Commit Graph

20795 Commits

Author SHA1 Message Date
Robin Ward e5525d03b8 FIX: Yet more linting fixes 2019-10-29 16:14:46 -04:00
Robin Ward 5ca60fcb6b REFACTOR: Use imports for `Ember.run` 2019-10-29 15:31:56 -04:00
Mark VanLandingham c7475ee03b
DEV: Import EmberObject rather than global variable (#8256)
* DEV: Import ember/object rather than Ember.Object globally

* fixed broken object proxy import

* prettier on js

* added @ember/object/proxy to loader

* added unstaged file

* Fixed objet proxy reference is loader

* Linting!
2019-10-29 14:23:50 -05:00
Jeff Wong 74dc37c07c FIX: upserting custom fields using keywords converts the array key to a string 2019-10-29 11:35:38 -07:00
Robin Ward 356e2a4b4a FIX: Linting 2019-10-29 13:31:44 -04:00
Robin Ward 230541c975 REFACTOR: Use Ember modules for `@ember/service` 2019-10-29 13:29:08 -04:00
Robin Ward a99c705c21 REFACTOR: Replace `Ember.controller.inject` with import
Puts it more in line with updated ember code
2019-10-29 13:17:38 -04:00
Mark VanLandingham 0a499966e9
DEV: Refactor setting component save callback (#8261)
* DEV: Refactor setting component save callback

* refactor site-setting component around new callback

* add callback to theme-translation component

* remove the save callback altogether
2019-10-29 12:01:45 -05:00
Daniel Waterworth 2e979a4681 DEV: Passing the list options to page_params is unnecessary
They are always merged with the result before being used.
2019-10-29 12:03:24 +00:00
Bianca Nenciu ff9345fbb0
DEV: simplify logic (#8249)
Anonymous users are only possible if allow_anonymous_posting is true,
which means that 'user.is_anonymous' check implies that
allow_anonymous_posting is true.
2019-10-29 12:10:27 +02:00
Daniel Waterworth 2989276c06 DEV: url_for on a String returns the string unchanged
...which makes it quite unnecessary.
2019-10-29 08:56:46 +00:00
Sam Saffron 492742837e PERF: stop destroying drafts on client when posting replies
The server already ensures it advances draft keys when a post is created
this means this code that used to delete drafts is simply introducing
composer delays with no benefit.
2019-10-29 17:07:33 +11:00
Sam Saffron 001c593155 FIX: place image scale buttons unconditionally
Defer placing scale buttons causes "scale image" buttons to be missing if
you manage to scroll mouse to the area where the image is prior to image
rendering.

This fix ensures scale buttons are always rendered leaving all the hiding
and styling entirely to CSS.

This also corrects a bug where scaling toolbar was missing on mobile
2019-10-29 15:52:17 +11:00
Neil Lalonde f686ab988f FIX: close modals on ESC key and clicking outside 2019-10-28 17:23:30 -04:00
Neil Lalonde 4935c9f1f8 DEV: replace inline RTL attributes with classes in digest.html.erb 2019-10-28 16:36:55 -04:00
Kris bacc114462 UX: Convert alert & modal close to buttons for improved accessibility 2019-10-28 16:04:29 -04:00
Oliver Walker 3b72a36c5d create plugin outlet and pass model to above-review-filters (#8257) 2019-10-28 15:44:13 -04:00
David Taylor 071a82efe3 FIX: Correct error when sending PM to email address 2019-10-28 18:32:43 +00:00
Daniel Waterworth 918bb76f76 DEV: No need to look up a category repeatedly by its slug 2019-10-28 18:30:40 +00:00
Simon Cossar 79c2138955
Fix github oneboxes for RTL locales (#8245) 2019-10-28 11:09:42 -07:00
Mark VanLandingham 4eb54f08b2
FEATURE: Site setting/UI to allow users to set their primary group (#8244)
* FEATURE: Site setting/ui to allow users to set their primary group

