Commit Graph

50027 Commits

Author SHA1 Message Date
Natalie Tay fcaefc9f2f
FIX: De-duplicate poll vote on user merge (#22107)
When merging users, polls may error out if the source and target users have both voted on the same poll before. 😢 

There is no constraint on the `poll_votes` table either to support this. Ideally a composite primary key can be used `(poll_id, user_id)`, but alas there is no support yet, which is probably why it wasn't created in the first place.

This fix ensures that merging is successful by only keeping the target poll votes if duplicates exist.

This fix also runs a migration on older poll votes where failed merges would have caused a single user to have voted twice on a single poll. e.g. this weird edge case
2023-06-15 11:18:51 +08:00
Joseph ec31eb4c7b
DEV: Fix broken link (#22112)
"SMTP and SEND API Settings" link under Mailjet.
2023-06-15 09:53:49 +08:00
Krzysztof Kotlarek 959c50001d
FIX: rename everything link to topics (#22076)
Rename everything link in community sidebar section to topics, which is
a bit more descriptive.
2023-06-15 11:36:38 +10:00
Martin Brennan f75ac9da30
FEATURE: Thread indicator improvements and participants (#21909)
This commit adds the initial part of thread indicator improvements:

* Show the reply count, last reply date and excerpt,
and the participants of the thread's avatars and
count of additional participants
* Add a participants component for the thread that
can be reused for the list
* Add a query class to get the thread participants
* Live update the thread indicator more consistently
with the last reply and participant details
image image

In subsequent PRs we will cache the participants since
they do not change often, and improve the thread list
further with participants.

This commit also adds a showPresence boolean (default
true) to ChatUserAvatar, since we don't want to show the
online indicator for thread participants.

---------

Co-authored-by: chapoi <charlie@discourse.org>
2023-06-15 10:49:27 +10:00
dependabot[bot] 897b6d86c7
Build(deps-dev): Bump better_errors from 2.10.0 to 2.10.1 (#22123)
Bumps [better_errors](https://github.com/BetterErrors/better_errors) from 2.10.0 to 2.10.1.
- [Release notes](https://github.com/BetterErrors/better_errors/releases)
- [Commits](https://github.com/BetterErrors/better_errors/compare/v2.10.0...v2.10.1)

---
updated-dependencies:
- dependency-name: better_errors
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:34:56 +08:00
dependabot[bot] 68ff053956
Build(deps-dev): Bump sass from 1.63.3 to 1.63.4 in /app/assets/javascripts (#22122)
Bumps [sass](https://github.com/sass/dart-sass) from 1.63.3 to 1.63.4.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.63.3...1.63.4)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:34:45 +08:00
dependabot[bot] 28cb3300bc
Build(deps): Bump racc from 1.7.0 to 1.7.1 (#22120)
Bumps [racc](https://github.com/tenderlove/racc) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/tenderlove/racc/releases)
- [Changelog](https://github.com/ruby/racc/blob/master/ChangeLog)
- [Commits](https://github.com/tenderlove/racc/compare/v1.7.0...v1.7.1)

---
updated-dependencies:
- dependency-name: racc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:34:03 +08:00
dependabot[bot] b11685f74b
Build(deps): Bump json_schemer from 1.0.2 to 1.0.3 (#22124)
Bumps [json_schemer](https://github.com/davishmcclurg/json_schemer) from 1.0.2 to 1.0.3.
- [Changelog](https://github.com/davishmcclurg/json_schemer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/davishmcclurg/json_schemer/compare/v1.0.2...v1.0.3)

---
updated-dependencies:
- dependency-name: json_schemer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-15 08:33:44 +08:00
Krzysztof Kotlarek 2effcaa0f9
FIX: Update sidebar to be navigation menu (#22101)
Communities can use sidebar or header dropdown, therefore navigation menu is a better name settings in 2 places:

- Old user sidebar preferences;
- Site setting about default tags and categories.
2023-06-15 09:31:28 +10:00
Blake Erickson be7d82d2b0
DEV: Clean up unused routes (#22118)
This cleans up our routes.rb file so that it only has routes that map to
existing controller actions.

