Commit Graph

29594 Commits

Author SHA1 Message Date
Jarek Radosz 48987af324
DEV: Use `templateName` instead of `renderTemplate()` (#21517)
`renderTemplate()` is deprecated and has been removed in Ember 4.0
2023-05-19 11:14:38 +02:00
dependabot[bot] f62904715f
Build(deps-dev): Bump sinon in /app/assets/javascripts (#21649) 2023-05-19 09:15:01 +02:00
dependabot[bot] 5f16db24fc
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#21650) 2023-05-19 09:14:26 +02:00
Alan Guo Xiang Tan bc58ee5f85
FIX: Clicking on edited notification should open edit history modal (#21631)
This is a regression introduced when we redesigned the user menu
2023-05-19 13:55:43 +08:00
Alan Guo Xiang Tan 9951493129
DEV: Add `registerCustomCategorySectionLinkLockIcon` plugin API (#21655)
New client side plugin API that allows plugins or themes to customize
the fontawesome 5 icon used to indicate that a category is locked/read
restricted.
2023-05-19 11:56:21 +08:00
Alan Guo Xiang Tan b183b997fb
UX: Add custom section button should not be shown to anon users (#21651) 2023-05-19 09:31:25 +08:00
Kris f8ee839bfb
DEV: add plugin outlet to share sources (#21646) 2023-05-18 16:10:44 -04:00
Ella E 219fd7bb42
UX: tweak on logo size to make sure it's not too small on small screen (#21644) 2023-05-18 13:11:53 -06:00
Bianca Nenciu 5654aedd75
UX: Remove welcome topic admin tip and tweak copy (#21593)
The welcome topic user tip was for admins only, but in general, user
tips should be used for guiding new users through the features that
Discourse offers. For this reason, we decided to remove the user tip.

This commit also includes a few more copy tweaks to the welcome topic.
2023-05-18 16:38:04 +03:00
Jarek Radosz edbfe91623
DEV: Re-add above-static and below-static outlets (#21635)
They were a part of now-removed static template
2023-05-18 15:32:15 +02:00
Bianca Nenciu f0ec1fad8c
FIX: Update category tag stats with new or deleted (#21531)
The old method updated only existing records, without considering that
new tags might have been created or some tags might not exist anymore.
This was usually not a problem because the stats were also updated by
other code paths.

However, the ensure consistency job should be more solid and help when
other code paths fail or after importing data.

Also, update category tag stats too should happen when updating other
category stats as well.
2023-05-18 12:46:44 +03:00
dependabot[bot] 809bab5782
Build(deps-dev): Bump @embroider/test-setup in /app/assets/javascripts (#21626)
Bumps [@embroider/test-setup](https://github.com/embroider-build/embroider/tree/HEAD/packages/test-setup) from 2.1.1 to 3.0.0.
- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/test-setup)

---
updated-dependencies:
- dependency-name: "@embroider/test-setup"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 11:07:04 +02:00
Martin Brennan 341f87efb7
FIX: Show gif upload size limit error straight away (#21633)
When uploading images via direct to S3 upload, we were
assuming that we could not pre-emptively check the file
size because the client may do preprocessing to reduce
the size, and UploadCreator could also further reduce the
size.

This, however, is not true of gifs, so we would have an
issue where you upload a gif > the max_image_size_kb
setting and had to wait until the upload completed for
this error to show.

Now, instead, when we direct upload gifs to S3, we check
the size straight away and present a file size error to
the user rather than making them wait. This will increase
meme efficiency by approximately 1000%.
2023-05-18 10:36:34 +02:00
dependabot[bot] 86c2f461b0
Build(deps): Bump webpack in /app/assets/javascripts (#21625)
Bumps [webpack](https://github.com/webpack/webpack) from 5.82.1 to 5.83.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.82.1...v5.83.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-18 16:51:22 +10:00
Alan Guo Xiang Tan 4ec9a947dc
UX: Improve display of short site description in header dropdown (#21628) 2023-05-18 10:16:21 +08:00
Kris 14ad0b39f1
UX: include custom headers in `--header-offset` (#21059) 2023-05-17 17:37:56 -04:00
Roman Rizzi d2516f39c3
DEV: Option to always hide warning in the coposer (#21618) 2023-05-17 15:59:43 -03:00
Keegan George 515529cd34
UX: Show fast edit at top of window on mobile (#21590) 2023-05-17 09:30:29 -07:00
Keegan George 082821c754
DEV: Remove legacy user menu (#21308) 2023-05-17 09:16:42 -07:00
dependabot[bot] e7779615e6
Build(deps): Bump @ember/string in /app/assets/javascripts (#21601)
Bumps [@ember/string](https://github.com/emberjs/ember-string) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/emberjs/ember-string/releases)
- [Changelog](https://github.com/emberjs/ember-string/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-string/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: "@ember/string"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-17 10:42:20 +02:00
dependabot[bot] bc82490e6e
Build(deps-dev): Bump terser in /app/assets/javascripts (#21600)
Bumps [terser](https://github.com/terser/terser) from 5.17.3 to 5.17.4.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.17.3...v5.17.4)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-17 10:41:39 +02:00
Ted Johansson 445196399d
FIX: Remove obsolete references to lounge category (#21607)
### What is this change?

The lounge category was replaced with the general category in https://github.com/discourse/discourse/pull/18097.

However, there are still a few references to the lounge category in code. In particular, `Category#seeded?` is erroring out in production looking for `SiteSetting.lounge_category_id`.
2023-05-17 16:34:14 +08:00
Ted Johansson a2bc24456f
DEV: Update call sites using BaseStore#download but expecting exceptions (#21551)
In #21498, we split `BaseStore#download` into a "safe" version which returns nil on errors, and an "unsafe" version which raises an exception, which was the old behaviour of `#download`.

This change updates call sites that used the old `#download`, which raised exceptions, to use the new `#download!` to preserve behaviour (and silence deprecation warnings.)

It also silences the deprecation warning in tests.
2023-05-17 16:03:33 +08:00
Alan Guo Xiang Tan c991b8f6a0
UX: Sections not collapsable in "header dropdown" navigation menu (#21604)
What is the problem?

This is a follow up to 4cca7de22d. In the
commit, CSS was used to disable the collapsing of sections in the header
dropdown navigation menu when the `navigation_menu` site setting is set
to `header dropdown`. However, using CSS is not the correct approach as
the underlying code is still marking the section as collapsable which
means that the sections will still be displayed as collapsed with no way
to "uncollapse" if the local store has already marked the section as
collapsed.

What is the fix?

This commit removes the usage of CSS to hide the collapsabe button and
instead correctly marks the section as not collapsable in the code.
2023-05-17 14:28:09 +08:00
Alan Guo Xiang Tan 5878535606
FIX: Searching for svg sprite icons connecting to default database (#21605)
What is the problem?

In `SvgSpriteController#search` and `SvgSpriteController#icon_picker_search`, the controller actions
was using the `RailsMultisite::ConnectionManagement.with_hostname` API
but `params[:hostname]` was always `nil` because the routes does not
have a `:hostname` param component and the client does not ever pass the
`:hostname` param when making the request. When `RailsMultisite::ConnectionManagement.with_hostname` is
used with a `nil` argument, it ends up connecting to the default
multisite database. Usually this would be bad because we're allowing a
site in a multisite setup to connect to another site but thankfully no
private data is being leaked here.

What is the fix?

Since `SvgSpriteController#search` and `SvgSpriteController#icon_picker_search` are login required route,
there is no need for us to switch database connections. The fix here is
to simply remove the use of `RailsMultisite::ConnectionManagement.with_hostname`.
2023-05-17 14:25:06 +08:00
Alan Guo Xiang Tan bf64a184ea
FIX: Clear topic list cache after archiving a PM (#21602)
Context of the problem

When viewing the topic list for either the personal inbox or the group
PM inbox, we store a cache of the topic list if the user has loaded more
topics in the topic list. This cache is used to improve the experience
for users so that navigating to a topic and then back would not make
them lose their "last read" position in the topic list. Without this
cache, users will have to start from the top of the topic list each time
they navigate back after reading a topic.

What is the problem?

After archiving a PM, the user is redirected to either the personal
inbox or the group PM inbox. The problem is that if a topic list cache
exists, we will render the topic list using the cache. However, this
means that the archived PM will still appear in the list leading to
confusion for our users.

What is the fix?