* prettier and remove logic from account template

* added 1 to 43 to make web_hook_user_serializer_spec pass
2019-10-28 12:46:27 -05:00
Daniel Waterworth 0e1c5c6bba FIX: Prefer Category.find_by_slug over Category.find_by(slug: ...)
It handles encoded slugs properly and ignores subcategories.
2019-10-28 17:05:21 +00:00
Jarek Radosz 5776251cdd
DEV: Remove an obsolete "preferences/about-me" route (#8251)
User's title and bio can be changed on the "preferences/account" page.
2019-10-28 17:29:14 +01:00
Mark VanLandingham 437edfc415
FEATURE: Welcome moderator message - add copy! (#8246) 2019-10-28 08:58:45 -05:00
David Taylor 6de49b88df FIX: Respond to user search correctly when category_id is blank
Previously it would search for category_id=0, which does not exist. With the new permission checks, this returns a 404
2019-10-28 13:18:47 +00:00
David Taylor eec464d8d1 SECURITY: Check permissions when autocompleting mentions 2019-10-28 11:01:47 +00:00
Joffrey JAFFEUX 88df84bf2b
FIX: theme component setting was not getting updated in the UI (#8247) 2019-10-28 10:33:31 +01:00
Sam Saffron 3d85cc1e69 PERF: run expensive clean up uploads less frequently
Previously every hour we would run a full scan of the entire DB searching
for expired uploads that need to be moved to the tombstone folder.

This commit amends it so we only run the job 2 times per clean_orpha_uploads_grace_period_hours

There is a upper bound of 7 days so even if the grace period is set really
high it will still run at least once a week.

By default we have a 48 grace period so this amends it to run this cleanup
daily instead of hourly. This eliminates 23 times we run this ultra expensive
query.
2019-10-28 11:14:52 +11:00
Neil Lalonde 4c2d6e19ba PERF: cache new users counts in summary emails
The query to count how many new users there are since a given date
is expensive. It's the least personalized stat and the one we fallback
to last when no better number can be found for the target user.
Give up accuracy so we can aggressively cache the user counts
that appear in this email.
2019-10-25 16:33:36 -04:00
Roman Rizzi 070a3dcf9b
FIX: When running the wizard and using a custom theme, fallback to the color_scheme name if the base_scheme_id is nil (#8236) 2019-10-25 09:29:51 -03:00
Sam Saffron 5ae35f9906 FIX: allow storage of non unique rows in oauth2_user_infos
Certain DBs have duplicates already, if we want to ensure uniqueness here
we need to decide first how to clean up existing data and confirm all the
plugins expect this.
2019-10-25 11:57:34 +11:00
Krzysztof Kotlarek ae108b363f
FIX: Hide muted subcategories (#8239)
That bug was mentioned in [meta](https://meta.discourse.org/t/muting-categories-hides-them-muting-subcategories-should-too/131316)

Problem is that subcategories are always visible in `/categories` path even if muted.

Categories/subcategories are loaded in at least two places
https://github.com/discourse/discourse/blob/master/app/assets/javascripts/discourse/models/site.js.es6#L146
https://github.com/discourse/discourse/blob/master/app/assets/javascripts/discourse/routes/discovery-categories.js.es6#L46

I discussed that with @jjaffeux and we thought that maybe it would be a good idea to filter that on frontend level
2019-10-25 10:08:13 +11:00
Robin Ward 7b04bb7290 Add event for when a post is flagged
This allows plugins to track events such as analytics.
2019-10-24 16:48:18 -04:00
Mark VanLandingham 9592ab57e0
FIX: failing build with prettier (#8241) 2019-10-24 10:16:12 -05:00
Mark VanLandingham da5e9af10a
FEATURE: Add remembering topic list for group pms (#8235)
* FEATURE: Add remembering topic list for group pms

* added findOrResetCachedBy helper in topic-list

* Created cached-topic-list.js

* Update app/assets/javascripts/discourse/routes/build-private-messages-route.js.es6

Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2019-10-24 09:27:03 -05:00
Bianca Nenciu 690db4fd36
FIX: Show poll voters in Oneboxed posts. (#7768) 2019-10-24 14:00:25 +03:00
Arpit Jalan b3cd83460b FIX: check for presence of liked post before creating notification 2019-10-24 14:25:56 +05:30
Neil Lalonde cfe26eb301 FIX: backwards compatibility for uncompiled email style css 2019-10-23 19:22:33 -04:00
Vinoth Kannan 40254bae1b FIX: Do not load group members when user can't see it. 2019-10-24 01:57:29 +05:30
Neil Lalonde f061aee818 FEATURE: support SCSS in custom email style
In the CSS tab of Admin > Customize > Email Style, SCSS can now be used.
2019-10-23 15:42:37 -04:00
Vinoth Kannan 0dcb4bef20 FIX: should not disable topic inputs while creating new topic.
31577b2131
2019-10-24 01:04:37 +05:30
Vinoth Kannan 726bf37a12 FEATURE: wiki editors are allowed edit tags for wiki topics.
If a wiki editor's TL is greater than 'min trust level to tag topics' site setting then they can edit the tags for any wiki topic.
2019-10-23 23:50:10 +05:30
Vinoth Kannan 31577b2131 FEATURE: wiki editors are allowed edit tags for wiki topics.
If a wiki editor's TL is greater than 'min trust level to tag topics' site setting then they can edit the tags for any wiki topic.
2019-10-23 23:35:38 +05:30
Robin Ward 9347108f02 Support for importing jQuery
Also remove Ember.Qunit error about Ember.$ for now
2019-10-23 13:25:25 -04:00
Robin Ward 39159ad5e4 FIX: Wizard tests were broken with new loader 2019-10-23 13:15:28 -04:00
Robin Ward 391db25665 FIX: Sortable controller var conflict 2019-10-23 13:08:41 -04:00
Robin Ward 6287eccb35 REFACTOR: Remove `Ember.Controller` in favor of import 2019-10-23 13:06:54 -04:00
Robin Ward e18af18fec Support and examples for `Ember.Object` and `Ember.Controller` imports
We should stop using global variables and instead import these as
needed.
2019-10-23 12:55:11 -04:00
Robin Ward 0b37a3c235 Additioning Linting fixes 2019-10-23 12:41:58 -04:00
Robin Ward dd3ace5c77 REFACTOR: Replace `Ember.Route` with proper import 2019-10-23 12:39:32 -04:00
Robin Ward a8a76198b1 REFACTOR: Remove `Ember.Component` global variable
Use imports instead.
2019-10-23 12:30:52 -04:00
Joffrey JAFFEUX 3db61aa18a
UX: applies correct background to <select> on dark themes (#8234) 2019-10-23 17:10:10 +02:00
Penar Musaraj 4fa1ef0945 UX: Improve quoting on iOS
Fixes quote usability on iOS when the button is near the right edge of the screen.
2019-10-23 10:44:47 -04:00
Dan Ungureanu a7301c8671 PERF: Add index on group to category_groups (#8231) 2019-10-23 10:30:43 +01:00
Dan Ungureanu 09a569aaba PERF: Add unique index oauth2_user_infos(user_id, provider) (#8230) 2019-10-23 10:27:56 +01:00
Sam Saffron 676c432b0f FIX: notifications are missing under certain conditions
This simplifies the code for refreshing notification counts. It now
unconditionally looks up the user object which protects against stale objects
in memory.

This also removes a pile of conditional logic we no longer need.
2019-10-23 16:09:55 +11:00
Penar Musaraj ab6a540fc4 UX: fixes regression with iOS composer
Fixes a bug introduced in e83c2488a2 where dismissing the keyboard in iOS would not minimize the composer.
2019-10-22 23:10:18 -04:00
Kris 67ad8fbd1b minor button styling for admin login 2019-10-22 16:45:23 -04:00
Kris d4f1e6d11b UX: update disabled dropdowns style w/ color variables 2019-10-22 16:32:24 -04:00
Penar Musaraj 2ab6a68629 UX: Standardize tag display in search menu results
This allows theme components (like discourse-tag-icons) to apply to tag results in search menu.
2019-10-22 14:19:24 -04:00
romanrizzi a411806551 FIX: Return blank avatar when downloading an avatar is not possible due to file size 2019-10-22 12:05:36 -03:00
romanrizzi e112369bb6 FIX: Exclude image_url from web_hook_topic_view_serializer 2019-10-22 11:53:24 -03:00
Blake Erickson 7d09af7eda
FIX: Prevent null-byte searches causing 500 error (#8226)
This fix ensures that searches that contain a null byte return a 400
error instead of causing a 500 error.

For some reason from rspec we will reach the raise statement inside
of the `rescue_from ArgumentError` block, but outside of rspec it will
not execute the raise statement and so a 500 is thrown instead of
reaching the `rescue_from Discourse::InvalidParameters` block inside of
the application controller.

