Commit Graph

2317 Commits

Author SHA1 Message Date
Vinoth Kannan 572bb5988f
FIX: word boundary regex (\b) not working in Unicode languages. (#9163) 2020-03-25 18:39:19 +05:30
Bianca Nenciu d8640fd042
DEV: Move requested_group_id custom field from post to topic (#9127)
Follow-up-to accbbded15
2020-03-24 11:12:52 +02:00
Vinoth Kannan bef8468510 Make qunit test code more clean.
45ce9876cc
2020-03-24 13:04:46 +05:30
Martin Brennan b8b29e79ad
FIX: Improve user timezone saving (#9230)
Based on issues identified in https://meta.discourse.org/t/improved-bookmarks-with-reminders/144542/20

* Implement the resolvedTimezone() function on the user model where we return the user's timezone if it has been set, or we guess it using moment and save it to the user using an update call if it has not yet been set. This covers the cases of users who do not log out/in often who will not get their timezone set via login. This also makes sure the guess + save is done in a non-obtrusive way not on every page -- only when it is needed.

* Before if a user's timezone was blank when they visited their profile page we were autofilling the dropdown with the guessed timezone from moment. However this was confusing as it would appear you have that timezone saved in the DB when you really didn't. Now we do not autofill the dropdown and added a button to automatically guess the current timezone to make everything more explicit.
2020-03-24 11:39:09 +10:00
Kane York 4b8acce92b FIX: Check for permalinks before showing the 404 page
Limitations: the user profile "open external links in new tab setting" is
slightly broken for "External URL" permalinks.

Remove the copy from the admin permalinks page stating that this doesn't work.
2020-03-23 16:31:07 -07:00
Joffrey JAFFEUX 48c1de4836
DEV: adds afterCreate/beforeUpdate hooks to rest models (#9253)
We already have beforeCreate and afterUpdate and it seems these hooks can be useful and it's also unexpected to not have parity on this.
2020-03-23 16:58:40 +01:00
Joffrey JAFFEUX 3f9b922d20
FIX: middle click was reading every notifications (#9252) 2020-03-23 13:28:16 +02:00
Robin Ward 1859e6b7ca FIX: Don't fail if the test environment doesn't support Webauthn 2020-03-20 10:44:02 -04:00
Martin Brennan e2ce12d414
FIX: Broken computing of userHasTimezone in bookmark modal and missing tap-tile templates for regular users (#9229)
Based on reports here https://meta.discourse.org/t/improved-bookmarks-with-reminders/144542

* Because the `userHasTimezone` property was computed and we were checking on an (essentially) global object, ember was not aware that the user timezone had changed because it changed in a different place. instead set the timezone as internal state for the modal on show and base the computed property off of that so it mutates correctly
* The tap-tile components were in the admin folder completely unnecessarily, move them out into the main discourse folder otherwise noone else can use the new bookmarks (icon + text is missing)
2020-03-18 11:12:23 +10:00
Vinoth Kannan 45ce9876cc Fix the build. Remove the branch value if available.
48d690ae01
2020-03-18 04:13:00 +05:30
Vinoth Kannan 48d690ae01 FIX: Remote themes Github link should go to custom branch #9184 2020-03-18 03:57:54 +05:30
Bianca Nenciu 43b38dbbc2
FIX: Dismiss notifications on middle click (#9098) 2020-03-17 17:48:12 +02:00
Martin Brennan 4cce564b35
FIX: Bookmark reminders and improvements changes (#9213)
* Cosmetic fixes for the bookmark modal
* Do not show "later today" when the later time will be > 5pm
* When a custom reminder time is selected, store it in localStorage. The next time the modal is opened, if the last datetime is > now, then a new tile with "Last" will be shown that lets the user reselect that same time.
* Also add an explicit "No Reminder" option that is selected by default
2020-03-16 16:05:44 +10:00
Joffrey JAFFEUX d3b53fb551
REFACTOR: removes legacy bootstrap css class (#9174) 2020-03-11 15:31:29 +01:00
Joffrey JAFFEUX 683cb28099
DEV: enforces ember-template-lint: no-triple-curlies (#9165)
This pr replaces `{{{ }}}` usage by a {{html-safe}} helper. While it doesn't solve the underlying issue, it gives us a path forward without risking breaking too much existing behavior.

Also introduces an htmlSafe computed macro:

```
import { htmlSafe } from "discourse/lib/computed";

htmlDescription: htmlSafe("description")
```

Overtime {{html-safe}} usage should be removed and moved to components properties or specialized components/helpers.
2020-03-11 09:23:10 +01:00
romanrizzi f795c1b8e8 Revert "DEV: enforces ember-template-lint: no-triple-curlies (#9150)"
This reverts commit d436b600fb.

Triple curlies are still necessary for some raw templates.
2020-03-10 15:00:12 -03:00
Joffrey JAFFEUX d436b600fb
DEV: enforces ember-template-lint: no-triple-curlies (#9150)
This pr replaces `{{{ }}}` usage by a {{html-safe}} helper. While it doesn't solve the underlying issue, it gives us a path forward without risking breaking too much existing behavior.

Also introduces an htmlSafe computed macro:

```
import { htmlSafe } from "discourse/lib/computed";

htmlDescription: htmlSafe("description")
```

Overtime {{html-safe}} usage should be removed and moved to components properties or specialized components/helpers.
2020-03-10 16:46:57 +01:00
Penar Musaraj 68328d2d64
DEV: Replace save-button partial with a component (#9066) 2020-03-10 09:37:54 -04:00
Roman Rizzi 826b4793c0
FEATURE: Approve suspect users is now true by default. The suspect users list was removed (#9151) 2020-03-10 08:56:42 -03:00
Joffrey JAFFEUX 78a6b76310
FIX: ensures pinned-options header is showing correct state (#9156) 2020-03-10 09:56:55 +01:00
Martin Brennan baea65e4bc
FIX: Embarassing algoriths typo -> algorithms for security keys (#9126) 2020-03-09 09:22:08 +10:00
Jarek Radosz 48ba65f406
DEV: Clean up Ember imports (#8979)
Includes:
* Import `computed` helpers
* Import `@ember/application`
* Import `isBlank` from `@ember/utils`
* Import `A` from `@ember/array`
* Import `EmberArray` from `@ember/array`
* Import `ArrayProxy` from `@ember/array/proxy`
* Import `warn` from `@ember/debug`
* Import `EmberObject` from `@ember/object`
* Import `Application` from `@ember/application`
* Import `EmberRouter` from `@ember/routing/router`
* Import `isPresent` from `@ember/utils`
* Import `computed` from `@ember/object`
* Import `guidFor` from `@ember/object`
* Import `isArray` from `@ember/array`
* Import `TextField` from `@ember/component`
* Import `TextArea` from `@ember/component`
* Import `Promise` from `rsvp`
* Import `Evented` from `@ember/object/evented`
* Replace deprecated `ember-addons/ember-computed-decorators` imports
2020-03-06 23:49:28 +01:00
Joffrey JAFFEUX 29c9d8a133
FIX: uses only global allow_uncategorized_topics for category drop (#9130) 2020-03-06 20:11:21 +01:00
Jeff Wong 86690155b3
FEATURE: prevent accidental canceling when drafting penalties (#9129)
Pop up a confirmation box when there is input. This prevents accidental closing
of the dialog boxes due to clicking outside.

This adds a development hook on modals in the form of a `beforeClose`
function. Modal windows can abort the close if the funtion returns false.

Additionally fixing a few issues with loop and state on the modal popups:

Escape key with bootbox is keyup.
Updating modal to close on keyup as well so escape key is working.
Fixes an issue where pressing esc will loop immediately back to the modal by:
keydown -> bootbox -> keyup -> acts as "cancel", restores modal

Needs a next call to reopenModal otherwise, keyup is handled again by the modal.
Fixes an issue where pressing esc will loop immediately back to the confirm:
esc keyup will be handled and bubble immediately back to the modal.

