Commit Graph

7561 Commits

Author SHA1 Message Date
Discourse Translator Bot d7bd9aa3d0
Update translations (#11385) 2020-12-01 14:34:25 +01:00
David Taylor f56c4b78da
FEATURE: Add users:log_out API key scope (#11359) 2020-11-26 10:39:38 +00:00
Discourse Translator Bot 9c901ee978
Update translations (#11336) 2020-11-24 17:25:37 +01:00
David Taylor 0c685a46de
FEATURE: Add user update, anonymize and delete API scopes (#11335) 2020-11-24 12:54:24 +00:00
Dan Ungureanu 123107c28f
UX: Add group name to error message (#11333)
The group name used to be part of the error message, but was removed
in a past commit.
2020-11-24 13:06:52 +02:00
Bianca Nenciu 60bc38e6a8
FIX: Gracefully handle force pushes for remote themes (#11325)
Force pushing a commit to a theme repository used to break the updater,
because the system was not able to count the commits behind the old and
new version. This operation failed because a force push deleted the old
commits.

The user was prompted with a simple "500 server error" message.
2020-11-23 15:29:22 +02:00
Dan Ungureanu 4638c6fc8d
FEATURE: Add 'all subcategories' option in category-selector (#11099) 2020-11-23 10:55:32 +02:00
tshenry 0ec62358d9
FEATURE: Add site setting to restrict ignore feature to trust level (#11297)
This adds a new min_trust_level_to_allow_ignore site setting that enables admins to control the point at which a user is allowed to ignore other users.
2020-11-20 10:05:20 -08:00
Penar Musaraj 7539c2ed7f
UX: Revamp category security tab (#11273) 2020-11-20 10:44:34 -05:00
Martin Brennan a6f700d4ef
FIX: Show better error if no bookmarks found from search (#11284)
See https://meta.discourse.org/t/no-results-for-bookmarks-search-confusing-message/169763
2020-11-19 09:10:28 +10:00
jbrw 331236d6d7
Onebox improved error handling and support for Instagram Access Tokens (#11253)
* FEATURE: display error if Oneboxing fails due to HTTP error

- display warning if onebox URL is unresolvable
- display warning if attributes are missing

* FEATURE: Use new Instagram oEmbed endpoint if access token is configured

Instagram requires an Access Token to access their oEmbed endpoint. The requirements (from https://developers.facebook.com/docs/instagram/oembed/) are as follows:

- a Facebook Developer account, which you can create at developers.facebook.com
- a registered Facebook app
- the oEmbed Product added to the app
- an Access Token
- The Facebook app must be in Live Mode

The generated Access Token, once added to SiteSetting.facebook_app_access_token, will be passed to onebox. Onebox can then use this token to access the oEmbed endpoint to generate a onebox for Instagram.