This fix raises Discourse::InvalidParameters directly from the search
controller instead of relying on `PG::Connection.escape_string` to
raise the `ArgumentError`.
2019-10-22 08:44:52 -06:00
Robin Ward 283a0add80
Support for importing `@ember/component` and `@ember/routing/route` (#8214)
This will allow us to take the first step in updating our modules
to be consistent with example Ember code and to align with Ember CLI.
2019-10-22 09:47:27 -04:00
Mark VanLandingham e5311ab645 DEV: Import DiscourseRoute rather than Discourse.Route (#8225)
* DEV: Discourse.Route -> DiscourseRoute with import

* ran prettier on all routes

* prettiered one more file
2019-10-22 09:46:10 -04:00
Blake Erickson 3201613f13 FEATURE: Include image url in topic serializer
The `image_url` is already included when fetching a list of topics, and
this commit adds it to the individual topic serializer so that it is
available via the api.

See

https://meta.discourse.org/t/single-topic-api-endpoint-should-contain-image-url/131020

for more details.
2019-10-21 22:02:49 -06:00
Blake Erickson ef0fe51e05
FIX: Include user id in notification webhook (#8195)
The payload when receiving a notification webhook is pointless without
knowing which user the notification is for. This fix adds the user_id to
the notification serializer so that when you receive a notification
webhook you can properly identify which user the notification is for.

See

https://meta.discourse.org/t/getting-the-target-user-for-notification-webhook-events/129052?u=blake

for more details.
2019-10-21 16:24:41 -06:00
Dan Ungureanu 2f54dd5e3d
FIX: Load user model when some attributes are missing.
Follow-up to 3ad07aacfa.
2019-10-21 21:05:25 +03:00
Robin Ward ab53b485b4 Add setter for `excerpt_size` so plugins can set it more easily 2019-10-21 13:44:32 -04:00
Michael Brown 40b0b549ff DEV: update the comments re the encoded slug changes
* followup to 2e73985d
2019-10-21 13:39:45 -04:00
Rafael dos Santos Silva 2e73985d1b FIX: Make category updates slug validation idempotent
Co-authored-by: Michael Brown <supermathie@gmail.com>
2019-10-21 14:33:19 -03:00
Dan Ungureanu 3ad07aacfa
FIX: Reload only notifications when refreshing notification count (#8221)
Previously, we used to reload the whole User instance which discarded
any changes made (for example setting 'unstage' to false).
2019-10-21 20:25:46 +03:00
Dan Ungureanu 1358312584
FIX: Zeitwerk-related fixes for jobs. (#8219) 2019-10-21 20:25:35 +03:00
Kris b41b12ad71
Add unique class to custom field wrappers (#8193) 2019-10-21 12:22:55 -04:00
Kris 56862f61c0
Add group name classes to tag page so groups can be hidden with CSS (#8118) 2019-10-21 12:22:19 -04:00
Robin Ward 3085b923f6 Removed `MOVED_MODULES` which is 3 years old 2019-10-21 11:59:13 -04:00
Robin Ward 9dcdbcfd5b Run prettier on the loader 2019-10-21 11:56:15 -04:00
David Taylor cc56f226b8 FIX: Correct mention autocomplete in new topics in unsecured categories
When autocompleting mentions in secure categories, we immediately populate the list with users which have permission to view the category. This logic is applied to unsecured categories as well, but the server returns an empty list of users. This commit teaches the autocomplete to understand empty lists of users without terminating the autocomplete dropdown.
2019-10-21 14:52:54 +01:00
Daniel Waterworth 594925b896 FIX: id is always true since it's been to_i'd
Let's only look up the category if the id has been provided
2019-10-21 13:21:12 +01:00
Daniel Waterworth 55a1394342 DEV: pluck_first
Doing .pluck(:column).first is a very common pattern in Discourse and in
most cases, a limit cause isn't being added. Instead of adding a limit
clause to all these callsites, this commit adds two new methods to
ActiveRecord::Relation:

pluck_first, equivalent to limit(1).pluck(*columns).first

and pluck_first! which, like other finder methods, raises an exception
when no record is found
2019-10-21 12:08:20 +01:00
Joffrey JAFFEUX 72822aa93f
FIX: d-button should default type to button (#8217)
This will prevent unexpected behaviour of  d-button being considered as a submit button.
2019-10-21 09:42:19 +02:00
Sam Saffron 98d6cee7c7 FIX: various fixes to draft system
- destroyDraft which is called when we cancel a draft is now async,
  removing race conditions when you click "reply" to a post and are
  already editing. We used to trigger double dialogs for cancelling
  drafts which was confusing.

