Commit Graph

40545 Commits

Author SHA1 Message Date
Martin Brennan 6d72c8ab19
FEATURE: Topic timer UI revamp (#11912)
This PR revamps the topic timer UI, using the time shortcut selector from the bookmark modal.

* Fixes an issue where the duration of hours/days after last reply or auto delete replies was not enforced to be > 0
* Fixed an issue where the timer dropdown options were not reloaded correctly if the topic status changes in the background (use `MessageBus` to publish topic state in the open/close timer jobs)
* Moved the duration input and the "based on last post" option from the `future-date-input` component, as it was only used for topic timers. Also moved out the notice that is displayed which was also only relevant for topic timers.
2021-02-03 10:13:32 +10:00
Robin Ward f39ae8a903
SECURITY: Rate limit MFA by login if possible (#11938)
This ensures we rate limit on logins where possible, we also normalize logins for the rate limiters centrally.
2021-02-03 10:26:28 +11:00
Rafael dos Santos Silva 78c775c39e
UX: Remove border from certificate due to iframe (#11935) 2021-02-02 20:05:26 -03:00
dependabot[bot] 1945daf46e
Build(deps): Bump rubocop-rspec from 2.1.0 to 2.2.0 (#11939)
Bumps [rubocop-rspec](https://github.com/rubocop-hq/rubocop-rspec) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-rspec/compare/v2.1.0...v2.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-02 22:51:10 +01:00
Vinoth Kannan e6a02469ad
DEV: refresh all CDN endpoint URLs except the S3 uploads & assets. (#11937)
Using this added a temporary query param to force browsers to redownload all CDN endpoints.
2021-02-03 02:22:01 +05:30
Kris 2ee63a6a83
DEV: Update icon structure in bootbox buttons (#11925) 2021-02-02 15:47:10 -05:00
Kris 75d766499f
Update a couple buttons to use correct markup (#11926) 2021-02-02 15:46:48 -05:00
Penar Musaraj e8b82724fd
DEV: Refactor theme SCSS compilation (#11919) 2021-02-02 13:09:41 -05:00
Gerhard Schlager f88def5f5b
PERF: Avoid lookbehinds when replacing links in imported emails (#11931)
Follow-up to 3c678df942
2021-02-02 17:34:00 +01:00
Joffrey JAFFEUX 12a4fefef6
FIX: ensures rects is present before using it (#11930)
I don't have a clear reproduction ATM, but I imagine that in fast tests element can get destroyed before we get to use it.
2021-02-02 14:43:13 +01:00
Gerhard Schlager fa33e4863d
DEV: Remove deprecated bootsnap options (#11929)
Bootsnap started printing these warnings:

```
[DEPRECATED] Bootsnap's `autoload_paths_cache:` option is deprecated and will be removed. If you use Zeitwerk this option is useless, and if you are still using the classic autoloader upgrading is recommended.
[DEPRECATED] Bootsnap's `disable_trace:` option is deprecated and will be removed. If you use Ruby 2.5 or newer this option is useless, if not upgrading is recommended.
```
2021-02-02 14:39:51 +01:00
Discourse Translator Bot 4860c7c6ee
Update translations (#11928) 2021-02-02 14:37:52 +01:00
Gerhard Schlager d055552994
Fix i18n issues reported on Crowdin (#11747)
* Pluralize `groups.errors.adding_too_many_users`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-ar#53882

* Pluralize `js.composer.error.title_too_short`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41172

* Pluralize `js.composer.error.title_too_long`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41174

* Pluralize `js.composer.error.post_length`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41178

* Pluralize `js.topic.progress.jump_prompt_of`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41958

* Use translations to join strings about posters
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-ar#49334
  It also makes some changes to the crawler view:
    * Removes `poster.moreCount` which is only available on the client for PMs
    * CSS class names are actually stored in `poster.extras` instead of `poster.extraClasses`

* Stop concatenating category stats
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40740

* Pluralize `js.summary.description`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40782

* Pluralize `js.summary.description_time_MF`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40784

* Use translation to join list of tags
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#43372

* Pluralize `admin_js.admin.groups.manage.membership.automatic_membership_user_count`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#43720

