Commit Graph

2262 Commits

Author SHA1 Message Date
Joffrey JAFFEUX 71bf9ec1b2
FEATURE: opt-in guidance on topics for users without access (#7852)
Co-Authored-By: majakomel <maja.komel@gmail.com>
Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2019-07-04 10:12:39 +02:00
Osama Sayegh 3d64532273 FEATURE: allow disabling theme components (#7812)
This allows you to temporarily disable components without having to remove them from a theme. 

This feature is very handy when doing quick fix engineering.
2019-07-03 18:18:11 +10:00
Robin Ward eedec7d79b FIX: Only include pending/agreed scores in the total score
This should prevent posts from being hidden if a previous flag was
rejected and a new one was added.
2019-06-26 11:21:35 -04:00
Joffrey JAFFEUX dfde59f631
FIX: provides an emoji helper to replace codes by images (#7802) 2019-06-26 15:11:04 +02:00
Sam Saffron 333b5a19b2 FIX: do not include uncategorized_category_id in `topic_create_allowed` if posting in uncategorized is disabled
Previously users were still allowed to create topic via API even if
uncategorized was disabled.

Not 100% happy with all this special casing, but I guess we have to do
something.

This also splits up a mega spec now that we have fab! into a more easy to
understand structure (I hope)
2019-06-26 17:41:07 +10:00
Daniel Waterworth bc03c509ab FIX: CategoryUser#batch_set (#7787)
* Remove unused method

* Prefabricate user in category_user_spec.rb

* FIX: Remove notification_level from category_users unique indexes

* FIX: CategoryUser#batch_set wasn't updating pre-existing records

* Improve tests for CategoryUser#batch_set

* FIX: changed was being reported incorrectly

* DEV: Rewrote query to do a bulk insert

* DEV: remove unnecessary parentheses
2019-06-25 12:13:27 +10:00
Guo Xiang Tan 73a45048a0 FIX: `Upload#short_url` generates incorrect URL when extension is `nil`. 2019-06-19 09:10:50 +08:00
Sam Saffron fe4f0a4369 FIX: staged users should not be included in TL groups
staged users should not be included in any automatic groups cause for all
purposes they do not exist.
2019-06-17 15:10:47 +10:00
Maja Komel b4686934dd DEV: add spec for removed group bio 2019-06-12 18:03:29 +02:00
Vinoth Kannan 1881e895dc SPEC: correctly skips invalid upload urls
788f995f30
2019-06-11 20:15:40 +05:30
Vinoth Kannan 788f995f30 FIX: skip external urls which has upload url in query string.
Add spec tests for post.each_upload_url method. e8fafbc123
2019-06-11 19:55:02 +05:30
Sam Saffron 7b17eb06da FEATURE: ban any SSO attempts with invalid external id
We now treat any external_id of blank string (" " or "     " or "", etc) or a
invalid word (none, nil, blank, null) - case insensitive - as invalid.

In this case the client will see "please contact admin" the logs will explain
the reason clearly.
2019-06-11 10:04:26 +10:00
Sam Saffron ff3a1eae3a FIX: ensure consistency should handle cases where a topic trashed
Followup to c05b6170
2019-06-07 14:57:56 +10:00
Sam Saffron c05b617067 FIX: ensure_consistency was able to create corrupt category topics
- Correct create_category_definition to skip validations and use a
transaction, no longer able to create corrupt topics

- ensure_consistency now clears topic_id if pointing at deleted or missing
topic_id

- Stop creating category definition topics for uncategorized
2019-06-07 11:20:13 +10:00
Bianca Nenciu f63b8bb79d FIX: Periodically ensure consistency of categories. (#7663) 2019-06-06 11:30:52 +02:00
Robin Ward d902c4eb9f FEATURE: Can sort reviewable queue
Choices are Priority / Created At (and desc versions.)
2019-06-05 13:21:05 -04:00
Guo Xiang Tan bb98785569 DEV: Fix broken `Upload#base62_sha1`. 2019-06-04 14:10:46 +08:00
David Taylor 7500eed4c0
FEATURE: Multi-file javascript support for themes (#7526)
You can now add javascript files under `/javascripts/*` in a theme, and they will be loaded as if they were included in core, or a plugin. If you give something the same name as a core/plugin file, it will be overridden. Support file extensions are `.js.es6`, `.hbs` and `.raw.hbs`.
2019-06-03 10:41:00 +01:00
Sam Saffron ba3bc6b2fe DEV: clean up potential locale leak
This is an attempt to fix the flaky:

```
 1) Jobs::Onceoff can run all once off jobs without errors
     Failure/Error: self.locale_no_cache = value

     I18n::InvalidLocale:
       :bar is not a valid locale
     # ./lib/freedom_patches/translate_accelerator.rb:193:in `locale='
     # ./app/jobs/onceoff/clean_up_user_export_topics.rb:7:in `block in execute_onceoff'
     # ./app/jobs/onceoff/clean_up_user_export_topics.rb:6:in `map'
     # ./app/jobs/onceoff/clean_up_user_export_topics.rb:6:in `execute_onceoff'
     # ./spec/integrity/onceoff_integrity_spec.rb:13:in `block (3 levels) in <main>'
     # ./spec/integrity/onceoff_integrity_spec.rb:12:in `each'
     # ./spec/integrity/onceoff_integrity_spec.rb:12:in `block (2 levels) in <main>'
```
2019-06-03 12:42:29 +10:00
David Taylor ff17177bf9 DEV: Update specs for new stylesheet location
Followup to 75fc126224
2019-05-31 16:15:08 +01:00
Sam Saffron 3b8819f0ab FEATURE: add support for defer topic functionality
This feature allows end users to "defer" topics by marking them unread

The functionality is default disabled. This also introduces the new site
setting default_other_enable_defer: to enable this by default on new user
accounts.
2019-05-31 15:44:35 +10:00
Robin Ward 2e0a40007b FIX: Category topics should not be deletable via review queue 2019-05-30 16:43:23 -04:00
romanrizzi e7ee556e87 Support multi-group user search 2019-05-30 08:45:20 +08:00
Guo Xiang Tan 20e783337d DEV: Remove use of fake external store in optimized images spec.
Testing against fake stuff is bad because we're not testing against reality when
reality changes.
2019-05-29 20:13:23 +08:00
Guo Xiang Tan f0620e7118 FEATURE: Support `[description|attachment](upload://<short-sha>)` in MD take 2.
Previous attempt was missing `post_uploads` records.
2019-05-29 09:26:32 +08:00
Arpit Jalan 028121b95b
FIX: delete system generated message when user_export record is deleted (#7595)
FIX: system generated message for user export should be closed by default
2019-05-28 16:38:41 +05:30
Blake Erickson 373b8a2139 FIX: Consistently handle category param
See https://meta.discourse.org/t/api-post-to-posts-json-inconsistent-between-users/118571
for more info.

