf7
DEV: Remove deprecated method (#14902) 2021-11-12 09:07:44 -06:00
Daniel Waterworth e7c0bbb9c0
DEV: Let's always give a drop_from param to deprecate (#14901)
So that we know when deprecations can be removed in the future.
2021-11-12 08:52:59 -06:00
Bianca Nenciu 32a174d883
FIX: Use Map instead of Object for caching (#14887)
Objects have default properties, such as "constructor" that can cause
issues when using similar texts as keys.
2021-11-12 15:18:07 +02:00
Joffrey JAFFEUX 904d509cce
FIX: ensures minimum tags logic is correct and shared (#14723)
Also fixes a bug where select-kit was not updating noneItem in multi-selects.
2021-11-12 14:04:48 +01:00
Joffrey JAFFEUX 362c47ce6a
DEV: adds a new topic footer dropdown api (#14747)
This api allows to add a dropdown at the bottom of a topic, note that this API is mobile only for now.

Also included in the commit:
- various doc fixes
- adding tests for both buttons and dropdowns APIs
- uses thrown instead of @ember/error to ensure execution is halted when incorrect parameters are given
2021-11-12 10:21:34 +01:00
Martin Brennan e0be6ce1ee
DEV: Catch Mocha::ExpectationError in request specs (#14897)
Same issue as 28b00dc6fc, the
Mocha::ExpectationError inherits from Exception instead
of StandardError so RspecErrorTracker does not show the
actual failed expectation in request specs, the status of
the response is just 500 with no further detail.
2021-11-12 13:10:16 +10:00
Martin Brennan 2371da9f25
Revert "Add support for Ember Exam" (#14895)
This reverts commit d1dec23a93.

It was causing issues with internal builds.
2021-11-12 10:31:57 +10:00
dependabot[bot] d92a213b6d Build(deps): Bump mini_racer from 0.4.0 to 0.5.0
Bumps [mini_racer](https://github.com/discourse/mini_racer) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/discourse/mini_racer/releases)
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_racer/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: mini_racer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-11 16:50:57 -05:00
dependabot[bot] cd80193582 Build(deps): Bump sprockets-rails from 3.2.2 to 3.3.0
Bumps [sprockets-rails](https://github.com/rails/sprockets-rails) from 3.2.2 to 3.3.0.
- [Release notes](https://github.com/rails/sprockets-rails/releases)
- [Commits](https://github.com/rails/sprockets-rails/compare/v3.2.2...v3.3.0)

---
updated-dependencies:
- dependency-name: sprockets-rails
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-11-11 16:32:03 -05:00
Robin Ward d1dec23a93 Add support for Ember Exam
This allows us to partition and load balance tests, if we like.
2021-11-11 16:15:50 -05:00
Daniel Waterworth 388f45c570
DEV: Remove deprecated methods (#14885) 2021-11-11 12:21:25 -06:00
Daniel Waterworth fa3c4ad28b
DEV: Deprecate message bus site settings (#14465)
It makes much more sense for these to be GlobalSettings, since, in
multisite clusters, only the default site's settings would be respected.

Co-authored-by: David Taylor <david@taylorhq.com>
2021-11-11 11:12:25 -06:00
Jarek Radosz 61d14a7694
DEV: Fix 3N+1 query in `/admin/customize/themes` (#14876) 2021-11-11 18:11:23 +01:00
David Taylor 13fdc979a8
DEV: Improve multisite testing (#14884)
This commit adds the RailsMultisite middleware in test mode when Rails.configuration.multisite is true. This allows for much more realistic integration testing. The `multisite_spec.rb` file is rewritten to avoid needing to simulate a middleware stack.
2021-11-11 16:44:58 +00:00
Roman Rizzi a3814b1e56
FIX: Display top posts from private categories if the user has access. (#14878)
Users viewing the top topics from the categories page should see those belonging to a private category if they have access to it.
2021-11-11 13:35:03 -03:00
Osama Sayegh 69ec6899f9
Revert "DEV: increase lock timeout for multisite migration (#14831)" (#14883)
* Revert "DEV: increase lock timeout for multisite migration (#14831)"

This partially reverts commit 337ef60303.

We need to revert the mutex around `db:status:json` because the mutex is not available unless the rails environment is loaded which the `db:status:json` doesn't load before the mutex. We can't load the environment before entering the mutex because the mutex is meant to prevent other instances of the task from loading a rails environment while the database is migrating.

