Commit Graph

1342 Commits

Author SHA1 Message Date
Joffrey JAFFEUX 6c2717eda0
UX: ensures esc key is correctly working when in dates form (#9299)
1 esc close modal focus date button in toolbar
2 esc reduces composer
2020-03-30 17:59:25 +02:00
Martin Brennan 0cb40fe9ed
FIX: Narrative bot not working for bookmarks with reminders (#9289)
Reported https://meta.discourse.org/t/improved-bookmarks-with-reminders/144542/42?u=mjrbrennan

* There was no callback on the bookmark model to trigger the next step of the narrative bot on bookmark.
* Also the translation URL path was hardcoded, needs to be conditional based on whether the site setting is enabled.
2020-03-27 12:17:18 +10:00
Kane York 330102fd20 FEATURE: Show votes in an "on voted" poll to the creator
This required properly plumbing the guardian into the serializer.

Notably, the default state in the client was not changed - if you haven't voted in
the poll, you need to click the button to view the results instead of the results
being immediately visible on page load.

Implements https://meta.discourse.org/t/-/138108
2020-03-20 13:36:42 -07:00
Bianca Nenciu 5e4cf244a5
FIX: Show time input in poll builder (#9128) 2020-03-16 13:25:45 +01:00
David Taylor 3d71b68195
DEV: Introduce plugin api for conditionally rendering assets (#9200) 2020-03-13 15:30:31 +00:00
Joffrey JAFFEUX 6102c287f7
FIX: prevents i18n helper to return a SafeString (#9191)
For convenience the i18n helper has been made returning a SafeString, but when used with other helpers, a String is expected and will cause unexpected behaviors.

This is the root cause of the initial bug fixed in d2bb127e2c

This commit is kept as it's a better security in case of unexpected behavior.
2020-03-12 16:50:20 +01:00
Joffrey JAFFEUX 4e0b2ae294
DEV: defines a constant for INPUT_DELAY (#9169) 2020-03-11 15:28:16 +01:00
Robin Ward a3f0543f99
Support for transpiling `.js` files (#9160)
* Remove some `.es6` from comments where it does not matter

* Use a post processor for transpilation

This will allow us to eventually use the directory structure to
transpile rather than the extension.

* FIX: Some errors and clean up in confirm-new-email

It would throw an error if the webauthn element wasn't present.
Also I changed things so that no-module is not explicitly
referenced.

* Remove `no-module`

Instead we allow a magic comment: `// discourse-skip-module` to prevent
the asset pipeline from creating a module.

* DEV: Enable babel transpilation based on directory

If it's in `app/assets/javascripts/dicourse` it will be transpiled
even without the `.es6` extension.

* REFACTOR: Remove Tilt/ES6ModuleTranspiler
2020-03-11 09:43:55 -04:00
Dan Ungureanu 0754c7c404
FIX: Various fixes to support posts with no user (#8877)
* Do not grant badges for posts with no user
* Ensure instructions are correct in Change Owner modal
* Hide user-dependent actions from posts with no user
* Make PostRevisor work with posts with no user
* Ensure posts with no user can be deleted
* discourse-narrative-bot should ignore posts with no user
* Skip TopicLink creation for posts with no user
2020-03-11 14:03:20 +02:00
Joffrey JAFFEUX 683cb28099
DEV: enforces ember-template-lint: no-triple-curlies (#9165)
This pr replaces `{{{ }}}` usage by a {{html-safe}} helper. While it doesn't solve the underlying issue, it gives us a path forward without risking breaking too much existing behavior.

Also introduces an htmlSafe computed macro:

```
import { htmlSafe } from "discourse/lib/computed";

htmlDescription: htmlSafe("description")
```

Overtime {{html-safe}} usage should be removed and moved to components properties or specialized components/helpers.
2020-03-11 09:23:10 +01:00
Jarek Radosz 29b35aa64c
DEV: Improve flaky time-sensitive specs (#9141) 2020-03-10 22:13:17 +01:00
romanrizzi f795c1b8e8 Revert "DEV: enforces ember-template-lint: no-triple-curlies (#9150)"
This reverts commit d436b600fb.

Triple curlies are still necessary for some raw templates.
2020-03-10 15:00:12 -03:00
Joffrey JAFFEUX d436b600fb
DEV: enforces ember-template-lint: no-triple-curlies (#9150)
This pr replaces `{{{ }}}` usage by a {{html-safe}} helper. While it doesn't solve the underlying issue, it gives us a path forward without risking breaking too much existing behavior.