Additionally, only handle key events when the #discourse-modal is visible.
This resolves issues where escape or enter events were being handled by
a hidden modal window.
2020-03-06 09:36:56 -08:00
Martin Brennan 29ccdf5d35
FIX: Show a nicer error if name/code missing for TOTP/Security Keys (#9124)
Meta: https://meta.discourse.org/t/improve-error-message-when-not-including-name-setting-up-totp/143339

* when the user creates a TOTP second factor method we want
to show them a nicer error if they forget to add a name
or the code from the app, instead of the param missing error
* also add a client-side check for this and for security key name,
no need to bother the server if we can help it
2020-03-06 14:37:40 +10:00
Jeff Wong 6fe91bbbbb
Revert "FEATURE: prevent accidental canceling when drafting penalties (#9105)" (#9122)
This reverts commit 243284f998.

There are some issues in how the JS tests interact that I will need to figure out here before this can be merged.
2020-03-05 17:29:51 -08:00
Jeff Wong 243284f998
FEATURE: prevent accidental canceling when drafting penalties (#9105)
Pop up a confirmation box when there is input. This prevents accidental closing
of the dialog boxes due to clicking outside.

This adds a development hook on modals in the form of a `beforeClose`
function. Modal windows can abort the close if the funtion returns false.

Additionally fixing a few issues with loop and state on the modal popups:

Escape key with bootbox is keyup.
Updating modal to close on keyup as well so escape key is working.
Fixes an issue where pressing esc will loop immediately back to the modal by:
keydown -> bootbox -> keyup -> acts as "cancel", restores modal

Needs a next call to reopenModal otherwise, keyup is handled again by the modal.
Fixes an issue where pressing esc will loop immediately back to the confirm:
esc keyup will be handled and bubble immediately back to the modal.

Additionally, only handle key events when the #discourse-modal is visible.
This resolves issues where escape or enter events were being handled by
a hidden modal window.
2020-03-05 15:55:35 -08:00
Martin Brennan 3e54e0191e
FIX: Use full URL for secure attachments when secure media enabled (#9037)
When secure media is enabled and an attachment is marked as secure we want to use the full url instead of the short-url so we get the same access control post protections as secure media uploads.
2020-03-04 10:11:08 +11:00
Martin Brennan 0df72a51b8
FIX: Stop infinite lookup-urls issue for video/audio on page (#9096)
Meta report: https://meta.discourse.org/t/excessive-requests-to-uploads-lookup-urls-leading-to-429-response/143119

* The data-orig-src attribute was not being removed from cooked
video and audio so the composer was infinitely trying to get the
URLs for them, which would never resolve to anything
* Also the code that retrieved the short URL was unscoped, and was
getting everything on the page. if running from the composer we
now scope to the preview window
* Also fixed a minor issue where the element href for the video
and audio tags was not being set when the short URL was found
2020-03-03 15:44:01 +11:00
Jarek Radosz 4da357e378
DEV: Use async functions in tests (#9087)
This change both improves readability and fixes potential race-condition issues where promises were nested instead of being chained.

Also includes:
* Use arrow functions and Promise shorthands
* Remove the obsolete `asyncTestDiscourse` helper
2020-03-02 21:20:19 +01:00
Robin Ward a653737a66
FIX: Add aria-labels to topic list items (#9048)
* FIX: Add aria-labels to topic list items

Before this fix you could navigate the topic list using a screen reader
and a keyboard but some of the items were not as descriptive as they
could be. The newly added labels make it easier to understand what you
are tabbing over.

context:
https://meta.discourse.org/t/accessibility-aria-attributes-are-not-defined-for-links-under-replies-category/142539

* Update app/assets/javascripts/discourse/lib/utilities.js.es6

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* Multiline fix

* Fix more tests

Co-authored-by: Régis Hanol <regis@hanol.fr>
2020-03-02 14:28:54 -05:00
Mark VanLandingham 176aa0ac7d
DEV: Import pretender instead of global server var (#8996)
* DEV: Remove server global test variable

* Delete yarn-error.log

* prettier and some eslint fixes

* add global server variable back for plugins

* rename imported server to pretender

* prettier

* support plugin server. usage

* Export pretender as named

* Prettier

* change default pretender export

* fix bad import

* Use pretender() and original default export

* export new Pretender as default

* fix accidental change

* WIP testing

* add pretend handlers in correct location

* move more stuff into the correct pretender

* Consolidated more pretenders

* comment out another bad test

* fix user acceptance tests

* commented out bad test

* fixed another composer server stub

* fix more tests

* fixed tag test pretender

* Fix admin email test

* removed another draft handler

* add back test

* fix and uncomment another test

* remove test that is not useful

* remove commented out lines

* reapply handlers between every test

* no need to re-stub requests now :)

* cleanup from review

* more cleanup
2020-03-02 14:24:31 -05:00
Joffrey JAFFEUX ed85cfe141
FIX: prevents click on sk header to bubble (#9084) 2020-03-02 20:06:02 +01:00
Joffrey JAFFEUX 2db8ada222
FIX: ensures category url of category drop is built using slug and id (#9069) 2020-02-28 17:58:22 +01:00
Mark VanLandingham 337b823ec6
Merge pull request from GHSA-vw39-6w7q-gfx5
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-02-27 11:47:15 -06:00
Penar Musaraj d6a603cc50
FIX: Translate none-tag and all-tags labels in tag filter (#9030)
* FIX: Translate none-tag and all-tags labels in tag filter
* Add test
2020-02-25 07:57:24 +11:00
Joffrey JAFFEUX f336aeee6f
FIX: ensures scoped search category is searching in all categories (#9031) 2020-02-24 19:19:53 +01:00
Joffrey JAFFEUX 69a2ad626b
FIX: ensures group automatic membership dropdown works (#9022)
This commit also fixes a deprecation warning as the previous  component was overriding a computed property from the group model.

Finally a test has been added as this is the only place where we use list-setting outside of the settings, this was highly subject to regressions.
2020-02-21 22:14:24 +01:00
Joffrey JAFFEUX 0b0290cddb
FIX: muted was not working in topic timeline (#9021) 2020-02-21 21:32:58 +01:00
Joffrey JAFFEUX cb69e89d7c
FIX: correctly shows suggested topics label (#9017) 2020-02-21 12:35:49 +01:00
Joffrey JAFFEUX e807dff6fc
FIX: ensures mini-tag-chooser is respecting max_tags_per_topic (#9018) 2020-02-21 12:16:05 +01:00
Martin Brennan 3af2670bd5
FIX: Consider webp a supported image format for upload (#9015)
* Also fixes an issue where if webp was a downloaded hotlinked
  image and then secure + sent in an email, it was not being
  redacted because webp was not a supported media format in
  FileHelper
* Webp originally removed as an image format in
  https://github.com/discourse/discourse/pull/6377
  and there was a spec to make sure a .bin webp
  file did not get renamed from its type to webp.

  However we want to support webp images now to make
  sure they are properly redacted if secure media is
  on, so change the example in the spec to use tiff,
  another banned format, instead
2020-02-21 13:08:01 +10:00
Joffrey JAFFEUX 74f2d48018
FIX: makes setting-object capable of defining value/name properties itself (#9003) 2020-02-19 10:01:21 +01:00
Roman Rizzi 99305511bc
DEV: Remove unused BreakString class (#8942) 2020-02-14 15:32:59 -03:00
Robin Ward d51107e2c9 FIX: If a group is unmentionable, don't render it as mentionable
Now if a group is visible but unmentionable, users can search for it
when composing by typing with `@`, but it will be rendered without the
grey background color.

It will also no longer pop up a JIT warning saying "You are about to
mention X people" because the group will not be mentioned.
2020-02-14 12:29:56 -05:00
Penar Musaraj 89d9704194 FIX: value-list choices when removing a value
Fixes an issue where choices were broken when removing an item from the value-list component.

