Commit Graph

20249 Commits

Author SHA1 Message Date
David Taylor 3324747afe UX: Improve account association when account description is missing 2019-07-27 16:37:21 +01:00
Rafael dos Santos Silva 1922d4bf78 PERF: Add more constraint on the Cache Storage usage
Only restricting cache per age wasn't enough for instances with lots of
multimedia usage and high number of posts.

MaxEntries is also more effective on cleanup, and purgeOnQuotaError
advertise that Discourse cache can be purged if necessary.

https://developers.google.com/web/tools/workbox/guides/storage-quota
2019-07-27 11:52:21 -03:00
Julien Ma dcb0e5f1e5 Fix "Host is invalid" error when TLD >10 chars (#7948)
Related to https://meta.discourse.org/t/host-is-invalid-error-when-tld-is-longer-than-7-characters/46081.

Using Discourse `v2.4.0.beta2 +119`, I can't add an host (when embedding, cf. `/admin/customize/embedding`) ending with `.engineering`.
Turns out current regex limits to 10 characters.

Fix is dumb: it only allows for up to 24 chars, which is the **current** max TLD length, see https://stackoverflow.com/a/22038535/1907212.

---

Maybe a better (and longer-term) fix would be to allow for up to 64 chars, which I understand comes from the RFC.
I'm not at ease with regexes, so can't be sure about it, but [this suggestion](https://meta.discourse.org/t/host-is-invalid-error-when-tld-is-longer-than-7-characters/46081/8?u=julienma) seems pretty good:

> rules of DNS labels are:
>
> - All labels are 1 to 63 characters, case insensitive A to Z, 0 to 9 and - (hyphen), all from ASCII.
> - No labels may start with a hyphen.
> - No top level domain label may start with a number.
>
>That means a regexp for a valid domain name would look like:
>
>`/^([a-z0-9][a-z0-9-]{0,62}\.)+[a-z][a-z0-9-]{0,62}\.?$/`
>
>Domains that are just a TLD are sufficiently bizarre as to be worth ignoring.
2019-07-26 16:29:48 -04:00
Penar Musaraj 042f7184f1 DEV: Display FA 4.7 deprecation notice in all environments
FA 4.7 icon mapping will be removed soon.
2019-07-26 15:25:20 -04:00
Penar Musaraj f408c583e8 DEV: Remove lightbox CSS rules 2019-07-26 10:57:22 -04:00
Osama Sayegh 525920a979
FIX: Better error when SSO fails due to blank secret (#7946)
* FIX: Better error when SSO fails due to blank secret

* Update spec/requests/session_controller_spec.rb

Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2019-07-26 17:37:23 +03:00
Joffrey JAFFEUX fe7f0982af
DEV: attemps to limit Discourse.User.current() usage (#7943) 2019-07-26 11:20:11 +02:00
Arpit Jalan 0603636cea FIX: include default label when exporting reports 2019-07-26 12:57:13 +05:30
Kris 0f4fa98a82 Margin applied too broadly, caused extra space on like-count 2019-07-25 16:00:13 -04:00
Gerhard Schlager fd12c414e7 DEV: Refactor helper methods for upload markdown
Follow-up to a61ff167
2019-07-25 16:36:35 +02:00
Vinoth Kannan 2ba4de2d45 REVERT: DEV: should ignore missing post uploads when a user export destroyed
Reverts 793915fe6a. We no longer need this since we're destroying each posts in commit 028121b95b.
2019-07-25 19:41:25 +05:30
Kyle Zhao 0e1d6151b9 FIX: Frozen string error in `TopicEmbed.import` (#7938)
When `SiteSetting.embed_truncate` is enabled (by default), the truncated
string is mutatable and does not raise an error.

