Commit Graph

20644 Commits

Author SHA1 Message Date
David Taylor 39f7e98b60
FIX: Ensure page is reloaded correctly when a hash is present (#8096)
To demonstrate the issue:
- Visit https://meta.discourse.org/#somethingHere while logged in
- Click "log out"
- You will be logged out, but the page will not be reloaded

Setting `window.location.pathname = "/"` will not reload the page if there is a hash present. Using `window.location = "/"` gives us the desired behavior.
2019-09-16 13:27:12 +01:00
romanrizzi 08b7a3fdfe Fix: Don't show non-members as readers when the post is a whisper 2019-09-13 17:14:31 -03:00
Roman Rizzi 1576b07a10
FIX: Improve protection against problematic usernames (#8097) 2019-09-13 15:11:27 -03:00
David Taylor 98719bee10 FIX: Load raw hbs templates correctly from theme javascripts folder 2019-09-13 18:01:16 +01:00
David Taylor b0211772cb FIX: Explicitly specify the format when loading `/associate/{{token}}`
In IE11, the browser returns the cached HTML response, rather than the JSON formatted response. A better solution may be to add a `Vary: Accept` header to all of our HTML responses, but this commit should solve the immediate issue.
2019-09-13 17:22:57 +01:00
Régis Hanol 0cfe47471f FIX: add support for version query parameter in InlineUploads 2019-09-13 18:21:19 +02:00
Kyle Zhao f0f03acb2c FIX: Do not escape `fancy_title` again. (#8095)
`fancy_title` is already escaped by Rails. Escaping it again would print
the HTML entity as-is, e.g. `"` instead of `"`.

This fixes the issue by introducing a new `escapedContent` attribute on
the `QuickAccessItem` widget.
2019-09-13 10:04:14 -04:00
Penar Musaraj 6bbda8eae9 FIX: Do not show latest count in tabs on tag lists 2019-09-12 22:42:48 -04:00
Régis Hanol aa511c5b59 FIX: support <img> in code blocks when inlining uploads
Simpler code is better :)

Also added moar specs to ensure <img> tag inside code blocks are properly ignored.
2019-09-12 21:25:14 +02:00
Penar Musaraj 8f601d5025 UI: Add viewport meta tag to embedded topics layout 2019-09-12 14:14:32 -04:00
Vinoth Kannan 321f559c7c FIX: make markdown regexp patterns case insensitive. 2019-09-12 22:25:15 +05:30
Roman Rizzi 568232052e
DEV: Remove FlagQuery class and old code (#8064) 2019-09-12 13:21:33 -03:00
hawm 7129637279 FEATURE: Make share button support custom javascript (#8090)
* FEATURE: Make share button support custom javascript

* clean code

* formatting

* formatting
2019-09-12 11:19:43 -04:00
David Taylor 67a98946b8 FIX: Do not log 'pull_hotlinked_images' edits in the staff action log 2019-09-12 15:55:45 +01:00
Penar Musaraj e4b813df4c FIX: Change admin dashboard sort caret icon color on hover 2019-09-12 10:38:53 -04:00
Jarek Radosz 1dcdcb5c31
FIX: Cast all numerical values in reports (#8087)
* FIX: Cast all numerical values in reports

The backend can return some numerical values in report as strings. That results in unexpected order of values when sorting report tables.

* Create `toNumber()` helper

The `typeof` and `parseFloat` seem to be the fastest path: https://jsperf.com/number-vs-typeof-vs-parsefloat#results
2019-09-12 15:17:34 +02:00
David Taylor 73172f00d3
FIX: Clear authentication data from session after create account (#8040) 2019-09-12 12:11:12 +01:00
Kris f4f566a301 Adding above-user-profile plugin outlet 2019-09-11 22:22:00 -04:00
Krzysztof Kotlarek 32b8a2ccff DEV: Upgrade Discourse to Rails 6 (#8083)
* Adjustments to pass specs on Rails 6.0.0
* Use classic autoloader instead of Zeitwerk
* Update Rails 6.0.0 deprecated methods
* Rails 6.0.0 not allowing column with integer name
* Drop freedom_patches/rails6.rb
* Default value for trigger_transactional_callbacks? is true
* Bump rspec-rails version to 4.0.0.beta2
2019-09-12 10:41:50 +10:00
Neil Lalonde 7331e0865a FIX: user directory should not include unapproved users
When the "must approve users" setting is enabled, new users who were
waiting to be approved could show up in the user directory.
2019-09-11 15:18:17 -04:00
Arpit Jalan 59f7c92661 fix the build. 2019-09-11 23:32:58 +05:30
Arpit Jalan 4195548a17 Bump onebox version.
- indicate and link to Flickr Album
2019-09-11 23:23:11 +05:30
Gerhard Schlager 56c6e8e961 FIX: POP3 doesn't work with TLS 1.3 2019-09-11 18:43:19 +02:00
Rishabh d93586c63f FEATURE: Whitelist the `allowfullscreen` iframe attribute (#8086)
Adding this to core allows showing the fullscreen button on external iframe videos like Vimeo.
https://meta.discourse.org/t/full-screen-videos-plugin/90869 will not be needed anymore.
2019-09-11 16:49:54 +02:00
Leo McArdle 9ba4a67766 pass model to above-user-preferences outlet (#8084) 2019-09-11 10:24:22 -04:00
Dan Ungureanu 8b2c272f04
UX: Use medium format for displaying time in post notices. (#8074) 2019-09-11 13:00:53 +03:00
Penar Musaraj 7252c14a16 FIX: Switch to full screen external login for Safari
This is a temporary solution, currently popup auth fails in Safari.
2019-09-11 00:18:37 -04:00
Sam Saffron 93b0ffc85c DEV: improve subfolder inline logic
This follows up on #503a11cc88f with a spec
2019-09-11 12:02:42 +10:00
Michael Brown 503a11cc88 FIX: inline_uploads and subfolder (#8076)
* FIX: inline_uploads and subfolder

* if subfolder, also look for images with a path containing
  cdn_url + relative_url_root

* FIX: migrate_to_s3 task and subfolder
2019-09-11 11:50:48 +10:00
Neil Lalonde f0586ece32 FIX: errors in qunit tests when version check info is missing 2019-09-10 16:38:23 -04:00
Neil Lalonde 82398907af Prettier 2019-09-10 15:09:16 -04:00
Neil Lalonde 509e61e272 UX: Show installed version with SHA instead of number of commits
Removes the "+ 437" string at the end of "v2.4.0.beta2 + 437",
and adds a link to the exact commit on github underneath.
2019-09-10 14:59:51 -04:00
romanrizzi bd930a9c77 FIX: Do not show staged users avatars when expanding the read count indicator 2019-09-10 14:21:34 -03:00
Joffrey JAFFEUX a25869969a
DEV: adds event hook when add/remove user to group (#8038) 2019-09-10 11:58:08 -05:00
Robin Ward 1cebe7670a FEATURE: Allow embedding to ignore HTTP REFERER
New site setting: `embed_any_origin` that will send postMessages to
wildcard origins `*` instead of the referer.

Most of the time you won't want to do this, so the setting is default to
`false`. However, there are certain situations where you want to allow
embedding to send post messages when there is no HTTP REFERER.