To fix this, we will simply clear the topic list cache after a user
archives a topic.
2023-05-17 14:23:23 +10:00
Angus McLeod 338bd13213
DEV: Use composerEventPrefix in the composer editor (#21480) 2023-05-16 19:06:20 +01:00
Jarek Radosz dec38e2daf
DEV: Add support for array params in topic-list finder (#21578)
It wasn't possible (at least in any reasonable way) to pass params like `tags`. Also removes the export and inlines the function as that was used only to test the function and the test is gone.
2023-05-16 19:49:38 +02:00
David Taylor e8ee2285be
DEV: Use `@cached` decorator for `sidebar/user/sections.js` (#21556)
Achieves the same thing as the old manual caching
2023-05-16 18:21:21 +01:00
Penar Musaraj f6670aecfd
DEV: Fix preview sanitization test (#21521)
This test was passing, but the environment it was testing was incorrect.
The `image-controls` markdown rule allowlists several svgs when previewing.
But since `previewing: true` is only set on the parent `ComposerEditor`
component, the test in `DEditor` wasn't aware of that, so the output was
ignoring the `previewing` option.

This moves the test one level higher, to `ComposerEditor`, and because
now `previewing: true` is correctly used, it updates the test to show
that the svg element is present, but an `onload` attributes is stripped.
2023-05-16 11:06:05 -04:00
Penar Musaraj 06ea37e591
A11Y: Improve select-kit accessibility (take 2) (#21530)
Same as #214500 but fixes an issue with mobile navigation in some cases.
2023-05-16 09:57:50 -04:00
Jarek Radosz 5d386653c4
DEV: Clean up store-test (#21576)
* Use native getters
* Use `assert.true`/`assert.false`
* Improve some assertions
2023-05-16 12:10:58 +02:00
dependabot[bot] de4efc2b8f
Build(deps): Bump @ember/string in /app/assets/javascripts (#21569)
Bumps [@ember/string](https://github.com/emberjs/ember-string) from 3.0.1 to 3.1.0.
- [Release notes](https://github.com/emberjs/ember-string/releases)
- [Changelog](https://github.com/emberjs/ember-string/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-string/compare/v3.0.1...v3.1.0)

---
updated-dependencies:
- dependency-name: "@ember/string"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-16 11:24:25 +02:00
Sam e63e193a0a
FEATURE: Fuzzy search in site settings and raise limit to 100 matches (#21572)
We have been struggling lately finding site settings due to 30 setting limit

This was introduced for performance reasons a while back but is no longer as
needed given that ember is faster.

Additionally searching is hard, so allow people to use fuzzy search against
setting name.
2023-05-16 18:23:05 +10:00
Alan Guo Xiang Tan b596e54a39
DEV: Use components to manage custom sidebar sections lifecycle (#21574)
What is the problem?

Previously the `sections` getter was initializing duplicate `lib/sidebar/(community-)section` instances every time it was evaluated. This change in identity was causing Ember's `{{#each` helper to totally rerender every section whenever the getter was evaluated.

What is the fix?

This commit refactors things to lean on Ember's components for state/lifecycle management. The `{{#each` loop is done over the source data, which is guaranteed to only change identity when there is a real config change. Individual section components are initialized for each section, and are responsible for constructing and tearing down their own `lib/sidebar/(community-)section` instances.

This commit also updates `lib/sidebar/(community-)section` to support service injection rather than passing service references around.

Co-authored-by: David Taylor <david@taylorhq.com>
2023-05-16 11:47:59 +08:00
David Taylor 7962202c64
FIX: Ensure modal alert is hidden when empty (#21565)
We use the `:empty` css selector on `#modal-alert`, so we need to strip any whitespace from the contents to ensure the selector functions correctly. Followup to ad431ab03a
2023-05-16 01:19:53 +01:00
David Taylor ee537a7ac1
FIX: Hide d-modal during page load (#21563)
Followup to 4bc769cac0
2023-05-15 21:43:21 +01:00
Sérgio Saquetim 21ec70b509
FIX: Miscellaneous tagging errors (#21490)
* FIX: Displaying the wrong number of minimum tags in the composer

When the minimum number of tags set for the category is larger than the minimum number of tags
set in the category tag-groups, the composer was displaying the wrong value.

This commit fixes the value displayed in the composer to show the max value between the required
for the category and the tag-groups set for the category.

This bug was reported on Meta in https://meta.discourse.org/t/tags-from-multiple-tag-groups-required-only-suggest-select-at-least-one-tag/263817

* FIX: Limiting tags in categories not working as expected

When a category was restricted to a tag group A, which was set to only allow
one tag from the group per topic, selecting a tag belonging only to A returned
other tags from A that also belonged to other group/s (if any).

Example:

Tag group A: alpha, beta, gamma, epsilon, delta
Tag group B: alpha, beta, gamma

Both tag groups set to only allow one tag from the group per topic.

If Category 1 was set to only allow tags from the tag group A, and the first tag
selected was epsilon, then, because they also belonged to tag group B, the tags
alpha, beta, and gamma were still returned as valid options when they should not be.

This commit ensures that once a tag from a tag group that restricts its tags to
one per topic is selected, no other tag from this group is returned.

This bug was reported on Meta in https://meta.discourse.org/t/limiting-tags-to-categories-not-working-as-expected/263143.

* FIX: Moving topics does not prompt to add required tag for new category

When a topic moved from a category to another, the tag requirements
of the new category were not being checked.

This allowed a topic to be created and moved to a category:

- that limited the tags to a tag group, with the topic containing tags
not allowed.
- that required N tags from a tag group, with the topic not containing
the required tags.

This bug was reported on Meta in https://meta.discourse.org/t/moving-tagged-topics-does-not-prompt-to-add-required-tag-for-new-category/264138.

* FIX: Editing topics with tag groups from parents allows incorrect tagging

When there was a combination between parent tags defined in a tag group
set to allow only one tag from the group per topic, and other tag groups
relying on this restriction to combine the children tag types with the
parent tag, editing a topic could allow the user to insert an invalid
combination of these tags.

Example:

Automakers tag group: landhover, toyota
  - group set to limit one tag from the group per topic

Toyota models group: land-cruiser, hilux, corolla

Landhover models group: evoque, defender, discovery

If a topic was initially set up with the tags toyota, land-cruiser it was
possible to edit it by removing the tag toyota and adding the tag landhover
and other landhover model tags like evoque for example.

In this case, the topic would end up with the tags toyota, land-cruiser,
landhover, evoque because Discourse will automatically insert the
missing parent tag toyota when it detects the tag land-cruiser.

This combination of tags would violate the restriction specified in
the Automakers tag group resulting in an invalid combination of tags.

This commit enforces that the "one tag from the group per topic"
restriction is verified before updating the topic tags and also
make sure the verification checks the compatibility of parent tags that
would be automatically inserted.

After the changes, the user will receive an error similar to:
The tags land-cruiser, landhover cannot be used simultaneously.
Please include only one of them.
2023-05-15 17:19:41 -03:00
David Taylor 4bc769cac0
DEV: Control modal 'hidden' with Ember (#21562)
Moving all control of 'hidden' into Ember will resolve issues we're seeing with Ember fighting against manual DOM manipulation (both vanilla JS and JQuery).

Looking up `controller:modal` from components is not ideal. However, the next step in the refactoring is to create a modal 'service' which will be able to injected into components cleanly.
2023-05-15 20:48:00 +01:00
Bianca Nenciu 78022e7a5f
FEATURE: Show user cards for inactive users (#21387)
It used to return 404 which made the user card render and then quickly disappear.
2023-05-15 21:45:26 +03:00
Jarek Radosz e25468b2ca
DEV: Use `@cached` decorator in `user-menu/menu` (#21558) 2023-05-15 20:40:08 +02:00
David Taylor 35f29bd25b DEV: Document `showModal`, allow setting more config via DModalBody
Having these things configured at the invocation of showModal is a strange API, and means that any changes to the modal require updating the call sites. It makes much more sense for these to be defined as part of the modal's own template. This was already supported for many of the properties. This commit adds support for the `modalClass` and `titleAriaElementId` config to be passed to DModalBody.