* Pluralize `js.post.controls.delete_topic_confirm_modal`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#54804

* Stop concatenating `js.post.last_edited_on`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42358

* Stop concatenating `js.post.wiki_last_edited_on`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42356
  It also fixes a regression because `js.post.wiki_last_edited_on` wasn't used anymore since 2017.
2021-02-02 10:50:04 +01:00
Vinoth Kannan 9d2eaec88f
DEV: enable CORS to all CDN get requests from workbox. (#11896)
To prevent opaque cache files, now all the CDN files will be requested in 'cors' mode if the cdn_cors_enabled global setting is enabled. Before enabling the setting, should enable the cors in the CDN server by adding the response header `access-control-allow-origin: *` or `access-control-allow-origin: https://discourse.example.com.`

And other external file requests other than CDN will not be cached if the response type is opaque.
2021-02-02 11:38:29 +05:30
Martin Brennan ea1ffe390b
FIX: Show bookmark name in quick access hover (#11924)
This PR makes it so the bookmark name shows on hover in the quick access menu. A change was necessary to quick-access-item for the title to render for the link.
2021-02-02 15:04:02 +10:00
Rafael dos Santos Silva bf5611f7eb
FIX: Make discobot certificate faster/non blocking (#11344)
This moves the way we add the user avatar and site logo
to the discobot certificates from embeded base64 png to
just using the files urls in the href to the image tag.

This will make generation faster and the certificate
smaller overall, but it can't be used in a  `img` tag
anymore, since SVGs in `img` tags don't load the external images

In order to work around that we will move the certificate
in posts to an iframe, which works fine without any user
visible changes. For this to be possible the plugin automatically
adds the site current domain to the list of allowed iframe origins.
2021-02-01 20:49:32 -03:00
dependabot[bot] ca4a962766 Build(deps): Bump rubocop from 1.9.0 to 1.9.1
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.9.0...v1.9.1)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:47:02 +08:00
dependabot[bot] b43a169fc8 Build(deps-dev): Bump webmock from 3.11.1 to 3.11.2
Bumps [webmock](https://github.com/bblimke/webmock) from 3.11.1 to 3.11.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.11.1...v3.11.2)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:46:53 +08:00
dependabot[bot] c2e8a43b60 Build(deps): Bump excon from 0.78.1 to 0.79.0
Bumps [excon](https://github.com/excon/excon) from 0.78.1 to 0.79.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.78.1...v0.79.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:46:43 +08:00
dependabot[bot] a2ec617208 Build(deps): Bump bootsnap from 1.6.0 to 1.7.0
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:39:28 +08:00
Roman Rizzi e040de0c2c
DEV: New option to always destroy posts. (#11898) 2021-02-01 16:57:31 -05:00
Dan Ungureanu 4b3d34d3d4
FIX: Skip shared drafts logic if disabled (#11918)
It always showed shared drafts if no category was set.

Follow-up to dd175537f3.
2021-02-01 20:29:04 +02:00
Penar Musaraj 0f31a221c9
DEV: Performance fixes to filtered replies (#11916) 2021-02-01 11:53:13 -05:00
Osama Sayegh 6efdeef461
FIX: Emoji search/autocomplete should respect selected skin tone (#11917)
This commit makes our emoji autocomplete in the composer respect the skin tone you select in the emoji picker.
2021-02-01 19:36:35 +03:00
Dan Ungureanu dd175537f3
FIX: Existing shared drafts should be accessible (#11915)
Disabling shared drafts used to leave topics in an inconsistent state
where they were not displayed as shared drafts and thus there was no
way of publishing them. Moreover, they were accessible just to users
who have permissions to create shared drafts.

This commit adds another permission check that is used for most
operations and the old can_create_shared_draft? remains used just when
creating a new shared draft.
2021-02-01 16:16:34 +02:00
Robin Ward f113648107
DEV: Migrate more tests to our Ember CLI format. (#11899)
This should be fully backwards compatible.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-02-01 09:01:47 -05:00
Osama Sayegh 98201ecc24
DEV: {{user-selector}} replacement (#11726)
This PR is the first step towards replacing our `{{user-selector}}` and eventually deprecating and removing it from our codebase. Some of `{{user-selector}}` problems are:

1. It's called `{{user-selector}}`, but in reality in can also select groups and emails.
2. It's an Ember component, yet it doesn't have a handlebars template and uses jQuery to render itself and modify the DOM. An example of this problem is when you want to clear the selected users programmatically, see [this](6c155dba77/app/assets/javascripts/discourse/app/components/user-selector.js (L179-L185)).
3. We now have select kit which does very similar things but a lot better.