Co-authored-by: David Taylor <david@taylorhq.com>

Co-authored-by: David Taylor <david@taylorhq.com>
2021-11-11 16:16:53 +03:00
Alan Guo Xiang Tan 095255c8ec
FIX: Topic queryParams are removed from history state when scrolling. (#14881)
* Also fixed a bug where the queryParams are not removed when toggling
  between filters.
2021-11-11 16:10:00 +08:00
Martin Brennan 729043633e
DEV: Add missing IDs to uppy upload components (#14880) 2021-11-11 15:38:39 +10:00
dependabot[bot] 33df3f162d
Build(deps): Bump oauth from 0.5.7 to 0.5.8 (#14877)
Bumps [oauth](https://github.com/oauth-xx/oauth-ruby) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/oauth-xx/oauth-ruby/releases)
- [Changelog](https://github.com/oauth-xx/oauth-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/oauth-xx/oauth-ruby/compare/v0.5.7...v0.5.8)

---
updated-dependencies:
- dependency-name: oauth
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-11 09:12:26 +08:00
tshenry 5467bfb7d6
Remove Internet Explorer reference (#14879)
Discourse no longer supports Internet Explorer, so we can remove the IE-specific warning in this site setting description.
2021-11-11 09:10:20 +08:00
Martin Brennan e4350bb966
FEATURE: Direct S3 multipart uploads for backups (#14736)
This PR introduces a new `enable_experimental_backup_uploads` site setting (default false and hidden), which when enabled alongside `enable_direct_s3_uploads` will allow for direct S3 multipart uploads of backup .tar.gz files.

To make multipart external uploads work with both the S3BackupStore and the S3Store, I've had to move several methods out of S3Store and into S3Helper, including:

* presigned_url
* create_multipart
* abort_multipart
* complete_multipart
* presign_multipart_part
* list_multipart_parts

Then, S3Store and S3BackupStore either delegate directly to S3Helper or have their own special methods to call S3Helper for these methods. FileStore.temporary_upload_path has also removed its dependence on upload_path, and can now be used interchangeably between the stores. A similar change was made in the frontend as well, moving the multipart related JS code out of ComposerUppyUpload and into a mixin of its own, so it can also be used by UppyUploadMixin.

Some changes to ExternalUploadManager had to be made here as well. The backup direct uploads do not need an Upload record made for them in the database, so they can be moved to their final S3 resting place when completing the multipart upload.

This changeset is not perfect; it introduces some special cases in UploadController to handle backups that was previously in BackupController, because UploadController is where the multipart routes are located. A subsequent pull request will pull these routes into a module or some other sharing pattern, along with hooks, so the backup controller and the upload controller (and any future controllers that may need them) can include these routes in a nicer way.
2021-11-11 08:25:31 +10:00
Rafael dos Santos Silva d4e35f50c2
PERF: Update like count in visible posts without an extra GET per like (#14869)
PERF: Update like count in visible posts without an extra GET per like

Currently when a user is reading a topic and some post in it receive a
like from another user, the Ember app will be notified via MessageBus
and issue a GET to `/posts/{id}` to get the new like count. This worked
fine for us until today, but it can easily create a self-inflicted DDoS
when a topic with a large number of visitors gets a large number of
likes, since we will issue `visitors * likes` GET requests requests.

This patch optimizes this flow, by sending the new like count down in
the MessageBus notification, removing any need for the extra request.

It shouldn't cause any drift on the count because we send down the full
count instead of the difference too.

Possible follow-ups could include handling like removal.
2021-11-10 13:22:26 -03:00
Jarek Radosz b72688340f
FIX: `LocalJumpError` in rake tasks (#14874)
`return` isn't allowed in a block context. A followup to #14865
2021-11-10 16:53:55 +01:00
Bianca Nenciu 3791fbd919
FEATURE: Add read-only scope to API keys (#14856)
This commit adds a global read-only scope that can be used to create
new API keys.
2021-11-10 17:48:00 +02:00
Martin Brennan 6a749b95c9
DEV: Bump eslint-config-discourse again (#14873)
Now all the plugins are updated it is safe to bump
to 1.1.9
2021-11-10 12:03:28 +11:00
Martin Brennan 431f0dce4c
DEV: Update discourse-local-dates for eslint shorthand rule (#14872)
See 4f7aba06c0
2021-11-10 11:58:11 +11:00
Martin Brennan 755e892f63
DEV: Update yarn.lock (#14871)
Follow up to 47075c0d12
2021-11-10 10:15:17 +10:00
Martin Brennan 47075c0d12
DEV: Revert eslint-config-discourse bump (#14870)
Just the package.json part of 23b7b42acd,
because all the plugins/themes need to be updated to follow this
new rule as well.
2021-11-10 09:49:30 +10:00
Martin Brennan 23b7b42acd
DEV: Bump eslint-config-discourse (#14868)
Changes for 4f7aba06c0

