Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
39,211 Commits 260 Branches 502 Tags 850 MiB
Commit Graph

23288 Commits

Author SHA1 Message Date
Guo Xiang Tan 5ef9d4d537 PERF: Use 1 query to load group and tag notification default. 2020-09-10 13:19:43 +08:00
Martin Brennan 40d5739a80
DEV: Review fixes for bookmark-list (#10642) 
Make removeBookmark return a promise and do not use setProperties for no reason.

More context at https://review.discourse.org/t/fix-add-bookmark-list-component-10451/14450/3
 2020-09-10 15:01:53 +10:00
Guo Xiang Tan 521782fc9c
FIX: Search checkboxes incorrectly being checked on similar prefix. 
Incorrect search filters like `in:personalasd` will end up checking the
checkbox for `in:personal` because the regexp used was only doing prefix
matching.
 2020-09-10 11:49:52 +08:00
Martin Brennan 7f2f87bf59
DEV: Review fixes (#10641) 
See comments in https://review.discourse.org/t/dev-imap-log-to-database-10435/14337/6 for context.
 2020-09-10 13:41:46 +10:00
Martin Brennan dede942007
FEATURE: Allow email image embed with secure media (#10563) 
This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced:

* `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them.
* `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`.

`Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients.

All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`.

Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions.

![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
 2020-09-10 09:50:16 +10:00
Ahmed Gagan 097f06b4fa
DEV: Add plugin api for adding to search-advanced-options dropdowns (#10606) 2020-09-09 15:17:39 +01:00
Joffrey JAFFEUX 38c934e1e1
UX: prevents auto capitalize/correct in the emoji picker (#10636) 2020-09-09 15:43:18 +02:00
Guo Xiang Tan 4994b0ed34
PERF: Remove an unncessary query when check for dark mode. 2020-09-09 15:18:52 +08:00
Guo Xiang Tan fb7bbae3f4
PERF: Memoize calls to `ApplicationHelper#scheme_id`. 
The same query was executed 4 times per full page load.
 2020-09-09 15:15:15 +08:00
Guo Xiang Tan 9b75d95fc6 PERF: Keep track of first unread PM and first unread group PM for user. 
This optimization helps to filter away topics so that the joins on
related tables when querying for unread messages is not expensive.
 2020-09-09 14:05:41 +08:00
Robin Ward 4dd07843c6 FIX: We have changed the way `__widget_helpers` are resolved 2020-09-08 12:10:59 -04:00
Joffrey JAFFEUX 8413d27cf2
FIX: handles different cases of canInvite/canRemove states in PM (#10607) 2020-09-08 16:35:59 +02:00
dependabot[bot] d21119ee4f Build(deps): Bump lodash in /app/assets/javascripts/pretty-text 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-08 10:25:45 -04:00
dependabot[bot] 00e2339e82 Build(deps): Bump lodash in /app/assets/javascripts/discourse-common 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-08 10:25:31 -04:00
Joffrey JAFFEUX 02495510e8
FIX: workaround constructor name not available after transpilation (#10623) 
This is only reproducible en production build. In this case, constructor.name could be any value like "i" for example.
 2020-09-08 10:14:41 +02:00
Guo Xiang Tan b0f22f2523
SECURITY: Remove indication that a group exists if user can't see it. 
Minor security fix but we should not leak any hints that a group exists
even if a user does not have access to the group.
 2020-09-08 10:53:48 +08:00
Guo Xiang Tan 5ed84d9885
SECURITY: Don't allow moderators to list PMs of all groups. 
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
 2020-09-08 10:37:00 +08:00
Joffrey JAFFEUX 0b8e7d88fe
FIX: wraps popper call in afterRender and uses createPopper (#10621) 
Before this fix, popper was sometimes not applied.
 2020-09-07 13:33:52 +02:00
dependabot[bot] 27751ca69f
Build(deps): Bump websocket-extensions (#10617) 
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:02:38 +02:00
dependabot[bot] b191ea4f59
Build(deps): Bump websocket-extensions (#10615) 
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:02:27 +02:00
dependabot[bot] 2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text (#10611) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:02:09 +02:00
dependabot[bot] 6bff8636e2
Build(deps): Bump elliptic in /app/assets/javascripts/discourse-common (#10612) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:01:37 +02:00
dependabot[bot] 9b187b7e11
Build(deps): Bump http-proxy in /app/assets/javascripts/discourse-common (#10613) 
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:00:25 +02:00
dependabot[bot] c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text (#10614) 
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:00:10 +02:00
awesomerobot 13c9d7e704 UX: Add missing labels to mobile composer buttons 2020-09-04 22:18:29 -04:00
Robin Ward da918ac43e FIX: Allow us to call `script_asset_url` in controllers 
Without this patch fingerprinting was not applied in production.
 2020-09-04 15:23:01 -04:00
Robin Ward 0f9a58e06f FEATURE: Add stylesheets to bootstrap.json endpoint 
This allows API consumers (such as Ember CLI) to dynamically get a list
of styles to embed.
 2020-09-04 14:12:49 -04:00
Joffrey JAFFEUX c5b8a47901
FIX: ensures we don't attempt to concat an empty list (#10600) 2020-09-04 19:08:07 +02:00
Bianca Nenciu d4471e0316
FIX: Preload bold fonts in wizard 
The bold fonts are used in previews for topic title.
 2020-09-04 19:23:46 +03:00
Joffrey JAFFEUX ed05839dfc
FIX: prevents error when opening a composer from a tag page (#10596) 2020-09-04 15:47:22 +02:00
Bianca Nenciu 58b97ace23
DEV: Use a special import to declare font faces (#10583) 
Update discourse-fonts to v0.0.3.

