Commit Graph

43 Commits

Author SHA1 Message Date
Krzysztof Kotlarek 559c9dfe0a
REVERT: FIX: serialize Flags instead of PostActionType (#28334) 2024-08-13 18:32:11 +10:00
Krzysztof Kotlarek 094052c1ff
FIX: serialize Flags instead of PostActionType (#28259)
### Why?
Before, all flags were static. Therefore, they were stored in class variables and serialized by SiteSerializer. Recently, we added an option for admins to add their own flags or disable existing flags. Therefore, the class variable had to be dropped because it was unsafe for a multisite environment. However, it started causing performance problems. 

### Solution
When a new Flag system is used, instead of using PostActionType, we can serialize Flags and use fragment cache for performance reasons. 

At the same time, we are still supporting deprecated `replace_flags` API call. When it is used, we fall back to the old solution and the admin cannot add custom flags. In a couple of months, we will be able to drop that API function and clean that code properly. However, because it may still be used, redis cache was introduced to improve performance.

To test backward compatibility you can add this code to any plugin
```ruby
  replace_flags do |flag_settings|
    flag_settings.add(
      4,
      :inappropriate,
      topic_type: true,
      notify_type: true,
      auto_action_type: true,
    )
    flag_settings.add(1001, :trolling, topic_type: true, notify_type: true, auto_action_type: true)
  end
```
2024-08-13 11:22:37 +10:00
Krzysztof Kotlarek 25485bddee
FIX: refresh flags cache after update (#27909)
`after_commit` should be used before refreshing processes to be sure that the database is already updated.

Also, MessageBus is used instead of events as MessageBus works correctly with many processes;
2024-07-15 19:45:25 +10:00
David Taylor 2f2da72747
FEATURE: Add experimental tracking of 'real browser' pageviews (#26647)
Our 'page_view_crawler' / 'page_view_anon' metrics are based purely on the User Agent sent by clients. This means that 'badly behaved' bots which are imitating real user agents are counted towards 'anon' page views.

This commit introduces a new method of tracking visitors. When an initial HTML request is made, we assume it is a 'non-browser' request (i.e. a bot). Then, once the JS application has booted, we notify the server to count it as a 'browser' request. This reliance on a JavaScript-capable browser matches up more closely to dedicated analytics systems like Google Analytics.

Existing data collection and graphs are unchanged. Data collected via the new technique is available in a new 'experimental' report.
2024-04-25 11:00:01 +01:00
David Taylor eee97ad29a
DEV: Patch capybara to ignore client-triggered errors (#19972)
In dev/prod, these are absorbed by unicorn. Most commonly, they occur when a client interrupts a message-bus long-polling request.

Also reverts the EPIPE workaround introduced in 011c9b9973
2023-01-24 11:07:29 +00:00
David Taylor 011c9b9973
DEV: Use message-bus chunked encoding in development (#19878)
This was previously disabled because of incompatibility with the ember-cli proxy. This commit fixes that incompatibility, and restores the development behaviour to match production.

There were three issues at play:

1. Our bootstrap-js addon handles the forwarding of most requests in the ember-cli proxy. This is not built to handle streaming responses. Solution: skip our custom request processing for `/message-bus/*` and use ember-cli's default `http-proxy`.

2. The request/response size-limiting middleware (`rawMiddleware`) would apply even to unhandled paths, causing request and response bodies to be buffered. Solution: skip it for any paths which are not handled by our custom addon.

3. Expressjs servers will buffer/compress responses. Solution: add `Cache-Control: no-transform` to message-bus responses. For now I've done this in development only, but it may be useful to add it to message-bus's default headers in future
2023-01-17 09:54:33 +00:00
David Taylor 7c77cc6a58
DEV: Apply syntax_tree formatting to `config/*` 2023-01-09 11:13:29 +00:00
Alan Guo Xiang Tan d0c2eb3359
DEV: Drop `enable_long_polling` and `long_polling_interval` settings (#16323)
Scheduled to drop in 2.9.