However, when the setting is disabled, the `contents` string is frozen
and immutable, and will raise a `FrozenError`.
2019-07-25 09:21:01 -04:00
Gerhard Schlager a61ff16740 DEV: Make attachment markdown reusable 2019-07-25 14:04:18 +02:00
David Taylor 4f1382a54a FIX: Hide live-loaded posts from ignored users 2019-07-25 12:01:29 +01:00
Joffrey JAFFEUX 0c7df55686
DEV: uses router.currentRouteName instead of application (#7942)
https://deprecations.emberjs.com/v3.x/#toc_application-controller-router-properties
2019-07-25 12:50:30 +02:00
Joffrey JAFFEUX 1dde6a5355
DEV: prevents post.siteSettings computed property to be overridden (#7941)
This happens when loading a post from a json object and is a behavior which will be impossble in future Ember updates.
2019-07-25 11:54:23 +02:00
Joffrey JAFFEUX c7b146cbdf
FIX: reverts #18e2816 (#7940) 2019-07-25 11:14:23 +02:00
Osama Sayegh 997add3af9
DEV: Add extension point to allow modifying SSO URL (#7937)
This allows plugins to, for example, add extra query params to the SSO URL when discourse redirects to to the SSO website.
2019-07-25 00:18:27 +03:00
Joffrey JAFFEUX c1d2fb115c
DEV: prevents staff computed property to be overridden (#7931) 2019-07-24 22:01:08 +02:00
Kris 2ab022494a UX: Add expanded/collapsed class to post-controls (#7932) 2019-07-24 10:08:59 -04:00
Joffrey JAFFEUX 1d38bf7e2c
DEV: removes deprecated property() usage from topic-footer-button api (#7930) 2019-07-24 13:55:18 +02:00
Joffrey JAFFEUX e83dcfdb7b
DEV: ensures application.hbs is using router currentPath (#7929) 2019-07-24 13:33:59 +02:00
Joffrey JAFFEUX e444ce7ccd
REFACTOR: this.$() deprecation (#7928) 2019-07-24 13:17:36 +02:00
David Taylor 0a6cae654b SECURITY: Add confirmation screen when connecting associated accounts 2019-07-24 10:28:15 +01:00
Joffrey JAFFEUX 02e27b5cff
UX: fixes onebox favicon vertical alignment (#7926) 2019-07-24 09:40:32 +02:00
Osama Sayegh 8b5f44a9a7
FIX: apply defaults constraints to routes format (take 2) (#7920)
Reapplies 7d01c5de1a
2019-07-23 20:17:44 +03:00
Saurabh Patel 9e0a3b8229 bug: keep query params present in auth_redirect (#7923)
https://meta.discourse.org/t/user-api-keys-payload-and-existing-query-string-leads-to-a-double-question-mark/123617
2019-07-23 12:16:03 -04:00
Kris 3fdc10337d follow up fix to 7d27b8b 2019-07-23 11:37:34 -04:00
Kris 7d27b8bb8c add class for extra post buttons 2019-07-23 11:32:04 -04:00
Joffrey JAFFEUX e117b10ea8
FIX: improves tags checking when updating category of topic (#7921)
- will ensure this tag is not restricted to another category, and not only ensure this category can use it
- will clean tags param, in case client is sending an empty array, eg: [""], this could be solved client-side, but we ensure it won't happen ever this way
2019-07-23 17:06:25 +02:00
Joffrey JAFFEUX 8a9ce7336d
FIX: removes uncategorized context if not allowed in composer (#7922) 2019-07-23 17:05:49 +02:00
Saurabh Patel 4bc5ccf7e4 BUG: send featuredLink as featured_link to backend to update correct … (#7915)
* BUG: send featuredLink as featured_link to backend to update correct value
https://meta.discourse.org/t/editing-a-topic-link-does-not-change-its-featured-link/123007

* review fix
2019-07-23 09:49:04 -04:00
Gerhard Schlager 845fd42153 FIX: Update reply count when moving posts 2019-07-22 21:42:24 +02:00
Gerhard Schlager 271ddac467 FIX: Delete notifications users can't see after moving posts
No need to let notifications stay around when users can't access
a topic after it was converted into a PM or posts were moved
into a restricted topic.

Also makes sure that moving to a new topic correctly uses the
guardian for the first post by enqueuing jobs outside of a
transaction.
2019-07-22 19:02:21 +02:00
Gerhard Schlager 1235105c03 FIX: Old notifications didn't link to correct post after moving post 2019-07-22 17:38:45 +02:00
Osama Sayegh 5fc5a7f5ae FEATURE: Add search operator to see all direct messages from a user (#7913)
* FEATURE: Add search operator to see all direct messages from a user

* Only show message if related messages >= 5

* Make "all messages" the hyperlink

* Review
2019-07-22 10:55:49 -04:00
Saurabh Patel 08b48b2ba6 add user avatar to user crawler layout (#7917) 2019-07-22 10:52:35 -04:00
Kris f1dd7d05e4 Update fa to d-icon for buttons, add icon space 2019-07-22 10:31:21 -04:00
Kris 8ee48d8933 UX: Improve layout of long tag headings on mobile 2019-07-22 10:08:03 -04:00
Osama Sayegh f14c6d81f4
FEATURE: Watched words improvements (#7899)
This commit contains 3 features:

- FEATURE: Allow downloading watched words
This introduces a button that allows admins to download watched words per action in a `.txt` file.

- FEATURE: Allow clearing watched words in bulk
This adds a "Clear All" button that clears all deleted words per action (e.g. block, flag etc.)