- Remove reply as new topic / reply as pm keys, they are no longer
  used and only caused confustion. For example we used to pop up a
  warning when you are composing a reply and flick to reply as
  new topic

- Remove createTopic key, this was a bug that proliferated. Whenever
  creating a topic via the C shortcut or clicking on new topic on full
  screen search the correct new topic draft key will be used
  consistently

- When abandoning an edit we now say "Are you sure you want to discard
  your changes" (instead of abandon your post which is confusing)
2019-10-21 17:24:06 +11:00
Mark VanLandingham 054fbd7846
FEATURE: Remember scroll position in private message lists (#8212)
* FEATURE: remember position in private message lists

* Unified saving scroll position between topic lists

* added discovery-topics-list template

* ran prettier

* removed dynamic scroll key

* JS cleanup
2019-10-18 13:16:52 -05:00
tshenry 95114f87ae
Improve spam_hosts copy (#8203)
- Increase size of the reviewable's conversation excerpt to prevent truncation of the new copy
- Remove the `domain` parameter from the `flag_linked_posts_as_spam` method in the user model since it is no longer needed
- Remove the `domain` interpolation variable from all translation files
- Add "All posts from this user that include links should be reviewed." to server.en.yml for added clarity on why the posts entered the queue
2019-10-18 09:31:15 -07:00
Joffrey JAFFEUX 2fa3808928
FIX: polyfills forEach support on NodeList for IE11 (#8213) 2019-10-18 12:27:51 +02:00
Jarek Radosz ac06c87b43
DEV: Remove badge-select-controller (#8207)
* DEV: Remove badge-select-controller

1. The `selectableUserBadges` computed property of `badge-title` was being incorrectly overwritten, which triggered computed-property.override deprecation.

2. The `badge-select-controller` mixin contained properties that were used either by `badge-title` component or `badges/show` controller, but none were being used by both. This change moves properties where they belong, and removes the mixin.

* Update app/assets/javascripts/discourse/controllers/badges/show.js.es6

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

* Improve code brevity
2019-10-18 02:17:05 +02:00
Jarek Radosz 7de3e7b322
DEV: Fix the `Function.prototype.on` deprecation (#8205)
https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-on
2019-10-18 01:49:41 +02:00
Jarek Radosz f6ea986aec
DEV: Remove `suspend` from Admin::UsersController responses (#8206)
`suspend` isn't a User attribute, but was being assigned to the frontend User model as if it was. The model has a computed property that depends on `suspended_till`, so instead of overriding this property, it's better to return relevant attributes.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-10-18 01:49:26 +02:00
Rafael dos Santos Silva 42c2068ada DEV: fix prettier offense 2019-10-17 17:39:44 -03:00
Rafael dos Santos Silva f97b6e85da FIX: Handle encoded slugs for subcategories 2019-10-17 17:02:17 -03:00
Neil Lalonde 85140aa09a UX: dashboard links to git commits list instead of git comparison
Previously the link went to a comparison of the installed commit with
the tests-passed branch. This change will show the list of installed
commits.
2019-10-17 15:08:43 -04:00
David Taylor d1b86352d4
UX: Make group membership UI clearer (#8210)
The 'automatically set primary group' checkbox looked like it was associated with the email membership. In fact, it applies to all members who join the group. This commit moves it next to the 'automatic trust level' setting, and puts them both under an 'Effects' heading
2019-10-17 18:05:42 +01:00
Vinoth Kannan 3cdcd093ee
REFACTOR: improve the code readability. (#8211)
b2f682f35e
2019-10-17 22:05:44 +05:30
Mark VanLandingham bd969332e0 FIX: Display site text overrides for non '_MF' keys (#8189)
FIX: Transform pluralized keys to `.other`, to check valid interpolation
2019-10-17 18:34:07 +02:00
David Taylor ecfba0bb37 UX: Ensure GitHub onebox info does not wrap unnecessarily 2019-10-17 11:00:44 +01:00
Joffrey JAFFEUX b6ef473a31
DEV: prevents redefinition of various constants (#8199)
CLEANUP_GRACE_PERIOD
MAX_AWARDED
POLL_MAILBOX_TIMEOUT_ERROR_KEY
2019-10-17 09:18:07 +02:00
Sam Saffron cb0443792b DEV: correct revision debouncer for backup draft
We were debouncing on update_at which we kept on pushing forward, this
was leading to not enough revisions.
2019-10-17 17:41:28 +11:00
Sam Saffron 3314aa9f88 DEV: annotate models
Some comments were out of data, updated
2019-10-17 16:58:22 +11:00
Sam Saffron f5d1aff8dd FEATURE: experimental hidden setting for draft backups
Under exceptional situations the automatic draft feature can fail.