Co-authored-by: Loïc Guitaut <loic@discourse.org>
2022-03-30 16:32:40 +08:00
David Taylor 98a7fa3d1a
PERF: Bump message_bus to 4.2 (#16026)
This includes upstream performance improvements. For details, see 1baa1ea4a5
2022-02-22 16:16:02 +00:00
Jarek Radosz aee9fcd257
DEV: Update message_bus to 4.0.0 (#15553) 2022-01-13 08:14:52 +11:00
Alan Guo Xiang Tan bd034485d7 SECURITY: Disable MessageBus::Diagnostics.
MessageBus::Diagnostics allows anyone with access to carry out certain
operations that may result in a denial of service. The impact of this is
greater on multisiite clusters.
2021-12-17 14:45:26 +08:00
Daniel Waterworth fa3c4ad28b
DEV: Deprecate message bus site settings (#14465)
It makes much more sense for these to be GlobalSettings, since, in
multisite clusters, only the default site's settings would be respected.

Co-authored-by: David Taylor <david@taylorhq.com>
2021-11-11 11:12:25 -06:00
Rafael dos Santos Silva 6ad76520b8
FEATURE: Cache CORS preflight for MessageBus (#14616)
* FEATURE: Cache CORS preflight for MessageBus

Followup for b301a6b for MessageBus
2021-10-15 00:23:53 -03:00
Alan Guo Xiang Tan 62399ca387
DEV: Log env on error when looking up user in message_bus. (#13208)
This will provide more information about the request and make the error
debuggable.
2021-06-01 11:15:26 +10:00
Jarek Radosz 6ff888bd2c
DEV: Retry-after header values should be strings (#12475)
Fixes `Rack::Lint::LintError: a header value must be a String, but the value of 'Retry-After' is a Integer`. (see: 14a236b4f0/lib/rack/lint.rb (L676))

I found it when I got flooded by those warning a while back in a test-related accident 😉 (ember CLI tests were hitting a local rails server at a fast rate)
2021-03-23 20:32:36 +01:00
Sam Saffron 25f1f23288
FEATURE: Stricter rules for user presence
Previously we would consider a user "present" and "last seen" if the
browser window was visible.

This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.

Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility

This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
2020-03-26 17:36:52 +11:00
David Taylor 92f2202e4a SECURITY: Restrict message-bus access on login_required sites 2019-08-14 09:43:12 +01:00
Sam Saffron 1f47ed1ea3 PERF: message_bus will be deferred by server when flooded
The message_bus performs a fair amount of work prior to hijacking requests
this change ensures that if there is a situation where the server is flooded
message_bus will inform client to back off for 30 seconds + random(120 secs)

This back-off is ultra cheap and happens very early in the middleware.

It corrects a situation where a flood to message bus could cause the app
to become unresponsive

MessageBus update is here to ensure message_bus gem properly respects
Retry-After header and status 429.

Under normal state this code should never trigger, to disable raise the
value of DISCOURSE_REJECT_MESSAGE_BUS_QUEUE_SECONDS, default is to tell
message bus to go away if we are queueing for 100ms or longer
2019-08-09 17:48:01 +10:00
Sam fa2a5f6f56
FEATURE: SKIP_DB_AND_REDIS env var (#7756)
Sometimes we would like to create a base image without any DB access, this
assists in creating custom base images with custom plugins that already
includes `public/assets`

Following this change set you can run:

```
SPROCKETS_CONCURRENT=1 DONT_PRECOMPILE_CSS=1 SKIP_DB_AND_REDIS=1 RAILS_ENV=production bin/rake assets:precompile
```

Then it is straight forward to create a base image without needing a DB or
Redis.
2019-06-13 12:58:27 +10:00
Sam Saffron b114bcd294 DEV: switch message bus backend to memory for tests
This backend is a bit faster and well tested, this is part of a longer
term plan to have a `backend: :memory, threaded: false` type config for
message bus which we can use in test.