- FEATURE: List all blocked words contained in the post when it's blocked
When a post is rejected because it contains one or more blocked words, the error message now lists all the blocked words contained in the post.

-------

This also changes the format of the file for importing watched words from `.csv` to `.txt` so it becomes inconsistent with the extension of the file when watched words are exported.
2019-07-22 14:59:56 +03:00
Joffrey JAFFEUX 67650328b4
FIX: allows to specify camelCased attributes in wrap component (#7919) 2019-07-22 09:24:27 +02:00
Gerhard Schlager 651a5b6e40 SECURITY: Validate backup chunk identifier 2019-07-22 08:43:16 +02:00
Roman Rizzi eb26bee046
DEV: group_list site settings should store IDs instead of group names (#7860)
* DEV: group_list site settings should store IDs instead of group names

* Ship site setting to know when we should migrate group_list settings

* Migrate existing group_list site settings

* Bump migration timestamp and don't set null when migrating is not possible.
2019-07-19 15:17:58 -03:00
Robin Ward e47e0af123
FEATURE: Allow viewing of raw emails for reviewable queued posts (#7910)
If a post arrives via email but must be reviewed, we now show an
icon that can be clicked to view the raw contents of the email.

This is useful if Discourse's email parser is acting odd and the user
reviewing the post wants to know what the original contents were before
approving/rejecting the post.
2019-07-19 11:56:14 -04:00
Robin Ward 8dd3cbfcb9
FEATURE: Allow choice of category when making a PM public (#7907)
* FEATURE: Allow choice of category when making a PM public

Previously it would default to uncategorized, which was not ideal on
some forums. This gives the staff member more choice about what they'd
like to do.

* Make the optional category more explicit

* Joffrey's feedback
2019-07-19 11:52:50 -04:00
Kris 9075789783 IE11 fix for b73bd7f 2019-07-19 11:46:20 -04:00
Bianca Nenciu 9ba2c7cd8b
FIX: Set a minimum reading time per post. (#7842)
Topics containing only images could generate a reading time of zero minutes.
2019-07-19 18:15:38 +03:00
Kris 5a3a6824c4 UX: Refactor avatar upload modal for better mobile spacing 2019-07-19 10:39:38 -04:00
Arpit Jalan 1f1b3e99d1 UX: update invite 'not found' message 2019-07-19 16:39:44 +05:30
Arpit Jalan 2f6ce29736 FIX: do not request refresh on 'log out all' request 2019-07-19 16:24:58 +05:30
Dan Ungureanu 30c491500a
FEATURE: Permit users who had no penalties in last 6 months to be TL3. (#7892)
Previously, users who had any penalties (were silenced or suspended)
were not allowed to promote to Trust Level 3.

There is also a more subtle change here: if users were silenced or
suspended and then the operation was reverted (user was un-silenced
or un-suspended), then it would have been like the user was never
penalized in the first place. This is no longer the case. To forgive a
user earlier, administrators can use "Clear Penalty History" feature.

Lastly, Jobs::UnsilenceUsers will automatically unsilence any users who
should no longer be silenced (silenced_till < now()). This made it so
silence_count - unsilence_count == 0 for any user who is not silenced,
which defeated the purpose of this TL3 requirement.
2019-07-19 12:46:10 +03:00
Bianca Nenciu 9f500a4ff4
FIX: Show same username or name for post notices. (#7862) 2019-07-19 11:05:48 +03:00
Arpit Jalan eb9155f3fe
FEATURE: send max 200 emails every minute for bulk invites (#7875)
DEV: deprecate `invite.via_email` in favor of `invite.emailed_status`

This commit adds a new column `emailed_status` in `invites` table for
 tracking email sending status.
 0 - not required
 1 - pending
 2 - bulk pending
 3 - sending
 4 - sent

For normal email invites, invite record is created with emailed_status
 set to 'pending'.

When bulk invites are sent invite record is created with emailed_status
 set to 'bulk pending'.

For invites that generates link, invite record is created with
 emailed_status set to 'not required'.