Adds test case for this scenario.
2020-02-14 11:21:06 -05:00
David Taylor ce588006e3
DEV: Update the site title in qunit fixtures (#8959)
This confuses me every time I run qunit tests in the browser. The tab is labelled Meta, but it's not meta! This change has no functional impact on the tests
2020-02-14 11:30:04 +00:00
Dan Ungureanu 09edde8ef7
DEV: Add test (#8961)
Follow-up to 67c9940d72.
2020-02-14 10:19:57 +02:00
Joffrey JAFFEUX 6405159484
FEATURE: adds a new plugin api to decorate plugin outlets (#8937)
```
api.decoratePluginOutlet(
  "discovery-list-container-top",
  elem => {
    if (elem.classList.contains("foo")) {
      elem.style.backgroundColor = "yellow";
    }
  }
);
```
2020-02-13 23:44:34 +01:00
David Taylor 8d50f092b5
DEV: Use classes for styling user and group cards (#8913)
Styling based on element-ids, it is impossible for themes/plugins to display multiple cards on a single page. Using classes is a more flexible approach. The element-ids are maintained for backwards compatibility with existing plugins/themes.
2020-02-13 09:58:17 +00:00
Joffrey JAFFEUX 42bda52486
FIX: ensures select-kit can select a row with 0 as value (#8955) 2020-02-13 09:04:32 +01:00
Martin Brennan e1e74abd4f
FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954)
### UI Changes

If `SiteSetting.enable_bookmarks_with_reminders` is enabled:

* Clicking "Bookmark" on a topic will create a new Bookmark record instead of a post + user action
* Clicking "Clear Bookmarks" on a topic will delete all the new Bookmark records on a topic
* The topic bookmark buttons control the post bookmark flags correctly and vice-versa
Disabled selecting the "reminder type" for bookmarks in the UI because the backend functionality is not done yet (of sending users notifications etc.)

### Other Changes

* Added delete bookmark route (but no UI yet)
* Added a rake task to sync the old PostAction bookmarks to the new Bookmark table, which can be run as many times as we want for a site (it will not create duplicates).
2020-02-13 16:26:02 +10:00
Penar Musaraj efa9ba4975
UX: Prevent category-drop topic count from wrapping to new line (#8943) 2020-02-12 14:34:16 -05:00
Dan Ungureanu ecaf2c2f4e
FIX: Make category slug validation less strict (#8915)
This was changed recently and caused issues saving old categories which
already had digits at the beginning of the slug (for example, '30-days').
2020-02-11 17:01:12 +02:00
Joffrey JAFFEUX 9d50e1b40f
DEV: introducing user-chooser (#8910) 2020-02-11 15:54:56 +01:00
Martin Brennan 7ff58f1787
FIX: Disable preloading audio + video when secure media enabled (#8922)
Meta topic: https://meta.discourse.org/t/secure-media-uploads-expire/140894

This fixes the issue where if secure media was enabled, audio
and video files would do an initial load using the presigned
URL for the media to get metadata information e.g. duration of
track/video. However this started the expiry countdown for the
URL, so when a user pressed play on the media after 15 seconds
the media would be expired and AWS would return a 403 error.

We do not preload media if secure media is enabled. Otherwise
we just set the preload type to "metadata" which is the browser
default anyway.
2020-02-11 11:49:58 +10:00
Joffrey JAFFEUX f5f4ce90c1 DEV: adds afterRender decorator (#8864) 2020-02-10 08:13:13 +01:00
Bianca Nenciu 88a4d5a2c1
FIX: Properly convert quotes to Markdown (#8808)
* FIX: Properly convert quotes to Markdown

When quoting a quote it used to convert the quote header, including the
user avatar and username, into a image and some text and then the
contents. This also caused issues when quoting full paragraphs (or when
selecting paragraphs by triple-clicking) because the user avatar and
name from the following quote would also be included.

This commit implements the support necessary to convert
<aside class="quote"> elements to proper Discourse quotes.
2020-02-07 16:25:23 +01:00
Dan Ungureanu 2a884e25be
DEV: Make image resize controls more resilient (#8867)
Commit aa24be1 made it possible to build data attributes from image's
Markdown and this changes ensure that the resize controls still work
when data attributes are present.
2020-02-06 17:19:24 +02:00
Mark VanLandingham 499b57a9ed
DEV: Ember linting - disallow Ember.* variable usage (#8782) 2020-02-05 10:14:42 -06:00
Mark VanLandingham c8a02161dd
FIX: Warn users of overwriting new topic draft (#8841) 2020-02-04 09:59:56 -06:00
Jarek Radosz 4ab696dd2f
DEV: Add the `@action` decorator (#8836)
This also enables`@action` use in plugin connectors.

Setting `actions` earlier allows `setupComponents` to use them, for example, when setting up event listeners.
2020-02-04 11:42:25 +01:00
Penar Musaraj 6301477b4c FIX: Make dropdown custom user fields compatible with select-kit 2 2020-02-03 13:19:38 -05:00
Joffrey JAFFEUX 0431942f3d
DEV: select-kit 2 (#7998)
This new iteration of select-kit focuses on following best principales and disallowing mutations inside select-kit components. A best effort has been made to avoid breaking changes, however if you content was a flat array, eg: ["foo", "bar"] You will need to set valueProperty=null and nameProperty=null on the component.

Also almost every component should have an `onChange` handler now to decide what to do with the updated data. **select-kit will not mutate your data by itself anymore**
2020-02-03 14:22:14 +01:00
Martin Brennan 397adfd128
FIX: Wrap markdown videos with video-container class to stop post height jumping (#8806)
This will lock video aspect ratio to 16:9 and stop them from making posts jump around on load.

See also discourse/onebox@6f58545 and fe20cb4.
2020-01-29 15:52:02 +10:00
David Taylor fe0d912b97
FIX: getURL on a subfolder site should ignore prefix in middle of URL (#8794) 2020-01-27 17:51:46 +00:00
Dan Ungureanu 6279d0e8b5 UX: Use '-' as default category slug (#8607)
This replaces the default slug from 'ID-category' to '-'.
2020-01-23 15:44:29 +01:00
Martin Brennan 65481858c2
FEATURE: Use upload:// short URL for videos and audio in composer (#8760)
For consistency this PR introduces using custom markdown and short upload:// URLs for video and audio uploads, rather than just treating them as links and relying on the oneboxer. The markdown syntax for videos is ![file text|video](upload://123456.mp4) and for audio it is ![file text|audio](upload://123456.mp3).

This is achieved in discourse-markdown-it by modifying the rules for images in mardown-it via md.renderer.rules.image. We return HTML instead of the token when we encounter audio or video after | and the preview renders that HTML. Also when uploading an audio or video file we insert the relevant markdown into the composer.
2020-01-23 09:41:39 +10:00
Bianca Nenciu 7b7e1717f2
FIX: Quoting a quote preserves the original post information (#8746)
Let's say post #2 quotes post number #1. If a user decides to quote the
quote in post #2, it should keep the information of post #1
("user_1, post: 1, topic: X"), instead of replacing with current post
info ("user_2, post: 2, topic: X").
2020-01-22 16:10:23 +02:00
Dan Ungureanu 89bd7ba45f
FIX: Use new tag routes (#8683)
Commit 1fb7a62 added unambiguous routes for tags. This commit ensures
that the new routes are used.
2020-01-21 19:23:08 +02:00
Bianca Nenciu fe6ff1b5ab DEV: Fix failing test
jquery.autoellipsis tries to automatically find the available space
which depends on multiple factors which may differ between the machines
where the tests are running.

Follow-up to commit 9c628f0897.
2020-01-21 19:15:29 +02:00
Bianca Nenciu 9c628f0897
FIX: Workaround limitation in jquery.autoellipsis (#8747)
Calling $.ellipsis() on an element containing <br> elements would throw
an exception.
2020-01-21 18:44:50 +02:00
Dan Ungureanu eeefa1177f
FIX: Make category-chooser show all parent categories (#8706) 2020-01-19 13:07:54 +02:00
Dan Ungureanu 7d8c33a094 FIX: Include sub-sub-categories in new/unread counts (#8710)
The count used to be less than the real one because the topics in
sub-sub-categories and deeper were not taken into account.
2020-01-17 10:02:57 +00:00
Jarek Radosz fe588cc7f8
DEV: Fix function prototype deprecations (#8681)
* DEV: Fix the function prototype observers deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.observes('foo') to observer('foo', function() {}). [deprecation id: function-prototype-extensions.observes] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-observes for more details.