For now there is no deprecation message. Support for passing these things to `showModal` will be dropped as part of an upcoming conversion of modals from controllers to components.
2023-05-15 13:43:01 +01:00
David Taylor f2482b5daa DEV: Replace modal 'maxHeight' calculation with css 2023-05-15 13:43:01 +01:00
David Taylor ad431ab03a DEV: Refactor modal 'flash' to avoid direct DOM manipulation 2023-05-15 13:43:01 +01:00
David Taylor 771c4de7f1 DEV: Convert d-modal and d-modal-body to glimmer components 2023-05-15 13:43:01 +01:00
David Taylor 11e7e949b7 DEV: Convert d-modal and d-modal-body to native class syntax 2023-05-15 13:43:01 +01:00
Joffrey JAFFEUX 5ce0697348
FIX: limits max height to viewport on channel only (#21539)
Before this commit chat was applying a fixed height on everything under the `/chat` route. It's only really needed on the channel page with the composer at the bottom of the page.

This commits makes the following changes:
- moves height limitation from `#main-outlet-wrapper` to `.chat-channel`
- makes browse channel page and members list page full height and rely on main document scrollbar
- adds height computation for draft header and direct message creator block to ensure the height is correct when creating a draft channel
- makes chat index full height to rely on the browser scrollbar. As a result the <kbd> + </kbd> button used on mobile to create a direct message as been moved out of `<ChannelsList>` into the chat index template
- sidebar height was relying on chat setting a max height, as a result the height computation of sidebar has been changed to work correctly, especially with an opened keyboard on mobile or ipad
2023-05-15 11:46:33 +02:00
Bianca Nenciu 9a2780397f
FIX: Handle all UTF-8 characters (#21344)
Watched words were converted to regular expressions containing \W, which
handled only ASCII characters. Using [^[:word]] instead ensures that
UTF-8 characters are also handled correctly.
2023-05-15 12:45:04 +03:00
Loïc Guitaut d63ce56252 DEV: Set limit for Invite#custom_message 2023-05-15 09:55:28 +02:00
Loïc Guitaut b81c13280a DEV: Set limits for text fields on BadgeGrouping 2023-05-15 09:54:54 +02:00
Alan Guo Xiang Tan 1106e4ad09
FIX: Sidebar custom sections rendering perf degrades over time (#21552)
What is the problem?

The main problem here is that we were incorrectly registering the same `onStateChange` callback with `TopicTrackingState`
each time a user reads a post. When a user reads a post, the state in `TopicTrackingState` is updated and it triggers all
the `onStateChange` callbacks which have been registered. In the `CommunitySection` class, we register a callback which
would then call the `onTopicTrackingStateChange` method for each link in the class. For the `EverythingSectionLink` class,
this would lookup the state in `TopicTrackingState` to get a new count of unread/new topics and update the `totalUnread` and
`totalNew` properties which are tracked. For some reason that I have yet to figure out, updating the either of the tracked properties
would result in Ember rerendering the entire `{{#each this.sections as |section|}}` in `component/sidebar/user/custom-sections.hbs`
template. Note that `this.sections` refers to a `@cached` getter in the `SidebarUserCustomSections` class. The problem is that
the `sections` getter is initializing a new bunch of sidebar sections related classes without calling the teardown function.
As a result, we end up registering new `onStateChange` callbacks in `TopicTrackingState` in `CommunitySection` without
removing the old ones. Over time, the number of callbacks build up and we end up slowing down the application. While we do
not know the reason why defining a getter for the `sections` is causing the entire block to re-render, I realized that
it is dangerous to use a getter for `sections` here since we have very little control on when the cached is broken.

Instead, I moved the `sections` getter to a tracked property instead where the property is updated via `appEvents`. With
this change, updating the tracked properties in `EverythingSectionLink` is no longer triggering a complete re-render of the
said block above. We also now call `teardown` on the section objects that has been initialised before updating the `sections`
property.
2023-05-15 15:43:41 +08:00
Loïc Guitaut 9f283eb836
DEV: Set a limit for ApiKey#description (#21502) 2023-05-15 14:12:25 +10:00
Kris f160f073b0
FIX: addNavigationBarItem api example (#21510)
* FIX: addNavigationBarItem api example

* Update app/assets/javascripts/discourse/app/lib/plugin-api.js

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

---------

Co-authored-by: Sam <sam.saffron@gmail.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-05-15 14:11:42 +10:00
Sam e9efeea264
FIX: composer should be sending metaData (#21546)
An extensibility point we support server side is setting meta_data
(topic / post custom fields) with the composer payload.

Previous to this change even though we had a lot of setup code we never
actually sent the payload.

This ensures that on create we send meta_data.
2023-05-15 14:08:54 +10:00
Bianca Nenciu b32cdb0880
FIX: Refresh site when enable_user_tips changes (#21489)
Without refresh, no user tip will be shown and Site.user_tips is not
properly populated either.
2023-05-12 18:44:41 +03:00
Bianca Nenciu b73a9a1faa
UX: Various improvements to welcome topic CTA (#21010)
- Update welcome topic copy
- Edit the welcome topic automatically when the title or description changes
- Remove “Create your Welcome Topic” banner/CTA
- Add "edit welcome topic" user tip
2023-05-12 17:09:40 +03:00
David Taylor 177651fdbb
FIX: Avoid double-encoding featured topic title in user profile (#21507)
a373bf2 updated the behavior of replace-emoji so that the input is treated as unsafe-by-default. fancy_title is already escaped, so we need to mark it as html-safe to avoid it being double-escaped.

There is no need to html-safe the result of replace-emoji - it's already done as part of the helper.
2023-05-12 10:11:59 +01:00
Ted Johansson 07f87ff7a8
DEV: Strictly filter tag search limit parameter input (#21524)
### What is the problem?

It is possible to pass an arbitrary value to the limit parameter in `TagsController#search`, and have it flow through `DiscourseTagging.filter_allowed_tags` where it will raise an error deep in the database driver. MiniSql ensures there's no injection happening, but that ultimately results in an invalid query.

### How does this fix it?

This change checks more strictly that the parameter can be cleanly converted to an integer by replacing the loose `#to_i` conversion semantics with the stronger `Kernel#Integer` ones.

**Example:**

```ruby
"1; SELECT 1".to_i
#=> 1

Integer("1; SELECT 1")
#=> ArgumentError
```

As part of the change, I also went ahead to disallow a limit of "0", as that doesn't seem to be a useful option. Previously only negative limits were disallowed.
2023-05-12 16:49:14 +08:00
Ted Johansson 59867cc091
DEV: Gracefully handle user avatar download SSRF errors (#21523)
### Background

When SSRF detection fails, the exception bubbles all the way up, causing a log alert. This isn't actionable, and should instead be ignored. The existing `rescue` does already ignore network errors, but fails to account for SSRF exceptions coming from `FinalDestination`.

### What is this change?

This PR does two things.

---

Firstly, it introduces a common root exception class, `FinalDestination::SSRFError` for SSRF errors. This serves two functions: 1) it makes it easier to rescue both errors at once, which is generally what one wants to do and 2) prevents having to dig deep into the class hierarchy for the constant.

This change is fully backwards compatible thanks to how inheritance and exception handling works.

---

Secondly, it rescues this new exception in `UserAvatar.import_url_for_user`, which is causing sporadic errors to be logged in production. After this SSRF errors are handled the same as network errors.
2023-05-12 15:32:02 +08:00
Blake Erickson bd6e487df0
FIX: Allow integer group_ids for create invite api (#21494)
This fixes a bug in the create invite API where if you passed in an
integer for the group_ids field it would fail to add the user to the
specified group.
2023-05-11 11:39:33 -06:00
Jarek Radosz ce5430adc1
DEV: Rework `static` controllers/routes (#19466)
The issues fixed:

1. Previously all static pages (e.g. login-required landing page, /tos, /privacy, forgot-password) were wrapped in the faq-read-tracking component
2. All these pages shared one controller with methods that were relevant to one route
3. There were two route-generating functions: `static-route-builder` and `build-static-route` 🤣 
4. They were using the deprecated `renderTemplate()` API
5. A slight misuse of Ember API (`controllerFor()`)
6. Small mark-faq-read related bugs
2023-05-11 19:02:11 +02:00
dependabot[bot] f494e54128
Build(deps): Bump webpack in /app/assets/javascripts (#21496)
Bumps [webpack](https://github.com/webpack/webpack) from 5.82.0 to 5.82.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.82.0...v5.82.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-11 17:27:09 +02:00
Ted Johansson b837459e1d
DEV: Add both safe and unsafe Discourse.store.download methods (#21498)
* DEV: Add both safe and unsafe Discourse.store.download methods

