Commit Graph

27182 Commits

Author SHA1 Message Date
Alan Guo Xiang Tan 986060a850
FEATURE: Expand messages filter links when viewing private messages. (#17106) 2022-06-20 11:43:01 +08:00
Joe 2f66eb59c2
DEV: Slightly defer loading Discourse stylesheets (#17078)
This is related to #17063 and is also a pre-request for the splash screen work.

This PR introduces 0 visual or functional changes. It just relocates the stylesheets in the load order.
`.css` stylesheets block the browser render. We need to move those out of the <head> tag.

However, they still need to be loaded before core/plugin/theme rendered HTML to avoid FOUC.
2022-06-20 10:37:28 +08:00
Alan Guo Xiang Tan ef5b504e9a
DEV: Remove ember legacy env conditional in sidebar tests (#17140) 2022-06-20 10:07:06 +08:00
Alan Guo Xiang Tan 222a7755a0
DEV: Rely on route action to open composer. (#17118)
Avoid duplicating composer logic in multiple places.
2022-06-20 10:06:15 +08:00
Penar Musaraj 78fab9b7e1
DEV: Add `before-list-area` plugin outlet (#17136) 2022-06-20 10:05:46 +08:00
Joe 804b8fd9f9
DEV: Defer loading core/plugin/theme JS files (#17063)
This is pre-request work to introduce a splash screen while site assets load.

The only change this commit introduces is that it ensures we add the defer attribute to core/plugin/theme .JS files. This will allow us to insert markup before the browser starts evaluating those scripts later on. It has no visual or functional impact on core.

This will not have any impact on how themes and plugins work. The only exception is themes loading external scripts in the </head> theme field directly via script tags. Everything will work the same but those would need to add the defer attribute if they want to keep the benefits introduced in this PR.
2022-06-20 09:47:37 +08:00
Discourse Translator Bot 7ac485fb9f
FEATURE: Add Croatian language (#17130)
Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
2022-06-18 00:18:22 +02:00
Ghassan Maslamani 84b0a6414d
FIX: double selecting replies (#17086)
When selecting a post and its replies using the "select +replies" button, the action would push all ids, without checking if some were already selected. 

This change add a filter to remove ids that are already selected.

This fixes https://meta.discourse.org/t/selecting-posts-replies-miscounts-the-number-of-posts/229242

Co-authored-by: @ZogStriP
2022-06-17 18:32:57 +02:00
Isaac Janzen 6ad5db80de
DEV: Remove use of run-loop-dot-access (#17114)
Context: https://deprecations.emberjs.com/v3.x/#toc_deprecated-run-loop-and-computed-dot-access
2022-06-17 11:19:14 -05:00
Jarek Radosz a69b914710
FIX: Wizard css was overriding some of core css (#17126)
* Use `var()`
* Remove imports
* Scope all wizard css to `body.wizard`
2022-06-17 17:28:54 +02:00
Isaac Janzen 1ada3a9404
DEV: Remove use of run-loop-and-computed-dot-access (#17113)
Context: https://deprecations.emberjs.com/v3.x/#toc_deprecated-run-loop-and-computed-dot-access
2022-06-17 09:43:13 -05:00
Osama Sayegh b0a896a10f
UX: Skip special paste handling in email-group-user-chooser when maximum is 1 (#17124)
`email-group-user-chooser` currently handles paste events to allow users to paste multiple entries at once instead of entering them one by one. This behavior makes sense when the component is used in scenarios where it makes sense to provide multiple entries such as the recipients field when creating a PM. However, for instances where the component accepts only 1 entry, it doesn't make a lot of sense to do custom handling of paste events.

This commit makes our paste event handler a NOOP when the component is configured to accept only 1 entry in which case pasting will simply input the value into the component's search field.
2022-06-17 16:53:50 +03:00
Jarek Radosz fcb4e5a1a1
DEV: Make wizard an ember addon (#17027)
Co-authored-by: David Taylor <david@taylorhq.com>
2022-06-17 14:50:21 +02:00
Jarek Radosz 79d3b25d97
DEV: Fix various frontend warnings (#17122)
3 computed property overrides and a tippy warning
2022-06-17 13:45:05 +02:00
Jarek Radosz f27f95b2e9
DEV: Don't print uppy warnings in test env (#17121) 2022-06-17 13:44:52 +02:00
David Taylor 6695d148d6
DEV: Cleanup topic thumbnail enqueuing (#17119)
- Ensure only one job is enqueued when there are no extra sizes requested by themes
- Update and un-skip relevant tests
2022-06-17 11:07:32 +01:00
Loïc Guitaut 1166db12b4
FIX: Make watched words uploads work as intended (#17097)
* FIX: Make watched words uploads work as intended

Currently when we upload a file containing watched words, it will always
add the words to the action that was initially selected: this is the
`block` action by default but if changing manually the action in the URL
to `flag` for example, then this action will be selected and uploaded
watched words will be categorised as `flag` no matter what.

The problem lies with how the component works: it’s an Uppy object where
extra data is defined to provide an action key to the server but when
navigating to another listed action, while this action key is properly
updated on the component itself, the underlying Uppy object has already
been created and doesn’t care about the new value.

This patch solves this by using the `_perFileData` method instead of
`data`: the former is merged just before uploading a file whereas the
latter is used when the Uppy object is created.
2022-06-17 11:07:58 +02:00
Alan Guo Xiang Tan f618fdf17f
Revert "DEV: Centralize user updates to a single MessageBus channel. (#17058)" (#17115)
This reverts commit 94c3bbc2d1.