* DEV: Fix the function prototype event listeners deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.on('foo') to on('foo', function() {}). [deprecation id: function-prototype-extensions.on] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-on for more details.

* DEV: Simplify `default as` imports

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-01-16 18:56:53 +01:00
Jarek Radosz ff5a82b614
FIX: Change rootNone behavior in category-chooser (#8692)
This breaking change was originally a deprecation fix for overriding a computed property `none`.

There are 4 uses of `rootNone` in core and "all-the-plugins":
1. in discourse-chat-integration, admin-plugins-chat-edit-rule.hbs - changed behavior, that I'd consider a fix - `rootNoneLabel` is now used regardless of `siteSettings.allow_uncategorized_topics` value, which I believe was an originally intended behavior (i.e. it most likely hasn't been tested with disabled uncategorized topics)
2. in discourse-slack-official, plugins-slack.hbs - the same as 1.
3. in core, edit-category-general.hbs (in this PR) - no change in behavior
4. in discourse-googlebooks, edit-category-general.hbs - no change in behavior (since `allowUncategorized="true"` is also passed as an argument)
2020-01-16 18:51:29 +01:00
Joffrey JAFFEUX 948bd00340
FEATURE: line with only 1 to 3 emojis will now display as large emojis 2020-01-16 09:54:26 +01:00
Mark VanLandingham 135d09d671
FIX: Styling for feature topic on profile modal (#8727) 2020-01-15 15:20:12 -06:00
Arpit Jalan 0bc65fa60e
FIX: show error message if the topic deletion fails (#8723) 2020-01-16 00:58:03 +05:30
Dan Ungureanu ff93c4b2f4
DEV: Fix tests 2020-01-15 15:57:37 +02:00
Dan Ungureanu 31701b7549
DEV: Fix failing 2FA tests 2020-01-15 15:27:21 +02:00
Mark VanLandingham 7ee09aa0d2
FIX: Ran prettier on user-selector-test (#8700) 2020-01-10 09:27:41 -08:00
Mark VanLandingham 5898afaa73
FEATURE: pass in excluded usernames to user-selector (#8695) 2020-01-10 09:02:43 -08:00
Dan Ungureanu 815116f6a2
FIX: Make 'findBySlugPathWithID' when URL ends with a slash (#8699)
Make URLs such as 'https://discourse/c/foo/bar/' work the same way
'https://discourse/c/foo/bar' does.
2020-01-10 17:02:36 +02:00
Bianca Nenciu eef21625c6
Rename 'target usernames' with 'target recipients' in Composer (#8606)
* Reapply "Rename 'target usernames' with 'target recipients' in Composer"

This reverts commit 9fe11d0fc3 which
reverted ebb288dc2c.

* DEV: Add test for replying to PM
2020-01-07 15:33:48 +02:00
David Taylor 50357b161e DEV: Restore { visible: true } for login button in smoke test
This was removed erroneously in 38b4e3b5a7
2020-01-07 12:58:08 +00:00
David Taylor 38b4e3b5a7
DEV: Add smoke test to github actions (#8580) 2020-01-07 12:54:01 +00:00
Jarek Radosz c76e22942c
FIX: Open a card on click even if the mention has extra elements (#8626)
Plugins like https://github.com/discourse/discourse-calendar add extra HTML (e.g. icons) to user/group mentions. Clicking on those extra elements used to only flash a blank card. Now, the card opens properly.
2019-12-30 19:26:23 +01:00
David Taylor bc4c40abd4
DEV: Remove unsafe-eval from development CSP (#8569)
- Refactor source_url to avoid using eval in development
- Precompile handlebars in development
- Include template compilers when running qunit
- Remove unsafe-eval in development CSP
- Include unsafe-eval only for qunit routes in development
2019-12-30 12:17:12 +00:00
Bianca Nenciu 9fe11d0fc3 Revert "Rename 'target usernames' with 'target recipients' in Composer (#8468)"
This reverts commit ebb288dc2c.
2019-12-20 11:56:20 +02:00
Bianca Nenciu ebb288dc2c
Rename 'target usernames' with 'target recipients' in Composer (#8468) 2019-12-20 10:28:14 +02:00
Kris fdea0a0838 fix icon test 2019-12-19 14:53:57 -05:00
Dan Ungureanu f1c4180ff8
FEATURE: Make 'Reorder Categories' work with nested categories (#8578) 2019-12-19 12:27:01 +02:00
Mark VanLandingham d37dc14c57
REVERT: Remove feature topic on profile button from topic view (#8573) 2019-12-17 12:41:49 -08:00
Joffrey JAFFEUX 007652ece5
DEV: allows this.get in widgets (#8571) 2019-12-17 18:39:51 +01:00
Krzysztof Kotlarek 84ede5867c
FIX: category id in filterCategory (#8555)
Small regression was created here: https://github.com/discourse/discourse/commit/374534f00ee#diff-4af46675500edc092f9224ca5835a7ddR106

After that change `listFilter` is including `categoryId` like `c/cat/subcat/6/l/latest` instead of `c/cat/subcat/l/latest`

Therefore, `trackIncoming` function in topic-tracking-state couldn't properly filter new messages
2019-12-17 08:33:38 +11:00
Mark VanLandingham 8c4ffaea1b
FEATURE: Modal for profile featured topic & admin wrench refactor (#8545) 2019-12-16 08:41:34 -08:00
David Taylor 8dcda65837 DEV: Correct error message check in run-qunit
Followup to 43ca1bb132
2019-12-12 14:06:06 +00:00
David Taylor 43ca1bb132 DEV: Handle occasional 'No inspectable targets' error in run-qunit
This is to work around https://github.com/GoogleChrome/chrome-launcher/issues/145
2019-12-12 13:24:58 +00:00
David Taylor 584021ca38 DEV: Correct error handling in run-qunit
runAllTests is an async function, so the try/catch block does not help. The function always returns a promise, so we need to use `.catch` to handle errors. Previously, raised errors were ignored, and the process continued running until it timed out.
2019-12-11 16:50:31 +00:00
Martin Brennan c7c4124b82 Use sandbox.restore() to try improve bookmark-test 2019-12-11 19:00:37 +10:00
Martin Brennan 6261339da9
Improving bookmarks part 1 (#8466)
Note: All of this functionality is hidden behind a hidden, default false, site setting called `enable_bookmarks_with_reminders`. Also, any feedback on Ember code would be greatly appreciated!

This is part 1 of the bookmark improvements. The next PR will address the backend logic to send reminder notifications for bookmarked posts to users. This PR adds the following functionality:

* We are adding a new `bookmarks` table and `Bookmark` model to make the bookmarks a first-class citizen and to allow attaching reminders to them.
* Posts now have a new button in their actions menu that has the icon of an actual book
* Clicking the button opens the new bookmark modal.
* Both name and the reminder type are optional.
* If you close the modal without doing anything, the bookmark is saved with no reminder.
* If you click the Cancel button, no bookmark is saved at all.
* All of the reminder type tiles are dynamic and the times they show will be based on your user timezone set in your profile (this should already be set for you).
* If for some reason a user does not have their timezone set they will not be able to set a reminder, but they will still be able to create a bookmark.
* A bookmark can be deleted by clicking on the book icon again which will be red if the post is bookmarked.