* DEV: update user agent string

* DEV: don’t do HEAD requests against news.yahoo.com

* DEV: Bump onebox version from 2.1.5 to 2.1.6

* DEV: Avoid re-reading templates

* DEV: Tweaks to onebox mustache templates

* DEV: simplified error message for missing onebox data

* Apply suggestions from code review
Co-authored-by: Gerhard Schlager <mail@gerhard-schlager.at>
2020-11-18 12:55:16 -05:00
Arpit Jalan 0a56af49f3
FIX: add missing translation for 'views' key. (#11276) 2020-11-18 16:47:43 +05:30
Discourse Translator Bot 7fecad41db
Update translations (#11264) 2020-11-17 14:49:58 +01:00
Roman Rizzi afcd5443cc
FIX: Use the correct key for the receive_emails scopes (#11248) 2020-11-16 18:03:34 -03:00
David Taylor 475b4892e3
DEV: Remove 'diff local changes' when updating remote themes (#11247)
Since 65e123498b, it is now impossible to make local changes to remote themes, so this warning is not needed.
2020-11-16 19:28:12 +00:00
Roman Rizzi 689623ffc0
FEATURE: Add an API key scopes for handling incoming email. (#11245)
Admins need to create a global API key if they want to use the mail-receiver. Let's add a scope for that.
2020-11-16 14:14:12 -03:00
Dan Ungureanu bc8423a1bf
FEATURE: Add auto update field to themes (#11102)
Themes marked for auto update will be automatically updated when
Discourse is updated. This is triggered by discourse_docker or
docker_manager running Rake task 'themes:update'.
2020-11-16 14:44:09 +02:00
Arpit Jalan 915764922d
UX: update the invite button label (#11231) 2020-11-13 17:21:41 +05:30
Arpit Jalan df003eaf7b
FIX: add a way to cancel initialization of new draft (#11106) 2020-11-12 19:13:52 +05:30
Gerhard Schlager 6ff07bb73f
FEATURE: Create revision when bulk moving topics (#10802)
This behavior can be configured with the new "create_revision_on_bulk_topic_moves" site setting. It's enabled by default.
2020-11-12 13:57:12 +01:00
David Taylor a4441b3984
FEATURE: Link site setting titles directly to their change log (#11215)
This makes it much easier to check the staff action logs for a specific site setting. A small history icon will appear when hovering over a site setting name. On click, you will be taken to the pre-filtered staff action log for the site setting.
2020-11-12 12:07:36 +00:00
Tobias Eigen ec49394bd1
DEV: improve text shown when no invitations have been sent out
this copy is also shown when viewing invite tabs of other users, so the instructions don't make sense in all cases. shortened it to just say "No invitations to display on this page." users can discover this on their own.
2020-11-12 16:03:28 +11:00
Roman Rizzi 331517abe6
UI: Blur review queue images. (#11187)
We blur images by default to protect reviewers against NSFW content. To see the image, they'll have to hover over it.
2020-11-11 14:09:42 -03:00
Arpit Jalan 80759c9619
UX: add a confirmation dialog for draft deletion (#11198) 2020-11-11 22:02:52 +05:30
Bianca Nenciu a48f7ba61c
FEATURE: Improve errors when title is invalid (#11149)
It used to simply say "title is invalid" without giving any hint what
the problem could be. This commit adds different errors messages for
all caps titles, low entropy titles or titles with very long words.
2020-11-11 15:11:36 +02:00
Dan Ungureanu ab314218d3
FEATURE: Implement edit functionality for post notices (#11140)
All post notice related custom fields were moved to a single one.
2020-11-11 14:49:53 +02:00
David Taylor 5289fc7886
FIX: Improve failover for multisite clusters (#11150)
- Bump rails_failover for new per-backend callback feature
- If the master backend fails over, make all sites readonly. And vice-versa for fallback
- If a single backend fails over, make that individual site readonly. And vice-versa for fallback
- When a single backend fails, also check connection to the master backend
2020-11-11 10:27:24 +00:00
Vinoth Kannan 67de0367ff
UX: add stock suspension reasons to suspend dialog. (#10990) 2020-11-11 01:01:28 +05:30
Arpit Jalan 00b41437b0
FIX: hide sso email behind a button click and log views (#11186) 2020-11-11 00:42:44 +05:30
Discourse Translator Bot 9904a007c5
Update translations (#11182) 2020-11-10 15:23:06 +01:00
David Taylor a7adf30357
FEATURE: Allow /u/by-external to work for all managed authenticators (#11168)
Previously, `/u/by-external/{id}` would only work for 'Discourse SSO' systems. This commit adds a new 'provider' parameter to the URL: `/u/by-external/{provider}/{id}`

This is compatible with all auth methods which have migrated to the 'ManagedAuthenticator' pattern. That includes all core providers, and also popular plugins such as discourse-oauth2-basic and discourse-openid-connect.

The new route is admin-only, since some authenticators use sensitive information like email addresses as the external id.
2020-11-10 10:41:46 +00:00
Penar Musaraj bfc3bc0733
FIX: Small copy change in wizard (#11174) 2020-11-09 12:19:58 -08:00
Penar Musaraj 57bd85af31
UX: Minor cosmetic fixes to the wizard (#11172)
- Does not force users to type a description or a welcome topic
- Adds * marker for required text fields (site title and email)
2020-11-09 15:14:57 -05:00
Dan Ungureanu 0c2956dd2e
HACK: Redirect /tags/:tag_id to /tag/:tag_id (#11145) 2020-11-09 17:01:33 +00:00
Kris 1455421433
UX: truncate long usernames in multi-username notifications (#11153)
* UX: truncate long usernames in multi-username notifications

* remove extra class, clarify comments
2020-11-09 16:06:52 +11:00
tshenry 6060f32970
Improve max_personal_messages_per_day description copy (#11155) 2020-11-06 17:42:26 -08:00
Justin DiRose 09b8a61f65
FEATURE: Add Google Universal Analytics v4 as an option (#11123)
Per Google, sites are encouraged to upgrade from Universal Analytics v3 `analytics.js` to v4 `gtag.js` for Google Analytics tracking. We're giving admins the option to stay on the v3 API or migrate to v4. Admins can change the implementation they're using via the `ga_version` site setting. Eventually Google will deprecate v3, but our implementation gives admins the choice on what to use for now.

We chose this implementation to make the change less error prone, as many site admins are using custom events via the v3 UA API. With the site stetting defaulted to `v3_analytics`, site analytics won't break until the admin is ready to make the migration.

Additionally, in the v4 implementation, we do not enable automatic pageview tracking (on by default in the v4 API). Instead we rely on Discourse's page change API to report pageviews on transition to avoid double-tracking.
2020-11-06 14:15:36 -06:00
Bianca Nenciu 0863c36221
FIX: Improve errors when invite to topic fails (#11133)
It used to simply say "not allowed" without giving any hint what the
problem could be. This commit refactors the code and tries to improve
readability.
2020-11-06 16:58:10 +02:00
Martin Brennan 00c8f520e9
FIX: Do not enable published page if secure media enabled (#11131)
There are issues around displaying images on published pages when secure media is enabled. This PR temporarily makes it appear as if published pages are enabled if secure media is also enabled.
2020-11-06 10:33:19 +10:00
Arpit Jalan 436bd48512
UX: update topic small action post to add link for new linked topic URL (#11132)
https://meta.discourse.org/t/linked-topics-splitting-and-managing-megatopics/168992/4?u=techapj
2020-11-05 22:39:21 +05:30
Tobias Eigen 6490fac881
DEV: improved text on invite tabs when nothing to show (#11122) 2020-11-05 15:24:09 +11:00
Sam 1ec76ff8d4
FEATURE: change default so log_out_strict is default disabled (#11126)
Discourse used to break from convention by logging out all sessions on any
specific session logout.