For example, if you created a native mobile app and you wanted to embed a list
of Discourse topics as HTML. In the code your HTML would be a
static file/string, which would not be able to send a referer. In this
case, the site setting will allow the embed to work.

From a security standpoint we currently only use `postMessage` to send
data about the size of the HTML document and scroll position, so it
should be enable if required with minimal security ramifications.
2019-09-10 12:27:07 -04:00
Penar Musaraj cf23016360 FIX: Display emojis in search result blurbs 2019-09-10 11:11:15 -04:00
Bianca Nenciu 0d22beb81d
FIX: Improve Onebox detection (#8019)
Follow-up to 7c83d2eeb2.
2019-09-10 13:59:48 +03:00
Arpit Jalan 972c1acef8 DEV: better class names for Flexbox 2019-09-09 21:33:53 +05:30
Kyle Zhao 9b10a78d82 FEATURE: Quick access panels in user menu (#8073)
* Extract QuickAccessPanel from UserNotifications.

* FEATURE: Quick access panels in user menu.

This feature adds quick access panels for bookmarks and personal
messages. It allows uses to browse recent items directly in the user
menu, without being redirected to the full pages.

* REFACTOR: Use QuickAccessItem for messages.

Reusing `DefaultNotificationItem` feels nice but it actually requires a
lot of extra work that is not needed for a quick access item.

Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread
private message"), and it is not trivial to remove / override that.

* Use a plain JS object instead.

An Ember object was required when `DefaultNotificationItem` was used.

* Prefix instead suffix `_` for private helpers.

* Set to null instead of deleting object keys.

JavaScript engines can optimize object property access based on the
object’s shape. https://mathiasbynens.be/notes/shapes-ics

* Change trivial try/catch to one-liners.

* Return the promise in case needs to be waited on.

* Refactor showAll to a link with href

* Store `emptyStatePlaceholderItemText` in state.

* Store items in Session singleton instead.

We can drop `staleItems` (and `findStaleItems`) altogether. Because
`(old) items === staleItems` when switching back to a quick access
panel.

* Add `limit` parameter to the `user_actions` API.

* Explicitly import Session instead.
2019-09-09 11:03:57 -04:00
Nick Quaranto 530356f465 Use Discourse.getURL for /clicks/track so clicks can be tracked on relative URLs (#8079) 2019-09-09 17:41:37 +10:00
Roman Rizzi 7d5f3c1338 UX/PERF: Update readers count when a post from another user is read. Don't fetch the post data again just to update the count. (#8078) 2019-09-09 11:29:15 +10:00
Robin Ward 3e3f6b1b62 Revert "FIX: Auth popup handling for Safari same-site cookie quirks"
This reverts commit 310a8ac242.

It seems this breaks google authentication. My suspicion is opening
the URL twice invalidates the CSRF after the first access.
2019-09-06 15:46:48 -04:00
Gerhard Schlager 52461abad9 FIX: Move read state when moving posts
* Moves / copies post timings
* Moves / copies topic users
* Fixes a small bug in the calculation of post numbers
2019-09-06 20:52:44 +02:00
Gerhard Schlager 631315624d FIX: Topics with muted tag didn't show up when filtering by category and tag
It also removes the redundant `filter` parameter. Previously URLs looked like this:

```
http://example.com/tags/c/some-category/muted-tag/l/latest.json?filter=tags/c/some-category/muted-tag/l/latest
```

But it looks like the `filter` parameter was only used to find out if topics with a muted tag should be removed or not. But the same thing can be accomplished by using the first tag ID. The following URL looks a lot cleaner.

```
http://example.com/tags/c/some-category/muted-tag/l/latest.json
```
2019-09-06 20:38:03 +02:00
Rimian Perkins 6bbd83067d FEATURE: New post editing period for >= tl2 users (#8070)
* FEATURE: Add tl2 threshold for editing new posts

* Adds a new setting and for tl2 editing posts (30 days same as old value)
* Sets the tl0/tl1 editing period as 1 day

* FIX: Spec uses wrong setting

* Fix site setting on guardian spec

* FIX: post editing period specs

* Avoid shared examples
* Use update_columns to avoid callbacks on user during tests
2019-09-06 07:44:12 -04:00
Arpit Jalan 103629d257 UX: better user image for embed/topics 2019-09-06 06:23:07 +05:30
Vinoth Kannan f0f6b715ce fix the typo
c1769b0ec5
2019-09-06 01:33:23 +05:30
Vinoth Kannan c1769b0ec5 DEV: improve the code readability.
82c5a1d20f
2019-09-06 01:27:29 +05:30
Arpit Jalan d78ed3159d FEATURE: add topic creator username on topic list embed 2019-09-05 22:43:38 +05:30
Sam Saffron cd894b7d17 FIX: inline_uploads not working on subfolder setups 2019-09-05 15:32:33 +10:00
Jeff Wong 6b6b0f09c4 UX: Align timeline controls to the top 2019-09-04 17:28:54 -07:00
romanrizzi f9ee6e923a UX: Hide the read indicator if read count is zero 2019-09-04 16:55:39 -03:00
Roman Rizzi 7a70fce584
FIX: :reject_user_delete action can only be handled by ReviewableUser (#8068) 2019-09-04 14:12:48 -03:00
Jeff Wong c20d26a500 FEATURE: add before-topic-progress plugin outlet 2019-09-04 09:31:06 -07:00
Robin Ward bde0ef865f
FEATURE: Adds a pop up that shows a more detailed score for reviewables (#8035)
If you click a (?) icon beside the reviewable status a pop up will
appear with expanded informatio that explains how the reviewable got its
score, and how it compares to system thresholds.
2019-09-04 09:56:25 -06:00
Arpit Jalan 5109cef126 Fix the build. 2019-09-04 20:44:05 +05:30
Arpit Jalan a5c28f56d1 UX: use Flexbox for topic list embed 2019-09-04 20:22:57 +05:30
Sam Saffron 213117b84c PERF: use CDN url for proxy of favicon
This avoids hitting S3 direct which is usually not desirable.
2019-09-04 18:21:07 +10:00
Arpit Jalan 3e37801d05 DEV: validate param value on /embed/topics 2019-09-04 13:31:46 +05:30
Mark VanLandingham d819b55038 FEATURE: support data-explorer outlet in group navigation (#8063) 2019-09-04 16:15:10 +10:00
Penar Musaraj 21e5772aa5 FIX: Mobile Safari composer improvements (#8069)
- prevents keyboard from being invoked when textarea is disabled

- avoids scrolling up when switching focus from title to textarea on new topic creation
2019-09-04 16:04:07 +10:00
Vinoth Kannan 82c5a1d20f FIX: Make 'group membership requests' feature compatible with visibility level option 'logged_on_users'. 2019-09-04 03:22:55 +05:30
Penar Musaraj c468abe9d0 FIX: Adjust composer size for iPhone Xs Max and Xʀ 2019-09-03 12:47:00 -04:00
Sam Saffron dc9110cc43 FEATURE: track date api key was last used
Start tracking the date an api key was last used. This has already been
the case for user_api_keys.