This commit removes a 5 year old temporary fix that is no longer needed.

bc1824a6ed (diff-d8c648926664f849aec050757bfcb6f9R72)

The web interface uses category_id when creating a topic so I think we
should unify on category_id when using the api.
2019-05-27 16:39:56 +08:00
Robin Ward 89b84651c3 Migrate score settings to use sensitivities
We hide scores so these settings no longer made sense.
2019-05-24 15:44:24 -04:00
Osama Sayegh e20c30987c
FEATURE: detect theme errors and catch them (#7589)
* FEATURE: detect theme errors and catch them

* Bump COMPILER_VERSION

* Feedback

* Override eslint no console for one line

* Can't use our ajax method

* remove emoji from translation file
2019-05-24 17:25:55 +03:00
Guo Xiang Tan fd0eff6ce3 Revert "FIX: Add missing unique index on user_id for user_profiles."
Oops `user_id` is the primary key.

This reverts commit 5478aa63ab.
2019-05-24 12:58:36 +08:00
Guo Xiang Tan 5478aa63ab FIX: Add missing unique index on user_id for user_profiles. 2019-05-24 12:11:49 +08:00
Robin Ward e74cd54fc6 REFACTOR: Replace score bonuses with low/med/high priorities
We removed score from the UX so it makes more sense to have sites set
priorities instead of score bonuses.
2019-05-23 11:54:45 -04:00
Daniel Waterworth cac7e43ba7 Fixed test suite with PREFABRICATION=0 (#7574)
The issue here was that, with prefabrication, bumped_at was being
persisted and then loaded and the DB was storing it with less precision
than the object state.
2019-05-23 07:57:12 +10:00
Gerhard Schlager e224100023 FIX: Don't convert :) into Emoji when emojis or emoji shurtcuts are disabled 2019-05-22 11:44:39 +02:00
Vinoth Kannan 793915fe6a DEV: should ignore missing post uploads when a user export destroyed 2019-05-21 13:32:36 +05:30
Gerhard Schlager b788948985 FEATURE: English locale with international date formats
Makes en_US the new default locale
2019-05-20 13:47:20 +02:00
romanrizzi 87c2cbe062 DEV: Enable invite_spec test again 2019-05-16 18:55:36 -03:00
romanrizzi b716439c3e DEV: Improve component test skip option and skipped new tests 2019-05-16 15:15:37 -03:00
Vinoth Kannan 0e677daaee FIX: include posts with data-orig-src attribute in have_uploads scope query. 2019-05-16 16:39:38 +05:30
Bianca Nenciu 1d3375b176 FEATURE: Preserve notifications levels when splitting topics. (#7494) 2019-05-15 17:29:29 +10:00
Neil Lalonde 6f747c6b71 FIX: don't allow username to be changed to same as password
We were blocking user registrations with same username and password,
but allowing usernames to be changed to be same as password later.
Also disallow names to be the same as password.
2019-05-13 16:43:40 -04:00
Sam Saffron d643294c9d FIX: delete duplicate invites earlier in the process
There was a race condition when 2 invites existed for 1 user where in some
cases data from both invites would be used for the redeem. Depending on DB
ordering.

Fix is to delete duplicate invites earlier in the process prior to
`redeem_from_email` being called.
2019-05-13 17:42:39 +10:00
Guo Xiang Tan 8165ceb320 Make rubocop happy. 2019-05-13 09:55:44 +08:00
Daniel Waterworth bf7594b327 More prefabrication 2019-05-10 08:34:04 -04:00
Sam Saffron 0ab6c6e24e PERF: speed up spec suite, avoid featuring topics
Before: 6:05
After: 5:42

Featuring topics for `list/categories` is a very expensive operation that
happened each time we created a topic. This introduces a test only bypass
2019-05-10 11:37:53 +10:00
Robin Ward b380ed5282 FEATURE: Claim Reviewables by Topic
This is a feature that used to be present in discourse-assign but is
much easier to implement in core. It also allows a topic to be assigned
without it claiming for review and vice versa and allows it to work with
category group reviewers.
2019-05-09 13:40:36 -04:00
Bianca Nenciu 8dfb15a2e5
FIX: Do not show self edits in Post Edits report. (#7510) 2019-05-09 20:39:17 +03:00
Sam Saffron 88650a1259 PERF: avoid checking for consecutive replies in test
This check can issue up to 2 queries per post created, we have specific
tests for it so we can avoid.

This also rolls back #4da6ca4d
2019-05-09 13:28:53 +10:00
Daniel Waterworth 4da6ca4d9f PERF: Skip post validation by default when fabricating posts (#7508)
This speeds up tests by 10%
2019-05-09 10:15:38 +10:00
David Taylor e84531a6a6 FIX: Correctly clear theme stylesheet cache when changing color scheme 2019-05-08 16:02:55 +01:00
Guo Xiang Tan ba6904bb27 Fix broken spec in 405ba00c08. 2019-05-08 15:45:25 +08:00
Robin Ward 5af7c90bab FEATURE: Hide Reviewable scores, change score filter to Priority
We found score hard to understand. It is still there behind the scenes
for sorting purposes, but it is no longer shown.

You can now filter by minimum priority (low, med, high) instead of
score.
2019-05-07 14:05:23 -04:00
Joffrey JAFFEUX 1f40258d5c
fix spec (#7500) 2019-05-07 19:20:56 +02:00
Daniel Waterworth c7a0baebc5 DEV: Prefabricate more things in topic_spec.rb (#7490)
* Moved let to more appropriate scopes

* Refactored tests

It's confusing when let blocks in a parent context depend on other let
blocks from a child context.

* Moved fabrication to top level

* Removed unnecessary user fabrications

* Added a trust level 2 user at the top level

* Factored out category

* Made test use generic user

* Prefabricate topic

* Cut down redundant users

* Prefabricated more things
2019-05-07 17:05:52 +02:00
Natalia 1b7be1500f Time variable used to be created with users timezone, it has to be UTC in order to pass the test 2019-05-07 08:43:38 -04:00
Daniel Waterworth 7472f15368 Prefabricate evil_trout 2019-05-07 08:36:29 -04:00
Daniel Waterworth d3769fff95 Prefabricate admin 2019-05-07 08:36:29 -04:00
Daniel Waterworth d0c7e3469d Prefabricated more things 2019-05-07 08:36:29 -04:00
Daniel Waterworth e219588142 DEV: Prefabrication (test optimization) (#7414)
* Introduced fab!, a helper that creates database state for a group

It's almost identical to let_it_be, except:

 1. It creates a new object for each test by default,
 2. You can disable it using PREFABRICATION=0
2019-05-07 13:12:20 +10:00
Sam Saffron 9be70a22cd DEV: introduce new API to look up dynamic site setting
This removes all uses of both `send` and `public_send` from consumers of
SiteSetting and instead introduces a `get` helper for dynamic lookup

This leads to much cleaner and safer code long term as we are always explicit
to test that a site setting is really there before sending an arbitrary
string to the class

It also removes a couple of risky stubs from the auth provider test
2019-05-07 11:00:30 +10:00
Dan Ungureanu a40dcbde9b
FIX: Do not move hidden post actions. (#7424)
Hidden (staff-only) post actions are whisper posts with no content, that
are later transformed by the client into post actions (discourse-assign
uses this).
2019-05-06 16:21:42 +03:00
Sam Saffron f8eddd40ad PERF: remove avg_time calculations and regular jobs from posts and topics
After careful analysis of large data-sets it became apparent that avg_time
had no impact whatsoever on "best of" topic scoring. Calculating avg_time
was a very costly operation especially on large databases.