This would leave users confused about why mobile is logged out when the user
logged out of desktop.

log_out_strict is too conservative for most and not the pattern the industry
has adopted (google/twitter/facebook all perform no strict logouts)
2020-11-05 09:30:05 +11:00
Arpit Jalan 24d1b1f159
UX: when creating linked topic use URL and let onebox work its magic (#11118)
When the linked topic is created we'll not hardcode the topic title and
let onebox work its magic instead so that the title can be updated
automatically.
2020-11-04 17:19:09 +05:30
Discourse Translator Bot 886d619d3f
Update translations (#11108) 2020-11-03 18:08:07 +01:00
Bianca Nenciu d2116f0029
FIX: Show error message if user is already silenced or suspended (#10988)
Users could be silenced or suspended by two staff members at the same time and
would not be aware of it. This commit shows an error message if another penalty
has been applied.
2020-11-03 17:38:56 +02:00
Dan Ungureanu 3c51647872
DEV: Remove legacy tag and category routes (#10338)
* DEV: Remove client-side legacy tag and category routes

* DEV: Remove server-side legacy tag routes

* DEV: Refactor ListController#set_category

* FIX: Remove reference to discovery.parentCategory

* FIX: Refactor TagsController#set_category_from_params

* FIX: Build correct canonical URL for tags and categories

* DEV: Fix deprecation notice in Ruby 2.7

* DEV: Replace use of removed legacy tag route

* DEV: Add deprecation notices for old routes and controllers
2020-11-03 16:57:58 +02:00
Gerhard Schlager b73234b75c
FIX: Show an example username in Review Settings (#11097)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2020-11-02 11:13:30 +01:00
Arpit Jalan 1476e17c35
FEATURE: new setting to create a linked topic on autoclosing mega topics (#11001)
This commit adds a site setting `auto_close_topics_create_linked_topic`
which when enabled works in conjunction with `auto_close_topics_post_count`
setting and creates a new linked topic for the topic just closed.

The auto-created new topic contains a link for all the previous topics
and the topic titles are appended with `(Part {n})`.

The setting is enabled by default.
2020-11-02 12:18:48 +05:30
Arpit Jalan b6aaff74be
UX: update labels to indicate that invite link will be generated (not copied) (#11077) 2020-10-31 07:10:13 +05:30
Osama Sayegh 84a1f15791
DEV: Track redis calls count in mini profiler (#11088) 2020-10-30 19:11:22 +03:00
Discourse Translator Bot 0a74322589
Update translations (#11087) 2020-10-30 16:06:32 +01:00
Roman Rizzi 7912ce4002
UI: Slow mode tweaks. (#11081)
We remove the slow mode composer message and provide better messages when rejecting new posts and edits. The client now validates if the user tries to post again immediately. Finally, we replaced the `hourglass-end` icon with the `hourglass-start` one.
2020-10-30 11:22:56 -03:00
Vinoth Kannan af4938baf1
Revert "DEV: enable cors to all cdn get requests from workbox. (#10684)" (#11076)
This reverts commit e3de45359f.

We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
2020-10-30 16:05:35 +11:00
Vinoth Kannan 347423007a
DEV: remove instagram login site settings and auth classes. (#11073)
Instagram removed the support for login and should use Facebook login instead.
2020-10-30 09:09:56 +05:30
Arpit Jalan 8f7f5204db
UX: inform staff users that new users will be auto-approved on invite (#11062)
When `must_approve_users` is enabled then staff users assume that all
users will have to be approved manually. But in case of invite we
auto-approve users if they are invited by users. This commit adds an
info on the bottom of invite modal informing staff users that new users
will be auto-approved as soon as they accept invite.
2020-10-30 08:41:14 +05:30
Gerhard Schlager cc74c3f9ab
FEATURE: Batch process topic bulk actions (#10980)
Topics are processed in chunks of 30 in order to prevent timeouts.
2020-10-30 12:02:35 +11:00
Jeff Atwood 7c1c34d9c1
minor copyedit (#11075) 2020-10-29 16:21:36 -07:00
Neil Lalonde c5eba3f9ee
FIX: support new Google Analytics id format (#11067)
They start with UA- or G- now.
2020-10-29 12:06:20 -04:00
Sam d10b6dc498
FEATURE: Allow admins to opt out of chunked encoding (#11060)
Most proxies out there will work with chunked encoding transfer. However
some proxies buffer, causing large delays which in turn force the message
bus client to disable chunked encoding. This wastes a request to the message
bus causing superfluous load on the server.