This information can provide us with the ability to automatically expire
unused api keys after N days.
2019-09-03 18:11:30 +10:00
Arpit Jalan d64908ba27 fix the build. 2019-09-02 20:04:21 +05:30
Arpit Jalan 111ae95cbc
FEATURE: embed topic with detailed metadata (#8062) 2019-09-02 19:55:44 +05:30
Vinoth Kannan aa012d12dc FIX: include 'short_url' as src if upload url not exist
The URL '/images/transparent.png' will be used in the cooked content if upload record not found. In that case we have to use 'short_url' as image src in 'post.each_upload_url' method.
2019-09-02 15:11:22 +05:30
Régis Hanol 75eebc904e FEATURE: new 'Discourse-Render' HTTP header 2019-08-30 20:45:18 +02:00
Penar Musaraj 4d6eacac5c FIX: close user card after clicking Message button
This was primarily an issue on mobile, where after clicking the "Messsage" button in the user card, the composer would load behind the user card overlay.
2019-08-30 13:40:12 -04:00
David Taylor 310a8ac242 FIX: Auth popup handling for Safari same-site cookie quirks
When opening authentication popup, start with an on-site URL. Opening "about:blank", and then POSTing the form does not send same-site=Lax cookies. Opening the popup to a page on the site domain, and then POSTing the form, works successfully.
2019-08-30 17:55:18 +01:00
Roman Rizzi e515324afa
Feature/Fix: Flagged posts user notifications (#8041)
* FIX: User should get notified when a post is deleted

* FEATURE: Notify posters when restoring flagged posts

* Fix typo

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* Improve tests
2019-08-30 10:27:52 -03:00
David Taylor 3c6176b844 FIX: Allow accessing nested objects within theme settings
This is required to access keys within the new theme_uploads object
2019-08-30 12:27:02 +01:00
David Taylor e2449f9f23 Revert "Revert "Revert "FIX: Heartbeat check per sidekiq process (#7873)"""
This reverts commit c3497559be.
2019-08-30 11:26:16 +01:00
David Taylor 5d4fcc62bb Revert "FIX: heartbeat should be per host"
This reverts commit 17bed44405.
2019-08-30 11:25:59 +01:00
David Taylor be96c4478e
FEATURE: Login with Discord (#8053)
This migrates the functionality of discourse-plugin-discord-auth into core. 

The plugin will automatically disable itself when core is updated: fd0867844d?w=1

For setup instructions, visit https://meta.discourse.org/t/configuring-discord-login-for-discourse/127129
2019-08-30 10:54:19 +01:00
Sam Saffron ac7d68a745 FIX: in case of orphan user records skip badge
There are rare cases where orphan user records can exist, skip badges
2019-08-30 17:21:34 +10:00
Sam Saffron 17bed44405 FIX: heartbeat should be per host
We need to schedule heartbeat on the correct host, otherwise some queues
may end up starving.
2019-08-30 16:10:08 +10:00
Sam Saffron 3e855e33ae FIX: notifications not updating correctly from background tab
We refactored some code to avoid app event leak in tests at c462c2f2

Unfortunately this broke all background notifications in title and they
were broken for the past multiple months.
2019-08-30 15:51:20 +10:00
Sam Saffron e9cf0de588 FEATURE: do not replace &harr; with an emoji
&harr; technically can be an emoji, but usually will not be used in that way
2019-08-30 15:06:23 +10:00
Sam Saffron c3497559be Revert "Revert "FIX: Heartbeat check per sidekiq process (#7873)""
This reverts commit e805d44965.
We now have mechanisms in place to ensure heartbeat will always
be scheduled even if the scheduler is overloaded per: 098f938b
2019-08-30 10:12:10 +10:00
Osama Sayegh ff8cc244d8
FIX: remote theme record not saved when checking for updates (#8054) 2019-08-30 00:32:54 +03:00
romanrizzi 1a909c16eb UX: User vertical-align: middle instead of em units 2019-08-29 17:33:35 -03:00
Arpit Jalan befab8eafa UX: use color code variable 2019-08-29 23:53:42 +05:30
Arpit Jalan b63d476ee9 UX: convert embedded topic list HTML structure from table to div 2019-08-29 22:23:52 +05:30
romanrizzi 2b3dd1b945 FIX: Avoid publishing changes if the topic was deleted 2019-08-29 13:38:23 -03:00
romanrizzi 13af02b70f FIX: Include read indicator when the publish_group_state is enabled 2019-08-29 12:47:55 -03:00
Gerhard Schlager d516e492a4 FIX: An overridden text of a non-existent plural key resulted in error
When there is an overridden text in the database that belongs to
a pluralized key which doesn't exist in English anymore, the
Customize Texts admin page was unusable. This stops those keys from
ever being returned by a search.
2019-08-29 17:41:19 +02:00
Roman Rizzi ebb389ef8a
UX: Read indicator improvements. (#8049)
* The read indicator now shows up when no member has read the last post of the topic (written by a non-member)
* The read indicator works on mobile and receives live updates from message bus
* The icon we display in the topic list was changed
* Added a title to the indicator to indicate its purpose when hovering over it
2019-08-29 12:03:43 -03:00
David Taylor 98fbc019a3
FIX: Ensure live-reloading of theme CSS works first time (#8052)
The client-side theme-selector would always apply the first in a series of file change notifications. This has been fixed, so it now applies the most recent notification.

Duplicate notifications were being sent because
- The remote_theme autosave was causing every change notification to be doubled
- Color scheme change notifications were being sent every time a theme was uploaded, even if the colors were unchanged

These duplicate notifications have been fixed, and a spec added to ensure it does not regress in future
2019-08-29 15:47:08 +01:00
Sam Saffron 0bf3316aec FIX: race condition during deploys creating stylesheets
In some cases stylesheet cache path may be missing, ensure it exists
prior to writing stylesheet
2019-08-29 17:27:07 +10:00
Sam Saffron 4fce6484fe PERF: reduce window of consistency on user actions
Databases can have a lot of user actions, self joining and running an
aggregate on millions of rows can be very costly

This optimisation will reduce the regular window of consistency down to 13
hours, this ensures the job runs much faster
2019-08-29 13:27:04 +10:00
Régis Hanol 56be4bb8f0 FIX: don't search for tags when editing topic title 2019-08-28 21:25:49 +02:00
Régis Hanol e3eb49729c FIX: don't blow up if the topic does not exists anymore
PERF: only select the only field we use

introduced in 7c741fa0d6 (cc @romanrizzi)
2019-08-28 18:07:56 +02:00
Gerhard Schlager a40e9d9cb5 UX: Remove unused strings about desktop notifications 2019-08-28 16:00:50 +02:00
David Taylor de4bf6ee9f FIX: When activating via omniauth, create tokens after password reset
Resetting a password invalidates all email tokens, so we need to create the tokens after the password reset.
2019-08-28 14:43:25 +01:00
David Taylor 2bb08d93e4 FIX: When activating a user, ensure the change is reflected immediately
When activating a user via an external provider, this would cause the "this account is not activated" message to show on the first attempt, even though the account had been activated correctly.
2019-08-28 14:07:16 +01:00
David Taylor a5e198fa30 SECURITY: Reset password when activating an account via auth provider
Followup to d693b4e35fe0e58c5578eae4a56c06dff4756ba2
2019-08-28 14:07:07 +01:00
David Taylor 9878bc62b3 Revert "Merge pull request from GHSA-7cmh-wm9h-j63f"
This reverts commit 8e5a8d1d54. The change will be re-applied with improvements.
2019-08-28 14:07:03 +01:00
David Taylor ca9ef58318 FIX: Allow dashboard to load even when git version cannot be found 2019-08-28 12:37:42 +01:00
Joe 5276a827dd
UX: small follow-up to #8047 2019-08-28 16:52:46 +08:00
Osama Sayegh 68f87dffa5
DEV: include TopicQueryParams in TagsController (#8045)
* DEV: include TopicQueryParams in TagsController

* Fix rubocop
2019-08-28 11:41:50 +03:00
Joe d14851e552 UX: better alignment for tags in the header (#8047)
* Removes unused styles

This commit only removes unnecessary / duplicate styles. It does not cause any visual changes.