We have some longer term plans of introducing other weighting that is read
time based into our scoring for "best of" and "top" topics, but in the
interim to stop a large amount of work that is not achieving any value we
are removing the jobs.

Column removal will follow once we decide on a new replacement metric.
2019-05-06 15:59:01 +10:00
Vinoth Kannan e8fafbc123 List and restore missing post uploads from S3 inventory. 2019-05-04 01:16:20 +05:30
Penar Musaraj b948d97c8f
FEATURE: Show diff of local changes before updating remote theme (#7443) 2019-05-02 21:43:54 -04:00
Guo Xiang Tan 24347ace10 FIX: Properly associate user_profiles background urls via upload id.
`Upload#url` is more likely and can change from time to time. When it
does changes, we don't want to have to look through multiple tables to
ensure that the URLs are all up to date. Instead, we simply associate
uploads properly to `UserProfile` so that it does not have to replicate
the URLs in the table.
2019-05-02 14:58:24 +08:00
Sam Saffron 1be01f8dd4 DEV: Add support for Rails 6
Minor fixes to add Rails 6 support to Discourse, we now will boot
with RAILS_MASTER=1, all specs pass

Only one tiny deprecation left

Largest change was the way ActiveModel:Errors changed interface a
bit but there is a simple backwards compat way of working it
2019-05-02 16:23:25 +10:00
Robin Ward 885f1e7e5f FIX: Allow category group reviewers to edit queued posts
They can edit title, body and tags. Category is disabled for now as it
could lead to some odd security issues.
2019-05-01 14:48:49 -04:00
Robin Ward da0e37512a FIX: Add test to confirm updating category works.
Also replaces a missing translation key that 99.9% of users would never
see.
2019-05-01 11:37:28 -04:00
David Taylor 0e303c7f5d
FEATURE: Automatically generate optimized site metadata icons (#7372)
This change automatically resizes icons for various purposes. Admins can now upload `logo` and `logo_small`, and everything else will be auto-generated. Specific icons can still be uploaded separately if required.

## Core

- Adds an SiteIconManager module which manages automatic resizing and fallback

- Icons are looked up in the OptimizedImage table at runtime, and then cached in Redis. If the resized version is missing for some reason, then most icons will fall back to the original files. Some icons (e.g. PWA Manifest) will return `nil` (because an incorrectly sized icon is worse than a missing icon). 

- `SiteSetting.site_large_icon_url` will return the optimized version, including any fallback. `SiteSetting.large_icon` continues to return the upload object. This means that (almost) no changes are required in core/plugins to support this new system.

- Icons are resized whenever a relevant site setting is changed, and during post-deploy migrations

## Wizard

- Allows `requiresRefresh` wizard steps to reload data via AJAX instead of a full page reload

- Add placeholders to the **icons** step of the wizard, which automatically update from the "Square Logo"

- Various copy updates to support the changes

- Remove the "upload-time" resizing for `large_icon`. This is no longer required.

## Site Settings UX

- Move logo/icon settings under a new "Branding" tab

- Various copy changes to support the changes

- Adds placeholder support to the `image-uploader` component

- Automatically reloads site settings after saving. This allows setting placeholders to change based on changes to other settings

- Upload site settings will be assigned a placeholder if SiteIconManager `responds_to?` an icon of the same name

## Dashboard Warnings

- Remove PWA icon and PWA title warnings. Both are now handled automatically.

## Bonus

- Updated the sketch logos to use @awesomerobot's new high-res designs
2019-05-01 14:44:45 +01:00
Robin Ward 404b35bd04 FEATURE: Category Reviewable by Group
Allow a group to review content in a particular category.
2019-04-30 15:23:06 -04:00
romanrizzi 84a3459af6 DEV: Mark flaky tests as pending 2019-04-30 15:01:21 -03:00
Robin Ward 812905cbb6 FIX: Recursively delete nested replies
Previously we were only deleting top level replies
2019-04-30 12:54:53 -04:00
Daniel Waterworth 75a6c440f7 DEV: Spec clarification example (#7458) 2019-04-30 09:41:24 +08:00
Sam Saffron 4ea21fa2d0 DEV: use #frozen_string_literal: true on all spec
This change both speeds up specs (less strings to allocate) and helps catch
cases where methods in Discourse are mutating inputs.

Overall we will be migrating everything to use #frozen_string_literal: true
it will take a while, but this is the first and safest move in this direction
2019-04-30 10:27:42 +10:00
Neil Lalonde f8f7091e57 FIX: staff-only tags visible on /tags page when restricted to a category
If a tag group is set to only be visible to staff, and is restricted
to a category that is visible by everyone, the tags in the group were
being shown on the /tags page. They weren't visible anywhere else.
This commit fixes it so they don't show on the /tags page.
2019-04-29 12:38:28 -04:00
Gerhard Schlager 7a27c93c03 FIX: URL encode username and first letter in avatar URL
And it adds specs as a follow-up to aadb7da7
2019-04-29 15:08:14 +02:00
Sam Saffron 45285f1477 DEV: remove update_attributes which is deprecated in Rails 6
See: https://github.com/rails/rails/pull/31998

update_attributes is a relic of the past, it should no longer be used.
2019-04-29 17:32:25 +10:00
Daniel Waterworth ad44243a57 Removed unused let blocks (#7446)
The bodies of these blocks were never evaluated.
2019-04-29 15:08:56 +08:00
Joffrey JAFFEUX bcca2b5d73
FEATURE: initial implementation of generic filters for reports 2019-04-26 12:17:10 +02:00
Maja Komel 996e5e5dfa FIX: category list order using category featured topics (#7283) 2019-04-25 11:07:19 +02:00
Guo Xiang Tan 7bac70676e DEV: Improve `Upload.get_from_url` test case.
Follow up to a8baa6d9e7.
2019-04-24 10:20:42 +08:00
Guo Xiang Tan a8baa6d9e7 FIX: Old `Upload#url` scheme support for `Upload.get_from_url`.
This is for backwards compatibility purposes. Even if `Upload#url` has a
format that we don't recognize, we should still return the upload object
as long as the upload record is present.
2019-04-24 10:15:47 +08:00
Robin Ward 646cdfa449 FIX: Approved posts were not enqueueing alerts 2019-04-23 17:30:12 -04:00
Robin Ward 6f56fba016 UX: Update post actions to "Approve Post" and "Reject Post"
This should be more clear.
2019-04-23 12:19:11 -04:00
Gerhard Schlager a7bc1ecbae FEATURE: Add support for Unicode usernames and group names
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-04-23 13:00:27 +02:00
Guo Xiang Tan d07605d885 DEV: Fix failing spec. 2019-04-23 18:25:28 +08:00
Guo Xiang Tan 97dcd50e51 DEV: Fix incorrect spec file names.
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2019-04-23 18:03:55 +08:00
Daniel Waterworth bf313c1b68 DEV: User email test optimization (#7405) 2019-04-23 17:49:05 +08:00
Dan Ungureanu 57d1dea8a2
FEATURE: Let staff add custom post notices. (#7377) 2019-04-19 17:53:58 +03:00
Nicolas Sebastian Vidal 2b8487b0ea Removed "shoulda" gem in favor of "shoulda-matchers" and update (#7387)
* Update shoulda gem