Some routes were just old and their corresponding controller methods
were deleted without cleaning up the route for it. Other routes were
just accidentally created using the `resources` helper and never mapped
to actual controller methods.
2023-06-14 16:18:32 -06:00
Ella E 61cf221416
UX: Remove branded blobs background (#22115)
* UX: Remove branded blobs background

* Update app/assets/stylesheets/common/base/login.scss

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-06-14 13:21:08 -06:00
Keegan George 9dc63c0755
UX: Add required indicator to fields with `required` validation (#22096) 2023-06-14 11:25:05 -07:00
David Taylor 6084b331ed
Unsilence this-property-fallback (#21615) 2023-06-14 11:16:56 -07:00
Keegan George cd6183de93
DEV: Temporarily hide form when editing topic with template (#22099) 2023-06-14 11:16:39 -07:00
Juan David Martínez Cubillos 8b39125985
FEATURE: Implement max_tags_per_email_subject (#22050)
* FEATURE: Implement max_tags_per_email_subject

* made it so only max_tags_per_email_subject is responsible for tags in emails when the feature is enabled

* added locales for implemented siteSettings

* reworded locale for enable_max_tags_per_email_subject

* added min value for max_tags_per_email_subject

* Implemented suggested changes to spec description
2023-06-14 12:22:14 -05:00
Ella E b5d60da191
A11Y: Adjust contrast for the Dark and Solarized Dark tertiary color schemes (#22102) 2023-06-14 10:14:53 -06:00
Andrei Prigorshnev e5c705af8a
DEV: group tests related to mentions (#22017) 2023-06-14 19:34:38 +04:00
Selase Krakani 2652354da3
FIX: Moderator(non-admin staff user) group visibility scope queries (#22109)
Currently, groups owned by moderators are not visible to them on the
groups page. This happens because, the group visibility queries don't
account for non-admin staff user group ownership.

This change updates the group visibility scope queries to account for a
moderator(non-admin staff user) group ownership.
2023-06-14 15:25:45 +00:00
Roman Rizzi 1865eb1de3
FIX: Don't add the no-text class if translatedLabel is present (#22111) 2023-06-14 12:18:17 -03:00
Roman Rizzi 9e20fcb9c1
FIX: Correctly get the topic_id from the first post (#22110) 2023-06-14 11:52:27 -03:00
David Taylor a49b45dc14
FIX: Update workbox class references following version bump (#22108)
Followup to cc2f18121d
2023-06-14 14:39:04 +01:00
Joffrey JAFFEUX 5a035e2f5d
PERF: fixes multiple N+1 while loading threads (#22106) 2023-06-14 13:51:52 +02:00
Natalie Tay 3fe06bba9d
FIX: Allow half-merged user to be accessed in admin UI (#22105) 2023-06-14 19:19:12 +08:00
Ted Johansson a674c6c4c2
DEV: Update username in new quote format - Part 1 (#22032)
When we introduced the new quote format with full-name display name:

```
[quote="Ted Johansson, post:1, topic:2, username:ted"]
we overlooked the code responsible for rewriting quotes when a user's name is changed.
```

The functional part of this change adds support for the new quote format in the code that updates quotes when a user's username changes. See the test case in `spec/services/username_changer_spec.rb` for the details.

