Commit Graph

50915 Commits

Author SHA1 Message Date
Jarek Radosz 5e7287eba5
DEV: Convert sticky-avatars into a modifier (#23060)
Instead of a initializer and a lib class (that needed access to the ownership system)
2023-09-06 11:32:08 +02:00
Ted Johansson e74560f062
FIX: Don't mix up action labels between different reviewables (#23365)
Currently, if the review queue has both a flagged post and a flagged chat message, one of the two will have some of the labels of their actions replaced by those of the other. In other words, the labels are getting mixed up. For example, a flagged chat message might show up with an action labelled "Delete post".

This is happening because when using bundles, we are sending along the actions in a separate part of the response, so they can be shared by many reviewables. The bundles then index into this bag of actions by their ID, which is something generic describing the server action, e.g. "agree_and_delete".

The problem here is the same action can have different labels depending on the type of reviewable. Now that the bag of actions contains multiple actions with the same ID, which one is chosen is arbitrary. I.e. it doesn't distinguish based on the type of the reviewable.

This change adds an additional field to the actions, server_action, which now contains what used to be the ID. Meanwhile, the ID has been turned into a concatenation of the reviewable type and the server action, e.g. post-agree_and_delete.

This still provides the upside of denormalizing the actions while allowing for different reviewable types to have different labels and descriptions.

At first I thought I would prepend the reviewable type to the ID, but this doesn't work well because the ID is used on the server-side to determine which actions are possible, and these need to be shared between different reviewables. Hence the introduction of server_action, which now serves that purpose.

I also thought about changing the way that the bundle indexes into the bag of actions, but this is happening through some EmberJS mechanism, so we don't own that code.
2023-09-06 10:57:30 +08:00
Jeff Wong 2829898951 Add plugin outlet for after-panel-body in user menu
Similar to panel-body-bottom but shows up outside the div, and
shows even during EmptyStateComponent is shown.
2023-09-05 18:22:05 -07:00
Jeff Wong bbc7518b0f FIX: tests 2023-09-05 18:21:51 -07:00
Jeff Wong a8324395e9 FEATURE: add silence reason dropdown to admin penalty reason
Adds dropdown list for pre-defined penalty options to silence to
mirror options on suspension list.
2023-09-05 18:21:51 -07:00
Alan Guo Xiang Tan 7cc5501cfd
DEV: Remove outdated ENV in docker.rake that is no longer being used (#23428)
We now have `USE_TURBO` which relis on `turbo_rspec`.
2023-09-06 09:07:57 +08:00
Jarek Radosz b55a5cbbb2
DEV: Remove unnecessary `assert.expect`s (#23426)
And one superfluous `run`. And add an assert to user-badge test. And replace `expect` with `allSettled` in rest-model tests.
2023-09-06 02:16:50 +02:00
Jarek Radosz ee3ac739f3
DEV: Don't run dev-only code in specs (#23427)
This was causing the following notice to be printed out when running system specs:

```
I did no detect a custom `config/dev.yml` file, creating one for you where you can amend defaults.
```

(since 61571bee43)
2023-09-06 02:14:57 +02:00
dependabot[bot] 769e0c0d5b
Build(deps): Bump globalid from 1.2.0 to 1.2.1 (#23423)
Bumps [globalid](https://github.com/rails/globalid) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/rails/globalid/releases)
- [Commits](https://github.com/rails/globalid/compare/v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: globalid
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-06 01:41:29 +02:00
Martin Brennan c532f6eb3d
FEATURE: Secure uploads in PMs only (#23398)
This adds a new secure_uploads_pm_only site setting. When secure_uploads
is true with this setting, only uploads created in PMs will be marked
secure; no uploads in secure categories will be marked as secure, and
the login_required site setting has no bearing on upload security
either.

This is meant to be a stopgap solution to prevent secure uploads
in a single place (private messages) for sensitive admin data exports.
Ideally we would want a more comprehensive way of saying that certain
upload types get secured which is a hybrid/mixed mode secure uploads,
but for now this will do the trick.
2023-09-06 09:39:09 +10:00
Martin Brennan de9b567c19
FIX: Admins not able to convert topics if they aren't in personal_message_enabled_groups (#23399)
Admins are always able to send PMs, so it doesn't make
sense that they shouldn't be able to convert topics just
because they aren't in personal_message_enabled_groups.
2023-09-06 09:17:40 +10:00
Isaac Janzen 152a99b3f4
DEV: Allow uploadUrl to be based to `theme-upload-add` modal (#23415) 2023-09-05 15:36:48 -05:00
Jarek Radosz d308360376
FIX: An incorrect import (#23414)
Introduced in bb2d1f8703
2023-09-05 22:11:20 +02:00
Jarek Radosz 1ca4e7241e
UX: Fix checkbox slider (#23412) 2023-09-05 22:08:44 +02:00
David Taylor 8d7c4aebf4
DEV: Update application_helper_spec following 1bd00076 (#23413)
The 'discourse' script will now include all its related webpack chunks. That means that, if you have compiled JS assets, this spec started failing. This commit switches the specs to use a different js file, which does not have associated webpack chunks.
2023-09-05 20:56:03 +01:00
David Taylor 534f62cf5b
FIX: Respect default category sort when `filter=default` (#23411)
Previously we would respect it if the filter was `nil`, but if `default` was explicitly passed then it would ignore the category order settings. This explicit passing of `filter=default` happens for some types of navigations in the JS app.

