Commit Graph

29403 Commits

Author SHA1 Message Date
Kris 3e826a67d1
A11Y: add aria-label to header notification counts (#20231) 2023-02-10 13:11:20 -05:00
Penar Musaraj 827df072a6
DEV: Fix a flakey test (#20241)
The `Composer - current time` test would sometimes fail due to a
1-second difference. We don't really need per-second fidelity here, the
key thing this needs to test is that the shortcut works and adds today's
date. I have updated the test to reflect that.
2023-02-10 11:37:11 -05:00
chapoi 47abe61994
UX: add flex alignment for form actions (#20240) 2023-02-10 07:35:18 -06:00
Krzysztof Kotlarek cbd021db15
FIX: add index to sidebar_section_link (#20234)
Index on linkable_type and linkable_id should increase performance of this subquery https://github.com/discourse/discourse/blob/main/app/services/sidebar_site_settings_backfiller.rb#L86

Also, distinct is removing duplicates which are unnecessary.
2023-02-10 11:14:22 +11:00
Keegan George 6338287e89
UX: Easily toggle badges in admin badge list (#20225) 2023-02-09 11:36:27 -08:00
Penar Musaraj 58123e8089
Revert "UX: flex horizontal form controls (#20098)" (#20228)
This reverts commit 15b546978f.
2023-02-09 12:35:15 -05:00
David Taylor 25fabccd59
DEV: Enable parallel babel processing in ember-cli (#20215)
Ember CLI will automatically run babel transformations in parallel when the config is 'serializable', and can therefore be applied in multiple processes automatically. If any plugin is defined in an unserializable way, parallelisation will be disabled.

Our discourse-widget-hbs transformer was causing parallelisation to be disabled. This commit fixes that, and also enables the throwUnlessParallelizable flag so that we catch this kind of issue more easily in future.

This commit also refactors our deprecation silencing system into its own file, and uses a fake babel plugin to ensure deprecations are silenced in babel worker processes.

In our GitHub CI jobs, this doubles the speed of ember builds (1m30s -> 45s). It should also improve production deploy times, and cold-start dev builds.
2023-02-09 16:24:24 +00:00
David Taylor db42917563
DEV: Resolve user_option deprecations (#20192) 2023-02-09 16:05:42 +00:00
dependabot[bot] a8b145547e
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#20153)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.14 to 7.20.15.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.15/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-09 14:51:03 +00:00
Aleksey Bogdanov e216a98f74
FIX: stop youtube autoplay on scrollups (#19951)
When a user pauses a youtube video and scrolls up high enough to load
new posts, the video either rewinds or restarts depending on the browser.
The problem is solved by patching virtual-dom to handle element prepends
without reordering old elements.

Long-term, Discourse intends to move away from the vdom/widget implementation, so this is intended as a short-term solution. More context at https://meta.discourse.org/t/57692

Co-authored-by: David Taylor <david@taylorhq.com>
2023-02-09 10:46:10 +00:00
Krzysztof Kotlarek f1a52db0a0
Revert "FIX: IconPicker option to display only available icons (#20226)" (#20227)
This reverts commit fc166258d3.
2023-02-09 15:20:34 +11:00
Krzysztof Kotlarek fc166258d3
FIX: IconPicker option to display only available icons (#20226)
Not all icons are shipped by default. Sidebar section icon picker should only display available icons.
2023-02-09 14:20:04 +11:00
Penar Musaraj a0ea17faea
FEATURE: Add shortcut to insert current time in composer (#20216)
Hitting `Ctrl+Shift+.` on Windows and `Command+Shift+.` on Mac will insert the current time in the composer.
2023-02-08 21:38:23 -05:00
Kris beee9623ec
UX: improve layout of keyboard shortcut modal (#20220) 2023-02-08 16:39:32 -05:00
Keegan George 871607a420
DEV: Create form templates (#20189) 2023-02-08 11:21:39 -08:00
Isaac Janzen 7622dbcebf
DEV: Add global glimmer-topic-timeline site setting (#20203)
Remove the per user groups based site setting in favor of a global site setting as we want to roll the glimmer topic timeline out to anon users as well as site users.

- Add `enable_experimental_topic_timeline` site setting
- Remove `enable_experimental_topic_timeline_groups` site setting
2023-02-08 12:02:24 -06:00
Isaac Janzen 96c1fad2fe
UX: Fix `timeline-handle` positioning (#20217)
Positioning of the timeline handle was slightly off on the glimmer-topic-timeline

# Before
<img width="451" alt="Screenshot 2023-02-08 at 11 30 18 AM" src="https://user-images.githubusercontent.com/50783505/217606919-2f07b69f-4820-4b72-805b-ed28b34c79dc.png">


# After
<img width="447" alt="Screenshot 2023-02-08 at 11 29 53 AM" src="https://user-images.githubusercontent.com/50783505/217606811-977f52df-6070-4127-80c1-27c97174a9a7.png">
2023-02-08 12:01:14 -06:00
Régis Hanol 7eb6223b04
FIX: return valid JSON when a post in enqueued (#20214)
When a post is created using the API and goes into the review queue, we
would return a 'null' string in the response which isn't valid JSON.

Internal ref: /t/92419

Co-authored-by: Leonardo Mosquera <ldmosquera@gmail.com>
2023-02-08 14:27:26 +01:00
Krzysztof Kotlarek 7332873051
FIX: hide add section button (#20208)
Custom section feature is currently hidden behind feature flag - https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/app/components/sidebar/user/sections.hbs#L3

In last PR, add section button was moved to footer. It should be hidden as well.
2023-02-08 13:08:05 +11:00
Krzysztof Kotlarek 6e1f3e0023
FIX: improvements for user custom sections (#20190)
Improvements for this PR: https://github.com/discourse/discourse/pull/20057

What was fixed:
- [x] Use ember transitions instead of full reload
- [x] Link was inaccurately kept active
- [x] "+ save" renamed to just "save"
- [x] Render emojis in link name
- [x] UI to set icon
- [x] Delete link is trash icon instead of "x"
- [x] Add another link to on the left and rewording
- [x] Raname "link name" -> "name", "points to" ->  link
- [x] Add limits to fields
- [x] Move add section button to the bottom
2023-02-08 11:45:34 +11:00
Keegan George b677bb6f24
DEV: Add `yaml` support to `<AceEditor />` (#20198) 2023-02-07 12:49:12 -08:00
Kris 67ef46894f
UX: allow tags to wrap under categories on mobile (#20187) 2023-02-07 13:44:07 -05:00
Sérgio Saquetim 5d32db76dd
DEV: Added .only_deleted scope in the Trashable module (#20196) 2023-02-07 15:28:59 -03:00
Rafael dos Santos Silva 6e522e4aad
DEV: Move to Sass compilation to dart-sass (#19910)
This PR is a major change to Sass compilation in Discourse.

The new version of sass-ruby moves to dart-sass putting we back on the supported version of Sass. It does so while keeping compatibility with the existing method signatures, so minimal change is needed in Discourse for this change.

This moves us

From:
  - sassc 2.0.1 (Feb 2019)
  - libsass 3.5.2 (May 2018)

To:
  - dart-sass 1.58

This update applies the following breaking changes:

> 
> These breaking changes are coming soon or have recently been released:
> 
>  [Functions are stricter about which units they allow](https://sass-lang.com/documentation/breaking-changes/function-units) beginning in Dart Sass 1.32.0.
> 
>  [Selectors with invalid combinators are invalid](https://sass-lang.com/documentation/breaking-changes/bogus-combinators) beginning in Dart Sass 1.54.0.
> 
>  [/ is changing from a division operation to a list separator](https://sass-lang.com/documentation/breaking-changes/slash-div) beginning in Dart Sass 1.33.0.
> 
>  [Parsing the special syntax of @-moz-document will be invalid](https://sass-lang.com/documentation/breaking-changes/moz-document) beginning in Dart Sass 1.7.2.
> 
>  [Compound selectors could not be extended](https://sass-lang.com/documentation/breaking-changes/extend-compound) in Dart Sass 1.0.0 and Ruby Sass 4.0.0.


SCSS files have been migrated automatically using `sass-migrator division app/assets/stylesheets/**/*.scss`
2023-02-07 12:24:57 -03:00
Joffrey JAFFEUX 9b0b60274a
FIX: ensures non existing user/group cards are not stuck (#20195)
Prior to this fix on mobile the card-cloak would not get removed if the user/group card was leading to a non existing user/group.

The fix ensures hidden class is removed each time we call show.
2023-02-07 15:36:30 +01:00
Gerhard Schlager 7482b0f703
FIX: Redirecting to download backup from S3 could fail (#20171)
Follow-up to 008b700a3f
2023-02-07 15:32:47 +01:00
Penar Musaraj d29dc087b2
FEATURE: Support collapsing array sections in JSON Schema field types (#20118)
This allows users to collapse array-type data tables in JSON Schema
fields. Note that this data type is currently only used in themes and
plugins.
2023-02-07 08:22:01 -05:00
Ted Johansson 676d5fadab
DEV: Limit and validate category settings inputs (#20135)
We recently had a bug which caused auto-bumping to "not work". The problem was that the value had been set to 0.5, which when coerced to an integer turned into 0. So the feature is "working as intended", but there's a possibility of misconfiguration.

When looking into this, I noticed that the inputs on the category settings page doesn't have any particular sanitisation in the front-end, and also one or two validations missing in the back-end.

This change:

- Takes an existing component, NumberField and enhances that by only allowing numeric input, essentially turning it into a managed input using the same approach as our PasswordField.
- Changes the numeric inputs on category settings page to use this component.
- Adds appropriate min constraints to the fields to disallow out-of-range values.
- Adds missing back-end validations to relevant fields.
2023-02-07 12:27:38 +08:00
Blake Erickson c540167982
FIX: Remove action buttons if post has already been reviewed (#20126)
* FIX: Remove action buttons if post has already been reviewed

* Change the approve to reject test to expect an error

* Adds a controller spec to ensure you can't edit a non-pending review item

* Remove unnessary conditional
2023-02-06 11:55:52 -07:00
Kris ec4ac1465e
UX: show full topic title for reply-where (#20109) 2023-02-06 13:51:14 -05:00
David Taylor 754d1b71aa
FIX: Ensure ColorScheme#resolve falls back to base for missing color (#20186)
When a CUSTOM_SCHEME is missing a color (e.g. 'Dracula' is missing a 'highlight' color), we need to fallback to `ColorScheme.base_colors`. This regressed in 66256c15bd
2023-02-06 18:24:12 +00:00
Penar Musaraj a86112fc25
FEATURE: Allow embedded view to include a header (#20150)
This commits adds the ability to add a header to the embedded comments
view. One use case for this is to allow `postMessage` communication
between the comments iframe and the parent frame, for example, when
toggling the theme of the parent webpage.
2023-02-06 11:10:50 -05:00
Jordan Vidrine 9e1fcb2a79
FEATURE: Allow DTooltip interaction (#20169) 2023-02-06 09:59:34 -06:00
Andrei Prigorshnev 84e13e9b1c
FIX: avoid race condition when setting user status (#19817)
We caught it in logs, race condition led to this error:

    ActiveRecord::RecordNotUnique 
    (PG::UniqueViolation: ERROR:  duplicate key value violates unique constraint "user_statuses_pkey"
    DETAIL:  Key (user_id)=(15) already exists.)


The reason the problem happened was that we were checking if a user has status and if not inserting status:

    if user_status
      ...
    else
      self.user_status = UserStatus.create!(status)
    end

The problem is that it's possible that another request will insert status just after we check if status exists and just before our request call `UserStatus.create!(status)`. Using `upsert` fixes the problem because under the hood `upsert` generates the only SQL request that uses "INSERT ... ON CONFLICT DO UPDATE". So we do everything in one SQL query, and that query takes care of resolving possible conflicts.
2023-02-06 18:56:28 +04:00
Kris 156e04515f
FIX: fix dragging in horizontal overflow component (#20018) 2023-02-06 09:51:41 -05:00
David Taylor 95999c80ce
DEV: Allow registering a widget shim which renders using hbs (#20177)
This is an alternative way to use `RenderGlimmer` which can be more ergonomic for iterative updates of a codebase. For documentation, see `widgets/render-glimmer.js`
2023-02-06 14:10:44 +00:00
dependabot[bot] 80efda8481
Build(deps): Bump terser in /app/assets/javascripts (#20173)
Bumps [terser](https://github.com/terser/terser) from 5.16.2 to 5.16.3.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.16.2...v5.16.3)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 23:32:46 +01:00
Rafael dos Santos Silva f1d794f32d
FIX: Use `/` for start_url in webmanifest on non-subfolder installs (#20167)
See https://meta.discourse.org/t/i-want-to-make-changes-to-manifest-json-file/253050?u=falco
2023-02-03 16:48:05 -03:00
Joffrey JAFFEUX 232c9d84b7
FIX: autocomplete showing under keyboard on android (#20168)
Fixed had been added when autocomplete was used in the discourse header. This shouldn't be needed anymore. This was causing the preventOverflow to not work correctly on Android.

This fix fix also adds an optimisation to refer top of the input when on mobile. This is done to avoid cases where the screen is actually slightly taller than the viewport with keyboard visible on Android leading popper to think there's space under the input.
2023-02-03 20:47:50 +01:00
Isaac Janzen 132e802d5d
DEV: Dock glimmer-topic-timeline with animation (#20166)
- Move docking logic (intersection / dockAt / etc) from `glimmer-topic-timeline` -> `topic-timeline/container` to live alongside the `postScrolled` hook.
- Toggle `timeline-docked` and `timeline-docked-bottom` when we are at the bottom of a topic. This returns the missing animation to the glimmer-topic-timeline (pictured below).

https://user-images.githubusercontent.com/50783505/216655735-906ccd2a-b77e-45af-9a7b-c22680eca2dc.mov
2023-02-03 12:01:59 -06:00
Kris e5f557b971
UX: move data export to preferences page for new user nav (#20141) 2023-02-03 11:19:08 -05:00
Isaac Janzen 2bff6dbe26
DEV: Add `user-tip` back to glimmer-topic-timeline (#20165)
Add the user-tip back to the glimmer topic timeline

<img width="555" alt="Screenshot 2023-02-03 at 9 38 45 AM" src="https://user-images.githubusercontent.com/50783505/216644897-cdd3244f-e565-49ea-a929-5faa87f8ce57.png">
2023-02-03 10:15:38 -06:00
David Taylor d90a31d5b4
DEV: Support appending glimmer into existing post elements (#20164)
Previously `helper.renderGlimmer()` would always create a new wrapper element. This is required when using `RenderGlimmer` within widgets, where there is no direct access to DOM elements. However, when using within `decorateCooked`, we have the ability to pass an existing element to `{{#in-element}}` and have the glimmer content appended with no additional wrappers.

This commit makes the `renderInto` accept an existing DOM node for this 'append' behavior. The previous 'new wrapper element' behaviour is still used when a string is passed.
2023-02-03 16:07:11 +00:00
Isaac Janzen 66b015b472
DEV: Remove 'widget-button' from glimmer-topic-timeline (#20155)
# Context
The class of `widget-button` was kept in the upgraded version of the topic timeline to keep the preexisting logic of how we open / close child and parent modals.

# Problem
<img width="1242" alt="Screenshot 2023-02-02 at 3 45 53 PM" src="https://user-images.githubusercontent.com/50783505/216456778-11a3d0ce-5e33-4b85-89af-a2a32e39a1f6.png">

With the `widget-button` class removed from the topic timeline, clicking the button (highlighted in the image above) would close itself when populating the `jumpToPostPrompt` modal. This is not the behavior we want so class was kept on the button. The upgrade to ember octane entails moving away from widgets and all of its functionality... so we don't want to carry the debt of utilizing the `widget-button` class.

# Solution
Create a new class `.timeline-open-jump-to-post-prompt-btn` to be added to the `_expanded` function. When this class is present on a child or a parent of the button clicked, we do not collapse the modal. This gives us the expected behavior of maintaining both modals open at the same time.

<img width="1176" alt="Screenshot 2023-02-02 at 3 50 59 PM" src="https://user-images.githubusercontent.com/50783505/216457612-ab313758-bfa9-4913-bd29-d5224faf5187.png">

# Other 
Obviously adding this as jquery is not ideal, but to prevent scope creep we will need to refactor this in a separate PR.
2023-02-03 07:47:41 -06:00
Gerhard Schlager e17c145e8d
FIX: Category hashtags weren't always found for sub-sub-categories (#20156)
The algorithm failed to find the correct category by slug when there are multiple sub-sub-categories with the same child-category name and the first child doesn't  have the correct grandchild.

So, searching for "child / grandchild" worked in the following case, it found (3):

- (1) parent 1
  - (2) child
    - (3) grandchild
- (4) parent 2
  - (5) child
    - (6) grandchild

But it failed to find the grandchild in the following case:

- (1) parent 1
  - (2) child
- (4) parent 2
  - (5) child
    - (6) grandchild

And this also fixes a flaky spec by forcing categories to always order by by `parent_category_id` and `id`.
This makes it possible to partly revert 60990aab55
2023-02-03 12:17:52 +01:00
dependabot[bot] 6c80e17b92
Build(deps): Bump ember-cli-app-version in /app/assets/javascripts (#20152)
Bumps [ember-cli-app-version](https://github.com/ember-cli/ember-cli-app-version) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/ember-cli/ember-cli-app-version/releases)
- [Changelog](https://github.com/ember-cli/ember-cli-app-version/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ember-cli/ember-cli-app-version/compare/v5.0.0...v6.0.0)

---
updated-dependencies:
- dependency-name: ember-cli-app-version
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03 11:14:42 +01:00
Krzysztof Kotlarek 84a87a703c
DEV: configurable custom sidebar sections (#20057)
Allows users to configure their own custom sidebar sections with links withing Discourse instance. Links can be passed as relative path, for example "/tags" or full URL.

Only path is saved in DB, so when Discourse domain is changed, links will be still valid.

Feature is hidden behind SiteSetting.enable_custom_sidebar_sections. This hidden setting determines the group which members have access to this new feature.
2023-02-03 14:44:40 +11:00
Sam 651476e89e
FIX: domain searches not working properly for URLs (#20136)
If a post contains domain with a word that stems to a non prefix single
words will not match it.

For example: in happy.com, `happy` stems to `happi`. Thus searches for happy
will not find URLs with it included.

This bloats the index a tiny bit, but impact is limited.

Will require a full reindex of search to take effect. 

When we are done refining search we can consider a full version bump.
2023-02-03 09:55:28 +11:00
Kris e66fa8c48b
DEV: add plugin outlet to badge-card (#20143) 2023-02-02 16:22:40 -05:00
Kris 77f68cf278
A11Y: share label needs corresponding ID on input (#20148) 2023-02-02 16:22:07 -05:00
Isaac Janzen 277c5770b0
UX: Add transition to glimmer-topic-timeline fullscreen view (#20149)
- Rename `class` getter -> `classes` seeing that we are dealing with multiple classes
- Add `show` class to fullscreen topic timeline via `did-insert` to handle how CSS transitions only apply when an existing element changes its properties. We need to wait until `timeline-fullscreen` is painted to the DOM, and then add the `show` class later.
2023-02-02 15:00:02 -06:00
Isaac Janzen 8226fca6ed
DEV: Update glimmer topic timeline visibility state when a post is created (#20145)
# Problem
Creating a post on a topic, where the timeline is not shown by default, does not update the visibility state dynamically. You must refresh the page to have the timeline appear. 

# Solution 
This PR hooks into the `post-stream:posted` app event and checks if we can now display the timeline after a post has been created. This will update the visibility state dynamically.
2023-02-02 14:02:51 -06:00
Isaac Janzen e82865726c
FIX: Back button action and position on glimmer topic timeline (#20121)
This PR introduces a proper `action` to the topic timeline `back-button` which will fix the button not being clickable (or functional) as well as removing a duplicate setting of `this.lastReadTop` which was causing odd positionings of the button.

This is very difficult to test due to the fact you have to manage the "read history" for a user to have the back button populate. We will have to move forward without one (as we did in the last version of the timeline 😅) for now.
2023-02-02 12:06:42 -06:00
Rafael dos Santos Silva e4fd3d9850
FIX: Better ordering of similar user search suggestions (#20142)
* FIX: Better ordering of similar user search suggestions
2023-02-02 14:39:44 -03:00
Rafael dos Santos Silva 14cf8eacf1
FEATURE: Use similarity in user search (#20112)
Currently, when doing `@mention` for users we have 0 tolerance for typos and misspellings.

With this patch, if a user search doesn't return enough results we go and use `pg_trgm` features to try and find more matches based on trigrams of usernames and names.

It also introduces GiST indexes on those fields in order to improve performance of this search, going from 130ms down to 15ms in my tests.

This is all gated in a feature flag and can be enabled by running  `SiteSetting.user_search_similar_results = true` in the rails console.
2023-02-02 13:35:04 -03:00
David Taylor ca2b2d034f
DEV: Introduce API for rendering Glimmer inside posts (#20140)
`helper.renderGlimmer` will return an HTML element which can be added to a post's `cooked`

Example usage:
```
import { hbs } from "ember-cli-htmlbars";

api.decorateCookedElement((cooked, helper) => {
  const glimmerElement = helper.renderGlimmer(
    "div.my-wrapper-class",
    hbs`<DButton @icon={{@data.param}} @translatedLabel="Hello world from Glimmer Component"/>`,
    { param: "user-plus" }
  );
  cooked.appendChild(glimmerElement);
}, { onlyStream: true, id: "my-id" });
```

See `widgets/render-glimmer.js` for more detailed usage information.
2023-02-02 16:25:57 +00:00
Kris adbf69c300
A11Y: add aria-label to embedded jump link (#20117) 2023-02-02 09:41:39 -05:00
Kris 5a7b942aff
A11Y: aria-label for the post edit history button (#20123) 2023-02-02 09:41:28 -05:00
Kris bb2341b82c
A11Y: add aria tags for topic map expansion (#20122) 2023-02-02 09:36:00 -05:00
Kris 3cb8be706c
A11Y: history modal mode toggles need aria-labels (#20125) 2023-02-02 09:35:10 -05:00
Penar Musaraj a32e6b5771
FIX: Use `username_lower` in user menu router lookup (#20115)
For a user whose username has an uppercase character, the new user menu
dropdown was not defaulting to "Inbox" because the Ember router uses
lowercased usernames which were not matching with the `username`
property. Switching to `username_lower` fixes the issue.
2023-02-02 09:14:16 -05:00
Penar Musaraj 6bbf832400
DEV: Allow HTML in grant admin dialog (#20133)
In a private plugin, we need to show an error message containing HTML
when the Grant Admin action fails. This change introduces a new flag
(`html_message: true`) that when used will allow the dialog to render
the HTML tags in the error message correctly.
2023-02-02 09:09:25 -05:00
David Taylor fa30ab4ed7 DEV: Correct hbs prettier violations 2023-02-02 13:03:11 +00:00
Selase Krakani 2e78045af1
FIX: Extend username updates to self-mentions (#20071)
Posts with self-mentions aren't updated with username updates. This happens
because mention `UserAction` entries aren't logged for self-mentions.

This change updates the lookup of `Post` and `PostRevision` with mentions to bypass
`UserAction` entries.
2023-02-02 12:33:42 +00:00
dependabot[bot] c3f3b25737
Build(deps): Bump sass from 1.57.1 to 1.58.0 in /app/assets/javascripts (#20120)
Bumps [sass](https://github.com/sass/dart-sass) from 1.57.1 to 1.58.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.57.1...1.58.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-02 11:45:11 +01:00
David Taylor c8f4a2cfb9
DEV: Use template-only for RenderGlimmer helper (#20138)
We don't need a full glimmer component here - the class definition was empty. We can use templateOnly() for slightly improved performance.

Setting `component.name` improves how MountWidget is displayed for debugging in the Ember Inspector browser extension.
2023-02-02 09:52:44 +00:00
Alan Guo Xiang Tan ce531913a8
FIX: Sync user's reviewables count when loading reviewables list (#20128)
1. What is the problem here?

When a user's reviewables count changes, the changes are published via
MessageBus in a background Sidekiq job which means there is a delay before the
client receives the MessageBus message with the updated count. During
the time the reviewables count for a user has been updated and the time
when the client receives the MessageBus message with the updated count,
a user may view the reviewables list in the user menu. When that happens, the number of
reviewables in the list may be out of sync with the count shown.

2. What is the fix?

Going forward, the response for the `ReviewablesController#user_menu_list` action will include the user's reviewables count as
the `reviewables_count` attribute. This is then used by the client side
to update the user's reviewables count to ensure that the reviewables
list and count are kept in sync.
2023-02-02 10:19:51 +08:00
Sam 4570118a63
FIX: search index duplicate parser matching is too restrictive (#20129)
Previous regex did not allow for cases where a lexeme contains a : (colon)

This can happen when parsing URLs. New algorithm allows for this.
Test was amended to more clearly call out index problems
2023-02-02 12:17:19 +11:00
Keegan George 41f265ae46
FIX: Emoji preview showing incorrect preview on keyboard focus (#20116) 2023-02-01 12:14:34 -08:00
Penar Musaraj cb2569303f
UX: Add timezone aliases for `IST`, `KST` and `JST` (#20114) 2023-02-01 14:26:43 -05:00
Joffrey JAFFEUX df50df041a
FIX: corrects a regression hiding avatar in user selector (#20107)
Due to the way templates work, the incorrect variable (user instead of item) was not causing any error, and just failing silently to display the avatar.

This commit is also providing a basic spec for completion of users and groups.
2023-02-01 16:42:39 +01:00
Osama Sayegh f94951147e
FIX: Replace R2 gem with rtlcss for generating RTL CSS (#19636)
We've had a couple of problems with the R2 gem where it generated a broken RTL CSS bundle that caused a badly broken layout when Discourse is used in an RTL language, see a3ce93b and 5926386. For this reason, we're replacing R2 with `rtlcss` that can handle modern CSS features better than R2 does.

`rltcss` is written in JS and available as an npm package. Calling the `rltcss` from rubyland is done via the `rtlcss_wrapper` gem which contains a distributable copy of the `rtlcss` package and loads/calls it with Mini Racer. See https://github.com/discourse/rtlcss_wrapper for more details.

Internal topic: t/76263.
2023-02-01 14:21:15 +03:00
David Taylor 66256c15bd
UX: Calculate missing hover/selected colors from existing colors (#20105)
`--d-hover` is calculated to be equivalent to primary-100 in light mode, or primary-low in dark mode

`--d-selected` is calculated to be equivalent to primary-low in light mode, or primary-100 in dark mode

`lib/color_math` is introduced to provide some utilities for making these calculations.
2023-02-01 09:55:21 +00:00
Alan Guo Xiang Tan 07ef828db9
DEV: Improve MessageBus subscriptions for TopicTrackingState (#19767)
## Why do we need this change? 

When loading the ember app, [MessageBus does not start polling immediately](f31f0b70f8/app/assets/javascripts/discourse/app/initializers/message-bus.js (L71-L81)) and instead waits for `document.readyState` to be `complete`. What this means is that if there are new messages being created while we have yet to start polling, those messages will not be received by the client.

With sidebar being the default navigation menu, the counts derived from `topic-tracking-state.js` on the client side is prominently displayed on every page. Therefore, we want to ensure that we are not dropping any messages on the channels that `topic-tracking-state.js` subscribes to.  

## What does this change do? 

This includes the `MessageBus.last_id`s for the MessageBus channels which `topic-tracking-state.js` subscribes to as part of the preloaded data when loading a page. The last ids are then used when we subscribe the MessageBus channels so that messages which are published before MessageBus starts polling will not be missed.

## Review Notes

1. See https://github.com/discourse/message_bus#client-support for documentation about subscribing from a given message id.
2023-02-01 07:18:45 +08:00
Kris 85971a8b67
A11Y: embedded posts need disclosure widget attributes (#20048) 2023-01-31 13:01:49 -05:00
David Taylor c760efc924
FIX: Allow non-persisted color-scheme colors to be edited (#20104)
When we introduce new color scheme colors, they are not immediately persisted to the database for all color schemes. Previously, this meant that they would be unavailable in the admin UI for editing. The only way to work with the new colors was to create a new color scheme.

