Commit Graph

39700 Commits

Author SHA1 Message Date
Kris a361f86c62
FIX: use new color variables in embed.scss, remove hardcoded colors (#10887) 2020-10-12 16:27:58 -04:00
Jarek Radosz 572da7a57b
DEV: Fix a spec incompatibility with pre-2.28 git (#10892)
Regression introduced in 6932a373a3
2020-10-12 19:59:54 +02:00
Jarek Radosz 6932a373a3
FIX: Handle .discourse-compatibility syntax errors (#10891)
Previously, any errors in those files would e.g. blow up the update process in docker_manager.
Now it prints out an error and proceeds as if there was no compatibility file.

Includes:

* DEV: Extract setup_git_repo
* DEV: Use `Dir.mktmpdir`
* DEV: Default to `main` branch (The latest versions of git already do this, so to avoid problems do this by default)
2020-10-12 18:25:06 +02:00
dependabot-preview[bot] a47c8f0585
Build(deps): Bump rubocop from 0.93.0 to 0.93.1 (#10890)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.93.0 to 0.93.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.93.0...v0.93.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-12 15:59:15 +02:00
tshenry 7afb5be5f9
DEV: Add discourse-teambuild to official plugins (#10874)
Discourse-teambuild is [marked official on its Meta topic](https://meta.discourse.org/t/discourse-teambuild-run-your-own-team-building-activity/134907) and is included in the [all-the-plugins](1193bcdc0c/.gitmodules (L520-L522)) repo.
2020-10-09 14:50:00 -07:00
jbrw ac31fe8321
FEATURE - SiteSetting to disable user option to hide their profiles and presences (#10885)
* FEATURE - SiteSetting to disable user option to hide their profiles and presences
2020-10-09 17:18:44 -04:00
Robin Ward 195119b77c FIX: Observers weren't working on admin email logs
We were trying to observe a non-ember object which is undefined
behavior and was leaking to odd bugs. This replaces the `filter` object
with an Ember Object and things seem to work.
2020-10-09 16:27:22 -04:00
Robin Ward 3862036422 REFACTOR: Use imports for `sinon` and `setResolver`
I also took the opportunity with this commit to move some test specific
stuff out of `discourse-loader` which is loaded on the front end of the
application. The test module building now happens in the `test_helper`
bundle.
2020-10-09 13:54:54 -04:00
Arpit Jalan 4326827a4e
FIX: second factor cannot be enabled if SSO is enabled (#10880)
* FIX: second factor cannot be enabled if SSO is enabled

If `enable_sso` setting is enabled then admin should not be able to
enable `enforce_second_factor` setting as that will lock users out.

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-09 22:36:38 +05:30
hawm d96b35b0f5 FIX: display correct reply count for crawler 2020-10-09 11:11:11 -04:00
Daniel Waterworth 721ee36425
Replace `base_uri` with `base_path` (#10879)
DEV: Replace instances of Discourse.base_uri with Discourse.base_path

This is clearer because the base_uri is actually just a path prefix. This continues the work started in 555f467.
2020-10-09 12:51:24 +01:00
David Taylor 5e3130ac26
FIX: Include subfolder base_path in web app manifest shortcuts (#10878) 2020-10-09 11:40:40 +01:00
Gerhard Schlager 8fd183c439
DEV: Add styleguide locale files to Crowdin (#10876) 2020-10-09 13:23:32 +11:00
Dan Ungureanu c91c6006db
FIX: Make browser-update work with IE<11 (#10868)
- classList is not available in IE<10
- noscript has no content in IE<8
2020-10-09 13:23:13 +11:00
Rafael dos Santos Silva 5157e3b6e3
FIX: Favicon count was not updated when window focus returned (#10875)
This misses a test because Favcount doesn't exposes a get to the counter.