Also

- enableLongPolling is already default true in the client, no need to set it
- remove confusing comment about zepto
2020-10-29 16:25:46 +11:00
Krzysztof Kotlarek 8e7c746e56
FEATURE: Ask user to confirm topic deletion when views exceed a certain amount (#11006)
Before deleting a topic that has a high number of views (default of 5000), the user will be prompted with a confirmation popup. This works for all delete buttons on the topic located in: topic-timeline, topic-admin-menu, topic-footer-buttons, and post-menu if the post's ID is 1.

The delete button will be disabled while deletion is in progress, to prevent any unwanted behavior.

A site setting is also available to change the minimum amount of views required to display the confirmation popup.

All kudos are going to @RickyC0626. I only rebased with master and added few qunit tests to ensure that this feature works as expected.

Original PR: #10459
2020-10-29 14:18:43 +11:00
Vinoth Kannan 72810853ea
FIX: strip the trailing slash (/) of cors origins. (#10996)
Strips trailing `/` from global settings
Provides a validation for site settings to ensure a trailing `/` is not added
2020-10-29 13:01:06 +11:00
Roman Rizzi 2f32336081
FIX: Staff can create and edit posts even if a topic is in slow mode. (#11057)
Additionally, ninja edits are no longer restricted.
2020-10-28 16:47:50 -03:00
Vinoth Kannan e3de45359f
DEV: enable cors to all cdn get requests from workbox. (#10685)
Now all external requests from the service worker will be in CORS mode without credentials.
2020-10-28 23:36:19 +05:30
Penar Musaraj ab6894ea36
Add routing for category edit screens (#11027)
Also fixes category editing for instances with slug generation set to "none".
2020-10-28 09:59:38 -04:00
Discourse Translator Bot 9648122b51
Update translations (#11042) 2020-10-27 15:36:21 +01:00
Prayag Verma 66402abe9a Fix typos
occured ---> occurred
embeded ---> embedded
2020-10-27 09:55:57 -04:00
Sam e630ba7483
FEATURE: disable default bing throttle (#11035)
See: https://meta.discourse.org/t/bingbot-is-default-throttled/84620

It appears bing is behaving in a more reasonable way, disabling the default
throttle.
2020-10-27 12:35:42 +11:00
Arpit Jalan 5ce006aea1
UX: prioritize "invite by link" option (for staff users) (#11028)
UX: update locale for single/multiple invites tab
2020-10-26 21:59:17 +05:30
ValdikSS 1031915b75 FIX: ignore PGP data in emails by MIME type
New version of Thunderbird email client reimplemented PGP support. Now the following attachments are added by default, if email signatures are enabled:

* OpenPGP_0x(pgp key id).asc
* OpenPGP_signature(.asc)

The last one has `name="OpenPGP_signature.asc"` in `Content-Type` but `filename="OpenPGP_signature"` (without extension) in `Content-Disposition: attachment`.

Since both the key and the signature have proper MIME types, filter them by default.
2020-10-26 12:15:31 -04:00
Vinoth Kannan 8d3837c824
DEV: include cors header to public file server in dev environment. (#11007)
While enabling CORS header in localhost we should include it in public file server too. Else it will return the errors.
2020-10-26 17:45:35 +05:30
Arpit Jalan 9aa2723d57
UX: improve error message for already logged in users (#11020) 2020-10-24 21:21:01 +05:30
Penar Musaraj 6f5d8cad51
UX: Move category editing/creation to its own page (#10973)
* Move new/edit category modals to its own page

* Fix JS tests

* Minor fixes to new-category UI

* Add mobile toggle

* Use global pretender endpoint so plugins can benefit too

* Alignment fix

* Minor review fixes

* Styling refactor

* Move some SCSS out of the modal
2020-10-23 12:49:02 -04:00
jbrw 2bcca46cc5
FEATURE - ImageMagick jpeg quality (#11004)
* FEATURE - Add SiteSettings to control JPEG image quality

`recompress_original_jpg_quality` - the maximum quality of a newly
uploaded file.

`image_preview_jpg_quality` - the maximum quality of OptimizedImages
2020-10-23 12:38:28 -04:00
Jahan Gagan 500d22bf32 minor changes in site settings 2020-10-22 10:42:17 -04:00
Jahan Gagan cce03de616 EDIT: specs and translation updated 2020-10-22 10:42:17 -04:00
Jahan Gagan fab67fafc1 FIX: invite users with sufficient trust level 2020-10-22 10:42:17 -04:00
David Taylor 85f827ee1c
UX: Remove forgot password button from login-preferences (#10998)
Showing this button is confusing for sites which are using external authentication. Clicking 'log in' already pops up the login modal, which includes a forgot password link when appropriate.
2020-10-22 14:34:10 +01:00
Martin Brennan 0d63eb4124
FEATURE: Add detection of post date to use in bookmark modal (#10981)
This PR introduces a feature that will detect a date inside the post that a user is bookmarking, and offer that date as an option in the bookmark modal.