In addition, this change adds a regression test for PrettyText to cover the new quote format, and extracts the code responsible for rewriting raw and cooked quotes into its own `QuoteRewriter` class. The functionality of the latter is tested through the tests in `spec/services/username_changer_spec.rb`.
2023-06-14 16:14:11 +08:00
Martin Brennan cb87ef52de
FIX: Backfill chat thread memberships (#21971)
Since we created user_chat_thread_memberships in
cc2570f we haven't
yet backfilled it for users who previously sent a message in
in threads -- this migration creates the UserChatThreadMemberships
needed for those threads, making sure the last read message id
is accurate for those participants.
2023-06-14 13:54:51 +10:00
dependabot[bot] 55810a8b46
Build(deps): Bump html-entities in /app/assets/javascripts (#22098)
Bumps [html-entities](https://github.com/mdevils/html-entities) from 2.3.5 to 2.3.6.
- [Release notes](https://github.com/mdevils/html-entities/releases)
- [Changelog](https://github.com/mdevils/html-entities/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdevils/html-entities/compare/v2.3.5...v2.3.6)

---
updated-dependencies:
- dependency-name: html-entities
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-14 02:06:28 +02:00
dependabot[bot] bbdf8c80ac
Build(deps): Bump google-protobuf from 3.23.2 to 3.23.3 (#22097)
Bumps [google-protobuf](https://github.com/protocolbuffers/protobuf) from 3.23.2 to 3.23.3.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: google-protobuf
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-14 02:05:55 +02:00
Sam eb603b246b
PERF: limit anonymization to 1 per cluster (#21992)
Anonymization is among the most expensive operations we can perform with
extreme potential to impact the database. To mitigate risk we only allow a
single anonymization across the entire cluster concurrently.

This commit introduces support for `cluster_concurrency 1`. When you set that on a Job it will only allow 1 concurrent execution per cluster.
2023-06-14 08:30:23 +10:00
Juan David Martínez Cubillos 1a27e715ee
PERF: Increase performance of large csv exports for User Histories (#22008)
* PERF: Increase performance of large csv exports for User Histories

* added find_each for screened_email_export
2023-06-13 16:05:08 -05:00
Kris e0f848c2ea
REFACTOR: move shadow vars to css custom props (#22094) 2023-06-13 16:38:31 -04:00
Jarek Radosz dae3970bad
DEV: Fix random typos (#22078)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-06-13 22:02:21 +02:00
Blake Erickson 286dfcacb4
Version bump to v3.1.0.beta5 (#22092) 2023-06-13 12:08:36 -06:00
Kris 17656e4451
UX: force long filenames to wrap in lightbox (#22091) 2023-06-13 13:34:14 -04:00
Roman Rizzi 8938ecabc2
FEATURE: Custom content summarization strategies. (#21813)
* FEATURE: Content custom summarization strategies.

This PR establishes a pattern for plugins to register alternative ways of summarizing content by extending a class that defines an interface.

Core controls which strategy we'll use and who has access to it through the `summarization_strategy` and `custom_summarization_allowed_groups`. It also defines the UI for summarizing topics.

Other plugins can access this summarization mechanism and implement their features, removing cross-plugin customizations, as it currently happens between chat and the discourse-ai plugin.

* Group membership validation and rate limiting

* Work with objects instead of classes

* Port summarization feature from discourse-ai to chat

* Rename available summaries to 'Top Replies' and 'Summary'
2023-06-13 14:21:46 -03:00
Blake Erickson dcceb91000
SECURITY: Prevent dismissal of topics that user can't see (#22086)
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2023-06-13 11:08:55 -06:00
Blake Erickson 644dded000
SECURITY: Use canonical url for topic embeddings (#22085)
This prevents duplicate topics from being created when using embed_urls
that only differ on query params.
2023-06-13 11:08:08 -06:00
Blake Erickson 56b74e6042
SECURITY: Limit ThemeField value length to prevent DoS (#22087)
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2023-06-13 12:07:47 -05:00
Blake Erickson e576fdbe3a
SECURITY: set max-height property for iframes (#22084)
Co-authored-by: David Battersby <info@davidbattersby.com>
2023-06-13 11:07:32 -06:00
Régis Hanol 4cb3412a56
PERF: improve `findAllMatches` speed (#22083)
When we introduced unicode support in the regular expressions used in watched words (9a27803) we didn't realize the cost adding the `u` flag would be.

Turns out, it's pretty bad when you have lots of regular expressions to test. A customer had slightly less than 200 watched words, and it would freeze the browser for about 2s on the first check of those regular expressions (roughly 10ms per regular expression).