At this current point in time, we do not have enough data on whether
this centralisation is the trade-offs of coupling features into a single
channel.
2022-06-17 12:24:15 +08:00
Penar Musaraj 4c810ca121
FIX: JSON Schema editor layout issue with subarrays (#17112) 2022-06-16 22:33:42 -04:00
Roman Rizzi e5691362df
DEV: add smtp_should_reject to the receive_emails api key scope (#17110) 2022-06-16 13:46:56 -03:00
David Taylor 691afa2593
DEV: Handle emoji-picker and d-editor being destroyed simultaneously (#17109) 2022-06-16 17:16:15 +01:00
David Taylor c00205730e
FIX: Ensure presence endpoints don't break the session (#17108)
Presence endpoints are often called asynchronously at the same time as other request, and never need to modify the session. Skipping ensures that an unneeded cookie rotation doesn't race against another request and cause issues.

This change brings presence in line with message-bus's behaviour.
2022-06-16 14:38:43 +01:00
David Taylor a4fc88ce68
FIX: Ensure emoji is inserted in the correct location (#17107)
In the specific case where you start typing an emoji, then open the full emoji picker, the chosen emoji would be inserted in the wrong place. This was an unintentional side effect of the changes in 75d9c16156

This commit updates the `emojiSelected` logic to avoid mutating the 'selected' object, and also adds a test for this specific behaviour.
2022-06-16 12:16:53 +01:00
Arpit Jalan c39cebc161
PERF: remove server plugin outlet for post (#17105) 2022-06-16 17:21:24 +10:00
Alan Guo Xiang Tan c625dc0adc
FEATURE: Add messages section links to experimental sidebar. (#17096) 2022-06-16 13:33:40 +08:00
Gerhard Schlager 888f50543d
DEV: Fix `javascript:update` rake task (#17098)
* The `javascript:update` rake task failed because recent versions of chart.js use a lowercase filename (`chart.min.js` instead of `Chart.min.js`)

* Changed `loadScript()` to use lowercase keys to lookup scripts

* `svg-arrow.css` seems to have changed slightly (linebreak at the end of file)
2022-06-15 19:49:04 +02:00
Isaac Janzen a7034c5a14
DEV: Update create-account test to be more clear (#17102) 2022-06-15 12:47:47 -05:00
Isaac Janzen bc0a37b642
DEV: @bind create-account actions (#17100)
DEV: @bind create-account actions

Context: https://github.com/discourse/discourse/pull/16983#discussion_r894721403
2022-06-15 12:36:04 -05:00
David Taylor 275849771f
DEV: Emit a 'change' event when PresenceChannel info changes (#17088)
e.g.

```
presenceChannel = this.presence.getChannel('/blah');
presenceChannel.subscribe();
presenceChannel.on('change', (channel) => console.log(channel.users));
```

This commit also does some refactoring to remove the use of an unnecessary EmberObject and dynamic `defineProperty` call
2022-06-15 16:13:44 +01:00
Martin Brennan 4d3c1ceb44
FEATURE: Log the SMTP response in EmailLog (#17056)
When sending emails with delivery_method_options -> return_response
set to true, the SMTP sending code inside Mail will return the SMTP
response when calling deliver! for mail within the app. This commit
ensures that Email::Sender captures this response if it is returned
and stores it against the EmailLog created for the sent email.

A follow up PR will make this visible within the admin email UI.
2022-06-15 10:28:30 +10:00
Krzysztof Kotlarek 63df2b4550
FIX: whisper available when reply to topic (#17054)
When a user is answering a whisper comment, they cannot change from whisper to regular answer.

However, user can click reply to topic. We keep `postSnapshot` so user can change mind and switch back to reply to post. In that case, a toggle whisper button should appear.

To make it happen, I am ensuring to display a toggle whisper button when user is replying to topic - `postLink` attribute is missing.
2022-06-15 09:59:57 +10:00
Jarek Radosz 39f45c701c
DEV: Mark inline styles as safe (#17093)
Fixes many Ember deprecation warnings like:

```
WARNING: Binding style attributes may introduce cross-site scripting vulnerabilities; please ensure that values being bound are properly escaped. For more information, including how to disable this warning, see https://emberjs.com/deprecations/v1.x/#toc_binding-style-attributes. Style affected: "border-color: #33B0B0; --category-color: #33B0B0;"
```
2022-06-15 01:31:21 +02:00
Jarek Radosz 348b6e848f
FIX: NavItem and Composer prop overriding was broken (#17092) 2022-06-14 21:16:33 +02:00
Alan Guo Xiang Tan 4a240f6c90
DEV: First pass at messages section experimental sidebar (#17084) 2022-06-14 15:56:20 +08:00
Alan Guo Xiang Tan e7e23e8d9c
FIX: Remove tags from experimental sidebar on notification level changed (#17083)
As part of this commit, a bug where updating a tag's notification level on the server side does not update the state of the user's tag notification levels on the client side is fixed too.
2022-06-14 15:39:56 +08:00
Alan Guo Xiang Tan 0ae7b43018
PERF: Remove total for time to first response report. (#17082)
The query is very inefficient without any constraints on large sites and
the average of all time to first response since the beginning of time is
not useful as well.
2022-06-14 13:27:48 +10:00
Blake Erickson ae6a907943
SECURITY: banner-info (#17071) 2022-06-13 11:10:21 -06:00
David Taylor 6650218e3d
FIX: Ensure that extract_upload_ids works with all short URLs (#17070)
We do not zero-pad our base62 short URLs, so there is no guarantee that the length is 27. Instead, let's greedily match all consecutive base62 characters and look for a matching upload.