When invite email is in queue emailed_status is updated to 'sending'

Once the email is sent via `InviteEmail` job the invite emailed_status
 is updated to 'sent'.
2019-07-19 11:29:12 +05:30
Blake Erickson d26aa6e71e REFACTOR: Cleanup rake tasks based on feedback
Follow up to: [FEATURE: Create a rake task for destroying categories][1]

- `Discourse.system_user` is my friend
- Remove puts statements from rake tasks that don't return anything
- `for_each` is also my friend
- Use `human_users` to also exclude discobot
- Sort/format categories:list

[1]: 092eeb5ca3
2019-07-18 19:15:01 -06:00
Gerhard Schlager 2ecc613c5d FIX: URL encode usernames in user profile links in RSS feeds
user_url() failed for usernames containing Unicode characters because it expects URL encoded usernames. RSS feeds do not support IRIs, so lets convert them to URIs by encoding the usernames.
2019-07-18 23:18:23 +02:00
Joffrey JAFFEUX 533f5172d7
fix tests (#7912) 2019-07-18 23:15:36 +02:00
Joffrey JAFFEUX 8dfd0e0374 DEV: uses private API for currentPath (#7911)
* DEV: uses with private API for currentPath

router.currentRouteName as a slightly different API and application.currentPath is deprecated

* another fix
2019-07-18 17:00:39 -04:00
Kris e8a14a3a65 Updating breakpoint mixin value name 2019-07-18 16:33:12 -04:00
Vinoth Kannan ad04ce9f43 FIX: remove post upload record creation inside 'find_missing_uploads' method. 2019-07-19 01:44:08 +05:30
Joffrey JAFFEUX 9cdc059a99
fix tests (#7908) 2019-07-18 19:48:12 +02:00
Joffrey JAFFEUX f9c7d5a4bd DEV: removes application.currentPath deprecation (#7905)
See https://deprecations.emberjs.com/v3.x#toc_application-controller-router-properties for more context
2019-07-18 13:29:37 -04:00
Joffrey JAFFEUX 617c74bc79 DEV: remove .property() deprecations (#7906)
More context at https://deprecations.emberjs.com/v3.x#toc_function-prototype-extensions-property
2019-07-18 13:28:23 -04:00
Robin Ward 5e50a24d3a
Fix typo
It's jump-to not jumpt-to
2019-07-18 12:44:35 -04:00
Joffrey JAFFEUX cb84133855
FIX: bugs preventing to close delete account modal with button (#7904) 2019-07-18 18:16:29 +02:00
Kris 0f1a0b45de UX: Fix profile image upload control spacing on mobile 2019-07-18 11:36:24 -04:00
Joffrey JAFFEUX 95ad4f9077
FEATURE: new date/time components (#7898) 2019-07-18 17:29:41 +02:00
Neil Lalonde 194a2b612f FIX: string that can't be translated in watched words UI 2019-07-18 11:07:02 -04:00
Kris d841bff9f8 remove whitespace from twitter onebox 2019-07-18 09:45:09 -04:00
Roman Rizzi f5c707c97a
FEATURE: Gz to zip for exports (#7889)
* Revert "Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)""

This reverts commit f89bd55576.

* Replace .tar.zip with .zip
2019-07-18 09:34:48 -03:00
Joe c1b58613a2
UX: adds <a> tag with href category box titles (#7901)
This Ensures that category titles in category-boxes can be opened in a new tab.
2019-07-18 19:25:39 +08:00
Gerhard Schlager 7e69c5cc36 Revert "FEATURE: Use configured quotation marks in fancy topic title"
This reverts most of commit ce8e099639.

The rake task to update fancy topic titles is still there, because that's useful even without this feature.
2019-07-18 11:55:49 +02:00
Blake Erickson 092eeb5ca3 FEATURE: Create a rake task for destroying categories
Created a rake task for destroying multiple categories along with any
subcategories and topics the belong to those categories.

Also created a rake task for listing all of your categories.

Refactored existing destroy rake tasks to use new logging method, that
allows for puts output in the console but prevents it from showing in
the specs.
2019-07-17 12:44:14 -06:00
Vinoth Kannan 4f0004a0c2 Fix typo in dc6b13e4d2. 2019-07-17 15:54:42 +05:30
Arpit Jalan d4d81515d2 Fix the build. 2019-07-17 12:03:45 +05:30
Arpit Jalan e4d743910d FIX: respect `logout_redirect` setting on 'Log out all' 2019-07-17 11:58:04 +05:30
Vinoth Kannan dc6b13e4d2 FIX: when 'raw' started with non-image upload url it's not converted to short-url.
dd0f0494c6
2019-07-17 11:13:50 +05:30
Vinoth Kannan dd0f0494c6 FIX: convert hotlinked non-image urls to short url.
3840ace978
2019-07-17 09:15:09 +05:30
Rafael dos Santos Silva 2a0cd066a7 FIX: Remove all service workers from Apple devices *again*
There is a bug that when Safari starts up, and reloads the tabs from
the previous session **and** there is a service worker registered for
the scope of the document, all cookies marked as `SameSite=Lax` won't be
sent in the request.