This extends the fix from 92bc61b4be
2023-09-05 19:05:30 +01:00
David Taylor 2ed223fced
DEV: Move from babel-plugin-debug-macros fork to in-repo patch (#22702) 2023-09-05 18:07:56 +01:00
Isaac Janzen bb2d1f8703
DEV: Convert `login` modal to component-based API (#23093)
# Desktop
##### Before
<img width="865" alt="Screenshot 2023-08-17 at 1 32 02 PM" src="https://github.com/discourse/discourse/assets/50783505/1691ae34-8cc3-4deb-bee0-748851a43f6c">

##### After
<img width="818" alt="Screenshot 2023-08-17 at 1 34 13 PM" src="https://github.com/discourse/discourse/assets/50783505/0dcc6d95-270f-44a1-8582-5f7bf89e7e2c">

# Mobile
##### Before
<img width="364" alt="Screenshot 2023-08-17 at 1 28 20 PM" src="https://github.com/discourse/discourse/assets/50783505/6758b7f9-da65-464e-b289-d43177218026">

##### After
<img width="365" alt="Screenshot 2023-08-17 at 1 28 33 PM" src="https://github.com/discourse/discourse/assets/50783505/f32f28d3-a48c-485f-91eb-dc6bcaf8a2e1">

# Changes Made
- I took the liberty to hide the password <kbd>Show</kbd> / <kbd>Hide</kbd> toggle when no password present.
##### Before
<img width="237" alt="Screenshot 2023-08-15 at 4 46 16 PM" src="https://github.com/discourse/discourse/assets/50783505/dfa46535-27ea-4756-8cb0-2c1108505ec7">
<img width="240" alt="Screenshot 2023-08-15 at 4 43 03 PM" src="https://github.com/discourse/discourse/assets/50783505/b1b9bacd-8b11-4fb5-89ce-53135417193f">
<img width="244" alt="Screenshot 2023-08-15 at 4 42 58 PM" src="https://github.com/discourse/discourse/assets/50783505/88f3176b-fc25-4d0b-8193-967bf898f113">

##### After
<img width="263" alt="Screenshot 2023-08-15 at 4 45 47 PM" src="https://github.com/discourse/discourse/assets/50783505/48241693-5b0b-4c21-8a06-e14262ede79c">
<img width="268" alt="Screenshot 2023-08-15 at 4 45 50 PM" src="https://github.com/discourse/discourse/assets/50783505/3c2c4aeb-6fde-45c5-8e45-2879ecb7ead2">
<img width="221" alt="Screenshot 2023-08-15 at 4 45 39 PM" src="https://github.com/discourse/discourse/assets/50783505/94406f13-6b20-484c-831e-1b828600cccf">
2023-09-05 12:01:39 -05:00
Roman Rizzi 7a34ea7953
DEV: Outlet for unobtrusive secondary full-page search. (#23390)
`discourse-ai` will use the outlet to perform a parallel semantic search.
2023-09-05 10:45:09 -03:00
Discourse Translator Bot 2768f3a968
Update translations (#23408) 2023-09-05 15:42:34 +02:00
Jarek Radosz 2dbec2e836
DEV: Apply ember-this-fallback patches sequentially (#23407) 2023-09-05 12:50:15 +02:00
Loïc Guitaut 7d0d0e48bc DEV: Add missing keyboard shortcut on cheatsheet
PR #23387 introduced a new keyboard shortcut to archive private
messages, but the new shortcut wasn’t added to the keyboard shortcuts
cheatsheet.
2023-09-05 11:59:38 +02:00
Jarek Radosz c285f4133f
DEV: Enable ember-this-fallback in themes (#23384)
Co-authored-by: David Taylor <david@taylorhq.com>
2023-09-05 11:16:12 +02:00
Ted Johansson 752a2cc654
DEV: Handle bad parameters in TopicsController#wordpress (#23404)
We're seeing a large number of log noise from this endpoint due to malicious scanners that are trying to send clever params and seeing if they can break something.