* adds class to `<h1>` tag in header topic info.

This is much better to target than `h1`

* removes unused styles

* header title margin adjustment

* minor header-title margin adjustments

* One more header-title margin adjustment
2019-08-28 18:18:27 +10:00
Kyle Zhao 698e97125e REFACTOR: User menu profile link for extensibility (#8039)
This minor refactor extracts `UserMenuLinks#profileLink` &
`UserMenuLinks#linkHtml` to allow plugins / themes to control the
profile link definition, and more importantly, how it is rendered.
2019-08-28 16:34:51 +10:00
Penar Musaraj 5c02bfb000 FEATURE: Site settings for linking with iOS/Android native apps
- Adds support for iOS Universal Links via an `apple-app-site-association` endpoint

 Adds support for Google Digital Asset Links at the `.well-known/assetlinks.json` endpoint
2019-08-27 14:05:37 -04:00
David Taylor 8e5a8d1d54 Merge pull request from GHSA-7cmh-wm9h-j63f 2019-08-27 09:11:19 -07:00
romanrizzi 03d51d6519 FIX: Display actual readers on the first post 2019-08-27 12:13:38 -03:00
Penar Musaraj 0f67350764 FIX: only use app argument for official iOS app banner
When showing the native app banner, we include an app argument to automatically add the current site to the official DiscourseHub app. However, the app id can be changed via a hidden site setting, and when changed, that argument is no longer useful. This ensures the argument is only included for the official iOS app banner.
2019-08-27 10:23:57 -04:00
Roman Rizzi 7c741fa0d6
FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025)
* Revert "Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)""

This reverts commit 36425eb9f0.

* Fix: Show who read only if the attribute is enabled

* PERF: Precalculate the last post  readed by a group member

* Use book-reader icon instear of far-eye

* FIX: update topic groups correctly

* DEV: Tidy up read indicator update on write
2019-08-27 09:09:00 -03:00
David Taylor f2331ef07f
DEV: Stop serializing user_auth_token_logs (#8043)
These are no longer used in the user interface
2019-08-27 13:07:03 +01:00
OsamaSayegh e805d44965 Revert "FIX: Heartbeat check per sidekiq process (#7873)"
This reverts commit 340855da55.
2019-08-27 11:56:23 +00:00
Osama Sayegh 2305a6fffe
DEV: don't define `_super` when modifying widgets unless the property is a function (#8042) 2019-08-27 13:34:16 +03:00
David Taylor 734a06dd21 FIX: When using a custom authenticator URL, send request using GET 2019-08-27 10:28:17 +01:00
Penar Musaraj a3cd73ef27 FIX: Don't display PWA banner when using native app 2019-08-26 15:55:26 -04:00
Roman Rizzi 3259ea60a6
DEV: Remove code deprecated by the new Reviewable API (#8023)
* Remove flag hooks and endpoints

* Remove #reject_bulk for users

* Remove code for quued_posts_controller
2019-08-26 10:33:26 -03:00
Osama Sayegh 340855da55
FIX: Heartbeat check per sidekiq process (#7873)
* FIX: Heartbeat check per sidekiq process

* Rename method

* Remove heartbeat queues of previous bootups

* Regis feedback

* Refactor before_start

* Update lib/demon/sidekiq.rb

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* Update lib/demon/sidekiq.rb

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* Expire redis keys after 3600 seconds

* Don't use redis to store the list of queues
2019-08-26 09:33:49 +03:00
Sam Saffron b93460cb59 UX: workaround chrome autocomplete bug in search
This works around issue mentioned in 918a0ea3
2019-08-26 10:27:43 +10:00
Joffrey JAFFEUX 171618e7d6 FIX: allows mini-tag-chooser to fetch tags in background (#8033)
This is useful when changing the category in the composer for example. When opening mini-tag-chooser after, tags will be correctly updated for the selected category.
2019-08-23 06:45:29 -06:00
Régis Hanol 2ff5592941 FIX: Filter out hidden posts for wordpress 2019-08-23 11:50:03 +02:00
Dan Ungureanu 34a76bf106 FIX: Do not set destination_url cookie after deleting own account. (#8028)
destination_url cookie is used to redirect the user to the a private
page after they have logged in. After deleting own account, a user's
pages would be refreshed which would set the destination_url, cookie
that can cause a redirect to an invalid page after logging in again.

Reproduction steps:

1. User is at `/u/:username/preferences/account` and deletes account by
requesting DELETE `/u/:username.json`.

2. User is being destroyed and a MessageBus message (`file-change`,
`['refresh']`) is published.

3. User receives response to DELETE request, but page may be or not
refreshed. Anyway, since they can no longer see the preferences page,
they are redirected to `/login` and `destination_url` cookie is set,
that will redirect on next login (but to the previous preferences page).
2019-08-22 17:42:45 +02:00
Joffrey JAFFEUX e94f67e2da
prettier (#8031) 2019-08-22 15:27:45 +02:00
Régis Hanol 1e4f0ac216 FIX: infinite loop when mentioning in IE11 2019-08-22 14:47:25 +02:00
Joffrey JAFFEUX 74931eedfd
DEV: prevents deprecation of overriding computed property (#8030)
https://deprecations.emberjs.com/v3.x/#toc_computed-property-override
2019-08-22 12:31:18 +02:00
Joffrey JAFFEUX 78eb05e4ea
DEV: bumping for customHref nav item API (#8029) 2019-08-22 12:25:02 +02:00
Vinoth Kannan 41f22946c3 FIX: properly load desktop and mobile only plugin css assets.
5bd6b70d98
2019-08-22 08:39:10 +05:30
Sam Saffron 741d5bf541 DEV: improvement to stripping quote logic
Followup one afc7830b we needed handling for nested quotes
2019-08-22 12:09:32 +10:00
Sam Saffron afc7830be5 PERF: faster length calculation of composer body
Every time we type a letter the composer issues a reply length check.

This is due to the interconnecting components, the title one depends on the
body which means that this decision making is passed along each time, even
if the title does not need it strictly.

Anyway...

This optimisation has 3 parts:

1. If the composer string is super long (10000 chars) we will bypass, quote
stripping and space squashing.

2. Quote stripping is now done much more efficiently, we strip them all in
one go

3. Space squashing eg: `hello    world` to `hello world` is done in an
efficient loop to avoid needing to generate superflous strings that need
GC
2019-08-22 11:56:38 +10:00
Kris 2d5b928da9 UX: Layout fix for category boxes w/ long subcategory names 2019-08-21 20:03:34 -04:00
Penar Musaraj 14cdb01254 FIX: Allow topic edits when using a hidden tag
Previously, a regular user could not edit the title or category
of a topic if a hidden tag had already been applied.