Also fixes all of the object-shorthand violations in our JS code.
2021-11-10 09:31:41 +10:00
jbrw a8c63ddb54
FIX: Call `_clearFlash()` when displaying a modal (#14848)
`d-modal-body.js` was setting the text of a `modal-alert` element to `""`, but not removing any classes on that element. Changing this to call `_clearFlash()` ensures that a variety of styling classes are also removed from the element, which prevents empty alert elements being included on any subsequent modals that are displayed.

Several other controllers have also been modified to change the class of the error from `alert-error` to `error. The `alert-` is unnecessary, as it is added by `_flash(msg)` within `d-modal-body.js`.
2021-11-09 17:51:50 -05:00
Martin Brennan 6a68bd4825
DEV: Limit list multipart parts to 1 (#14853)
We are only using list_multipart_parts right now in the
uploads controller for multipart uploads to check if the
upload exists; thus we don't need up to 1000 parts.

Also adding a note for future explorers that list_multipart_parts
only gets 1000 parts max, and adding params for max parts
and starting parts.
2021-11-10 08:01:28 +10:00
Jarek Radosz 25ef395af8
FIX: Don't fail if `s3_install_cors_rule` is off (#14865)
Regressed in #14802
2021-11-10 08:00:30 +10:00
Robin Ward 5998e69b9c FIX: Use `127.0.0.1` instead of `localhost` for ember CLI
On new macs, `localhost` resolves to IPV6 of `::1` and unfortunately
unicorn doesn't bind to IPv6 by default.

This seems to be the path of least resistance. By using 127.0.0.1 we
force IPv4 which works great.
2021-11-09 16:02:51 -05:00
Kris a87216f1f3
A11Y: set modal widths with EMs; improves scaling (#14863) 2021-11-09 14:56:05 -05:00
Penar Musaraj 3becc55833
FIX: Disable scroll events while on full screen (#14864) 2021-11-09 14:29:05 -05:00
Penar Musaraj ce91bf0775
Revert "FIX: Composer height issue in Safari on iOS 15 (#14282)" (#14847)
This reverts commit 0dab1634b0.
2021-11-09 13:10:07 -05:00
Kris cb997be513
UX: fix share/notify modal styles (#14861) 2021-11-09 12:44:01 -05:00
David Taylor 65a389c3ac
FIX: Allow bulk invites to be used with DiscourseConnect (#14862)
Support for invites alongside DiscourseConnect was added in 355d51af. This commit fixes the guardian method so that the bulk invite button functionality also works.
2021-11-09 17:43:23 +00:00
David Taylor 5ac10e2e79
DEV: Update DiscourseConnect nonce errors to be more descriptive (#14858) 2021-11-09 17:39:05 +00:00
Robin Ward 769d53ff09 FIX: In Ember CLI some plugin tests were referring to the wrong container 2021-11-09 12:06:05 -05:00
Jordan Vidrine 520a0cfa2b
"A11Y: Add prefers reduced motion" (#14859) 2021-11-09 10:24:31 -06:00
Dan Ungureanu ec3758b573
FIX: Make PostRevisor more consistent (#14841)
* FIX: Preserve field types when updating revision

When a post was edited quickly twice by the same user, the old post
revision was updated with the newest changes. To check if the change
was reverted (i.e. rename topic A to B and then back to A) a comparison
of the initial value and last value is performed. If the check passes
then the intermediary value is dismissed and only the initial value and
the last ones are preserved. Otherwise, the modification is dismissed
because the field returned to its initial value.

This used to work well for most fields, but failed for "tags" because
the field is an array and the values were transformed to strings to
perform the comparison.

* FIX: Reset last_editor_id if revision is reverted

If a post was revised and then the same revision was reverted,
last_editor_id was still set to the ID of the user who last edited the
post. This was a problem because the same person could then edit the
same post again and because it was the same user and same post, the
system attempted to update the last one (that did not exist anymore).
2021-11-09 16:29:37 +02:00
Discourse Translator Bot 5d20304f95
Update translations (#14855) 2021-11-09 14:54:59 +01:00
Bianca Nenciu b203e316ac
FEATURE: Add pagination to API keys page (#14777) 2021-11-09 12:18:23 +02:00