Also introduces an htmlSafe computed macro:

```
import { htmlSafe } from "discourse/lib/computed";

htmlDescription: htmlSafe("description")
```

Overtime {{html-safe}} usage should be removed and moved to components properties or specialized components/helpers.
2020-03-10 16:46:57 +01:00
Jarek Radosz 5037b80c9c
Merge imports from the same module (#9144) 2020-03-09 17:38:37 +01:00
Joffrey JAFFEUX f1bb1db354
DEV: enforces ember-template-lint: no-unbound (#9147)
From ember-template-lint documentation (https://github.com/ember-template-lint/ember-template-lint/blob/master/docs/rule/no-unbound.md):

```
{{unbound}} is a legacy hold over from the days in which Ember's template engine was less performant. Its use today is vestigial, and it no longer offers performance benefits.

It is also a poor practice to use it for rendering only the initial value of a property that may later change.
```

Co-Authored-By: Jarek Radosz <jradosz@gmail.com>
2020-03-09 15:28:31 +01:00
Jarek Radosz 48ba65f406
DEV: Clean up Ember imports (#8979)
Includes:
* Import `computed` helpers
* Import `@ember/application`
* Import `isBlank` from `@ember/utils`
* Import `A` from `@ember/array`
* Import `EmberArray` from `@ember/array`
* Import `ArrayProxy` from `@ember/array/proxy`
* Import `warn` from `@ember/debug`
* Import `EmberObject` from `@ember/object`
* Import `Application` from `@ember/application`
* Import `EmberRouter` from `@ember/routing/router`
* Import `isPresent` from `@ember/utils`
* Import `computed` from `@ember/object`
* Import `guidFor` from `@ember/object`
* Import `isArray` from `@ember/array`
* Import `TextField` from `@ember/component`
* Import `TextArea` from `@ember/component`
* Import `Promise` from `rsvp`
* Import `Evented` from `@ember/object/evented`
* Replace deprecated `ember-addons/ember-computed-decorators` imports
2020-03-06 23:49:28 +01:00
Mark VanLandingham 763a065df9
FIX: Correctly format select options for group poll by fields (#9131) 2020-03-06 12:58:59 -06:00
Neil Lalonde 4b70719a48
Update translations 2020-03-05 12:45:42 -05:00
Dan Ungureanu c62d5b139b
FIX: Allow users to create polls in PMs with non human users (#9055) 2020-03-02 14:29:40 -05:00
Dan Ungureanu d461772661
FIX: Skip poll tutorial if user cannot create polls (#9058) 2020-02-27 16:01:59 +02:00
David Taylor dfe11321d8
FIX: Polyfill Promise for IE11 (#9057)
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-02-27 12:13:07 +00:00
Joffrey JAFFEUX a4fc6ccc12
UX: prevents jumpyness when displaying poll voters (#9054) 2020-02-27 11:09:54 +01:00
Neil Lalonde b0675075f7 Update translations 2020-02-25 10:29:14 -05:00
Joffrey JAFFEUX 0ea11a9d49
FIX: ensures we don't attempt to create a new PM on an existing topic (#9029)
This fix attempts to both fix it at UI level and server side. A previous attempt related to this behavior has been made in commit: 49c750ca78
2020-02-24 08:55:12 -06:00
Penar Musaraj 6be685ac67 DEV: Find/replace deprecated decorators 2020-02-19 11:49:56 -05:00
Kris de559f3fe3 FIX: Remove border-box from modal-body to avoid iOS fixed position bug 2020-02-19 11:08:15 -05:00
Dan Ungureanu 59db2811b0
FIX: Disable poll options if user groups do not allow them (#8987) 2020-02-18 12:13:19 +02:00
Joffrey JAFFEUX 72b6f908f4
UX: minor tweaks to poll builder UI (#8985) 2020-02-17 11:02:44 -05:00
Dan Ungureanu 82b307cd52
FIX: Use correct translation string 2020-02-17 13:49:43 +02:00
Joffrey JAFFEUX 2c7d32e783
FIX: prevents everyone group to show as group option for polls (#8957) 2020-02-14 14:11:34 +01:00
Neil Lalonde 637535fc6b Update translations 2020-02-13 15:00:16 -05:00
Mark VanLandingham 0772a4338b
FIX: Remove pie draw animation (#8940) 2020-02-12 07:09:40 -08:00
Mark VanLandingham daaa0a657f
FIX: Render HTML for pie chart options (#8912) 2020-02-11 10:02:54 -06:00
David Taylor b34f09f8d7 FIX: Polyfill String.startsWith function for IE11
Followup to fe0d912b97
2020-02-11 15:35:22 +00:00
Joffrey JAFFEUX 8ca9ad887d
FIX: replaces fake null value by clearable option (#8875) 2020-02-06 08:30:26 +01:00
Mark VanLandingham 5d97286fa7
FEATURE: Allow single option polls (#8853) 2020-02-05 08:03:27 -06:00
Joffrey JAFFEUX 0431942f3d
DEV: select-kit 2 (#7998)
This new iteration of select-kit focuses on following best principales and disallowing mutations inside select-kit components. A best effort has been made to avoid breaking changes, however if you content was a flat array, eg: ["foo", "bar"] You will need to set valueProperty=null and nameProperty=null on the component.

Also almost every component should have an `onChange` handler now to decide what to do with the updated data. **select-kit will not mutate your data by itself anymore**
2020-02-03 14:22:14 +01:00
Bianca Nenciu 07222af7ab
FEATURE: Add 'groups' option to polls (#8469)
This options can be used to restrict polls to certain groups.
2020-01-28 14:30:04 +02:00
Dan Ungureanu 03143d9449
FIX: Do not extract dates from quotes and Oneboxes (#8754)
Post.local_dates used to contain dates from quotes and Oneboxes.
2020-01-21 17:42:41 +02:00
Neil Lalonde 2dd1ff79b4 Update translations 2020-01-20 11:00:44 -05:00
Jarek Radosz fe588cc7f8
DEV: Fix function prototype deprecations (#8681)
* DEV: Fix the function prototype observers deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.observes('foo') to observer('foo', function() {}). [deprecation id: function-prototype-extensions.observes] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-observes for more details.