This PR does NOT do anything to migrate or change existing bookmarks in the form of `PostActions`, the two features live side-by-side here. Also this does nothing to the topic bookmarking.
2019-12-11 14:04:02 +10:00
Neil Lalonde 81a43f2c1e REFACTOR: use rest serializer for tag-info categories
But the "synonyms" can't use the TagSerializer yet. We still have some
code from the discourse-tagging plugin that uses "text" instead of
"name", "count" instead of "topic_count", etc. We should make the js
consistent with the TagSerializer and then stop using tag_counts_json.
2019-12-10 14:58:11 -05:00
Penar Musaraj ba8d8a4f93 FIX: alphabetical tag sorting in mini-tag-chooser 2019-12-10 12:36:49 -05:00
Jarek Radosz b5236591e9
FIX: Don't try to create an empty tag when updating a topic (#8481)
Fixes an issue where updates to the first post in a topic would be visible only for staff.

Before, because the empty tag would find its way to `PostRevisor`, `TopicsController#update` would create a hidden revision, and later `PostsController#update` would only update that revision.

After this change, `TopicsController` doesn't create a revision at all (unless necessary), so `PostsController` can create it (and correctly decide whether the revision should be hidden or not).
2019-12-09 19:55:08 +01:00
Dan Ungureanu aa24be1a9a
DEV: Extend plugin API for uploads (#8440)
* DEV: Add API to alter uploads Markdown

* DEV: Extract data attributes from image / download Markdown

For example '[test|attachment|hello=world]' will generate an 'a' element
with a data attribute: 'data-hello=world'.

This commit also makes MarkdownIt to transform '|attachment' into
'class="attachment"'. This transformation used to be a part of the
process which resolves short URLs (i.e. upload://).

* DEV: Export imageNameFromFileName
2019-12-09 16:20:03 +02:00
Dan Ungureanu f62b8990ac
FIX: Do not autocomplete categories or emojis in code blocks (#8459)
This reapplies commit b643526d9a after
being reverted in commit f65c453555.

Unlike the original commit, this does a single pass and does not take
into account unfinished code blocks.
2019-12-09 15:07:15 +02:00
Martin Brennan e4881290be
FIX: Image file names with dots were showing incorrectly in composer markdown (#8465)
When uploading an image file with dots in the filename we were splitting the string on dots and getting the last of the split items as the extension-less filename. However this did not work with filenames that have dots. We now  just remove the extension using substr.
2019-12-06 10:58:47 +10:00
Neil Lalonde 875f0d8fd8
FEATURE: Tag synonyms
This feature adds the ability to define synonyms for tags, and the ability to merge one tag into another while keeping it as a synonym. For example, tags named "js" and "java-script" can be synonyms of "javascript". When searching and creating topics using synonyms, they will be mapped to the base tag.

Along with this change is a new UI found on each tag's page (for example, `/tags/javascript`) where more information about the tag can be shown. It will list the synonyms, which categories it's restricted to (if any), and which tag groups it belongs to (if tag group names are public on the `/tags` page by enabling the "tags listed by group" setting). Staff users will be able to manage tags in this UI, merge tags, and add/remove synonyms.
2019-12-04 13:33:51 -05:00
Daniel Waterworth 6e5fedb312 DEV: Use category ids in more URLs preferentially
This is a followup to 374534f0
2019-12-04 09:47:41 +00:00
Gerhard Schlager 9ebb69e8eb FIX: Respect `enable_inline_emoji_translation` setting in titles 2019-12-03 20:39:11 +01:00
Gerhard Schlager 86b81b5f63 DEV: Reenable Emoji Picker tests 2019-12-03 20:39:11 +01:00
Gerhard Schlager e7c3c10829 FIX: Prepends whitespace when inserting via emoji picker 2019-12-03 20:39:11 +01:00
Sam Saffron f65c453555 Revert "FIX: Do not autocomplete categories or emojis in code blocks (#8433)"
This reverts commit b643526d9a.

Sadly this introduces a regex runaway CPU condition, we will re-work
this so it is safe.
2019-12-03 09:27:26 +11:00
Dan Ungureanu b643526d9a
FIX: Do not autocomplete categories or emojis in code blocks (#8433)
Emojis and category autocomplete show up often when writing code
snippets, which makes it easy to insert unwanted text by mistake.
2019-12-02 18:48:40 +02:00
Robin Ward 5df719a3c2 FEATURE: Support pasting a list of usernames into a PM
This allows you to paste multiple usernames into a PM's recipient list
at once. It supports usernames separated by spaces, commas, and new lines.
2019-12-02 11:28:09 -05:00
Daniel Waterworth 374534f00e DEV: Use category ids in URLs preferentially 2019-12-02 09:28:15 +00:00
Robin Ward 7fee3c61de
Support for custom messages and redirects when creating posts (#8434)
* Support for custom messages and redirects when creating posts

When a post/topic is created Discourse serializes a `NewPostResult`
object. Normally this contains a status like `created_post` or
errors describing why the post could not be created.

There are times when a plugin might want to take the inputted post
and do something in the background. In this case, the plugin
can return a custom `message` and `route_to` attribute in the
`NewPostResult`.

If present, the message will be displayed in an alert, and when "Ok" is
clicked the user will be routed to the new URL.

* Destroy the draft in parallel
2019-11-29 09:30:54 -05:00
Blake Erickson fac91a9e71 DEV: Remove unnecessary watched word test
This test is longer needed now that we are using handlebars which
provides escaping by default.

Follow up to 2bb36d72a3

and bb31e7f5b6
2019-11-27 17:42:22 -07:00
Blake Erickson 2bb36d72a3 DEV: Fix failing test on CI due to whitespace differences
I could not replicate the failure locally, but it was consistently
failing on CI with:

```
  Assertion Failed: it should escape watched words

      Expected:  <img src="x">, Actual:  <img src="x">
```

This commit removes an extra space that was added originally, but I
don't think it is really needed after double checking how it displays in
the UI. The `x` icon and the word have sufficient spacing between them.
If we need to we can tweak it in css instead.
2019-11-27 17:23:49 -07:00
Martin Brennan c54be3ff25
Add tests for oneboxer.js.es6 (#8418) 2019-11-28 08:20:32 +10:00
Joffrey JAFFEUX 119c4d0c1b
DEV: adds a `stringToHTML` helper to be used in tests (#8424)
This will replace the need for jquery: `$(string)`
2019-11-27 17:36:45 +01:00
Mark VanLandingham b92a8131c0
FEATURE: Pie chart option for poll results (#8352) 2019-11-25 11:51:01 -06:00
Dan Ungureanu d2d0937986
DEV: Add test for load-more (#8369)
Follow-up to 3650c64bca.
2019-11-25 14:42:34 +02:00
Dan Ungureanu 60ccfcaa6c
DEV: Add test for opening drafts from Activity screen (#8401)
Follow-up to 520d54d85f.
2019-11-25 14:31:47 +02:00
Martin Brennan dbfe9540fa FIX: be more tactical with replacing markdown chars
* instead of using encodeURIComponent in imageNameFromFileName,
  we just replace the bad characters that we wanted to get rid
  of in the first place where we introduced encodeURIComponent.
  as per review
2019-11-25 16:38:13 +10:00
Martin Brennan b89e634dd4
FIX: Replace %20 with space in markdown file name for uploads (#8405)
Meta: https://meta.discourse.org/t/image-name-has-20-in-file-name/134136

We were ending up with [file%20name](url) in the markdown preview, which looked weird and
affected the alt text. this is because we were calling encodeURIComponent, which has been left in place because this is a valid thing to do for some cases. (e.g. f674b9e)
2019-11-25 13:54:55 +10:00
Robin Ward d7ae052efe DEV: Don't allow `Promise` unless imported from `"rsvp"`
We want to make sure we are using the correct promise implementation so
let's lint out the browser version.
2019-11-20 15:24:59 -05:00
Dan Ungureanu 352d43b101
FIX: Better handling of Group model state (#8356)
The group card and group members page were affecting each other and were
leaking members list and the query parameters which led to bad UX
experience and sub-optimal performance (client made more queries because
it was loading fewer members).