This new **hidden, default off** site setting
`backup_drafts_to_pm_length` will automatically backup any draft that is
saved by the system to a dedicated PM (originating from self)

The body of that PM will contain the text of the reply.

We can enable this feature strategically on sites exhibiting issues to
diagnose issues with the draft system and offer a recourse to users who
appear to lose drafts. We automatically checkpoint these drafts every 5
minutes forcing a new revision each 5 minutes so you can revert to old
content.

Longer term we are considering automatically enabling this kind of feature
for extremely long drafts where the risk is really high one could lose
days of writing.
2019-10-17 16:58:21 +11:00
Sam Saffron c3d06ef01a DEV: avoid making direct HTML changes in controllers
Followup on d5d8db7f, we prefer not to amend DOM directly from controllers.
2019-10-17 08:43:30 +11:00
Robin Ward f14020dd0a Allow the topic excerpt size to be customizable by plugins 2019-10-16 16:28:28 -04:00
Rafael dos Santos Silva 6e9c8fe854
FIX: More encoded slug fixes (#8191)
* FIX: Do not encode the URL twice

Now that we encode slugs in the server we don't need this anymore.

Reverts fe5na33

* FIX: More places do deal with encoded slugs

* the param is a string now, not a hash

* FIX: Handle the nil slug on /categories

* DEV: Add seeded? method to identity default categories

* DEV: Use SiteSetting to keep track of seeded categories
2019-10-16 17:08:43 -03:00
Daniel Waterworth 7a0c06691c FIX: Account for nil when looking up subcategories 2019-10-16 20:04:54 +01:00
Penar Musaraj baf8ae604a FIX: Correct topic timeline position calculation
Fixes calculation for themes with tall custom headers.
2019-10-16 15:01:01 -04:00
Penar Musaraj 48c1238492 FIX: Do not send notification to empty push_url
Completes e4424d7
2019-10-16 11:27:07 -04:00
Kris d6118c8bc8 Add digest email template classes for popular post section 2019-10-16 11:22:33 -04:00
Penar Musaraj e4424d7c2e FIX: Do not make notification API call if push_url is blank
Followup to 77643931bc
2019-10-16 10:59:06 -04:00
Kris 1c4baadc49 UX: Wrap digest email footer in a table for better alignment options 2019-10-16 10:39:40 -04:00
Penar Musaraj c6e255f4e0 UX: Include metadata in composer link modal search results
Metadata includes topic status (closed, pinned, solved, etc.) as well as category and tags.
2019-10-16 10:17:27 -04:00
Daniel Waterworth 7ba914f1e1 FIX: Add migrations to fix index on category slugs
Slugs can be the empty string, but the added index didn't account for
that. This commit changes the migration, stopping it from being unique
so that it can be applied everywhere and adds another migration that
recreates the index properly.
2019-10-16 14:02:11 +00:00
Joffrey JAFFEUX 02250bd91f
DEV: removes one deprecation with app-events:main 2019-10-16 10:50:43 +02:00
Joffrey JAFFEUX 5a543f8abd
FIX: prevents trash button to get focus when submiting input on profile (#8198)
This is a default behavior for browsers to submit using first button which doesn't have `type="button"` in a form when pressing enter inside an input.
2019-10-16 10:05:46 +02:00
Arpit Jalan c596d7df77 FIX: respect private_email setting for user invited notification email 2019-10-16 12:50:30 +05:30
Arpit Jalan 600233482f FIX: include topic link when inviting existing users to a topic/PM
FEATURE: allow staff to use topic_url for customizing email template
2019-10-16 12:36:16 +05:30
Sam Saffron d5d8db7fa8 FEATURE: improve honeypot and challenge logic
This feature amends it so instead of using one challenge and honeypot
statically per site we have a rotating honeypot and challenge value which
changes every hour.