* DEV: Fix the function prototype event listeners deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.on('foo') to on('foo', function() {}). [deprecation id: function-prototype-extensions.on] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-on for more details.

* DEV: Simplify `default as` imports

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-01-16 18:56:53 +01:00
Arpit Jalan 91f8ada8e0 FIX: add missing translation key for narrative bot Italian locale. 2020-01-16 13:23:16 +05:30
Joffrey JAFFEUX f4744193bd
FEATURE: allows to define a dissmiss duration on global notices (#8715)
This commit also adds more documentation to various options and defines a 1 week duration for IE global notice dismiss duration.
2020-01-15 09:02:28 +01:00
Joffrey JAFFEUX f10078eab4
FIX: moves back padStart/padEnd to core polyfills (#8714)
Multiple users are on chrome 56 when this is only supported on chrome 57. Given it's only few lines of code, it makes sense to keep supporting this.
2020-01-14 10:54:39 +01:00
David Taylor 4e8aaacce8 UX: Update IE11 deprecation warning, and enable by default 2020-01-13 17:01:28 +00:00
Robin Ward 648a1124eb FIX: Specs with old filename 2020-01-10 15:29:35 -05:00
Robin Ward 72c3f36e58 Add optional file to precompile list 2020-01-10 15:14:32 -05:00
Robin Ward 556d66a97c FIX: Use CDN for the `discourse-internet-explorer`
Previously the CDN was skipped because the assets were not in the proper
place to be uploaded.
2020-01-10 15:06:55 -05:00
Jarek Radosz 9e3fc1111d
FIX: Add a blank poll options validation (#8652)
Before, saving a post with a blank poll option resulted in error 500.
2020-01-03 15:09:36 +01:00
Arpit Jalan 57081acc08 FIX: trigger commands are different for each locale, account for that. 2020-01-01 16:53:36 +05:30
Joffrey JAFFEUX c15d702ae6
FEATURE: internet explorer deprecation global notice (#8577) 2019-12-30 08:19:07 +01:00
Krzysztof Kotlarek 8c2e27790c
FIX: everyone can see poll results when on_vote and closed (#8613)
The bug was mentioned here: https://meta.discourse.org/t/poll-name/136436

I added specs to cover existing behaviour and refactored can_see_results method.

Guard condition should apply only if the poll result setting is set to `staff_only`.

In other cases, user can see results when the poll result setting is set to `always` or user voted or poll is closed.
2019-12-24 08:04:35 +11:00
Neil Lalonde 91b290c784 Update translations 2019-12-19 12:31:52 -05:00
Robin Ward c91a360ef7 FIX: Include `Symbol` polyfill for IE11
This is necessary when we use `for (x of y)` operators in Javascript as
they are transpiled to use `Symbol` which is not present in IE.
2019-12-18 15:58:36 -05:00
David Taylor b4f28ce2b1 FIX: Add missing Object.entries polyfill for IE11
This was omitted when IE polyfills were migrated from polyfills.js to ie.js
2019-12-18 11:36:26 +00:00
Krzysztof Kotlarek f59647cd55
FIX: move IE specific CSS rules to discourse-internet-explorer plugin (#8567) 2019-12-18 15:25:16 +11:00
Mark VanLandingham 44612f900e
FIX: Remove 'staff_only' results option for non-staff (#8565) 2019-12-17 13:43:15 -08:00
Robin Ward bc97d39688 FIX: Allow IE script to load with a CDN
A proper fix would involve it being precompiled like other assets, but
due to the conditional nature of the resource this is more complicated.

For now this is better than IE being broken.
2019-12-13 15:50:46 -05:00
Robin Ward 4abe4454dd
FEATURE: Create IE Support Plugin (#8520)
This core plugin, which could be split off in the future, allows us to load IE specific code on demand.

Co-authored-by: jjaffeux <j.jaffeux@gmail.com>
2019-12-11 09:07:22 -05:00
romanrizzi 5431ae0a17 FIX: Don't raise an error if the user is not present 2019-12-11 11:03:31 -03:00
Gerhard Schlager dfb9fa3b98 Update translations 2019-12-10 13:10:55 +01:00
Rafael dos Santos Silva dbee72e92b FIX: Export poll UI should only show for admins 2019-12-05 17:03:06 -03:00
Neil Lalonde 50b98a47ac Update translations 2019-12-05 11:20:52 -05:00
Joffrey JAFFEUX 0d3d2c43a0
DEV: s/\$redis/Discourse\.redis (#8431)
This commit also adds a rubocop rule to prevent global variables.
2019-12-03 10:05:53 +01:00
Mark VanLandingham 118fef2353
FIX: Hide pie legend when results are grouped (#8445) 2019-12-02 13:59:52 -06:00
Mark VanLandingham 87a298a59b
FIX: Poll pie container was too large (#8444) 2019-12-02 11:51:06 -06:00
Régis Hanol 455147cabe DEV: use DB.after_commit instead of delaying the job 2019-11-29 22:48:39 +01:00
Régis Hanol 5ae570a088 remove unnecessary symlink 2019-11-29 22:23:43 +01:00
Régis Hanol 3807484757 FIX: delay the 'send_advanced_tutorial_message' job to prevent race conditions
When a user accepts an invite with an email address that matches a group
which automatically awards its members Trust Level 2, a race condition might happen
when the 'send_advanced_tutorial_message' job runs.