This reverts bd32656157 and 36f5d5eada.
2022-06-13 17:01:27 +01:00
Wolftallemo be556ef17b
FIX: Skip CSRF token check on webhook routes (#16982)
The `WebhookController` inherits directly from `ActionController::Base`. Since Rails 5.2, forgery protection has been enabled by default. When we applied those new defaults in 0403a8633b, it took effect on this controller and broke integrations.

This commit explicitly disables CSRF protection on these webhook routes, and updates the specs so they'll catch this kind of regression in future.
2022-06-13 15:36:45 +01:00
Jarek Radosz 77632d2d36
DEV: Explicitly allow NavItem customization (#17061)
Allow overriding NavItem's title and displayName. Fixes multiple instances of `computed-property.override` warnings in plugins.
2022-06-13 12:46:04 +02:00
Jarek Radosz 8d0c2cd4f8
DEV: Allow disabling composer submit (#17062)
…without overriding the computed property. Will fix warnings in discourse-perspective-api plugin.
2022-06-13 12:45:47 +02:00
Alan Guo Xiang Tan e9a77e7f19
FEATURE: Add new/unread counts to tags section links exp sidebar (#17057) 2022-06-13 14:54:01 +08:00
Alan Guo Xiang Tan 95fa4c5d52
DEV: Ensure topic-tracking-state state change callbacks are cleaned up (#17069) 2022-06-13 14:53:02 +08:00
Alan Guo Xiang Tan 94c3bbc2d1
DEV: Centralize user updates to a single MessageBus channel. (#17058)
Introduces an interface to publish user updates on the server side and
helps to reduce the growing number of subscriptions on the client side.
2022-06-13 14:27:43 +08:00
Jarek Radosz e245839c3c
DEV: Remove old deprecations (#14906) 2022-06-12 21:28:20 +02:00
Jeff Wong d7d9c10c1d FIX: display translated fallback as the group name for custom emoji groups 2022-06-10 11:10:05 -10:00
Jeff Wong 9a656e18e9 DEV: add translation fallback option for i18n
Allow for a default translation string to be returned when a translation cannot
be found.

Useful in contexts where there is a known fallback, such as custom emoji group
strings.
2022-06-10 11:10:05 -10:00
Joffrey JAFFEUX 532935043c
FIX: allows image to be displayed at the right size 2022-06-10 16:28:58 +02:00
Alan Guo Xiang Tan ced9a5ee6d
FEATURE: First pass tags section for experimental sidebar. (#17048)
Counts for the section links will be added in a follow up commit.
2022-06-10 09:49:36 +08:00
David Taylor 75d9c16156
DEV: Remove jquery from textarea-manipulation, improve undo handling (#17050)
This commit removes many uses of `this._$textarea`, and also switches us to use `document.execCommand("insertText")` for the majority of manipulations. This means that the browser undo history will be preserved when doing things like pasting rich html, using bold/italic shortcuts, etc.

These manipulations are already extensively tested. This commit extends a few of the tests to verify the undo behavior.

There are still a few cases (e.g. replacing upload placeholders with true URLs) where we don't necessarily want to bring the composer into focus. In those cases, the old history-breaking behavior remains for now.
2022-06-10 10:42:50 +10:00
David Taylor c054a47d9a
DEV: Add escapeRegExp util (#17051)
This was re-implemented in a number of places - it makes more sense as a utility function.
2022-06-10 10:37:54 +10:00
Isaac Janzen 3ebfde5ea2
DEV: Remove jquery from create-account modal (#16983) 2022-06-09 14:59:33 -05:00
Isaac Janzen 9cd165d6b4
DEV: Add deprecation notice to discourse-common/utils/decorators (#17052) 2022-06-09 13:07:58 -05:00
Isaac Janzen 6ae761604a
FIX: Send quote notifications to correct users when prioritizing full names (#17030) 2022-06-09 11:52:28 -05:00
Penar Musaraj 3f569f1185
A11Y: Add keyboard support for do-not-disturb modal (#17043) 2022-06-09 11:05:01 -04:00
Alan Guo Xiang Tan 946f8a65fd
FEATURE: Display new/unread count for tracked categories in exp sidebar (#17046) 2022-06-09 13:43:17 +08:00
Alan Guo Xiang Tan cd8c97debc
FEATURE: Add section links to categories section to exp sidebar (#17035)
This commit adds a section link to the categories section for each
category that is tracked by the user in the experimental sidebar.
2022-06-09 11:14:01 +08:00
Alan Guo Xiang Tan 03f674070a
DEV: Remove flaky acceptance test (#17045)
The test was un-skipped in 6f25f17360 but
has since been flaky again. Removing the test completely as it has
resulted in more pain for us than the value the test provides.
2022-06-09 09:56:05 +08:00
Bianca Nenciu 9db8f00b3d
FEATURE: Create upload_references table (#16146)
This table holds associations between uploads and other models. This can be used to prevent removing uploads that are still in use.