This PR introduces `{{email-group-user-chooser}}` which is meant to replace `{{user-selector}}`. It extends select kit and has the same features that `{{user-selector}}` has. `{{user-selector}}` is still used in a few places in core, but they'll all be replaced with the new component in a separate commit. 

Once `{{user-selector}}` is not used anywhere in core, it'll be deprecated and then removed after the 2.7 release.
2021-02-01 13:07:11 +03:00
Alan Guo Xiang Tan 7e4dad3c56 DEV: Update msgpack to 1.4.2.
It seems like 1.4.1 was yanked.
2021-02-01 11:46:38 +08:00
Robin Ward 184cd766ac Apply suggestions from code review
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-02-01 10:36:02 +08:00
Robin Ward 5546fe609c Add autofocus to the change ownership modal 2021-02-01 10:36:02 +08:00
Penar Musaraj 49e97279c7 FEATURE: Add daily job to check for new features 2021-02-01 10:31:44 +08:00
romanrizzi 736b4137cc FIX: Return the CDN's URL when using the site's small logo as the system's user avatar.
Using "UrlHelper#absolute" returns the S3 URL, which is fine for the client because it modifies it to use the CDN instead. On the other hand, this replacement doesn't happen when the URL is server-side rendered, returning a 403 for the system's avatar.
2021-02-01 10:31:36 +08:00
awesomerobot 2f2dd94217 left align popup-menu button text 2021-02-01 10:30:52 +08:00
Martin Brennan 0fab711e4a
FIX: Stop trying to set values on destroyed bookmark component (#11909)
* sometimes the AJAX promise to create/save the bookmark did
  not come back before the component destroyed, causing an error
  when trying to set the model id afterward. this just eliminates
  the set code and uses the response.id instead
2021-02-01 10:23:06 +10:00
Martin Brennan 3e3f3f7b7e
DEV: Add time shortcut picker component and libs and refactor bookmark modal controller into component which uses time shortcut picker (#11802)
This PR moves all of the time picking functionality from the bookmark modal and controller into a reusable time-shortcut-picker component, which will be used for the topic timer UI revamp. All of the utility JS for getting dates like tomorrow/next week/next month etc. have also been moved into a separate utility lib.

The time-shortcut-picker has a couple of options that can be passed in:

* prefilledDatetime - The date and time to parse and prefill into the custom date and time section, useful for editing interfaces.
* onTimeSelected (callback) - Called when one of the time shortcuts is clicked, and passes the type of the shortcut (e.g. tomorrow) and the datetime selected.
* additionalOptionsToShow - An array of option ids to show (by default `later_today` and `later_this_week` are hidden)
* hiddenOptions - An array of option ids to hide
* customOptions - An array of custom options to display (e.g. the option to select a post date for the bookmarks modal). The options should have the below properties:
    * id
    * icon
    * label (I18n key)
    * time (moment datetime object)
    * timeFormatted
    * hidden