That job is enqueued inside the 'user_promoted' event which is triggered inside a
transaction on the user record. If the job runs before the transaction is done,
the user record is invisible and this generates an exception.
2019-11-29 22:14:41 +01:00
David Taylor dd8fe1a9e7 DEV: Update annotations 2019-11-29 15:49:08 +00:00
Joffrey JAFFEUX 0807751390
REFACTOR: poll-pie-chart widget (#8415)
This commit mostly get rid of the later() call and encapsulate all pie chart display logic inside discourse-poll-pie-canvas widget instead of sharing it between discourse-poll-pie-chart and discourse-poll-pie-canvas
2019-11-27 00:10:43 +01:00
Joffrey JAFFEUX cfa6ec8034
FIX: improves recurring by ensuring DST is computed correctly (#8410) 2019-11-25 23:32:24 +01:00
Mark VanLandingham a3157f0e38
FIX: The build; ran prettier (#8412) 2019-11-25 12:12:44 -06:00
Mark VanLandingham b92a8131c0
FEATURE: Pie chart option for poll results (#8352) 2019-11-25 11:51:01 -06:00
Benjamin Hipple c75ebfee57 UX: Rename 'Hide results' to 'Show vote' in polls (#8403)
For various reasons, users may want to change their response to a poll.
Currently they have permission to do so, however it is hidden behind the 'Hide
results' button. Since what this button does is take the user back to the vote
panel, it seems more appropriate to name it 'Show vote', where it becomes
obvious that it can be modified and re-submitted.

As discussed here [1], there are mulitple users, myself included, who assumed
that editing a misclick response was impossible. This improves the label to make
it more descriptive of the action actually being taken.

[1] https://meta.discourse.org/t/ability-to-remove-my-choice-in-a-poll/53642/6
2019-11-25 12:26:19 +01:00
Rafael dos Santos Silva fd0025a735
FEATURE: Add export poll button (#8370)
This PR aims to make poll results easily exportable to staff in a CSV format, so they can be analyzed in external software.

It also makes the export data easily customizable by allowing users to leverage any data explorer query to generate the report. By default, we use a query that ships with data explorer, but user can change the ID in settings or use 0 to disable this feature.

One potential upgrade is using the recent work that allows arbitrary group to run data explorer and allow all the groups with access to the configured query to also export polls, but that can be added later.

Co-Authored-By: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-11-22 16:06:39 -03:00
Joffrey JAFFEUX c498780479
FIX: prevents exception and more duplicates (#8396) 2019-11-22 19:43:37 +01:00
Joffrey JAFFEUX a40bc1e92b
FIX: prevents timezone to show duplicated zones in preview
It could happen if you have Etc/UTC in default settings, and timezone="UTC" on date, the equality check is now more strict.
2019-11-22 17:14:27 +01:00
Joffrey JAFFEUX 3d1b6b6729
FIX: handle german quotes in discourse local-dates (#8386)
https://meta.discourse.org/t/insert-date-timezone-is-always-utc-my-timezone-is-ignored/126307
2019-11-21 11:43:35 +01:00
David Taylor 22e713d2b0 FIX: Add skip_validations in one more place for narrative bot plugin
Followup to bbb814e58e
2019-11-20 15:43:42 +00:00
David Taylor bbb814e58e FIX: Allow advanced tutorial when title emojis are disabled
We already skip validations for other uses of PostCreator in the narrative bot, so this commit adds it in the `reply_to` action as well
2019-11-20 15:29:06 +00:00
Joffrey JAFFEUX e6442a2d2f
FIX: we don't need to refresh dates so often (#8367) 2019-11-18 10:04:07 +01:00
Joffrey JAFFEUX 45648e46ba
FIX: attempts to be correct about dst when using recurrence (#8366) 2019-11-18 10:02:58 +01:00
Sam Saffron e2ccb0c608 DEV: remove NGINX performance report
This report is no longer supported or tested, it was moved to:

https://github.com/SamSaffron/discourse-nginx-performance-report

The new home for the performance report means this is no longer an official
Discourse plugin
2019-11-18 15:30:57 +11:00
Penar Musaraj 20f5a062f4 Fix Prettier in poll plugin 2019-11-15 11:01:22 -05:00
romanrizzi f87d38fc7c Use correct variable name 2019-11-14 17:46:20 -03:00
Blake Erickson 73e33ce243 DEV: send url string to FileHelper and refactor another open-uri call
FileHelper.download requires a string not a URI. I also found another
instance of using open-uri directly and swapped it out to use
FileHelper.

I also updated it to not `read` a file if it comes back nil.