* DEV: Update call sites that can use the safe store download method
2023-05-11 17:27:27 +08:00
Juan David Martínez Cubillos 83d2f9ef78
FEATURE: Default to subcategory when parent category does not allow posting (#21228)
added site toggle functionality through site settings

added tests to implemented feature

Introduced suggested correction

renamed find_new_topic method and deleted click_new_topic_button method
2023-05-10 12:34:39 -05:00
Bianca Nenciu d3a5a493fa
DEV: Add configurable? helper to Plugin::Instance (#21472)
This reapplies commit 3073e5cfb0, with
a fix that makes sure that plugins can be looked up both by the name
present in metadata and directory name.
2023-05-10 16:21:48 +03:00
dependabot[bot] d65c37366e
Build(deps-dev): Bump terser in /app/assets/javascripts (#21463)
Bumps [terser](https://github.com/terser/terser) from 5.17.2 to 5.17.3.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.17.2...v5.17.3)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-10 15:05:39 +02:00
David Taylor 56995e40c2
Revert "A11Y: Improve select-kit accessibility (#21400)" (#21468)
This reverts commit e8aea3c558. This introduced some errors during navigation on mobile. Reverting while we investigate
2023-05-10 11:45:17 +01:00
Joffrey JAFFEUX 3727c95f6f
Revert "DEV: Add configurable? helper to Plugin::Instance (#20767)" (#21469)
This reverts commit 3073e5cfb0.
2023-05-10 12:41:55 +02:00
Bianca Nenciu 3073e5cfb0
DEV: Add configurable? helper to Plugin::Instance (#20767)
This can be used to forcibly disable plugins.
2023-05-10 13:16:37 +03:00
David Battersby a19027afae
FIX: show 404 on new category page for moderators when Site Setting disabled (#21448)
Currently the /new-category url can be accessed by moderators, regardless of whether the Site Setting for moderators_manage_categories_and_groups is true or false.

On top of this, non authorized users can also access this page but shows errors (no 404 loaded).

Since the 404 redirect happens within Ember, we need to allow the site setting value to be accessed within JS. 

After this change all non admin users will see a 404 for this route, the exception being moderators if the moderators_manage_categories_and_groups setting has a value of true.

/t/73360
2023-05-10 14:26:49 +08:00
David Battersby 5d8632d484
FIX: fallback to composer for non ascii characters (#21465)
The problem
When selecting text and clicking the "Edit" button that pops up, this opens up the Fast Edit dialog.

The fast edit feature doesn't work well with non standard characters (non-ascii). If the user selects a string of text that contains non-ascii characters, sometimes they won't save. It is non-obvious to the user why this is happening. This issue occurs more frequently when editing content that is written in non-english languages, as fast-edit doesn't work well with non-ascii characters. We currently do a global replace on a couple of the more obvious quotation marks when the fast edit dialog attempts to save, but there are too many edge cases for foreign language content.

The solution
We can fix this issue by using a catch-all approach for non-ascii characters before the user clicks the edit button to bring up the fast edit dialog. Then we can fallback to the full composer to edit their text, which has much better support for non-ascii characters.

What does this regex do?
The regex used matches any character that is not within the ASCII range of 0x00 to 0x7F, which includes all control characters and non-ASCII characters.

This regex pattern can be used to match any character that is not a standard ASCII character, such as accented characters, non-Latin characters, and special symbols.
2023-05-10 12:38:28 +08:00
Sam bd32912c5e
FIX: do not allow title stuffing to dominate search (#21464)
We were giving topics with repeated words extra weight in search index.
This meant that it was trivial to stuff words into title to dominate in search
given we search for exact title matches first.

The following tweak means that:

`invite invited invites`
and
`invite some stuff`

Both rank the same for title searching.

Titles are short and punchy, duplicating words should not give special
weight.

Requires a full reindex to take effect.
2023-05-10 11:47:58 +10:00
Kris c6864f8f0f
DEV: add optional `displayName` parameter for `discourse-tag` (#21391) 2023-05-09 17:44:33 -04:00
Martin Brennan 7a1d60c60e
FIX: Likes received count in digest email (#21458)
This commit fixes an issue where the Likes Received notification
count in the user digest email was not affected by the
since/last_seen date for the user, which meant that no matter
how long it had been since the user visited the count was
always constant.

Now instead for the Likes Received count, we only count the
unread notifications of that type since the user was last
seen.
2023-05-09 19:19:26 +02:00
Bianca Nenciu 9ae5ddb330
FIX: Service worker for Safari (#21435)
The first rule in the service worker is bypassed for Safari, but the
previous detection method was matching any browser running on macOS.
2023-05-09 18:36:20 +03:00
Penar Musaraj e8aea3c558
A11Y: Improve select-kit accessibility (#21400)
This improves keyboard navigation in and out of select-kit components.

The improvements include:

- `Tab` will now dismiss the dropdown once the active element is outside
the select-kit element
- pressing `Escape` will not bubble, this is most noticeable in the
composer, pressing `Esc` there now when a dropdown is expanded will not
dismiss the composer
- `Shift+Tab` will also dismiss the dropdown once focus is outside it
2023-05-09 09:46:05 -04:00
Martin Brennan b5292c8139
Revert "FIX: fast-edit should fall back to composer for non-ascii characters (#21453)" (#21454)
This reverts commit 249f4296bf.
2023-05-09 15:40:17 +02:00
David Battersby 249f4296bf
FIX: fast-edit should fall back to composer for non-ascii characters (#21453)
The problem
The fast edit feature doesn't work well with non standard characters (non-ascii). If the user selects a string of text that contains non-ascii characters, then the edit won't save.

The solution
The best solution is to catch those non-ascii characters before the user clicks the edit button to bring up the fast edit dialog. Then we can fallback to the full composer to edit their text, which has much better support for non-ascii characters.

What does this regex do?
The regex used to catch this is [^\x00-\x7F], which matches any character that is not within the ASCII range of 0x00 to 0x7F, which includes all control characters and non-ASCII characters.

This regex pattern can be used to match any character that is not a standard ASCII character, such as accented characters, non-Latin characters, and special symbols.
2023-05-09 19:18:35 +08:00
Loïc Guitaut ae369b1100 FIX: Change the limit on badges description
The current limit (250 characters) is too low, as we have some
translations used for our badge descriptions that result in a
description length of 264 characters.

To be on the safe side, the limit is now set to 500 characters.
2023-05-09 11:41:40 +02:00
dependabot[bot] 43302d4089
Build(deps-dev): Bump terser in /app/assets/javascripts (#21444)
Bumps [terser](https://github.com/terser/terser) from 5.17.1 to 5.17.2.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.17.1...v5.17.2)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-09 11:12:38 +02:00
David Taylor 743be2d596
DEV: Replace Ember implicit injections with base class extensions (#21417)
Ember's implicit injections feature is removed in Ember 4.x. We want to give ourselves more time to migrate to explicit injections, so this commit re-implements our implicit injections as extensions to the base framework classes.

Incremental migration to newer patterns can be achieved using the `@disableImplicitInjections` class decorator (available from `discourse/lib/implicit-injections').

This resolves and unsilences the `implicit-injections` deprecation.
2023-05-09 09:34:05 +01:00
Alan Guo Xiang Tan 0c8d3f8542
DEV: Fix `category:` filter only supported alphabets and numbers (#21427)
A category's slug can be encoded when
`SiteSetting.slug_generation_method` has been set to "encoded". As a
result, we have to support non ASCII characters as well.
2023-05-09 08:10:08 +08:00
Keegan George 7560c0652c
DEV: Add plugin outlet to `<NavigationBar/>` component (#21437) 2023-05-08 12:20:51 -07:00
Penar Musaraj c69c7578f3
UX: loading slider for select-kit filter (#21401) 2023-05-08 14:56:46 -04:00
dependabot[bot] 81aff58d09
Build(deps-dev): Bump ember-auto-import-chunks-json-generator (#21420)
Bumps [ember-auto-import-chunks-json-generator](https://github.com/peopledoc/ember-auto-import-chunks-json-generator) from 1.0.0 to 1.1.0.
- [Release notes](https://github.com/peopledoc/ember-auto-import-chunks-json-generator/releases)
- [Commits](https://github.com/peopledoc/ember-auto-import-chunks-json-generator/compare/v1.0.0...v1.1.0)

---
updated-dependencies:
- dependency-name: ember-auto-import-chunks-json-generator
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-08 19:59:41 +02:00
dependabot[bot] afbeeea09f
Build(deps): Bump jsdom from 21.1.1 to 22.0.0 in /app/assets/javascripts (#21350)
Bumps [jsdom](https://github.com/jsdom/jsdom) from 21.1.1 to 22.0.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/21.1.1...22.0.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-08 11:45:28 +02:00
dependabot[bot] 1c74b91a6a
Build(deps-dev): Bump eslint in /app/assets/javascripts (#21419)
Bumps [eslint](https://github.com/eslint/eslint) from 8.39.0 to 8.40.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.39.0...v8.40.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-08 10:58:19 +02:00
Jarek Radosz fdf38335ab
DEV: Correct the app-events service injections (#21413) 2023-05-08 10:48:56 +02:00
Krzysztof Kotlarek be1cbc7082
FIX: jumpy more sidebar section (#21430)
Bug introduced in PR https://github.com/discourse/discourse/pull/21398

More section needs to be wrapped in div with position:relative to have sticky and absolute position.
2023-05-08 14:33:24 +10:00
Krzysztof Kotlarek dddbdffea6
FIX: flaky sidebar-user-community-section-test (#21398)
Change mechanism handling `more` button for sidebar.
Before it was using HTML details tag.
To make tests more reliable, we are switching to use ember runloop.
2023-05-08 13:37:34 +10:00
Alan Guo Xiang Tan 18c542dc02
PERF: Avoid triggering TopicTrackingState change callbacks unnecessarily (#21425)
What is the problem?