* DEV: Create upload_references
* DEV: Use UploadReference instead of PostUpload
* DEV: Use UploadReference for SiteSetting
* DEV: Use UploadReference for Badge
* DEV: Use UploadReference for Category
* DEV: Use UploadReference for CustomEmoji
* DEV: Use UploadReference for Group
* DEV: Use UploadReference for ThemeField
* DEV: Use UploadReference for ThemeSetting
* DEV: Use UploadReference for User
* DEV: Use UploadReference for UserAvatar
* DEV: Use UploadReference for UserExport
* DEV: Use UploadReference for UserProfile
* DEV: Add method to extract uploads from raw text
* DEV: Use UploadReference for Draft
* DEV: Use UploadReference for ReviewableQueuedPost
* DEV: Use UploadReference for UserProfile's bio_raw
* DEV: Do not copy user uploads to upload references
* DEV: Copy post uploads again after deploy
* DEV: Use created_at and updated_at from uploads table
* FIX: Check if upload site setting is empty
* DEV: Copy user uploads to upload references
* DEV: Make upload extraction less strict
2022-06-09 09:24:30 +10:00
tshenry 7fc11327b7
COPY: Use main instead of master for theme installation modal (#17044)
GitHub now uses main as the default branch so it makes sense to update the placeholder in the theme installation modal to use main instead of master.
2022-06-08 11:32:54 -07:00
Penar Musaraj fd2dbdccdc
A11Y: Keyboard access for `/u` table headings (#17041) 2022-06-08 13:54:31 -04:00
Arpit Jalan 4bc2d54685
DEV: include `time_left` information in rate limiting error messages (#17037) 2022-06-08 14:30:41 +05:30
Blake Erickson 3941bad075
DEV: Remove this chained user scope (#17029)
This reverts one of the changes introduced just now in:

27d7b0c6de

I don't think we need this `activated_not_suspended_not_staged` scope
because we can just compose it ourselves via method chaining like
`User.activated.not_suspended.not_staged`.
2022-06-07 15:21:42 -06:00
Blake Erickson 27d7b0c6de
DEV: Add new user scopes (#17026)
Adds two new user scopes:

- `not_staged`
- `activated_not_suspended_not_staged`

This will allow us to easily grab activated users that are not suspended
or staged.

See this PR feedback:

https://github.com/discourse/discourse-chat/pull/913#discussion_r890692266
2022-06-07 12:58:58 -06:00
Isaac Janzen de1153286d
DEV: Remove reply_as_new_topic from PM composer actions (#17023) 2022-06-07 11:06:42 -05:00
Penar Musaraj 86ab82f057
UX: Remove limit for emoji search in composer (#17014) 2022-06-07 12:00:52 -04:00
Penar Musaraj 4be67ef9a7
UX: Larger images in mobile emoji picker (#17013) 2022-06-07 12:00:09 -04:00
David Taylor 5238f6788c
FEATURE: Allow hotlinked media to be blocked (#16940)
This commit introduces a new site setting: `block_hotlinked_media`. When enabled, all attempts to hotlink media (images, videos, and audio) will fail, and be replaced with a linked placeholder. Exceptions to the rule can be added via `block_hotlinked_media_exceptions`.

`download_remote_image_to_local` can be used alongside this feature. In that case, hotlinked images will be blocked immediately when the post is created, but will then be replaced with the downloaded version a few seconds later.

This implementation is purely server-side, and does not impact the composer preview.

Technically, there are two stages to this feature:

1. `PrettyText.sanitize_hotlinked_media` is called during `PrettyText.cook`, and whenever new images are introduced by Onebox. It will iterate over all src/srcset attributes in the post HTML and check if they're allowed. If not, the attributes will be removed and replaced with a `data-blocked-hotlinked-src(set)` attribute

2. In the `CookedPostProcessor`, we iterate over all `data-blocked-hotlinked-src(set)` attributes and check whether we have a downloaded version of the media. If yes, we update the src to use the downloaded version. If not, the entire media element is replaced with a placeholder. The placeholder is labelled 'external media', and is a link to the offsite media.
2022-06-07 15:23:04 +01:00
Joe 98671445a7
UX: hide select-kits when the parent element is outside the viewport
If the select-kit header is not in the viewport (scrolled out of view), popper adds a data-popper-reference-hidden attribute.

This PR adds the recommended styles to "hide" the select-kit body when that happens. See

https://popper.js.org/docs/v2/modifiers/hide/
2022-06-07 16:57:10 +08:00
Alan Guo Xiang Tan 7da074d591
DEV: Implement "My Posts" section link for experimental sidebar (#17008) 2022-06-07 10:52:54 +08:00
Isaac Janzen 49415de3fa
DEV: Remove reply_as_private_message from composer (#16979)
* Remove 'New Message' option from composer dropdown
* Update Acceptance Tests
2022-06-06 15:10:34 -05:00
Blake Erickson 35e17ce115
FIX: Email Send post has already been taken error (#16992)
* FIX: Email Send post has already been taken error

Adding a failing test first before coming up with a good solution.

Related: 357011eb3b

The above commit changed

```
PostReplyKey.find_or_create_by_safe!
```

to

```
PostReplyKey.create_or_find_by!
```

But I don't think it is working as a 1-1 replacement because of the
`Validation failed: Post has already been taken` error we are receiving
with this change. Also we need to make sure we don't re-introduce any
concurrency issues.

Reported: https://meta.discourse.org/t/224706/13

* Remove rails unique constraint and rely on db index

I believe this is what is causing `create_or_find_by!` to fail. Because
we have a unique constraint in the db I think we can remove this rails
unique constraint?

* clean up spec wording
2022-06-06 13:13:26 -06:00
Jarek Radosz 79f5a7750c
DEV: Remove unused wizard code (#17016)
`theme-preview` component and `colorsId`/`fontId` usage.
2022-06-06 21:01:47 +02:00
Jarek Radosz 54e42b124a
FIX: Restore automatic style preview in wizard (#17015)
Updating the homepage/style preview regressed in #16994.
2022-06-06 21:01:34 +02:00
Joe 5109ea0cf1
UX: don't tether popper to the viewport if reference is out of the viewport (#17012)
followup to 