This commit updates the serializer so that all colors are serialized, even if they are not yet persisted to the database for the current scheme. This means that they now show up in the admin UI and can be edited.
2023-01-31 17:10:32 +00:00
David Taylor 9e440dca33 DEV: Rename all uses of PluginOutlet `@args` in core
The `args` argument is now deprecated. This commit uses a codemod (https://github.com/discourse/discourse-ember-codemods/tree/main/transforms/rename-plugin-outlet-args) to automatically rename all uses to `@outletArgs`.
2023-01-31 13:51:25 +00:00
David Taylor 84f6a8399d DEV: Deprecate PluginOutlet `@args` in favour of `@outletArgs` 2023-01-31 13:51:25 +00:00
Gerhard Schlager fe4a71848e
DEV: Fix flaky specs by explicitly ordering tags (#20097) 2023-01-31 14:38:42 +01:00
Jan Cernik 06817bd94f
FIX: Category permission change not creating a log (#20027)
It didn't create a log if the category was public { "everyone" => 1 }
2023-01-31 10:15:17 -03:00
David Taylor 26b5c0472f DEV: Remove use of PluginOutlet `@tagName` argument in core
The `tagName` argument is now deprecated. This commit uses a codemod (https://github.com/discourse/discourse-ember-codemods/tree/main/transforms/extract-plugin-outlet-tagname) to automatically remove the `@tagName` from all PluginOutlet invocations, and create a matching wrapper element so that the HTML structure is unchanged. We may want to remove some/all of these wrappers entirely in future, but that would be a riskier change which we should tackle on a case-by-case basis.
2023-01-31 12:15:37 +00:00
David Taylor f9d5203610 DEV: Deprecate PluginOutlet tagName argument 2023-01-31 12:15:37 +00:00
chapoi 15b546978f
UX: flex horizontal form controls (#20098) 2023-01-31 12:38:44 +01:00
David Taylor 258471e7f2 DEV: Move `editor-preview` wrapper outside PluginOutlet
This outlet is the only one to pass an `@classNames` argument, which is no longer supported in the glimmer version of PluginOutlet. This commit moves the wrapper outside, thereby maintaining the old HTML structure.
2023-01-31 11:29:04 +00:00
David Taylor 9ce58c7e36 DEV: Re-evaluate plugin outlet `shouldRender` when inputs change
This commit updates the PluginOutlet component so that it calculates the list of connectors in an autotracking context. Accessing arguments or any other `@tracked` values during `shouldRender` means that the set of connectors will be re-calculated whenever those tracked values change.
2023-01-31 11:29:04 +00:00
David Taylor 30025a96f3 DEV: Convert PluginOutlet wrapper to a Glimmer component
PluginConnector remains a Classic Component, so this commit does not require any changes from plugin/theme developers.

Two shims are introduced for backwards compatibility:

- The component variable passed to shouldRender is replaced with a helperContext instance which includes all the common injections (the new PluginOutlet component instance does not have any of these)

- A custom component manager is introduced so that parentView continues to work. Using parentView was never really intended as an API, so it's now deprecated and will print a warning to the console. Users should switch to using the outlet's explicit arguments, or data from a service (e.g. the Router service).
2023-01-31 11:29:04 +00:00
Jarek Radosz 0dbb089b47
FIX: Don't spam presence requests when getting 429 (#20084)
The presence service would retry `/presence/update` requests every second (or immediately in tests) in case where server returns 429 (rate limit) errors. That could lead to infinite spamming (until user refreshed tab/tabs)

Co-authored-by: David Taylor <david@taylorhq.com>
2023-01-31 09:49:23 +01:00
Alan Guo Xiang Tan f31f0b70f8
SECURITY: Hide PM count for tags by default (#20061)
Currently `Topic#pm_topic_count` is a count of all personal messages tagged for a given tag. As a result, any user with access to PM tags can poll a sensitive tag to determine if a new personal message has been created using that tag even if the user does not have access to the personal message. We classify this as a minor leak in sensitive information.

With this commit, `Topic#pm_topic_count` is hidden from users by default unless the `display_personal_messages_tag_counts` site setting is enabled.
2023-01-31 12:08:23 +08:00
Sam 07679888c8
FEATURE: allow restricting duplication in search index (#20062)
* FEATURE: allow restricting duplication in search index

This introduces the site setting `max_duplicate_search_index_terms`.
Using this number we limit the amount of duplication in our search index.

This allows us to more correctly weight title searches, so bloated posts
don't unfairly bump to the top of search results.

This feature is completely disabled by default and behind a site setting

We will experiment with it first. Note entire search index must be rebuilt
for it to take effect.


---------

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2023-01-31 12:41:31 +11:00
Alan Guo Xiang Tan c5c72a74b7
DEV: Fix flaky test due to a lack of deterministic ordering (#20087) 2023-01-31 08:57:34 +08:00
Jarek Radosz 7c1e1ef72b
DEV: Convert presence service tests to actual unit tests (#20076) 2023-01-30 23:31:39 +01:00
dependabot[bot] 2c81b70b01
Build(deps): Bump deepmerge in /app/assets/javascripts (#20082)
Bumps [deepmerge](https://github.com/TehShrike/deepmerge) from 4.2.2 to 4.3.0.
- [Release notes](https://github.com/TehShrike/deepmerge/releases)
- [Changelog](https://github.com/TehShrike/deepmerge/blob/master/changelog.md)
- [Commits](https://github.com/TehShrike/deepmerge/compare/v4.2.2...v4.3.0)

---
updated-dependencies:
- dependency-name: deepmerge
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 23:00:42 +01:00
dependabot[bot] 90ba62597a
Build(deps): Bump terser in /app/assets/javascripts (#20081)
Bumps [terser](https://github.com/terser/terser) from 5.16.1 to 5.16.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.16.1...v5.16.2)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 23:00:11 +01:00
Joffrey JAFFEUX 73488f2f33
FIX: uses popper for cards 2023-01-30 21:12:30 +01:00
Natalie Tay fda834d01c
Revert "DEV: uses popperjs for positioning user and group card (#20063)" (#20072)
This reverts commit 335c3f4621.
2023-01-31 02:51:05 +08:00
Natalie Tay 58234246ff
DEV: Remove elder from codebase and also update 'regular' to 'member' (#20065)
A while back the definition of TL was changed but many
areas in the codebase still use the term 'Regular user'
despite it having some implicit meaning (TL2).

See 20140905055251_rename_trust_level_badges.rb
2023-01-31 01:41:25 +08:00
Andrei Prigorshnev b334f0070d
DEV: dry up the Do Not Disturb widget (#19494) 2023-01-30 21:23:06 +04:00
Rafael dos Santos Silva 587e9ed9ba
FEATURE: Enable service worker for Apple devices (#19643)
This is necessary so MacOS Ventura (and in 2023 iOS) can use our new
default push notifications.

We still disable caching of dynamic routes on Apple devices due to it's
always being buggy there.
2023-01-30 13:23:19 -03:00
Bianca Nenciu 9a196ced08
FEATURE: Move metadata user results to list bottom (#18977)
Partial username or name matches were shown together with metadata
matched results. This created a bad user experience because results
that look unrelated were before even partial or exact group matches.
2023-01-30 15:38:41 +02:00
Joffrey JAFFEUX 335c3f4621
DEV: uses popperjs for positioning user and group card (#20063)
Behavior should be very similar but the code is simplified and it should fix various bugs where the card was showing out of screen even if we had available space.
2023-01-30 14:15:10 +01:00
chapoi 18f7b47ecb
UX: improve emoji alignment for text (#19815)
* UX: improve emoji alignment for text

* UX: emoji exception for titles
2023-01-30 14:07:08 +01:00
chapoi d0780eacdc
FIX: preserves avatar size inside onebox (#20066)
* UX: Wrap chat one-box avatars

* UX: restrict onebox image css to non-avatar
2023-01-30 13:59:25 +01:00
David Taylor 79bea9464c
PERF: Move user-tips and narrative to per-user messagebus channels (#19773)
Using a shared channel with per-message permissions means that every client is updated with the channel's 'last_id', even if there are no messages available to them. Per-user channel names avoid this problem - the last_id will only be incremented when there is a message for the given user.
2023-01-30 11:48:09 +00:00
Bianca Nenciu 23a74ecf8f
FIX: Truncate existing user status to 100 chars (#20044)
This commits adds a database migration to limit the user status to 100
characters, limits the user status in the UI and makes sure that the
emoji is valid.

Follow up to commit b6f75e231c.
2023-01-30 10:49:08 +02:00
Ayke Halder 9f14d643a5
DEV: use structured data in crawler-linkback-list for referencing only (#16237)
This simplifies the crawler-linkback-list to only be a point of reference to the actual DiscussionForumPosting objects.

See "Summary page": https://developers.google.com/search/docs/advanced/structured-data/carousel?hl=en#summary-page
> [It] defines an ItemList, where each ListItem has only three properties: @type (set to ListItem), position (the position in the list), and url (the URL of a page with full details about that item).
2023-01-30 08:26:55 +01:00
Ayke Halder 137dbaf0dc
DEV: declare post position as simple number in structured data (#16231)
This replaces the position declared as `#123` with the more simple version `123`.

The property position may be of type Integer or Text. A value of type Integer, or more precise of type Text which simply casts to integer, is sufficient here.
See: https://schema.org/position

In category-view the topic-list already uses this notation for the position of topics:
`<meta itemprop="position" content="123">`
2023-01-30 08:07:04 +01:00
Alan Guo Xiang Tan 7ec6e6b3d0
PERF: N+1 queries on `/tags` with multiple categories tags (#19906)
When the `tags_listed_by_group` site setting is disable, we were seeing
the N+1 queries problem when multiple `CategoryTag` records are listed.
This commit fixes that by ensuring that we are not filtering through the
category `tags` association after the association has been eager loaded.
2023-01-30 08:53:17 +08:00
Zachary Huff 0a8387ecd2
FIX: Validate asset url before replacing base url (#16438)
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2023-01-30 07:32:48 +08:00
dependabot[bot] 8410b25f3c
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#20055)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.13 to 7.20.14.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.14/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-29 22:44:40 +01:00
dependabot[bot] 15e854f0f7
Build(deps): Bump eslint in /app/assets/javascripts (#20054)
Bumps [eslint](https://github.com/eslint/eslint) from 8.32.0 to 8.33.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.32.0...v8.33.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-29 22:44:14 +01:00
Keegan George a4c68d4a2e
FIX: Failing system spec for rate limited search (#20046) 2023-01-27 12:14:29 -08:00
Kris 39eec37e75
A11Y: post avatars should not be tabbable (#20045) 2023-01-27 14:39:55 -05:00
Sam 2c8dfc3dbc
FEATURE: rate limit anon searches per second (#19708) 2023-01-27 10:05:27 -08:00
chapoi 5f90790110
Revert "Select-kit > use new color vars" (#20042)
This reverts commit 8534391044.
2023-01-27 18:09:50 +01:00
Blake Erickson 4ecfac39a6
FEATURE: Add separate api scope for topic status (#19978)
This will allow us more granular control over changing a topic status.
For example you can now force the scope to only allow closing topics in
a specific category. This means that the same scope can't be used to
re-open topics, or close topics in a different category.
2023-01-27 08:05:29 -07:00
chapoi e03f6057ec
UX: Highlight var refactor (#20026)
* Add new color vars

* Select-kit > use new color vars

* update all color schemes with values for new hover/select vars

* Add variable yml names
2023-01-27 15:50:36 +01:00
Bianca Nenciu b6f75e231c
FIX: Limit user status to 100 characters (#20040)
* FIX: Limit user status to 100 characters

* FIX: Make sure the emoji is valid
2023-01-27 16:32:27 +02:00
Bianca Nenciu 8fc11215e1
FIX: Ensure soft-deleted topics can be deleted (#19802)
* FIX: Ensure soft-deleted topics can be deleted

The topic was not found during the deletion process because it was
deleted and `@post.topic` was nil.

* DEV: Use @topic instead of finding the topic every time
2023-01-27 16:15:33 +02:00
Martin Brennan 079e1108f1
DEV: Remove stale TODO (#20039)
This TODO is irrelevant -- in reality this has not been a
perf issue, and there is not actually an N1 here. Furthermore,
this is only used in a single plugin, not in core.
2023-01-27 16:32:11 +10:00
Martin Brennan 48eb8d5f5a
Revert "DEV: Delete dead Topic#incoming_email_addresses code (#19970)" (#20037)
This reverts commit 88a972c61b.

It's actually used in some plugins.
2023-01-27 11:27:15 +10:00
Kris 0c967e6aa3
A11Y: add accessible label for bookmark name input (#20036) 2023-01-26 17:35:19 -05:00
Jan Cernik 665065bbc7
DEV: Fix ruby syntax tree linting error (#20028) 2023-01-26 17:17:00 -03:00
Roman Rizzi d96b4bbb46
DEV: Include upload_id on image optimization errors to have more context (#19715) 2023-01-26 14:57:40 -03:00
dependabot[bot] 13e9f5054c
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#20017)
Bumps [@embroider/test-setup](https://github.com/embroider-build/embroider/tree/HEAD/packages/test-setup) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/test-setup)

---
updated-dependencies:
- dependency-name: "@embroider/test-setup"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-26 18:45:22 +01:00
Bianca Nenciu 2c9d76e510
FIX: Use specified limit option in user search (#20020) 2023-01-26 16:17:15 +02:00
jbrw f8863b0f98
DEV: Limit concurrency of NotifyReviewables job (#19968)
Under scenarios of extremely high load where large numbers of `Reviewable*` items are being created, it has been observed that multiple instances of the `NotifyReviewable` job may run simultaneously.

These jobs will work satisfactorily if the concurrency is limited to 1, and the different types of jobs (items reviewable by admins, vs moderators, vs particular groups, etc.) are run eventually.

This change introduces a new option to `DistributedMutex` which allows the `max_get_lock_attempts` to be specified. If the number is exceeded an error will be raised, which will cause Sidekiq to requeue the job. Sidekiq has existing logic to back-off on retry times for jobs that have failed multiple times.
2023-01-25 15:19:11 -05:00
Bianca Nenciu 105fee978d
SECURITY: only show restricted tag lists to authorized users (#20004)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-01-25 18:55:55 +02:00
Bianca Nenciu cd7c8861ae
SECURITY: Remove bypass for base_url (#19995)
The check used to be necessary because we validated the referrer too and
this bypass was a workaround a bug that is present in some browsers that
do not send the correct referrer.
2023-01-25 13:50:45 +02:00
Natalie Tay d5745d34c2
SECURITY: Limit the character count of group membership requests (#19993)
When creating a group membership request, there is no character
limit on the 'reason' field. This can be potentially be used by
an attacker to create enormous amount of data in the database.

Co-authored-by: Ted Johansson <ted@discourse.org>
2023-01-25 13:50:33 +02:00
Natalie Tay f91ac52a22
SECURITY: Limit the length of drafts (#19989)
Co-authored-by: Loïc Guitaut <loic@discourse.org>
2023-01-25 13:50:21 +02:00
Loïc Guitaut ec2ed5b7f6 FIX: Delete reviewables associated to posts automatically
Currently we don’t have an association between reviewables and posts.
This sometimes leads to inconsistencies in the DB as a post can have
been deleted but an associated reviewable is still present.

This patch addresses this issue simply by adding a new association to
the `Post` model and by using the `dependent: :destroy` option.
2023-01-25 09:45:36 +01:00
Martin Brennan 82182ec0c7
DEV: Add hashtag controller specs (#19983)
This is just cleaning up a TODO I had to add more specs
to this controller -- there are more thorough tests on the
actual HashtagService class and the type-specific hashtag
classes.
2023-01-25 17:13:32 +10:00
Martin Brennan 88a972c61b
DEV: Delete dead Topic#incoming_email_addresses code (#19970)
This code has been dead since b463a80cbf,
we can delete it now.
2023-01-25 09:34:41 +10:00
dependabot[bot] 3866867e45
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#19982) 2023-01-24 22:51:23 +01:00
dependabot[bot] 69c7f676ea
Build(deps): Bump ember-auto-import in /app/assets/javascripts (#19981) 2023-01-24 22:50:05 +01:00
Kris 75032f4752
UX: remove extra whitespace in search helper (#19980) 2023-01-24 15:27:05 -05:00
Kris e71bf672cb
UX: prevent user card status overflow (#19979) 2023-01-24 13:58:24 -05:00
Kris 4da8e15801
A11Y: discourse-tags should have a role and label (#19977) 2023-01-24 13:04:32 -05:00
Kris a57d6a0f75
A11Y: add aria-labels for flagging textareas (#19938) 2023-01-24 09:49:15 -05:00
Kris 7683b4bbfa
UX: improve bulk button layout and alignment (#19966) 2023-01-24 09:47:35 -05:00
Jarek Radosz 17deb79fcb
DEV: Fix random typos (#19973) 2023-01-24 15:41:01 +01:00
Aleksey Bogdanov 1bc39c1a4f
FIX: text selection breaks opening of links in new tabs (#19867)
When a user checks "Open all external links in a new tab" preference
he expects not to be overruled by unrelated text selections.
Yet if text is selected during a link click the link is followed on
the same tab. This change corrects that.
2023-01-24 14:17:03 +01:00
David Taylor 48713653df
DEV: Add failing test for `api.modifyClass` with native getters (#19911)
https://meta.discourse.org/t/251793/8
2023-01-24 10:41:48 +00:00
Martin Brennan 63fdb6dd65
FIX: Do not add empty use/svg tags in ExcerptParser (#19969)
There was an issue where if hashtag-cooked HTML was sent
to the ExcerptParser without the keep_svg option, we would
end up with empty </use> and </svg> tags on the parts of the
excerpt where the hashtag was, in this case when a post
push notification was sent.

Fixed this, and also added a way to only display a plaintext
version of the hashtag for cases like this via PrettyText#excerpt.
2023-01-24 14:40:24 +10:00
Vinoth Kannan 799202d50b
FIX: skip email if blank while syncing SSO attributes. (#19939)
Also, return email blank error in `EmailValidator`  when the email is blank.
2023-01-24 09:10:24 +05:30
Martin Brennan 0924f874bd
DEV: Use UploadReference instead of ChatUpload in chat (#19947)
We've had the UploadReference table for some time now in core,
but it was added after ChatUpload was and chat was just never
moved over to this new system.

This commit changes all chat code dealing with uploads to create/
update/delete/query UploadReference records instead of ChatUpload
records for consistency. At a later date we will drop the ChatUpload
table, but for now keeping it for data backup.

The migration + post migration are the same, we need both in case
any chat uploads are added/removed during deploy.
2023-01-24 13:28:21 +10:00
Krzysztof Kotlarek ac4ee1a3d4
FIX: TL4 user is not redirected to latest when delete topic (#19967)
Continue of https://github.com/discourse/discourse/pull/19766

When TL4 is allowed to delete topic, they should not be redirected to / after that action.
2023-01-24 11:28:04 +11:00
Blake Erickson a6291cd854
FEATURE: Add api scope for suspending users (#19965)
See: https://meta.discourse.org/t/request-separate-api-granular-api-scope-for-suspend-user/249928/5
2023-01-23 16:20:49 -07:00
Blake Erickson 774feb6614
FEATURE: Add api scope for create invite endpoint (#19964)
Adds an api scope for the POST /invite endpoint.
2023-01-23 16:20:22 -07:00
dependabot[bot] bc9874033f
Build(deps): Bump qunit from 2.19.3 to 2.19.4 in /app/assets/javascripts (#19962) 2023-01-23 23:52:22 +01:00
Blake Erickson 09f5235538
FEATURE: Add api scope for search endpoint (#19955)
Adds two new api scopes for the /search endpoints:

- `/search.json?q=term`
- `/search/query.json?term=term`

see: https://meta.discourse.org/t/search-api-key-permissions/227244
2023-01-23 14:06:57 -07:00
Kris 239815c4a4
UX: fixes and adjustments for user nav (#19954) 2023-01-23 14:28:55 -05:00
Jordan Vidrine 1d7b50a0d3
FIX: Fix margin on mini-tag-chooser (#19953) 2023-01-23 10:39:57 -06:00
Jordan Vidrine b26e0dcf35
UX: Set penalty history to sticky (#19933) 2023-01-23 07:14:23 -06:00
Martin Brennan 641e94fc3c
FEATURE: Allow changing slug on create channel (#19928)
This commit allows us to set the channel slug when creating new chat
channels. As well as this, it introduces a new `SlugsController` which can
generate a slug using `Slug.for` and a name string for input. We call this
after the user finishes typing the channel name (debounced) and fill in
the autogenerated slug in the background, and update the slug input
placeholder.

This autogenerated slug is used by default, but if the user writes anything
else in the input it will be used instead.
2023-01-23 14:48:33 +10:00
dependabot[bot] 54e5a2e4c4
Build(deps): Bump sass from 1.57.0 to 1.57.1 in /app/assets/javascripts (#19538)
Bumps [sass](https://github.com/sass/dart-sass) from 1.57.0 to 1.57.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.57.0...1.57.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 23:36:16 +01:00
dependabot[bot] f81c94637a
Build(deps): Bump ember-rfc176-data in /app/assets/javascripts (#19925)
Bumps [ember-rfc176-data](https://github.com/ember-cli/ember-rfc176-data) from 0.3.17 to 0.3.18.
- [Release notes](https://github.com/ember-cli/ember-rfc176-data/releases)
- [Changelog](https://github.com/ember-cli/ember-rfc176-data/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ember-cli/ember-rfc176-data/compare/v0.3.17...v0.3.18)

---
updated-dependencies:
- dependency-name: ember-rfc176-data
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 22:56:17 +01:00
dependabot[bot] 9be9f97373
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#19945)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.12 to 7.20.13.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.13/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 22:53:57 +01:00
dependabot[bot] 36447fb043
Build(deps): Bump jsdom from 21.0.0 to 21.1.0 in /app/assets/javascripts (#19944)
Bumps [jsdom](https://github.com/jsdom/jsdom) from 21.0.0 to 21.1.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/21.0.0...21.1.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-22 22:39:36 +01:00
Daniel Waterworth 666536cbd1
DEV: Prefer \A and \z over ^ and $ in regexes (#19936) 2023-01-20 12:52:49 -06:00
Kris f7907a3645
A11Y: remove heading tags from user profile (#19935) 2023-01-20 12:27:07 -05:00
Kris 1521bace4f
A11Y: add secondary skip link to user profiles (#19926) 2023-01-20 10:30:57 -05:00
Kris 7ebd8a44f5
UX: hide date in timeline when wrapping (#19912) 2023-01-20 10:05:16 -05:00
Jordan Vidrine b412f03b29
UX: Remove left margin (#19932) 2023-01-20 07:59:25 -06:00
Jordan Vidrine 62aa2adc74
UX: Add margin to search keyword (#19931) 2023-01-20 07:40:48 -06:00
Osama Sayegh 0c30f31f17
FIX: Allow modals to scroll on mobile when keyboard is open (#19930)
Meta topic: https://meta.discourse.org/t/android-keyboard-overlaps-text-when-flagging-with-something-else/249687?u=osama

On Android, it's currently not possible to scroll modals that take input from the user (such as the flagging modal) when the keyboard is open which means that the keyboard can cover up part of the modal with no way for the user to see the covered part without closing the keyboard. This commit adds some CSS to make these modals scrollable when the keyboard is open.
2023-01-20 14:23:19 +03:00
Ted Johansson 90d452ab6c
FIX: Don't display staff-only options to non-staff in group member bulk menu (#19907)
In the group member bulk edit menu we are displaying staff-only options
to non-staff. The requests are blocked by the back-end, so there is no
harm other than to the user experience.

Notably the individual user edit menu is correctly filtering out
unavailable options. This change brings the bulk edit menu in line with
that.
2023-01-20 11:16:04 +08:00
Krzysztof Kotlarek b05f193cf0
FIX: move min tag setting to tags section in edit category (#19789)
`Minimum number of tags required in a topic` should be in `Tags` panel instead of `Settings`
2023-01-20 13:30:39 +11:00
Krzysztof Kotlarek f409e977a9
FIX: deleted misconfigured embeddable hosts (#19833)
When EmbeddableHost is configured for a specific category and that category is deleted, then EmbeddableHost should be deleted as well.

In addition, migration was added to fix existing data.
2023-01-20 13:29:49 +11:00
Alan Guo Xiang Tan f122f24b35
SECURITY: Default tags to show count of topics in unrestricted categories (#19916)
Currently, `Tag#topic_count` is a count of all regular topics regardless of whether the topic is in a read restricted category or not. As a result, any users can technically poll a sensitive tag to determine if a new topic is created in a category which the user has not excess to. We classify this as a minor leak in sensitive information.

The following changes are introduced in this commit:

1. Introduce `Tag#public_topic_count` which only count topics which have been tagged with a given tag in public categories.
2. Rename `Tag#topic_count` to `Tag#staff_topic_count` which counts the same way as `Tag#topic_count`. In other words, it counts all topics tagged with a given tag regardless of the category the topic is in. The rename is also done so that we indicate that this column contains sensitive information. 
3. Change all previous spots which relied on `Topic#topic_count` to rely on `Tag.topic_column_count(guardian)` which will return the right "topic count" column to use based on the current scope. 
4. Introduce `SiteSetting.include_secure_categories_in_tag_counts` site setting to allow site administrators to always display the tag topics count using `Tag#staff_topic_count` instead.
2023-01-20 09:50:24 +08:00
Alan Guo Xiang Tan b00e160dae
PERF: Don't parse posts for mentions when user status is disabled (#19915)
Prior to this change, we were parsing `Post#cooked` every time we
serialize a post to extract the usernames of mentioned users in the
post. However, the only reason we have to do this is to support
displaying a user's status beside each mention in a post on the client side when
the `enable_user_status` site setting is enabled. When
`enable_user_status` is disabled, we should avoid having to parse
`Post#cooked` since there is no point in doing so.
2023-01-20 07:58:00 +08:00
Isaac Janzen 292d3677e9
FEATURE: Allow admins to permanently delete revisions (#19913)
# Context
This PR introduces the ability to permanently delete revisions from a post while maintaining the changes implemented by the revisions.
Additional Context: /t/90301

# Functionality
In the case a staff member wants to _remove the visual cue_ that a post has been edited eg.

<img width="86" alt="Screenshot 2023-01-18 at 2 59 12 PM" src="https://user-images.githubusercontent.com/50783505/213293333-9c881229-ab18-4591-b39b-e3419a67907d.png">

while maintaining the changes made in the edits, they can enable the (hidden) site setting of `can_permanently_delete`.
When this is enabled, after _hiding_ the revisions

<img width="149" alt="Screenshot 2023-01-19 at 1 53 35 PM" src="https://user-images.githubusercontent.com/50783505/213546080-2a9e9c55-b3ef-428e-a93d-1b6ba287dfae.png">

there will be an additional button in the history modal to <kbd>Delete revisions</kbd> on a post.

<img width="997" alt="Screenshot 2023-01-19 at 1 49 51 PM" src="https://user-images.githubusercontent.com/50783505/213546333-49042558-50ab-4724-9da7-08bacc68d38d.png">

Since this action is permanent, we display a confirmation dialog prior to triggering the destroy call

<img width="722" alt="Screenshot 2023-01-19 at 1 55 59 PM" src="https://user-images.githubusercontent.com/50783505/213546487-96ea6e89-ac49-4892-b4b0-28996e3c867f.png">

Once confirmed the history modal will close and the post will `rebake` to display an _unedited_ post.

<img width="868" alt="Screenshot 2023-01-19 at 1 56 35 PM" src="https://user-images.githubusercontent.com/50783505/213546608-d6436717-8484-4132-a1a8-b7a348d92728.png">
 
see that there is not a visual que for _revision have been made on this post_ for a post that **HAS** been edited. In addition to this, a user history log for `purge_post_revisions` will be added for each action completed.