This also stops hidden tag names from leaking in the error message.
2019-08-21 16:33:01 -04:00
Gerhard Schlager 00b75b4f4e FIX: Don't try to delete staged, unused admins and mods 2019-08-21 15:29:51 +02:00
Daniel Waterworth d59746cdc1 SECURITY: Don't send CSRF token in query string
The token is already present in the headers thanks to the csrf-token
initializer.
2019-08-21 13:16:38 +01:00
Gerhard Schlager cc7b24b88b FIX: Regularly reset unknown extension of uploads
Discourse will try to detect the extension the next time the upload is needed. Maybe there was just a transient error the last time.
2019-08-21 10:23:20 +02:00
Sam Saffron 719a93c312 FEATURE: treat theme_uploads as settings in JavaScript
This change allows themes and components access to theme assets.

This means that inside theme js you can now get the URL for an asset with:

```
settings.theme_uploads.name
```
2019-08-21 16:51:10 +10:00
Rafael dos Santos Silva 72c2818655 FIX: Limit PWA install banner to Android for now 2019-08-20 14:47:17 -03:00
Vinoth Kannan 5bd6b70d98
DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
romanrizzi 36425eb9f0 Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)"
This reverts commit 5dda5c2f7c.
2019-08-20 13:29:22 -03:00
Roman Rizzi 5dda5c2f7c
FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)
* Reenable: "FEATURE: Publish read state on group messages. (#7989)"

This reverts commit 67f5cc1ce8.

* FIX: Read indicator only appears when the group setting is enabled
2019-08-20 11:57:25 -03:00
romanrizzi 67f5cc1ce8 Revert "FEATURE: Publish read state on group messages. (#7989)"
This reverts commit 1630dae2db.
2019-08-20 10:24:34 -03:00
Roman Rizzi 1630dae2db
FEATURE: Publish read state on group messages. (#7989)
* Enable or disable read state based on group attribute

* When read state needs to be published, the minimum unread count is calculated in the topic query. This way, we can know if someone reads the last post

* The option can be enabled/disabled from the UI

* The read indicator will live-updated using message bus

* Show read indicator on every post

* The read indicator now shows read count and can be expanded to see user avatars

* Read count gets updated everytime someone reads a message

* Simplify topic-list read indicator logic

* Unsubscribe from message bus on willDestroyElement, removed unnecesarry values from post-menu, and added a comment to explain where does minimum_unread_count comes from
2019-08-20 09:46:57 -03:00
Joe 15e70cc4b4
UX: prevents non-lightboxed images in quotes from stretching/squeezing (#8021) 2019-08-20 18:59:02 +08:00
Rishabh f1f1fd4690 DEV: Remove unused "Email Reject No Account" template (#8022) 2019-08-20 12:43:51 +02:00
Régis Hanol 53667a01c2 FIX: ensure extra locales are only available to staff 2019-08-20 12:38:46 +02:00
Régis Hanol d18c9b2d4d FIX: ensure offset is always positive 2019-08-20 12:03:16 +02:00
Sam Saffron 8db38de9d7 SECURITY: add rate limiting to anon JS error reporting
This adds a 1 minute rate limit to all JS error reporting per IP. Previously
we would only use the global rate limit.

This also introduces DISCOURSE_ENABLE_JS_ERROR_REPORTING, if it is set to
false then no JS error reporting will be allowed on the site.
2019-08-20 11:29:11 +10:00
Rafael dos Santos Silva 0a5b332b8c
FEATURE: Incorporate PWA install prompt into Discourse UI (#8013)
* FEATURE: Incorporate PWA install prompt into Discourse UI

This is mainly done so Discourse forums stop nagging people to install
on the very first visits to a website.

We will prevent the native install "mini-info" bar from ever appearing,
capture the event that pops with it, and delay it until the user meets
our criteria, which currently is trust_level 1.

If the event happens and the user meets our criteria we show a Discourse
alert banner proposing the install to the user. Dismissal of the banner
is recorded so the user ins't bothered anymore on the same device.


Co-Authored-By: Gerhard Schlager <mail@gerhard-schlager.at>
Co-Authored-By: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-08-19 14:09:21 -03:00
Joffrey JAFFEUX 6f70138f4a
DEV: injects router in customHref/customFilter of addNavigationBarItem (#8018) 2019-08-19 18:33:12 +02:00
Dan Ungureanu 0b1146add4
UX: Hide "Create Tag" option if user cannot create tag. (#7723) 2019-08-19 11:40:56 +03:00
Joffrey JAFFEUX 1a731dcff1
FIX: prevents mobile nav to create an error when unregistering click events (#8016)
This what happening when clickin on "All groups", as it was trying to get element of a destroying component.
2019-08-19 09:33:54 +02:00
Sam Saffron 47638ffea4 Merge branch 'master' of github.com:discourse/discourse 2019-08-19 17:21:17 +10:00
Sam Saffron accbbded15 PERF: avoid N+1 on topic view
Serializer is injecting information into cooked and reaching direct to
custom fields that were not preloaded

This amends it so basic post serializer can use the proper interface

That said we should probably follow this up so we don't reach for this
info on every post.
2019-08-19 17:20:56 +10:00
Arpit Jalan 24f94c40a6 SECURITY: don't reveal category details to users that do not have access 2019-08-19 12:38:28 +05:30
Joffrey JAFFEUX 897cdfb596 FIX: uses simpler pattern for custom href on extra nav items (#8015)
THe main advantage of this solution is that it will be called on each rerendered whereas the other is not once href has been set.

Example API:
```
      api.addNavigationBarItem({
        name: "foo",
        displayName: "Foo",
        customHref: function(category, args) {
          const router = api.container.lookup("service:router");
          const queryParams = { bar: "1" };
          return router.urlFor(router.currentRouteName, category, {
            queryParams
          });
        }
      });
```
2019-08-19 16:27:16 +10:00
Blake Erickson 2fd654a4ae Ran prettier to fix build
Not sure why lefthook didn't pick this up before on my previous commit,
but manually running prettier found this.

Followup to: 893d30fb92
2019-08-16 13:03:01 -06:00
Blake Erickson 893d30fb92 REVERT: External auth when redeeming invites
Reverting this commit:

87a0a6664e

because I'm extracting all of this logic into a plugin instead.
2019-08-16 12:44:14 -06:00
Dan Ungureanu df6630f868
FIX: J/K navigation resets current selection when scrolling fast.
Sometimes, when keeping J or K pressed and scrolling fast, the current
selection would go out of the viewport for a few moments and the
algorithm would try selecting the "best" element that is in viewport.

This bug is reproducible only on certain machines. For example, Linux
machines seem to be passing key events faster to the browser.
2019-08-16 17:28:25 +03:00
Joffrey JAFFEUX 936d4ce17a
FEATURE: favorites emojis will also show in composer autocomplete (#8011) 2019-08-16 11:47:03 +02:00
Sam Saffron 9a9e31f927 FIX: properly set notification levels on group invite
Previously we relied on side effects to set tracking state correctly
when inviting groups to messages

Also has a minor optimisation in that we use pluck instead of pulling in
full record
2019-08-16 18:23:51 +10:00
Sam Saffron a590061aae FIX: when inviting groups to message respect tracking state
Previously we would unconditionally issue an "invited_to_pm" notification
to all non muting users.