The logic is that we get the first date/time detected in the post. If it does not have a time, just a date, then we default to 8:00am for the time.
2020-10-22 16:23:46 +10:00
Osama Sayegh a04c300495
DEV: Add optional ENV variables for MiniProfiler snapshots transporter (#10985) 2020-10-21 19:37:28 +03:00
Martin Brennan 3ae1f98dc8
DEV: Add env var to disable ActiveRecord logging in development (#10979)
If RAILS_DISABLE_ACTIVERECORD_LOGS=1 is passed when starting Rails, none of the query log output will show. This is very useful for debugging with breakpoints because logs are not flooding in constantly.
2020-10-21 12:06:12 +10:00
Discourse Translator Bot b5933e2b49
Update translations (#10970) 2020-10-20 15:34:57 +02:00
Roman Rizzi fbb1fb9270
FIX: Ensure slow mode duration is correctly edited and displayed. (#10945)
* FIX: Ensure slow mode duration is correctly edited and displayed.

This commit fixes a bug where you were forced to set hours, minutes, and seconds or you won't be able to set the slow mode. Also, the duration was not displayed correctly due to the seconds not being truncated.

Additionally, we'll always display the hours, minutes, and seconds inputs for clarity and remove the blue banner.

* Set slow mode modal tweaks.

Uses labels instead of placeholders.
Input fields only visible when custom option selected.
Replace "Custom Duration" with "Pick Duration".

Additionally, place the `Set slow mode` button at the bottom of the topic actions menu.

* Perform the slow_mode validation also on the client-side before saving trying to save the post. This way, the post won't be staged.
2020-10-20 06:52:03 -03:00
jbrw a74805d3f8
FIX: moderators can add/remove group owners (#10960)
If `SiteSetting.moderators_manage_categories_and_groups` is enabled, a moderator shoud be able to add/remove group owners.
2020-10-19 16:30:21 -04:00
Daniel Waterworth 48c3172913
DEV: Remove preserve_email_structure_when_styling setting (#10956)
This was made adjustable to allow rolling back quickly if problems came
up. The new behaviour was made default in 93137066 and no problems with
this have been reported.
2020-10-19 12:19:30 +01:00
David Taylor 23e5c605f6 DEV: Add support for allowed parameters in user api key scopes
Initially, this feature is only intended for use in core/plugins, so there is no API for requesting a parameter-scoped key. That may change in future.
2020-10-19 10:40:55 +01:00
Discourse Translator Bot 7eef10c6d7
Update translations (#10944) 2020-10-17 00:07:21 +02:00
Roman Rizzi 21c53ed249
FEATURE: Topic slow mode. (#10904)
Adds a new slow mode for topics that are heating up. Users will have to wait for a period of time before being able to post again.

We store this interval inside the topics table and track the last time a user posted using the last_posted_at datetime in the TopicUser relation.
2020-10-16 16:24:38 -03:00
Gerhard Schlager 7adf71a203
Fix i18n issues reported on Crowdin (#10925)
* Pluralize `discourse_narrative_bot.dice.not_enough_dice`
  The number of dice requires a pluralized string.
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/278/en-ar#51346

* Always use "two-factor" instead of "second factor" or "two factor"
  Using different terms for the same thing is quite confusing.
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-nl#40096

* Remove whitespace before ellipsis for consistency
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-nl#53978

* Remove unused strings from locale file

* Correct grammar in `site_settings.review_media_unless_trust_level`
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#54018

* Correct grammar in `reviewables.reasons.contains_media`
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#54020

* Correct grammar in user notifications
  It also adds a link to the /about page in order to give the user a clue who the site admins are.
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#54084

* Use "log in" instead of "login" when it's a verb
  This fixes multiple issues:
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-nl#40940
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#47858
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#49458

* Replace "Github" with "GitHub"

* Remove "discourse.org" from title of 503 error page

* Replace weirdly formatted multi line string

* Pluralize `js.composer.group_mentioned_limit`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41158

* Remove unused string and pluralize `js.topic.feature_topic.confirm_pin_globally`
  This kinda fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42114 as `js.topic.feature_topic.confirm_pin` wasn't used anymore.

* Pluralize `js.user.second_factor_backup.remaining_codes`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40054

* Pluralize `js.composer.error.tags_missing`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41184

* Pluralize `js.post.errors.too_many_dragged_and_dropped_files`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42408

* Remove unused `js.posts_long` and `js.likes_long`
  This fixes the following issues in an unexpected way:
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42974
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42994

* Pluralize `js.bootstrap_mode_enabled`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#38726

* Remove unused `long_form` from `post_action_types`
  This more or less fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-ar#47158

* Pluralize `js.presence.replying` and `js.presence.replying`
  This fixes the following issues:
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/282/en-ar#51588
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/282/en-ar#51590

* Pluralize `js.user.second_factor_backup.manage`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40044

* Stop using concatenated strings for "Recently Used Devices"
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40308

* Pluralize `js.category_row.topic_count`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41056

* Pluralize `js.select_kit.invalid_selection_length`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41072

* Pluralize `js.notifications.membership_request_consolidated`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41416
2020-10-16 15:24:58 +02:00
Bianca Nenciu 43e52a7dc1
DEV: Remove gifsicle dependency (#10357)
Dependency on gifsicle, allow_animated_avatars and allow_animated_thumbnails
site settings were all removed. Animated GIF images are still allowed, but
the generated optimized images are no longer animated for those (which were
used for avatars and thumbnails).