Also, since this code deals with all possible notifications configs we support:

- favicon notification
- favicon new content
- title notification
- title new content

the code is a bit complicated to follow. We may look into refactoring it when a
good opportunity arises, like if https://w3c.github.io/badging/ setClientBadge() method
gives us a cleaner way to notify users.
2020-10-09 10:51:39 +11:00
Robin Ward 4a8f5dbfbd REFACTOR: Remove `.erb` file from javascript tests
We can't use erb in Ember CLI (since it does not have Ruby) so this has
been ported to use our `javascript:update_constants` rake test instead.

Note we don't have to run this every time a notification type as it's
only used by fixtures to fill in some specific types we test against.
2020-10-08 18:36:09 -04:00
Robin Ward ef7d99b0a8 REFACTOR: Move test setup to a module
This is long overdue. We had a lot of (not linted) code to initialize
our test suite as part of the Ruby `test_helper.js` bundle.

This refactor moves that out to a `setup-tests` module, which imports
all the modules properly, rather than using `require`.

It also removes the global `server` variable which some tests were using
for pretender. Those tests are fixed, and in the case of widget tests,
support for a `pretend()` was added, which mimics our acceptance tests.

One problematic test was removed, which overwrites `/posts` - this could
break tons of other tests depending on order.
2020-10-08 15:11:51 -04:00
Penar Musaraj 5130b4d674
Ignore disabled out-of-date remote themes (#10870)
No need to alert in admin dashboard about out of date remote themes
that are disabled.
2020-10-08 13:48:16 -04:00
David Taylor e47b847ac2
FIX: Use scope name when serializing UserApiKeys (#10871)
This issue was introduced in 1ba9b34b03, when the scopes were changed from an array of strings to a dedicated table
2020-10-08 18:12:24 +01:00
dependabot-preview[bot] 68524f72aa Build(deps): Bump rubocop from 0.92.0 to 0.93.0
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.92.0 to 0.93.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.92.0...v0.93.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-08 12:49:06 -04:00
Joffrey JAFFEUX 8520096043
FIX: ensures insert hyperlink works with mailto (#10867)
The prefixing logic is moved into a `prefixProtocol` function in lib:url.

This commit also renames an incorrectly named test and uses https as default instead of http, in 2020 it's reasonable to think we most likely want https and not http. User can still specify http if required.
2020-10-08 13:16:07 +02:00
Joffrey JAFFEUX c3e8bc0280
FIX: ensures category chooser is working with non english char (#10866)
This commit is also moving one test to a component test.

A followup to this commit would be to ensure every dropdowns are using a regex instead of the normalize/lowercase system we have now.
2020-10-08 13:10:09 +02:00
Martin Brennan f63da1c146
FIX: Confirm new email not sent for staff if email disabled with "non-staff" option (#10794)
See https://meta.discourse.org/t/email-address-change-confirmation-email-not-sent-but-every-other-notification-emails-are/165358

In short: with disable emails set to non-staff, email address change confirmation emails (those sent to the new address) are not sent for staff or admin members.

This was happening because we were looking up the staff user with the to_address of the email, but the to address was the new email address because we are sending a confirm email change email, and thus the user could not be found. We didn't need to do this anyway because we are passing the user into the Email::Sender class anyway.
2020-10-08 13:52:17 +10:00
Sam Saffron cd3254e170 DEV: remove legacy code
This code is a no-op on all sites, even though it looks rather dangerous
this migration has long run prior to people trying exploit it.

That said ... hygiene here ... is not good.

Remove this legacy, we do not want it, even in historical migrations.
2020-10-08 10:53:07 +08:00
Guo Xiang Tan 2607bb602e Fix broken spec.
Follow-up to 3c678df942
2020-10-08 10:52:46 +08:00
Guo Xiang Tan cabbc32024 FIX: Scheduled jobs not showing up in /sidekiq/schedule in dev. 2020-10-08 10:24:51 +08:00
Sam 3c678df942
PERF: avoid lookbehinds when indexing search (#10862)
* PERF: avoid lookbehinds when indexing search

Previously we used a `EmailCook.url_regexp` this regex used lookbehinds

Unfortunately certain strings could lead to pathological behavior causing
CPU to skyrocket and regex replace to take a very very long time.

EmailCook still needs a fix, but it is less urgent cause it already splits
to single lines. That said we will correct that as well in a seperate PR.

