Commit Graph

8318 Commits

Author SHA1 Message Date
Andrei Prigorshnev 43c0bbb6a4
FEATURE: show status in the tooltip on the status bubble on the user menu (#17451) 2022-07-13 16:02:59 +04:00
David Taylor ee07f6da7d
SECURITY: Bump Rails to 7.0.3.1 (#17469)
https://discuss.rubyonrails.org/t/81017
2022-07-13 11:17:46 +01:00
Alan Guo Xiang Tan b4b87454f2
DEV: Move mini profiler badge to the right (#17468)
In the era where we have left aligned sidebar, the mini profiler badge
gets in the way
2022-07-13 13:40:12 +08:00
Discourse Translator Bot 0c269dfd18
Update translations (#17447) 2022-07-12 17:26:04 +02:00
Jarek Radosz 162a1f8ba7
DEV: Remove asset precompilation hack (#17428)
I don't think it's needed anymore?
2022-07-11 22:52:20 +02:00
Jarek Radosz 040e1650f6
DEV: Remove old redis option (#17427)
`Redis.exists_returns_integer` is now true by default
2022-07-11 22:15:30 +02:00
Jarek Radosz 5b70b67e78
FIX: Just inline the QUnit CSS in theme-test html (#17415)
Side-steps sassc compilation issues.
2022-07-11 12:01:47 +02:00
Jordan Vidrine fec3df60cb
DEV: Add more color schemes (#17398) 2022-07-08 16:46:32 -05:00
Rafael dos Santos Silva 75e40baa64
FIX: min/max username length limits weren't validated (#17382)
* FIX: min/max username length limits weren't validated

The custom validators introduced in e0d7cda made so we ignored the mix
and max values set on site_settings.yml. That change allowed admins to
set values outside of the range defined on the yaml file.

Related to https://meta.discourse.org/t/group-names-with-more-than-60-characters-broken/232115?u=falco

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-07-08 12:00:47 -03:00
Alan Guo Xiang Tan d9eab4bbbb
DEV: Add env to enable ActiveRecord query log tags (#17383) 2022-07-08 08:57:09 +08:00
Jarek Radosz 2e4056d185
DEV: Improve multisite db scripts in dev (#17337)
## Without multisite.yml config

No change. `bin/rails db:create` / `db:migrate` / `db:drop` should work the same.

## With multisite.yml config

### db:create

`bin/rails db:create` creates development, test, and all databases from the multisite config

`RAILS_DB=[site] bin/rails db:create` creates the database for the specified site from the multisite config

### db:migrate

`bin/rails db:migrate` migrates the development database and all databases from the multisite config

`RAILS_ENV=test bin/rails db:migrate` migrates the test database and `discourse_test_multisite`

`RAILS_DB=[site] bin/rails db:migrate` migrates the database for the specified site from the multisite config

### db:drop

`bin/rails db:drop` drops development, test, and all databases from the multisite config

`RAILS_DB=[site] bin/rails db:create` drops the database for the specified site from the multisite config
2022-07-06 10:39:03 +02:00
Discourse Translator Bot ba77c98c5d
Update translations (#17338) 2022-07-06 09:15:02 +02:00
Andrei Prigorshnev c59f1729a6
FEATURE: auto remove user status after predefined period (#17236) 2022-07-05 19:12:22 +04:00
Joe e3c71221e5
UX: Makes splash screen setting enabled by default (#17327)
We now want the splash screen to be enabled by default.
2022-07-05 02:06:28 +08:00
Alan Guo Xiang Tan 3266350e80
FEATURE: Decouple category/tag presence in sidebar from notifi level (#17273) 2022-06-30 14:54:20 +08:00
Gabe Pacuilla db53c6650b
FIX: max value for SiteSetting.delete_removed_posts_after (#17270) 2022-06-30 12:46:48 +08:00
Krzysztof Kotlarek 09932738e5
FEATURE: whispers available for groups (#17170)
Before, whispers were only available for staff members.

Config has been changed to allow to configure privileged groups with access to whispers. Post migration was added to move from the old setting into the new one.