The added 'animated' is populated by extracting information using FastImage.
This field was used to selectively reoptimize old animations. This process
happens in the background.
2020-10-16 13:41:27 +03:00
Penar Musaraj 5763309953
FEATURE: WCAG compliant color schemes (#10882)
Co-authored-by: Kris <kris.aubuchon@discourse.org>
2020-10-15 14:05:48 -04:00
Jeff Wong d68ad82a9e
FEATURE: add penalty options for take action (#10926)
* FEATURE: add penalty options for take action

Add the ability to silence or suspend users from the "take action"
button when moderators are flagging posts. This allows for a more streamlined
active moderation workflow, when moderating against a topic directly.
2020-10-15 10:48:52 -07:00
jbrw 099bf97dca
Tag groups can belong to groups (#10854) 2020-10-14 13:15:54 -04:00
Penar Musaraj 74de7a49f5
Simplify theme and color scheme seeding (#10872)
Now that we have support for user-selectable color schemes, it makes sense
to simplify seeding and theme updates in the wizard. 

We now:

- seed only one theme, named "Default" (previously "Light")
- seed a user-selectable Dark color scheme
- rename the "Themes" wizard step to "Colors"
- update the default theme's color scheme if a default is set
(a new theme is created if there is no default)
2020-10-14 10:18:02 -04:00
Justin DiRose 8c77b84aac
Revert "FEATURE: Upgrade analytics.js to gtag.js (#10893)" (#10910)
Reverting due to a few unforseen issues with customizations.
2020-10-13 12:20:41 -05:00
Justin DiRose f4034226c2
FEATURE: Upgrade analytics.js to gtag.js (#10893)
Per Google, sites are encouraged to upgrade from `analytics.js` to `gtag.js` for Google Analytics tracking. This commit updates core Discourse to use the new `gtag.js` API Google is asking sites to use. This API has feature parity with `analytics.js` but does not use trackers.
2020-10-13 11:24:06 -05:00
Jordan Vidrine 95a142741c
UX: New Topics Will Appear Here display changes (#10895)
* UI: No new topics changes
This commit changes the way the 'new topics will appear here' message displays.
2020-10-13 10:29:27 -05:00
Discourse Translator Bot 85894537b1 Update translations 2020-10-13 15:40:37 +02:00
Bianca Nenciu 25b8ed740b
DEV: Make site setting type uploaded_image_list use upload IDs (#10401)
It used to be a list of concatenated upload URLs which was prone to
break.
2020-10-13 16:17:06 +03:00
Sam 32393f72b1
PERF: backoff background requests when overloaded (#10888)
When the server gets overloaded and lots of requests start queuing server
will attempt to shed load by returning 429 errors on background requests.

The client can flag a request as background by setting the header:
`Discourse-Background` to `true`

Out-of-the-box we shed load when the queue time goes above 0.5 seconds.

The only request we shed at the moment is the request to load up a new post
when someone posts to a topic.

We can extend this as we go with a more general pattern on the client.

Previous to this change, rate limiting would "break" the post stream which
would make suggested topics vanish and users would have to scroll the page
to see more posts in the topic.

Server needs this protection for cases where tons of clients are navigated
to a topic and a new post is made. This can lead to a self inflicted denial
of service if enough clients are viewing the topic.

Due to the internal security design of Discourse it is hard for a large
number of clients to share a channel where we would pass the full post body
via the message bus.

It also renames (and deprecates) triggerNewPostInStream to triggerNewPostsInStream

This allows us to load a batch of new posts cleanly, so the controller can
keep track of a backlog

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-10-13 16:56:03 +11:00
jbrw ac31fe8321
FEATURE - SiteSetting to disable user option to hide their profiles and presences (#10885)
* FEATURE - SiteSetting to disable user option to hide their profiles and presences
2020-10-09 17:18:44 -04:00
Arpit Jalan 4326827a4e
FIX: second factor cannot be enabled if SSO is enabled (#10880)
* FIX: second factor cannot be enabled if SSO is enabled

If `enable_sso` setting is enabled then admin should not be able to
enable `enforce_second_factor` setting as that will lock users out.

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-09 22:36:38 +05:30
Guo Xiang Tan cabbc32024 FIX: Scheduled jobs not showing up in /sidekiq/schedule in dev. 2020-10-08 10:24:51 +08:00
Sam 120fa8ad2f
PERF: Introduce absolute limit of digests per 30 minutes (#10845)
To avoid blocking the sidekiq queue a limit of 10,000 digests per 30 minutes
is introduced.

This acts as a safety measure that makes sure we don't keep pouring oil on
a fire.

On multisites it is recommended to set the number way lower so sites do not
dominate the backlog. A reasonable default for multisites may be 100-500.