The TopicTrackingState is a service on the client side that is used to store
state of topics which is new or has unread posts for a given user. The state
is updated via various means and the one in concern here is whenever we load
a new topic list from the server. When a topic list is loaded from the server,
we sync this new topic list with the states in TopicTrackingState. There is also
a hard limit on the number of states that is stored by TopicTrackingState for
performance reasons and the limit is currently set to 4000. It was noticed that
once this limit has been reached, syncing a topic list with TopicTrackingState can
result in the registered state change callbacks to be called unnecessarily. This
is because during `TopicTrackingState#sync` we call `TopicTrackingState#removeTopic`
if the topic in question is neither new or unread to a user. However, `TopicTrackingState#removeTopic`
would call `TopicTrackingState#_afterStateChange` even if nothing was removed.

What is the fix?

This commit fixes the problem by checking that `TopicTrackingState#_afterStateChange` is only
called in `TopicTrackingState#removeTopic` when a topic is actually removed.
2023-05-08 13:26:28 +10:00
Sam ac0673d29e
DEV: In test, if flush is called and there is no thread, flush inline (#21426) 2023-05-08 13:25:00 +10:00
Sam 608bde734b
FEATURE: allow for longer membership domains (#21428) 2023-05-08 10:40:37 +08:00
Sam 83f1a13374
DEV: stop leaking data into tables during test (#21403)
This amends it so our cached counting reliant specs run in synchronize mode

When running async there are situations where data is left over in the table
after a transactional test. This means that repeat runs of the test suite
fail.
2023-05-06 07:15:33 +10:00
David Taylor c9a6d9ac89
FIX: Resolve timezone issues with date-time-input (#21414)
- Ensure changing timezones are reflected immediately in the date-time-input (the computed property was missing a dependent key)

- Ensure date-input doesn't lose timezone information (calling `toDate()` causes moment timestamps to lose timezone information)

This was created to resolve issues in the discourse-calendar plugin (https://github.com/discourse/discourse-calendar/pull/399)
2023-05-05 18:18:24 +01:00
Bianca Nenciu 37cacf72ae
FIX: Service worker should cache only 200 requests (#21409)
This can cause CORB issues when combining S3, secure uploads and
service workers.
2023-05-05 11:33:47 -04:00
David Taylor 98ea356fec DEV: re-enable skipped modifyClass test
This issue is fixed in Ember 3.28.12
2023-05-05 12:56:24 +01:00
dependabot[bot] ca1ee6751f Build(deps): Bump ember-source in /app/assets/javascripts
Bumps [ember-source](https://github.com/emberjs/ember.js) from 3.28.11 to 3.28.12.
- [Release notes](https://github.com/emberjs/ember.js/releases)
- [Changelog](https://github.com/emberjs/ember.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember.js/compare/v3.28.11...v3.28.12)

---
updated-dependencies:
- dependency-name: ember-source
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-05 12:56:24 +01:00
Kris f705e6d367
DEV: add class names to group directory table (#21393) 2023-05-05 09:30:54 +10:00
Joffrey JAFFEUX 5e5a67ef88
Revert "DEV: Replace Ember implicit injections with base class extensions (#21258)" (#21397)
This reverts commit 6ce1fbc479.
2023-05-05 09:26:07 +10:00
Daniel Waterworth 0a96579cef
DEV: Allow site setting errors to be displayed as html if they are safe (#21342)
This is only useful for plugins currently

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-05-04 15:01:19 -05:00
Kris 2cc644cec7
DEV: add panel-body-bottom outlet to user menu (#21386) 2023-05-04 13:17:50 -04:00
Andrei Prigorshnev e7faef9d65
DEV: extract emulateAutocomplete test helper (#21363) 2023-05-04 18:09:05 +04:00
Penar Musaraj 76157c6fb0
Revert "A11Y: select kit close on focus out (#21274)" (#21383)
This reverts commit 1b2a1c94d4. Noticed
some issues in Safari macOS that need to be addressed.
2023-05-04 09:45:19 -04:00
Andrei Prigorshnev c1c017f433
DEV: drop a deprecated function (#21364)
I've made sure there are no usages in plugins
2023-05-04 15:25:19 +04:00
Selase Krakani 0424eb8db2
FIX: Ensure expand table works regardless of click event target (#21373)
In the expand table event handler, we currently rely on `event.target`
to select the table being expanded. Sometimes, the target is the svg icon
wrapped inside the button instead of the button itself. This throws
things off.

This change uses `currentTarget` which refers to the button
element even if the event originated from svg icon.
2023-05-04 10:09:37 +00:00
dependabot[bot] b75c17fe42
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#21351)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.21.4 to 7.21.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.8/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-04 11:50:23 +02:00
dependabot[bot] 104b7ed236
Build(deps): Bump @babel/core in /app/assets/javascripts (#21349)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.21.4 to 7.21.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.8/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-04 11:30:57 +02:00
David Taylor 05cd39d4d9
FIX: Do not log 'personal message view' when sending webhook (#21375)
Similar to the issue resolved by 3b55de90e5
2023-05-04 10:15:31 +01:00
dependabot[bot] c8232792eb
Build(deps): Bump webpack in /app/assets/javascripts (#21376)
Bumps [webpack](https://github.com/webpack/webpack) from 5.81.0 to 5.82.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.81.0...v5.82.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-04 10:51:39 +02:00
Penar Musaraj d4a2e9a740
UX: Use fixed colors for admin stacked chart reports (#21371)
* UX: Use fixed colors for admin stacked chart reports

* Fix specs
2023-05-04 08:35:19 +02:00
Krzysztof Kotlarek 709fa24558
DEV: move sidebar community section to database (#21166)
* DEV: move sidebar community section to database

Before, community section was hard-coded. In the future, we are planning to allow admins to edit it. Therefore, it has to be moved to database to `custom_sections` table.

Few steps and simplifications has to be made:
- custom section was hidden behind `enable_custom_sidebar_sections` feature flag. It has to be deleted so all forums, see community section;
- migration to add `section_type` column to sidebar section to show it is a special type;
- migration to add `segment` column to sidebar links to determine if link should be displayed in primary section or in more section;
- simplify more section to have one level only (secondary section links are merged);
- ensure that links like `everything` are correctly tracking state;
- make user an anonymous links position consistence. For example, from now on `faq` link for user and anonymous is visible in more tab;
- delete old community-section template.
2023-05-04 12:14:09 +10:00
Kris 36c3a2422b
UX: in sidebar dropdown mode expose 'more' items (#21372) 2023-05-04 07:26:00 +08:00
Alan Guo Xiang Tan c636fcf4fc
FIX: Blank user messages inbox dropdown on subfolder setup. (#21356)
This commit fixes a bug on subfolder setups where the user messages
inbox dropdown will always be blank. This is because we were comparing
URLs using values from `router.currentURL` and `router.urlFor` where
`router.currentURL` does not include `router.rootURL` while
`router.urlFor` does.
2023-05-04 06:18:05 +08:00
Kris 4f306cf88f
UX: fix color scheme setting reset position (#21365) 2023-05-03 13:37:23 -04:00
Kris 856755a383
FIX: ensure user admin button is present on mobile (#21366) 2023-05-03 13:34:51 -04:00
Bianca Nenciu cc18a99105
FEATURE: Add new notification for admin problems (#21287)
Add new notification for admin problems to replace old PM-based flow.
2023-05-03 19:35:22 +03:00
David Taylor 6ce1fbc479
DEV: Replace Ember implicit injections with base class extensions (#21258)
Ember's implicit injections feature is removed in Ember 4.x. We want to give ourselves more time to migrate to explicit injections, so this commit re-implements our implicit injections as extensions to the base framework classes.