New behavior

- Watching and Watching first post get notified
- Tracking get a new "summary" message
- The rest get nothing

This is consistent with topic creation and way clearer
2019-08-16 17:22:18 +10:00
tshenry 82e07cb0f4 UX: Consistent placement of category-title-before plugin outlet (#8010) 2019-08-16 09:04:50 +10:00
Robin Ward b4878cde6f FEATURE: Add a webhook for user notifications
If enabled, this will fire a webhook whenever a user's notification has
been created. This could potentially be a lot of data depending on your
forum, and should be used carefully since it includes everything all users
will see in their feeds.
2019-08-15 14:47:25 -04:00
Joffrey JAFFEUX 00b91de5e8 DEV: allows customHref for extra nav items (#8012)
* DEV: allowes customHref for extra nav item

* linting

* uses value not key
2019-08-15 12:26:21 -06:00
Robin Ward b8f21ea962 FIX: Explicitly require `topic_query_params` 2019-08-15 13:54:52 -04:00
Robin Ward 23367e79ea
FEATURE: Embed topics list on remote sites via Javascript API. (#8008)
This adds support for a `<d-topics-list>` tag you can embed in your site
that will be rendered as a list of discourse topics. Any attributes on
the tag will be passed as filters. For example:

`<d-topics-list discourse-url="URL" category="1234">` will filter to category 1234.

To use this feature, enable the `embed topics list` site setting. Then
on the site you want to embed, include the following javascript:

`<script
src="http://URL/javascripts/embed-topics.js"></script>`

Where `URL` is your discourse forum's URL.

Then include the `<d-topics-list discourse-url="URL">` tag in your HTML document and it will
be replaced with the list of topics.
2019-08-15 13:41:06 -04:00
Joffrey JAFFEUX 0a6d1b687c FIX: ensures reports can't modify records (#8006) 2019-08-15 17:27:53 +10:00
Kris f7c648e3af update color variable 2019-08-14 22:57:13 -04:00
Sam Saffron e53a171916 FIX: hold s3 related distributed locks longer
These operations are pretty expensive and can take multiple minutes due to
networking.

Hold distributed mutex for much longer.
2019-08-15 11:48:44 +10:00
Joffrey JAFFEUX a5542768ea
FIX: attempts to use params from addDiscoveryQueryParam (#8007)
This commit will for example allow this:

```
api.addDiscoveryQueryParam("my_param", { persist: true });
```

If you page is forum.foo.bar/?my_param=1, when clicking on an "unread" link for example this query string will be kept.
2019-08-14 19:56:02 +02:00
Vinoth Kannan 88359b0f16
FEATURE: add support for group members visibility level (#8004)
There are 5 visibility levels (similar to group visibility)

public (default)
logged-in users
members only
staff
owners

Admins & group owners always have visibility to group members.
2019-08-14 19:00:04 +05:30
David Taylor 92f2202e4a SECURITY: Restrict message-bus access on login_required sites 2019-08-14 09:43:12 +01:00
Bianca Nenciu ba396a5384
DEV: Use ResultSet with staff action logs. (#7661) 2019-08-13 20:55:05 +03:00
David Taylor 961213ba52 FIX: Correct ordering for post_edits report, and remove query limit 2019-08-13 16:53:16 +01:00
David Taylor 572e928cba FIX: Correct query for post_edits dashboard report
- Use query builder to improve readability
- Remove subquery, so that all `where` filters happen alongside the limit
- Add 'edited at' column to the report
2019-08-13 16:11:17 +01:00
Jarek Radosz 6a65e5312b FEATURE: Add a preview to the poll builder (#7988)
* FEATURE: Add a preview to the poll builder

* Use selectKit helper in the poll preview test

* Extract the mobile-specific poll builder form CSS
2019-08-13 09:49:40 -04:00
Sam Saffron 1358339bf9 lint file
$window no longer used in panStart followup on 7877383e
2019-08-13 11:13:59 +10:00
Jeff Wong 7877383e62
FIX: RIP swipe-in menus on Android (#7997)
In later versions of android, swipe-in from the sides on android triggers
forward/back functionality. We can no longer trigger menu swipes on android

https://www.androidcentral.com/android-q-getting-rid-back-button-side-swipe-gesture
2019-08-12 17:30:18 -07:00
David Taylor 213b7d19d9 UX: Fallback to unlocalized auth provider name if required 2019-08-13 01:22:02 +01:00
Gerhard Schlager 2a95c5c5d6 FIX: Don't update `watching_first_post` notifications when moving first post
The first post isn't moved. It gets copied during a move. Notifications of this special type should still link to the original first post.
2019-08-12 22:59:43 +02:00
Kyle Zhao ca7f1dabbf REFACTOR: user-menu-links widget for extensibility (#7996) 2019-08-12 14:01:59 -04:00
Gerhard Schlager d686318133 FIX: Prevent failed remaps during restores
Additional changes:
* Verbose logging of remaps during restores
* Exclude the backup_metadata table from restores
2019-08-12 17:15:01 +02:00
Kris 1232889b30 UX: Prevent twitter onebox iframes from being taller than mobie viewport 2019-08-12 11:03:54 -04:00
David Taylor d348368ab6
FEATURE: Allow themes to override color transformation variables (#7987)
Theme developers can now add any of the transformed color variables to their color scheme in about.json. For example

```
  "color_schemes": {
    "Light": {
      "primary": "333333",
      "secondary": "ffffff",
      "primary-low": "ff0000"
    }
  },
```

would override the primary-low variable when compiling SCSS for the color scheme. The primary-low variable will also be visible in administrator color palette UI.
2019-08-12 11:02:38 +01:00
David Taylor 750802bf56
UX: Improve error handling for common OmniAuth exceptions (#7991)
This displays more useful messages for the most common issues we see:
- CSRF (when the user switches browser)
- Invalid IAT (when the server clock is wrong)
- OAuth::Unauthorized for OAuth1 providers, when the credentials are incorrect

This commit also stops earlier for disabled authenticators. Now we stop at the request phase, rather than the callback phase.
2019-08-12 10:55:02 +01:00
Joffrey JAFFEUX 731f61a818
UX: modifies admin email template to have more space for the form (#7993) 2019-08-12 10:27:25 +02:00
Jeff Wong 4cd0cd2f8e FIX: Blank second factor gets default name 2019-08-11 22:13:33 -07:00
Blake Erickson d7c73ded14 Ran prettier to clean up some formatting
Follow up to:

https://review.discourse.org/t/feature-external-auth-when-redeeming-invites/5152?u=blake
2019-08-11 19:00:52 -06:00
Blake Erickson 87a0a6664e FEATURE: External auth when redeeming invites
This feature (when enabled) will allow for invite_only sites to require
external authentication before they can redeem an invite.

- Created hidden site setting to toggle this
- Enables sending invites with local logins disabled
- OAuth button added to invite form
- Requires OAuth email address to match invite email address
- Prevents redeeming invite if OAuth authentication fails
2019-08-11 12:20:02 -06:00
Joffrey JAFFEUX 3503758599
FIX: polyfills String.prototype.repeat for IE (#7994) 2019-08-10 20:39:04 +02:00
Gerhard Schlager e4f14ca3d7 FIX: Disallow user self-delete when user posted in PMs
All posts created by the user are counted unless they are deleted,
belong to a PM sent between a non-human user and the user or belong
to a PM created by the user which doesn't have any other recipients.