# Limits
- Admins are rate limited to 20 posts per minute
2023-01-19 15:09:01 -06:00
Kris 2fb2b0a538
UX: switch categories-boxes layouts from flexbox to grid (#19501) 2023-01-19 12:48:58 -05:00
Kris f66e798ed7
A11Y: more descriptive user page titles (#19819) 2023-01-19 12:45:45 -05:00
Kris 2b36a9f7b8
UX: prevent search context btn text from wrapping (#19904) 2023-01-18 09:40:56 -05:00
Kris 20f5a69427
UX: add missing space and other minor search adjustments (#19899) 2023-01-18 09:40:38 -05:00
Kris 3483285b89
UX: restyle quote/share popup, fix hover jitter (#19561) 2023-01-17 12:28:33 -05:00
Kris 145d2baa14
A11Y: add aria tags to the new user nav (#19774) 2023-01-17 12:18:16 -05:00
Penar Musaraj 86b4f4d664
UX: Refactor alignment of tag icon in Discourse onebox (#19880)
Followup to 1ce9582a6c
2023-01-17 11:13:55 -05:00
David Taylor 4204b984ee
DEV: Allow accessing sourcemaps on `/brotli_asset` path (#19894)
Our JS files reference sourcemaps relative to their current path. On sites with non-S3 CDN setups, we use a special path for brotli assets (39a524aa). This caused the sourcemap requests to 404.

This commit fixes the issue by allowing the `.map` files to be accessed under `/brotli_asset/*`.
2023-01-17 12:49:42 +00:00
David Taylor 011c9b9973
DEV: Use message-bus chunked encoding in development (#19878)
This was previously disabled because of incompatibility with the ember-cli proxy. This commit fixes that incompatibility, and restores the development behaviour to match production.

There were three issues at play:

1. Our bootstrap-js addon handles the forwarding of most requests in the ember-cli proxy. This is not built to handle streaming responses. Solution: skip our custom request processing for `/message-bus/*` and use ember-cli's default `http-proxy`.

2. The request/response size-limiting middleware (`rawMiddleware`) would apply even to unhandled paths, causing request and response bodies to be buffered. Solution: skip it for any paths which are not handled by our custom addon.

3. Expressjs servers will buffer/compress responses. Solution: add `Cache-Control: no-transform` to message-bus responses. For now I've done this in development only, but it may be useful to add it to message-bus's default headers in future
2023-01-17 09:54:33 +00:00
Alan Guo Xiang Tan 1e8a1a0d24
PERF: N+1 queries when viewing tags (#19891)
When the `tags_listed_by_group` site setting is enabled, we were seeing
the N+1 queries problem when multiple `TagGroup` records are listed.
This commit fixes that by ensuring that we are not filtering through the
`tags` association after the association has been eager loaded.
2023-01-17 15:50:21 +08:00
David Taylor 41f3bb8b50
FIX: Restore class-property babel transform for themes (#19883)
This seems to be required for decorators to work on class properties. Followup to 624f4a7de9
2023-01-16 18:06:46 +00:00
David Taylor 624f4a7de9
Drop support for iOS < 15.7 (#19847)
https://meta.discourse.org/t/224747
2023-01-16 17:28:59 +00:00
Bianca Nenciu c3070288ea
FEATURE: Verify email webhook signatures (#19690)
* FEATURE: Verify Sendgrid webhook signature

* FEATURE: Verify more webhook signatures

* DEV: Add test for AWS webhook

* FEATURE: Implement algorithm for Mandrill

* FEATURE: Add warning if webhooks are unsafe
2023-01-16 19:16:17 +02:00
Loïc Guitaut 1ce9582a6c FIX: Display Discourse onebox tag icon properly in chat 2023-01-16 14:53:49 +01:00
Régis Hanol b704e338ef
DEV: extract anniversary badge query (#19716)
So it can easily be overwritten in a plugin for example.

### Added more tests to provide better coverage

We previously only had `u.silenced_till IS NULL` but I made it consistent with pretty much every other places where we check for "active" users.

These two new lines do change the query a tiny bit though. 

**Before** 

- You could not get the badge if you were currently silenced (no matter what period is being checked)
- You could get the badge if you were suspended 😬 

**After**

- You can't get the badge if you were silenced during the past year
- You can't get the badge if you were suspended during the past year


### Improved the performance of the query by using `NOT EXISTS` instead of `LEFT JOIN / COUNT() = 0`

There is no difference in behaviour between 

```sql
LEFT JOIN user_badges AS ub ON ub.user_id = u.id AND ...
[...]
HAVING COUNT(ub.*) = 0
```

and

```sql
NOT EXISTS (SELECT 1 FROM user_badges AS ub WHERE ub.user_id = u.id AND ...)
```

The only difference is performance-wise. The `NOT EXISTS` is 10-30% faster on very large databases (aka. posts and users in X millions). I checked on 3 of the largest datasets I could find.
2023-01-16 11:55:00 +01:00
chapoi d59ed1cbfe
UX: fix alignment issues with autocomplete (#19828) 2023-01-16 09:09:23 +11:00
Alan Guo Xiang Tan f72875c729
DEV: Introduce `enable_new_notifications_menu` site setting (#19860)
The `enable_new_notifications_menu` site setting allows sites that have
`navigation_menu` set to `legacy` to use the redesigned notifications
menu before switching to the new sidebar navigation menu.
2023-01-16 06:04:53 +08:00
dependabot[bot] 9ed4550b86
Build(deps): Bump eslint in /app/assets/javascripts (#19873)
Bumps [eslint](https://github.com/eslint/eslint) from 8.31.0 to 8.32.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.31.0...v8.32.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-15 22:32:00 +01:00
Joffrey JAFFEUX a444023113
DEV: adds row index support (#19871)
This commits adds a data-index attribute on each `select-kit-row` DOM node and also makes available `this.index` in each `select-kit-row` template.
2023-01-13 16:39:21 +01:00
Joffrey JAFFEUX f525f722ea
DEV: adds expandedOnInsert option to sk (#19870)
Allows to display a select-kit component expanded by default.

Usage:

```
<SingleSelect
  @value={{this.value}}
  @content={{this.content}}
  @options={{hash expandedOnInsert=true}}
/>
```
2023-01-13 16:13:13 +01:00
dependabot[bot] 5cd136510a
Build(deps): Bump message-bus-client in /app/assets/javascripts (#19864)
Bumps [message-bus-client](https://github.com/discourse/message_bus) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/discourse/message_bus/releases)
- [Changelog](https://github.com/discourse/message_bus/blob/main/CHANGELOG)
- [Commits](https://github.com/discourse/message_bus/compare/v4.3.1...v4.3.2)

---
updated-dependencies:
- dependency-name: message-bus-client
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-13 12:22:00 +00:00
Selase Krakani 73ec80893d
FEATURE: Extend topic update API scope to allow status updates (#19654)
Allow an API key created with topic:update API scope to make updates to
topic status. This change also introduces an optional category_id scope
param.
2023-01-13 01:21:04 +00:00
Alan Guo Xiang Tan 5db72f8daf
FIX: Preload user sidebar attrs when `?enable_sidebar=1` (#19843)
This allows users to preview the sidebar even when
`SiteSetting.naviation_menu` is set to `false`.
2023-01-13 06:47:58 +08:00
Daniel Waterworth 3030a53819
FIX: Prevent concurrent updates to top_topics (#19854)
to prevent lock timeouts
2023-01-12 14:03:26 -06:00
Isaac Janzen 28078d78e2
DEV: Make 'username' optional for bookmark notifications (#19851)
Data Explorer queries have a `user_id` assigned to each query created. DE Reports can be bookmarked for later reference. 

When creating the bookmark notification there was the possibility of a notification error being thrown (that made the notification menu inaccessible) due to a DE Query not having a owner (associated user_id). This can happen in a couple ways: 
- having a query created by a user that was then later deleted leaving the query without ownership
- having a TA create a query for a customer using a temporary account, that would then later be deleted leaving the query without ownership

Since there is a case that `bookmark.user` is not valid the PR makes the `bookmark.user.username` optional for a bookmark notification. As [tested](https://github.com/discourse/discourse/pull/19851/files#diff-5b5154de37f96988d551feff6f1dfe5ba804fbcbc1c33b5478dde02a447a634f) in the case a username is not present, we will still render the `content` of the notification minus the username. This creates a safe fallback when looking up non-valid users.
2023-01-12 12:22:11 -06:00
Sérgio Saquetim 8fd9a93a1a
DEV: Added notification type for 'discourse-circles' (#19834)
Reserved an ID to be used by notifications generated on the `discourse-circles` plugin.
2023-01-12 14:07:42 -03:00
Ted Johansson 5dcb245eac
FIX: Ruby 2 backward compatible plugin logout redirect (#19845)
This is a very subtle one. Setting the redirect URL is done by passing
a hash through a Discourse event. This is broken on Ruby 2 since the
support for keyword arguments in events was added.

In Ruby 2 the last argument is cast to keyword arguments if it is a
hash. The key point here is that creates a new copy of the hash, so
what the plugin is modifying is not the hash that was passed.
2023-01-12 19:12:20 +08:00
dependabot[bot] 1a759fd75f
Build(deps): Bump @ember/render-modifiers in /app/assets/javascripts (#19832)
Bumps [@ember/render-modifiers](https://github.com/emberjs/ember-render-modifiers) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/emberjs/ember-render-modifiers/releases)
- [Changelog](https://github.com/emberjs/ember-render-modifiers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-render-modifiers/compare/v2.0.4...v2.0.5)

---
updated-dependencies:
- dependency-name: "@ember/render-modifiers"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-12 10:47:23 +01:00
Martin Brennan 779b9add24
DEV: Remove bookmark column ignores (#19838)
These columns were deleted in f8f55cef67
2023-01-12 11:45:37 +10:00
Sam 29ef2cb550
FEATURE: raise redirect avatar cache to 1 day (#19840)
In "GlobalSetting.redirect_avatar_requests" mode, when the application gets
an avatar request it returns a "redirect" to the S3 CDN.

This shields the application from caching avatars and downloading from S3.
However clients will make 2 requests per avatar. (one to get redirect,
second to get avatar)

A one hour cache on a redirect means there may be an increase in CDN
traffic, given more clients will ask for the redirect every hour.

This may also lead to an increase in origin requests to the application.

To mitigate lets cache the CDN URL for 1 day.

The downside is that any changes to S3 CDN need extra care to allow for
the extra 1 day delay. (leave data around for 1 extra day)
2023-01-12 12:40:42 +11:00
Alan Guo Xiang Tan 9fcd8336e4
FIX: Regression in TopicTrackingState MessageBus message scope. (#19835)
0403cda1d1 introduced a regression where
topics in non read-restricted categories have its TopicTrackingState
MessageBus messages published with the `group_ids: [nil]` option. This
essentially means that no one would be able to view the message.
2023-01-12 08:22:28 +08:00
Martin Brennan 21a95b000e
DEV: Remove defunct TODOs (#19825)
* Firefox now finally returns PerformanceMeasure from performance.measure
* Some TODOs were really more NOTE or FIXME material or no longer relevant
* retain_hours is not needed in ExternalUploadsManager,  it doesn't seem like anywhere in the UI sends this as a param for uploads
* https://github.com/discourse/discourse/pull/18413 was merged so we can remove JS test workaround for settings
2023-01-12 09:41:39 +10:00
Isaac Janzen 92bb728fe5
DEV: Add search suggestions for tag-intersections (#19777)
Added `tagIntersection` search context for handling search suggestions on tag intersection and tag+category routes.

# Tag & Category Route Search Suggestions
eg. /tags/c/general/5/updates
### Before
<img width="422" alt="Screenshot 2023-01-06 at 2 58 50 PM" src="https://user-images.githubusercontent.com/50783505/211098933-ade438c6-5008-49ce-9a90-c8200ec5fe00.png">

### After
<img width="359" alt="Screenshot 2023-01-06 at 3 00 35 PM" src="https://user-images.githubusercontent.com/50783505/211099183-c3feaeac-8661-47ed-843c-da9d9fb78e9e.png">

# Tag Intersection Route Search Suggestions
eg. /tags/intersection/updates/foo
### Before
<img width="421" alt="Screenshot 2023-01-06 at 3 02 23 PM" src="https://user-images.githubusercontent.com/50783505/211099435-e8fc6d87-2772-45b5-b455-1831f80eab3a.png">

### After
<img width="362" alt="Screenshot 2023-01-09 at 2 02 09 PM" src="https://user-images.githubusercontent.com/50783505/211397349-acb350f7-8e6a-4d9f-a749-8292e49400d9.png">

I defaulted to using `+` as a separator for tag intersections. The reasoning behind this is that we don't make the tag intersection routes easily accessible, so if you are going out of your way to view multiple tags, you are most likely going to be searching by **both** of those tags as well.

# General Search
Introducing flex wrap removes whitespace causing a [test](https://github.com/discourse/discourse/pull/19777/files#diff-5d3d13fabc1a511635eb7471ffe74f4d455d77f6984543c2be6ad136dfaa6d3aR813) to fail, but to remedy this I added spacing to the `.search-item-prefix` and `.search-item-slug` which achieves the same thing.

### After
<img width="359" alt="Screenshot 2023-01-09 at 2 04 54 PM" src="https://user-images.githubusercontent.com/50783505/211397900-60220394-5596-4e13-afd0-b6130afa0de2.png">
2023-01-11 13:02:22 -06:00
chapoi c7767686cc
UX: streamline avatar in topic list (#19829) 2023-01-11 16:17:20 +01:00
Loïc Guitaut 14d97f9cf1 FEATURE: Show more context in Discourse topic oneboxes
Currently when generating a onebox for Discourse topics, some important
context is missing such as categories and tags.

This patch addresses this issue by introducing a new onebox engine
dedicated to display this information when available. Indeed to get this
new information, categories and tags are exposed in the topic metadata
as opengraph tags.
2023-01-11 14:22:53 +01:00
Ted Johansson d2e9ea6193
FEATURE: Allow group owners promote more owners (#19768)
This change allows group owners (in addition to admins) to promote other members to owners.
2023-01-11 16:43:18 +08:00
Alan Guo Xiang Tan 0403cda1d1
FIX: Error when publishing TopicTrackingState updates for certain topics (#19812)
When a topic belongs to category that is read restricted but permission
has not been granted to any groups, publishing ceratin topic tracking state
updates for the topic will result in the `MessageBus::InvalidMessageTarget` error being raised
because we're passing `nil` to `group_ids` which is not support by
MessageBus.

This commit ensures that for said category above, we will publish the
updates to the admin groups.
2023-01-11 06:15:52 +08:00
Alan Guo Xiang Tan 8a7b62b126
DEV: Fix threading error when running jobs immediately in system tests (#19811)
```
class Jobs::DummyDelayedJob < Jobs::Base
  def execute(args = {})
  end
end

RSpec.describe "Jobs.run_immediately!" do
  before { Jobs.run_immediately! }

  it "explodes" do
    current_user = Fabricate(:user)
    Jobs.enqueue_in(1.seconds, :dummy_delayed_job)
    sign_in(current_user)
  end
end
```

The test above will fail with the following error if `ActiveRecord::Base.connection_handler.clear_active_connections!` is called before the configured Capybara server checks out a connection from the connection pool.

```
     ActiveRecord::ActiveRecordError:
       Cannot expire connection, it is owned by a different thread: #<Thread:0x00007f437391df58@puma srv tp 001 /home/tgxworld/.asdf/installs/ruby/3.1.3/lib/ruby/gems/3.1.0/gems/puma-6.0.2/lib/puma/thread_pool.rb:106 sleep_forever>. Current thread: #<Thread:0x00007f437d6cfc60 run>.
```

We're not exactly sure if this is an ActiveRecord bug or not but we've
invested too much time into investigating this problem. Fundamentally,
we also no longer understand why `ActiveRecord::Base.connection_handler.clear_active_connections!` is being called in an ensure block
within `Jobs::Base#perform` which was added in
ceddb6e0da 10 years ago. This
commit moves the logic for running jobs immediately out of the
`Jobs::Base#perform` method into another `Jobs::Base#perform_immediately` method such that
`ActiveRecord::Base.connection_handler.clear_active_connections!` is not
called. This change will only impact the test environment.
2023-01-10 13:41:25 +08:00
Kris b572f69f5f
UX: add btn-primary class on email confirm page (#19803) 2023-01-09 15:26:56 -05:00
Daniel Waterworth dfc449a32e
FIX: Continue if checking themes if updating one fails (#19665) 2023-01-09 11:56:43 -06:00
David Taylor f05da14fb6
DEV: Do not include method definitions in serializer `attributes`
These accidental inclusions are mostly no-ops (because the method name is also included as an explicit symbol). The mistakes were made more obvious because syntax_tree adjusted the indentation of these methods
2023-01-09 14:15:00 +00:00
David Taylor 5a003715d3
DEV: Apply syntax_tree formatting to `app/*` 2023-01-09 14:14:59 +00:00
chapoi a641ce4b62
UX: improve use of space for readability of admin email modal (#19797) 2023-01-09 14:24:58 +01:00
Ted Johansson 06bda1fc62
FIX: wrap plugin outlets on user preference page 2023-01-09 14:17:50 +01:00
Martin Brennan c31772879b
FIX: Disable image optimization in iOS Safari (#19790)
There are various performance issues with the Canvas in iOS Safari
that are causing crashes when processing images with spikes of over 100%
CPU usage. The cause of this is unknown, but profiling points to
CanvasRenderingContext2D.getImageData() and
CanvasRenderingContext2D.drawImage().

Until Safari makes some progress with OffscreenCanvas or other
alternatives we cannot support this workflow. We will revisit in 6
months.

This is gated behind the hidden `composer_ios_media_optimisation_image_enabled`
site setting for people who really still want to try using this.
2023-01-09 12:16:02 +10:00
Alan Guo Xiang Tan 673089a6b4
FIX: Error condition in SidebarSiteSettingsBackfiller (#19787) 2023-01-09 07:01:58 +08:00
dependabot[bot] 15e81b6174
Build(deps): Bump jsdom from 20.0.3 to 21.0.0 in /app/assets/javascripts (#19786)
Bumps [jsdom](https://github.com/jsdom/jsdom) from 20.0.3 to 21.0.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/20.0.3...21.0.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-08 23:41:14 +01:00
Roman Rizzi 7b5f7b4484
FIX: Don't change the default allowed_attribute when calling #sanitize_field (#19770) 2023-01-06 11:47:15 -03:00
David Taylor 5ce5ff053e
FIX: Bump messagebus to v4.3.1 (#19771)
Includes "FIX: Ensure non-long-polling requests are always spaced out": 233b248c96
2023-01-06 14:31:10 +00:00
Matt Marjanović aa4ff47208
FEATURE: Allow `target` attribute in links in user_field descriptions (#19102)
This change adds `target` to the set of attributes allowed by the
HTML sanitizer which is applied to the description of a user_field.

The rationale for this change:

 * If one puts a link (<a>...</a>) in the description of a user_field
   that is present and/or required at sign-up, the expectation is that
   a prospective new user will click on that link during sign-up.
 * Without an appropriate `target` attribute on the link, the new page
   will be loaded in the same window/tab as the sign-up form, but this
   will obliterate any fields that the user had already filled-out on
   the form.  (E.g., hitting the back-button will return to an
   empty form.)
 * Such UX behavior is incredibly aggravating to new users.

This change allows an admin to add a `target` attribute to links, to
instruct the browser to open them in a different window/tab, leaving
a sign-up form intact.
2023-01-06 10:18:35 -03:00
Alan Guo Xiang Tan 1ee9356a54 PR reviews 2023-01-06 09:51:46 +08:00
Alan Guo Xiang Tan f71e3c07dd DEV: Experiment plugin api to add custom count to category section link
This commit introduces the experimental `registerUserCategorySectionLinkCountable`
and `refreshUserSidebarCategoriesSectionCounts` plugin APIs that allows
a plugin to register custom countables to category section links on top
of the defaults of unread and new.
2023-01-06 09:51:46 +08:00
Jamie Wilson 19a0bdc0ee FIX: Link to category settings should use slug
Links to category settings were created using the category name. If the name was a single word, the link would be valid (regardless of capitalization).

For example, if the category was named `Awesome`

`/c/Awesome/edit/settings`

is a valid URL as that is a case-insensitive match for the category slug of `awesome`.

However, if the category had a space in it, the URL would be

`/c/Awesome%20Name/edit/settings`

which does not match the slug of `awesome-name`.

This change uses the category slug, rather than the name, which is the expected behaviour (see `Category.find_by_slug_path`).
2023-01-06 08:42:26 +08:00
Martin Brennan c4ea158656
FIX: Improve tags in email subjects and add filter headers (#19760)
This commit does a couple of things:

1. Changes the limit of tags to include a subject for a
   notification email to the `max_tags_per_topic` setting
   instead of the arbitrary 3 limit
2. Adds both an X-Discourse-Tags and X-Discourse-Category
   custom header to outbound emails containing the tags
   and category from the subject, so people on mail clients
   that allow advanced filtering (i.e. not Gmail) can filter
   mail by tags and category, which is useful for mailing
   list mode users

c.f. https://meta.discourse.org/t/headers-for-email-notifications-so-that-gmail-users-can-filter-on-tags/249982/17
2023-01-06 10:03:02 +10:00
Vinoth Kannan 7ecf4d12a9
FIX: use reviewer's guardian permissions to create post/topic while approve. (#19710)
We previously used post creator's guardian permissions which will raise an error if the reviewer added a staff-only (restricted) tag.

Co-authored-by: Natalie Tay <natalie.tay@discourse.org>
2023-01-05 19:31:37 +05:30
Alan Guo Xiang Tan cf862e7365
SECURITY: Convert send_digest to a post request (#19746)
Co-authored-by: Isaac Janzen <isaac.janzen@discourse.org>
2023-01-05 06:57:12 +08:00
Martin Brennan c2013865d7
FEATURE: Make experimental hashtag autocomplete default for new sites (#19681)
This feature is stable enough now to make it the default going forward
for new sites. Existing sites that have not yet set enable_experimental_hashtag_autocomplete
to `true` will have it set to `false` for their site settings, which was the old default.

c.f https://meta.discourse.org/t/hashtags-are-getting-a-makeover/248866
2023-01-05 08:44:58 +10:00
Martin Brennan 16b9165630
FIX: Bookmark auto delete preference usage and default value (#19707)
This commit fixes an issue where the chat message bookmarks
did not respect the user's `bookmark_auto_delete_preference`
which they select in their user preference page.

Also, it changes the default for that value to "keep bookmark and clear reminder"
rather than "never", which ends up leaving a lot of expired bookmark
reminders around which are a pain to clean up.
2023-01-05 08:43:58 +10:00
Jarek Radosz 1174a94867
DEV: Update json5, remove an unused lockfile (#19732) 2023-01-04 23:15:49 +01:00
Alan Guo Xiang Tan 83944213b2
SECURITY: Delete email tokens when a user's email is changed or deleted (#19735)
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2023-01-05 06:08:55 +08:00
Alan Guo Xiang Tan 692329896a
SECURITY: escape quotes in tag description when rendering (#19730)
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2023-01-05 06:08:32 +08:00
Alan Guo Xiang Tan cbcf8a064b
SECURITY: Don't expose user post counts to users who can't see the topic (#19728)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>

Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-01-05 06:08:19 +08:00
Alan Guo Xiang Tan c0e2d7bada
SECURITY: Sanitize PendingPost titles before rendering to prevent XSS (#19726)
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2023-01-05 06:08:05 +08:00
Alan Guo Xiang Tan ab3a032b4b
SECURITY: BCC active user emails from group SMTP (#19725)
When sending emails out via group SMTP, if we
are sending them to non-staged users we want
to mask those emails with BCC, just so we don't
expose them to anyone we shouldn't. Staged users
are ones that have likely only interacted with
support via email, and will likely include other
people who were CC'd on the original email to the
group.

Co-authored-by: Martin Brennan <martin@discourse.org>
2023-01-05 06:07:50 +08:00
dependabot[bot] f4ab3f4543
Build(deps): Bump @babel/core in /app/assets/javascripts (#19723)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.20.7 to 7.20.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.12/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-04 22:50:20 +01:00
dependabot[bot] ec1c8d3353
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#19722)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.11 to 7.20.12.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.12/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-04 22:42:24 +01:00
David Taylor 45435cbbd5
PERF: Use user-specific channel for message-bus logout (#19719)
Using a shared channel means that every user receives an update to the 'last_id' when *any* other user is logged out. If many users are being programmatically logged out at the same time, this can cause a very large number of message-bus polls.

This commit switches to use a user-specific channel, which means that each user has its own 'last id' which will only increment when they are logged out
2023-01-04 19:55:52 +00:00
Kris dedf19803b
UX: more descriptive sidebar titles, casing (#19717) 2023-01-04 13:40:35 -05:00
Meghna a9f2b62ac0
UX: fix the positioning of topic admin popup menu (#19713) 2023-01-04 17:45:24 +01:00
Gerhard Schlager 8dfe7a68e6
UX: Remove unused strings (#19701)
* Remove unused strings
* Remove trailing quote from string
* Remove even more unused strings (they were removed in c4e10f2a9d)
* Don't use translations in tests which are only available on server
* Use more specific translation (and fix missing translation)
2023-01-04 10:32:53 +01:00
Martin Brennan 42cf32169d
DEV: Refactor autocomplete scrolling element detection (#19706)
Rather than hardcoding `.hashtag-autocomplete__fadeout` as the
div element to scroll in autocomplete, instead pass it in as
an option via `scrollElementSelector`, then we don't have hashtag
template specific things in the autocomplete lib.
2023-01-04 14:11:52 +10:00
chapoi 179f13078e
UX: fix for misalignment in autocomplete (#19693) 2023-01-03 15:20:12 +01:00
Jan Cernik 232e1f25f2
DEV: Refactor whispers_allowed_groups_names (#19691)
Refactor whispers_allowed_groups_names to avoid small N+1
2023-01-03 10:28:39 -03:00
Alan Guo Xiang Tan 24db6fbb73
PERF: Memoize topic level checks in PostGuardian (#19647)
When loading posts in a topic, the topic level guardian
checks are run multiple times even though all the posts belong to the
same topic. Profiling in production revealed that this accounted for a
significant amount of request time for a user that is not staff or anon.
Therefore, we're optimizing this by adding memoizing the topic level
calls in `PostGuardian`. Speficifally, the result of
`TopicGuardian#can_see_topic?` and `PostGuardian#can_create_post?`
method calls are memoized per topic.

Locally profiling shows a significant improvement for normal users
loading a topic with 100 posts.

Benchmark script command: `ruby script/bench.rb --unicorn --skip-bundle-assets --iterations 100`

Before:

```
topic user:
  50: 114
  75: 117
  90: 122
  99: 209
topic.json user:
  50: 67
  75: 69
  90: 72
  99: 162
```

After:

```
topic user:
  50: 101
  75: 104
  90: 107
  99: 184
topic.json user:
  50: 53
  75: 53
  90: 56
  99: 138
```
2023-01-03 09:00:42 +08:00
dependabot[bot] 1664a9d950
Build(deps): Bump eslint in /app/assets/javascripts (#19672)
Bumps [eslint](https://github.com/eslint/eslint) from 8.30.0 to 8.31.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.30.0...v8.31.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-02 13:19:37 +01:00
Rafael dos Santos Silva 01cbc64e19
FIX: Do not show push notification banner for MacOS (#19655) 2022-12-29 14:50:09 -03:00
Isaac Janzen e5349e43af
DEV: Update group moderator behavior to better mimic staff (#19618)
# Context
When a topic is reviewable by a group we give those group moderators some admin abilities including the ability to delete a topic.

# Problem
There are two main problems:

1. Currently when a group moderator deletes a topic they are redirected to root (not the same for staff)
2. Viewing the categories deleted topics (`c/foo/1/?status=deleted`) does not display the deleted topic to the group moderator (not the same for staff).

# Fix
If the `deleted_by` user is part a group that matches the `reviewable_by_group` on a topic then don't redirect. This is the default interaction for staff to give them the ability to do things like restore the topic in case it was accidentally deleted.

To render the deleted topics as expected for the group moderator I am utilizing [the guardian scope of `guardian.can_see_deleted_topics?` for said category](https://github.com/discourse/discourse/pull/19618/files#diff-288e61b8bacdb29d9c2e05b42da6837b0036dcf1867332d977ca7c5e74a44297R802-R803)
2022-12-29 10:07:03 -06:00
Andrei Prigorshnev 5e844793d8
FIX: show status on mentions on just posted posts (#19639)
We show live user status on mentions starting from a76d864. But status didn’t appear on the post that appears on the bottom of the topic just after a user posted it (status appeared only after page reloading). This adds status to just posted posts.
2022-12-29 14:34:59 +04:00
David Taylor 25ad99637d
FIX: Avoid race conditions when toggling presence state (#19648)
We need to set the local state of a channel before performing any async operations. Otherwise, multiple leave/join calls can race against each other and cause the local state to get out-of-sync with the server.