Follow up to: fe01099a38
2019-11-14 08:25:30 -07:00
Gerhard Schlager f72730703a Update translations 2019-11-14 15:41:42 +01:00
Blake Erickson fe01099a38 DEV: Be sure to read the file into string before base64
Follow up to: 08b4753843

If you don't use `read` base64 will error out with: "no implicit
conversion of Tempfile into String"
2019-11-14 05:55:36 -07:00
Blake Erickson 08b4753843 DEV: Use FileHelper instead for downloading narrative bot avatar
Follow up to

b69450bee2

Using FileHelper here allows us to not have to use another require for
open-uri and gives us all the benefits of FileHelper.
2019-11-14 05:23:51 -07:00
Blake Erickson b69450bee2 FIX: need to require open-uri for discourse-narrative-bot plugin
By requiring open-uri this will fix the following error:

```
NoMethodError (private method `open' called for #<URI::Generic...
```

also switched to the shorter syntax and removed default options. Since
ruby 2.4 redirect is on by default.
2019-11-13 18:11:50 -07:00
Roman Rizzi c63e84dc62
FEATURE: Send a message to new TL2 users and point them to the advanced tutorial (#8335)
* FEATURE: Send a message to new TL2 users and point them to the advanced tutorial

* DEV: Use a method to find the discobot user
2019-11-13 18:31:49 -03:00
Robin Ward f518065654 FIX: computed is part of `@ember/object` not `@ember/object/computed` 2019-11-13 11:58:09 -05:00
Arpit Jalan 5ff84be8cc FIX: do not strip nil string 2019-11-13 16:58:14 +05:30
Jarek Radosz 17bca00661 DEV: Run prettier 2019-11-12 12:07:19 +01:00
Jarek Radosz 5d4b240453
DEV: Provide radix argument to parseInt (#8281)
* DEV: Provide radix 10 argument to parseInt

* DEV: Provide radix 16 argument to parseInt

* DEV: Remove unnecessary parseInt calls

* Fix year formatting

parseInt was used here to convert decimals to ints
2019-11-12 10:47:42 +01:00
Robin Ward e39d89ecd9 REFACTOR: Remove `InputValidation` which was simply an `Ember.Object` 2019-11-11 15:48:56 -05:00
Robin Ward da04c602ba REFACTOR: Remove `debounce` to `discourseDebounce`
Otherwise it can be confused with the ember debounce
2019-11-11 13:34:01 -05:00
Kris b066a4128d Adding a text-overflow: ellipsis; mixin and related cleanup 2019-11-06 14:00:29 -05:00
Neil Lalonde b151963f18 Update translations 2019-11-06 10:43:13 -05:00
Gerhard Schlager 94a34af702 Update translations 2019-11-05 16:52:48 +01:00
Jarek Radosz d43e7354ec
DEV: Convert <button> tags to {{d-button}} components (#8224)
* DEV: Convert <button> tags to {{d-button}}

* Fixes
2019-11-04 11:23:54 +01:00
Robin Ward 90f934a660 REFACTOR: Use a module for `Ember.isEmpty` 2019-11-01 13:50:15 -04:00
Robin Ward 8d34f4bbd9 Revert "Revert Ember.run refactors"
This reverts commit fcb1ca52f9.
2019-10-30 09:48:24 -04:00
Robin Ward fcb1ca52f9 Revert Ember.run refactors
This reverts commit 5ca60fcb6b.
2019-10-29 17:10:47 -04:00
Robin Ward 5ca60fcb6b REFACTOR: Use imports for `Ember.run` 2019-10-29 15:31:56 -04:00
Robin Ward 7744b636e9 FIX: Handle nil case for avatar, just in case 2019-10-24 14:02:51 -04:00
Robin Ward 8b4e71cb21 FIX: Allow avatar downloads to follow redirects 2019-10-24 14:01:54 -04:00
Robin Ward 2c0efac25e FIX: Broken certificates 2019-10-24 12:39:58 -04:00
Bianca Nenciu 690db4fd36
FIX: Show poll voters in Oneboxed posts. (#7768) 2019-10-24 14:00:25 +03:00
Robin Ward 6287eccb35 REFACTOR: Remove `Ember.Controller` in favor of import 2019-10-23 13:06:54 -04:00
Robin Ward a8a76198b1 REFACTOR: Remove `Ember.Component` global variable
Use imports instead.
2019-10-23 12:30:52 -04:00
Roman Rizzi 835d2be4da
FIX: Rate limit and hijack certificate generation. (#8215)
To eliminate a DDOS attack vector, we're taking the following measures:

The endpoint will be rate-limited to 3 requests every 60 seconds (per user).
A 24 hours max-age cache header is sent with the response.
The route will be hijacked to generate the certificate in the background.
2019-10-21 13:14:15 -03:00
Joffrey JAFFEUX 54bc2bdba7 UX: emphasizes on local-dates being UTC in excerpts (#8208) 2019-10-17 10:18:06 -04:00
Kris 4338515a85 fix poll test 2019-10-16 21:53:37 -04:00
Kris b005377d0a UX: add newline after closing poll tag for poll builder 2019-10-16 21:40:42 -04:00
Robin Ward 74207ef03a Refactor `search_answer` to be dynamically inserted so it can be changed 2019-10-16 14:37:17 -04:00
Robin Ward a37dafdd4d FIX: Use the quote generator in the example text
This way if a plugin customizes the quotes the example will match.
2019-10-16 13:40:44 -04:00
Krzysztof Kotlarek e2f9b7dd6f FIX: Narrative Bot certificates are ERB templates (#8174)
There are at least two ways of rendering templates outside of the controller. The first one is Rails way enabled with Rails 5 https://evilmartians.com/chronicles/new-feature-in-rails-5-render-views-outside-of-actions
The downside of this method is that all variables need to be passed as params (I could find a way to pass the whole context)

Another way is to use instance_eval described in Erubi documentation
https://github.com/jeremyevans/erubi#usage - it works perfectly fine, however, I didn't feel very confident about using eval unless necessary.