Incremental migration to newer patterns can be achieved using the `@disableImplicitInjections` class decorator (available from `discourse/lib/implicit-injections').

This resolves and unsilences the `implicit-injections` deprecation.
2023-05-03 10:39:30 +01:00
NullVoxPopuli 393e6b4797
DEV: Move app build-time dependencies to devDependencies (#21310) 2023-05-03 09:25:13 +01:00
Loïc Guitaut 783c935dcb DEV: Set limits for text fields in reviewables 2023-05-03 09:54:54 +02:00
Kris 3ea86985b9
UX: fix color preference layout (#21346) 2023-05-03 10:11:52 +08:00
Kris 8caa58acf2
DEV: remove old and experimental user menu styles (#21326) 2023-05-02 15:07:42 -04:00
Penar Musaraj 1b2a1c94d4
A11Y: select kit close on focus out (#21274)
When navigating with the keyboard, the select-kit would not close when
focus was moved to an element outside of the body. For example, when
navigating via Tab or Shift+Tab, once the end (or beginning) of the list
was reached, focus would move out of the SK element, but the SK itself
would stay visible.

Switching from a click event to a focusout event solves the issue and
covers both mouse and keyboard navigation.
2023-05-02 14:22:31 -04:00
Joffrey JAFFEUX 616f4a1118
FIX: disables send btn while uploads in progress (#21298)
Before this fix you could press send while upload was in progress and lose it as it was not yet uploaded.
2023-05-02 18:11:40 +02:00
David Taylor 19540dfa0e
DEV: Do not include silenced Discourse deprecations in counter (#21336)
Silenced Ember deprecations were already being excluded from the test output. This applies the same logic to Discourse deprecations.
2023-05-02 14:55:41 +01:00
NullVoxPopuli b3e063bc63
DEV: Co-locate select-kit component templates (#20779) 2023-05-02 14:10:53 +01:00
Joffrey JAFFEUX 6c90747dea
FIX: correctly use types for reviewables type (#21333)
Before this fix if the underlying model of a reviewable was changed, the filter wouldn't work anymore as it was expecting a 1:1 relation between filter type and model name.

This commit also relies on the `Reviewable.types` array to check against valid types instead of a regex not checking much.

Finally this commit adds a spec to ensure chat reviewables are listable from the review index page.
2023-05-02 14:21:14 +02:00
Gerhard Schlager 01dc461cc2
FIX: Disallow invisible Unicode characters in usernames (#21331)
The list of excluded characters is based on https://invisible-characters.com/ and the list of invisible characters used by Visual Studio Code (https://github.com/hediet/vscode-unicode-data)
2023-05-02 17:34:53 +10:00
Krzysztof Kotlarek a8e28060d1
FIX: rename notify_about_flags_after to notify_about_reviewable_item_after (#21320)
Change name and description for SiteSetting to make it easier to understand.
2023-05-02 08:08:22 +10:00
Mark VanLandingham 86385bc9cf
REVERT: "FEATURE: Offline indicator controlled by message-bus connectivity (#21324)" (#21327)
This reverts commit b1da670898.
2023-05-01 15:27:02 -05:00
Penar Musaraj d697fd5766
DEV: Do not rerender widgets on mouseup/mousedown (#21300)
Ran into an issue with these hooks preventing click events on anchors from completing (because the triggered rerender cancels the click). See:
https://github.com/discourse/discourse-header-search/pull/24

This change should have no effect on existing usage of these hooks. Current usage is limited to:

- legacy navigation (should be a no-op)
- reactions plugin (should be a no-op)
- discourse-header-search (will fix the issue!)
2023-05-01 14:07:49 -04:00
Mark VanLandingham b1da670898
FEATURE: Offline indicator controlled by message-bus connectivity (#21324) 2023-05-01 12:41:30 -05:00
Mark VanLandingham 685e1de3ea
DEV: Fire appEvents for user menu events (opening/clicking) (#21322) 2023-05-01 11:31:57 -05:00
Kris 4cca7de22d
UX: two column dropdown sidebar layout (#21288) 2023-05-01 10:41:28 -04:00
Blake Erickson e2fbf4865a
DEV: Check if video thumbnails site setting is enabled (#21306) 2023-04-28 14:08:20 -06:00
Blake Erickson 0dea991156
FIX: Empty video thumbnails (#21290)
* FIX: Empty video thumbnails

This fix ensures that topic video thumbnail generation is completed
before the composer is allowed to submit which should prevent some bugs
around missing thumbnails on video topics.

* move callback to on upload-success
2023-04-28 12:14:36 -06:00
Jarek Radosz 4a08c23965
DEV: Show select-kit deprecations in non-dev envs (#21297)
We should have them in CI ;) (silenced for now, fixing them is not a priority)
2023-04-28 17:58:41 +02:00
Penar Musaraj a67c96438c
UX: Fix user onebox layout (#21284) 2023-04-28 09:50:49 -04:00
Mark VanLandingham 36d388b57f
Revert "FEATURE: Reimplement offline indicator (#21285)" (#21296)
This reverts commit de1066abcd.
2023-04-28 06:59:10 -05:00
Mark VanLandingham de1066abcd
FEATURE: Reimplement offline indicator (#21285) 2023-04-28 06:32:35 -05:00
dependabot[bot] fe3944f188
Build(deps): Bump webpack in /app/assets/javascripts (#21272)
Bumps [webpack](https://github.com/webpack/webpack) from 5.79.0 to 5.81.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.79.0...v5.81.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-27 20:45:49 +02:00
Daniel Waterworth ae63d9ea09
PERF: Remove unnecessary queries from Theme#set_field (#21281) 2023-04-27 13:04:58 -05:00
Mark VanLandingham 3527fbcd8e
Revert "FEATURE: Service to track message bus connectivity + offline indicator(#21259)" (#21282)
This reverts commit 6bba514b64.
2023-04-27 12:55:41 -05:00
Mark VanLandingham 6bba514b64
FEATURE: Service to track message bus connectivity + offline indicator(#21259) 2023-04-27 11:04:56 -05:00
David Taylor f5fa1ef771
UX: Use dvh for sidebar height (#21278)
This will automatically adjust when browser UI is shown/hidden (e.g. when scrolling up/down on mobile Safari).

Similar approach to c82094cd9d, which targeted the 'slide-in' version of menus.
2023-04-27 16:31:09 +01:00
Loïc Guitaut c4c2da83b4 DEV: Set limits for text fields in badges 2023-04-27 17:22:32 +02:00
Selase Krakani 552697e194
DEV: Add deprecation warning for user_badge_removed event (#21255)
`user_badge_removed` event has been replaced with `user_badge_revoked`
2023-04-27 13:07:02 +00:00
Andrei Prigorshnev e49d338c21
DEV: extract updating status on mentions into a lib function (#21265)
We'll be using this lib function for adding status to mentions in chat.
It's covered with tests in post-inline-mentions-test.js.
2023-04-27 16:02:21 +04:00
Loïc Guitaut a89b3c27aa DEV: set limits for text fields on groups 2023-04-27 13:58:46 +02:00
Sam 2ccc5fc66e
FEATURE: add support for figure and figcaption tags in embeddings (#21276)
Many blog posts use these to illustrate and images were previously omitted

Additionally strip superfluous HTML and BODY tags from embed HTML.

This was incorrectly returned from server.
2023-04-27 19:57:06 +10:00
Penar Musaraj 3abc542e63
FIX: Include group flair in homepage category topic lists (#21268)
Followup to c03f83bbea.

The `flair_group_id` parameter is now required to show the flair, and this serializer was missing that detail. 

This also fixes a typo in the `include_flair_group_name?` method.
2023-04-27 10:18:16 +08:00
dependabot[bot] b988f13817
Build(deps): Bump sass from 1.62.0 to 1.62.1 in /app/assets/javascripts (#21273)
Bumps [sass](https://github.com/sass/dart-sass) from 1.62.0 to 1.62.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.62.0...1.62.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-27 09:03:12 +08:00
Selase Krakani 37cc056c1b
FIX: Ensure group-filtered group user event webhooks fire (#21254)
Group user event webhooks filtered by group fail silently
because the `group_ids` job arg wasn't being passed into the job.

