The new site setting `allow_anonymous_and_tl0_to_flag_illegal` allows
tl0 users to flag illegal content. In addition, anonymous users are
instructed on how to flag illegal content by sending emails.
Also `email_address_to_report_illegal_content` setting is added. If not
provided, then the site contact email is used.
Reverts 02113fc.
This is an imperfect detection of tablets and more generally, we want to
move away from detecting specific devices. THere's a broader effort to
remove mobile/desktop detection and rely instead on viewport-width-based
patterns and feature detection (touch, hover, etc.). See
https://github.com/discourse/discourse/pull/30642
To reach the same results in CSS/jS, we can use the `touch` and `hover`
media queries.
In CSS, something like:
```
@media (hover: none) {
// hover non excludes touchscreen desktops
.discourse-touch {
// we detect touch capability on the JS side, a bit of a belts and suspenders approach
}
}
```
And in JS:
```
this.capabilities.touch` plus `window.matchMedia("(hover: none)").matches
```
When we had no width stored for the side panel in the local storage,
essentially the computation would end up being:
```javascript
Math.min(null, 1000);
```
Which would output: 0. This commit ensures we have a default for store
width: MIN_PANEL_WIDTH. And also uses the same value in CSS and JS.
I had to change z-layers of chat-side-panel resizer as it was
interfering with system specs changing the notification level of a
thread, when trying to click the option in the dropdown, it would
instead click the resizer as it would appear on top of the dropdown.
Tried to write a test but couldn't get something reliable.
When tapping something on a touch-enabled device, `mouseMove` events are
still fired, so floatkit would still be triggered even if configured for
'hover' only. For links, this would be particularly strange, because the
tooltip would appear for a split-second, before the page navigation
occured.
To avoid this problem, we can use the more-modern 'pointerMove' event,
and check the `pointerType` to exclude 'touch'
The stacking context fix we use in chat to avoid:
https://bugs.webkit.org/show_bug.cgi?id=262287 was causing this weird
behavior in chat where the scroll event wouldn't fire when the finger is
on text and not an empty area of the scrollable div.
This simplified implementation seems to work reliably and avoids the
issue.
In the new admin UI conventions, button labels and section headings should be sentence case, rather than title case.
This PR performs a sweep of all the fragments visible when using the sidebar layout.
This PR introduces a base page object for admin pages. Since we're standardizing using components, this makes writing tests easier by abstracting away details about selectors.
This PR is a follow-up to #30636.
The previous change altered the `data_type` of the `base_font` and
`heading_font` site settings, but didn't update the corresponding
entries in the `site_settings` table to match.
* Fix tabbing inputs on first wizard step, the user would end up on
"Skip to content"
for the page "behind" the wizard. If the wizard is showing we can just
not render the skip to content element
* Only show the required wizard steps in the counter, so we do X/4
rather than X/6 at the top of the page.
* Change to "Setting up your theme..." by default, but if the install
takes 10s or more add a note that things are still happening and to
be patient.
A handful of the page objects for admin pages were placed directly under /page_objects rather than under /page_objects/pages with the others. This PR simply moves them.
Followup 72c4709a5a
Previously we made a fix to allow skip validations when tagging
a topic via TopicCreator. However, this flow also skips a lot of
the more in-depth work on tags we do when creating a topic, like
processing tag synonyms. When approving reviewable queued posts,
we skip validations, so this would cause an issue where a topic
was approved and the tag synonyms weren't applied.
This commit changes the logic so we attempt the more complete
`DiscourseTagging.tag_topic_by_names` call first and if this fails
and skip validations is on, then we do
`DiscourseTagging.add_or_create_tags_by_name`.
This at least gives a chance for the full workflow to work first.
Admin pages that are based off the customize or plugin templates were wrapped in the `admin-container` class, which has slightly different margins to the `admin-config-page` class, which is used on most admin pages.
This change ensures that all the admin pages have the same alignment.
Update the header of the admin Logs page to be more consistent with the rest of the admin UI.
The tabs to access the different sub-pages have also been updated.
The heading role on topic lists is desirable for screenreader users
because they can easily navigate from heading to heading.
Having this role on the link tag directly becomes problematic for Voice
Control users on Apple devices because unfortunately Voice Control
assumes that when given the role of a heading, it is not a link. This
makes it difficult to click.
This PR moves the heading role to the link's wrapper. This change allows
for heading-to-heading navigation for screenreaders, and also makes it
easier to click using Voice Control. The end result is that topic lists
are both navigable for screenreaders and Voice Control users.