It also makes the guardian prevent self-deletes when SSO is enabled.
2019-08-10 12:30:16 +02:00
Kris 9f445bec09 use color variables 2019-08-09 20:53:59 -04:00
romanrizzi d01c938e1a Revert "FIX: Use #dup instead of #+@ since content could be an instance of Nokogiri::XML::Element."
This reverts commit 50afe59306.
2019-08-09 11:35:22 -03:00
romanrizzi 50afe59306 FIX: Use #dup instead of #+@ since content could be an instance of Nokogiri::XML::Element. 2019-08-09 11:13:09 -03:00
David Taylor 922c40f87c UX: Clear username when opening ignore duration modal 2019-08-08 16:31:34 +01:00
Dan Ungureanu 3008ecccbd FIX: Notify on Reviewable update. (#7980)
If a post is flagged after an action was already performed on it, it
will update the previous Reviable instance and not create a new one.
The notification logic was implemented in the :create callback which was
completely skipped in this case.
2019-08-08 16:04:34 +02:00
David Taylor 6d3d08daad UX: Hide login/signup header buttons during authentication flows 2019-08-08 13:57:18 +01:00
David Taylor 3b8c468832 SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00
David Taylor 7bd54eaceb
UX: Add login button icon to no_ember page (#7982) 2019-08-08 10:44:04 +01:00
Joffrey JAFFEUX 5d72561f4f
FIX: allows replacement of digits and symbols emojis (#7978) 2019-08-07 11:38:58 +02:00
Kris 9e248de02a slightly better button wrapping when list controls are long 2019-08-06 23:44:44 -04:00
Sam Saffron 2408d55551 FIX: embedding topics would fail with some HTML
When truncating content we try to search for first paragraph, if HTML had
no P it would fallback to first div which may have nested elements.
2019-08-07 12:45:55 +10:00
Sam Saffron 3c44e54c3f DEV: followup on secure category mention
Follows up on #f7809207

- Priority mention support only available for groups with less than 500 members
- Proper use attribute on model
2019-08-07 10:31:25 +10:00
Robin Ward f1b3e72581 FIX: Don't hide/close topics if they don't meet minimum visibility
There are situations where depending on site settings, actions could be
taken due to flags (for example, hiding a post) but those actions were
not visibile in the review queue due to visibility settings.

This patch makes sure that the minimum score required for an action such
as hiding a post needs to meet the visibility for a moderator to see it.
2019-08-06 15:36:39 -04:00
Roman Rizzi 44ad8ee39b
FIX: Use unescaped title as combo-box id (#7979) 2019-08-06 16:27:01 -03:00
Neil Lalonde 4b9d35cd0e FEATURE: add option to always send excerpts in emails
Enable the new setting "post excerpts in emails" to send excerpts
instead of complete posts in notification emails. Control the length of
excerpts with the "post excerpt maxlength" setting.
2019-08-06 12:45:28 -04:00
Joffrey JAFFEUX a475c384d8
FIX: ensures flag-ratio report shows users with disagreed > agreed (#7977)
Without causing a division by zero error
2019-08-06 15:02:45 +02:00
Bianca Nenciu 37e7998a82
FEATURE: Send notification when member was accepted to group. (#7614) 2019-08-06 13:29:46 +03:00
Bianca Nenciu b60b2a342f
FIX: Show membership requests link just for group owners. (#7543) 2019-08-06 13:28:22 +03:00
Sam Saffron f780920759 FEATURE: mention in secure category to prioritize groups
This feature allows @ mentions to prioritize showing members of a group who
have explicit permission to a category.

This makes it far easier to @ mention group member when composing topics in
categories where only the group has access.

For example:

If Sam, Jane an Joan have access to bugs category.

Then `@` will auto complete to (jane,joan,sam) ordered on last seen at

This feature works on new topics and existing topics. There is an explicit
exclusion of trust level 0,1,2 groups cause they get too big.
2019-08-06 17:57:56 +10:00
Joffrey JAFFEUX d8dfa87f24
UX: improves dates on reports export UI (#7971)
- show it's UTC
- allows future
- shows date in more human readable format
2019-08-06 08:41:21 +02:00
Joffrey JAFFEUX 8390f230b8
FIX: allows copy pasting file in composer with chrome (#7969) 2019-08-06 08:41:04 +02:00
Rafael dos Santos Silva 6dfb2165ae FIX: Syntax error in b1f5949 2019-08-05 16:07:49 -03:00
Rafael dos Santos Silva b1f5949868 FIX: Make the workbox path compatible with multisite
Closes
https://meta.discourse.org/t/full-url-in-assets-erb-file-multisite-issues/124393?u=falco
2019-08-05 15:00:41 -03:00
David Taylor e6831afea1
FIX: Composer preview on IE11 (#7970)
Add the Array.from polyfill for IE11. This is required to support the transpiled ES6 spread syntex generated by babel: https://babeljs.io/docs/en/caveats/
2019-08-05 14:21:58 +01:00
Gerhard Schlager 2c08d43539 UX: Use shorter weekday labels in date picker 2019-08-05 14:12:27 +02:00
Faizaan Gagan 387016ea9b fixed a small typo in the function's doc comment (#7965) 2019-08-05 12:24:49 +10:00
Kyle Zhao 1bb5266437 FIX: Rename deprecated "refresh" icon to "sync" (#7966) 2019-08-05 12:21:51 +10:00
Rafael dos Santos Silva 272b38a573
FIX: Better detection of Apple browsers (#7961)
Introduces isIpadOS to our capabilities sniffer, which is currently
compatible with latest iPad beta OS. Older iPad versions will match our
isIOS detection.

Using this new feature, fixes the service worker being blocked in Google
Chrome, Firefox and other browsers while running on Mac OS, where they
work just fine. This enables Desktop PWA install in Mac OS.
2019-08-02 12:43:25 -03:00
David Taylor 06e757245f FEATURE: Add a test facility to the watched words admin interface 2019-08-02 15:29:12 +01:00
David Taylor 39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Gerhard Schlager 50db6a1d62 FIX: Correctly update replies when first post gets moved 2019-08-01 22:07:21 +02:00
Gerhard Schlager 4113b57cfe REFACTOR: Use less queries when moving posts 2019-08-01 22:04:45 +02:00
Robin Ward f57fdee2f6 FIX: Modal `onClose` was being called repeatedly
This happened because the modal controller was not clearing the `name`
attribute, which is used for looking up the controller to call `onClose`
on.

Every page navigation would call the method over and over, breaking
state in odd ways.
2019-08-01 15:42:43 -04:00
Robin Ward 6f367dde26
UX: Rename "Keep Post" to "Keep Post Hidden" when hidden (#7767)
* UX: Rename "Keep Post" to "Keep Post Hidden" when hidden

This is based on this feedback:
https://meta.discourse.org/t/category-group-review-moderation/116478/19

When a post is hidden this makes the operation much more clear.