Followup to e70ed31a
2022-12-29 00:44:31 +00:00
dependabot[bot] ec1a7df112
Build(deps): Bump @babel/core in /app/assets/javascripts (#19595)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.20.5 to 7.20.7.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.7/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-28 14:04:13 +00:00
David Taylor f68d6cd6cd
FIX: DButton ellipsis argument (#19640)
This regressed in a8890295
2022-12-28 14:03:58 +00:00
David Taylor 9f0a095405 DEV: Add extra whitespace to tidy up prettified templates 2022-12-28 13:11:12 +00:00
David Taylor c8e2e37fa7 DEV: Apply prettier to hbs files 2022-12-28 13:11:12 +00:00
David Taylor 104a16610a DEV: Configure prettier for hbs templates 2022-12-28 13:11:12 +00:00
dependabot[bot] 61b2d2eade
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#19622)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.6 to 7.20.11.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.11/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-28 13:01:53 +00:00
David Taylor e70ed31a45
PERF: Ignore repeated PresenceChannel leave/join calls (#19638)
If a consumer is calling leave or join on a channel repeatedly, that should not trigger additional HTTP requests
2022-12-28 13:00:08 +00:00
Natalie Tay d914ea8366
FIX: Show topic titles in deleted-posts (#19610)
Show topic titles in deleted-posts
2022-12-28 16:07:06 +08:00
Alan Guo Xiang Tan 070eac16a8
PERF: Optimize the performance of `TopicLink.topic_map` query (#19630)
Instead of relying on the `ILIKE` operator to filter out image links, we
can instead rely on the `TopicLink#extension` column which allows us to
more efficiently filter out image links.

This optimization mainly affects topics that are link heavy which is
common in topics with alot of replies. When profiling a production
instance for a topic with 10K replies and 2.5K `topic_links`, this
optimization reduces the query time from ~18ms to around ~4ms.
2022-12-28 08:10:36 +08:00
Rafael dos Santos Silva 7b53973bd8
DEV: Use WebPush fork for OpenSSL 3 compat (#19627)
* DEV: Use WebPush fork for OpenSSL 3 compat

* add some context on gemfile changes
2022-12-27 15:28:13 -03:00
Vinoth Kannan 598233456d
FEATURE: Warn admins about private group name's exposure to anonymous users. (#19557)
Group names will be used as CSS classes in some components while rendering the public HTML output. It will happen when a group is set as the default primary for users. Or when a group has either a flair icon or flair upload. So we should warn the admins when they restrict the group's visibility level.

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-12-27 13:17:13 +05:30
Jan Cernik d633467c60
FIX: Whisper tooltip shows the allowed groups (#19509) 2022-12-23 15:42:46 -03:00
Jarek Radosz 953b823c5a
DEV: Deprecate `controllerFor` test helper (#19606)
After all the test changes it was only used in a single place in core 🤷

(also updated the recommendation in `assert.not` deprecation message)
2022-12-23 11:33:42 +01:00
Gerhard Schlager 5926386d4f
FIX: Workaround a bug in the R2 gem (#19602) 2022-12-23 12:07:07 +08:00
Alan Guo Xiang Tan 1d926e88a9
FIX: Admin can't see user sidebar preferences of other users (#19570) 2022-12-23 11:45:29 +08:00
Martin Brennan 86cafc7237
FIX: Autocomplete fadeout arrow key chat fix (#19600)
Autocomplete with fadeout was not scrolling on arrow
key press in chat, since the input is treated slightly
differently. We just need to find the fadeout div sooner.

Follow up to 64a7a2aac2
2022-12-23 10:31:30 +10:00
Martin Brennan 641a1a6b44
FIX: Allow for nested chat transcripts (#19572)
The way our markdown raw_html hoisting worked, we only
supported one level of hoisting the HTML content. However
when nesting [chat] transcript BBCode we need to allow
for multiple levels of it. This commit changes opts.discourse.hoisted
to be more constant, and the GUID keys that have the hoisted
content are only deleted by unhoistForCooked rather than
the cook function itself, which prematurely deletes them
when they are needed further down the line.
2022-12-23 09:56:30 +10:00
Alan Guo Xiang Tan a7f30cfcf7
PERF: Fix N+1 queries on /categories route (#19585)
Featured topics are eventually serialized by `ListableTopicSerializer`
which calls `Topic#image_url` which requires us to preload
`Topic#topic_thumbnails`.
2022-12-23 04:29:49 +08:00
chapoi b756866334
UX: switch webkit to pseudoelement for fadeout (#19587) 2022-12-22 21:23:58 +01:00
Ella E 3c0a4b37d0
UX: Setup wizard copy changes and vertically stack logo fields (#19583)
* copy changes to setup wizard step title
* make logo upload stacking; tweaks on medium size screen view
2022-12-22 10:15:09 -07:00
David Taylor b1b53da71d
DEV: Improve performance of system test `sign_in` helper (#19579)
Previously, calling `sign_in` would cause the browser to be redirected to `/`, and would cause the Ember app to boot. We would then call `visit()`, causing the app to boot for a second time.

This commit adds a `redirect=false` option to the `/session/username/become` route. This avoids the unnecessary boot of the app, and leads to significantly faster system spec run times.

In local testing, this takes the full system-spec suite for chat from ~6min to ~4min.
2022-12-22 16:03:27 +00:00
Jarek Radosz 263cd02a27
DEV: Get rid of all discourseModule uses (#19576)
QUnit's `module` and `setupTest` is the way
2022-12-22 13:13:28 +01:00
Andrei Prigorshnev c0b21bf9cf
FIX: styles of user status on mentions (#19563)
Reported in https://meta.discourse.org/t/users-mentions-wrongly-show-their-status-with-the-emoji/249534.

The problem was that we had styles for user status on mentions in the calendar plugin. So it looked fine on sites with Discourse Calendar but not on sites without it.
2022-12-22 14:15:52 +04:00
dependabot[bot] c933dbfc2c
Build(deps): Bump @ember/test-helpers in /app/assets/javascripts (#19566)
Bumps [@ember/test-helpers](https://github.com/emberjs/ember-test-helpers) from 2.9.1 to 2.9.3.
- [Release notes](https://github.com/emberjs/ember-test-helpers/releases)
- [Changelog](https://github.com/emberjs/ember-test-helpers/blob/v2.9.3/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-test-helpers/compare/v2.9.1...v2.9.3)

---
updated-dependencies:
- dependency-name: "@ember/test-helpers"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 10:38:01 +01:00
Martin Brennan 64a7a2aac2
FIX: Autocomplete arrow scroll for mention (#19571)
Follow up to 8820e9418a,
only the hashtag autocomplete has a fadeout scroll, so
we still need to scroll on the original div in some
cases (e.g. mentions)
2022-12-22 17:01:51 +10:00
Alan Guo Xiang Tan 954b39f5ec
FIX: Sidebar preferences link shown when navigation menu is legacy (#19568) 2022-12-22 07:58:06 +08:00
Penar Musaraj e90c2cabfc
UX: Temporarily revert autocomplete highlight change (#19554)
This affects custom themes too much, reverting for now while we work
on a more robust solution.
2022-12-21 10:11:53 -05:00
Andrei Prigorshnev 2031b75055
FIX: Quoting a mention with status emoji breaks the mention (#19530) 2022-12-21 18:21:53 +04:00
Bianca Nenciu 8f9933d1dd
DEV: Add default results option to user-chooser (#19521)
defaultSearchResults search option can be used to show a list of results
by default, before any search ran, when the filter is empty.
2022-12-21 14:47:47 +02:00
Joffrey JAFFEUX d2e24f9569
DEV: start glimmer-ification and optimisations of chat plugin (#19531)
Note this is a very large PR, and some of it could have been splited, but keeping it one chunk made it to merge conflicts and to revert if necessary. Actual new code logic is also not that much, as most of the changes are removing js tests, adding system specs or moving things around.

To make it possible this commit is doing the following changes:

- converting (and adding new) existing js acceptances tests into system tests. This change was necessary to ensure as little regressions as possible while changing paradigm
- moving away from store. Using glimmer and tracked properties requires to have class objects everywhere and as a result works well with models. However store/adapters are suffering from many bugs and limitations. As a workaround the `chat-api` and `chat-channels-manager` are an answer to this problem by encapsulating backend calls and frontend storage logic; while still using js models.
- dropping `appEvents` as much as possible. Using tracked properties and a better local storage of channel models, allows to be much more reactive and doesn’t require arbitrary manual updates everywhere in the app.
- while working on replacing store, the existing work of a chat api (backend) has been continued to support more cases.
- removing code from the `chat` service to separate concerns, `chat-subscriptions-manager` and `chat-channels-manager`, being the largest examples of where the code has been rewritten/moved.

Future wok:
- improve behavior when closing/deleting a channel, it's already slightly buggy on live, it's rare enough that it's not a big issue, but should be improved
- improve page objects used in chat
- move more endpoints to the API
- finish temporarily skipped tests
- extract more code from the `chat` service
- use glimmer for `chat-messages`
- separate concerns in `chat-live-pane`
- eventually add js tests for `chat-api`, `chat-channels-manager` and `chat-subscriptions-manager`, they are indirectly heavy tested through system tests but it would be nice to at least test the public API

<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in JavaScript). If your code does not include test coverage, please include an explanation of why it was omitted. -->
2022-12-21 13:21:02 +01:00
Martin Brennan 8820e9418a
FIX: Hashtag autocomplete scrolling arrow keys with fadeout (#19541)
Follow-up to 8db1f1892d,
this makes the hashtag autocomplete scrolling with arrow
keys work with the new fadeout element that is now used
for the scroll container.
2022-12-21 15:15:02 +10:00
Martin Brennan e15b382666
FIX: Include tags inside tag groups for hashtag search (#19539)
We were using the `for_input: true` param when calling
DiscourseTagging, which is really meant for selecting tags
in the UI, which often need a parent tag selected first
before the child tags in tag group will show. We just
want to show all tags regardless of grouping in hashtag
search.`
2022-12-21 15:14:50 +10:00
Ella E 5443860130
FIX: responsive buttons and wider content container (#19542) 2022-12-20 19:13:00 -07:00
chapoi 70eda1d84b
UX: update classname to something non-conflicting (#19529) 2022-12-20 12:14:58 +01:00
Martin Brennan 1b49a90e5b
FIX: Do not return muted child categories termless hashtag search (#19526)
We generally do not return muted child categories to the user
if they have muted the parent category, this commit respects that
rule for CategoryHashtagDataSource
2022-12-20 13:45:03 +10:00
Blake Erickson ae2153b330
UX: Wizard Step Enhancements (#19487)
* UX: Wizard Step Enhancements

- Remove illustrations
- Add Emoji graphic to top of steps
- Add description below step title
- Move point of contact to last step

* Move step count to header, plus some button navigation tweaks

* add remaining emoji to step headers

* fix button logic on steps

* Update Point of Contact

* remove automated messages field

* adjust styling for counter, title, and emoji

* Update wording for logos

* Fix tests

* fix prettier

* fix specs

* set same with for steps except for styling screen

* use sentence case; remove duplicate copy under your organization fields

* fix missing buttons on small screens

* add spacing to buttons; adjust font weight to labels

* adjust styling for community logo step; use sentence case for button

* update copy for point of contact text helper

* use sentence case for field labels

* fix ui tests

* use btn-back class to fix ui tests

* reduce bottom margin for toggle fields

* clean up

Co-authored-by: Ella <ella.estigoy@gmail.com>
2022-12-19 17:24:09 -07:00
Kris bd5f57e90c
FEATURE: add user toggle to mask/unmask passwords (#19306) 2022-12-19 18:56:51 -05:00
Selase Krakani 7ba115769a
DEV: Skip push notifications for active online users (#19502)
* DEV: Skip push notifications for active online users

Currently, users with active push subscriptions get push notifications
regardless of their "presence" on the site.

This change introduces a `push_notification_time_window_mins`
site setting which is used in conjunction with a user's `last_seen_at` to
determine if push notifications should be sent. A user is considered to
be actively online if their `last_seen_at` is within `push_notification_time_window_mins`
minutes. `push_notification_time_window_mins` is set to 10 by default.

* DEV: Remove client param for push_notification_time_window_mins site setting

Co-authored-by: Bianca Nenciu <nbianca@users.noreply.github.com>

Co-authored-by: Bianca Nenciu <nbianca@users.noreply.github.com>
2022-12-19 20:17:40 +00:00
dependabot[bot] 155c400ec7
Build(deps): Bump ember-qunit in /app/assets/javascripts (#19519)
Bumps [ember-qunit](https://github.com/emberjs/ember-qunit) from 6.0.0 to 6.1.1.
- [Release notes](https://github.com/emberjs/ember-qunit/releases)
- [Changelog](https://github.com/emberjs/ember-qunit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-qunit/compare/v6.0.0...v6.1.1)

---
updated-dependencies:
- dependency-name: ember-qunit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 19:04:55 +01:00
Bianca Nenciu 1ad06eb764
UX: Redesign and refactor penalty modals (#19458)
This merges the two modals code to remove duplication and implements
a more consistent design.
2022-12-19 19:36:03 +02:00
chapoi 8db1f1892d
UX: Hashtag autocomplete styling (#19426)
* UX: added fadeout + hashtag styling

UX: add full name to autocomplete

UX: autocomplete mentions styling

UX: emoji styling user status

UX: autocomplete emoji

* DEV: Move hashtag tag counts into new secondary_text prop

* FIX: Add is-online style to mention users via chat

UX: make is-online avatar styling globally available

* DEV: Fix specs

* DEV: Test fix

Co-authored-by: Martin Brennan <martin@discourse.org>
2022-12-19 12:31:45 +01:00
dependabot[bot] c5957490df
DEV: Update `@ember/test-helpers` and fix chat test (#19495)
We were triggering a `/` key press and it was passing because of 1. a bug in `@ember/test-helpers` and 2. how we handle events in chat

Dependabot PR description:

Build(deps): Bump @ember/test-helpers in /app/assets/javascripts

Bumps [@ember/test-helpers](https://github.com/emberjs/ember-test-helpers) from 2.8.1 to 2.9.1.
- [Release notes](https://github.com/emberjs/ember-test-helpers/releases)
- [Changelog](https://github.com/emberjs/ember-test-helpers/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-test-helpers/compare/v2.8.1...v2.9.1)

---
updated-dependencies:
- dependency-name: "@ember/test-helpers"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-12-19 11:23:31 +01:00
Krzysztof Kotlarek a6edd6ea61
FIX: discourse-follow notification types (#19513)
Bring information about discourse-follow notification types to Core

https://github.com/discourse/discourse-follow/blob/main/plugin.rb#L32
2022-12-19 15:57:35 +11:00
Martin Brennan 6b9c0ee554
DEV: Change HashtagAutocompleteService to use DiscoursePluginRegistry (#19491)
Follow up to a review in #18937, this commit changes the HashtagAutocompleteService to no longer use class variables to register hashtag data sources or types in context priority order. This is to address multisite concerns, where one site could e.g. have chat disabled and another might not. The filtered plugin registers I added will not be included if the plugin is disabled.
2022-12-19 13:46:17 +10:00
Alan Guo Xiang Tan 5bd29b89dd
DEV: Add missing test case (#19510)
Follow-up to f77660b047
2022-12-19 10:09:19 +08:00
dependabot[bot] 4adb457ced
Build(deps): Bump sass from 1.56.2 to 1.57.0 in /app/assets/javascripts (#19507)
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.2 to 1.57.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.56.2...1.57.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 00:04:44 +01:00
dependabot[bot] 8896b597dc
Build(deps): Bump eslint in /app/assets/javascripts (#19506)
Bumps [eslint](https://github.com/eslint/eslint) from 8.29.0 to 8.30.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.29.0...v8.30.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-18 23:10:09 +01:00
Bianca Nenciu b80765f1f4
DEV: Remove enable_whispers site setting (#19196)
* DEV: Remove enable_whispers site setting

Whispers are enabled as long as there is at least one group allowed to
whisper, see whispers_allowed_groups site setting.

* DEV: Always enable whispers for admins if at least one group is allowed.
2022-12-16 18:42:51 +02:00
Jeff Wong 947711ae15 DEV: drop tagName and connectorTagName on timeline controls plugin outlets 2022-12-16 05:41:33 -10:00
Jeff Wong 9370c91a7a DEV: add topic timeline plugin outlets 2022-12-16 05:41:33 -10:00
Andrei Prigorshnev 51c20efa9b
FIX: a string usage that was lost during git merge (#19493)
I've somehow lost this change when merging 2d628c8.
2022-12-16 19:11:12 +04:00
Andrei Prigorshnev 2d628c80a1
UX: rename "Do Not Disturb" to "Pause Notifications" (#19483)
We decided to rename the "Do Not Disturb" mode to "Pause Notifications". I am starting from changing strings on the client, that will update user interface. And I'm going to do renamings in frontend and backend code after some time.
2022-12-16 17:10:59 +04:00
Andrei Prigorshnev 4908a669e0
FEATURE: integrate DnD with user status (#19410)
This PR adds a new "Pause notifications" checkbox to the user status modal. This checkbox allows enabling the Do-Not-Disturb mode together with user status. Note that we don't remove and don't rename the existing DnD menu item in this PR, so the old way of entering the DnD mode is still available.

Also, we're not making DnD mode a part of user status on backend and in database. The reason is that the DnD mode should still be available on sites with disabled user status, having them separated helps keep the implementation simple.
2022-12-16 16:35:39 +04:00
dependabot[bot] 3c6ef38309
Build(deps): Bump sinon from 15.0.0 to 15.0.1 in /app/assets/javascripts (#19485)
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.0.0 to 15.0.1.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v15.0.0...v15.0.1)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-16 11:23:54 +01:00
Selase Krakani 382757d1bd
FEATURE: Add support for desktop push notifications in core (#19375)
* FEATURE: Add support for desktop push notifications in core

Default to push for live notifications on desktop if available and
`enable_desktop_push_notifications` site setting set to true.

This removes the need for desktop-push-notifications plugin.

* DEV: Ensure live notifications are enabled explicitly

Allow a user with push notification access who has directly
enabled notifications via the browser settings to trigger push subscription
flow.
2022-12-16 03:35:33 +00:00
Rafael dos Santos Silva 4edeb7d9eb
DEV: Remove use of deprecated methods (#19486) 2022-12-15 22:08:05 -03:00
Martin Brennan 98e3e90aa2
FIX: Allow backspace into hashtag autocomplete (#19489)
Way back in 90100378b8 when
we first added hashtag autocompletion, we added a rule to
say we should not trigger autocomplete when backspacing into
a hashtag. I think this is because we used to also not trigger
it at the start of the line because of how markdown headers
used to work. We removed this rule in 6f0b9bb1c4
so we are safe to remove the backspace exception here too.
Now you can backspace into a hashtag to trigger the autocomplete.
2022-12-16 11:02:36 +10:00
Martin Brennan dcc9611aec
FIX: Scroll autocomplete container on arrow press (#19478)
The autocomplete container has not needed to be
scrolled with arrow keys until we introduced the new
hashtag autocomplete, which shows more options and allows
scrolling. This commit scrolls the options up/down when
selecting an item outside the scroll with arrow keys.
2022-12-16 10:28:22 +10:00
Martin Brennan 624b1b3820
FIX: Remove user_option saving for bookmark auto delete pref (#19476)
We were changing the user's user_option.bookmark_auto_delete_preference
to whatever they changed it to in the bookmark modal to use as default
for future bookmarks. However this was leading to a lot of confusion
since if you wanted to set it for one bookmark you had to remember to
change it back on the next one.

This commit removes that automatic functionality, and instead moves
the bookmark auto delete preference to User Preferences > Interface
in an explicit dropdown.
2022-12-16 08:50:31 +10:00
Kris b1e08364ef
DEV: add title class name, prefix username class (#19482) 2022-12-15 17:18:08 -05:00
Wolftallemo 983a56e3bd
FIX: FIX: Correctly parse Mandrill webhooks (#17116)
Mandrill sends webhook messages as a URL-encoded body, with the
mandrill_events property as an encoded JSON array.
2022-12-15 23:21:07 +02:00
Bianca Nenciu 1f6e9bd5a9
UX: Add tooltip why file upload is disabled (#19471)
Follow up to commit 0cc6e678bb.
2022-12-15 22:57:11 +02:00
Osama Sayegh 1c03d6f9b9
FEATURE: Send notifications to admins when new features are released (#19460)
This commit adds a new notification that gets sent to admins when the site gets new features after an upgrade/deploy. Clicking on the notification takes the admin to the admin dashboard at `/admin` where they can see the new features under the "New Features" section.

Internal topic: t/87166.
2022-12-15 20:12:53 +03:00
Jordan Vidrine ef62c85a12
FIX: Add REPLACEMENTS icons to styleguide 2022-12-15 09:12:18 -06:00
Martin Brennan ec9ec1e04e
FEATURE: Sort hashtags starting with term higher priority (#19463)
This introduces another "section" of queries to the
hashtag autocomplete search, which returns results for
each type that start with the search term. So now results
will be in this order, and within these sections ordered
by the types in priority order:

1. Exact matches sorted by type
2. "starts with" sorted by type
3. Everything else sorted by type then name within type
2022-12-15 13:01:44 +10:00
Penar Musaraj b1b8a7ebfe
DEV: Update Twitter meta tags while navigating in app (#19468)
We update `og:title`, `og:url`, might as well update `twitter:title`
and `twitter:url`. This might also fix a Chrome/Android issue where the
root URL is shared instead of the current page's URL.
2022-12-14 14:33:09 -05:00
Kris f77660b047
DEV: API to add classes to small actions (#19453) 2022-12-14 10:30:45 -05:00
chapoi 6f9843803d
UX: add new boxshadow variation (#19450) 2022-12-14 12:35:23 +01:00
Jan Cernik ca1d76f197
DEV: Reduce text-size cookie duration (#19445)
Following the same behavior as the theme/color-scheme cookies, now the
cookie expires in 1 year and automatically extends on every user visit.
2022-12-14 07:02:09 -03:00
Andrei Prigorshnev ff5a0bec89
FEATURE: show user status on group pages (#19323)
This adds live user status to /g/{group-name} routes.
2022-12-14 13:18:09 +04:00
Blake Erickson 5c925f2db3
FEATURE: Chat and Sidebar are now on by default (#19406)
FEATURE: Chat and Sidebar are now on by default

- Set the sidebar site setting to be enabled by default
- Set the chat site setting to be enabled by default
- Updated existing specs that assumed the original default
- Use a migration to keep old defaults for existing sites
2022-12-13 17:25:19 -07:00
Krzysztof Kotlarek aa3a9b6fea
FEATURE: Differentiate notification type for directly vs indirectly watched topic (#19433)
When user is watching category or tag (watching or watching first post) notifications are moved to other tab.

To achieve that and distinguish between post create to directly watched topics and indirectly watched topics, new notification type called `watching_category_or_tag` was introduced.
2022-12-14 10:22:26 +11:00
chapoi 211700bc5c
UX: change highlight colour (#19451) 2022-12-14 07:14:28 +08:00
Alan Guo Xiang Tan 5d2e2677c0
FIX: Invalid route path for staff info warnings link (#19461)
This regressed in 4da2e3fef4
2022-12-14 07:14:01 +08:00
Sérgio Saquetim 506d26df26
DEV: Export default category link renderer to be used on plugins and theme-components (#19455) 2022-12-13 18:41:36 -03:00
Gerhard Schlager c94401e024
DEV: Remove unused section from "Customize Theme" UI (#19449) 2022-12-13 20:13:35 +01:00
Rafael dos Santos Silva 0434de6cee
DEV: Compatibility with Ruby 3.2 (#19303) 2022-12-13 16:03:53 -03:00
Penar Musaraj f58eaf529f
FIX: Remove console warning for "nohighlight" (#19447) 2022-12-13 13:43:31 -05:00
Jordan Vidrine f29291a869
user input adjustments (#19446) 2022-12-13 10:13:48 -06:00
Penar Musaraj d2efc84cba
FIX: Reset search controller state (#19402)
Fixes an issue on mobile where navigating away from search and returning
results in confusing UI where there are no results but headings says "N
results found".
2022-12-13 09:50:44 -05:00
Andrei Prigorshnev 337a033f3b
FIX: Make sure user status on mentions doesnt fail in plugins (#19442)
This fixes the problem reported in https://meta.discourse.org/t/trackstatus-error-in-docs-topics/248717 and also guarantees that the same problem won't appear in other plugins.

The problem was that we're calling trackStatus() and on() on a user object, but that only works if it's a user model and fails on plain js objects.

I'm not adding tests here because in Core we always have a properly wrapped user model here. But this fix makes sure that plugins that don't won't fail here.
2022-12-13 16:51:11 +04:00
Jarek Radosz fd405179a7
DEV: Modernize the remaining admin-webhooks parts (#19438) 2022-12-13 13:32:34 +01:00
Jarek Radosz 0671a95cd6
FIX: GitHub onebox ellipsis styling regressed in 9d03f20 (#19441) 2022-12-13 12:01:48 +01:00
David Taylor e540c4584b
DEV: Remove deprecation config for ember-modifier (#19439)
These deprecation messages were removed in 4.x, which we upgraded to in 2e22453057
2022-12-13 10:28:44 +00:00
dependabot[bot] 2e22453057
Build(deps): Bump ember-modifier in /app/assets/javascripts (#19437)
Bumps [ember-modifier](https://github.com/ember-modifier/ember-modifier) from 3.2.7 to 4.0.0.
- [Release notes](https://github.com/ember-modifier/ember-modifier/releases)
- [Changelog](https://github.com/ember-modifier/ember-modifier/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ember-modifier/ember-modifier/compare/v3.2.7...v4.0.0)

---
updated-dependencies:
- dependency-name: ember-modifier
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-13 10:56:07 +01:00
Jarek Radosz f9bdda84ca
DEV: Admin webhooks interface issues (#19360)
1. The events table had broken styling, making each row overflow
2. It had confusing routes: `/:id` for "edit" and `/:id/events` for "show" (now it's `/:id/edit` and `/:id` respectively)
3. There previously was an unused backend action (`#edit`) - now it is used (and `web_hooks/:id/events` route has been removed)
4. There was outdated/misplaced/duplicated CSS
5. And more
2022-12-13 01:53:08 +01:00
Alan Guo Xiang Tan 0abd772098
DEV: Pass in site guardian for `Plugin::Instance.register_site_categories_callback` (#19430)
The guardian is useful for plugins to determine if the callback should
do anything. A common use case is to not do anything in the callback if
the user is anonymous.
2022-12-13 07:49:13 +08:00
Blake Erickson de53cf7657
FEATURE: Add chat and sidebar toggles to the setup wizard (#19347)
* FEATURE: Add chat and sidebar toggles to the setup wizard

- Fix css alighnment
- Add Enable Chat Toggle
- Add Enable Sidebar Toggle

* Check for the chat plugin

* Account for new sidebar step

* update chat and sidebar description

* UI: add checkmark as a visual indicator that it is enabled

* use new navigation_memu site setting for enabling the sidebar

* fix tests

* Add tests

* Update lib/wizard/step_updater.rb

Use HEADER_DROPDOWN instead of LEGACY

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>

* Fix spec. Use HEADER_DROPDOWN instead of LEGACY

Co-authored-by: Ella <ella.estigoy@gmail.com>
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-12-12 14:30:21 -07:00
Kris c748bee0f5
FIX: more specific class name to avoid collision (#19428) 2022-12-12 15:02:51 -05:00
Kris 1719075352
UX: include space between elements in kbd tag (#19427) 2022-12-12 13:53:48 -05:00
Kris 9d03f207fa
UX: more consistent style for the new topic banner (#19405) 2022-12-12 12:56:25 -05:00
Gerhard Schlager 15f98f727a REFACTOR: Replace unnecessary Message Format string 2022-12-12 17:01:04 +01:00
Gerhard Schlager 03f0b4f54b REFACTOR: Replace concatenated strings to simplify translation 2022-12-12 17:01:04 +01:00
Gerhard Schlager d059c64485 REFACTOR: Update Message Format string to simplify translation 2022-12-12 17:01:04 +01:00
Gerhard Schlager 584abbda54 REFACTOR: Update Message Format string to simplify translation 2022-12-12 17:01:04 +01:00
Jarek Radosz 19214aff18
DEV: Clean up all message bus subscriptions (#19268)
1. "What Goes Up Must Come Down" – if you subscribe to message bus, make sure you also unsubscribe
2. When you unsubscribe - remove only your subscription, not **all** subscriptions on given channel

Attempt #2. The first attempt tried to extend a core `@bound` method in new-user-narrative plugin which did not work. I reworked that plugin in the meantime. This new PR also cleans up message bus subscriptions in now core-merged chat plugin.
2022-12-12 16:32:25 +01:00
Jarek Radosz 93a4012ecb
DEV: Drop helper context setup in tests (#19423) 2022-12-12 15:20:48 +01:00
jbrw 1a48ea767e
DEV: Allow additional TopicList preloaded associations (#18891)
This provides a means to allow additional associations to be preloaded when generating a TopicList.
2022-12-12 09:08:13 -05:00
Jarek Radosz 2a4fea4372
FIX: Multipart uppy upload regression in 80e422c (#19424) 2022-12-12 13:39:40 +01:00
Jarek Radosz 0464f9d2be
DEV: Prefer `site` injection over import (#14982)
And in helpers use `helperContext().site`
2022-12-12 12:53:55 +01:00
Jarek Radosz 80e422cea3
DEV: Update uppy to 3.x (#18219) 2022-12-12 12:08:57 +01:00
Martin Brennan 735e96e5a0
FIX: Ensure hashtag autocomplete is not behind keyboard in chat (#19419)
We must set `treatAsTextarea` to true when using autocomplete
in the chat composer, since it is at the bottom of the screen
we always want to show it above the composer. This fixes the
issue where the hashtag autocomplete results went behind the
keyboard on mobile (which was not happening for mentions).
2022-12-12 15:14:51 +10:00
Alan Guo Xiang Tan 332ac0f299
UX: Exclude child catgegories of muted category in similar to search (#19414)
Follow-up to 207b764ea3
2022-12-12 06:31:46 +08:00
dependabot[bot] 278ef8f854
Build(deps): Bump sass from 1.56.1 to 1.56.2 in /app/assets/javascripts (#19413)
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.1 to 1.56.2.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.56.1...1.56.2)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-11 22:40:22 +01:00
Selase Krakani 656d0fa762
DEV: Use isSecureContext for service worker registrations (#19407)
Currently, we check if the site is loaded over `https` before
registering the service worker. This prevents the service worker from
being registered in a standard dev/test setup.