An additional benefit of using `ApplicationController.render` is that if Rails would change the ERB engine in the future, this code should still work.

If you want to test it on your local, you need to be signed in and then that two URLs are generating certificates:
http://localhost:3000/discobot/certificate.svg?date=Oct+07+2019&type=standard&user_id=1
http://localhost:3000/discobot/certificate.svg?date=Oct+07+2019&type=advanced&user_id=1

Dev: https://dev.discourse.org/t/discourse-narrative-bot-should-not-be-storing-giant-strings/17130
2019-10-09 17:45:01 +11:00
Gerhard Schlager 3dfe9f3b8d Update translations 2019-10-08 12:25:24 +02:00
Robin Ward f5d391a48a
REFACTOR: Move `app-events:main` to `service:app-events` (#8152)
AppEvents was always a service object in disguise, so we should move it
to the correct place in the application. Doing this allows other service
objects to inject it easily without container access.

In the future we should also deprecate `this.appEvents` without an
explicit injection too.
2019-10-04 10:06:08 -04:00
Vinoth Kannan 5a919c2211 DEV: use 'user_created' discourse event instead of 'after_commit' model callback. 2019-10-04 10:48:49 +05:30
Krzysztof Kotlarek 427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
Rafael dos Santos Silva 45ff119f27 FIX: Try to match advanced tutorial reset first (#8048)
Advanced trigger is currently broken on:

    ca
    es
    et
    fr
    he
    it
    pt_BR

And that is because the translation levels for the plugin are kinda low, so I would guess it's broken for half the languages.

Since we have only two tracks for a while now, a quick fix to me is inverting the selectors.

This patch works because the advanced key is "larger" than the new user one.
2019-10-02 11:55:47 +10:00
Gerhard Schlager 8adec48b33 Update translations 2019-09-26 04:29:44 +02:00
Bianca Nenciu 0d22beb81d
FIX: Improve Onebox detection (#8019)
Follow-up to 7c83d2eeb2.
2019-09-10 13:59:48 +03:00
Joe 27f7bd4273
UX: adjusts RTL composer presence avatar alignment
context: https://meta.discourse.org/t/user-is-typing-misaligned-and-mixed-with-reply-choices-with-rtl/127963

This commit adds a temporary fix for presence avatar overlap in the composer for RTL.

More context on TMP here: https://meta.discourse.org/t/moving-the-voting-box-to-the-right-side-of-the-screen/126752
2019-09-09 20:47:29 +08:00
Neil Lalonde 930e70aba9 Update translations 2019-09-04 10:24:43 -04:00
romanrizzi 1e89939383 DEV: Added wrapper to signal that NewPostManager#add_plugin_payload_attribute is part of the public API 2019-08-29 11:58:19 -03:00
Gerhard Schlager 8841563f8a Update translations 2019-08-26 14:36:46 +02:00
Joffrey JAFFEUX bf05a8da96
FEATURE: adds countdown attribute to [date] (#8037)
When used, dates will be displayed as a countdown in a human friendly way.
2019-08-24 11:39:20 -05:00
Arpit Jalan 6b621ceb06 DEV: consistent plugin nomenclature. 2019-08-22 11:08:06 +05:30
Arpit Jalan 75f37ac16a Rename `lazyYT` plugin directory name to `lazy-yt` 2019-08-21 14:35:14 +05:30
Sam Saffron 096f932ef2 Lint files
Both needed some prettier tlc
2019-08-16 13:06:51 +10:00
Blake Erickson 69498a58e9
FEATURE: Staff only poll results (#7984)
* FEATURE: Staff only poll results

These changes allow only staff to see the results of a poll.

Non-staff users will be shown a screen like this:

1b8bd76013.png

The "Votes are public" message has been removed from the info section,
and the button to show the votes has been replaced with a message
stating the results will only be shown to staff.