This change simply rescues any NoMethodError during parameter parsing and re-raises a Discourse::InvalidParameters exception, which will be caught and render a 400.
2023-09-05 16:35:46 +08:00
Loïc Guitaut cf8c3cf3f0 FEATURE: Add a shortcut to archive PM
This patch adds a new shortcut to allow archiving private messages. When
on a private message page, just type `a` to archive it. Typing `a` on an
already archived message will move it back to inbox.
2023-09-05 09:44:05 +02:00
Sam 98dfc9df3f
DEV: relative_url_root is used for subfolder installs add comment (#23403)
The word subfolder is used commonly to describe subdirectory installs
2023-09-05 17:06:31 +10:00
Alan Guo Xiang Tan 738343d4d2
DEV: Remove unused line of comment (#23401)
Wizard tests have been merged into core so the env isn't being used
anymore.
2023-09-05 14:28:23 +08:00
Arpit Jalan e5f3c26d20
FEATURE: add group filter for admin reports (#23381)
FEATURE: add group filter for admin reports

DEV: add plugin outlet for admin dashboard tabs
2023-09-05 11:17:18 +05:30
Ted Johansson d1253bc3af
DEV: Include context question for chat reviewables (#23332)
Chat review queue flags were missing the context message above the actions.

This is probably because the (reasonably complex) logic was somewhat hard-coded to posts. After some investigation I concluded we can reuse this logic with some small amendments.
2023-09-05 10:11:39 +08:00
dependabot[bot] 29c3f1557a
Build(deps-dev): Bump terser in /app/assets/javascripts (#23397)
Bumps [terser](https://github.com/terser/terser) from 5.19.3 to 5.19.4.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.19.3...v5.19.4)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-05 00:28:38 +02:00
dependabot[bot] df3770fcca
Build(deps-dev): Bump the babel group (#23396)
Bumps the babel group in /app/assets/javascripts with 2 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) and [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone).


Updates `@babel/core` from 7.22.11 to 7.22.15
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.22.15/packages/babel-core)

Updates `@babel/standalone` from 7.22.14 to 7.22.15
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.22.15/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: babel
- dependency-name: "@babel/standalone"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-05 00:27:27 +02:00
David Taylor 082ccdbd66
DEV: Reduce theme-qunit smoke test timeout (#23394)
The theme tests we use for the smoke-test typically take 3-4 seconds to complete. This commit reduces the timeout from 10 minutes to 20 seconds, so that failures are detected more quickl
2023-09-04 23:10:40 +01:00
David Taylor 3c63db9123
FIX: Update asset precompile list following c7dce90f (#23393)
`test-helpers.js` no longer exists. We need `tests.js` instead.
2023-09-04 23:06:43 +01:00
David Taylor 30fbfb0fbb
DEV: Introduce theme-qunit system spec (#23389)
This was intended to be included as part of c7dce90f43
2023-09-04 22:50:05 +01:00
chapoi bf971b022d
UX: lower z-index (#23386)
* UX: lower z-index

* Update plugins/chat/assets/stylesheets/common/chat-side-panel-resizer.scss

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-09-04 22:30:51 +02:00
David Taylor c7dce90f43
DEV: Switch to using standard ember-cli test bundle (#23337)
Previously we were patching ember-cli so that it would split the test bundle into two halves: the helpers, and the tests themselves. This was done so that we could use the helpers for `/theme-qunit` without needing to load all the core tests. This patch has proven problematic to maintain, and will become even harder under Embroider.

This commit removes the patch, so that ember-cli goes back to generating a single `tests.js` bundle. This means that core test definitions will now be included in the bundle when using `/theme-qunit`, and so this commit also updates our test module filter to exclude them from the run. This is the same way that we handle plugin tests on the regular `/tests` route, and is fully supported by qunit.

For now, this keeps `/theme-qunit` working in both development and production environments. However, we are very likely to drop support in production as part of the move to Embroider.
2023-09-04 17:09:55 +01:00
David Taylor f645706e6e
DEV: Cachebust workbox assets (#23383)
The changes in e1d27400f5 slightly changed the sourcemap paths of our workbox assets. The sourcemaps now have the extension `.prod.map` instead of `prod.js.map`. However, since the version number of workbox didn't change, the directory digest remained the same, and so cached versions of the JS were pointing to the now-nonexistant map files.