This commit refactors the group model to make it more consistent, remove
dead code, move error handling outside of model.
2019-11-18 14:59:28 +02:00
Dan Ungureanu a9704da34c FIX: A pmOnly tag should link to messages (#8361)
isPrivateMessages represents that the tag list is shown in the context
of private messages and pmOnly represents that the tag is used only in
private messages.
2019-11-18 16:44:08 +11:00
Penar Musaraj cc8baa1a7c Fix Prettier using correct version (1.19.1) 2019-11-15 10:34:26 -05:00
Penar Musaraj 655e610357 Fix Prettier 2019-11-15 10:28:46 -05:00
Martin Brennan abf215a0e4 Bump prettier to 1.19.1 and lock dependency (#8350) 2019-11-15 10:07:45 -05:00
Robin Ward d4b7c028fa REFACTOR: Move upload utilities to their own file 2019-11-14 12:51:08 -05:00
Gerhard Schlager c83ae9a79f DEV: Add option to login at beginning of smoke tests
This is useful for testing sites which do not have any public topics.
2019-11-14 18:28:15 +01:00
Martin Brennan e7226a8c84
FEATURE: Allow scoping search to tag (#8345)
* When viewing a tag, the search widget will now show a checkbox to scope the search by tag, which will limit search results to that tag on desktop and mobile
2019-11-14 10:40:26 +10:00
Robin Ward a4b89f8187 DEV: Remove some extra `Discourse.Site` uses 2019-11-13 16:00:58 -05:00
Robin Ward bc2067898e FIX: Missing User objects in Utilities 2019-11-13 15:55:32 -05:00
Robin Ward f5ed0dc2e6 FIX: Failing tests 2019-11-13 15:34:30 -05:00
Robin Ward 3d0b310368 DEV: Fix some more deprecated Discourse.User and Discourse.Site 2019-11-13 15:34:30 -05:00
Mark VanLandingham 4843414de6 WIP - set Discourse.currentUser 2019-11-13 15:34:30 -05:00
Roman Rizzi 1c179177e7
REFACTOR: Attach resize controls to images from the markdown pipeline (#8314) 2019-11-12 17:32:37 -03:00
Robin Ward afadf361b3 REFACTOR: `idMap` should be a private API 2019-11-12 10:53:22 -05:00
Jarek Radosz 5d4b240453
DEV: Provide radix argument to parseInt (#8281)
* DEV: Provide radix 10 argument to parseInt

* DEV: Provide radix 16 argument to parseInt

* DEV: Remove unnecessary parseInt calls

* Fix year formatting

parseInt was used here to convert decimals to ints
2019-11-12 10:47:42 +01:00
Daniel Waterworth e79cec9fc7 DEV: Remove handling of category top menu items
Support for these kinds of navigation items was dropped in 88f52514, but
the code for handling these menu items was never removed.
2019-11-11 17:36:29 +00:00
Dan Ungureanu 55bdd9e6a2
FIX: Do not skip some emails in user search (#8317)
It used to skip the email addresses containing the plus sign.
2019-11-11 18:42:45 +02:00
Robin Ward f03edb36be REFACTOR: Remove `Discourse.Model` 2019-11-08 14:13:35 -05:00
Robin Ward 291572a97a REFACTOR: Remove `Discourse.Session` constants 2019-11-08 13:46:50 -05:00
Robin Ward 7ac2a55588 REFACTOR: Remove `Discourse.Category` constants 2019-11-08 13:31:00 -05:00
Robin Ward 7e44065bcb REFACTOR: Migrate `Discourse.Post` to imports 2019-11-08 13:13:13 -05:00
Robin Ward 932c169d46 REFACTOR: Remove Discourse.NavItem constants 2019-11-08 12:56:13 -05:00
Robin Ward 779ee3558d REFACTOR: Remove `Discourse.UserAction` from code 2019-11-08 12:52:39 -05:00
Gerhard Schlager 61b1f9c36b FEATURE: Load translation overrides without JS `eval` 2019-11-05 19:16:38 +01:00
David Taylor 52c5cf33f8
FEATURE: Overhaul of admin API key system (#8284)
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
2019-11-05 14:10:23 +00:00
Joe 8e419a772f
FIX: improve regex used for image sizing controls (#8291) 2019-11-05 18:40:02 +08:00
Robin Ward 90f934a660 REFACTOR: Use a module for `Ember.isEmpty` 2019-11-01 13:50:15 -04:00
Leo McArdle 5efa95b5f8 FIX: make notification consent banner usable via keyboard and screenreader (#8255)
* update d-button to support btn-link class

* add display attribute to d-button rather than computing on class
2019-10-31 15:36:24 -04:00
David Taylor 7191835989
DEV: Support custom server-side names in rest models (#8265) 2019-10-30 15:25:42 +00:00
Robin Ward 8d34f4bbd9 Revert "Revert Ember.run refactors"
This reverts commit fcb1ca52f9.
2019-10-30 09:48:24 -04:00
Robin Ward fcb1ca52f9 Revert Ember.run refactors
This reverts commit 5ca60fcb6b.
2019-10-29 17:10:47 -04:00
Robin Ward 249dff85c7 FIX: Use modules for `Ember.run.debounce` hack in testing 2019-10-29 16:25:37 -04:00
Robin Ward 5ca60fcb6b REFACTOR: Use imports for `Ember.run` 2019-10-29 15:31:56 -04:00
Mark VanLandingham c7475ee03b
DEV: Import EmberObject rather than global variable (#8256)
* DEV: Import ember/object rather than Ember.Object globally

* fixed broken object proxy import

* prettier on js

* added @ember/object/proxy to loader

* added unstaged file

* Fixed objet proxy reference is loader

* Linting!
2019-10-29 14:23:50 -05:00
Bianca Nenciu 1531644288
DEV: Add test (#8250)
Follow-up to 2863e7c181.
2019-10-29 12:12:09 +02:00
Sam Saffron b92e4465f7 DEV: stop depending on hover for image resize icons
We no longer defer render the resize links, so we no longer need all these
hover events to test it.

Corrects broken test.
2019-10-29 16:01:15 +11:00
Neil Lalonde f686ab988f FIX: close modals on ESC key and clicking outside 2019-10-28 17:23:30 -04:00
David Taylor 071a82efe3 FIX: Correct error when sending PM to email address 2019-10-28 18:32:43 +00:00
Jarek Radosz 5776251cdd
DEV: Remove an obsolete "preferences/about-me" route (#8251)
User's title and bio can be changed on the "preferences/account" page.
2019-10-28 17:29:14 +01:00
Gerhard Schlager 85c08b84a5 DEV: Add a short wait to smoke test to prevent rate limiting 2019-10-24 18:36:27 +02:00
Gerhard Schlager d4d2cb124c DEV: Make smoke tests more reliable 2019-10-24 17:51:48 +02:00
Gerhard Schlager decbc9194d DEV: Fix basic auth in smoke test 2019-10-24 17:43:26 +02:00
Robin Ward 6287eccb35 REFACTOR: Remove `Ember.Controller` in favor of import 2019-10-23 13:06:54 -04:00
David Taylor cc56f226b8 FIX: Correct mention autocomplete in new topics in unsecured categories
When autocompleting mentions in secure categories, we immediately populate the list with users which have permission to view the category. This logic is applied to unsecured categories as well, but the server returns an empty list of users. This commit teaches the autocomplete to understand empty lists of users without terminating the autocomplete dropdown.
2019-10-21 14:52:54 +01:00
Jarek Radosz f6ea986aec
DEV: Remove `suspend` from Admin::UsersController responses (#8206)
`suspend` isn't a User attribute, but was being assigned to the frontend User model as if it was. The model has a computed property that depends on `suspended_till`, so instead of overriding this property, it's better to return relevant attributes.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-10-18 01:49:26 +02:00
David Taylor 943d8e0a97 DEV: Update JS test fixtures
- `site.json` now returns a list of group objects, not a `group_names` array (a6714e25)
- `c/1/show.json` now includes `custom_fields: {}`, even if no fields exist (b8bd0316)
2019-10-15 22:37:15 +01:00
Robin Ward de3db0e485 FIX: Remove another broken test 2019-10-11 15:52:14 -04:00
Robin Ward 204cd43861 FIX: This emoji test was broken too 2019-10-11 15:41:19 -04:00
Robin Ward 342bbe66dd FIX: Flaky tests
We had acceptance tests that were testing the contents of the post
stream preview, not the contents of the eventual topic itself.