* Update PR based on feedback

* Update plugins/poll/app/models/poll.rb

make sure we return a boolean

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-08-15 12:27:18 -06:00
Roman Rizzi 79957706b1
FIX: Store custom attributes that are needed by plugins in queuedpost payload (#8009) 2019-08-14 15:02:59 -03:00
Régis Hanol c628166bb4 FIX: replace model usage with SQL query
Follow-up to b500ef77
2019-08-13 18:32:24 +02:00
Jarek Radosz 6a65e5312b FEATURE: Add a preview to the poll builder (#7988)
* FEATURE: Add a preview to the poll builder

* Use selectKit helper in the poll preview test

* Extract the mobile-specific poll builder form CSS
2019-08-13 09:49:40 -04:00
Eduardo Poleo b500ef77d7 Poll migration is not idempotent (#7964)
The migration script is not idempotent due to database constrains on the
poll related objects, namely:

polls: index_polls_on_post_id_and_name (post_id,name) UNIQUE
poll_options: index_poll_options_on_poll_id_and_digest  (poll_id,digest) UNIQUE
poll_votes:  index_poll_votes_on_poll_id_and_poll_option_id_and_user_id  (poll_id,poll_option_id,user_id) UNIQUE

This change skips a particular poll migration if it's already found on
the db.
2019-08-08 18:48:53 +02:00
Guo Xiang Tan 636b6c3a5a FIX: Wrong discobot tutorial started for certain locales.
If a locale has triggers that start with the same word, our regexp will
always end up matching the first trigger. For example,

`start tutorial` and `start tutorial advanced`

To support the change, we have to make the match on triggers more
restrictive. `@discobot quote here` will no longer work like `@discobot
quote`.
2019-08-08 10:53:58 +08:00
Guo Xiang Tan b574276e6e DEV: Correct hardcoded value in discobot tests. 2019-08-08 10:53:58 +08:00
Penar Musaraj 78500fb770 UX: Improve layout of poll builder modal 2019-08-07 15:00:03 -04:00
Joffrey JAFFEUX f4543ff02a
FIX: ensures pikaday picker is showing in UTC (#7968) 2019-08-06 08:41:38 +02:00
Gerhard Schlager a68d8de72f UX:UX: Use shorter weekday labels in local-dates plugin 2019-08-05 14:21:59 +02:00
Guo Xiang Tan 1267185a07 DEV: Remove unused option.
Follow up to 18ed03e044.
2019-07-30 21:12:13 +08:00
Ned Batchelder 18ed03e044 Clarify how to start a tutorial
https://meta.discourse.org/t/does-the-advanced-user-tutorial-still-exist/123661/14
2019-07-30 21:10:22 +08:00
Joe a0df4c3757
UX: prevents cooked dates from wrapping (#7954) 2019-07-30 14:04:30 +08:00
Joffrey JAFFEUX c1d2fb115c
DEV: prevents staff computed property to be overridden (#7931) 2019-07-24 22:01:08 +02:00
Neil Lalonde 97e9599ecc Update translations 2019-07-15 09:43:22 -04:00
AhmadF.Cheema bfbd97d3b5 Remove extra whitespaces from locale files
Co-authored-by: Gerhard Schlager <mail@gerhard-schlager.at>
2019-07-04 13:48:17 +02:00
Gerhard Schlager a5e80079d6 FEATURE: Add Belarusian language 2019-07-04 11:37:37 +02:00
Bianca Nenciu 463db22928 DEV: Add test.
Follow-up to bccd090ced.
2019-06-26 16:37:01 +03:00
Bianca Nenciu bccd090ced SECURITY: Escape email text for posts containing [details]. 2019-06-26 16:28:31 +03:00
Neil Lalonde 7e884cce6b Update translations 2019-06-25 10:57:18 -04:00
Neil Lalonde dbc59cfe61 Update translations 2019-06-17 13:25:37 -04:00
Joffrey JAFFEUX 32cd9ba59b
FIX: ensures local-dates modal is not taking full height on mobile (#7772) 2019-06-16 08:48:07 +02:00
Robin Ward a8793d0d9a REFACTOR: Test Memory Usage Fixes (#7769)
* Calling `Discourse.reset()` creates a new container
We should run our de-initializers only after acceptance tests,
since initializers are not run outside of acceptance tests anyway,
and the container at this point can be passed properly to the
`teardown()` method.

* Remove `Discourse.reset` from tests
This would cause a new container to be created which leaks many objects.

* `updateCurrentUser` is more accurate than `replaceCurrentUser`
2019-06-14 14:54:20 +02:00
Robin Ward c322cccd53 FIX: Memory Leaks when decorating posts (#7749)
* Remove long-deprecated method

* FIX: Memory Leaks when decorating posts

Previously we'd keep creating mixins dynamically when decorating the
same class.

This code changes the API to recommend an `id` parameter for each
decorator which will avoid leaks. All plugins should be updated to
include this parameter, although if they don't in the meantime it'll
just mean a warning in the console (and a continued leak.)
2019-06-11 17:21:23 +02:00
Neil Lalonde 5d7e34e0ad Update translations 2019-06-10 10:36:08 -04:00
Régis Hanol 84e5d58a0d DEV: make prettier 💅 happy 2019-06-06 12:28:41 +02:00
Régis Hanol c131903e56 FIX: clone dateTime before changing timezone 2019-06-06 11:16:58 +02:00
Joffrey JAFFEUX b339d67401
DEV: refactors select-kit helper to prevent it to leak into global state (#7708) 2019-06-06 10:47:10 +02:00
Guo Xiang Tan 70b73c2159 DEV: Use proper heredoc name. 2019-06-04 16:31:18 +08:00
Bianca Nenciu 63e3d49508 DEV: Add test for poll plugin reduce_excerpt. 2019-06-04 16:30:15 +08:00
Neil Lalonde dbfdce95c9 Update translations 2019-05-30 10:40:16 -04:00
Jeff Atwood dc43828905 add trust level blog link to discobot PM welcome 2019-05-29 18:19:35 -07:00
Régis Hanol 0df5349dbf
FIX: ensure the post url is present
Also don't interpolate a string
2019-05-30 00:05:53 +02:00
Régis Hanol a188d15b08
FIX: reduce poll when post is nil 2019-05-30 00:02:33 +02:00
Bianca Nenciu 227c45107d FEATURE: Implement Onebox for posts including polls. (#7539) 2019-05-29 17:05:52 +02:00
Sam Saffron 1efed6e527 DEV: amend test for anonymous handling to use real data
Previously we relied on fabrication on anonymous, we can not get the
transaction commit pipeline to work as it does in production, cleanly