This change replaces the protocol check with `isSecureContext`
property check.

In addition to resources delivered over `https`, `isSecureContext`
returns `true` for resources loaded over `http://127.0.0.1`, `http://localhost`,
`http://*.localhost` and `file://`.
2022-12-11 16:37:41 +00:00
Kris 07e4b7550d
DEV: relocate `:root` CSS custom properties (#19389) 2022-12-09 14:33:15 -05:00
Blake Erickson 552f16fc95
FIX: Broken images on subfolder installs (#19404)
Use the `Discourse.base_path` when linking to hard coded images used in
the UI so that the correct subfolder path is used if present.

Follow up: 5c67b073ae
2022-12-09 11:24:12 -07:00
Renato Atilio 5c67b073ae
FIX: broken emoji url on password reset w/ subfolder (#19373)
* FIX: broken emoji url on password reset w/ subfolder

* Use Discourse.base_path to account for subfolder

I do like where you are going with using Emoji.url_for but due to the
lack of svg support currently I think we need to use the current svg
file we have. The emoji png files we have render too blurry at high
resolution.

This commit uses the `Discourse.base_path` so that a subfolder install
will have the correct image path.

I do think in the future we should do some work around using a helper
similar to Emoji.url_for with svg support so that we better standardize
our use of these emojis.

Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>
2022-12-09 10:01:43 -07:00
Penar Musaraj 0c50bacbc0
UX: Omit instruction note when `email_time_window_mins` is off (#19385)
A translator noted that this string is odd: "We'll email you immediately
if you haven't read the thing we're emailing you about." We show this
note in the user profile when the user has chosen to be emailed "only
when away" and the site has `email_time_window_mins` off. The message
essentially says that "only when away" in this particular site's config
means "Always".

I think it is best to show no description here. In an ideal world, the
"Only when away" option shouldn't be there when `email_time_window_mins`
is off. But it is rare to choose that override, and adding proper support
for that use case would be complicated.
2022-12-08 21:31:18 -05:00
Krzysztof Kotlarek f449113c8b
FIX: new pm notification should take precedence over mention (#19391)
When a new private message is created with mention inside, notification about private message should take precedence over mention notification.

https://meta.discourse.org/t/notification-badge-for-pm-mentioning-you/232950
2022-12-09 12:23:11 +11:00
Martin Brennan b2acc416e7
FIX: Server-side hashtag lookups of secure categories for a user (#19377)
* FIX: Use Category.secured(guardian) for hashtag datasource

Follow up to comments in #19219, changing the category
hashtag datasource to use Category.secured(guardian) instead
of Site.new(guardian).categories here since the latter does
more work for not much benefit, and the query time is the
same. Also eliminates some Hash -> Model back and forth
busywork. Add some more specs too.

* FIX: Server-side hashtag lookup cooking user loading

When we were using the PrettyText.options.currentUser
and parsing back and forth with JSON for the hashtag
lookups server-side, we had a bug where the user's
secure categories were not loaded since we never actually
loaded a User model from the database, only parsed it
from JSON.

This commit fixes the issue by instead using the
PretyText.options.userId and looking up the user directly
from the database when calling hashtag_lookup via the
PrettyText::Helpers code when cooking server-side. Added
the missing spec to check for this as well.
2022-12-09 10:34:25 +10:00
Jordan Vidrine 5d15a96e82
Remove negative margin on wizard preview (#19381) 2022-12-09 05:33:41 +08:00
Rafael dos Santos Silva 9f3760cfd8
FEATURE: Allow category moderators to set auto deletion topic timers (#19383)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-12-08 17:14:43 -03:00
Bianca Nenciu 86d49f4fb1
FIX: Show last match time of screened IP address (#19382)
The labels are hidden on the desktop and it was hidden using CSS.
2022-12-08 19:45:55 +02:00
Bianca Nenciu 187b0bfb43
FEATURE: Show similar users when penalizing a user (#19334)
* FEATURE: Show similar users when penalizing a user

Moderators will be notified if other users with the same IP address
exist before penalizing a user.

* FEATURE: Allow staff to penalize multiple users

This allows staff members to suspend or silence multiple users belonging
to the same person.
2022-12-08 14:42:33 +02:00
Jarek Radosz 22cae0022a
FIX: Admin webhook regression in 321b14d (#19379)
In the meantime, before #19360 lands.
2022-12-08 11:57:04 +01:00
David Taylor 03fadf91f0
FEATURE: Optionally allow a separate `s3_asset_cdn_url` to be specified (#19284)
If configured, this will be used for static JS assets which are stored on S3. This can be useful if you want to use different CDN providers/configuration for Uploads and JS
2022-12-08 10:36:20 +00:00
Martin Brennan 3fdb8ffb57
FEATURE: Allow showing hashtag autocomplete results without term (#19219)
This commit allows us to type # in the UI and present autocomplete
results immediately with the following logic for the topic composer,
and reversed for the chat composer:

* Categories the user can access and has not muted sorted by `topic_count`
* Tags the user can access and has not muted sorted by `topic_count`
* Chat channels the user is a member of sorted by `messages_count`

So in effect, we allow searching for hashtags without a search term.
To do this we add a new `search_without_term` to each data source so
each one can define how it wants to handle this logic.
2022-12-08 13:47:59 +10:00
Alan Guo Xiang Tan fde9e6bc25
DEV: Migrate sidebar site settings (#19336)
This new site setting replaces the
`enable_experimental_sidebar_hamburger` and `enable_sidebar` site
settings as the sidebar feature exits the experimental phase.

Note that we're replacing this without depreciation since the previous
site setting was considered experimental.

Internal Ref: /t/86563
2022-12-08 09:44:29 +08:00
Kris f7f0ca801b
UX: improve nav for user messages on small screens (#19362)
This prevents long inbox names from causing issues in the dropdown on /my/messages and tries a new mobile layout that makes better use of the available space:
2022-12-08 08:51:26 +08:00
Alan Guo Xiang Tan c79eec7fdc
DEV: Add system test for updating color scheme of a theme (#19370)
Follow-up to 63119144ff
2022-12-08 08:38:36 +08:00
Martin Brennan af9907bb50
FIX: Duplicate hashtag lookup results based on permissions (#19337)
When looking up hashtags which were conflicting (e.g.
management::tag and management) where the user did
not have permission for one of them, we ended up returning
the one they did have permission to (e.g. the tag) twice
because of the way the lookup fallback code worked. This
fixes the issue, and another related one where the
::type was not added to the found item's .ref, and
so the hashtag replacement on the client was not working
correctly.
2022-12-08 10:03:31 +10:00
Krzysztof Kotlarek e313190fdb
FEATURE: better UI to manage 2fa (#19338)
In this PR, we introduced an option, that when all authenticators are disabled, but backup codes still exists, user can authenticate with those backup codes. This was reverted as this is not expected behavior.

https://github.com/discourse/discourse/pull/18982

Instead, when the last authenticator is deleted, backup codes should be deleted as well. Because this disables 2fa, user is asked to confirm that action by typing text.

In addition, UI for 2fa preferences was refreshed.
2022-12-08 09:41:22 +11:00
Penar Musaraj 63119144ff
FIX: Use correct property for theme's `color_scheme_id` (#19363)
Regressed in 7d7551adfc
2022-12-08 08:21:51 +11:00
Bianca Nenciu 16e3bc3ff4
FIX: Do not reset seen popups when skip_new_user_tips is false (#19345)
* FIX: Save only visible fields from the sidebar page

* FIX: Do not reset seen popups when set to false

If the option was unchecked, but it was not changed at all by the user
it was still sent to the server as a 'false' value which reset all seen
popups. This removes that behavior and resetting the list of seen popups
must be done using the "skip new user tips" button.
2022-12-07 18:27:10 +02:00
Penar Musaraj fc22790405
UX: Adjust emoji size in mentions (#19355)
Using pixel sizes to match what we do with a similar element in sidebar.
2022-12-07 10:17:29 -05:00
David Taylor 566793208e
DEV: Support colocation under `/admin` namespace in themes/plugins (#19353) 2022-12-07 14:24:03 +00:00
Andrei Prigorshnev f2d0832618
FIX: profile page is not loading (#19351)
When looking as an anonymous user at a profile page of another user (who has user status with an ending date) the profile page wasn't loading.

Reported in https://meta.discourse.org/t/profile-page-not-loading/247928.
2022-12-07 16:09:50 +04:00
Jarek Radosz d3649873a2
DEV: Replace preferences/username route with a component (#19318)
That was a weird UX (why hide the preferences navigation?) and a deprecated implementation (manually rendering a template into a named outlet)

This PR replaces it with an inline component.
2022-12-07 11:16:01 +01:00
Alan Guo Xiang Tan 207b764ea3
UX: Exclude search ignored and user muted categories in similarity search (#19349)
When finding the candidates for `Topic.similar_to`, we will now ignore
topics in categories where `Category#search_priority` has been set to
ignore and also topics in categories which the user has specifically
muted.

Internal Ref: /t/87132
2022-12-07 11:33:01 +08:00
Andrei Prigorshnev 26a45e8166
FIX: error when opening a previously deleted post (#19346)
The repro for the bug:

Add a post with a mention of a user
Post another post below
Delete the first post with a mention
Reload the page and try to attempt to view hidden reply
2022-12-06 23:49:34 +04:00
Isaac Janzen b341f75400
DEV: Render the scroll area at correct times (#19333)
- Only display topic actions (reply / notification bell) under correct circumstances (multiple posts present, etc)
- Moves topic actions from `glimmer-topic-timeline` into `glimmer-topic-timeline/container` where it should be
2022-12-06 13:35:02 -06:00
Roman Rizzi 9c8043a4d2
FEATURE: Enforce mention limits for chat messages (#19034)
* FEATURE: Enforce mention limits for chat messages

The first part of these changes adds a new setting called `max_mentions_per_chat_message`, which skips notifications when the message contains too many mentions. It also respects the `max_users_notified_per_group_mention` setting
and skips notifications if expanding a group mention would exceed it.

We also include a new component to display JIT warning for these limits to the user while composing a message.

* Simplify ignoring/muting filter in chat_notifier

* Post-send warnings for unsent warnings

* Improve pluralization

* Address review feedback

* Fix test

* Address second feedback round

* Third round of feedback

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2022-12-06 14:54:04 -03:00
Andrei Prigorshnev a76d864c51
FEATURE: Show live user status on inline mentions on posts (#18683)
Note that we don't have a database table and a model for post mentions yet, and I decided to implement it without adding one to avoid heavy data migrations. Still, we may want to add such a model later, that would be convenient, we have such a model for mentions in chat.

Note that status appears on all mentions on all posts in a topic except of the case when you just posted a new post, and it appeared on the bottom of the topic. On such posts, status won't be shown immediately for now (you'll need to reload the page to see the status). I'll take care of it in one of the following PRs.
2022-12-06 19:10:36 +04:00
Penar Musaraj 57fe57e7ce
FIX: URL fragments not purging (#19324)
Fixes issue introduced in commit 2704a02e3a. Once a user visited an in-page anchor, that URL "stuck" in the browser's address bar. See also https://meta.discourse.org/t/anchors-url-not-purge-when-page-changed/244484 for a detailed report.
2022-12-06 09:52:59 -05:00
Bianca Nenciu e5a18dddac
FIX: Update match_count of screened IP address (#19321)
When a screened IP address is matched because it is either blocked or
allowed it should update match_count. This did not work because it
tried to validate the IP address and it failed as it matched with
itself.
2022-12-06 13:09:38 +02:00
Martin Brennan e6f9504dd6
FEATURE: Allow user_status scope for UserApiKey (#19296)
Follow-up to 6357a3ce33
where we allowed a general API key scope for user status
GET/PUT/DELETE, this commit allows the same for the
UserApiKey system.
2022-12-06 08:56:03 +10:00
Alan Guo Xiang Tan ff40c890ac
DEV: Correct order of triggering topic trashed and recovered event (#19313)
Previously we would trigger the event before the `Topic#deleted_at`
column has been updated making it hard for plugins to correctly work
with the model when its new state has not been persisted in the
database.
2022-12-06 05:56:16 +08:00
Isaac Janzen 04acee5de3
Fix timeline admin menu button spacing (#19322) 2022-12-05 12:41:24 -06:00
Blake Erickson 738f1958d8
FIX: Only modify secured sidebar links on user promotion/demotion (#19141)
* FIX: Only modify secured sidebar links on user promotion/demotion

If a user is created populate their sidebar with the default
categories/tags that they have access to.

If a user is promoted to admin populate any new categories/tags that
they now have access to.

If an admin is demoted remove any categories/tags that they no longer
have access to.

This will only apply for "secured" categories. For example if these are
the default sitebar categories:

- general
- site feedback
- staff

and a user only has these sidebar categories:

- general

when they are promoted to admin they will only receive the "staff"
category. As this is a default category they didn't previously have
access to.

* Add spec, remove tag logic on update

Change it so that if a user becomes unstaged it used the "add" method
instead of the "update" method because it is essentially following the
on_create path.

On admin promotion/demotion remove the logic for updating sidebar tags because
we don't currently have the tag equivalent like we do for User.secure_categories.

Added the test case for when a user is promoted to admin it should
receive *only* the new sidebar categories they didn't previously have
access to. Same for admin demotion.

* Add spec for suppress_secured_categories_from_admin site setting

* Update tags as well on admin promotion/demotion

* only update tags when they are enabled

* Use new SidebarSectionLinkUpdater

We now have a SidebarSectionLinkUpdater
that was introduced in: fb2507c6ce

* remove empty line
2022-12-05 11:39:10 -07:00
Bianca Nenciu 93859037ef
FEATURE: Improve composer warnings for mentions (#18796)
* FEATURE: Show warning if group cannot be mentioned

A similar warning is displayed when the user cannot be mentioned because
they have not been invited to the topic.

* FEATURE: Resolve mentions for new topic

This commit improves several improvements and refactors
/u/is_local_username route to a better /composer/mentions route that
can handle new topics too.

* FEATURE: Show warning if only some are notified

Sometimes users are still notified even if the group that was mentioned
was not invited to the message. This happens because its members were
invited directly or are members of other groups that were invited.

* DEV: Refactor _warnCannotSeeMention
2022-12-05 20:22:05 +02:00
Isaac Janzen b46a7b51f7
DEV: htmlSafe timeline topic title (#19320) 2022-12-05 11:31:57 -06:00
Bianca Nenciu 7d7551adfc
DEV: Remove user options from current user serializer (#19089)
User options were serialized at the root level of CurrentUserSerializer,
but UserSerializer has a user_option field. This inconsistency caused
issues in the past because user_option fields had to be duplicated on
the frontend.
2022-12-05 18:25:30 +02:00
Ayke Halder 569299b7a9
DEV: use structured data in topic-list for referencing only (#16235)
This simplifies the ItemList to only be a point of reference to the
actual DiscussionForumPosting objects.

See "Summary page": https://developers.google.com/search/docs/advanced/structured-data/carousel?hl=en#summary-page

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2022-12-05 18:00:32 +02:00
David Taylor f06be7d295
DEV: Fix multiple set-cookie through Ember-CLI proxy (#19316)
The `Set-Cookie` header is an exceptional case where multiple values are allowed, and should not be joined into a single header. Because of its browser-focussed origins (where set-cookie is not visible), `fetch()` does not have a clean API for this. Instead we have to access the `raw()` data.

This fixes various authentication-related issues when developing via the Ember CLI proxy.
2022-12-05 15:01:55 +00:00
Kris 6d1de26279
UX: refactor & update small post styles (#19274) 2022-12-05 09:54:29 -05:00
Penar Musaraj 1245743595
FIX: Don't force show topic map on non-first posts (#19302)
By default, the topic map in the OP shows only if there are replies.
Some themes may want to show it at all times, and to do so, they can
use the API via `api.includePostAttributes('topicMap');`.

But this was including the topic map in every post. This change ensures
that attribute is only set for the first post (and it only affects that
API endpoint).
2022-12-05 15:42:32 +01:00
David Taylor 3c6bd97efe
DEV: Document `ALLOW_EMBER_CLI_PROXY_BYPASS` in error page (#19315) 2022-12-05 13:44:16 +00:00
dependabot[bot] cc88e9fdda
Build(deps): Bump decode-uri-component in /app/assets/javascripts (#19311)
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:39:50 +01:00
dependabot[bot] 8034614dd3
Build(deps): Bump terser in /app/assets/javascripts (#19309)
Bumps [terser](https://github.com/terser/terser) from 5.16.0 to 5.16.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/5.16.0...v5.16.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:39:00 +01:00
dependabot[bot] 3df6a2bca9
Build(deps): Bump eslint in /app/assets/javascripts (#19307)
Bumps [eslint](https://github.com/eslint/eslint) from 8.28.0 to 8.29.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.28.0...v8.29.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:31:33 +08:00
Alan Guo Xiang Tan 02f48414b8
FEATURE: Add experimental plugin API to register messages nav dropdown (#19294)
This commit also removes the `user-messages-nav` plugin outlet without
deprecation in the redesigned user page navigation.
2022-12-05 12:31:09 +08:00
Krzysztof Kotlarek 425bebb337
FIX: user menu bug when transit from narrow screen (#19310)
When narrow screen is enable and hamburgerVisible is set to true, transition to wide screen is breaking user-menu button.

We need to reset hamburgerVisible and domClean is a great way to achieve it.
2022-12-05 14:44:50 +11:00
David Taylor 666fd43c37
FIX: Include CDN in result of `avatarUrl` helper (#19298)
Consumers of this utility function (e.g. the chat sidebar) expect to be able to use the resultant URL without any further transformations. Previously, it was only returning the user_avatar path without any CDN consideration. This commit ensures the result will include the app CDN URL when enabled.
2022-12-02 11:39:08 +00:00
David Taylor badd64ceee
PERF: Add GlobalSetting to redirect avatars instead of proxying (#19281)
When uploads are stored on S3, by default Discourse will fetch the avatars and proxy them through to the requesting client. This is simple, but it can lead to significant inbound/outbound network load in the hosting environment.

This commit adds an optional redirect_avatar_requests GlobalSetting. When enabled, requests for user avatars will be redirected to the S3 asset instead of being proxied. This adds an extra round-trip for clients, but it should significantly reduce server load. To mitigate that extra round-trip for clients, a CDN with 'follow redirect' capability could be used.
2022-12-02 10:07:25 +00:00
Penar Musaraj 4c037b9ba3
UX: Improve UI of group delete dialog (#19292) 2022-12-02 12:01:25 +08:00
Alan Guo Xiang Tan 9b5bc60325
DEV: Simplify new user page nav messages dropdown. (#19289)
With the refactoring of the user messages routes in
4da2e3fef4, we can now depend on the top
level routes like `userPrivateMessages.user`, `userPrivateMessages.group` and `userPrivateMessages.tags`
to determine what the active value for the dropdown should be which
greatly simplifies the logic.
2022-12-02 10:02:04 +08:00
Jeff Wong f0c8bc9e4d DEV: handle ember-cli test proxying for relative roots
Allow tests to be able to be found and run
when DISCOURSE_RELATIVE_ROOT is set.
2022-12-01 17:08:13 -08:00
Alan Guo Xiang Tan a2cec6366f
DEV: Port `user-private-messages` controller to native class (#19285) 2022-12-02 07:02:04 +08:00
Jeff Wong 7658765736 FIX: relative URL routing on ember-cli only page 2022-12-01 14:47:48 -08:00
Keegan George b8bb921ab5
FIX: Watched words replacement emoji render (#19171) 2022-12-01 13:38:16 -08:00
Isaac Janzen 6ccc0227f3
DEV: Upgrade Topic Timeline to Glimmer (#17377)
In an effort to modernize our codebase to the latest Ember version we have selected the Topic Timeline as a candidate to be refactored. The topic timeline component was originally built with `Widgets` and this PR will upgrade it to `Glimmer Components`. 

The refactored timeline is hidden by default behind a group flag, `SiteSetting.enable_experimental_topic_timeline_groups`. Being part of a group included in this site setting will make the new timeline available for testing.

## Other points of interest

This PR introduces a `Draggable Modifier` available to all components, which will take the place of the existing _drag functionality_ exclusive to widgets. 

It can be included like so:
```
{{draggable didStartDrag=@didStartDrag didEndDrag=@didEndDrag dragMove=@dragMove }}
```
2022-12-01 13:50:44 -06:00
Martin Brennan 30e7b716b0
FIX: Do not replace hashtag-cooked text with WatchedWords (#19279)
Adds the .hashtag-cooked as an exception for watched
words to not auto-link the text of the hashtag.
2022-12-01 16:31:06 +10:00
Alan Guo Xiang Tan fb2507c6ce
DEV: Centralise logic for updating sidebar section links (#19275)
The centralization helps in reducing code duplication in our code base
and more importantly, centralizing logic for guardian checks into a
single spot.
2022-12-01 09:32:35 +08:00
Alan Guo Xiang Tan 4da2e3fef4
DEV: Group and nest routes in `userPrivateMessages` into child routes (#19190)
Currently this is how the navigation structure looks like on the messages page: 

#### When personal inbox route is active

```
Inbox
  sent
  new
  unread
  archive
Group 1 Inbox
Group 2 Inbox
Tags
<Plugin Outlet>
```

#### When group inbox route is active

```
Inbox
Group 1 Inbox
  sent
  new
  unread
  archive
Group 2 Inbox
Tags
<Plugin Outlet>
```

With the existing structure, it is very easy for plugins to add additional navigation links by using the plugin outlet. In the redesigned user page navigation, the navigation structure on the messages page has been changed to look like this: 

#### When personal inbox route is active

```
---dropdown-------
| Inbox          |   Latest | Sent | New | Unread | Archive
------------------
```

#### When group inbox route is active 

```
---dropdown------
| Group 1 Inbox |   Latest | New | Unread | Archive
-----------------
```

With the new navigation structure, we can no longer rely on a simple plugin outlet to extend the navigation structure. Instead, we will need to introduce a plugin API for plugins to extend the navigation structure. The API needs to allow two things to happen: 

1. The plugin API needs to allow the plugin to register an item in the drop down and for the registered item to be "selected" whenever the plugin's routes are active. 

1. The plugin API needs to allow the plugin to register items into the secondary horizontal navigation menu beside the drop down. 

While trying to design the API, I struggle with trying to determine the "context" of the current route. In order words, it was hard to figure out if the current user is viewing the personal inbox, group inbox or tags. This is attributed to the fact that our current routing structure looks like this:

```
this.route(
  "userPrivateMessages",
  { path: "/messages", resetNamespace: true },
  function () {
    this.route("new");
    this.route("unread");
    this.route("archive");
    this.route("sent");
    this.route("warnings");
    this.route("group", { path: "group/:name" });
    this.route("groupArchive", { path: "group/:name/archive" });
    this.route("groupNew", { path: "group/:name/new" });
    this.route("groupUnread", { path: "group/:name/unread" });
    this.route("tags");
    this.route("tagsShow", { path: "tags/:id" });
  }
);
```

In order to provide context of the current route, we currently require all child routes under the `userPrivateMessages` route to set a `pmView` property on the `userPrivateMessages` controller. If the route requires additional context like the group currently active on the group inbox routes, the child routes would then have to set the `group` property on the `userPrivateMessages` controller. The problems with this approach is that we end up with many permutations of state on the `userPrivateMessages` controller and have to always clean up the state when navigating between the child routes. Basically, data is flowing upwards from the child routes into the parent controller which is not an ideal approach because we cannot easily determine where the "data" setup happens. Instead, we want to follow something similar to the "Data down, actions up" pattern where data flows downwards. In this commit, the `userPrivateMessages` routes have been changed to look like this: 

```
this.route(
  "userPrivateMessages",
  { path: "/messages", resetNamespace: true },
  function () {
    this.route("user", { path: "/" }, function () {
      this.route("new");
      this.route("unread");
      this.route("archive");
      this.route("sent");
      this.route("warnings");
    });

    this.route("group", { path: "group/:name" }, function () {
      this.route("archive");
      this.route("new");
      this.route("unread");
    });

    this.route("tags", { path: "/tags" }, function () {
      this.route("show", { path: ":id" });
    });
  }
);
```

Basically, we group the child routes based on the purpose each route servers. User inbox routes are grouped together while group inbox routes are grouped together. A big benefit of this is that now have a different Ember router and controller for each grouping of child routes. The context of the current route is then tied directly to the route name instead of requiring each child route to set an attribute on the parent controller. 

The second reason for why we needed to group the child routes together is because it allows us to pass the responsibility of rendering the secondary navigation links to the child routes. In this commit, we use the `{{in-element}}` modifier in the child route to render the secondary navigation links.

```
---dropdown--------
| Group 1 Inbox   |     Latest | New | Unread | Archive
------------------------
<parent template>    <horizontal secondary navigation links element>
```

This means that each child route with its own model and context can then handle the responsibility of rendering the secondary navigation links without having to pass its context up to the `userPrivateMessages` controller. While this should have simplified by the `userPrivateMessages` controller, we can't do that in this commit because our current navigation structure requires all links for all message inboxes to remain on screen at all times. Once we fully transition to the redesigned user menu navigation, we will be able to greatly simplify things around the routes and controllers for `userPrivateMessages`. 

In an ideal world, we would deprecate the old routes but I have done a quick search through all known plugins and no plugins are currently relying on those routes. There is a chance we could break plugins here but I'll like to see some smoke first before committing to the effort of deprecating client side routes.
2022-12-01 09:21:12 +08:00
Osama Sayegh 3ff6f6a5e1
FIX: Exclude claimed reviewables from user menu (#19179)
Users who can access the review queue can claim a pending reviewable(s) which means that the claimed reviewable(s) can only be handled by the user who claimed it. Currently, we show claimed reviewables in the user menu, but this can be annoying for other reviewers because they can't do anything about a reviewable claimed by someone. So this PR makes sure that we only show in the user menu reviewables that are claimed by nobody or claimed by the current user.