New implementation is far more naive and relies on the extra spaces search
indexer inserts.
2020-10-08 11:40:13 +11:00
jbrw a1918801a4
FIX - downcase strings consistently (#10861)
ruby and postgres can treat certain characters differently when downcasing them. So do all the downcasing in ruby so that we get consistent results.
2020-10-08 11:28:07 +11:00
Gerhard Schlager bdbee36961 DEV: Fix typo 2020-10-07 23:43:11 +02:00
Penar Musaraj 40460fa00a
FIX: missing SVG mask asset in wizard (#10856)
The dark-mode-friendly SVG mask for the wizard's background image
introduced in 8fcfb9586c does not work with
CDNs, because CORS restrictions apply to SVG masks.

It would be complicated to modify CDN access origin rules for this one
specific assets, so instead, this PR moves the contents of the SVG file
inside the stylesheet.
2020-10-07 16:23:14 -04:00
Robin Ward cee80b0e44 FIX: Group Requests loading was broken
We were referencing the wrong property, which meant the footer was
always being hidden and we were trying to load more requests when we'd
already loaded them all.

see:
https://meta.discourse.org/t/constant-loading-on-group-membership-request-tab/166284
2020-10-07 14:54:17 -04:00
Penar Musaraj ddd6c990f6
FIX: Respect show_category_definitions_in_topic_lists in category lists (#10853)
When that site setting is enabled, the category counts (new/unread)
include the subcategory definition topics, but the topics aren't included
in the list. This fixes that discrepancy.
2020-10-07 14:19:48 -04:00
Robin Ward 3e8561daaf REFACTOR: Some qunit `module` imports were missing
These are tricky because `module.exports` is used by nodejs files as a
global, which is OK. But we don't want to allow `module` in JS tests
for qunit without importing it first.
2020-10-07 13:25:25 -04:00
Penar Musaraj 2ad7d98990
FIX: Include topics from subcategories in tracked list (#10850) 2020-10-07 12:15:28 -04:00
David Taylor 16daf3c986
FIX: Compare Jobs::UserEmail type argument as string (#10851)
In specs, symbols are passed through correctly. But in production, all arguments are provided to jobs as strings.

Followup to c0293339b8
2020-10-07 16:55:32 +01:00
Robin Ward 71d37953d5 REFACTOR: Import `QUnit` and related helpers rather than globals
We used many global functions to handle tests when they should be
imported like other libraries in our application. This also gets us
closer to the way Ember CLI prefers our tests to be laid out.
2020-10-07 11:50:49 -04:00
David Taylor c0293339b8
PERF: Do not enqueue digest emails when attempted recently (#10849)
Previously, Jobs::EnqueueDigestEmails would enqueue a digest job for every user, even if there are no topics to send. The digest job would exit, no email would send, and last_emailed_at would not change. 30 minutes later, Jobs::EnqueueDigestEmails would run again and re-enqueue jobs for the same users.

120fa8ad introduced a temporary mitigation for this issue, by randomly selecting a subset of those users each time.

This commit adds a new `digest_attempted_at` column to the `user_stats` table. This column is updated every time a digest job completes for a user. Using this, we can avoid scheduling digest jobs for the same user every 30 minutes. This also removes the random user selection in 120fa8ad, and instead prioritizes users who had digests attempted the longest time ago.
2020-10-07 15:30:38 +01:00
dependabot-preview[bot] 68d4b92bba
Build(deps-dev): Bump rspec-html-matchers from 0.9.2 to 0.9.4 (#10842)
Bumps [rspec-html-matchers](https://github.com/kucaahbe/rspec-html-matchers) from 0.9.2 to 0.9.4.
- [Release notes](https://github.com/kucaahbe/rspec-html-matchers/releases)
- [Changelog](https://github.com/kucaahbe/rspec-html-matchers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kucaahbe/rspec-html-matchers/compare/v0.9.2...v0.9.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-07 15:51:10 +02:00
Joffrey JAFFEUX 82031aaf16
DEV: makes discourse-styleguide core (styleguide) (#10847)
This plugin is only useful for developers, however, making it core allows us to centralize any component modification in one commit.