* REFACTOR: Better support for aliases for actions

Allow calls on alias actions and delegate to the original one.
This is less code but also simplifies tests where the action might
be "agree_and_keep" or "agree_and_keep_hidden" which are the same.
2019-08-01 11:23:23 -04:00
Guo Xiang Tan 7bd93eba3e FIX: Gravatar uploads being dependent on authorized_extensions. 2019-08-01 16:24:09 +08:00
Joe 8531056ad5
UX: style fixes for admin digest email preview page (#7959)
* code formatting: Nothing changed in this commit except code formatting

* adds classes to digest refresh button

* adds margins to digest refresh button

* removes line break tags and uses CSS margins instead
2019-08-01 14:37:42 +08:00
Arpit Jalan 1481ea640c FIX: better error message on username update from Admin user page. 2019-08-01 10:23:42 +05:30
Régis Hanol fe645c0f0b UX: remove confusing border on ignored users list 2019-07-31 17:39:28 +02:00
David Taylor d1434b6600 DEV: Remove unused imports 2019-07-31 16:21:02 +01:00
David Taylor 49bce0ccdb DEV: Remove unused action from user preferences controller
This is no longer used following d8ff94ecaa
2019-07-31 16:15:23 +01:00
Rishabh dcb47d902b
REFACTOR: Rename SiteSetting.disable_edit_notifications to disable_system_edit_notifications (#7958)
* REFACTOR: Rename SiteSetting.disable_edit_notifications to disable_system_edit_notifications

- The older name could cause some confusion because the setting does not disable all edit notifications, only system ones.

* FIX: Add frozen_string_literal: true in the migration

* DEV: Deprecate 'disable_edit_notifications'
2019-07-31 20:20:41 +05:30
David Taylor a49b7bb84a FIX: Prevent user-notifications-dropdown from causing unintended changes
It was setting the `onClose` property of the singleton modal controller, which would then persist until the next full page reload
2019-07-31 15:38:47 +01:00
Osama Sayegh 13e74151a9
FEATURE: list category moderators on the about page (#7916)
https://meta.discourse.org/t/category-group-review-moderation/116478?u=osama
2019-07-31 16:46:58 +03:00
Guo Xiang Tan 8a6ee09008 FIX: `Post#each_upload_url` yields incorrect path to block when CDN is enabled. 2019-07-31 10:00:52 +08:00
Neil Lalonde 43365a2bf1 Fix some broken styles 2019-07-30 16:46:20 -04:00
Neil Lalonde 9656a21fdb
FEATURE: customization of html emails (#7934)
This feature adds the ability to customize the HTML part of all emails using a custom HTML template and optionally some CSS to style it. The CSS will be parsed and converted into inline styles because CSS is poorly supported by email clients. When writing the custom HTML and CSS, be aware of what email clients support. Keep customizations very simple.

Customizations can be added and edited in Admin > Customize > Email Style.

Since the summary email is already heavily styled, there is a setting to disable custom styles for summary emails called "apply custom styles to digest" found in Admin > Settings > Email.

As part of this work, RTL locales are now rendered correctly for all emails.
2019-07-30 15:05:08 -04:00
Joe 340173eb12 DEV: consistent theme lookup in application / crawler / no-ember views (#7955)
* removes `raw` helpers

* include theme footer in the crawler view

* include theme body tag content in no-ember pages
2019-07-30 19:00:46 +02:00
tshenry 7ebb3503a3 UX: Make profile views consistent with other elements (#7956)
* UX: Make profile views consistent with other elements

* Spaces not tabs
2019-07-30 09:23:37 -04:00
Sam Saffron 5feb342914 Revert "FEATURE: add Noindex to robots.txt for disallowed routes"
This reverts commit d84256a876.

This is not supported by Google and causes robots.txt to be flagged as
invalid

Removing Noindex
2019-07-30 11:33:38 +10:00
Osama Sayegh 70bd8e2dad
UX: Show a warning when admin clicks save without adding group when changing category permissions (#7947)
* UX: Show a warning when admin clicks save without adding group when changing category permissions

* Use div rather than pseudo element

* Don't pass controller to component

* Use observer instead of a delay

* Refactor

* Rename to validator

* validator is much better than saveValidator
2019-07-29 21:53:31 +03:00
Kris 36cb5f3038 UX: Increase contrast of pinned/tracking reason text, improve layout 2019-07-29 11:54:23 -04:00
Guo Xiang Tan ef46231214 Fix the build. 2019-07-29 20:02:18 +08:00
Guo Xiang Tan faea594436 DEV: Extract common regexps for multisite. 2019-07-29 19:01:36 +08:00
David Taylor d4acd35466
FEATURE: Sync unread state live to topic lists (#7933) 2019-07-29 10:28:42 +01:00
Guo Xiang Tan 8a64b0c8e8 Revert "DEV: Remove unused kwarg and properly check for local missing uploads."
This reverts commit 97769f3d02.

The code is confusing but this change is quite risky. Defer for now
until we can look at it properly.
2019-07-29 14:35:34 +08:00
Guo Xiang Tan 97769f3d02 DEV: Remove unused kwarg and properly check for local missing uploads. 2019-07-29 14:21:06 +08:00
Guo Xiang Tan 49d9557337 Revert commit that was pushed by mistake.
This reverts commit c7516c42e9.
2019-07-29 11:04:38 +08:00
Guo Xiang Tan c7516c42e9 Revert "FIX: reverts #18e2816 (#7940)"
This reverts commit c7b146cbdf.
2019-07-29 09:18:53 +08:00
David Taylor 3324747afe UX: Improve account association when account description is missing 2019-07-27 16:37:21 +01:00
Rafael dos Santos Silva 1922d4bf78 PERF: Add more constraint on the Cache Storage usage
Only restricting cache per age wasn't enough for instances with lots of
multimedia usage and high number of posts.

MaxEntries is also more effective on cleanup, and purgeOnQuotaError
advertise that Discourse cache can be purged if necessary.

https://developers.google.com/web/tools/workbox/guides/storage-quota
2019-07-27 11:52:21 -03:00
Julien Ma dcb0e5f1e5 Fix "Host is invalid" error when TLD >10 chars (#7948)
Related to https://meta.discourse.org/t/host-is-invalid-error-when-tld-is-longer-than-7-characters/46081.

Using Discourse `v2.4.0.beta2 +119`, I can't add an host (when embedding, cf. `/admin/customize/embedding`) ending with `.engineering`.
Turns out current regex limits to 10 characters.

Fix is dumb: it only allows for up to 24 chars, which is the **current** max TLD length, see https://stackoverflow.com/a/22038535/1907212.

---

Maybe a better (and longer-term) fix would be to allow for up to 64 chars, which I understand comes from the RFC.
I'm not at ease with regexes, so can't be sure about it, but [this suggestion](https://meta.discourse.org/t/host-is-invalid-error-when-tld-is-longer-than-7-characters/46081/8?u=julienma) seems pretty good:

> rules of DNS labels are:
>
> - All labels are 1 to 63 characters, case insensitive A to Z, 0 to 9 and - (hyphen), all from ASCII.
> - No labels may start with a hyphen.
> - No top level domain label may start with a number.
>
>That means a regexp for a valid domain name would look like:
>
>`/^([a-z0-9][a-z0-9-]{0,62}\.)+[a-z][a-z0-9-]{0,62}\.?$/`
>
>Domains that are just a TLD are sufficiently bizarre as to be worth ignoring.
2019-07-26 16:29:48 -04:00
Penar Musaraj 042f7184f1 DEV: Display FA 4.7 deprecation notice in all environments
FA 4.7 icon mapping will be removed soon.
2019-07-26 15:25:20 -04:00
Penar Musaraj f408c583e8 DEV: Remove lightbox CSS rules 2019-07-26 10:57:22 -04:00