Follow-up to 7b7357147e.
 2020-09-04 16:25:50 +03:00
Joffrey JAFFEUX 52672b9eab
DEV: apply new coding standards (#10592) 2020-09-04 13:42:47 +02:00
awesomerobot e4ebc303bb FEATURE: Add below-static plugin outlet 2020-09-03 22:58:58 -04:00
Vinoth Kannan ea423b471a FIX: make crawler linkback list compatible with google schema guidelines. 2020-09-04 04:35:32 +05:30
Robin Ward 8c0f18794e FEATURE: Deprecate lodash so we can remove it. 
It's currently 240k of Javascript we don't need anymore. It's been
replaced by ES6 and a couple helper functions.
 2020-09-03 10:03:33 -04:00
Robin Ward 3a46e44ed8 Rename `merge` to `deepMerge` so it's more clear what it's doing 2020-09-03 10:03:33 -04:00
Robin Ward f365d4639a REFACTOR: Remove `_.isEqual` 2020-09-03 10:03:33 -04:00
Robin Ward c4079780be REFACTOR: Remove `_.merge` 2020-09-03 10:03:33 -04:00
Robin Ward 720cd57fb5 FIX: Convert jQuery array to JS array 2020-09-03 10:03:33 -04:00
Robin Ward 5e5d5b4f35 REFACTOR: Remove `_.last` 2020-09-03 10:03:33 -04:00
Robin Ward 0da953b40e REFACTOR: Remove `_.compact` 2020-09-03 10:03:33 -04:00
Robin Ward c2cfa62000 REFACTOR: Remove `_.intersection` 2020-09-03 10:03:33 -04:00
Robin Ward 0b098566ff REFACTOR: Remove `_.union` 2020-09-03 10:03:33 -04:00
Robin Ward e60d06d880 REFACTOR: Remove `_.isString` 2020-09-03 10:03:33 -04:00
Robin Ward b4444070b3 REFACTOR: Remove `_.groupBy` 2020-09-03 10:03:33 -04:00
Robin Ward 1265a5f7c0 REFACTOR: Remove `_.max` 2020-09-03 10:03:33 -04:00
Robin Ward d06deb0c4f REFACTOR: Remove `_.chain` 2020-09-03 10:03:33 -04:00
Robin Ward 71ddcefffa REFACTOR: Remove `_.filter` 2020-09-03 10:03:33 -04:00
Robin Ward 87b3caf927 REFACTOR: Remove `_.reject` 2020-09-03 10:03:33 -04:00
Robin Ward 2a4dfa83b0 REFACTOR: Remove `_.omit` 2020-09-03 10:03:33 -04:00