This amends it so our anonymous user is created using the core APIs

Signed-off-by: Sam Saffron <sam.saffron@gmail.com>
2019-05-29 15:05:37 +10:00
Bianca Nenciu 3a1d99577e FIX: Replace details content with instruction. 2019-05-29 08:36:04 +08:00
Joffrey JAFFEUX b98b994fe7
apply prettier on plugins (#7605) 2019-05-27 11:06:11 +02:00
Joffrey JAFFEUX bfea922167
DEV: global s/this.get\("(\w+)"\)/this.$1 (#7592) 2019-05-27 10:15:39 +02:00
Gerhard Schlager edc6ac0c66 Update translations 2019-05-21 00:04:37 +02:00
Gerhard Schlager 0afcad148a DEV: Always use %{count} in pluralized strings 2019-05-20 23:26:22 +02:00
Gerhard Schlager b788948985 FEATURE: English locale with international date formats
Makes en_US the new default locale
2019-05-20 13:47:20 +02:00
Gerhard Schlager a58aa9b4bf Update translations 2019-05-20 13:42:05 +02:00
Sam Saffron 3c1fa3910f DEV: track the correct channel in specs
These tests are erratically failing due to distributed cache messages that
can land between tests

Ensure we are only looking for the correct messages
2019-05-20 18:27:09 +10:00
Sam Saffron aeb7143aff DEV: correct flaky poll specs
They were relying on a pristine message bus, however current implementation
still uses redis, stuff can get held up and we can end up publishing
distributed cache messages in the middle invalidating the tests
2019-05-17 16:16:02 +10:00
David Taylor 5605dba85c DEV: Automatically annotate plugin models alongside core models 2019-05-13 16:37:47 +01:00
Guo Xiang Tan c00dab89e4 Fix the build take 2. 2019-05-13 11:22:48 +08:00
Guo Xiang Tan 9059a8ca90 Fix the build. 2019-05-13 10:16:26 +08:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan 41f4f9302d UX: Rename discobot tutorial triggers.
We found the previous triggers less straight forward than just calling
it tutorial.

`start new user` -> `start tutorial`
`start new advanced user` -> `start advanced tutorial`
2019-05-10 09:08:16 +08:00
Joffrey JAFFEUX f3a346464e
FIX: allTimezonesd was mistakenly removed (#7513) 2019-05-09 10:22:54 +02:00
Guo Xiang Tan c72f16d927 Follow up to 329969ea20. 2019-05-08 15:36:12 +08:00
Guo Xiang Tan 329969ea20 FIX: Discobot mention tutorial should be case insensitive. 2019-05-07 10:54:22 +08:00
Guo Xiang Tan 61cc0f8c5f Follow up to 152238b4cf. 2019-05-07 09:57:27 +08:00
Guo Xiang Tan 152238b4cf DEV: Prefer `public_send` over `send`. 2019-05-07 09:33:21 +08:00
Joffrey JAFFEUX 1d784c7a18
FEATURE: adds support for dates in polls (#7450) 2019-04-29 10:01:19 +02:00
Tim Lange d5d784b9f2 FIX: Narration Bot now gets site setting for automatic post deletion (#7432) 2019-04-25 07:29:20 +08:00
Joffrey JAFFEUX 0284910125
Update translations 2019-04-24 15:02:04 +02:00
Robin Ward 21b975e71a FIX: Broken plugin spec 2019-04-23 15:29:26 -04:00
Kris 99efd12376 FIX: Url in Russian translation 2019-04-18 17:10:58 -04:00
Joffrey JAFFEUX 5c8213ffd3
removes debugging statement (#7362) 2019-04-11 15:02:38 +02:00
Joffrey JAFFEUX 7dd684744c
UX: sets min date on calendar when initial date is set (#7361) 2019-04-11 14:37:39 +02:00
Joffrey JAFFEUX 46dc38e5a5
UX: minor local-dates form improvements (#7360) 2019-04-11 14:03:53 +02:00
Joffrey JAFFEUX 7226240df3
UX: full revamp of local-dates form (#7357) 2019-04-11 11:14:34 +02:00
Joffrey JAFFEUX ad5edc8bb1
UX: copy and formating improvements to local-dates form (#7343) 2019-04-09 10:33:01 +02:00
Penar Musaraj e50e4b6cc6 Make Prettier happy 2019-04-08 12:03:41 -04:00