We have the other side of this association wired up --
da72ad4ecd/app/models/topic_hot_score.rb (L4)
This commit simply adds the association to `Topic` model so we can
reference the hot score.
Related: https://github.com/discourse/discourse/pull/30535
In the PR above, the [content-disposition
header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition)
was removed for all non-svg files due to the "attachment" keyword added
to them, causing files to be downloaded instead of opening in a new tab
when requested. When removing that, it also removed the filename
attribute attached to s3 uploads.
After some testing, it turns out that `filename` is also respected when
next to `inline`, despite it not being obvious [in
docs](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition#syntax).
This commit adds inline+filename so that users can still download files
and have filenames be respected instead of using the s3 hash.
```http
<!-- mdn docs -->
Content-Disposition: inline
Content-Disposition: attachment
Content-Disposition: attachment; filename="file name.jpg"
Content-Disposition: attachment; filename*=UTF-8''file%20name.jpg
<!-- this actually works too -->
Content-Disposition: inline; filename="file name.jpg"
```
The `key` provided in the S3 inventory file will esacpe any special
characters in the filename of the key so we need to unescape. Otherwise,
uploads with extensions that conatins special characters will fail to
match records which we insert into the temporary table based off the
s3 inventory file.
* Do not offer "categories with latest" option anymore, it does
not look good with our default Sidebar selection
* Display a sensible item in the dropdown if the admin has not
chosen hot, latest, or category_boxes as the homepage style,
before it was broken. Now we show Custom with a little blurb
about whether topics or categories are shown, and what the landing
page is
Update the header of the admin Email Style page to be more consistent with the rest of the admin UI.
The HTML/CSS tabs have also been updated, which required an extra check being added to the NavItem component.
Follow up from https://github.com/discourse/discourse/pull/27712.
Currently, we already add `noindex` to /u routes. However, due to
robots.txt blocking this, search engines are not able to see the header.
This commit removes /u from our robots.txt to allow search engines to
see the header. This commit also includes a migration to remove the /u
from admins who have overridden the file. I had contemplated not
including this migration, but seeing there are existing site admins who
are trying to remove errors from their dashboard, they would probably
welcome this change.
The migration replaces overridden text at this area, and will not modify
if additional routes have been added in-between:
<img width="500" alt="Screenshot 2025-01-15 at 11 28 43 AM copy"
src="https://github.com/user-attachments/assets/60db64c9-ed33-48a5-a917-a10545282a5c"
/>
Side effect note: This might potentially result in more pageviews* from
GoogleBot (for example) for a period of time as Google starts visiting
the user routes they have been denied before.
There are a few changes here to make the Emails admin page more consistent with the rest of the admin UI.
- The header and navigation menu have been updated.
- The sidebar now stays highlighted when visiting the email admin sub-pages.
- Moved the Template editor from /admin/customize/email_templates to /admin/email/templates, so it fit as a sub-page.
- Removed the link to the Template editor from the Customize section of the old top menu, since it's accessible from the Emails section, instead.
Both heading_font and body_font should not allow
additional user-defined values, these are lists with
predefined choices. The UI already prevents this
because the font selector dropdown is unique, but
we want to make sure the setting definition reflects
this too.
When clicking the "new features" notification item for
admins that navigates to /whats-new, the user notification
menu was not closing. This was happening because inside
the UserMenu::Menu component, the `routeDidChange` event
was firing and calling `closeUserMenu()`, however this is already
called inside the `Header` component via `toggleHamburger()`.
This is _only_ happening for the "new features" notification
item, other items have already been destroyed and they do not get
the `routeDidChange` event. No idea why, but this fixes the issue
in a global way.
Not sure why, but it looks like this `z-index: -1` on the composer
causes iOS to crash super quickly when pinch zooming . This change was
introduced in 07e5f8907e and is not
strictly necessary, let's try removing.
In 0ed4b09527, this code was moved into
app.js, which means it actually ends up running after all the other
imports have been completed. That's too late, and some deprecations are
triggered before that.
This commit moves `setupDeprecationWorkflow` back into its own module,
with a 'side effect only' import from `app.js`.
dependabot[bot]
Krzysztof Kotlarek
David Taylor
Régis Hanol
Penar Musaraj
Joffrey JAFFEUX
Mark VanLandingham
Tomas Vavrda
Tobias Eigen
Ted Johansson
Gary Pendergast
Martin Brennan
Kris
Sérgio Saquetim
Natalie Tay
Alan Guo Xiang Tan