This change add's `group_ids` to the `EmitWebHookEvent` jobs queued for
`user_added_to_group` and `user_removed_from_group` events.
2023-04-26 22:38:28 +00:00
Penar Musaraj 3c4241c0b6
A11Y: Use correct structure for badge headings (#21267) 2023-04-26 17:40:00 -04:00
Blake Erickson 67a8c13197
DEV: Create a site setting for video thumbnails (#21266)
Creating a way to disable the auto generation of video thumbnails.
2023-04-26 14:18:59 -06:00
Isaac Janzen c6d44e504f
DEV: Remove legacy resolver (#21263) 2023-04-26 13:39:15 -05:00
chapoi 1372c5c435
UX: onebox/blockquote/chatreaction slight accent colour change (#21252) 2023-04-26 15:11:20 +02:00
Andrei Prigorshnev 9932f144c2
DEV: Warn when trying to track user status for user models without ID (#21205)
User status updates come from the server in a map where keys are user IDs. 
If user.trackStatus() is called for a user model without an ID, the model 
cannot identify its status updates and silently misses them. It's quite hard to 
notice that a user rendered in the UI doesn't receive live status updates. 
Also, it's not immediately obvious what's the reason of the problem. 
A warning will be very helpful here.
2023-04-26 17:05:47 +04:00
David Taylor 22991bba44 DEV: Update references from `controller:composer` to `service:composer` 2023-04-26 12:19:41 +01:00
David Taylor 346d80b582 DEV: Convert composer controller to service
Named outlets are deprecated and will be removed in Ember 4.x.

Backwards-compatibility shims are introduced so that plugin overrides to `controller:composer` are ported to `service:composer`.
2023-04-26 12:19:41 +01:00
David Taylor 0d4f77af54 DEV: Move composer template and controller to component/service
This commit simply renames the files to make our git history cleaner
2023-04-26 12:19:41 +01:00
dependabot[bot] dd19f3dbc0
Build(deps): Bump patch-package in /app/assets/javascripts (#21244)
Bumps [patch-package](https://github.com/ds300/patch-package) from 6.5.1 to 7.0.0.
- [Release notes](https://github.com/ds300/patch-package/releases)
- [Changelog](https://github.com/ds300/patch-package/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ds300/patch-package/compare/v6.5.1...v7.0.0)

---
updated-dependencies:
- dependency-name: patch-package
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-26 10:45:23 +02:00
Joffrey JAFFEUX 427fa36edd
FIX: generates markdown from pasting link (#21241)
After removing `TextareaTextManipulation` from `ChatComposer` and using `TextareaInteractor` as a proxy, one function has been forgotten: `paste(event)` which is not available in glimmer components anymore, and even less avaiable now that the mixin is not tied to a component anymore but a real DOM node. As a solution we now add a manual paste event listener which will call `paste(event)`.
2023-04-26 10:05:48 +02:00
Canapin 1de513cbdd
UX: Fix space position in badge counts (#21240) 2023-04-26 06:15:26 +08:00
Kris 06893d8505
UX: minor installation success style adjustments (#21239) 2023-04-25 15:50:54 -04:00
Penar Musaraj 4e0c07c56d
UX: Include subcategories in crawler view (#21227)
Adds a bit more information to the categories view for crawlers, for better indexing of deep content.

This only works when the "Subcategories with Featured Topics" is the selected layout.
2023-04-25 10:51:45 -04:00
Andrei Prigorshnev 0ea5ae86ff
DEV: return user IDs on the user search route (#21206)
We call the `/u/search/users` URL when autocompleting users. It returns 
user's name, username and avatar template, but not user ID.

We need it to return user IDs in order to display user status in certain situations. 
I could add ID to FoundUserWithStatusSerializer, so it will be added only if 
user status is enabled in site settings. But I feel that it's good to always return it, 
it's not a lot of data comparing to what we already return, and it should be useful 
in other scenarios.
2023-04-25 18:25:57 +04:00
Penar Musaraj b59e0b22f4
DEV: Add error message styling (#21225)
To security key errors when confirming new email.
2023-04-25 08:40:18 -04:00
Joffrey JAFFEUX bf886662df
UX: improves composer and thread panel (#21210)
This pull request is a full overhaul of the chat-composer and contains various improvements to the thread panel. They have been grouped in the same PR as lots of improvements/fixes to the thread panel needed an improved composer. This is meant as a first step.

### New features included in this PR

- A resizable side panel
- A clear dropzone area for uploads
- A simplified design for image uploads, this is only a first step towards more redesign of this area in the future

### Notable fixes in this PR

- Correct placeholder in thread panel
- Allows to edit the last message of a thread with arrow up
- Correctly focus composer when replying to a message
- The reply indicator is added instantly in the channel when starting a thread
- Prevents a large variety of bug where the composer could bug and prevent sending message or would clear your input while it has content

### Technical notes

To achieve this PR, three important changes have been made:

- `<ChatComposer>` has been fully rewritten and is now a glimmer component
- The chat composer now takes a `ChatMessage` as input which can directly be used in other operations, it simplifies a lot of logic as we are always working a with a `ChatMessage`
- `TextareaInteractor` has been created to wrap the existing `TextareaTextManipulation` mixin, it will make future migrations easier and allow us to have a less polluted `<ChatComposer>`

Note ".chat-live-pane" has been renamed ".chat-channel"

Design for upload dropzone is from @chapoi
2023-04-25 10:23:03 +02:00
Ted Johansson 02625d1edd
DEV: Only allow expanding hidden posts for author and staff (#21052) 2023-04-25 13:37:29 +08:00
Sam fd4aea7bc5
FIX: bbcode URLs not handling paths correctly (#21215)
Due to the order we were parsing markdown, bbcode [url] elements were not
handled properly.

`[url]https://example.com/path[/url]` was not currectly parsing cause
linkify was detecting the url as: `https://example.com/path[/url]` which is
legit.

To resolve this I swapped url to use a replace rule, and instead re-parsed
the internal payload and injected the tokens in.

This fix is complex cause we support stuff like

`[url][b]test.com[/b][/url]`

So we need to parse the content inside url `[b]test.com[/b]`
2023-04-25 11:28:32 +10:00
Isaac Janzen 366ff0e76b
FIX: Don't display destroy reviewable button on client (#21226)
# Context

https://meta.discourse.org/t/missing-translate-in-review-page/262604

![image](https://user-images.githubusercontent.com/50783505/234089049-72332040-e7d5-4081-824a-b0b36e37187a.png)

An additional button was added as a result of dd495a0e19 which was intended to grant access to deleting reviewable from the API. 

We were being too flexible by only checking if the user was an admin

012aaf0ba3/lib/guardian.rb (L237)

where it should instead by scoped to check if the request was an API call.

# Fix

https://github.com/discourse/discourse/pull/21226/files#diff-0a2548be4b18bd4ef2dffb3ef8e44984d2fef7f037b53e98f67abea52ef75aa2R237

# Additions

Added a new guard of `is_api?`

https://github.com/discourse/discourse/pull/21226/files#diff-0a2548be4b18bd4ef2dffb3ef8e44984d2fef7f037b53e98f67abea52ef75aa2R657-R660

In `app/models/reviewable.rb` we check if the user has the permissions to the destroy action via the `Guardian`. To do this we were instantiating a new `Guardian` class which then caused us to lose the context of the request. The request is a necessary component in the guard of `is_api?` so we needed to pass the already defined Guardian from the `app/controllers/reviewables_controller.rb` to the `#perform` method to ensure the request is present.
2023-04-24 20:22:37 -05:00
Selase Krakani cdf1589a85
FEATURE: Add support for user badge revocation webhook events (#21204)
Currently, only user badge grants emit webhook events. This change
extends the `user_badge` webhook to emit user badge revocation events.

A new `user_badge_revoked` event has been introduced instead of relying
on the existing `user_badge_removed` event. `user_badge_removed` emitted
just the `badge_id` and `user_id` which aren't helpful for generating a
meaningful webhook payload for revoked(deleted) user badges.

The new event emits  the user badge object.
2023-04-24 20:36:40 +00:00
Jan Cernik c03f83bbea
FIX: Show auto-group flair according to user preferences (#21221) 2023-04-24 16:04:26 -03:00
Blake Erickson 6890beb95a
FIX: Blank video thumbnails (#21200)
* FIX: Blank video thumbnails

On some mobile and possibly other browsers, the automatic video
thumbnail generation would create blank or all white images.