This means you must grab a fresh copy of honeypot and challenge value once
an hour or account registration will be rejected.

We also now cycle the value of the challenge when after successful account
registration forcing an extra call to hp.json between account registrations

Client has been made aware of these changes.

Additionally this contains a JavaScript workaround for:
https://bugs.chromium.org/p/chromium/issues/detail?id=987293

This is client side code that is specific to Chrome user agent and swaps
a PASSWORD type honeypot with a TEXT type honeypot.
2019-10-16 16:53:44 +11:00
Kris 645faa847b Follow up fix to c71da3f, class was defined twice 2019-10-15 20:12:50 -04:00
David Taylor 7332649f1a DEV: Add plugin outlet to category security tab 2019-10-15 22:37:41 +01:00
Kris 50b618dd44 UX: Add CSS classes to digest email template to allow for easier styling 2019-10-15 16:21:55 -04:00
Daniel Waterworth c71da3f335 FIX: Add unique index to prevent duplicate slugs for categories 2019-10-15 19:44:50 +00:00
Daniel Waterworth 5f5b232cde FIX: Category.find_by_slug
find_by_slug should ensure that the parent actually exists when its
looking for a parent.
2019-10-15 16:44:24 +01:00
Penar Musaraj e83c2488a2 FIX: do not unpin reply box in iOS when selecting Emoji 2019-10-15 10:51:53 -04:00
Vinoth Kannan b2f682f35e
FEATURE: Option to update category preferences of all users when site setting changed (#8180) 2019-10-15 18:41:27 +05:30
Daniel Waterworth 0de7e4339c FIX: Subcategory permissions validation
When a category has a subcategory, we ensure that no one who can see the
subcategory cannot see the parent. However, we don't take into account
the fact that, when no CategoryGroups exist, the default is that
everyone has full permissions.
2019-10-14 21:13:22 +01:00
Daniel Waterworth c49b20a1a2 FIX: Validation of category tree depth
This prevents the creation of sub-sub-categories in multiple tabs
2019-10-14 21:13:22 +01:00
romanrizzi 9845963105 FEATURE: Use the 'ugc' rel attribute alongside 'nofollow' 2019-10-14 15:21:48 -03:00
David Taylor 392f6cdf33 DEV: Stop overriding computed property on `models/category.js.es6`
This causes an Ember deprecation notice, and is a confusing pattern. We never used the default values, so there is no benefit to including them.
2019-10-14 16:26:48 +01:00
Gerhard Schlager 2c011252f1 FIX: Move notification level only when user posted
Moving posts also moves the read state (`topic_users` table) to the destination topic. This changes that behavior so that only users who posted in the destination topic will have the original notification level (probably "watching") of the original topic. The notification level for all other users will be set to "regular".
2019-10-14 15:06:09 +02:00
Gerhard Schlager f1742617fb PERF: Faster moving of read state
This should improve the performance of moving the read state of lots of posts to a new/existing topic.
2019-10-14 15:06:09 +02:00
Dan Ungureanu 086b46051c
FIX: Zeitwerk-related fixes for jobs. (#8187) 2019-10-14 13:03:22 +03:00
Arpit Jalan 815edf6f4d FEATURE: add short site description on login page title 2019-10-14 11:40:09 +05:30
Krzysztof Kotlarek 99086edf85
FIX: Allow themes to upload and serve js files (#8188)
If you set `config.public_file_server.enabled = false` when you try to get uploaded js file you will get an error:
`Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.`

The reason is that content type is `application/javascript` and in Rails 5 guard looked like that:
https://github.com/rails/rails/blob/5-2-stable/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L278-L280
However, in Rails 6 `application` was added to regex:
https://github.com/rails/rails/blob/master/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L282-L284