* Remove shoulda gem in favor of shoulda-matchers only
2019-04-18 07:41:37 +10:00
Robin Ward 14f9d40e48 FEATURE: Clarify Reviewable User Actions
"Approve" is now "Approve User" and "Delete" is a dropdown with a choice
that allows you to block.
2019-04-17 11:44:17 -04:00
Tarek Khalil 02a9429c38
REFACTOR: Quick refactor of the webhook event emitter job (#7385)
* REFACTOR: Quick refactor of the webhook event emitter job
2019-04-17 10:03:23 +01:00
Robin Ward ba6d4b2a8d FIX: Better handling for toggling `must_approve_users`
If you turn it on now, default all users to approved since they were
previously. Also support approving a user that doesn't have a reviewable
record (it will be created first.)

This also includes a refactor to move class method calls to
`DiscourseEvent` into an initializer. Otherwise the load order of
classes makes a difference in the test environment and some settings
might be triggered and others not, randomly.
2019-04-16 15:56:35 -04:00
Guo Xiang Tan 784940bea0 Fix the build. 2019-04-16 15:47:16 +08:00
Guo Xiang Tan 1056dd16d3 FIX: Publish web hooks when topic archetype is converted. 2019-04-16 15:18:39 +08:00
Guo Xiang Tan 8cb1890245 FIX: Missing topic edited web hook when publishing a topic. 2019-04-16 14:28:23 +08:00
Robin Ward 3ceff0a92a FEATURE: Send the user a notification when their post is approved 2019-04-15 16:20:16 -04:00
David Taylor 428536788c FIX: Do not error when importing a theme with empty files 2019-04-15 15:46:47 +01:00
Vinoth Kannan 8e40c35eb8 FIX: 'have_uploads' scope should include all uploads without multisite 'upload_path' prefix 2019-04-15 01:54:55 +05:30
Arpit Jalan 95ada3f190 FIX: save registration IP address for invited users 2019-04-13 13:04:25 +05:30
David Taylor 268d4d4c82
FEATURE: Multiple SCSS file support for themes (#7351)
Theme developers can include any number of scss files within the /scss/ directory of a theme. These can then be imported from the main common/desktop/mobile scss.
2019-04-12 11:36:08 +01:00
David Taylor 24ef4f7b2b Remove support for disable_jump_reply user setting (#7359) 2019-04-12 09:03:06 +10:00
Robin Ward 6f7b6a3333 FIX: Disagree and Restore should not revert edits 2019-04-11 16:21:18 -04:00
Robin Ward 331a809738 FEATURE: Display the reason for many reviewable items
Queued Posts and Users will now display a reason why they are in the
review queue.
2019-04-11 12:04:45 -04:00
Robin Ward cab83596ec FIX: Sites with SSO that required approval were not creating reviewables 2019-04-10 12:53:50 -04:00
Robin Ward 5d99346740 FIX: Always allow us to reject users, even if they are deleted 2019-04-10 11:00:39 -04:00
Roman Rizzi 536b90e0ef
FEATURE: Support searching custom staff actions (#7346) 2019-04-10 09:53:17 -03:00
Vinoth Kannan f5ac01253a FIX: use new changed method name and remove whitespaces 2019-04-09 02:25:26 +05:30
David Taylor 3987691b5e DEV: Correct specs which had exceptions raised in jobs 2019-04-08 16:00:33 +01:00
Maja Komel ca33d091b3 FIX: don't trigger notifications when changing category/tags of unlisted topics (#7323) 2019-04-05 15:06:38 +02:00
Sam Saffron 5f896ae8f7 PERF: Keep track of when a users first unread is
This optimisation avoids large scans joining the topics table with the
topic_users table.

Previously when a user carried a lot of read state we would have to join
the entire read state with the topics table. This operation would slow down
home page and every topic page. The more read state you accumulated the
larger the impact.

The optimisation helps people who clean up unread, however if you carry
unread from years ago it will only have minimal impact.
2019-04-05 12:44:45 +11:00
Guo Xiang Tan d299197392 DEV: Add missing test cases for `Topic.for_digest` and `Topic.secured`. 2019-04-05 09:00:48 +08:00
Robin Ward df48c657fd FIX: Reviewable counts were not updating properly
Sometimes sidekiq is so fast that it starts jobs before transactions
have comitted. This patch moves the message bus stuff until after things
have comitted.
2019-04-04 16:07:34 -04:00
Robin Ward 2055804e95 FIX: The option to delete replies was missing from the new review queue 2019-04-04 15:51:36 -04:00
Robin Ward 111a502231 FIX: Deleting Users should work nicely with Reviewable Users
"Rejecting" a user in the queue is equivalent to deleting them, which
would then making it impossible to review rejected users. Now we store
information about the user in the payload so if they are deleted things
still display in the Rejected view.

Secondly, if a user is destroyed outside of the review queue, it will
now automatically "Reject" that queue item.
2019-04-03 16:42:39 -04:00
Robin Ward c1ea63bdc1 FIX: Reviewables should not be created for users until they are active
Conversely, if a user is deactivated the reviewable should automatically
be rejected.

Before this fix, if a user was not active they'd still show in the
review queue but without an "Approve" button which was confusing.
2019-04-03 15:25:00 -04:00
Arpit Jalan 7b194743d7
FIX: clean up user export csv upload records in scheduled job (#7309) 2019-04-03 13:31:19 +05:30
Sam Saffron 1c57ae6657 FIX: grant first quote at the date post was created
Previously due to #b2dc65f9534ea date on the quoted_posts table could not
be trusted.

This changes it so we use the date on the actual post as the grant date.

Note: there is an edge case where you create a post and only add a quote
a week later. In this case the badge will not be awarded at the correct
time (it will display it was granted a week ago).
That said this is far more rare than the current situation.
2019-04-03 16:41:52 +11:00
Sam Saffron b2dc65f953 FIX: on rebakes should not recreate quoted_posts records
Previously every rebake would remove and recreate records in this table
This caused created_at and updated_at to keep changing

Yes, I know the SQL is somewhat complex, but this makes quote extraction
more efficient cause we do everything in 2 round trips.