I considered having a boolean column `whisperer` on user model similar to `admin/moderator` for performance reason. Finally, I decided to keep looking for groups as queries are only done for current user and didn't notice any N+1 queries.
2022-06-30 10:18:12 +10:00
Discourse Translator Bot c6b3d3e4b4
Update translations (#17267) 2022-06-28 20:52:09 +02:00
Natalie Tay ff77ad7ac0
UX: Change copy for user-selector placeholder (#17260) 2022-06-28 19:01:16 +08:00
Jarek Radosz a7284d3b96
DEV: Auto-allow multisite hosts in dev (#17246) 2022-06-27 21:58:33 +02:00
Rafael dos Santos Silva f56c44d1c7
FEATURE: Validate tags in WatchedWords (#17254)
* FEATURE: Validate tags in WatchedWords

We didn't validate watched words automatic tagging, so it was possible
for an admin to created watched words with an empty tag list which would
result in an exception when users tried to create a new topic that
matched the misconfigured watched word.

Bug report: https://meta.discourse.org/t/lib-topic-creator-fails-when-the-word-math-appears-in-the-topic-title-or-text/231018?u=falco
2022-06-27 16:16:33 -03:00
Jarek Radosz aabb98aedc
DEV: Deprecate `DISCOURSE_DEV_HOSTS` (#17245)
`RAILS_DEVELOPMENT_HOSTS` is a Rails standard that does exactly the same thing.
2022-06-27 19:04:42 +02:00
Joe 801750ffc4
UX: Makes splash setting visible (#17222)
The setting was previously hidden but we're now in a state where we want admins to see and experiment with it.
2022-06-24 08:50:29 +08:00
Alan Guo Xiang Tan 0b8e6adabe
FEATURE: New/unread messages count in experimental sidebar (#17117)
* FEATURE: Expand messages filter links when viewing private messages.

* FEATURE: New/unread messages count in experimental sidebar
2022-06-22 11:01:37 +08:00
Joe e82a2ce9ae
UX: Introduces a splash screen behind a hidden site setting (#17094)
This PR introduces a new hidden site setting that allows admins to display a splash screen while site assets load.

The splash screen can be enabled via the `splash_screen` hidden site setting.

This is what the splash screen currently looks like

5ceb72f085.mp4

Once site assets load, the splash screen is automatically removed.

To control the loading text that shows in the splash screen, you can change the preloader_text translation string in admin > customize > text
2022-06-22 04:35:46 +08:00
Discourse Translator Bot 46622be72b
Update translations (#17177) 2022-06-21 15:46:34 +02:00
Penar Musaraj fd294a60cf
DEV: Hide `content_security_policy_collect_reports` setting (#17159) 2022-06-21 09:48:45 +10:00
Régis Hanol 1ad1979e50
FIX: link to "recently used devices" in suspicious_login email notification (#17164)
The link used to point to `/my/preferences/account` but the list of recently used devices now lives in `/my/preferences/security`.
2022-06-20 23:16:34 +02:00
David Taylor 90993e2459
FIX: Precompile admin-plugins.js (#17154) (#17155)
This was inadvertently removed in 1b4692039e
2022-06-20 16:22:49 +01:00
David Taylor 9c6ce0fa3e
FIX: Precompile start-discourse.js (#17154)
This was inadvertently removed in 1b4692039e
2022-06-20 16:02:18 +01:00
Jarek Radosz 2c1fc28d00
DEV: Remove ember-cli flags from the backend (#17147)
…and other auxiliary code

* Restore `QUNIT_EMBER_CLI` flag warning
* Add `ALLOW_EMBER_CLI_PROXY_BYPASS`
2022-06-20 16:33:05 +02:00
David Taylor 1b4692039e DEV: Remove legacy JS manifests and vendored scripts
Now that we've switched to Ember CLI, these things are no longer used.

- These sprockets manifests are superceded by the assets generated by ember cli
- These vendored scripts are now fetched by ember-auto-import at compile time
2022-06-20 15:01:06 +01:00
Osama Sayegh 5176c689e9
UX: Change wording for 'regular' categories to 'normal' (#17134)
At some point in the past we decided to rename the 'regular' notification state of topics/categories to 'normal'. However, some UI copy was missed when the initial renaming was done so this commit changes the spots that were missed to the new name.
2022-06-20 06:49:33 +03:00
Discourse Translator Bot 7ac485fb9f
FEATURE: Add Croatian language (#17130)
Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
2022-06-18 00:18:22 +02:00
1resu 1f85eea64c
DEV: Allow changing APP_ROOT for puma via ENV variable (#15744) 2022-06-17 11:58:04 -04:00
Jarek Radosz fcb4e5a1a1
DEV: Make wizard an ember addon (#17027)
Co-authored-by: David Taylor <david@taylorhq.com>
2022-06-17 14:50:21 +02:00
Alan Guo Xiang Tan c625dc0adc
FEATURE: Add messages section links to experimental sidebar. (#17096) 2022-06-16 13:33:40 +08:00
Daniel Waterworth d7886e4d18
FIX: Allow all subdomains of localhost in development (#17089)
domains can contain numbers.