This became apparent when I introduced a new promise which caused the
tests to finish waiting for work properly. Before that, it was up to the
speed of the execution, very spooky!
2019-10-11 15:33:34 -04:00
Penar Musaraj 3a469a79cf
FEATURE: search topics when adding a link in composer (#8178) 2019-10-11 11:37:44 -04:00
Penar Musaraj a91ad81ed1 UX: Trigger primary action in modals using Enter
A modal's primary action (blue button in the default theme) can now be invoked
by hitting Enter on the keyboard. This applies to all modals that aren't strict
forms as long as the focus is not on a textarea element.
2019-10-09 13:28:07 -04:00
Rimian Perkins 074ce70c28 FEATURE: Load pretenders in plugins too. (#8173)
* allows plugins to auto load *-pretender files
* Allows hyphens in the name eg: `my-plugin-pretender.js.es6`
2019-10-09 10:23:44 -04:00
Penar Musaraj 30cda1761d
UX: Better composer hyperlink modal (#8160) 2019-10-08 16:19:07 -04:00
Dan Ungureanu fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. (#8014)
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
David Taylor d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Robin Ward f5d391a48a
REFACTOR: Move `app-events:main` to `service:app-events` (#8152)
AppEvents was always a service object in disguise, so we should move it
to the correct place in the application. Doing this allows other service
objects to inject it easily without container access.

In the future we should also deprecate `this.appEvents` without an
explicit injection too.
2019-10-04 10:06:08 -04:00
Martin Brennan 68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2019-10-01 19:08:41 -07:00
Joffrey JAFFEUX 0b93f1239b
DEV: attempts to make date-time-input-range test more reliable (#8126) 2019-10-02 02:12:36 +02:00
Joffrey JAFFEUX b4d42d1151
DEV: removes memory profiling from qunit tests (#8120)
Most of the work on it has been done and it's un-necessary work for now.
2019-10-01 22:17:53 +02:00
Joffrey JAFFEUX 4aefe589de
DEV: rake qunit:test was crashing on macOS due to a flag (#8119)
flag: --disable-software-rasterizer
2019-10-01 20:40:48 +02:00
Kyle Zhao fb200e3055 FIX: Escape $ in translations before interpolating (#8100)
The dollar sign (`$`) is a special replace pattern, and `$&` inserts the
matched string. Thus dollars signs need to be escaped with the special
pattern `$$`, which inserts a single `$`.
2019-09-16 13:52:49 -04:00
Penar Musaraj 1de5d10f61 DEV: Fix Prettier 2019-09-16 11:36:27 -04:00
Penar Musaraj 6debd72c6c DEV: Add qunit test for emojis in search blurbs
Followup to cf230163
2019-09-16 11:25:55 -04:00
Kyle Zhao f0f03acb2c FIX: Do not escape `fancy_title` again. (#8095)
`fancy_title` is already escaped by Rails. Escaping it again would print
the HTML entity as-is, e.g. `&quot;` instead of `"`.

This fixes the issue by introducing a new `escapedContent` attribute on
the `QuickAccessItem` widget.
2019-09-13 10:04:14 -04:00
Jarek Radosz 1dcdcb5c31
FIX: Cast all numerical values in reports (#8087)
* FIX: Cast all numerical values in reports

The backend can return some numerical values in report as strings. That results in unexpected order of values when sorting report tables.

* Create `toNumber()` helper

The `typeof` and `parseFloat` seem to be the fastest path: https://jsperf.com/number-vs-typeof-vs-parsefloat#results
2019-09-12 15:17:34 +02:00
Dan Ungureanu 8b2c272f04
UX: Use medium format for displaying time in post notices. (#8074) 2019-09-11 13:00:53 +03:00
Kyle Zhao 9b10a78d82 FEATURE: Quick access panels in user menu (#8073)
* Extract QuickAccessPanel from UserNotifications.

* FEATURE: Quick access panels in user menu.

This feature adds quick access panels for bookmarks and personal
messages. It allows uses to browse recent items directly in the user
menu, without being redirected to the full pages.

* REFACTOR: Use QuickAccessItem for messages.

Reusing `DefaultNotificationItem` feels nice but it actually requires a
lot of extra work that is not needed for a quick access item.

Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread
private message"), and it is not trivial to remove / override that.

* Use a plain JS object instead.

An Ember object was required when `DefaultNotificationItem` was used.

* Prefix instead suffix `_` for private helpers.

* Set to null instead of deleting object keys.

JavaScript engines can optimize object property access based on the
object’s shape. https://mathiasbynens.be/notes/shapes-ics

* Change trivial try/catch to one-liners.

* Return the promise in case needs to be waited on.

* Refactor showAll to a link with href

* Store `emptyStatePlaceholderItemText` in state.

* Store items in Session singleton instead.

We can drop `staleItems` (and `findStaleItems`) altogether. Because
`(old) items === staleItems` when switching back to a quick access
panel.

* Add `limit` parameter to the `user_actions` API.

* Explicitly import Session instead.
2019-09-09 11:03:57 -04:00
Penar Musaraj 4d6eacac5c FIX: close user card after clicking Message button
This was primarily an issue on mobile, where after clicking the "Messsage" button in the user card, the composer would load behind the user card overlay.
2019-08-30 13:40:12 -04:00
David Taylor f2331ef07f
DEV: Stop serializing user_auth_token_logs (#8043)
These are no longer used in the user interface
2019-08-27 13:07:03 +01:00
Joffrey JAFFEUX 08e7211d7d
DEV: attempts to fix an heisentest in date-time-input-range (#8017) 2019-08-19 12:39:30 +02:00
Joffrey JAFFEUX 936d4ce17a
FEATURE: favorites emojis will also show in composer autocomplete (#8011) 2019-08-16 11:47:03 +02:00
Vinoth Kannan 88359b0f16
FEATURE: add support for group members visibility level (#8004)
There are 5 visibility levels (similar to group visibility)

public (default)
logged-in users
members only
staff
owners

Admins & group owners always have visibility to group members.
2019-08-14 19:00:04 +05:30
Bianca Nenciu ba396a5384
DEV: Use ResultSet with staff action logs. (#7661) 2019-08-13 20:55:05 +03:00
Bianca Nenciu 37e7998a82
FEATURE: Send notification when member was accepted to group. (#7614) 2019-08-06 13:29:46 +03:00
Sam Saffron f780920759 FEATURE: mention in secure category to prioritize groups
This feature allows @ mentions to prioritize showing members of a group who
have explicit permission to a category.

This makes it far easier to @ mention group member when composing topics in
categories where only the group has access.

For example:

If Sam, Jane an Joan have access to bugs category.

Then `@` will auto complete to (jane,joan,sam) ordered on last seen at

This feature works on new topics and existing topics. There is an explicit
exclusion of trust level 0,1,2 groups cause they get too big.
2019-08-06 17:57:56 +10:00
David Taylor 06e757245f FEATURE: Add a test facility to the watched words admin interface 2019-08-02 15:29:12 +01:00
David Taylor 39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Robin Ward f57fdee2f6 FIX: Modal `onClose` was being called repeatedly
This happened because the modal controller was not clearing the `name`
attribute, which is used for looking up the controller to call `onClose`
on.