This can be controlled with the environment var

DISCOURSE_MAX_DIGESTS_ENQUEUED_PER_30_MINS_PER_SITE
2020-10-07 17:30:15 +11:00
Martin Brennan 6e2be3e60b
FIX: When admin changes an email for the user the user must confirm the change (#10830)
See https://meta.discourse.org/t/changing-a-users-email/164512 for additional context.

Previously when an admin user changed a user's email we assumed that they would need a password reset too because they likely did not have access to their account. This proved to be incorrect, as there are other reasons a user needs admin to change their email. This PR:

* Changes the admin change email for user flow so the user is sent an email to confirm the change
* We now record who the email change request was requested by
* If the requested by user is admin and not the user we note this in the email sent to the user
* We also make the confirm change email route open to anonymous users, so it can be clicked by the user even if they do not have access to their account. If there is a logged in user we make sure the confirmation matches the current user.
2020-10-07 13:02:24 +10:00
Arpit Jalan f4c7c7bff3
FEATURE: bulk remove tags (#10831)
https://meta.discourse.org/t/bulk-actions-remove-tags-in-addition-to-change-tags/52145
2020-10-06 22:41:55 +05:30
Discourse Translator Bot 29a9ae1b50 Update translations 2020-10-06 15:43:13 +02:00
Penar Musaraj 4efbf8dc4f
Remove "further reading" step from wizard (#10825)
Instead, add link to top themes on meta in wizard's last step.
2020-10-05 15:06:05 -04:00
Penar Musaraj a4356b99af
FEATURE: Separate base and heading font site_settings (#10807)
Allows site administrators to pick different fonts for headings in the wizard and in their site settings. Also correctly displays the header logos in wizard previews.
2020-10-05 13:40:41 -04:00
Robin Ward 80a5482f28 Embedded topics are now unlisted by default
Previously this site setting `embed unlisted` defaulted to false and
empty topics would be generated for embed, but those topics tend to take
up a lot of room on the topic lists.

This new default creates invisible topics by default until they receive
their first reply.
2020-10-05 12:09:20 -04:00
Arpit Jalan 9b45391cf9
FEATURE: explain why invites are disabled to staff users (#10810)
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-03 13:05:26 +05:30
Robin Ward 23f24bfb51 REFACTOR: Move javascript tests inside discourse app
This is where they should be as far as ember is concerned. Note this is
a huge commit and we should be really careful everything continues to
work properly.
2020-10-02 11:29:36 -04:00
Krzysztof Kotlarek 5cf411c3ae
FIX: move hp request from /users to /token (#10795)
`hp` is a valid username and we should not prevent users from registering it.
2020-10-02 09:01:40 +10:00
Robin Ward a3c81a85cd
Update server.en.yml 2020-09-30 14:11:26 -04:00
Robin Ward e2b9d93556
Update server.en.yml 2020-09-30 14:11:12 -04:00
Jeff Atwood 8fd8114e97 minor copyedit 2020-09-30 10:46:27 -07:00
Penar Musaraj fb57fe7e36
FIX: Allow .otf fonts to be delivered via cdn (#10787)
The discourse-fonts package includes NotoSansJP (bold and regular), but
it is an OTF font, and it results in 404s in CDN requests.
2020-09-30 11:59:46 -04:00
Arpit Jalan ff44515a18
FIX: better error message if invite is expired (#10783)
https://meta.discourse.org/t/invite-token-is-invalid/165270/5?u=techapj
2020-09-30 20:32:33 +05:30
Joffrey JAFFEUX 318dadaf37
FIX: correct value of auto and adds nohighlight to the description (#10771) 2020-09-30 15:39:47 +10:00
Jeff Atwood a0bbc346cb minor copyedit 2020-09-29 16:47:54 -07:00
Arpit Jalan 025490ecb9
FEATURE: composer option to reload page and force save draft (#10773) 2020-09-29 22:29:03 +05:30
Discourse Translator Bot ecfca965f2 Update translations 2020-09-29 13:01:52 +00:00
Martin Brennan 3cd601dcc9
FIX: Admin change email for user process improvements and fixes (#10755)
See https://meta.discourse.org/t/changing-a-users-email/164512 for context.