This commit introduces a cachebusting constant which we can bump for these kinds of changes in future.
2023-09-04 16:04:39 +01:00
Jan Cernik aaf47c02bc
DEV: Refactor chat oneboxes (#23031)
- moves the onebox logic away from `plugin.rb` to a new `onebox_handler` lib
- splits the `discourse_chat_message` template into two: one for channels, and one for messages
- refactors the logic code slightly to send only the necessary arguments to each template

This commit shouldn't change end-user behavior.
2023-09-04 16:55:02 +02:00
Andrei Prigorshnev 3ee77c29a5
DEV: no need to track status of a deleted user (#22836)
It is hard to catch and debug potential bugs related to live updates of user status 
(though, we haven't seen many such bugs so far). We have a `console.warn` 
statement that should help us to catch one class of such bugs.

Recently, we noticed that this warning gets printed when a user had a chat with 
a user that was then deleted.

This is not a bug, since there is nothing to track for a deleted user, but we don't 
want this noise on the console. This PR makes sure we don't print a warning in 
such cases.
2023-09-04 17:00:09 +04:00
David Taylor b59f1ad4ee
DEV: Improve strategy for identifying ember-cli JS chunks (#23382)
Our Ember build compiles assets into multiple chunks. In the past, we used the output from ember-auto-import-chunks-json-generator to give Rails a map of those chunks. However, that addon is specific to ember-auto-import, and is not compatible with Embroider.

Instead, we can switch to parsing the html files which are output by ember-cli. These are guaranteed to have the correct JS files in the correct place. A <discourse-chunked-script> will allow us to easily identify which chunks belong to which entrypoint.

In future, as we update more entrypoints to be compiled by Embroider/Webpack, we can easily introduce new wrappers.

Previously applied in 2c58d45 and reverted in 24d46fd. This version has been updated for subfolder support.
2023-09-04 13:56:34 +01:00
David Taylor ab13029479
DEV: Install ember-this-fallback for plugins (#21236)
This will allow us to extend the deprecation period for this-property-fallback beyond Ember 4.x, to give more time for plugin developers to update their templates.
2023-09-04 13:23:20 +01:00
dependabot[bot] 3ffb3afd25
Build(deps-dev): Bump selenium-webdriver from 4.11.0 to 4.12.0 (#23360)
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.11.0 to 4.12.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.11.0...selenium-4.12.0)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 13:08:27 +02:00
dependabot[bot] 76694d24c5
Build(deps-dev): Bump the babel group (#23342)
Bumps the babel group in /app/assets/javascripts with 1 update: [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone).

- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.22.14/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 12:12:39 +02:00
Natalie Tay 187f9a9495
FIX: Replying to OP is a reply to the topic, not the post (#23380)
Clicking on the OP's Reply button twice results in the post being a reply to post number 1. This is a fix for that.
2023-09-04 17:06:41 +08:00
Chris Rendle-Short 7ea3079e3e
FIX: Update DIRECT_UPLOAD CORS ruleset to include new Amazon signing headers (#23379)
New headers were added to upload PUT requests as part of a MinIO update (cf42466). This change updates the asset bucket CORS ruleset to allow the new headers in the preflight request.

See https://dev.discourse.org/t/111136



Co-authored-by: Sam Saffron <sam.saffron@gmail.com>
2023-09-04 16:09:52 +10:00
Penar Musaraj 0a3f1852c6
DEV: Add system test for user security keys (#23372) 2023-09-04 12:07:20 +10:00
dependabot[bot] d108762c94
Build(deps): Bump css_parser from 1.15.0 to 1.16.0 (#23376)
Bumps [css_parser](https://github.com/premailer/css_parser) from 1.15.0 to 1.16.0.
- [Changelog](https://github.com/premailer/css_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/premailer/css_parser/compare/v1.15.0...v1.16.0)

---
updated-dependencies:
- dependency-name: css_parser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 09:41:11 +08:00
dependabot[bot] 53ee50a5ca
Build(deps): Bump globalid from 1.1.0 to 1.2.0 (#23375)
Bumps [globalid](https://github.com/rails/globalid) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/rails/globalid/releases)
- [Commits](https://github.com/rails/globalid/compare/v1.1.0...v1.2.0)

---
updated-dependencies:
- dependency-name: globalid
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 09:40:57 +08:00
dependabot[bot] b234465aa1
Build(deps): Bump oj from 3.16.0 to 3.16.1 (#23377)
Bumps [oj](https://github.com/ohler55/oj) from 3.16.0 to 3.16.1.
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.16.0...v3.16.1)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-04 09:40:41 +08:00
Selase Krakani 9f42a235ab
FIX: Attribute pending post to author in `PendingPostSerialier` (#23369)
This fixes a regression introduced by an earlier change which changed `ReviewableQueuedPost`
record creation to use the more appropriate `target_created_by_id` for the  author of the post
being queued instead of setting it to the creator(system user) of the `ReviewableQueuedPost` record.
2023-09-03 22:14:51 +00:00