This puts Discourse in a **very** broken state, where:

- You appear as a anon user
- Subsequent xhr requests will come with logged in data
- Refreshing doesn't log you in (cookies are still not sent)
- Clicking on the address bar and hitting enter, will log you in (as it
will finally send those damn `SameSite=Lax` cookies.

Looks a lot like a corner case missed by the fix at
https://trac.webkit.org/changeset/241918/webkit
2019-07-16 19:30:38 -03:00
Penar Musaraj a571efba35
FIX: Rename deprecated icons, allow custom icons in badges
- adds a migration renaming FA4 icon names in badges
- allows all icons to be used in badges (previously was limited to icons prefixed with fa-)
- renames remaining FA 4.7 icons equivalents
2019-07-16 11:13:44 -04:00
David Taylor ed5b31f427 FIX: Recompile extra_js theme assets when COMPILER_VERSION changes (#7897) 2019-07-16 16:34:33 +02:00
Osama Sayegh eff1c19e3b FIX: Fallback to gzip compression if brotli isn't supported (#7895) 2019-07-16 11:05:37 -03:00
Vinoth Kannan 3840ace978 FIX: skip markdown conversion for hotlinked non image urls 2019-07-16 18:05:17 +05:30
Joffrey JAFFEUX b3eb67976d
DEV: Upgrades to Ember 3.10 (#7871)
Co-Authored-By: majakomel <maja.komel@gmail.com>
2019-07-16 12:45:15 +02:00
David Taylor e2fa5704e9 UX: Remove duplicate copy in two-factor preferences 2019-07-16 10:57:11 +01:00
Régis Hanol 7ecbf3865b UX: use SCSS color variables 2019-07-16 11:53:34 +02:00
Michael Brown e8ee392186 Revert "FIX: apply defaults constraints to routes format (#7890)"
This reverts commit 7d01c5de1a.

Trivial get on / was failing with a 404 with this change.
2019-07-15 17:31:24 -04:00
romanrizzi 12e71f1fb2 UX: Swap ignore and mute sections to move the 'Save changes' button to the bottom 2019-07-15 17:30:01 -03:00
OsamaSayegh 8a525cafec UX: Use height relative to the viewport for robots.txt textarea 2019-07-15 19:35:50 +00:00
Rafael dos Santos Silva b505d1d700 DEV: Force workboxjs debug to false on dev env too 2019-07-15 16:07:49 -03:00
Osama Sayegh 7d01c5de1a
FIX: apply defaults constraints to routes format (#7890)
This fixes the problem where if a route ends with a dynamic segment and the segment contains a period e.g. `my.name`, `name` is interpreted as the format. This applies a default format constraints `/(json|html)/` on all routes. If you'd like a route to have a different format constraints, you can do something like this:

```ruby
get "your-route" => "your_controlller#method", constraints: { format: /(rss|xml)/ }

#or
get "your-route" => "your_controlller#method", constraints: { format: :xml }
```
2019-07-15 21:55:11 +03:00
Osama Sayegh 6515ff19e5
FEATURE: Allow customization of robots.txt (#7884)
* FEATURE: Allow customization of robots.txt

This allows admins to customize/override the content of the robots.txt
file at /admin/customize/robots. That page is not linked to anywhere in
the UI -- admins have to manually type the URL to access that page.

* use Ember.computed.not

* Jeff feedback

* Feedback

* Remove unused import
2019-07-15 20:47:44 +03:00
Penar Musaraj 90e0f1b378 UX: rearrange controls in edit modals
Allows users to see the controls even after scrolling contents of edit modal.
2019-07-15 13:44:44 -04:00
Rafael dos Santos Silva 1221d34284
FEATURE: Make Discourse work offline with WorkboxJS (#7870) 2019-07-15 13:05:55 -03:00
Vinoth Kannan 839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
Bianca Nenciu 8e133de831
FIX: Ensure suppressed categories do not produce any featured topics. (#7863) 2019-07-15 17:32:03 +03:00
Joffrey JAFFEUX ff66e62e0c
UX: ensures popup-tip shows over dropdowns (#7891) 2019-07-15 08:55:20 +02:00
Guo Xiang Tan 4b0cf7f6dd SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:55:50 +08:00
Guo Xiang Tan a4234e9be0 DEV: Minor tweaks to `Admin::WatchedWordsController`. 2019-07-15 10:22:46 +08:00
Gerhard Schlager ce8e099639 FEATURE: Use configured quotation marks in fancy topic title 2019-07-12 21:10:10 +02:00
Gerhard Schlager 8f89254554 FIX: Recalculate settings when dependent settings change 2019-07-12 21:10:10 +02:00