The other major work in this PR is moving all of the bookmark functionality out of the bookmark modal controller and into its own component, where it makes more sense to be able to access elements on the page via `document`. Tests have been added to accompany this move, and existing acceptance tests for bookmark are all passing.
2021-02-01 09:03:41 +10:00
dependabot[bot] e242e0b13c
Build(deps): Bump rack-mini-profiler from 2.3.0 to 2.3.1 (#11906)
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.3.0...v2.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:43:05 +01:00
dependabot[bot] acbbcfd038
Build(deps): Bump rspec-mocks from 3.10.1 to 3.10.2 (#11907)
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks) from 3.10.1 to 3.10.2.
- [Release notes](https://github.com/rspec/rspec-mocks/releases)
- [Changelog](https://github.com/rspec/rspec-mocks/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.10.1...v3.10.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:42:54 +01:00
dependabot[bot] 647d88a224
Build(deps): Bump rspec-support from 3.10.1 to 3.10.2 (#11908)
Bumps [rspec-support](https://github.com/rspec/rspec-support) from 3.10.1 to 3.10.2.
- [Release notes](https://github.com/rspec/rspec-support/releases)
- [Changelog](https://github.com/rspec/rspec-support/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-support/compare/v3.10.1...v3.10.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:42:36 +01:00
dependabot[bot] dbec522eb0
Build(deps): Bump fastimage from 2.2.1 to 2.2.2 (#11905)
Bumps [fastimage](https://github.com/sdsykes/fastimage) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/sdsykes/fastimage/releases)
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.1...v2.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:28:28 +01:00
Kris 363170513e
UX: Allow some overflow in composer preview (#11902) 2021-01-29 20:28:56 -05:00
Simon Cossar ba2f4f3393
Improve invite to forum modal description (#11903) 2021-01-29 16:59:39 -08:00
Jeff Atwood 39ba3f8291
remove hidden area in flagged removed post msg (#11901)
because users were having trouble figuring out how to expand the hidden post to determine "what post of mine was removed??", per customer reports
2021-01-29 15:42:04 -08:00
Blake Erickson 67e185b33e
document user endpoints (#11894)
* document user endpoints, allow for empty request/response bodies

* document more user endpoints, improve debugging output if no details are specified

* document some more user endpoints

* minor cleanup

* FIX: flakey tests due to bad regex
2021-01-29 11:27:11 -07:00
Robin Ward 11c812f042
Quite a few Ember-CLI / Upgrade related changes (#11867)
* Quite a few Ember-CLI / Upgrade related changes

They should all be backwards compatible. This is all to help merge our
branches.

* REFACTOR: DRY up username validation

Also avoids overwriting computed properties for compatibility with newer
Ember releases.
2021-01-29 10:19:54 -05:00
dependabot[bot] 0bd0358158
Build(deps): Bump rubocop from 1.8.1 to 1.9.0 (#11892)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.8.1...v1.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 12:37:06 +01:00
dependabot[bot] 01b4d7a050
Build(deps): Bump oj from 3.11.1 to 3.11.2 (#11891)
Bumps [oj](https://github.com/ohler55/oj) from 3.11.1 to 3.11.2.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.11.1...v3.11.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 12:34:53 +01:00
dependabot[bot] 886ae6cdc4
Build(deps): Bump omniauth-oauth from 1.1.0 to 1.2.0 (#11890)
Bumps [omniauth-oauth](https://github.com/intridea/omniauth-oauth) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/intridea/omniauth-oauth/releases)
- [Commits](https://github.com/intridea/omniauth-oauth/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 12:34:18 +01:00
Vinoth Kannan a5923ad603
DEV: apply allow origin response header for CDN requests. (#11893)
Currently, it creates a CORS error while accessing those static files.
2021-01-29 07:44:49 +05:30
Martin Brennan 4af4d36175
FIX: IMAP allow unknown senders to reply to group topics via email (#11877)
Adds a new column/setting to groups, allow_unknown_sender_topic_replies, which is default false. When enabled, this scenario is allowed via IMAP:

* OP sends an email to the support email address which is synced to a group inbox via IMAP, creating a group topic
* Group user replies to the group topic
* An email notification is sent to the OP of the topic via GroupSMTPMailer
* The OP has several email accounts and the reply is sent to all of them, or they forward their reply to another email account
* The OP replies from a different email address than the OP (gloria@gmail.com instead of gloria@hey.com for example)
* The a new staged user is created, the new reply is accepted and added to the topic, and the staged user is added to the topic allowed users

Without allow_unknown_sender_topic_replies enabled the new reply creates an entirely new topic (because the email address it is sent from is not previously part of the topic email chain).
2021-01-29 09:59:10 +10:00
dependabot[bot] 5114a6421b
Build(deps-dev): Bump rswag-specs from 2.3.1 to 2.3.2 (#11889)
Bumps [rswag-specs](https://github.com/rswag/rswag) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.3.1...2.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 16:12:27 -07:00