This pull request is related to https://meta.discourse.org/t/uploaded-js-file-for-theme-causes-a-rejection/129753/8
2019-10-14 15:40:33 +11:00
Jeff Wong 2b74dc5885 FIX: allow change password with TOTP 2019-10-13 00:53:57 -07:00
Joffrey JAFFEUX 312ecf2a05
FIX: allows scrolling of search menu panel when showing more results (#8186) 2019-10-11 22:25:28 +02:00
Robin Ward c5d03c30ca DEV: Add a plugin API for registering a "beforeSave" on the composer
This allows plugins to perform operations before saves occur, and
perhaps reject the post.
2019-10-11 14:55:27 -04:00
Robin Ward ee4369f972 Hook that allows custom logic before saving the composer 2019-10-11 14:55:09 -04:00
Faizaan Gagan 4d67f2a8ed bumped plugin api version to 0.8.33 (#8185) 2019-10-11 13:56:04 -04:00
Mark VanLandingham f63db1c4c8
FIX: Accurate sub_total calculation for reviewable_scores (#8184) 2019-10-11 11:07:19 -05:00
Rafael dos Santos Silva 76ab0350f1
FIX: Properly encoded slugs when configured to (#8158)
When an admin changes the site setting slug_generation_method to
encoded, we weren't really encoding the slug, but just allowing non-ascii
characters in the slug (unicode).

That brings problems when a user posts a link to topic without the slug, as
our topic controller tries to redirect the user to the correct URL that contains
the slug with unicode characters. Having unicode in the Location header in a
response is a RFC violation and some browsers end up in a redirection loop.

Bug report: https://meta.discourse.org/t/-/125371?u=falco

This commit also checks if a site uses encoded slugs and clear all saved slugs
in the db so they can be regenerated using an onceoff job.
2019-10-11 12:38:16 -03:00
Penar Musaraj 3a469a79cf
FEATURE: search topics when adding a link in composer (#8178) 2019-10-11 11:37:44 -04:00
David Taylor 67787799bb DEV: Allow plugins to mark user custom fields as editable only by staff
This adds a staff_only parameter to the register_editable_user_custom_field API. The default is false, to maintain backwards compatibility.
2019-10-11 09:57:55 +01:00
Faizaan Gagan 3bcfa158a7 fixed wrong method name while calling (#8182) 2019-10-11 03:51:18 -04:00
Krzysztof Kotlarek 694a5bf229 FIX: Prevent from creation of duplicated TopicAllowedUsers (#8169)
Ensure that we don't try to create duplicated TopicAllowedUsers

Related to https://meta.discourse.org/t/error-message-topic-allowed-users-is-invalid/130382/5

Spec amended to cover a case creating an overlap.
2019-10-11 17:44:29 +11:00
Penar Musaraj 5c5845f3f2 FIX: Minor Github onebox layout issues
- prevents long branch names from overflowing

- fixes alignment of inline avatars in preview
2019-10-10 21:35:36 -04:00
Penar Musaraj 21f3c044e5 FIX: Mobile adjustments for reviewable list 2019-10-10 21:19:49 -04:00
Faizaan Gagan 8fc0cc9aaa Serialize draft (#8175)
* DEV: allow serializing data for drafts

* Various fixes

* added an alias method for 'serializeToDraft' to plugin-api

* fixed linting issues

* changed single quotes to double quotes to fix linting issue

* fixed linting issues

* fixed composer model file via prettier

* fixed composer controller file via prettier

* fixed plugin-api file via prettier
2019-10-10 13:02:35 -04:00
Arpit Jalan 1be8c737e6 UX: add glyph to "Help" button on Password Reset modal 2019-10-10 10:15:43 +05:30
Sam Saffron 5aaf7e3316 FIX: during concurrent emails generation renderer should not be reused
Our instance used for template rendering needs a lock to ensure there is
no race condition where rendering happens on 2 threads at the same time.

This can lead to local poisoning which can cause unexpected results in
emails
2019-10-10 08:50:48 +11:00
Penar Musaraj 04452e748d DEV: remove old code, refactor jQuery call 2019-10-09 14:40:48 -04:00
Mark VanLandingham d710316ed1 FIX: Order UserFields by position, by default (#8176)
* FIX: site user_fields sorted by position

* FIX: Sort UserField by position for Site
2019-10-09 13:49:28 -04:00
Penar Musaraj a91ad81ed1 UX: Trigger primary action in modals using Enter
A modal's primary action (blue button in the default theme) can now be invoked
by hitting Enter on the keyboard. This applies to all modals that aren't strict
forms as long as the focus is not on a textarea element.
2019-10-09 13:28:07 -04:00