This commit introduces a new field (`word`) to the serialized watched words which is then converted to a very fast and cheap regular expression on the client-side. We use that regexp to quicly check whether a matcher is even worth trying so that we don't incure the cost of compiling the expensive unicode regexp.

This commit also busts the `WordWatcher` cache since we added a new field to be serialized.

One nice side effect of using `matchAll` instead of a `while / exec` loop is that the likeliness of having a bad regexp matching infinitely is vastly reduced 🙌
2023-06-13 18:34:28 +02:00
Blake Erickson 367b3be035
DEV: Cleanup unused group and post routes (#22067)
Cleaning up these routes because they aren't being used
and they don't have a corresponding controller method.

- `POST  /groups(.:format) groups#create`
- `DELETE /groups/:id(.:format) groups#destroy`
- `POST  /g(.:format) groups#create`
- `DELETE /g/:id(.:format) groups#destroy`
- `GET /posts(.:format) posts#index`
- `GET /posts/new(.:format) posts#new`
- `GET /posts/:id/edit(.:format) posts#edit`
2023-06-13 08:57:57 -06:00
Penar Musaraj 3c490b2db8
UX: Better alignment for experimental grids (#22066)
Improves the layout of most grids in posts, by using `object-fit: cover` for most images. This allows images to better fill up the space, without changing their aspect ratio.
2023-06-13 09:25:46 -04:00
Discourse Translator Bot 3da29a06fd
Update translations (#22081) 2023-06-13 15:18:44 +02:00
chapoi bb4b60d624
UX: remove rounded border on hover lightbox (#22080) 2023-06-13 13:31:28 +02:00
Loïc Guitaut 5257c80064 DEV: Set limits on custom fields
This patch sets some limits on custom fields:
- an entity can’t have more than 100 custom fields defined on it
- a custom field can’t hold a value greater than 10,000,000 characters

The current implementation of custom fields is relatively complex and
does an upsert in SQL at some point, thus preventing to simply add an
`ActiveRecord` validation on the custom field model without having to
rewrite a part of the existing logic.
That’s one of the reasons this patch is implementing validations in the
`HasCustomField` module adding them to the model including the module.
2023-06-13 11:47:21 +02:00
Loïc Guitaut c08a52e502 DEV: Clean up old polls data from custom fields
In early 2015, the poll plugin was writing its data to custom fields on
the post containing the poll. It was later changed to have dedicated SQL
tables and the polls were migrated but we forgot to clean the existing
data.
2023-06-13 11:28:26 +02:00
Jarek Radosz e6f8897450
DEV: Try to de-flake topic page specs (#22065) 2023-06-13 11:05:19 +02:00
Krzysztof Kotlarek 4270ab932a
FIX: change dismiss new button label (#22075)
Button which is opening modal to dismiss topics should be "Dismiss…"
2023-06-13 13:18:39 +10:00
dependabot[bot] 9854b034c6
Build(deps-dev): Bump terser in /app/assets/javascripts (#22074)
Bumps [terser](https://github.com/terser/terser) from 5.17.7 to 5.18.0.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.17.7...v5.18.0)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-13 01:31:36 +02:00
dependabot[bot] 091e9a832c
Build(deps): Bump rubocop from 1.52.0 to 1.52.1 (#22070)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.52.0 to 1.52.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.52.0...v1.52.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-13 01:23:14 +02:00
dependabot[bot] 9ad0c3ddb5
Build(deps): Bump net-imap from 0.3.4 to 0.3.6 (#22069)
Bumps [net-imap](https://github.com/ruby/net-imap) from 0.3.4 to 0.3.6.
- [Release notes](https://github.com/ruby/net-imap/releases)
- [Commits](https://github.com/ruby/net-imap/compare/v0.3.4...v0.3.6)

---
updated-dependencies:
- dependency-name: net-imap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-13 01:21:18 +02:00