Internal topic: t/77235.
2022-12-01 07:09:57 +08:00
Osama Sayegh 23bd993164
FEATURE: Separate notification indicators for new PMs and reviewables (#19201)
This PR adds separate notification indicators for PMs and reviewables that have arrived since the last time the user opened the notifications menu.

The PM indicator is the strongest one of all three indicators followed by the reviewable indicator and then finally the blue indicator. This means that if there's a new PM and a new reviewable, then the PM indicator will be shown.

Meta topic: https://meta.discourse.org/t/no-green-or-red-notification-bubbles/242783?u=osama.

Internal topic: t/82995.
2022-12-01 07:05:32 +08:00
dependabot[bot] b8b5cbe463
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#19272)
Bumps [@embroider/test-setup](https://github.com/embroider-build/embroider/tree/HEAD/packages/test-setup) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/test-setup)

---
updated-dependencies:
- dependency-name: "@embroider/test-setup"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 22:56:25 +01:00
Alan Guo Xiang Tan 7688628993
FIX: horizontal scrolling was not working correctly (#19236)
Fixes broken behaviour of arrow buttons for certain users as the interval to scroll menu can be cancelled before the scrolling actually happens.

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2022-12-01 05:27:53 +08:00
Isaac Janzen aea492df5e
DEV: Add link rel preload to theme-javascripts (#19231)
* DEV: Add link rel preload to theme-javascripts
2022-11-30 12:43:01 -06:00
Roman Rizzi 9bb5cf1c46
FIX: Validate unsubscribe key has an associated user (#19262)
* FIX: Validate unsubscribe key has an associated user

* Improve error messages
2022-11-30 14:29:07 -03:00
Jarek Radosz 49e0fc04f7
Revert "DEV: Clean up all message bus subscriptions (#18675)" (#19267)
This reverts commit b0839ccf27.
2022-11-30 16:29:10 +00:00
Jarek Radosz 6a389fd15a
FIX: ScrollingPostStream regressed in #15313 (#18584)
regression commit: bec76f937c

In case when the user navigates away between async actions that code would error out on a missing element. This adds a simple sanity check.
2022-11-30 16:55:30 +01:00
David Taylor 2b53c2cfca
DEV: Enable `@cached` decorator for themes and plugins (#19261)
`ember-cached-decorator-polyfill` uses a Babel transformation to apply this polyfill in core. Adding that Babel transformation to themes and plugins will be complex, so we use this to patch it at runtime. This can be removed once `@glimmer/tracking` is updated to a version
with native `@cached` support.
2022-11-30 15:53:54 +00:00
Jarek Radosz b0839ccf27
DEV: Clean up all message bus subscriptions (#18675)
1. "What Goes Up Must Come Down" – if you subscribe to message bus, make sure you also unsubscribe
2. When you unsubscribe - remove only your subscription, not **all** subscriptions on given channel
2022-11-30 16:49:51 +01:00
Jarek Radosz 321b14d40c
DEV: Remove unused `render()` calls (#19224)
`Route#render` and `Route#renderTemplate` have been deprecated and are removed in Ember 4.x (see: https://deprecations.emberjs.com/v3.x#toc_route-render-template)

The templates of modified routes in this PR are already automatically inserted into `{{outlet}}`s.
2022-11-30 16:49:23 +01:00
dependabot[bot] 2ecfdb345f
Build(deps): Bump ember-source in /app/assets/javascripts (#19265)
Bumps [ember-source](https://github.com/emberjs/ember.js) from 3.28.10 to 3.28.11.
- [Release notes](https://github.com/emberjs/ember.js/releases)
- [Changelog](https://github.com/emberjs/ember.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember.js/compare/v3.28.10...v3.28.11)

---
updated-dependencies:
- dependency-name: ember-source
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 16:30:23 +01:00
dependabot[bot] 769b8b2405
Build(deps): Bump eslint-plugin-qunit in /app/assets/javascripts (#19263)
Bumps [eslint-plugin-qunit](https://github.com/platinumazure/eslint-plugin-qunit) from 7.3.3 to 7.3.4.
- [Release notes](https://github.com/platinumazure/eslint-plugin-qunit/releases)
- [Changelog](https://github.com/platinumazure/eslint-plugin-qunit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/platinumazure/eslint-plugin-qunit/compare/v7.3.3...v7.3.4)

---
updated-dependencies:
- dependency-name: eslint-plugin-qunit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 16:10:54 +01:00
Alan Guo Xiang Tan 7c321d3aad
PERF: Update `Group#user_count` counter cache outside DB transaction (#19256)
While load testing our user creation code path in production, we
identified that executing the DB statement to update the `Group#user_count` column within a
transaction is creating a bottleneck for us. This is because the
creation of a user and addition of the user to the relevant groups are
done in a transaction. When we execute the DB statement to update
`Group#user_count` for the relevant group, a row level lock is held
until the transaction completes. This row level lock acts like a global
lock when the server is creating users that will be added to the same
group in quick succession.

Instead of updating the counter cache within a transaction which the
default ActiveRecord `counter_cache` option does, we simply update the
counter cache outside of the committing transaction.

Co-authored-by: Rafael dos Santos Silva <xfalcox@gmail.com>

Co-authored-by: Rafael dos Santos Silva <xfalcox@gmail.com>
2022-11-30 11:52:08 -03:00
David Taylor 9f022112e3
DEV: Support theme/plugin overrides of colocated component templates (#19237)
To theme/plugin developers, the process is the same as for overriding non-colocated component templates. Once merged, this should allow us to seamlessly convert all of core's component templates to be colocated.
2022-11-30 14:14:38 +00:00
David Taylor 6969e9da7e
FIX: Allow reviewable-item components to be template-only (#19257)
The akismet plugin defines the `reviewable-akismet-post` component using a template under `discourse/templates/components/reviewable-akismet-post.hbs` without an associated `.js` file. The change to our resolution logic in c1397670 wasn't considering this.
2022-11-30 12:55:12 +00:00
Krzysztof Kotlarek 99fa10eee6
FIX: margin for sidebar and revamped user menu on iPad (#19254)
Additional top margin when footer is visible on iPad
2022-11-30 13:45:38 +11:00
dependabot[bot] e669cf3648
Build(deps): Bump @babel/core in /app/assets/javascripts (#19250)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.20.2 to 7.20.5.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.5/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 01:07:28 +01:00
dependabot[bot] c6467e2c9b
Build(deps): Bump ember-auto-import in /app/assets/javascripts (#19252)
Bumps [ember-auto-import](https://github.com/ef4/ember-auto-import/tree/HEAD/packages/ember-auto-import) from 2.4.3 to 2.5.0.
- [Release notes](https://github.com/ef4/ember-auto-import/releases)
- [Changelog](https://github.com/ef4/ember-auto-import/blob/main/packages/ember-auto-import/CHANGELOG.md)
- [Commits](https://github.com/ef4/ember-auto-import/commits/v2.5.0/packages/ember-auto-import)

---
updated-dependencies:
- dependency-name: ember-auto-import
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 00:51:11 +01:00
dependabot[bot] b76b4a5643
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#19251)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.4 to 7.20.6.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.6/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 23:49:22 +01:00
dependabot[bot] 42c88dc910
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#19248)
Bumps [@embroider/test-setup](https://github.com/embroider-build/embroider/tree/HEAD/packages/test-setup) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/test-setup)

---
updated-dependencies:
- dependency-name: "@embroider/test-setup"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 23:46:31 +01:00
dependabot[bot] c1286af10c
Build(deps): Bump sinon from 14.0.2 to 15.0.0 in /app/assets/javascripts (#19249)
Bumps [sinon](https://github.com/sinonjs/sinon) from 14.0.2 to 15.0.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v14.0.2...v15.0.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 23:45:51 +01:00
Jan Cernik 93fcfa58d0
FIX: Improve message when posting a duplicate link (#19245)
If the duplicated link was posted by the user itself, it will display
a different JIT message.
2022-11-29 16:08:27 -03:00
Daniel Waterworth 84c83e8d4a
SECURITY: Filter tags in user notifications for visibility (#19239) 2022-11-29 10:35:41 -06:00
Bianca Nenciu 0cc6e678bb
FIX: Show error message if no uploads are allowed (#19133)
It used to fail without displaying an error message if no upload
extensions were authorized. This also disables the button in the
first place to avoid displaying an error to the user (the error
will be displayed only when drag and dropping a file).
2022-11-29 16:58:50 +02:00
Bianca Nenciu 3048d3d07d
FEATURE: Track API and user API requests (#19186)
Adds stats for API and user API requests similar to regular page views.
This comes with a new report to visualize API requests per day like the
consolidated page views one.
2022-11-29 13:07:42 +02:00
David Taylor c139767055
DEV: Remove `Ember.TEMPLATES` and centralize template resolution rules (#19220)
In the past, the result of template compilation would be stored directly in `Ember.TEMPLATES`. Following the move to more modern ember-cli-based compilation, templates are now compiled to es6 modules. To handle forward/backwards compatibility during these changes we had logic in `discourse-boot` which would extract templates from the es6 modules and store them into the legacy-style `Ember.TEMPLATES` object.

This commit removes that shim, and updates our resolver to fetch templates directly from es6 modules. This is closer to how 'vanilla' Ember handles template resolution. We still have a lot of discourse-specific logic, but now it is centralised in one location and should be easier to understand and normalize in future.

This commit should not introduce any behaviour change.
2022-11-29 10:24:35 +00:00
Alan Guo Xiang Tan 8b2c2e5c34
UX: Align user page dismiss notifications btn with new navigation (#19235)
This change only affects the redesign user page navigation menu. The
dismiss button was incorrectly positioned below the user notifications
stream. A side effect of this is that it affected our infinite loading
code for the notifications stream.

No tests have been added in this commit as we have yet to quite figure
out how we can reliabily test for behaviours which requires us to scroll
the page.
2022-11-29 10:33:31 +08:00
Martin Brennan 6f0b9bb1c4
FIX: Allow hashtag autocomplete at start of line (#19216)
Back when we introduced hashtag autocomplete in
c1dbf5c1c4 we had to
disallow triggering it using # at the start of the
line because our old markdown engine rendered headers
with `#abc`, but now our new engine does `# abc` so
it is safe to allow hashtag autocompletion straight
away.
2022-11-29 10:56:17 +10:00
Krzysztof Kotlarek 787655e276
FIX: consistent narrow desktop width (#19232)
- use client rect instead of innerWidth to determine if screen is narrow
- disable _animate when exit mobile/narrow view
2022-11-29 11:03:54 +11:00
dependabot[bot] 2c37251e90
Build(deps): Bump engine.io in /app/assets/javascripts (#19233)
Bumps [engine.io](https://github.com/socketio/engine.io) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/6.2.0...6.2.1)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-29 00:18:05 +01:00
Alan Guo Xiang Tan f14189eb3b
FIX: PMs displaying outdated unread counts when read status is processing (#19217)
When a client "reads" a post, we do no immediately send the data of the
post for processing on the server. Instead, read posts data is batched
together and sent to the server for processing at regular intervals. On
the server side, processing of read posts data is done in the
background. As such, there is a small window of delay before a post is
marked as read by a user on the server side.

If a client reads a topic and loads the messages topic list before the
server has processed the read post, the unread posts count for the topic
which the client just read will appear to be incorrect/outdated.

As part of tracking a post as read, we are already tracking the highest
read post number for the last read topic by the client. Therefore, we
can use this information to correct the highest post read number in the
scenario that was described above. This solution is the same as what
we've been doing for the regular topics list.
2022-11-29 05:55:48 +08:00
Gerhard Schlager 0593e5f7c3
UX: Add instructions for multiple category emails (#19221) 2022-11-28 20:51:50 +01:00
David Taylor 7e504a1489
DEV: Only patch bootbox methods once in tests (#19222)
We were re-patching the deprecated bootbox methods during every app initialization, which would lead to hundreds of deprecation messages being printed for a single invocation.
2022-11-28 18:14:35 +00:00
Roman Rizzi 07a9163ea8
FEATURE: Deleting a user with their posts also deletes chat messages. (#19194)
This commit introduce a new API for registering callbacks, which we'll execute when a user gets destroyed, and the `delete_posts` opt is true. The chat plugin registers one callback and queues a job to destroy every message from that user in batches.
2022-11-28 13:32:57 -03:00
Krzysztof Kotlarek 46c44a3b0f
FIX: toggle sidebar when back from narrow screen (#19215)
When sidebar was enabled before going to narrow screen, it should be brought back when screen is enlarged.

Also, narrow screen value is changed to 1000px instead of 1100px.
2022-11-28 13:13:36 +11:00
Martin Brennan c6ee28ec75
SECURITY: Hide notifications for inaccessible topics (#19208)
Filter notifications the user cannot see anymore
via guardian.can_see_topic_ids
2022-11-28 10:41:57 +10:00
Joffrey JAFFEUX 84c1cc70d6
REFACTOR: naming and state refactor (#19187)
- better handling of drawer state using chat state manager
- removes various float and topic occurrences to use drawer
- ensures user can chat before doing a lot of chat setup
- fixes a bug which was creating presence errors in tests
- removes dead code
2022-11-25 14:15:38 +01:00
Martin Brennan cad2fe6089
FIX: Push category hashtag slug match to top (#19174)
When searching for categories it is possible for
a child category to have a slug that matches the term
exactly, but will not be found by .lookup since we
don't return these categories unless the ref matches
parent:child.

Introduces a search_sort method to each hashtag data
source so they can provide their custom sort logic of
results, in category's case putting all matching slugs
to the top regardless of parent/child relationship
then sorting by text.
2022-11-25 15:28:49 +10:00
Krzysztof Kotlarek 5b6604f5a7
FEATURE: sidebar for narrow desktop screen (#19160)
When desktop screen is narrow like < 1100px, sidebar should behave similarly to mobile version.
2022-11-25 15:33:26 +11:00
Alan Guo Xiang Tan 20715cd7f0
DEV: Refactor messages code to use `user.groupsWithMessages` function (#19189)
Simplifies the template since we have one less conditional and one less
level of nesting
2022-11-25 11:23:50 +08:00
Martin Brennan bbcb69461f
FIX: Existing users were mistakenly unable to redeem invite (#19191)
Follow up to 40e8912395

In this previous commit I introduced a bug that prevented
a legitimate case for an existing user to redeem an invite,
where the email/domain were both blank and the invite was
still redeemable by the user. Fixes the issue and adds more
specs for that case.
2022-11-25 11:57:04 +10:00
Alan Guo Xiang Tan 45f3e9f19e
DEV: Publish reviewable claimed topic message to groups instead of users (#19188)
I'm hesitant to call this a performance improvement since claiming a
reviewable is probably rare. However, this commit cuts out two DB
queries each time we have to publish a reviewable claimed message. More
importantly, publishing to groups scales much better than publishing to
users because we esstentially cap the number ids we have to load into
memory.
2022-11-25 08:07:29 +08:00
Osama Sayegh 498fa14347
UX: Show educational messages for the likes tab when it's empty (#19180)
This commit adds some content to educate the user about the likes tab in the user menu when it's blank.
Internal topic: t/76879.
2022-11-24 22:13:21 +03:00
dependabot[bot] c4fdc48164
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#19170)
Bumps [@embroider/test-setup](https://github.com/embroider-build/embroider/tree/HEAD/packages/test-setup) from 1.8.3 to 2.0.0.
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/test-setup)

---
updated-dependencies:
- dependency-name: "@embroider/test-setup"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 17:59:18 +01:00
dependabot[bot] 38123228fc
Build(deps): Bump terser in /app/assets/javascripts (#19183)
Bumps [terser](https://github.com/terser/terser) from 5.15.1 to 5.16.0.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-24 17:32:18 +01:00
Jarek Radosz 57a573eee3
DEV: Update terser (#19109)
The `decodedMap` prop comes from https://github.com/terser/terser/pull/1190

> This also exposes a new `decodedMap` property on the result object. Decoded maps are free to create (it's a shallow clone of the `GenMapping` instance), and passing them to `@jridgewell/trace-mapping` is copy-free. With Babel [recently](https://github.com/babel/babel/pull/14497) adding a `decodedMap` field, a dev could pass from the Babel transpilation to Terser without any added memory use for sourcemaps.
2022-11-24 17:15:46 +01:00
Selase Krakani 767e8ec730
FIX: Pass period filter to plugin outlet (#19182)
Pass period filter to `admin-dashboard-moderation-bottom` plugin outlet.

This allows plugins to render period filtered moderation data/report
2022-11-24 15:40:02 +00:00
David Taylor aac3f15236
DEV: Add hint about Rails-generated `<head>` to ember-cli HTML (#19181) 2022-11-24 15:31:10 +00:00
Andrei Prigorshnev 6357a3ce33
FEATURE: User Status API (#19149)
This adds API scope for the user status. This also adds a get method to the user status controller. We didn't need a dedicated method that returns status before because the server returns status with user objects, but I think we need to provide this method for API clients.
2022-11-24 19:16:28 +04:00
Gerhard Schlager 9e42473af4
FEATURE: Allow setting `default_enabled` for badges (#19178)
Otherwise setting `enabled` in `Badge.seed` will always overwrite changes by admins.
2022-11-24 13:44:26 +01:00
Martin Brennan a34838d671
FIX: Minor hashtag autocomplete fixes (#19173)
* Do not search category name when searching channels to avoid
  confusing results
* Overflow text in autocomplete menu with ... if it is too long
* Make autocomplete menu less height
2022-11-24 15:45:13 +11:00
Martin Brennan 274b21663e
FIX: Experimental hashtag search result matching and limit fixes (#19144)
This changes the hashtag search to first do a lookup to find
results where the slug exactly matches the
search term. Now when we search for hashtags, the
exact matches will be found first and put at the top of
the results.

`ChatChannelFetcher` has also been modified here to allow
for more options for performance -- we do not need to
query DM channels for secured IDs when looking up or searching
channels for hashtags, since they should never show in
results there (they have no slugs). Nor do we need to include
the channel archive records.

Also changes the limit of hashtag results to 20 by default
with a hidden site setting, and makes it so the scroll for the
results is overflowed.
2022-11-24 10:07:59 +10:00
Kris 6b7bdc991d
UX: improve mention styling, simplify (#19169)
* UX: improve mention styling, simplify

* revert default
2022-11-24 09:35:57 +11:00
Alan Guo Xiang Tan 470b8b8984
DEV: Simplifying rendering of secondary nav links for group inbox (#19164)
Also run user private messages page tests against redesign user page nav
2022-11-24 05:07:41 +08:00
Bianca Nenciu eef3532952
DEV: Remove old event preventDefault hack (#19168)
Opening of links in a new tab was difficult because it used a hack to
remove the 'href' attribute and adding it back to prevent the event
taking place instead of calling preventDefault.

This hack is no longer necessary because event handling has been
normalized since it has been implemented (see commit
0221855ba7).
2022-11-23 21:58:40 +02:00
David Taylor e330a596f5
DEV: Correct plugin-compilation connector template module path (#19165)
Some plugins store their connectors under `{plugin}/assets/javascripts/templates/connectors`, which is read as `templates/connectors` relative to the base of the JS directory. Our connector checking logic was looking for strings including the leading slash (`/templates`), which not be the case here. Instead we can split on `/` and take the last element. This matches the logic we have for themes in https://github.com/discourse/discourse/blob/1dadf4381f/lib/theme_javascript_compiler.rb#L111

This wasn't actually breaking anything, so this is just a housekeeping commit.
2022-11-23 17:57:59 +00:00
David Taylor 890e4f9854
DEV: Update `namespaceModules` argument name (#19166)
In 1279966f we started namespacing modules based on the plugin's defined name rather than the directory name. This commit updates the argument name to match what we're passing in. This it just a readability change - there is no change in behaviour.
2022-11-23 17:57:28 +00:00
Martin Brennan c9ab270abd
FEATURE: Add descriptions on hover for hashtag search results (#19162)
Adds the description as a title="" attribute on the hashtag
autocomplete search items for tags, categories, and channels.
These descriptions can be seen by the user since they are
able to see the results that are returned by the search via
Guardian checks.
2022-11-23 14:59:00 +10:00
Martin Brennan 34ce8f9915
FIX: Do not click track .hashtag-cooked (#19159)
This makes it so the new hashtags are not tracked,
same as the old ones. Also slight commenting in click-track
to explain mention clicks rejection mechanics.

Also deleted the single acceptance spec
since everything is covered better by the unit spec.
2022-11-23 14:25:28 +10:00
Alan Guo Xiang Tan 5552e257d8
UX: Styling backwards compatibility for old user page navigation (#19161)
While updating all user pages to use the new horizontal, scrollable user
page navigation, we've inadvertently broken the interface for plugins which rely on the
`user-main-nav` plugin outlet to extend the user profile page. Such
plugins usually add a new user profile page with the following
template structure which is copied from Discourse core before the user
page navigation redesign:

```
{{#d-section pageClass="..." class="user-secondary-navigation" scrollTop=false}}
  {{#mobile-nav class="..." desktopClass="action-list nav-stacked"}}
    ...
  {{/mobile-nav}}
{{/d-section}}

<section class="user-content">
  {{outlet}}
</section>
```

This commit seeks to add backwards compatibility in terms of the styling
of the interface such that even if the old template structure is used,
it would not look completely broken.
2022-11-23 11:53:08 +08:00
Martin Brennan 27b7f28739
FIX: Unescape :emoji: in hashtag search results (#19147)
This commit unescapes the :emoji: and expands into
an image within hashtag autocomplete results, and
also makes some style tweaks to make sure the emoji
is not too big.
2022-11-23 13:52:00 +10:00
Jordan Vidrine 34e21525d0
UX: Style adjustments & addition of login button on admin invite page (#19073)
* user field label move
* more user field edits
* invite page adjustments
* caps lock adjustment


Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-11-23 12:06:19 +11:00
dependabot[bot] 072ff72759
Build(deps): Bump engine.io in /app/assets/javascripts (#19151)
Bumps [engine.io](https://github.com/socketio/engine.io) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/6.2.0...6.2.1)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 08:49:48 +08:00
dependabot[bot] 9f709e5873
Build(deps): Bump eslint-plugin-qunit in /app/assets/javascripts (#19158)
Bumps [eslint-plugin-qunit](https://github.com/platinumazure/eslint-plugin-qunit) from 7.3.2 to 7.3.3.
- [Release notes](https://github.com/platinumazure/eslint-plugin-qunit/releases)
- [Changelog](https://github.com/platinumazure/eslint-plugin-qunit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/platinumazure/eslint-plugin-qunit/compare/v7.3.2...v7.3.3)

---
updated-dependencies:
- dependency-name: eslint-plugin-qunit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-23 08:46:56 +08:00
Kris d6ddb337c8
UX: use solid envelope icon for consistency (#19157) 2022-11-23 08:46:35 +08:00
Kris b0f380c4c7
UX: improve mention styling (#19156)
This updates mention styling. This reduces bold, increases contrast, and makes inactive mentions look more inactive.
2022-11-23 09:17:03 +10:00
Daniel Waterworth f895f27b02
FIX: When filtering tags for visibility, respect tag group permissions (#19152) 2022-11-22 12:55:57 -06:00
Kris 69e55a0e1c
A11Y: Improve "my posts" sidebar link title (#19132) 2022-11-22 08:36:43 -05:00
Martin Brennan 564292bfc1
FIX: Revert to old hashtag style for hashtag-raw (#19145)
This fix changes the hashtag-raw hashtags, which are
the ones that do not actually match anything, back
to the old style which does not look like mentions.
2022-11-22 17:45:47 +10:00
Martin Brennan d7b7660061
DEV: Minor hashtag to-markdown fix (#19142)
Follow-up to 3846b6248f,
check if class contains hashtag-cooked rather than
it being the only class.
2022-11-22 13:55:23 +10:00
Alan Guo Xiang Tan d3366a9092
DEV: Centralise user preferences security test into a single file (#19121)
* Makes it easier to find all the related tests for the particular route
* Remove some tests that don't really provide much value against regressions
2022-11-22 07:43:30 +08:00
Kris bb42016a72
A11Y: add title & aria-expanded for sidebar toggle (#19130) 2022-11-22 07:17:45 +08:00
Alan Guo Xiang Tan e05cd5de8f
DEV: Add tests for sidebar accessibility changes (#19138)
Accessibility is a feature which we do not want to regress on.

Follow-up to e30df22716
2022-11-22 06:07:47 +08:00
Kris e30df22716
A11Y: Improve the accessibility of sidebar content (#19131) 2022-11-22 05:32:43 +08:00
Joffrey JAFFEUX 6530eb2859
FIX: do not add color style if no prefixColor (#19123) 2022-11-22 05:25:07 +08:00
Bianca Nenciu c78eb60cea
FEATURE: Sync user tips status between client (#19095)
The user attributes are not updated between clients and that is a
problem with user tips because the same user tip will be displayed
multiple times, once for every client.
2022-11-21 20:57:02 +02:00
TheJammiestDodger be99c3eec7
FIX: Amend `release_notes_link` in app/models/admin_dashboard_general_data.rb (#19125)
Update `release_notes_link` to current version

<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in
JavaScript). If your code does not include test coverage, please include
an explanation of why it was omitted. -->
2022-11-21 16:21:34 +00:00
TheJammiestDodger d49fa9007d
FIX: Amend `release_notes_link` in /tests/fixtures/dashboard-new-features.js (#19124)
Update `release_notes_link` to the current version.

<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in
JavaScript). If your code does not include test coverage, please include
an explanation of why it was omitted. -->
2022-11-21 16:20:51 +00:00
Rafael dos Santos Silva e901403621
FEATURE: API to customize server side composer errors handling in the client side (#19107)
This will be used by plugins to handle the client side of their custom
post validations without having to overwrite the whole composer save
action as it was done in other plugins.

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-11-21 13:11:29 -03:00
David Taylor 269f65f14c
FIX: Ensure DButton uses the correct target for string actions (#19126)
Our `triggerAction` backwards-compatibility was firing the action on
`parentView`. In most cases this worked, but it doesn't match the
classic behaviour when the DButton is included inside a 'wrapper'
component. In that case, the action should be triggered on the current
'this' context of the template that called the DButton.

This commit mimics the Ember Classic Component manager's behaviour. It
adds the `createCaller` capability to the custom component manager, and
then uses the `callerSelfRef` for dispatching the action.
2022-11-21 13:31:18 +00:00
David Taylor ecce3c81f2
UX: Do not automatically refresh page while composer is open (#19112)
We automatically refresh the page 'on the next navigation' whenever a
new version of the JS client is available. If the composer is open when
this happens then it will be closed and you'll have to reopen the draft.
In some circumstances, this refresh can also cause some composer content
to be lost.

This commit updates the auto-refresh logic so that it doesn't trigger
while the composer is open, and adds an acceptance test for the
behaviour.

<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in
JavaScript). If your code does not include test coverage, please include
an explanation of why it was omitted. -->
2022-11-21 10:45:19 +00:00
Alan Guo Xiang Tan 59e02bd210
UX: Removed tracked section link from Community section in Sidebar (#19122)
Product has decided that the tracked section link provides very little
value at this moment in time so we're removing it.