https://github.com/discourse/discourse/pull/16504

Internal

`/t/64811`

public

`/t/228953`
2022-06-06 22:20:29 +08:00
Penar Musaraj 370df7ccb4
DEV: Dejquerify marking FAQ as read (#17001) 2022-06-06 08:27:10 -04:00
Penar Musaraj 210d9c2b8f
DEV: De-jQuerify is-element-in-viewport (#17000) 2022-06-06 08:26:49 -04:00
Jarek Radosz 0a2eb7e2f4
DEV: Add choices only to relevant wizard fields (#16993) 2022-06-06 15:22:44 +08:00
Alan Guo Xiang Tan 9f08a3b160
FIX: DiscourseConnect login did not auto approve based on email domain (#17006)
This commit resolves a bug where users are not auto approved based on
`SiteSetting.auto_approve_email_domains` when
`SiteSetting.must_approve_users` has been enabled.
2022-06-06 15:16:01 +08:00
Joffrey JAFFEUX 42683d4874
FIX: ensures composer is not pre-filled with none/all tags (#16998) 2022-06-05 16:58:38 +02:00
Jarek Radosz 8a58ce6578
DEV: Use `@action` decorator in wizard (#16996) 2022-06-04 19:19:49 +02:00
Jarek Radosz f4b9d4e285
FIX: Don't throw errors on wizard dropdowns (#16994) 2022-06-04 18:04:00 +02:00
Joffrey JAFFEUX 17227e9e53
DEV: under specific conditions (like tests) presenceState can be null (#16990) 2022-06-03 20:59:30 +02:00
Isaac Janzen f8d2da2fa0
DEV: Remove jquery from invite-panel (#16989) 2022-06-03 11:30:44 -05:00
Alan Guo Xiang Tan 3b3f60218e
DEV: Display new/unread count for tracked link in sidebar (#16957) 2022-06-03 15:48:35 +08:00
Alan Guo Xiang Tan 0fa0094531
FIX: Approves user when redeeming an invite for invites only sites (#16984)
When a site has `SiteSetting.invite_only` enabled, we create a
`ReviewableUser`record when activating a user if the user is not
approved. Therefore, we need to approve the user when redeeming an
invite.

There are some uncertainties surrounding why a `ReviewableRecord` is
created for a user in an invites only site but this commit does not seek
to address that.

Follow-up to 7c4e2d33fa
2022-06-03 11:43:52 +08:00
Martin Brennan f94682e2c4
FIX: Do not use SVGs for twitter:image metadata (#16973)
Twitter does not allow SVGs to be used for twitter:image
metadata (see https://developer.twitter.com/en/docs/twitter-for-websites/cards/overview/markup)
so we should fall back to the site logo if the image option
provided to `crawlable_meta_data` or SiteSetting.site_twitter_summary_large_image_url
is an SVG, and do not add the meta tag for twitter:image at all
if the site logo is an SVG.
2022-06-03 09:02:57 +10:00
Isaac Janzen f5e4df1b0e
DEV: Remove jquery from themes list (#16980) 2022-06-02 16:01:24 -05:00
Isaac Janzen 91f00ecf5a
DEV: Remove jquery from group list (#16981) 2022-06-02 16:01:07 -05:00
Vinoth Kannan 951b3016a4
FIX: keep composer draft when go back and forth between PM and New Topic. (#16978)
Previously, draft get destroyed accidentally when we switch to PM with the below steps
1. Click “New Topic”
2. Type in the body
3. Switch to “New Message”
4. Click “cancel”
2022-06-02 23:36:34 +05:30
Kris 8e75f8c371
DEV: quick-access-panel setting for viewAllLabel (#16977) 2022-06-02 10:13:41 -04:00
Gerhard Schlager 7c4e2d33fa
SECURITY: Remove auto approval when redeeming an invite (#16974)
This security fix affects sites which have `SiteSetting.must_approve_users`
enabled. There are intentional and unintentional cases where invited
users can be auto approved and are deemed to have skipped the staff approval process.
Instead of trying to reason about when auto-approval should happen, we have decided that
enabling the `must_approve_users` setting going forward will just mean that all new users
must be explicitly approved by a staff user in the review queue. The only case where users are auto
approved is when the `auto_approve_email_domains` site setting is used.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-06-02 16:10:48 +02:00
Jeff Wong 2dd09b4b6a
DEV: allow plugins to override max file size for avatar downloads (#16970) 2022-06-01 17:12:06 -07:00
Andrei Prigorshnev 0bbbd8371e
DEV: emoji picker - make it possible to choose picker's placement and add a dedicated class for an anchor (#16969) 2022-06-01 22:24:23 +04:00
Kris e579e9e61c
DEV: add class name to nav-bar nav items (#16968) 2022-06-01 14:18:47 -04:00
David Taylor 333c58dd05
FIX: Harmonise category body class generation on server/client (#16967)
The server-side implementation had unintentionally changed to include `-{id}` at the end of the body class name. This change meant that the JS client was unaware of the class, and didn't remove it when navigating away from the category page.

This commit fixes the server-side implementation to match the client
2022-06-01 18:18:20 +01:00
Johannes Faigle 7a223331d1
FIX: Show suspended by user (#16927)
- Show "suspended by" user
- Add specs for silence user
2022-06-01 14:54:23 +02:00
Vinoth Kannan cd0f912159
FIX: Make f query param sticky when navigating between nav items (#16714)
Also, hides categories navigation link when f query param is present.
2022-06-01 16:13:15 +08:00
Alan Guo Xiang Tan 1e9f132b15
FIX: Topic list nav items count not respecting tracked filter. (#16935)
This commit seeks to only handle the `f=tracked` and `filter=tracked`
query params for a topic list. There are other "hidden" filters for a
topic list which can be activated by passing the right query param to
the request. However, they are hidden because there is no way to
activate those filters via the UI. We are handling the `f=tracked`
filter because we will soon be adding a link that allows a user to
quickly view their tracked topics.
2022-06-01 14:54:42 +08:00
Jean 098bea19de
FIX: change event target on select kit row (#16960) 2022-06-01 14:49:04 +08:00
Sam 7b4e338c0e
FIX: fallback to default push notification icon if none exists (#16961)
Due to some changes we started notifying via push notifications on other
families of notifications. There are a total of about 30 or so possible
notification you could get, some can be pushed.