This also removes some concurrency protection we should no longer need
2019-04-03 16:17:15 +11:00
Robin Ward d5a61ab167 FIX: Don't log a second pending action
If two people flagged the same post you'd get a "Pending" history event
logged which looked bad.
2019-04-01 17:07:47 -04:00
Joffrey JAFFEUX e986e96227
DEV: removes old dashboard (#7295) 2019-04-01 12:39:49 +02:00
Maja Komel 88128f1ced UX: show which groups are missing permissions for parent category (#7252) 2019-04-01 15:34:52 +11:00
Robin Ward 370355d754 FIX: Allow users with posts to be rejected 2019-03-29 13:53:46 -04:00
Maja Komel 4a3daacb1b FIX: reset embedding settings when no embeddable host, log host changes (#7264) 2019-03-29 17:05:51 +01:00
Guo Xiang Tan f458cba4cb FIX: Admin search logs should filter by date instead of timestamp.
The client side filters by date so it is confusion when the data changes as each second passes.
2019-03-29 11:50:25 +08:00
Guo Xiang Tan d8faf5f79e FIX: `SearcLog.term_details` generating incorrect data because of case.
Also match on equality rather than "LIKE ?" which is quite strange.
2019-03-29 11:31:01 +08:00
Robin Ward b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
Sam Saffron 9ebabc1de8 FEATURE: unconditionally update Topic updated_at when posts change in topic
Previously we would bypass touching `Topic.updated_at` for whispers and post
recovery / deletions.

This meant that certain types of caching can not be done where we rely on
this information for cache accuracy.

For example if we know we have zero unread topics as of yesterday and whisper
is made I need to bump this date so the cache remains accurate

This is only half of a larger change but provides the groundwork.

Confirmed none of our serializers leak out Topic.updated_at so this is safe
spot for this info

At the moment edits still do not change this but it is not relevant for the
unread cache.

This commit also cleans up some specs to use the new `eq_time` matcher for
millisecond fidelity comparison of times

Previously `freeze_time` would fudge this which is not that clean.
2019-03-28 17:28:01 +11:00
Tim Lange 12181599db FIX: Staff action records now also accepts action_name as filter (#7256) 2019-03-27 21:29:15 +01:00
Tarek Khalil 41563ba6b2
FIX: flaky test in reports (#7255)
* FIX: flaky test in reports
2019-03-26 13:23:57 +00:00
Guo Xiang Tan 839a54b97b FIX: Destroy `OptimizedImage` record even if `Upload` record is invalid. 2019-03-22 16:47:06 +08:00
Tarek Khalil 605530a77f FEATURE: Include muted users count within the ignored users report (#7230) 2019-03-21 14:31:45 +01:00
Tim Lange f7b156ffbd UX: Better emoji escaping for topic title (#7218)
* FIX: Fixed failing discourse-prometheus-alert-receiver plugin specs
2019-03-21 09:11:33 +01:00
Gerhard Schlager 64bf4d4483 DEV: Add spec for reusing category permalink
Follow-up to f3c76ad482
2019-03-20 23:38:59 +01:00
Régis Hanol 6fb49e74a1
Revert "UX: Better emoji escaping for topic title (#7176)" (#7201)
This reverts commit 0d9bc0aaa6.
2019-03-19 12:02:47 +01:00
Maja Komel 714a0d87df UX: order categories based on latest activity for all page styles (#7196)
follow up on 32db3ac2
2019-03-19 09:35:32 +01:00
Tim Lange 0d9bc0aaa6 UX: Better emoji escaping for topic title (#7176) 2019-03-19 09:33:10 +01:00
Maja Komel 7e9afdace3 FEATURE: custom colors for default letter avatars (#7167) 2019-03-18 16:24:21 +01:00
Guo Xiang Tan 5e410dc5e0
FEATURE: Ability to exclude category from search results. (#7194)
This commit also adds `Category#search_priority` which sets the ground
work to enable prioritizing of posts for certain categories when searching.
2019-03-18 15:25:45 +08:00
Penar Musaraj 9334d2f4f7
FEATURE: add more granular user option levels for email notifications (#7143)
Migrates email user options to a new data structure, where `email_always`, `email_direct` and `email_private_messages` are replace by

* `email_messages_level`, with options: `always`, `only_when_away` and `never` (defaults to `always`)
* `email_level`, with options: `always`, `only_when_away` and `never` (defaults to `only_when_away`)
2019-03-15 10:55:11 -04:00
Maja Komel 32db3ac228 UX: order categories based on recent activity when using categories_and_latest_topics layout (#7166) 2019-03-15 17:14:49 +11:00
Arpit Jalan d6d71de855 FIX: allow banner topic posts to be moved to regular topic (and vice versa) 2019-03-14 23:41:23 +05:30
Robin Ward fa5a158683 REFACTOR: Move `queue_jobs` out of `SiteSetting`
It is not a setting, and only relevant in specs. The new API is:

```
Jobs.run_later!        # jobs will be thrown on the queue
Jobs.run_immediately!  # jobs will run right away, avoid the queue
```
2019-03-14 10:47:38 -04:00
Guo Xiang Tan 40b03e717b FIX: `Upload#migrate_to_new_scheme` should not migrate system uploads. 2019-03-14 12:45:03 +08:00
Maja Komel 65f3ed0689 UX: make name optional for confirmation user field (#7149) 2019-03-13 18:40:43 +01:00
Joffrey JAFFEUX d32557ea32 Revert "FIX: Better emoji escaping for topic title"
This reverts commit 35426b5ad6.
2019-03-13 13:02:56 +01:00
Tim Lange 35426b5ad6 FIX: Better emoji escaping for topic title
This commit also puts emojiVersion in its own erb file.
2019-03-13 11:17:59 +01:00
Guo Xiang Tan b0c8fdd7da FIX: Properly support defaults for upload site settings. 2019-03-13 16:36:57 +08:00
Tarek Khalil 28384ba62c
FEATURE: Add `Top Ignored Users` report (#7153)
* FEATURE: Add `Top Ignored Users` report

## Why?

This is part of the [Ability to ignore a user feature](https://meta.discourse.org/t/ability-to-ignore-a-user/110254/8), and also part of [this PR](https://github.com/discourse/discourse/pull/7144).

We want to send a System Message daily when a specific count threshold for an ignored is reached. To make this system message informative, we want to link to a report for the Top Ignored Users too.
2019-03-12 16:01:58 +00:00
Robin Ward d1d9a4f128 Add new `run_jobs_synchronously!` helper for tests
Previously if you wanted to have jobs execute in test mode, you'd have
to do `SiteSetting.queue_jobs = false`, because the opposite of queue
is to execute.

I found this very confusing, so I created a test helper called
`run_jobs_synchronously!` which is much more clear about what it does.
2019-03-11 16:58:35 -04:00
Dan Ungureanu b28b418363
FIX: Various improvements to post notices.
- Notices are visible only by poster and trust level 2+ users.
- Notices are not generated for non-human or staged users.
- Notices are deleted when post is deleted.
2019-03-11 11:19:58 +02:00
Guo Xiang Tan 62579d79d4 DEV: Fix failing tests. 2019-03-11 11:12:11 +08:00
Guo Xiang Tan 8384075184 DEV: Fix incorrect test. 2019-03-11 11:00:47 +08:00
Robin Ward 57ee779b1e FIX: Job exception: undefined method `email' for nil:NilClass
It seems that due to jobs being asynchronous and wrapping code in a
DistributedMutex that by the time we run the
`UserAvatar#update_gravatar!` job that the user/user email might be
destroyed.