This commit addresses several different issues that was preventing image
generation from working correctly on mobile.

* fix typo
2023-04-24 12:34:30 -06:00
David Taylor cd88af8876
FIX: Ensure reviewable counts are updated correctly for new user menu (#21222)
On the client-side, message-bus subscriptions and reviewable count UI is based on the 'redesigned_user_menu_enabled' boolean. We need to use the same logic on the server-side to ensure things work correctly when legacy navigation is used alongside the new user menu.
2023-04-24 16:59:32 +01:00
Mark VanLandingham 012aaf0ba3
PERF: Don't serialize value for theme_fields unnecessarily (#21201)
The value field of ThemeField is only used when viewing a diff in the staff action logs and local theme editing. value is being serialized into the theme index as well, which is not used. It's a huge amount of JSON that we can cut by removing it.

This also breaks up the various theme serializers into separate classes so they autoload properly (or at least restart the server on edit)
2023-04-24 09:30:51 -05:00
Isaac Janzen 599979902e
FIX: Error when trying to bump a topic with no category (#21207)
When revising a post, if the topic that post belonged to did not have a category attached it would error with 

> NoMethodError (undefined method `read_restricted' for nil:NilClass)
2023-04-24 09:28:10 -05:00
David Taylor aa5038a352
DEV: Update plugin-api docs for new user menu (#20808)
The updated user menu is the default for new sites, and will soon be enabled on older sites. This commit removes the 'EXPERIMENTAL' warning from the new `registerUserMenuTab` API, and adds a note to the `addUserMenuGlyph` documentation.
2023-04-24 12:00:22 +01:00
dependabot[bot] 4aa81e709e
Build(deps): Bump eslint in /app/assets/javascripts (#21213)
Bumps [eslint](https://github.com/eslint/eslint) from 8.38.0 to 8.39.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.38.0...v8.39.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 11:19:57 +02:00
Jarek Radosz 9e2a490f79
DEV: Extract build-quote tests (#21217)
They are not related to pretty-text.
2023-04-24 11:19:28 +02:00
dependabot[bot] 7464634f69
Build(deps): Bump sinon from 15.0.3 to 15.0.4 in /app/assets/javascripts (#21195)
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.0.3 to 15.0.4.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v15.0.3...v15.0.4)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 14:42:00 +10:00
Osama Sayegh 2bcbabc087
FIX: Include liked_consolidated and reaction types in the likes tab unread count (#21198) 2023-04-24 14:33:09 +10:00
Blake Erickson 6ae0c42c01
FIX: Do not overwrite existing thumbnails (#21199)
* FIX: Do not overwrite existing thumbnails

When auto generating video thumbnails they should not overwrite any
existing topic thumbnails.

This also addresses an issue with capitalized file extensions like .MOV
that were being excluded.

* Update app/models/post.rb

Remove comment

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>

---------

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-04-21 13:33:33 -06:00
Penar Musaraj 34ffc0065a
FIX: Better detect text selection in search input (#21202)
Followup to 17ba00c395.
Fix for https://meta.discourse.org/t/-/261917

This fixes a usability issue where the user couldn't switch to the user
menu when the search menu was visible and the text in the input was
selected.

Explanation: The `click` event is triggered both when clicking and when
selecting some text and clicking. This means that when selecting text in
the search input, at the end of the selection event, a click event was
triggered. And if that click event happened to be outside of the search
menu, then the menu would be dismissed.

Previously, we fixed this by checked if a current text selection was
present. But that results in a small side-effect of not switching to
other menus. This PR switches to setting a flag during `mouseDown` and
then using that flag when evaluating whether to trigger clickOutside or
not.
2023-04-21 14:30:47 -04:00
Krzysztof Kotlarek 3e414996c2
FIX: increase reorder sidebar delay for desktop (#21196)
100ms as a single click was too fast, because average single click is closer to 250ms.

Previous PR: https://github.com/discourse/discourse/pull/21098
2023-04-21 11:01:52 +10:00
Isaac Janzen ce9cccb2fc
FIX: Don't render error for bad-sequence (#21187)
We are seeing issues with the composer not being able to close due to the addition of a error message when rescuing from `Draft::OutOfSequence`. This PR will revert to the original solution implemented prior to https://github.com/discourse/discourse/pull/21148 that just silently rescues from `Draft::OutOfSequence`
2023-04-20 10:26:11 -05:00
Isaac Janzen dd495a0e19
FEATURE: Allow admins to delete reviewables via API (#21174)
This PR adds the ability to destroy reviewables for a passed user via the API. This was not possible before as this action was reserved for reviewables for you created only.

If a user is an admin and calls the `#destroy` action from the API they are able to destroy a reviewable for a passed user. A user can be targeted by passed either their:
- username
- external_id (for SSO) 

to the request.

In the case you attempt to destroy a non-personal reviewable and
- You are not an admin
- You do not access the `#destroy` action via the API

you will raise a `Discourse::InvalidAccess` (403) and will not succeed in destroying the reviewable.
2023-04-20 09:38:41 -05:00
Kris a03f85ad4a
UX: better digest centering in event of truncation (#21176) 2023-04-20 09:33:50 -04:00
Jarek Radosz 43e0025141
Revert "DEV: Merge package.json files (#21172)" (#21182)
This reverts commit 49a1e1cd0e.

Is causing issues in prod-adjacent environments (Jenkins)
2023-04-20 14:57:40 +02:00
Jarek Radosz 49a1e1cd0e
DEV: Merge package.json files (#21172)
This means: a single yarn.lock and removing one of the package.json files
2023-04-20 12:46:12 +02:00
Ted Johansson e002a24eca
FEATURE: Add new don't feed the trolls feature (#21001)
Responding to negative behaviour tends to solicit more of the same. Common wisdom states: "don't feed the trolls".

This change codifies that advice by introducing a new nudge when hitting the reply button on a flagged post. It will be shown if either the current user, or two other users (configurable via a site setting) have flagged the post.
2023-04-20 15:49:35 +08:00
Martin Brennan 86204fa4f0
FIX: Hashtag subcategory ref incorrect when not highest-ranked type (#21163)
This commit fixes the following scenario:

1. The user is searching for hashtags in chat, where the subcategory
   type is not highest-ranked in priority order.
2. There can, but doesn't have to be, a higher-ranked matching chat
   channel that has the same slug as the subcategory.
3. Since it is not the highest-ranked type, the subcategory, which
   normally has a ref of parent:child, has its ref changed to
   child::category, which does not work

This was happening because whenever a hashtag type was not highest
ranked, if _any_ other hashtag results conflicted slugs, we would
append the ::type suffix. Now, we only append this suffix if a
higher-ranked type conflicts with the hashtag, and we use the current ref
to build the new typed ref to preserve this parent:child format as well,
it's more accurate.
2023-04-20 09:03:55 +10:00
Isaac Janzen a3693fec58
FEATURE: Allow drafts to be deleted via the API (#21148)
This PR adds the ability to destroy drafts for a passed user via the API. This was not possible before as this action was reserved for only your personal drafts.

If a user is an admin and calls the `#destroy` action from the API they are able to destroy a draft for a passed user. A user can be targeted by passed either their:
- username
- external_id (for SSO) 

to the request.

In the case you attempt to destroy a non-personal draft and
- You are not an admin
- You do not access the `#destroy` action via the API

you will raise a `Discourse::InvalidAccess` (403) and will not succeed in destroying the draft.
2023-04-19 14:41:45 -05:00
Mark VanLandingham ff56f403a2
DEV: Add class to composer-ope plugin outlet container (#21171) 2023-04-19 11:47:56 -05:00
Jarek Radosz 9858171f3c
FIX: Resetting user directory columns (#21162)
Having any `plugin` type columns was breaking "Reset to default" functionality.
2023-04-19 17:27:41 +02:00
Canapin 4b9a52cd7c
UX: fix time pickers input width on mobile (#21170) 2023-04-19 10:08:24 -05:00
Canapin bc7ef70380
UX: fix kbd tag text's color in the composer full screen prompt (#21169) 2023-04-19 10:05:26 -05:00
Kris 4eb7d2d79b
UX: improve layout and styles for solo preferences (#21094) 2023-04-19 09:41:02 -04:00
Kris af58dbeb24
UX: update ring animation to avoid scroll (#21150) 2023-04-19 09:13:50 -04:00