See https://meta.discourse.org/t/245374 for more context.
2022-11-21 16:45:19 +08:00
Alan Guo Xiang Tan a64d2364ec
FIX: Correct implementation for user preferences tracking page (#19119)
The user preferences tracking page is only present when the redesign
user navigation menu is enabled. During the first pass of
implementation, some old bugs were introduced and this commit fixes
that. Regression tests have also been added.
2022-11-21 14:48:47 +08:00
Martin Brennan 3dcf158b56
FIX: Tag ordering adjustment for new hashtag autocompletion (#19120)
The tag ordering was inconsistent, because we were not
passing the correct order option to DiscourseTagging.filter_allowed_tags.
The order would change based on the limit provided. Now,
we can have a consistent order which is term exact match -> topic count ->
name.
2022-11-21 16:40:15 +10:00
Alan Guo Xiang Tan a8eb607162
DEV: Centralise user preferences account route tests into single file (#19118)
Makes it easier to associate the route with the tests instead of
squeezing difference acceptance modules into a single file
2022-11-21 13:09:33 +08:00
Alan Guo Xiang Tan 6d8a93ac41
DEV: Centralise more user preferences tests into individual files (#19100)
Makes it easier to associate the route with the tests
2022-11-21 10:16:47 +08:00
Martin Brennan 3846b6248f
FIX: Allow new hashtag HTML to be quoted to markdown (#19117)
Follow up from d3f02a1270

This commit fixes post quoting so that if the new
hashtag-cooked HTML is selected, we convert back to
a regular plain text #hashtag with the correct type and ref.
2022-11-21 12:04:46 +10:00
dependabot[bot] 86ae75f8d5
Build(deps): Bump jsdom from 20.0.2 to 20.0.3 in /app/assets/javascripts (#19115)
Bumps [jsdom](https://github.com/jsdom/jsdom) from 20.0.2 to 20.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jsdom/jsdom/releases">jsdom's
releases</a>.</em></p>
<blockquote>
<h2>Version 20.0.3</h2>
<ul>
<li>Updated dependencies, notably <code>w3c-xmlserializer</code>, which
fixes using <code>DOMParser</code> on XML documents containing
emoji.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jsdom/jsdom/blob/master/Changelog.md">jsdom's
changelog</a>.</em></p>
<blockquote>
<h2>20.0.3</h2>
<ul>
<li>Updated dependencies, notably <code>w3c-xmlserializer</code>, which
fixes using <code>DOMParser</code> on XML documents containing
emoji.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="22f7c3c518"><code>22f7c3c</code></a>
Version 20.0.3</li>
<li><a
href="c540630669"><code>c540630</code></a>
Update dependencies and dev dependencies</li>
<li><a
href="cdf07a1f0e"><code>cdf07a1</code></a>
Slight tweaks to GitHub Actions</li>
<li><a
href="bd77578169"><code>bd77578</code></a>
Try to make the issue template clearer</li>
<li>See full diff in <a
href="https://github.com/jsdom/jsdom/compare/20.0.2...20.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsdom&package-manager=npm_and_yarn&previous-version=20.0.2&new-version=20.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-21 09:47:48 +08:00
dependabot[bot] bc65a35aaa
Build(deps): Bump eslint from 8.27.0 to 8.28.0 in /app/assets/javascripts (#19114)
Bumps [eslint](https://github.com/eslint/eslint) from 8.27.0 to 8.28.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/releases">eslint's
releases</a>.</em></p>
<blockquote>
<h2>v8.28.0</h2>
<h2>Features</h2>
<ul>
<li><a
href="63bce44e7b"><code>63bce44</code></a>
feat: add <code>ignoreClassFieldInitialValues</code> option to
no-magic-numbers (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16539">#16539</a>)
(Milos Djermanovic)</li>
<li><a
href="8385ecdbbe"><code>8385ecd</code></a>
feat: multiline properties in rule <code>key-spacing</code> with option
<code>align</code> (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16532">#16532</a>)
(Francesco Trotta)</li>
<li><a
href="a4e89dbe85"><code>a4e89db</code></a>
feat: <code>no-obj-calls</code> support <code>Intl</code> (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16543">#16543</a>)
(Sosuke Suzuki)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><a
href="c50ae4f840"><code>c50ae4f</code></a>
fix: Ensure that dot files are found with globs. (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16550">#16550</a>)
(Nicholas C. Zakas)</li>
<li><a
href="9432b67f76"><code>9432b67</code></a>
fix: throw error for first unmatched pattern (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16533">#16533</a>)
(Milos Djermanovic)</li>
<li><a
href="e76c382772"><code>e76c382</code></a>
fix: allow <code>* 1</code> when followed by <code>/</code> in
no-implicit-coercion (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16522">#16522</a>)
(Milos Djermanovic)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a
href="34c05a779a"><code>34c05a7</code></a>
docs: Language Options page intro and tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16511">#16511</a>)
(Ben Perlmutter)</li>
<li><a
href="3e663873c9"><code>3e66387</code></a>
docs: add intro and edit ignoring files page (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16510">#16510</a>)
(Ben Perlmutter)</li>
<li><a
href="436f712843"><code>436f712</code></a>
docs: fix Header UI inconsistency (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16464">#16464</a>)
(Tanuj Kanti)</li>
<li><a
href="f743816967"><code>f743816</code></a>
docs: switch to wrench emoji for auto-fixable rules (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16545">#16545</a>)
(Bryan Mishkin)</li>
<li><a
href="bc0547eb14"><code>bc0547e</code></a>
docs: improve styles for versions and languages page (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16553">#16553</a>)
(Nitin Kumar)</li>
<li><a
href="6070f58d80"><code>6070f58</code></a>
docs: clarify esquery issue workaround (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16556">#16556</a>)
(Milos Djermanovic)</li>
<li><a
href="b48e4f89c5"><code>b48e4f8</code></a>
docs: Command Line Interface intro and tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16535">#16535</a>)
(Ben Perlmutter)</li>
<li><a
href="b92b30f93d"><code>b92b30f</code></a>
docs: Add Rules page intro and content tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16523">#16523</a>)
(Ben Perlmutter)</li>
<li><a
href="1769b42339"><code>1769b42</code></a>
docs: Integrations page introduction (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16548">#16548</a>)
(Ben Perlmutter)</li>
<li><a
href="a8d0a57cbc"><code>a8d0a57</code></a>
docs: make table of contents sticky on desktop (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16506">#16506</a>)
(Sam Chen)</li>
<li><a
href="a01315a7d8"><code>a01315a</code></a>
docs: fix route of japanese translation site (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16542">#16542</a>)
(Tanuj Kanti)</li>
<li><a
href="0515628539"><code>0515628</code></a>
docs: use emoji instead of svg for deprecated rule (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16536">#16536</a>)
(Bryan Mishkin)</li>
<li><a
href="68f12882fb"><code>68f1288</code></a>
docs: set default layouts (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16484">#16484</a>)
(Percy Ma)</li>
<li><a
href="776827a174"><code>776827a</code></a>
docs: init config about specifying shared configs (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16483">#16483</a>)
(Percy Ma)</li>
<li><a
href="5c39425fc5"><code>5c39425</code></a>
docs: fix broken link to plugins (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16520">#16520</a>)
(Ádám T. Nagy)</li>
<li><a
href="c97c789768"><code>c97c789</code></a>
docs: Add missing no-new-native-nonconstructor docs code fence (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16503">#16503</a>)
(Brandon Mills)</li>
</ul>
<h2>Chores</h2>
<ul>
<li><a
href="e94a4a95ee"><code>e94a4a9</code></a>
chore: Add tests to verify <a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16038">#16038</a>
is fixed (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16538">#16538</a>)
(Nicholas C. Zakas)</li>
<li><a
href="e13f194f89"><code>e13f194</code></a>
chore: stricter validation of <code>meta.docs.description</code> in core
rules (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16529">#16529</a>)
(Milos Djermanovic)</li>
<li><a
href="72dbfbc0c4"><code>72dbfbc</code></a>
chore: use <code>pkg</code> parameter in
<code>getNpmPackageVersion</code> (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16525">#16525</a>)
(webxmsj)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/eslint/eslint/blob/main/CHANGELOG.md">eslint's
changelog</a>.</em></p>
<blockquote>
<p>v8.28.0 - November 18, 2022</p>
<ul>
<li><a
href="34c05a779a"><code>34c05a7</code></a>
docs: Language Options page intro and tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16511">#16511</a>)
(Ben Perlmutter)</li>
<li><a
href="3e663873c9"><code>3e66387</code></a>
docs: add intro and edit ignoring files page (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16510">#16510</a>)
(Ben Perlmutter)</li>
<li><a
href="436f712843"><code>436f712</code></a>
docs: fix Header UI inconsistency (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16464">#16464</a>)
(Tanuj Kanti)</li>
<li><a
href="f743816967"><code>f743816</code></a>
docs: switch to wrench emoji for auto-fixable rules (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16545">#16545</a>)
(Bryan Mishkin)</li>
<li><a
href="bc0547eb14"><code>bc0547e</code></a>
docs: improve styles for versions and languages page (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16553">#16553</a>)
(Nitin Kumar)</li>
<li><a
href="6070f58d80"><code>6070f58</code></a>
docs: clarify esquery issue workaround (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16556">#16556</a>)
(Milos Djermanovic)</li>
<li><a
href="b48e4f89c5"><code>b48e4f8</code></a>
docs: Command Line Interface intro and tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16535">#16535</a>)
(Ben Perlmutter)</li>
<li><a
href="b92b30f93d"><code>b92b30f</code></a>
docs: Add Rules page intro and content tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16523">#16523</a>)
(Ben Perlmutter)</li>
<li><a
href="1769b42339"><code>1769b42</code></a>
docs: Integrations page introduction (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16548">#16548</a>)
(Ben Perlmutter)</li>
<li><a
href="63bce44e7b"><code>63bce44</code></a>
feat: add <code>ignoreClassFieldInitialValues</code> option to
no-magic-numbers (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16539">#16539</a>)
(Milos Djermanovic)</li>
<li><a
href="c50ae4f840"><code>c50ae4f</code></a>
fix: Ensure that dot files are found with globs. (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16550">#16550</a>)
(Nicholas C. Zakas)</li>
<li><a
href="a8d0a57cbc"><code>a8d0a57</code></a>
docs: make table of contents sticky on desktop (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16506">#16506</a>)
(Sam Chen)</li>
<li><a
href="9432b67f76"><code>9432b67</code></a>
fix: throw error for first unmatched pattern (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16533">#16533</a>)
(Milos Djermanovic)</li>
<li><a
href="8385ecdbbe"><code>8385ecd</code></a>
feat: multiline properties in rule <code>key-spacing</code> with option
<code>align</code> (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16532">#16532</a>)
(Francesco Trotta)</li>
<li><a
href="a4e89dbe85"><code>a4e89db</code></a>
feat: <code>no-obj-calls</code> support <code>Intl</code> (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16543">#16543</a>)
(Sosuke Suzuki)</li>
<li><a
href="a01315a7d8"><code>a01315a</code></a>
docs: fix route of japanese translation site (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16542">#16542</a>)
(Tanuj Kanti)</li>
<li><a
href="e94a4a95ee"><code>e94a4a9</code></a>
chore: Add tests to verify <a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16038">#16038</a>
is fixed (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16538">#16538</a>)
(Nicholas C. Zakas)</li>
<li><a
href="0515628539"><code>0515628</code></a>
docs: use emoji instead of svg for deprecated rule (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16536">#16536</a>)
(Bryan Mishkin)</li>
<li><a
href="e76c382772"><code>e76c382</code></a>
fix: allow <code>* 1</code> when followed by <code>/</code> in
no-implicit-coercion (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16522">#16522</a>)
(Milos Djermanovic)</li>
<li><a
href="68f12882fb"><code>68f1288</code></a>
docs: set default layouts (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16484">#16484</a>)
(Percy Ma)</li>
<li><a
href="e13f194f89"><code>e13f194</code></a>
chore: stricter validation of <code>meta.docs.description</code> in core
rules (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16529">#16529</a>)
(Milos Djermanovic)</li>
<li><a
href="776827a174"><code>776827a</code></a>
docs: init config about specifying shared configs (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16483">#16483</a>)
(Percy Ma)</li>
<li><a
href="72dbfbc0c4"><code>72dbfbc</code></a>
chore: use <code>pkg</code> parameter in
<code>getNpmPackageVersion</code> (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16525">#16525</a>)
(webxmsj)</li>
<li><a
href="5c39425fc5"><code>5c39425</code></a>
docs: fix broken link to plugins (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16520">#16520</a>)
(Ádám T. Nagy)</li>
<li><a
href="c97c789768"><code>c97c789</code></a>
docs: Add missing no-new-native-nonconstructor docs code fence (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16503">#16503</a>)
(Brandon Mills)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b8769f192b"><code>b8769f1</code></a>
8.28.0</li>
<li><a
href="d2b072313d"><code>d2b0723</code></a>
Build: changelog update for 8.28.0</li>
<li><a
href="34c05a779a"><code>34c05a7</code></a>
docs: Language Options page intro and tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16511">#16511</a>)</li>
<li><a
href="3e663873c9"><code>3e66387</code></a>
docs: add intro and edit ignoring files page (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16510">#16510</a>)</li>
<li><a
href="436f712843"><code>436f712</code></a>
docs: fix Header UI inconsistency (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16464">#16464</a>)</li>
<li><a
href="f743816967"><code>f743816</code></a>
docs: switch to wrench emoji for auto-fixable rules (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16545">#16545</a>)</li>
<li><a
href="bc0547eb14"><code>bc0547e</code></a>
docs: improve styles for versions and languages page (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16553">#16553</a>)</li>
<li><a
href="6070f58d80"><code>6070f58</code></a>
docs: clarify esquery issue workaround (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16556">#16556</a>)</li>
<li><a
href="b48e4f89c5"><code>b48e4f8</code></a>
docs: Command Line Interface intro and tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16535">#16535</a>)</li>
<li><a
href="b92b30f93d"><code>b92b30f</code></a>
docs: Add Rules page intro and content tweaks (<a
href="https://github-redirect.dependabot.com/eslint/eslint/issues/16523">#16523</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/eslint/eslint/compare/v8.27.0...v8.28.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=eslint&package-manager=npm_and_yarn&previous-version=8.27.0&new-version=8.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-21 09:47:07 +08:00
Martin Brennan d3f02a1270
FEATURE: Generic hashtag autocomplete lookup and markdown cooking (#18937)
This commit fleshes out and adds functionality for the new `#hashtag` search and
lookup system, still hidden behind the `enable_experimental_hashtag_autocomplete`
feature flag.

**Serverside**

We have two plugin API registration methods that are used to define data sources
(`register_hashtag_data_source`) and hashtag result type priorities depending on
the context (`register_hashtag_type_in_context`). Reading the comments in plugin.rb
should make it clear what these are doing. Reading the `HashtagAutocompleteService`
in full will likely help a lot as well.

Each data source is responsible for providing its own **lookup** and **search**
method that returns hashtag results based on the arguments provided. For example,
the category hashtag data source has to take into account parent categories and
how they relate, and each data source has to define their own icon to use for the
hashtag, and so on.

The `Site` serializer has two new attributes that source data from `HashtagAutocompleteService`.
There is `hashtag_icons` that is just a simple array of all the different icons that
can be used for allowlisting in our markdown pipeline, and there is `hashtag_context_configurations`
that is used to store the type priority orders for each registered context.

When sending emails, we cannot render the SVG icons for hashtags, so
we need to change the HTML hashtags to the normal `#hashtag` text.

**Markdown**

The `hashtag-autocomplete.js` file is where I have added the new `hashtag-autocomplete`
markdown rule, and like all of our rules this is used to cook the raw text on both the clientside
and on the serverside using MiniRacer. Only on the server side do we actually reach out to
the database with the `hashtagLookup` function, on the clientside we just render a plainer
version of the hashtag HTML. Only in the composer preview do we do further lookups based
on this.

This rule is the first one (that I can find) that uses the `currentUser` based on a passed
in `user_id` for guardian checks in markdown rendering code. This is the `last_editor_id`
for both the post and chat message. In some cases we need to cook without a user present,
so the `Discourse.system_user` is used in this case.

**Chat Channels**

This also contains the changes required for chat so that chat channels can be used
as a data source for hashtag searches and lookups. This data source will only be
used when `enable_experimental_hashtag_autocomplete` is `true`, so we don't have
to worry about channel results suddenly turning up.

------

**Known Rough Edges**

- Onebox excerpts will not render the icon svg/use tags, I plan to address that in a follow up PR
- Selecting a hashtag + pressing the Quote button will result in weird behaviour, I plan to address that in a follow up PR
- Mixed hashtag contexts for hashtags without a type suffix will not work correctly, e.g. #ux which is both a category and a channel slug will resolve to a category when used inside a post or within a [chat] transcript in that post. Users can get around this manually by adding the correct suffix, for example ::channel. We may get to this at some point in future
- Icons will not show for the hashtags in emails since SVG support is so terrible in email (this is not likely to be resolved, but still noting for posterity)
- Additional refinements and review fixes wil
2022-11-21 08:37:06 +10:00
dependabot[bot] 723f8239df
Build(deps): Bump message-bus-client in /app/assets/javascripts (#18944)
Bumps [message-bus-client](https://github.com/discourse/message_bus) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/discourse/message_bus/releases)
- [Changelog](https://github.com/discourse/message_bus/blob/main/CHANGELOG)
- [Commits](https://github.com/discourse/message_bus/compare/v4.2.0...v4.3.0)

---
updated-dependencies:
- dependency-name: message-bus-client
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-18 20:37:08 +01:00
Jarek Radosz 4f12fd0339
DEV: Modernize model tests (#19104)
Uses `module()` instead of `discourseModule()`, native getters instead of `.get()`, fixes some assertions, uses the store instead of creating models directly
2022-11-18 20:36:32 +01:00
Jordan Vidrine 44e27ddab8
more (#19106) 2022-11-18 13:28:13 -06:00
Rafael dos Santos Silva 86bf46a24b
FEATURE: API to update user's discourse connect external id (#19085)
* FEATURE: API to update user's discourse connect external id

This adds a special handling of updates to DiscourseConnect external_id
in the general user update API endpoint.

Admins can create, update or delete a user SingleSignOn record using

PUT /u/:username.json
{
  "external_ids": {
    "discourse_connect": "new-external-id"
  }
}
2022-11-18 11:37:21 -03:00
Bianca Nenciu 3ec7b2a769
DEV: Add test to check if user tips are saved once (#19084)
Before 35980ad56e, hidden user tips used
to be saved everytime when User.hideUserTipForever was called.
2022-11-18 13:52:14 +02:00
Jarek Radosz 0f36fcdecd
DEV: Move the recently added dev-deps to deps (#19103)
Fixes the production build
2022-11-18 11:45:52 +01:00
Alan Guo Xiang Tan 6867b8226d
DEV: Fix lint failures (#19101) 2022-11-18 11:26:33 +01:00
Jarek Radosz 213adab1ea
DEV: Update ember-qunit to 6.0.0 (#19080)
Long story short - bumping ember-qunit upgrades webpack, and sinon is not compatible with webpack v5. It uses node's `util` module and that is no longer polyfilled by webpack by default.

This PR adds the `util` polyfill (😑, but what can you do) and also injects a stub of `process` (so polyfill + sinon actually work)
2022-11-18 10:45:39 +01:00
dependabot[bot] 8bd6a24038
Build(deps): Bump babel-plugin-ember-template-compilation (#19091)
Bumps [babel-plugin-ember-template-compilation](https://github.com/emberjs/babel-plugin-ember-template-compilation) from 1.0.2 to 2.0.0.
- [Release notes](https://github.com/emberjs/babel-plugin-ember-template-compilation/releases)
- [Changelog](https://github.com/emberjs/babel-plugin-ember-template-compilation/blob/main/CHANGELOG.md)
- [Commits](https://github.com/emberjs/babel-plugin-ember-template-compilation/compare/v1.0.2...v2.0.0)

---
updated-dependencies:
- dependency-name: babel-plugin-ember-template-compilation
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-18 10:45:10 +01:00
Alan Guo Xiang Tan af0c7ff453
DEV: Move 2FA preferences tests into individual files (#19099)
This helps to make it easier to identify the test file for the
particular route.
2022-11-18 11:40:40 +08:00
Alan Guo Xiang Tan fde8d9b4bb
DEV: Move tests for user preferences change email into own file (#19097)
This helps to make it easier to identify the test file for the
particular route.
2022-11-18 11:40:22 +08:00
Alan Guo Xiang Tan 5e516a7d7d
DEV: Split tests for user preferences security page into individual file (#19096)
Mixing multiple acceptance tests in a single file makes the acceptance
tests much harder to find.
2022-11-18 11:40:05 +08:00
Sam 4f63bc8ed2
FEATURE: hidden site setting to suppress unsecured categories from admins (#19098)
The hidden site setting `suppress_secured_categories_from_admin` will
suppress visibility of categories without explicit access from admins
in a few key areas (category drop downs and topic lists)

It is not intended to be a security wall since admins can amend any site
setting. Instead it is feature that allows hiding the categories from the
UI.

Admins will still be able to see topics in categories without explicit
access using direct URLs or flags.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-11-18 14:37:36 +11:00
Kris a6c787345c
UX: reorganize user prefs for experimental user nav (#18764)
Trying out changes to reduce the number of nav items in the experimental horizontal user nav. These changes should only appear with the redesigned_user_page_nav_enabled feature flag.

1. Created a new "Tracking" route. This combines some tracking-related settings from Notifications and Category and Tag tracking (which were separate tabs previously). Don't love the layout yet, but it's something that we can work on.

2. Moved some user-related settings out of Notifications and to the
Users tab. These seem more user-related to me, and it's nice that we can
associate enabling messages with the setting to limit who can send
messages.

3. Moved the App tab (lists app permissions) to be within the Security tab. It's very similar to Recently Used Devices.
2022-11-18 09:09:04 +08:00
Sam 60abe99add
FIX: allow tl4 to bulk select (#19094)
* FIX: allow tl4 to bulk select

- Also allows tl4 to perform batch tagging

---

Long term this needs to be rewritten to account for "bulk action" permission
given from the server.

Co-authored-by: Martin Brennan <martin@discourse.org>
2022-11-18 10:41:59 +11:00
dependabot[bot] 2b7e73d7ff
Build(deps): Bump source-map in /app/assets/javascripts (#19090)
Bumps [source-map](https://github.com/mozilla/source-map) from 0.6.1 to 0.7.4.
- [Release notes](https://github.com/mozilla/source-map/releases)
- [Changelog](https://github.com/mozilla/source-map/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mozilla/source-map/compare/0.6.1...v0.7.4)

---
updated-dependencies:
- dependency-name: source-map
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-18 00:18:09 +01:00
dependabot[bot] 68b2304588
Build(deps): Bump babel-import-util in /app/assets/javascripts (#19086)
Bumps [babel-import-util](https://github.com/ef4/babel-import-util) from 1.2.2 to 1.3.0.
- [Release notes](https://github.com/ef4/babel-import-util/releases)
- [Commits](https://github.com/ef4/babel-import-util/compare/v1.2.2...v1.3.0)

---
updated-dependencies:
- dependency-name: babel-import-util
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-18 00:15:10 +01:00
Jarek Radosz 4cbb811988
DEV: Add dark theme support to QUnit (#19014) 2022-11-17 18:44:44 +01:00
Jarek Radosz 59f1d01381
DEV: Convert `SiteSettings` to a tracked object (#19015)
TrackedObject allows us to reference SiteSettings in autotracking contexts (e.g. JS getters referenced from a Glimmer template) without the need for EmberObject's `get()`  function. TrackedObject is backwards-compatible with Ember's legacy reactivity model, so it can be referenced in things like computed properties.

Co-authored-by: David Taylor <david@taylorhq.com>
2022-11-17 18:44:23 +01:00
Kris a18f6dcb7e
UX: user message controls need some padding (#19079) 2022-11-17 12:33:17 -05:00
Peter Wagenet a88902950a
DEV: Convert DButton to a Glimmer Component (#17767)
This change is intended to be backwards-compatible with all the previous arguments to `DButton`.

A deprecation warning will be triggered when a string is passed to the `@action` argument. This kind of action bubbling has been deprecated in Ember for some time, and should be updated to use closure actions.

Co-authored-by: Dan Gebhardt <dan@cerebris.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2022-11-17 10:55:15 +00:00
Meghna 040136675b
UX: better email login pages (#19058)
* UX: better email login pages

* Update error message for email login error
2022-11-17 13:09:39 +05:30
Martin Brennan 40e8912395
FIX: Invite redemption error if user had already redeemed (#19070)
When opening the invite acceptance page when the user
was already logged in, we were still showing the Accept
Invitation prompt even if the user had already redeemed
the invitation and was present in the `InvitedUser` table.

This would lead to errors when the user clicked on the button.

This commit fixes the issue by hiding the Accept Invitation
button and showing an error message instead indicating that
the user had already redeemed the invitation. This only applies
to multi-use invite links.
2022-11-17 15:51:58 +10:00
Penar Musaraj 5ee3e2932f
FIX: Bug with admin trust level growth report (#19050)
When this report in the admin dashboard has lots of data ( > 75 days of activity), the dates were ordered incorrectly. This is apparently expected behaviour; when using GROUP BY without specifying the ordering, PG decides to order, and it so happens that it works under some conditions but not others. Explicit ordering fixes the problem. 

However, because this works in some conditions but not others, we can't really add a useful test.
2022-11-16 22:11:09 -05:00
Penar Musaraj 0ef8d0a7bc
FIX: Regression with special `a` keyword in search (#19063)
Fixes a regression introduced in ac7bf98.
2022-11-16 21:51:29 -05:00
Kris 7465fadca0
DEV: remove unused CSS (#19069) 2022-11-17 08:19:08 +08:00
Sérgio Saquetim 81efd3101d
DEV: Added plugin outlet below user summary stats (#18968) 2022-11-16 20:18:51 -03:00
Bianca Nenciu 35980ad56e
FIX: Update user options only once (#19066)
* FIX: Update user options only once

Performing actions that updated list of seen popups used to update user
options everytime instead of checking if the change has any effect.

* FIX: Load updated user data from response
2022-11-17 09:12:54 +11:00
Penar Musaraj 19158cde53
Add search tip for `@me` shortcut (#19062) 2022-11-16 15:19:34 -05:00
Kris a5f2099884
A11Y: add live area for search menu, labels (#19061) 2022-11-16 14:02:39 -05:00
Jarek Radosz d2a8884127
DEV: Bump pikaday (#19060) 2022-11-16 18:59:15 +01:00
Jarek Radosz a7b033d642
DEV: Update node-fetch (#19059)
node-fetch is now a ES module, so it has to either imported with `import/from` syntax (which can't be used in addon's index.js) or using the dynamic `import()`
2022-11-16 18:58:38 +01:00
David Taylor 6d6d5a200f
DEV: Add `withSilencedDeprecationsAsync` for async functions (#19057)
Previously we were trying to handle both async and sync use cases in a single function, but it was confusing to read and led to subtle race conditions. This commit separates the async version into a separate function.
2022-11-16 17:55:20 +00:00
Andrei Prigorshnev ce7172bc9b
FIX: status was clearing after editing user preferences (#18887)
The problem was reported as a problem with changing theme in user preferences, after saving a new theme the previously set user status was disappearing (https://meta.discourse.org/t/user-status/240335/42). Turned out though that the problem was more wide, changing pretty much any setting in user preferences apart from user status itself led to clearing the status.
2022-11-16 21:42:56 +04:00
David Taylor cf51a4ea84
DEV: Modernise mixed test direction text-field to avoid deprecation (#19056)
Previously we had a combination of a computed property and `this.set`. This was triggering the `computed-property.override` deprecation. This commit moves everything into the `dir` property, makes it a native getter, and adds a test to verify the reactive behavior.
2022-11-16 17:34:04 +00:00
Jordan Vidrine 38d6e8c071
FIX: Add Custom `Primary-Numbers` (#19055) 2022-11-16 11:33:23 -06:00
Kris 19ec341bce
DEV: allow themes to more easily set border-radii (#19037) 2022-11-16 11:35:09 -05:00
Jarek Radosz 99dfdf70e8
DEV: Make dialog-holder a monorepo package (#19051) 2022-11-16 16:43:45 +01:00
Bianca Nenciu 9f3371f367
DEV: Remove old "first notification" tutorial (#19036)
It was replaced by the new "first notification" user tip.
2022-11-16 14:35:18 +02:00
Jarek Radosz cfd610cc7c
DEV: Make bootstrap-json a monorepo package (#19048) 2022-11-16 11:58:10 +01:00
dependabot[bot] ffce372a48
Build(deps): Bump eslint in /app/assets/javascripts (#18933)
Bumps [eslint](https://github.com/eslint/eslint) from 8.26.0 to 8.27.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.26.0...v8.27.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 11:45:55 +01:00
Jarek Radosz 9bf95d472d
DEV: Move `shouldLoadPluginTestJs()` (#19045)
A first step in the effort to depend only on explicitly declared dependencies in package.json.
2022-11-16 11:07:58 +01:00
dependabot[bot] b36c5e7565
bump eslint-plugin-qunit from 6.2.0 to 7.3.2 in /app/assets/javascripts (#18927)
---
updated-dependencies:
- dependency-name: eslint-plugin-qunit
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-16 11:03:43 +01:00
David Taylor b9b2e6a2e0
DEV: Convert user `...Categories` computed props to getters/setters (#19018)
Some locations in the app were `.set`-ing these computed properties. This would trigger the `computed-property.override` Ember deprecation, and also lead to inconsistency between the `..._categories_ids` property and the `...Categories` property.