This fallback means that if for any reason we are unable to find an icon
for a push notification we just fallback to the Discourse logo.

Also go with a simple reply icon for watching first post.

Note, that in production `image_url` can return an exception if an image is
missing. This is not the case in test / development.
2022-06-01 12:00:05 +10:00
Sam bc8f651501
FIX: do not looks for plugin test js in production (#16962)
Previous to this fix, in production we were getting 500 errors from
bootstrap.json cause script_asset_path can not find plugin-tests

Opted for the simplest fix that is omitting the files in production
2022-06-01 10:49:53 +10:00
Jean 9ac85d6163
DEV: add request data to the before_session_destroy event (#16905) 2022-05-31 18:18:56 -04:00
Jarek Radosz 4f423fa548
PERF: Improve to-markdown speed, update the code (#16939)
## `to-markdown` function performance improvement

### Small example

```html
<span>test</span>
```

Before: 63 `Tag` objects created; 4,090 ops/sec ±2.77%
After: 1 `Tag` object created; 151,707 ops/sec ±2.64%

### Large example

```html
<div>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>

  <aside class="quote no-group">
    <blockquote>
      <aside class="quote no-group">
        <blockquote>
          <p dir="ltr">test</p>
        </blockquote>
      </aside>
      <p dir="ltr">test2</p>
    </blockquote>
  </aside>

  <div>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
  </div>
</div>
```

Before: 2394 `Tag` objects created; 179 ops/sec ±2.35%
After: 38 `Tag` objects created; 4,346 ops/sec ±2.62%

### Note

discourse-spoiler-alert ~~needs~~ (needed) to be updated as it modifies to-markdown code.

### Included commits

* DEV: Minor code transforms
* PERF: Don't create unnecessary Tag instances
* DEV: Remove a now obsolete constructor argument
* DEV: Rename constant
* DEV: Use built-in functions, string interpolation
* DEV: De-jQuerify
2022-05-31 13:17:08 +02:00
Jarek Radosz 711cd7c85d
DEV: Add to-markdown decorator functions (#16943)
To be used in discourse-spoiler-alert
2022-05-31 11:06:41 +02:00
Chapoi 69bab5e5a0
UX: update chat menu popover styling (#16955) 2022-05-31 09:51:50 +02:00
Sam 020c77440e
FEATURE: allow for overlapping DiscourseConnect secrets per domain (#16915)
Previously we limited Discourse Connect provider to 1 secret per domain.

This made it pretty awkward to cycle secrets in environments where config
takes time to propagate

This change allows for the same domain to have multiple secrets

Also fixes internal implementation on DiscourseConnectProvider which was
not thread safe as it leaned on class variables to ferry data around

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2022-05-31 15:24:04 +10:00
Alan Guo Xiang Tan 30bd1dcefd
DEV: More efficiently trigger topic tracking state on state change (#16952)
* When loading topics in bulk, only trigger state change callbacks after
all the topics have been loaded and we determine that state has actually
changed.

* State change callbacks are also only triggered when state has changed.

The use of JSON.stringify might raise some performance concerns here as this is a
performance sensitive codepath. However, I measured the time for each
`_setState` function call locally, by wrapping the function call with
`performance.now()`, and did not see any significant overhead.
2022-05-31 10:20:55 +08:00
Andrei Prigorshnev c5c9b2eced
DEV: do not trigger the user-status:changed event twice (#16954) 2022-05-30 19:23:21 +04:00
Andrei Prigorshnev 943cae82da
FEATURE: propagate user status via message bus (#16944) 2022-05-30 13:41:53 +04:00
Andrei Prigorshnev 46302f0d40
DEV: Avoid unnecessary sendWidgetAction function call (#16941) 2022-05-30 13:06:51 +04:00
Martin Brennan 662c713347
FEATURE: Highlight None option by default for bookmarks (#16949)
Since the default for the bookmark modal is to have no
reminder if you create a bookmark by clicking out of
the modal or pressing the Save button, this commit highlights
None by default.

Also changes the bookmark component to not use @on for Ember
lifecycle, we don't use that style
2022-05-30 11:56:06 +10:00
Martin Brennan e8ca927b12
FIX: Add bookmark quick access tests and fix username (#16934)
The commit fcc2e7ebbf to promote
polymorphic bookmarks did not correctly set the username for
the quick access bookmark menu based on the new serializer
values, so the username is not being shown in the bookmark
quick access menu. This commit fixes it, and also adds additional
tests for that menu and updates the user fixtures to reflect
the current state of the bookmarks endpoint.
2022-05-30 10:00:05 +10:00
Jarek Radosz d065ec0f7b
FIX: Correctly handle nested quotes in to-markdown (#16938)
Given this html:

```
<aside class="quote no-group">
  <blockquote>
    <aside class="quote no-group">
      <blockquote>
        <p dir="ltr">test</p>
      </blockquote>
    </aside>
    <p dir="ltr">test2</p>
  </blockquote>
</aside>
```

The result was an invalid markdown:

```
[quote]
[quote]
> test
> [/quote]
>
>
>
> test2
[/quote]
```