This patch checks before a call to `user.email_hash` to make sure
the user and primary email exist to prevent the exception. If not
present, the job exits as there's nothing to do because we are
probably running after the user was destroyed for some reason.
2019-03-08 13:39:56 -05:00
Osama Sayegh 5e58cedfbd
FIX: retranspile theme JS when settings YAML changes (#7131) 2019-03-08 17:49:06 +03:00
David Taylor b101065bad
FIX: Sanitize theme settings properly before injecting into stylesheets (#7031) 2019-03-08 08:58:06 +00:00
Dan Ungureanu 35942f7c7c
FEATURE: Special call-out for new / returning posters. (#7115) 2019-03-08 10:48:35 +02:00
David Taylor fc7938f7e0
REFACTOR: Migrate GoogleOAuth2Authenticator to use ManagedAuthenticator (#7120)
https://meta.discourse.org/t/future-social-authentication-improvements/94691/3
2019-03-07 11:31:04 +00:00
Arpit Jalan 2c8e1d3578 FEATURE: remove all expired invitations by default 2019-03-07 15:28:39 +05:30
Vinoth Kannan 167d85c21f FIX: post & topic destroyed hooks not triggering with tag filter 2019-03-06 22:52:54 +05:30
Sam 8d7c10f7f2 FIX: allow moderators to create categories setting broken
Mods require visibility to everyone group cause category dialogs need to
know about this.

If the site setting `allow moderators to create categories` will not function
without this

Note there is no security expansion of rights here, the group is technically
empty anyway and it always looks exactly the same on all discourse instances
2019-03-06 17:44:18 +11:00
Joffrey JAFFEUX 703c724cf3
REFACTOR: Migrate InstagramAuthenticator to use ManagedAuthenticator (#7081) 2019-03-04 14:54:28 +01:00
Maja Komel fea5d4f3ec FIX: any subcategory permissions are valid if everyone has access to parent category (#7097) 2019-03-04 14:49:26 +11:00
Arpit Jalan c02956e29c
FIX: when posts are moved to a message then small action post should not be publicly visible (#7085)
This fix is inspired from what we do in discourse-assigned plugin.
https://github.com/discourse/discourse-assign/blob/master/lib/topic_assigner.rb#L184
https://github.com/discourse/discourse-assign/blob/master/assets/javascripts/discourse-assign/initializers/extend-for-assigns.js.es6#L125-L133
2019-02-28 19:49:26 +05:30
David Taylor a8ffc02d06 PERF: Reduce N+1s on theme admin page 2019-02-26 14:22:02 +00:00
Sam 4fb9ca3bc9 DEV: correct heisentest, run report at consistent time
`Time.zone.now` can be any time, make this report run on a consistent time
bucket every run instead of changing it each run.
2019-02-25 14:17:52 +11:00
Joffrey JAFFEUX c5e952839a
FIX: prevents other tests from leaking modified theme color (#7051) 2019-02-21 15:12:20 +01:00
Gerhard Schlager 66901f67f6 UX: Moderator post wasn't completely translatable 2019-02-20 16:37:47 +01:00
Sam 1f4ace4f56 FEATURE: autocomplete usernames early in topic based on participation
Following this change when a user hits `@` and is replying to a topic they
will see usernames of people who were last seen and participated in the topic

This is somewhat experimental, we may tweak this, or make it optional.

Also, a regression in a423a938 where hitting TAB would eat a post you were writing:

Eg this would eat a post:

``` text
@hello, testing 123 <tab>
```
2019-02-20 13:34:43 +11:00
Gerhard Schlager 5d75bd4831 FIX: Don't try to rename group when username is taken
FIX: Always rename groups with the default locale instead of using the user's locale
2019-02-19 22:31:03 +01:00
David Taylor 7878e5007a
FIX: Refactor to prevent themes affecting core stylesheets (#7029)
If a theme setting contained invalid SCSS, it would cause an error 500 on the site, with no way to recover. This commit stops loading theme settings in the core stylesheets, and instead only loads the color scheme variables. This change also makes `common/foundation/variables.scss` available to themes without an explicit import.
2019-02-19 15:55:59 +00:00
Vinoth Kannan bf2059baf5 SPEC: check enqueued jobs size instead of using mocks 2019-02-19 13:14:06 +05:30
Vinoth Kannan f2c3415548 FIX: Should not generate payload until active webhooks are exist 2019-02-19 12:23:42 +05:30
David Taylor f04471e422 REFACTOR: Proxy letter avatars in rails instead of nginx
Co-authored-by: Sam Saffron <sam.saffron@gmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>

This gives more control over the request. In particular we can easily
lookup DNS dynamically, instead of only upon NGINX startup.
Previously, NGINX was looking up IP for the letter avatar service and
caching the CDN IP address, this caused issues if CDN changed IP, in
which letter avatars would be broken till a container restarted.

NGINX config has been updated to add caching. This change will require
a container rebuild.

The proxy will now function in development environments, so the patch
for `letter_avatar_proxy` has been removed.
2019-02-18 08:46:56 +11:00
Sam f8b70f4ca3 FIX: unable to create new categories
Previous attempt at 70adb940 missed the critical "everyone" group from
staff, leading to a case where staff was no longer able to create categories
2019-02-15 10:24:29 +11:00
Bianca Nenciu e2b8fbee12 DEV: Improve test. 2019-02-14 17:53:26 +02:00
Bianca Nenciu 7003ea96be FIX: Fix failing test. 2019-02-14 16:56:06 +02:00
Bianca Nenciu 70adb94008 SECURITY: Do not leak private group names. (#7008) 2019-02-14 15:35:58 +01:00
Maja Komel 39522659a6 FIX: validate parent category/subcategories permissions
See: https://meta.discourse.org/t/subcategories-do-not-inherit-permissions-from-parent-category/17174/23 for more details

This ensures users with access to child category can always at least see parent
2019-02-14 16:38:52 +11:00
Arpit Jalan b651605d6e FIX: tags added while editing a pending approval topic do not show up (#6959) 2019-02-14 15:42:40 +11:00
Sam 641b079c78 FIX: add support for missing verbs in user api key
Previously "write" scope was missing put and delete verbs which should be
allowed.

Also closes: #6982
2019-02-13 15:49:43 +11:00
Robin Ward c23411cc69 FIX: Heisentest - suspicious logins report was not ordered by date
The specs needed an order even though none was supplied.
2019-02-12 13:17:29 -05:00
David Taylor 91f0468f4e FIX: Allow unbaked theme fields to be destroyed
The after_commit hook was attempting to re-bake theme_fields after they were destroyed, which caused an exception to be thrown
2019-02-12 16:14:43 +00:00
Robin Ward 12d061a45b Remove stubbing of `auto_close_threshold_reached?` 2019-02-11 15:41:03 -05:00
Arpit Jalan dcd7b92532 FIX: some posters were not getting added to topic_allowed_users when moving posts to a new PM
If a user posted twice in a topic then subsequent posters were not getting added as topic_allowed_users.
2019-02-11 17:05:21 +05:30
Penar Musaraj c50db76f5d FIX: do not treat TIFF, BMP, WEBP as images
Treating TIFF and BMP as images cause us to add them to IMG tags, this is very inconsistent across browsers.