This commit updates these properties to have getters/setters, with all state being stored in the `..._ids` property. The `@dependentKeyCompat` decorator is used to ensure these 'autotracking' getters can still be used as dependent keys in other computed properties.
2022-11-16 10:00:57 +00:00
David Taylor 392bafcd7e
DEV: Add unique ids to deprecations (#19019)
This will improve the QUnit deprecation summaries introduced via 8c48285145
2022-11-16 10:00:39 +00:00
Jarek Radosz 25aa0bc10d
DEV: Deprecate `create-store` test helper (#19021)
Use the regular Store service instead.
2022-11-16 10:54:46 +01:00
Jarek Radosz 5b16546358
DEV: Refactor `_warnCannotSeeMention()` (#19042) 2022-11-16 10:33:47 +01:00
David Taylor c78c5dd407
DEV: Improve discourse-common/deprecate implementation (take 2) (#19032)
- Count deprecations and print them to the console following QUnit runs
- In GitHub actions, write the same information as a job summary
- Add documentation to `discourse-common/lib/deprecated`
- Introduce `id` and `url` options to `deprecated`
- Introduce `withSilencedDeprecations` helper to allow testing deprecated code paths without making noise in the logs

This was previously reverted in 47035693b7.
2022-11-16 09:30:20 +00:00
Jarek Radosz 5c4a2d428a
DEV: Make the `setupTests` a regular import (#19046) 2022-11-16 16:11:18 +08:00
Jarek Radosz 4a49c22780
DEV: Make more dependencies explicit (#19047) 2022-11-16 16:10:58 +08:00
Krzysztof Kotlarek 87b297e76c
FIX: deprioritize reaction notifications (#19049)
Fix for https://github.com/discourse/discourse/pull/19029

Reactions should be moved down similarly to likes
2022-11-16 15:37:51 +11:00
Krzysztof Kotlarek 2e655f8311
FEATURE: deprioritize like notifications on all list (#19029)
On the all notifications list, likes should be deprioritized and marked as read.
2022-11-16 13:32:05 +11:00
dependabot[bot] f1548c801e
Build(deps): Bump loader-utils in /app/assets/javascripts (#19044)
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.1 to 1.4.2.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.2/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v1.4.1...v1.4.2)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 23:57:28 +01:00
Kris e071ba5d84
UX: move horiz nav margin to padding (#19041) 2022-11-15 17:05:43 -05:00
Bianca Nenciu ac272c041e
FEATURE: Add user tips for post and topic features (#18964)
* DEV: Add utility to hide all user tips

* DEV: Add UserTip Glimmer component

* DEV: Add tests for existing user tips

* FEATURE: Add user tip for post menu

* FEATURE: Add user tip for topic notification level

* FEATURE: Add user tip for suggested topics

* FEATURE: Hide new popups for existing users
2022-11-15 17:36:08 +02:00
Kris f90a8438e9
UX: force sidebar to occupy full height (#19035) 2022-11-15 09:37:00 -05:00
David Taylor d123371cb9
DEV: Add `discourse/tests` to jsconfig (#19031)
This allows IDEs to resolve imports under `discourse/tests`
2022-11-15 11:33:56 +00:00
dependabot[bot] cac0c6212b
Build(deps): Bump sass from 1.56.0 to 1.56.1 in /app/assets/javascripts (#19022)
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.0 to 1.56.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.56.0...1.56.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 00:06:24 +01:00
dependabot[bot] a210b698eb
Build(deps): Bump webpack in /app/assets/javascripts (#19027)
Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.75.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.74.0...v5.75.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-15 00:05:52 +01:00
David Taylor 338901d335
Revert "DEV: Improve discourse-common/deprecate implementation (#18987)" (#19028)
This reverts commit 8c48285145. This introduced a bug which could cause sites to break when certain deprecations are hit. We'll re-introduce a fixed version of this change in a future commit.
2022-11-15 09:32:01 +11:00
Blake Erickson 7be53b1588
FEATURE: Default Composer Category Site Setting (#18967)
* FEATURE: Default Composer Category Site Setting

- Create the default_composer_category site setting
- Replace general_category_id logic for auto selecting the composer
  category
- Prevent Uncategorized from being selected if not allowed
- Add default_composer_category option to seeded categories
- Create a migration to populate the default_composer_category site
  setting if there is a general_category_id populated
- Added some tests

* Add missing translation for the new site setting

* fix some js tests

* Just check that the header value is null
2022-11-14 11:09:57 -07:00
David Taylor 8c48285145
DEV: Improve discourse-common/deprecate implementation (#18987)
- Count deprecations and print them to the console following QUnit runs
- In GitHub actions, write the same information as a job summary
- Add documentation to `discourse-common/lib/deprecated`
- Introduce `id` and `url` options to `deprecated`
- Introduce `withSilencedDeprecations` helper to allow testing deprecated code paths without making noise in the logs
2022-11-14 17:05:16 +00:00
Joffrey JAFFEUX 6493ddce17
PERF: limits use of redis cache while building emojis list (#19013)
We were doing get on Redis two times for each emoji while building the custom/standard/all lists which where resulting in ~3710 Redis calls. Given the emoji DB file is loaded in memory while we build/cache the emojis list this is unnecessary and slow.

As a simplification in pseudo code here is an explanation of what we were doing:

```ruby
emojis.each |emoji_name|
  aliases = get_aliases_from_redis_cache(emoji_name)
  is_tonable = get_is_tonable_from_redis_cache(emoji_name)
  build_emoji(emoji_name, aliases, is_tonable)
end
```

The two redis calls are now simplified to a simple hash access: `@db[emoji_name]`
2022-11-14 13:38:50 +01:00
Jarek Radosz 2325bec3c9
DEV: Skip a flaky FF test (#18996)
On Firefox Evergreen this upload test often fails, because the order of uploads in markdown is somehow reversed.
2022-11-14 12:16:00 +01:00
Krzysztof Kotlarek 3d5753c42b
FIX: Allow sidebar links to register didInsert actions (#19010)
Previously `this.chatService.appEvents.on(
"chat:user-tracking-state-changed"...)` was registered on constructor and disabled on `willDestroy`. Constructor is evaluated only once, so when the section was collapsed and collapsed then the events were not observed anymore.

didInsert allows evaluating code each time a component is rendered.
2022-11-14 10:36:46 +01:00
Martin Brennan a414520742
SECURITY: Prevent email from being nil in InviteRedeemer (#19004)
This commit adds some protections in InviteRedeemer to ensure that email
can never be nil, which could cause issues with inviting the invited
person to private topics since there was an incorrect inner join.

If the email is nil and the invite is scoped to an email, we just use
that invite.email unconditionally.  If a redeeming_user (an existing
user) is passed in when redeeming an email, we use their email to
override the passed in email.  Otherwise we just use the passed in
email.  We now raise an error after all this if the email is still nil.
This commit also adds some tests to catch the private topic fix, and
some general improvements and comments around the invite code.

This commit also includes a migration to delete TopicAllowedUser records
for users who were mistakenly added to topics as part of the invite
redemption process.
2022-11-14 12:02:06 +10:00
Jarek Radosz dc8a7e74f4
FIX: Allow attr updates of over-size-limit uploads (#18986) 2022-11-11 17:56:11 +01:00
Rafael dos Santos Silva 99e5fbe303
FEATURE: Replyable chat push notifications (#18973)
Allows quick inline replies in chat push notifications. This will allow users
in compatible platforms (Windows 10+ / Chrome OS / Android N+) to reply
directly from the notification UI.

Probable follow ups include:

  - inline replies for posts

  - handling failure of reply
    - fallback to draft creation if business logic error
    - store and try again later if connectivity error

  - sent inline replies lack the in_reply_to param

  - i18n of inline reply action text and placeholder
2022-11-11 12:30:21 -03:00
Joffrey JAFFEUX c8beefc1ee
FIX: reimplements chat audio into a service (#18983)
This implementation attempts to be more resilient to background tab.

Notes:
- adds support for immediate arg in @debounce decorators
- fixes a bug in discourseDebounce which was not supporting immediate arg in tests
- chat-audio-manager has no tests as audio requires real user interaction and is hard to test reliably
2022-11-11 13:11:41 +01:00
Joffrey JAFFEUX 795687160d
UX: adds chat section in settings and hide it in plugins (#18984) 2022-11-11 12:43:20 +01:00
dependabot[bot] 5bd0e31c61
Build(deps): Bump node-fetch in /app/assets/javascripts (#18985)
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.6 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-11 12:27:05 +01:00
Selase Krakani c7ccb17433
FEATURE: Add cooked post to user archive exports (#18979)
This change allows easily accessible secure media URLs to be available
in the exported data.
2022-11-11 11:07:32 +00:00
Selase Krakani 0b367216ae
FIX: Ensure moderators_manage_categories_and_groups is respected (#18884)
Currently, moderators are able to set primary group for users
irrespective of the of the `moderators_manage_categories_and_groups` site
setting value.

This change updates Guardian implementation to honour it.
2022-11-11 11:06:05 +00:00
David Taylor 6d126adb4f
DEV: Bind connector actions when made available under `this` (#18981)
Connector actions are already added as properties of the generated component, but they were not bound. Using them like `{{on "click" this.someAction"}}` and trying to access `this` would not work as expected. This commit binds all actions to the component generated component instance.
2022-11-11 10:30:10 +00:00
Natalie Tay 09b7433167
DEV: Add more page objects (#18972) 2022-11-11 17:44:40 +08:00
Krzysztof Kotlarek 4db5525d25
FIX: do not lock account if backup codes are available (#18982)
Currently, we have available three 2fa methods:
- Token-Based Authenticators
- Physical Security Keys
- Two-Factor Backup Codes

If the first two are deleted, user lose visibility of their backup codes, which suggests that 2fa is disabled.

However, when they try to authenticate, the account is locked, and they have to ask admin to fix that problem.

This PR is fixing the issue. User still sees backup codes in their panel and can use them to authenticate.

In next PR, I will improve UI to clearly notify the user when 2fa is fully disabled and when it is still active.
2022-11-11 13:00:06 +11:00
Kris 4692f4ee7c
UX: more contrast for sidebar counts (#18980) 2022-11-10 18:43:37 -05:00
Keegan George 85bfabd847
DEV: Only focus user card first link if not mouse input (#18960) 2022-11-10 10:12:03 -08:00
dependabot[bot] 8abd150c98
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18963)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.3 to 7.20.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.4/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-10 14:23:08 +01:00
Meghna dbce8ca94b
UX: better password reset error page (#18970) 2022-11-10 17:48:25 +05:30
Jarek Radosz 3e0196cbbf
FIX: Shrinking images where smaller image upload exists (#18965) 2022-11-10 12:43:56 +01:00
Joffrey JAFFEUX c0a4823203
UX: tweaks to msg actions menu (#18966)
- allows to scroll while hovering the menu
- correctly changes message background color while hovering menu
- prevents a bug where it would sometimes close the menu while moving from menu to the 3 dots expanded dropdown. This was caused by the gap between header/body of the 3 dots dropdown, which would sometimes allow to create a mouseover event on a possible different underlying message
- removes recent/favorite reactions on drawer mode
- grayscale reactions until hover
- boxshadow on msgactions container
- removes useless code
2022-11-10 07:42:37 +01:00
Gerhard Schlager 5268da037a UX: Replace concatenated translation 2022-11-09 22:33:31 +01:00
Keegan George 4ae288367e
FIX: Permalinks issues (#18939) 2022-11-09 11:23:08 -08:00
Bianca Nenciu 4dad7816b2
FEATURE: Rename onboarding popups to user tips (#18826)
This commit also hides the new user tips for existing users.
2022-11-09 20:20:34 +02:00
Arpit Jalan 8b8c1291e7
FIX: do not preload topic list for new topic/message routes (#18959)
This commit fixes the issue where the sub-category topic list was not
loading for new-topic routes. Since we do not need to preload topic
lists for new topic/message routes this commit adds a no-op controller
that prevents topic lists pre loading and at the same time fixes the sub
category topics not loading issue.
2022-11-09 20:57:42 +05:30
Gerhard Schlager 04b0035009 DEV: Remove unused code and translations
The edit PM button was removed in ecc8e559ec
2022-11-09 14:27:55 +01:00
Gerhard Schlager b0ea919b09 FIX: Use cached RegEx instead of recreating RegEx on every usage 2022-11-09 14:27:55 +01:00
Gerhard Schlager ba232eab53 DEV: Remove unused code 2022-11-09 14:27:55 +01:00
Martin Brennan c6764d8c74
FIX: Automatically generate category channel slugs (#18879)
This commit automatically ensures that category channels
have slugs when they are created or updated based on the
channel name, category name, or existing slug. The behaviour
has been copied from the Category model.

We also include a backfill here with a simplified version
of Slug.for with deduplication to fill the slugs for already
created Category chat channels.

The channel slug is also now used for chat notifications,
and for the UI and navigation for chat. `slugifyChannel`
is still used, but now does the following fallback:

* Uses channel.slug if it is present
* Uses channel.escapedTitle if it is present
* Uses channel.title if it is present

In future we may want to remove this altogether
and always rely on the slug being present, but this
is currently not possible because we are not generating
slugs for DM channels at this point.
2022-11-09 10:28:31 +10:00
Keegan George 3bab7a44d4
FIX: Watched words submit button should be disabled by default (#18947) 2022-11-08 15:38:11 -08:00
Martin Brennan f8f55cef67
DEV: TODO followups (#18936)
* Remove old bookmark column ignores to follow up b22450c7a8
* Change some group site setting checks to use the _map helper
* Remove old secure_media helper stub for chat
* Change attr_accessor to attr_reader for preloaded_custom_fields to follow up 70af45055a
2022-11-09 07:48:05 +10:00
Jarek Radosz a5099c72a7
DEV: Use store to create Post records in tests (#18920) 2022-11-08 18:13:45 +01:00
Jarek Radosz d2ea39c932
Revert "FEATURE: when entering a topic scroll to last visited line marker (#18440)" (#18917)
This reverts commit 136174e0ee.

That worked only 50% of the time (at best), as it was conflicting with other topic-view scrolling code. The reverted feature will eventually be restored as I continue to fix scroll-related issues.
2022-11-08 10:32:21 +01:00
Martin Brennan b93075a445
DEV: Make admin-start-backup template extendable (#18904)
We need to change the content of this modal in different
plugins based on context, so move some parts of it into
the JS file.
2022-11-08 10:40:56 +10:00
dependabot[bot] ac2ef0bd9d
bump @babel/core from 7.19.6 to 7.20.2 in /app/assets/javascripts (#18925)
---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:25:15 +01:00
Martin Brennan 59da6c6ea2
DEV: Load JS site settings in theme qunit HTML (#18934)
Follow up to ac7bf98ad1
2022-11-08 10:23:43 +10:00
dependabot[bot] 2427cd5b2a
Build(deps): Bump sass from 1.55.0 to 1.56.0 in /app/assets/javascripts (#18932)
Bumps [sass](https://github.com/sass/dart-sass) from 1.55.0 to 1.56.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.55.0...1.56.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:21:43 +01:00
dependabot[bot] 86876a9bb1
Build(deps): Bump loader-utils in /app/assets/javascripts (#18931)
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v1.4.1/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:02:13 +01:00
dependabot[bot] 1c8bdfd309
Build(deps): Bump loader-utils (#18930)
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/webpack/loader-utils/releases)
- [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.3/CHANGELOG.md)
- [Commits](https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.3)

---
updated-dependencies:
- dependency-name: loader-utils
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 01:02:00 +01:00
Martin Brennan 98d0501cdc
DEV: Fix text util test (#18929)
Follow up to ac7bf98ad1
2022-11-08 09:52:11 +10:00
dependabot[bot] 6f8e2c1f14
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18924)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.1 to 7.20.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.3/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 00:48:37 +01:00
dependabot[bot] a1e1b16b80
bump sinon from 14.0.1 to 14.0.2 in /app/assets/javascripts (#18926)
---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-08 00:48:15 +01:00
Blake Erickson cb8746c7e7
FIX: Update sidebar links when promoted to admin (#18928)
It is likely that a new admin user was created as just a regular user
before being promoted to admin so this change will update the sidebar
link records for any users that are promoted to admin. This way if any
of the default side bar categories or tags are restricted to admins
these new admins will have those added to their sidebar as well.

You can easily replicate this issue locally (prior to this fix) by using
`rails admin:create` where it creates a user first, then it is promoted
to admin. This means it would receive the default categories of regular
user, but never receive the ones they should have access to as an admin.

As part of this change I did drop the `!` from
`SidebarSectionLink.insert_all` so that it would add any new records
that were missing, but not throw a unique constraint error trying to add
any existing records.

Follow up to: 1b56a55f50

And: e320bbe513
2022-11-07 16:39:24 -07:00
Martin Brennan ac7bf98ad1
DEV: Load client site settings YML into JS tests (#18413)
Our method of loading a subset of client settings into tests via
tests/helpers/site-settings.js can be improved upon. Currently we have a
hardcoded subset of the client settings, which may get out of date and not have
the correct defaults. As well as this plugins do not get their settings into the
tests, so whenever you need a setting from a plugin, even if it has a default,
you have to do needs.setting({ ... }) which is inconvenient.

This commit introduces an ember CLI build step to take the site_settings.yml and
all the plugin settings.yml files, pull out the client settings, and dump them
into a variable in a single JS file we can load in our tests, so we have the
correct selection of settings and default values in our JS tests. It also fixes
many, many tests that were operating under incorrect assumptions or old
settings.

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2022-11-08 09:17:43 +10:00
Krzysztof Kotlarek ff21651d64
FIX: topic tracking stage error when no tags (#18901)
When topic Tag is tracked and payload doesn't contain tags, it was throwing an error.
2022-11-08 10:16:05 +11:00
David Taylor 20dc27232e
PERF: Disable auto-import sourcemaps in production (#18923)
Even with the `chunkFilename` change, the sourcemaps are non-deterministic because they include references to the broccoli cache directory which has a different name for each build. This commit disables auto-import sourcemaps in production to improve caching performance.

Followup to 3673d3359c
2022-11-07 22:28:55 +00:00
David Taylor 782f43cc55
Improve route error handling in admin/plugins (#18911)
Previously if a specific plugin route was not available (e.g. there was an error loading the plugin's JS due to an ad blocker), the entire page would fail to load. This commit updates the behavior to catch this kind of issue and display a user-friendly message at the top of the screen.
2022-11-07 16:39:27 +00:00
Blake Erickson fd207f8730
FIX: Welcome topic should be hidden on the /categories page as well (#18869)
* FIX: Welcome topic should be hidden on the /categories page as well

* add tests
2022-11-07 09:24:55 -07:00
Bianca Nenciu 4b3e5133b0
FIX: Correctly render link title in draft preview (#18906)
The additional unescaping could cause link titles to be rendered
incorrectly.
2022-11-07 16:22:35 +02:00
David Taylor 3673d3359c
PERF: Ensure JS chunk content and filenames are deterministic (#18907)
This commit works around a couple of issues in `ember-auto-import` which were causing non-deterministic chunk filenames and content. Deterministic output should improve cache-reusability across deploys.

Refs:
https://github.com/ef4/ember-auto-import/issues/519
https://github.com/ef4/ember-auto-import/pull/548
https://github.com/ef4/ember-auto-import/issues/478
2022-11-07 12:43:49 +00:00
kaden-stytch 29a32f9566
Meta topic: https://meta.discourse.org/t/meta-theme-color-is-not-respecting-current-color-scheme/239815 (#18832)
Meta topic: https://meta.discourse.org/t/meta-theme-color-is-not-respecting-current-color-scheme/239815

Currently, the dark mode theme-color `<meta>` tag doesn't apply because the light mode tag has `media="all"`. This means that the dark mode `<meta>` tag with `media="(prefers-color-scheme: dark)"` won't override it. This PR updates the light mode tag to `media="(prefers-color-scheme: light)"` if `dark_scheme_id` is defined and leaves it as `media="all"` otherwise.
2022-11-07 10:06:26 +03:00
Martin Brennan d6bd4ad7ee
FIX: Make can_send_private_messages not reliant on system user (#18812)
Since the system user is a regular user, it can have its
`allow_private_messages` user option turned off, which
with our current `can_send_private_message?(Discourse.system_user)`
check inside the CurrentUserSerializer, will prevent any
user from sending messages in the UI if the system user is not
accepting PMs.

This commit adds a new `can_send_private_messages?` method to
the Guardian, which can be used in serializers and not depend
on the system user. When the user actually sends a message
we still rely on the old `can_send_private_message?(target)`
call to see if they are allowed to send the message to the target.
The new method is just to say they can "generally" send
private messages.
2022-11-07 09:11:18 +10:00
Vinoth Kannan dea44ec923
FEATURE: new site setting to hide user profiles by default. (#18864)
Previously, we didn't have a site-wide setting to set the default behavior for user profile visibility and user presence features. But we already have a user preference for that.
2022-11-06 16:44:17 +05:30
Isaac Janzen 4542bf4fef
DEV: Fix greyed text for dark mode emails (#18889) 2022-11-04 15:44:49 -05:00
Penar Musaraj 343037b022
FIX: Bug with permanent delete modal (#18825)
Repro steps:
- enable permanent deletes (via hidden site setting)
- set `min_topic_views_for_delete_confirm` to 0

When permanently deleting, the delete confirm modal is shown (for a
second time) and it doesn't pass the `force_destroy` parameter to the
request and the action results in a 422 error (i.e. can't perma-delete).

This change skips showing the confirm modal when perma-deleting given
that it has already been show on the first delete action.
2022-11-04 14:49:19 -04:00
Kris 2ae09db4aa
FIX: restore mention tab for experimental user nav (#18882) 2022-11-04 14:07:41 -04:00
David Taylor 38bb00edce
DEV: Use action helper in `bulk-tag` modal (#18885)
Passing a string action name to `DButton` causes it to use `sendAction`, which is deprecated and will be removed in Ember 4.x. The action helper converts a string to a closure action.

This also fixes compatibility with https://github.com/discourse/discourse/pull/17767
2022-11-04 17:26:31 +00:00
Alan Guo Xiang Tan 41eb92f5db
UX: Change ordering of categories shown in sidebar (#18803)
There are two possible ordering for categories shown in sidebar with
this commit.

When the `fixed_category_positions` site setting is enabled, the
categories are ordered based on `Category#position` which is a configurable
option by the user. When said site setting is disabled, the categories
are ordered based on `Category#name`.

The categories in Sidebar are also sorted in such a way where child
categories are always ordered right after their parents. When multiple
child categories are present, the child categories are ordered based on
the ordering described above.
2022-11-04 05:21:49 +09:00
Daniel Waterworth 1398bd5f1f
FIX: Theme import error handling needs to happen inside the hijack block (#18866)
Otherwise the errors don't get caught.
2022-11-03 14:02:26 -05:00
Kris 943c43ddc5
UX: less link-like unread/new color in sidebar (#18868) 2022-11-03 14:57:01 -04:00
Jarek Radosz 6e5e696c0b
DEV: Make `modifyClass` native class-aware, add tests (#16111) 2022-11-03 18:10:08 +01:00
dependabot[bot] 7e992cb299
Build(deps): Bump ember-source in /app/assets/javascripts (#18859)
Bumps [ember-source](https://github.com/emberjs/ember.js) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/emberjs/ember.js/releases)
- [Changelog](https://github.com/emberjs/ember.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember.js/compare/v3.28.9...v3.28.10)

---
updated-dependencies:
- dependency-name: ember-source
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 11:36:08 +00:00
Jarek Radosz f61e36384f
DEV: Use `store.createRecord` for Topic models (#18837)
…where possible
2022-11-03 12:32:20 +01:00
David Taylor 012eb922d5
Reduce theme/color-scheme cookie cookie duration (#18858)
Previously these were set to expire after 9999 days (27 years). This commit updates them to last 1 year, and to automatically be extended on every user visit.
2022-11-03 11:31:16 +00:00
dependabot[bot] 3286d345f4
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18851)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.20.0 to 7.20.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.20.1/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-03 12:30:45 +01:00
Kris 3ff18f2b3c
FIX: minor alignment fix for mobile small-actions (#18853) 2022-11-03 09:43:13 +09:00
Alan Guo Xiang Tan d446ad3290
UX: Muted style for entire chat section link when muted (#18852) 2022-11-03 08:37:39 +09:00
Osama Sayegh 391a456443
FIX: Write to group logs when a user is added to group by invite (#18841) 2022-11-03 07:58:12 +09:00
Penar Musaraj 8ed001678f
DEV: Have `licensee` check xmldom license (#18840) 2022-11-02 11:51:11 -04:00
Kris 4201ca61e2
FIX: fix circle indicator on "my posts", color (#18844) 2022-11-02 11:43:28 -04:00
Frank f6f436f694
FIX: New Topic button is now correctly disabled in a category where they have no permissions, even when filtered by tag (#18741) 2022-11-02 10:54:54 -04:00
Roman Rizzi 0a5f548635
DEV: Move `discourse-chat` to the core repo. (#18776)
As part of this move, we are also renaming `discourse-chat` to `chat`.
2022-11-02 10:41:30 -03:00
Kris 2531828973
UX: hide new/unread counts in sidebar, use dot by default (#18797)
This updates the behavior of the list destination setting for links in the sidebar.

By default, new/unread content will show a dot like chat, rather than the count of new/unread topics.

If a user chooses to link to new/unread in the sidebar, we'll show the count.

The goal here is to find a simple default for typical users (new/unread indication, no counts, default links) while providing a different workflow for power users (showing new/unread counts, and linking directly to new/unread).

Internal Ref: /t/82626
2022-11-02 20:55:05 +09:00
Alan Guo Xiang Tan 46e9f402eb
DEV: Avoid cloning site settings in QUnit tests (#18811)
`siteSettings` is now a service which means there should only be one
state for `siteSettings` during the life time of the application. This
also helps to maintain parity with production where the `site` model
relies on the `siteSettings` service and not a clone of the attributes.
2022-11-02 20:07:17 +09:00
dependabot[bot] e6856a3ca3
Build(deps): Bump tmpl from 1.0.4 to 1.0.5 in /app/assets/javascripts (#18835)
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)

---
updated-dependencies:
- dependency-name: tmpl
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-02 10:58:59 +01:00
Jarek Radosz fc107be63f
FIX: Correct the post numbers in `lastUnreadUrl` (#18831)
Previously when a topic had e.g. 10 posts and you read them all, the link to the "first unread" would be `/11`, even when we knew there are only 10. (the topic route/controller would then fix that in the location bar after a second if you followed that URL)
2022-11-02 10:49:10 +01:00
Jarek Radosz b9bcb225f2
DEV: Fix qunit hook issue (#18829) 2022-11-02 10:46:52 +01:00
Jarek Radosz 45e8995eb1
DEV: Force `testem` upgrade (#18834)
1. Add `"testem": "latest"` to package.json
2. `yarn`
3. `npx yarn-deduplicate`
4. Remove the line from package.json
5. `yarn`
2022-11-02 10:45:17 +01:00
Jordan Vidrine 208d22cfc2
UX: Change placement of welcome cta (#18806) 2022-11-01 14:07:40 -05:00
Daniel Waterworth 167181f4b7
DEV: Quote values when constructing SQL (#18827)
All of these cases should already be safe, but still good to quote for
"defense in depth".
2022-11-01 14:05:13 -05:00
Kris a356e2fe30
UX: update and consolodate published page styles (#18792) 2022-11-01 14:31:39 -04:00
David Taylor 07ef1a80a1
SECURITY: Fix invite link email validation (#18817)
See https://github.com/discourse/discourse/security/advisories/GHSA-x8w7-rwmr-w278

Co-authored-by: Martin Brennan <martin@discourse.org>
2022-11-01 16:33:32 +00:00