Now the result is:

```
[quote]
[quote]
test
[/quote]

test2
[/quote]
```
2022-05-27 22:05:43 +02:00
Andrei Prigorshnev 25e4095c9c
FIX: respect user timezone in emails about silencing and suspending (#16918) 2022-05-27 13:58:54 +04:00
Joffrey JAFFEUX 0c590963c3
FIX: changing date should recompute input (#16937)
This also fixes the time part being lost when changing the date.
2022-05-27 11:57:09 +02:00
David Taylor 80bd971420
UX: Show message if rebake fails (#16925)
Previously, errors would only be displayed in the developer console.
2022-05-27 10:39:29 +01:00
David Taylor 8fe3934856
UX: Make YouTube playlist onebox full width to match video onebox (#16936) 2022-05-27 10:39:12 +01:00
Andrei Prigorshnev 5c596273a0
FEATURE: user status (#16875) 2022-05-27 13:15:14 +04:00
Martin Brennan ac59168dde
FIX: Incorrect URL for bookmark quick action menu (#16932)
The bookmarkable_type instead of the bookmarkable_url
was being used for the link to the bookmark for the quick
access menu, leading to links like /ChatMessage. This
fixes the issue, follow up PR with tests for the quick
access menu to follow.
2022-05-27 14:33:24 +10:00
David Taylor b850c12793
PERF: Lazily lookup emoji-picker selected-diversity (#16917)
Looking up values from the `emojiStore` calls out to the browser's localStorage API and then decodes a JSON blob. This makes it relatively slow.

Previously we were doing this lookup in the emoji-picker's `init()` function, even if `isActive` was false. If many inactive emoji pickers are rendered simultaneously (e.g. for discourse-chat reactions), this performance hit quickly adds up.

This commit updates the service to notify about changes, and uses a computed property to provide a cached value in the emoji-picker.
2022-05-26 12:37:09 +01:00
Alan Guo Xiang Tan 037436047d
DEV: Allow a simplier way to register a link under sidebar topics section (#16916) 2022-05-26 09:01:37 +08:00
Martin Brennan 641c4e0b7a
FEATURE: Make S3 presigned GET URL expiry configurable (#16912)
Previously we hardcoded the DOWNLOAD_URL_EXPIRES_AFTER_SECONDS const
inside S3Helper to be 5 minutes (300 seconds). For various reasons,
some hosted sites may need this to be longer for other integrations.

The maximum expiry time for presigned URLs is 1 week (which is
604800 seconds), so that has been added as a validation on the
setting as well. The setting is hidden because 99% of the time
it should not be changed.
2022-05-26 09:53:01 +10:00
Sérgio Saquetim 102e3a8cf2
DEV: Add hook for plugins modify how slugs are computed (#16907)
Allows plugins to hook into and change how topic slugs are computed.
2022-05-25 19:05:06 -03:00
Bianca Nenciu 7328a2bfb0
FIX: Apply censored words to inline onebox (#16873)
Censored watched words were not censored inside the title of an inline
oneboxes. Malicious users could exploit this behaviour to insert bad
words. The same issue has been fixed for regular Oneboxes in commit
d184fe59ca.
2022-05-25 14:51:47 +03:00
Alan Guo Xiang Tan f589d05cf9
DEV: Plugin API for plugins to add links to sidebar topics section (#16732) 2022-05-25 15:54:32 +08:00
Alan Guo Xiang Tan 072faa08bb DEV: Reenable wizard test after fixing auto start for wizard qunit tests
`run-qunit.js` does not expect QUnit tests to start automatically but
our wizard QUnit setup did not respect the `qunit_disable_auto_start`
URL param. Hence, tests would start running automatically and when a
subsequent `QUnit.start()` function call is made, we ended up getting a
`QUnit.start cannot be called inside a test context.` error.

This error can be consistently reproduced in the `discourse:discourse_test` container but not in
the local development environment. I do not know why and did not feel
like it is important at this point in time to know why.
2022-05-25 15:12:27 +08:00
Penar Musaraj ebdfc536dd
Revert "FEATURE: Include participants in PN search data (#16855)" (#16904)
This reverts commit 71c74a262d.
2022-05-25 15:08:36 +10:00
Alan Guo Xiang Tan 0b8177de54
DEV: Remove unnecessary logic in TopicTrackingState on the client side (#16900)
There is no need for the extra protection on the client side if there is
a bug on the server side. In fact, we want the bug to be surfaced so
that it can be fixed on the server side.
2022-05-25 11:28:57 +08:00
Martin Brennan 0d16d77401
DEV: Allow for null bookmark in bookmark-icon (#16909)
Sometimes we need to render the icon as a call to action
to create a bookmark at which point the bookmark does
not yet exist, so we need to just show the normal bookmark
icon and a create title.

Also adds a CSS class for the bookmark existing and not existing
for styling.
2022-05-25 13:22:59 +10:00
Martin Brennan 583704f603
FIX: Improve bookmark-icon title (#16908)
This improves the bookmark-icon title to be more like the
post bookmark icons, to include the special formatted date
as well as the name of the bookmark.
2022-05-25 11:32:42 +10:00
Penar Musaraj 8222810099
FIX: Limits for PM and group header search (#16887)
When searching for PMs or PMs in a group inbox, results in the header search were not being limited to 5 with a "More" link to the full page search. This PR fixes that.