You can still upload these files they will simply not be displayed in IMG tags.
2019-02-11 16:28:43 +11:00
Robin Ward c719658f9f `human?` helper method on a user
This is cleaner than hard coding `id > 0` in ruby code.
2019-02-08 13:34:54 -05:00
Robin Ward 72b5ab0454 Don't wrap exceptions in test mode unless specifically requested.
This helps debugging reports with invalid SQL, which would otherwise
return no results instead of a useful error message while running
tests.
2019-02-08 11:26:26 -05:00
Régis Hanol c256121833 FIX: add support for style element in SVGs 2019-02-07 12:09:06 +01:00
Arpit Jalan ab2c2ea605
FIX: validate Invite email against `EmailValidator.email_regex` (#6975) 2019-02-06 22:38:06 +05:30
Robin Ward e75b240390 FIX: Some brittle tests with hardcoded ids
If we're going to use hardcoded ids, we should make sure the records are
not saved, or that the ID will not come up during normal use.
2019-02-01 11:44:37 -05:00
Sam a84aaf197a DEV: correct heisentest testing for avatars
If for some reason we created andupload with id 1 in the test then the
test would fail. This can happen if this is the absolute first test to
run on the db.

Fix sets the upload to a legitimate which in turn means the last upload
will not be upload id 1 and stops using id hard coding for the testing.
2019-02-01 13:27:06 +11:00
David Taylor 43f3bf71ba FIX: Imported themes should set their color scheme automatically 2019-01-31 17:45:11 +00:00
David Taylor 2e48c43546 FIX: Fix safe mode regression
Follow up from a48731e
2019-01-25 17:00:30 +00:00
David Taylor a48731e359
FEATURE: Support additional metadata in theme about.json (#6944)
New `about.json` fields (all optional):
 - `authors`: An arbitrary string describing the theme authors
 - `theme_version`: An arbitrary string describing the theme version
 - `minimum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.
 - `maximum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.

A localized description for a theme can be provided in the language files under the `theme_metadata.description` key

The admin UI has been re-arranged to display this new information, and give more prominence to the remote theme options.
2019-01-25 14:19:01 +00:00
Vinoth Kannan 2d6aa2aea2 FEATURE: Add recipient avatars in PM topic list even if they not yet replied 2019-01-25 19:41:49 +05:30
Jeff Wong 3359b3baca FEATURE: Do not autoclose topics due to user flagging that are authored by staff 2019-01-21 15:50:53 -08:00
Gerhard Schlager a123aafdad Fix random build error
Follow-up to b95165b838
2019-01-21 22:00:45 +01:00
Joffrey JAFFEUX b95165b838
FEATURE: adds a new chart report to track pageviews (#6913) 2019-01-21 15:17:04 +01:00
David Taylor 59028035df FIX: Update about/license URLs when updating theme from remote source 2019-01-18 17:46:57 +00:00
Joffrey JAFFEUX 95f9a369a5
FIX: ensures visits reports are correcttly differencing mobile/all (#6905) 2019-01-18 17:24:18 +01:00
David Taylor f774f08d5f DEV: Remove theme_var fields from import spec 2019-01-18 12:27:25 +00:00
David Taylor f40c97c367 Remove support for `theme_var` and `theme_color_var` fields
These are remnants of the old 'customization' system, and have been superseded by theme settings
2019-01-18 12:04:23 +00:00
Vinoth Kannan 2818afb267 FIX: Do not hide posts automatically when flagged by staff user 2019-01-18 01:33:55 +05:30
David Taylor 24b59afe2a FIX: Wrap theme javascript inside IIFE to prevent using global namespace 2019-01-17 14:44:10 +00:00
David Taylor def6b2fca1 DEV: Correct theme setting specs 2019-01-17 12:39:34 +00:00
David Taylor 880311dd4d
FEATURE: Support for localized themes (#6848)
- Themes can supply translation files in a format like `/locales/{locale}.yml`. These files should be valid YAML, with a single top level key equal to the locale being defined. For now these can only be defined using the `discourse_theme` CLI, importing a `.tar.gz`, or from a GIT repository.

- Fallback is handled on a global level (if the locale is not defined in the theme), as well as on individual keys (if some keys are missing from the selected interface language).

- Administrators can override individual keys on a per-theme basis in the /admin/customize/themes user interface.

- Theme developers should access defined translations using the new theme prefix variables:
  JavaScript: `I18n.t(themePrefix("my_translation_key"))`
  Handlebars: `{{theme-i18n "my_translation_key"}}` or `{{i18n (theme-prefix "my_translation_key")}}`

- To design for backwards compatibility, theme developers can check for the presence of the `themePrefix` variable in JavaScript

- As part of this, the old `{{themeSetting.setting_name}}` syntax is deprecated in favour of `{{theme-setting "setting_name"}}`
2019-01-17 11:46:11 +00:00
Guo Xiang Tan aa2cc4ab31 FIX: Liked notification consolidation has to account for user like frequency setting. 2019-01-17 14:33:23 +08:00
Guo Xiang Tan b4c2d49b0c DEV: Consolidate and remove duplicated liked notifications tests. 2019-01-17 11:14:17 +08:00
Sam d5ecf8e8c2 FIX: properly clean out post and user actions on destroy user
This corrects 2 issues:

First is a regression with d7c08e21 for some reason dependent :delete_all
respects default scopes where-as dependent :destroy bypasses it.

Secondly, we were keeping orphan user actions around on user destroy, this
ensures we remove all the user actions not only ones that originated by
the user.