This integration also adds a new site_setting: `styleguide_admin_only` which allows to enable a styleguide on a live site while restricting visibility to admins only.

By default, styleguide is disabled.
2020-10-07 14:48:38 +02:00
Dan Ungureanu 9c0892c47c
FIX: Use getAttribute instead of dataset (#10848)
IE10 does not have dataset field.
2020-10-07 13:49:19 +03:00
Sam 120fa8ad2f
PERF: Introduce absolute limit of digests per 30 minutes (#10845)
To avoid blocking the sidekiq queue a limit of 10,000 digests per 30 minutes
is introduced.

This acts as a safety measure that makes sure we don't keep pouring oil on
a fire.

On multisites it is recommended to set the number way lower so sites do not
dominate the backlog. A reasonable default for multisites may be 100-500.

This can be controlled with the environment var

DISCOURSE_MAX_DIGESTS_ENQUEUED_PER_30_MINS_PER_SITE
2020-10-07 17:30:15 +11:00
Martin Brennan 6e2be3e60b
FIX: When admin changes an email for the user the user must confirm the change (#10830)
See https://meta.discourse.org/t/changing-a-users-email/164512 for additional context.

Previously when an admin user changed a user's email we assumed that they would need a password reset too because they likely did not have access to their account. This proved to be incorrect, as there are other reasons a user needs admin to change their email. This PR:

* Changes the admin change email for user flow so the user is sent an email to confirm the change
* We now record who the email change request was requested by
* If the requested by user is admin and not the user we note this in the email sent to the user
* We also make the confirm change email route open to anonymous users, so it can be clicked by the user even if they do not have access to their account. If there is a logged in user we make sure the confirmation matches the current user.
2020-10-07 13:02:24 +10:00
dependabot-preview[bot] 3303b7f9d0 Build(deps): Bump parser from 2.7.1.5 to 2.7.2.0
Bumps [parser](https://github.com/whitequark/parser) from 2.7.1.5 to 2.7.2.0.
- [Release notes](https://github.com/whitequark/parser/releases)
- [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/whitequark/parser/compare/v2.7.1.5...v2.7.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-07 08:38:18 +08:00
Kane York 68e87bb58e
User export: profile as json, export auth token logs (#10819)
* FEATURE: Export the entire user profile as json, not just bio/website

* FEATURE: Add session log information to user export

Even though the columns are named 'auth_token' etc, the content is not actually usable to log into the forum with. Despite all that, it is still truncated for export, to avoid any 'token hash cracking' situations.
2020-10-06 15:51:53 -07:00
Joffrey JAFFEUX 7b34433fc2
REVERT: revert change from action + mut to mut (#10844)
* Revert "FIX: fixes regression where wizard dropdown couldn't update (#10838)"

This reverts commit e3b2fc6074.

* Revert "DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822)"

This reverts commit c0350dc362.
2020-10-06 23:50:05 +02:00
Roman Rizzi a8c47e7c7f
SECURITY: Ensure users can see the topic before setting a topic timer. (#10841) 2020-10-06 16:49:06 -03:00
Joffrey JAFFEUX e3b2fc6074
FIX: fixes regression where wizard dropdown couldn't update (#10838) 2020-10-06 13:33:37 -04:00
Jarek Radosz 34c99da205
FIX: Correctly render title-less poll widgets (#10837)
`RawHtml` does not like receiving undefined values as `html`.
2020-10-06 19:27:03 +02:00
Arpit Jalan f4c7c7bff3
FEATURE: bulk remove tags (#10831)
https://meta.discourse.org/t/bulk-actions-remove-tags-in-addition-to-change-tags/52145
2020-10-06 22:41:55 +05:30
Dan Ungureanu 340d979357
FIX: Find noscript element with crawler content (#10834)
There can be more than one noscript element on a page (from various
plugins), but only the one with data-path attribute as set in
application.html.erb contains the crawler content.
2020-10-06 19:12:12 +03:00