Follow-up-to: 00e756e358
2022-06-14 14:54:49 -05:00
Discourse Translator Bot e0364cf228
Update translations (#17087) 2022-06-14 16:57:33 +02:00
Alan Guo Xiang Tan 4a240f6c90
DEV: First pass at messages section experimental sidebar (#17084) 2022-06-14 15:56:20 +08:00
Sam 4a1937adff
FEATURE: Change auto tracking to require 5 minutes vs 4 (#17081)
Per @codinghorror, we prefer to change this setting to 5 minutes to avoid
tracking topic automatically except for extremely exceptional situations.
2022-06-14 13:48:19 +08:00
Discourse Translator Bot f38a06f3a5
Update translations (#17022) 2022-06-11 13:20:37 +02:00
Alan Guo Xiang Tan ced9a5ee6d
FEATURE: First pass tags section for experimental sidebar. (#17048)
Counts for the section links will be added in a follow up commit.
2022-06-10 09:49:36 +08:00
Alan Guo Xiang Tan cd8c97debc
FEATURE: Add section links to categories section to exp sidebar (#17035)
This commit adds a section link to the categories section for each
category that is tracked by the user in the experimental sidebar.
2022-06-09 11:14:01 +08:00
Loïc Guitaut fff3ff11c0 FIX: Make disabling TLS in mail possible again
Following the Rails 7 upgrade, the `DISCOURSE_SMTP_ENABLE_START_TLS`
setting doesn’t work anymore. This is because Rails upgraded the
`net-smtp` gem to the 0.3.1 version which enables `starttls` by default.
The `mail` gem doesn’t support this new behavior yet and doesn’t know
how to disable TLS. This should be fixed in an upcoming release.

Meanwhile applying this patch allows us to get back the previous
behavior which is expected by many.
2022-06-08 14:04:05 +02:00
David Taylor 5238f6788c
FEATURE: Allow hotlinked media to be blocked (#16940)
This commit introduces a new site setting: `block_hotlinked_media`. When enabled, all attempts to hotlink media (images, videos, and audio) will fail, and be replaced with a linked placeholder. Exceptions to the rule can be added via `block_hotlinked_media_exceptions`.

`download_remote_image_to_local` can be used alongside this feature. In that case, hotlinked images will be blocked immediately when the post is created, but will then be replaced with the downloaded version a few seconds later.

This implementation is purely server-side, and does not impact the composer preview.

Technically, there are two stages to this feature:

1. `PrettyText.sanitize_hotlinked_media` is called during `PrettyText.cook`, and whenever new images are introduced by Onebox. It will iterate over all src/srcset attributes in the post HTML and check if they're allowed. If not, the attributes will be removed and replaced with a `data-blocked-hotlinked-src(set)` attribute

2. In the `CookedPostProcessor`, we iterate over all `data-blocked-hotlinked-src(set)` attributes and check whether we have a downloaded version of the media. If yes, we update the src to use the downloaded version. If not, the entire media element is replaced with a placeholder. The placeholder is labelled 'external media', and is a link to the offsite media.
2022-06-07 15:23:04 +01:00
Alan Guo Xiang Tan 7da074d591
DEV: Implement "My Posts" section link for experimental sidebar (#17008) 2022-06-07 10:52:54 +08:00
Daniel Waterworth 00e756e358
DEV: Allow all subdomains of localhost in development (#17018)
By default in rails, it looks like only one level deep is allowed.
2022-06-06 16:02:51 -05:00
Isaac Janzen 49415de3fa
DEV: Remove reply_as_private_message from composer (#16979)
* Remove 'New Message' option from composer dropdown
* Update Acceptance Tests
2022-06-06 15:10:34 -05:00
Martin Brennan f94682e2c4
FIX: Do not use SVGs for twitter:image metadata (#16973)
Twitter does not allow SVGs to be used for twitter:image
metadata (see https://developer.twitter.com/en/docs/twitter-for-websites/cards/overview/markup)
so we should fall back to the site logo if the image option
provided to `crawlable_meta_data` or SiteSetting.site_twitter_summary_large_image_url
is an SVG, and do not add the meta tag for twitter:image at all
if the site logo is an SVG.
2022-06-03 09:02:57 +10:00