The threading in message bus causes all sorts of surprises in test, it will
be nice not to be beholden to them.
2019-05-29 16:34:55 +10:00
Rafael dos Santos Silva 315a38e0e3 FEATURE: Allow running message_bus in a different redis instance (#7616)
Adds `DISCOURSE_MESSAGE_BUS_REDIS_ENABLED` env var, that when set
to true, will allow Discourse to connect to a different redis
instance for MessageBus needs.

When enabled you can configure the same env vars user for redis,
but prefixed by `MESSAGE_BUS`, eg:

`DISCOURSE_MESSAGE_BUS_REDIS_HOST`
2019-05-28 15:52:43 +10:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Sam 665ade50c6 SECURITY: extra CORS headers should be set on correct host 2018-07-11 09:29:02 +10:00
Sam b97b426d34 Revert "FIX: wrong site origin in message bus header"
This reverts commit 93b49a0dd5.
2018-07-11 09:26:43 +10:00
Neil Lalonde 93b49a0dd5 FIX: wrong site origin in message bus header 2018-07-10 15:01:03 -04:00
Sam 26ce930ac6 FIX: remove auth cookie if we see InvalidAccess 2018-04-20 11:21:51 +10:00
Kyle Zhao f7bd05e534 FEATURE: set 'Retry-After' header for 429 responses (#5659) 2018-03-13 23:12:41 +08:00
Sam 0134e41286 FEATURE: detect when client thinks user is logged on but is not
This cleans up an error condition where UI thinks a user is logged on
but the user is not. If this happens user will be prompted to refresh.
2018-03-06 16:49:31 +11:00
Guo Xiang Tan d2ac7a9476 Partially revert 4e89d3f778.
* SiteSetting uses DistributedCache which depends on MessageBus.
  Therefore, we need to initialize MessageBus first.
2017-10-12 15:15:24 +08:00
Guo Xiang Tan 4e89d3f778 Only refresh site settings once on initialization. 2017-10-12 14:12:18 +08:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Neil Lalonde 0f1495e64e FIX: also add Discourse-Visible to allowed headers for message bus 2017-03-06 16:00:37 -05:00
Sam 50379183e1 FIX: allow the Dont-Chunk header for remote message bus access 2016-08-31 12:57:19 +10:00
Sam 846a08d3c7 FIX: improve error results for message bus failures 2016-08-25 15:39:39 +10:00
Sam Saffron 209b022385 PERF: cut down on memory usage allowed to redis
This limits the amount of backlog message bus channels can have.
2016-02-04 13:58:38 +11:00
Sam 65edbb609c Revert "Revert message bus upgrade"
This reverts commit 47e718f5b2.
2015-12-09 11:48:41 +11:00
Sam 47e718f5b2 Revert message bus upgrade 2015-12-09 11:45:11 +11:00
Sam d8795a5345 FIX: missing site id lookup causing message bus cross talk in multisite 2015-12-09 07:55:43 +11:00
Sam 2cc95af69b Revert "REVERT: message bus changes"
This reverts commit 4820d5c7b0.
2015-12-09 07:36:36 +11:00
Robin Ward 4820d5c7b0 REVERT: message bus changes 2015-12-08 15:32:31 -05:00
Sam c866d5b42d Revert "Revert "PERF: move message bus to the front of the middleware stack""
This reverts commit cd1dd18f01.
2015-12-08 07:11:28 +11:00
Robin Ward cd1dd18f01 Revert "PERF: move message bus to the front of the middleware stack"
I suspect this commit is preventing Sidekiq from running inprocess.
2015-12-07 14:57:23 -05:00
Sam c04bcf8655 PERF: move message bus to the front of the middleware stack
Organise all initializers so they are properly ordered and use the same naming scheme
2015-12-07 14:51:24 +11:00