When admin changes an email for a user, we were incorrectly sending the password reset email to the user's old address. Also the new email does not come into effect until the reset password process is done, so this PR adds some notes to the admin to make this clearer.
2020-09-29 09:45:45 +10:00
Arpit Jalan f7940b1d20
FEATURE: advanced search option for max posts count (#10761)
This commit adds an option to search for max posts count and updates
the UI for posts count search to show a min/max range in single line.
2020-09-28 21:34:16 +05:30
Arpit Jalan 4fcb307f84 UX: consistent password label on signup and invites page 2020-09-28 20:45:12 +05:30
Arpit Jalan 50d53508b1 UX: show range for advanced search views filter. 2020-09-28 16:07:44 +05:30
Arpit Jalan 30ffd3a44d Update locale for minimum posts filter on advanced search. 2020-09-25 08:18:03 +05:30
Mark VanLandingham 1a29801e2d
UX: More upbeat message when topic list is empty (#10740) 2020-09-24 12:05:58 -07:00
David Taylor f1d64bbbe5
FEATURE: Add a site setting to control automatic auth redirect (#10732)
This allows administrators to stop automatic redirect to an external authenticator. It only takes effect when there is a single authentication method, and the site is login_required
2020-09-24 17:06:07 +01:00
Penar Musaraj f55807922e
UX: Use simple list for settings without choice options (#10737)
It's a more user-friendly alternative to the default select-kit list,
for settings that are simple lists of items (the regular list widget is
better for settings with choice options).
2020-09-24 08:58:45 -04:00
Arpit Jalan cdf45f4fe6 Update regex for views search filter. 2020-09-24 17:05:55 +05:30
Arpit Jalan 5b0ce25dd7 Update locale for views search filter. 2020-09-24 16:33:53 +05:30
Arpit Jalan 0c5cd0d1ef FEATURE: advanced search filters for view count 2020-09-24 15:22:18 +05:30
Sam Saffron 580383dff3
FEATURE: change default size for search recent posts
The site setting `search_recent_posts_size` controls the window of posts
that we will search through before trying to search through the full index

If this number is too low then the search quality can suffer a lot as recent
posts may dominate search. If the number is too high then performance will
suffer.

This attempts to find a happy medium, 1 million posts will cover the majority
of forums out there and should perform adequately.
2020-09-24 17:04:55 +10:00
Bianca Nenciu eb891778ff
DEV: Do not translate font names (#10723)
Use the names as provided by discourse-fonts and remove the
translated strings.

It also ensures that the selected font is present in case a font will
be removed in the future.
2020-09-23 12:00:07 +03:00
Vinoth Kannan 1504fe7231 DEV: make it possible to enable cdn in development environment. 2020-09-23 11:52:16 +05:30
Simon Cossar 0f04864da1
Improve staff_like_weight copy to indicate how the value is applied (#10726) 2020-09-22 14:57:56 -07:00
Kris cba3d3782d
A11Y: Add label to share link input (#10717) 2020-09-22 17:26:03 -04:00
Robin Ward ce3fe2f4c4 REFACTOR: Support bundling our `admin` section as an ember addon 2020-09-22 15:14:29 -04:00
Discourse Translator Bot c86538097d Update translations 2020-09-22 13:04:13 +00:00
Krzysztof Kotlarek 0bb51dcbfa
FIX: TL2 promotion message and advance training (#10679)
This is a little bit of refactoring. Core Discourse should have default promotion message for TL2.

In addition, when the Discobot plugin is enabled, the user is invited to advanced training
2020-09-22 10:17:52 +10:00
Sam Saffron 8867bd4abe
DEV: allow larger recent post size
Limiting to 100,000 is too small, some sites may want a far higher limit.

Low numbers on recent_posts_size can impact search quality
2020-09-22 08:40:19 +10:00
Jarek Radosz 1db8315a8b UX: Remove the post number from a composer label
It didn't provide much value to users as it often didn't match the number visible in the topic timeline. That's because `postNumber` is an implementation detail, while the timeline counts only full visible posts (no whispers, topic action notices, etc.)
2020-09-21 14:47:36 +02:00
Joffrey JAFFEUX f785b04dc0
FIX: missing / after basePath was causing the URL to be relative (#10708) 2020-09-19 11:27:03 +02:00
Roman Rizzi f85f73be88
FEATURE: Review posts with media. (#10693)
To check if a post contains any embedded media, we look if the "image_sizes" attribute is present in the new post manager arguments.

We want to see one boxed links, but we only store the raw content of the post. To work around this, I extracted the onebox logic from the composer editor into a module.
2020-09-18 12:45:09 -03:00
David Taylor ce686a008f
DEV: Refresh site settings on Redis fallback (#10700)
This ensures that all app instances have up-to-date data, even if they missed a message-bus update during the failover
2020-09-18 11:44:25 +01:00
Guo Xiang Tan d83d9ec408
DEV: Clear all `DistributedCache` on Redis fallback. 2020-09-18 11:31:49 +08:00
Osama Sayegh a92d88747e
DEV: Add ENV variable for enabling MiniProfiler snapshots (#10690)
* DEV: Add ENV variable for enabling MiniProfiler snapshots

* MiniProfiler is not loaded in test env
2020-09-17 18:18:35 +03:00
Daniel Waterworth 6e69c25134 FIX: Use asset_hostnames in rails_multisite
We want to respond to the x-forwarded-for host from the CDN too.
2020-09-17 10:32:43 +01:00
Guo Xiang Tan b47b640598
FEATURE: Hidden `SiteSetting.keep_old_ip_address_count` to track IP history. 2020-09-17 12:50:39 +08:00
Martin Brennan 49bd066037
FEATURE: Default allow embed secure images in email to true (#10688)
We are making the changes from the PR #10563 the default behaviour. Now, if secure media is enabled, secure images will be embedded in emails by default instead of redacting them and displaying a message. This will be a nicer overall experience by default, and for forums that want to be super strict with redaction this setting can always be disabled.
2020-09-17 14:15:02 +10:00