Every page navigation would call the method over and over, breaking
state in odd ways.
2019-08-01 15:42:43 -04:00
David Taylor d4acd35466
FEATURE: Sync unread state live to topic lists (#7933) 2019-07-29 10:28:42 +01:00
Guo Xiang Tan 49d9557337 Revert commit that was pushed by mistake.
This reverts commit c7516c42e9.
2019-07-29 11:04:38 +08:00
Guo Xiang Tan c7516c42e9 Revert "FIX: reverts #18e2816 (#7940)"
This reverts commit c7b146cbdf.
2019-07-29 09:18:53 +08:00
David Taylor 4f1382a54a FIX: Hide live-loaded posts from ignored users 2019-07-25 12:01:29 +01:00
Joffrey JAFFEUX 460d431621
DEV: uses ember-cli recommended chrome flags (#7939) 2019-07-25 11:38:05 +02:00
Joffrey JAFFEUX c7b146cbdf
FIX: reverts #18e2816 (#7940) 2019-07-25 11:14:23 +02:00
Joffrey JAFFEUX c1d2fb115c
DEV: prevents staff computed property to be overridden (#7931) 2019-07-24 22:01:08 +02:00
Osama Sayegh 5fc5a7f5ae FEATURE: Add search operator to see all direct messages from a user (#7913)
* FEATURE: Add search operator to see all direct messages from a user

* Only show message if related messages >= 5

* Make "all messages" the hyperlink

* Review
2019-07-22 10:55:49 -04:00
Roman Rizzi eb26bee046
DEV: group_list site settings should store IDs instead of group names (#7860)
* DEV: group_list site settings should store IDs instead of group names

* Ship site setting to know when we should migrate group_list settings

* Migrate existing group_list site settings

* Bump migration timestamp and don't set null when migrating is not possible.
2019-07-19 15:17:58 -03:00
Robin Ward 8dd3cbfcb9
FEATURE: Allow choice of category when making a PM public (#7907)
* FEATURE: Allow choice of category when making a PM public

Previously it would default to uncategorized, which was not ideal on
some forums. This gives the staff member more choice about what they'd
like to do.

* Make the optional category more explicit

* Joffrey's feedback
2019-07-19 11:52:50 -04:00
Bianca Nenciu 9f500a4ff4
FIX: Show same username or name for post notices. (#7862) 2019-07-19 11:05:48 +03:00
Joffrey JAFFEUX 95ad4f9077
FEATURE: new date/time components (#7898) 2019-07-18 17:29:41 +02:00
Penar Musaraj a571efba35
FIX: Rename deprecated icons, allow custom icons in badges
- adds a migration renaming FA4 icon names in badges
- allows all icons to be used in badges (previously was limited to icons prefixed with fa-)
- renames remaining FA 4.7 icons equivalents
2019-07-16 11:13:44 -04:00
Vinoth Kannan 839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
Guo Xiang Tan cbb4af124b Fix the build.
Follow up to 4b0cf7f6dd.
2019-07-15 16:38:54 +08:00
Guo Xiang Tan 4b0cf7f6dd SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:55:50 +08:00
Bianca Nenciu c4d1833588 FIX: Do not show bootbox if post has no replies. (#7866)
When we delete a post that has replies, we show a modal asking if the user wants to delete the post, the post and its direct replies or the post and all its replies.

If replies are deleted before a post, that modal would ask the user if they want to delete the post and 0 replies.

That commit ensure we skip the modal and directly delete the post in this case.
2019-07-12 11:42:57 +02:00
Vinoth Kannan 1bb258ab49 DEV: use upload short-url in html to markdown conversion if 'base62-sha1' data attr available. 2019-07-05 10:06:41 +05:30
Penar Musaraj c78634284c UI: when in a different topic context, allow dismissing draft without destroying it
This changes the label and behaviour of the "No, keep" button in the confirmation modal when user cancels a draft while on a different topic. The new button label is "No, save draft", and when clicked, the composer will be dismissed without destroying the draft.
2019-07-04 11:45:57 -04:00
Joffrey JAFFEUX a60ec00f7a
fix tests (#7853) 2019-07-03 16:32:27 +02:00
Joffrey JAFFEUX d521959768
DEV: simpler report page test (#7851) 2019-07-03 16:08:48 +02:00
Joffrey JAFFEUX f9f1df7611
DEV: prevents reports key to be time dependant when testing (#7850) 2019-07-03 15:43:01 +02:00
Bianca Nenciu bfdf740a05 FIX: Show 'Export' button for all tabular reports. (#7838) 2019-07-03 14:47:36 +02:00
Joffrey JAFFEUX 1c6bb8748b
fix tests (#7849) 2019-07-03 13:45:03 +02:00
Osama Sayegh 3d64532273 FEATURE: allow disabling theme components (#7812)
This allows you to temporarily disable components without having to remove them from a theme. 

This feature is very handy when doing quick fix engineering.
2019-07-03 18:18:11 +10:00
Joffrey JAFFEUX 39e3162323
DEV: skip click-track to attempt to reduce timeouts in tests (#7836) 2019-07-02 10:08:28 +02:00
Ralph Rooding 4ba35472e6 Don't check for second factor when switching to anonymous account (#7803) 2019-06-27 15:01:26 -07:00
Joffrey JAFFEUX a61147d838
FEATURE: displays tags in search menu results when enabled (#7819) 2019-06-27 19:26:14 +02:00
Gerhard Schlager fe870a1e54 DEV: Respond with error 400 to uploads requested via XHR
follow-up to 13f38055
2019-06-27 11:15:35 +02:00
Joffrey JAFFEUX df9b295510
DEV: skip load-script to prevent timeouts (#7817) 2019-06-27 10:57:40 +02:00
Joffrey JAFFEUX 5b9a3f8acd
DEV: attempts to make load-script more reliable (#7816)
We don't check on script anymore, but we still check on window.ace making very unlikely to regress.
2019-06-27 10:19:55 +02:00
Jeff Wong 79d657203d fix tests 2019-06-26 17:44:23 -07:00
Jeff Wong 88ef5e55fe
FEATURE: add ability to have multiple totp factors (#7626)
Adds a second factor landing page that centralizes a user's second factor configuration.

This contains both TOTP and Backup, and also allows multiple TOTP tokens to be registered and organized by a name. Access to this page is authenticated via password, and cached for 30 minutes via a secure session.
2019-06-26 16:58:06 -07:00
Joffrey JAFFEUX c63268467e
DEV: prettier 1.18.2 (#7810) 2019-06-26 17:09:52 +02:00
Penar Musaraj 76307611dc
UX: new inline button to remove a topic timer (#7790) 2019-06-26 11:08:53 -04:00
Gerhard Schlager 13f38055ac SECURITY: XSS in routes
Co-authored-by: Guo Xiang Tan <tgx_world@hotmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2019-06-26 16:34:15 +02:00
Joffrey JAFFEUX cea3a027f3
FIX: category-chooser search should be scoped to category (#7794) 2019-06-24 10:45:30 +02:00
Joffrey JAFFEUX 59e84e8e05
DEV: skip tests instead of commenting them (#7774) 2019-06-17 10:24:20 +02:00
Robin Ward 035e63c81f FIX: Allow the clear callbacks to execute in acceptance tests 2019-06-14 13:29:13 -04:00
Robin Ward a8793d0d9a REFACTOR: Test Memory Usage Fixes (#7769)
* Calling `Discourse.reset()` creates a new container
We should run our de-initializers only after acceptance tests,
since initializers are not run outside of acceptance tests anyway,
and the container at this point can be passed properly to the
`teardown()` method.

* Remove `Discourse.reset` from tests
This would cause a new container to be created which leaks many objects.

* `updateCurrentUser` is more accurate than `replaceCurrentUser`
2019-06-14 14:54:20 +02:00
Guo Xiang Tan 7bb94e8716 DEV: Increase wait duration between smoke test further during edit.
Otherwise, the app detects that we're replying too quickly.
2019-06-14 12:21:54 +08:00
Sam Saffron 62f4284865 DEV: 302 status is normal in smoke test
Login can redirect there are potentially other cases
2019-06-14 14:21:07 +10:00
Guo Xiang Tan 5b55252e10 DEV: Add more wait between edit so we don't end up replying too quickly. 2019-06-13 09:14:17 +08:00