So for example: if I like a post of user A we create a user action saying I
did that, but once user A is deleted we were not removing the action leading
to an orphan action in the database.
2019-01-17 12:40:30 +11:00
Guo Xiang Tan f06b773d25 FIX: Don't show liked consolidated notification when frequency is never. 2019-01-16 17:08:59 +08:00
Guo Xiang Tan e7b49c42c4 FIX: Allow liked notifications consolidation to be disabled. 2019-01-16 16:17:04 +08:00
Guo Xiang Tan 27e2b6575b FIX: Liked notifications should not be consolidated across multiple users. 2019-01-16 15:01:13 +08:00
Guo Xiang Tan ebe65577ed
FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00
Vinoth Kannan 59e5af466b FIX: call method only if it exists
discourse-objects creating empty Discourse object in window. It fails the _registerPluginCode method call since it is not exist.
2019-01-15 15:55:32 +05:30
Guo Xiang Tan 78748f1501 DEV: Refactor tests for notification when liking a post.
Tests were covering the same code path so I'm consolidating it.
2019-01-14 11:43:09 +08:00
Guo Xiang Tan 2956c52e57 FIX: Show title as home logo if title has been set and logo is blank.
https://meta.discourse.org/t/default-text-logo-not-working/103936
2019-01-11 15:46:58 +08:00
Guo Xiang Tan d10694150e Revert "FIX: Partial reply key search in email sent logs."
This reverts commit e9b2018bc8.
2019-01-10 10:05:56 +08:00
Guo Xiang Tan e9b2018bc8 FIX: Partial reply key search in email sent logs.
Follow up to c85b9c6ed3
2019-01-10 09:25:14 +08:00
Rafael dos Santos Silva f73fe36772 FEATURE: PWA compatibility checks in the Dashboard (#6850) 2019-01-09 08:46:11 +08:00
Rishabh 733a60e888 FIX: Remove trailing whitespace to fix build 2019-01-08 17:37:43 +05:30
Vinoth Kannan 8f602be2fe FEATURE: keep the topic in closed status until the community flags are handled 2019-01-08 16:13:10 +05:30
Robin Ward 5eaf3cb104 Adjusts the `minimum_flag_threshold` for TL3/TL4 actions
Before this patch, a high trust level user could flag something
and have an action be taken, as well as skipping the flag queue.

Now, if a TL3/TL4 cause an action, the flag will skip the minimum
visibility check and allow staff to review it.
2019-01-04 13:16:44 -05:00
Sam 70269c7c97 FEATURE: tighter limits on per cluster post rebakes
We have the periodical job that regularly will rebake old posts. This is
used to trickle in update to cooked markdown. The problem is that each rebake
can issue multiple background jobs (post process and pull hotlinked images)

Previously we had no per-cluster limit so cluster running 100s of sites could
flood the sidekiq queue with rebake related jobs.

New system introduces a hard limit of 300 rebakes per 15 minutes across a
cluster to ensure the sidekiq job is not dominated by this.

We also reduced `rebake_old_posts_count` to 80, which is a safer default.
2019-01-04 09:24:46 +11:00
Arpit Jalan d1597683f3 Revert "FIX: trim trailing slash from topic links"
This reverts commit 993f847a2c.

There is an edge case where the link click redirect fails when the URL has trailing slash. Need to figure out a better fix for this.
2019-01-03 17:29:22 +05:30
Arpit Jalan 993f847a2c FIX: trim trailing slash from topic links 2019-01-03 12:38:36 +05:30
Sam 570877da3c FEATURE: store thumbnail algorithm version in optimized image table
Previously we had no idea what algorithm generated thumbnails, this starts tracking the version.

We also bumped up the version to force all optimized images to be generated. This is important cause we recently introduced pngquant which results in much smaller images.
2019-01-03 17:07:30 +11:00
Neil Lalonde 3236f2668f add note to specs about ImageMagick 7 requirement 2019-01-02 12:03:57 -05:00
Gerhard Schlager 8cb5ed3a7c DEV: Fix random build error 2019-01-02 17:27:08 +01:00
Sam 766e67ce57 FEATURE: introduce lossy color optimization on resized pngs
This feature ensures optimized images run via pngquant, this results extreme amounts of savings for resized images. Effectively the only impact is that the color palette on small resized images is reduced to 256.

To ensure safety we only apply this optimisation to images smaller than 500k.

This commit also makes a bunch of image specs less fragile.
2019-01-02 17:20:02 +11:00
Guo Xiang Tan 2feeba0f1c DEV: Remove duplicated assertion. 2019-01-02 05:07:58 +08:00
Jeff Atwood 96aca20fd7 add image optim version note to relevant tests 2019-01-01 01:25:00 -08:00
Arpit Jalan 70fdc10365
FEATURE: move posts to new/existing PM (#6802) 2018-12-31 17:17:22 +05:30
Joffrey JAFFEUX f1269fa807
FEATURE: Add `Top Uploads` report (#6825)
Co-Authored-By: I am very Pro-Grammer. <khalilovcmded@users.noreply.github.com>
2018-12-28 20:48:54 +01:00
Sam Saffron 303a535dba PERF: automatic upload size calculation not persisted
Previously if upload had missing width and height we would calculate
on first use BUT we (me) forgot to save this to the database

This was particularly bad on home page cause category images (when old)
miss dimensions.
2018-12-26 17:19:29 +02:00
Joffrey JAFFEUX f637286db5
UX: improves flags-status report (#6773)
- link to post
- cover more post action types
2018-12-26 10:29:33 +01:00
Kyle Zhao 61dcd7c52c FIX: validate YAML before save to avoid race condition 2018-12-25 15:08:17 +02:00
Vinoth Kannan a16bb32865 FIX: Do not raise error if most liked user is deleted 2018-12-25 01:04:55 +05:30
Vinoth Kannan 2909e7fbdf FIX: Subfolder path is missing in category permalinks after slug update 2018-12-21 09:29:54 +05:30
Vinoth Kannan 9c6f77f9da DEV: Remove the unique_searches column from select query 2018-12-19 02:45:48 +05:30
Robin Ward 6080e3a2c0 FIX: Broken spec 2018-12-18 14:55:09 -05:00
Robin Ward 662cfc416b FEATURE: Show a blurry preview when lazy loading images
This generates a 10x10 PNG thumbnail for each lightboxed image.
If Image Lazy Loading is enabled (IntersectionObserver API) then
we'll load the low res version when offscreen. As the image scrolls
in we'll swap it for the high res version.

We use a WeakMap to track the old image attributes. It's much less
memory than storing them as `data-*` attributes and swapping them
back and forth all the time.
2018-12-19 01:57:30 +08:00
Vinoth Kannan 341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column (#6791) 2018-12-18 19:13:46 +05:30
Neil Lalonde ef0e84e3d9 FIX: clear the site_contact_username setting if the user's staff privileges are revoked 2018-12-14 16:52:44 -05:00
Joffrey JAFFEUX 03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel 9f89aadd33 FIX: delete all posts in batches without hijack (#6747) 2018-12-14 11:04:18 +01:00
Sam 7ee9a6a7ec SECURITY: do not delete avatars uploads when deleting accounts
We rely on the clean up uploads job to do this safely
2018-12-13 16:26:07 +11:00
Sam 671469bcc7 FIX: URLs containing two # would fail to work
Some URLs in browsers are non compliant and contain twos `#` this commit adds
special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 18:03:13 +11:00
Gerhard Schlager 7977b09025 FEATURE: Activate users invited via email when invite is redeemed
Do not send an activation email to users invited via email. They
already confirmed their email address by clicking the invite link.
Users invited via link will need to confirm their email address before
they can login.
2018-12-11 00:09:53 +01:00
David Taylor 160d29b18a
REFACTOR: Migrate TwitterAuthenticator to use ManagedAuthenticator (#6739)
No changes to functionality. TwitterAuthenticator goes from 136 lines to 24, and all twitter-specific logic elsewhere has been deleted 🎉
2018-12-07 15:39:06 +00:00