It also simplifies the logic and updates the search API docs to include recently added `in:messages` and `group_messages:groupname` options.
2022-05-24 11:31:24 -04:00
David Taylor 19f583c449
FIX: Skip pulling hotlinked images for nil user bio (#16901) 2022-05-24 11:52:13 +01:00
Martin Brennan a5779a7d0b
DEV: Bookmark cleanup (#16899)
Gets rid of old bookmark app event and deletes anything
leftover from polymorphic bookmark changeover.
2022-05-24 13:52:42 +10:00
Martin Brennan 3f79b1c0f3
DEV: Ignore post_id and for_topic for bookmarks (#16898)
Since fcc2e7ebbf we
no longer use these columns, will delete in a few
months.
2022-05-24 13:52:34 +10:00
Alan Guo Xiang Tan 6edf101d5f
DEV: Minor improvements to WordWatcher (#16735)
Follow-up to fd1dc91eed
2022-05-24 10:23:54 +08:00
Martin Brennan 1ee973e6e2
DEV: Add save_user_preferences option to BookmarkManager (#16894)
When saving / creating bookmarks, we have code to save
the user's preference of bookmark_auto_delete_preference
to their user_options.

Unfortunately this can cause weirdness when plugins
have code using BookmarkManager to set the auto delete preference for
only a specific bookmark.

This commit introduces a save_user_preferences option (false
by default) so that this user preference is not saved unless
specified by the consumer of BookmarkManager, so plugins will
not have to worry about it.
2022-05-24 11:13:21 +10:00
Andrei Prigorshnev 28573b504f
UX: align the trash button on the bookmark modal (#16884) 2022-05-23 18:51:01 +04:00
David Taylor bf6f8299a7 FEATURE: Pull hotlinked images immediately after posting
Previously, with the default `editing_grace_period`, hotlinked images were pulled 5 minutes after a post is created. This delay was added to reduce the chance of automated edits clashing with user edits.

This commit refactors things so that we can pull hotlinked images immediately. URLs are immediately updated in the post's `cooked` HTML. The post's raw markdown is updated later, after the `editing_grace_period`.

This involves a number of behind-the-scenes changes including:

- Schedule Jobs::PullHotlinkedImages immediately after Jobs::ProcessPost. Move scheduling to after the `update_column` call to avoid race conditions

- Move raw changes into a separate job, which is delayed until after the ninja-edit window

- Move disable_if_low_on_disk_space logic into the `pull_hotlinked_images` job

- Move raw-parsing/replacing logic into `InlineUpload` so it can be easily be shared between `UpdateHotlinkedRaw` and `PullUserProfileHotlinkedImages`
2022-05-23 14:28:02 +01:00
David Taylor 0baabafa9d DEV: Map already-downloaded hotlinked images in post_process_cooked
Previously this mapping of **cooked** images was only being run for oneboxes. Now it runs for all images, so we can transform hotlinked images without needing to immediately update `raw`
2022-05-23 14:28:02 +01:00
Gerhard Schlager eef17318c3
FIX: Applying default user options didn't work for boolean flags (#16890)
It also ensures that only human users are updated and replaces usage of `send` with `public_send`. Also, it adds more specs for existing code.
2022-05-23 15:20:51 +02:00
Martin Brennan a03ae9b323
DEV: Add bookmark-icon component (#16893)
This component will be useful for chat, and also moves
the definition of the icon for with and without reminders
to the bookmark model as consts, so they can easily be
referenced in other places.
2022-05-23 15:01:44 +10:00
Gerhard Schlager 1e1b85c214
FIX: Site setting changes for boolean should be logged as true/false (#16888)
Previously true/false sometimes was logged as t or f
2022-05-23 11:23:10 +08:00
Gerhard Schlager 049f6e58c8
REFACTOR: Remove duplicate code in `SiteSettingsController` (#16889) 2022-05-23 11:21:45 +08:00
Martin Brennan faf5b4d3e9
PERF: Speed up secure media and ACL sync rake tasks (#16849)
Incorporates learnings from /t/64227:

* Changes the code to set access control posts in the rake
  task to be an efficient UPDATE SQL query.
  The original version was timing out with 312017 post uploads,
  the new query took ~3s to run.
* Changes the code to mark uploads as secure/not secure in
  the rake task to be an efficient UPDATE SQL query rather than
  using UploadSecurity. This took a very long time previously,
  and now takes only a few seconds.
* Spread out ACL syncing for uploads into jobs with batches of
  100 uploads at a time, so they can be parallelized instead
  of having to wait ~1.25 seconds for each ACL to be changed
  in S3 serially.

One issue that still remains is post rebaking. Doing this serially
is painfully slow. We have a way to do this in sidekiq via PeriodicalUpdates
but this is limited by max_old_rebakes_per_15_minutes. It would
be better to fan this rebaking out into jobs like we did for the
ACL sync, but that should be done in another PR.
2022-05-23 13:14:11 +10:00
Martin Brennan fcc2e7ebbf
FEATURE: Promote polymorphic bookmarks to default and migrate (#16729)
This commit migrates all bookmarks to be polymorphic (using the
bookmarkable_id and bookmarkable_type) columns. It also deletes
all the old code guarded behind the use_polymorphic_bookmarks setting
and changes that setting to true for all sites and by default for
the sake of plugins.

No data is deleted in the migrations, the old post_id and for_topic
columns for bookmarks will be dropped later on.
2022-05-23 10:07:15 +10:00
Johannes Faigle bf987af3ca
FEATURE Add reset bump dates bulk action (#16885) 2022-05-22 12:32:55 -04:00
Jordan Vidrine 20d1f90edf
FIX: Refactor placement of plugin outlet & index use (#16874) 2022-05-20 11:03:47 -05:00
David Taylor a8163a5c0c
DEV: Add comment about `UserController#cards` route (#16882)
This is unusual because it is not used directly by any core UI. It was added for theme components.
2022-05-20 13:03:00 +01:00
Arpit Jalan 578955dcc9
DEV: allow running plugin tests for server_plugin_outlet (#16883)
This commit allows us to run plugin tests for `server_plugin_outlet`
method.
2022-05-20 17:14:55 +05:30