Commit Graph

42036 Commits

Author SHA1 Message Date
Martin Brennan b463a80cbf
FIX: Do not enqueue :group_smtp_email job if IMAP disabled for the group (#13307)
When a group only has SMTP enabled and not IMAP, we do not
want to enqueue the :group_smtp_email job because using the group's
SMTP credentials for sending user_private_message emails is
handled by the UserNotifications class.

We do not want the :group_smtp_email job to be enqueued because
that uses a reply key instead of the group.email_username
for the reply-to address which is not what we want for SMTP
only, and also creates an IncomingEmail record to prevent IMAP
double syncing which we do not need either.

There is an open question about what happens when IMAP is
enabled after SMTP has been enabled for a while, and also questions
around whether we could do away with :group_smtp_email altogether
and handle everything via EmailLog and UserNotifications, adding
additional columns to the former and modifying the Imap::Sync
class to take this into account...a lot more further testing
for IMAP needs to be done to answer those questions.

For now, this fix should be sufficient to get the correct
reply-to address for user_private_response messages sent in
response to emails sent directly to the group's
email_username SMTP address.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2021-06-07 14:17:35 +10:00
Jarek Radosz 0a259b94f0 DEV: Fix an `ActiveModel::Errors` deprecation
The warning was:

DEPRECATION WARNING: Calling `<<` to an ActiveModel::Errors message array in order to add an error is deprecated. Please call `ActiveModel::Errors#add` instead. (called from block (3 levels) in activate! at discourse/plugins/poll/plugin.rb:519)
2021-06-07 11:34:38 +08:00
Alan Guo Xiang Tan 9f650b45a0 DEV: Bump rubocop-discourse to 2.4.2. 2021-06-07 11:34:08 +08:00
dependabot[bot] b1fc8c8537 Build(deps): Bump concurrent-ruby from 1.1.8 to 1.1.9
Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.1.8 to 1.1.9.
- [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases)
- [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.1.8...v1.1.9)

---
updated-dependencies:
- dependency-name: concurrent-ruby
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-07 11:30:20 +08:00
dependabot[bot] 36efc740d1
Build(deps): Bump loofah from 2.9.1 to 2.10.0 (#13305)
Bumps [loofah](https://github.com/flavorjones/loofah) from 2.9.1 to 2.10.0.
- [Release notes](https://github.com/flavorjones/loofah/releases)
- [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md)
- [Commits](https://github.com/flavorjones/loofah/compare/v2.9.1...v2.10.0)

---
updated-dependencies:
- dependency-name: loofah
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-07 00:24:35 +02:00
Penar Musaraj 9ebc9541b9
FIX: Size of emoji in poll options (#13294)
Fixes a regression in 33cb1b
2021-06-04 18:27:25 -04:00
Rafael dos Santos Silva ee6ff9f1d7
FIX: Use newly created PushSubscription object for push test message (#13293) 2021-06-04 16:05:46 -03:00
Bianca Nenciu 46cd355046
FIX: Allow any other tag to be a synonym (#13290)
Tag-chooser component expects an array of blocked tags, but was passed
a string instead. That made tag-chooser to not allow any tags that were
a substring of the current one.
2021-06-04 21:51:53 +03:00
Penar Musaraj c4e801852f
A11Y: Improve topic details toggle button label (#13287) 2021-06-04 13:28:18 -04:00
Penar Musaraj 2c6ceec9ea
A11Y: Add aria-label to modal close button (#13288) 2021-06-04 13:28:04 -04:00
Penar Musaraj 78029fd913
A11Y: Include aria-label for avatar images in widgets (#13286) 2021-06-04 13:26:08 -04:00
Robin Ward 5d2b836ae5
DEV: Move pretty-text into vendor and use that (#13273)
In Ember CLI addons get put into the vendor bundle, as opposed to their
own bundle like we're doing in the Rails app. We never use pretty-text
without our vendor bundle so this should have no difference on
performance.

We need to keep the pretty-text bundle for server side cooking.
2021-06-04 11:01:59 -04:00
Dan Ungureanu 70eddbece1
UX: Copy edit (#13285) 2021-06-04 15:16:52 +03:00
Andrei Prigorshnev 476dfaed2f
FIX: Composer doesn't show an error message in case of a network issue and stops updating draft after (#13268) 2021-06-04 16:15:47 +04:00
Dan Ungureanu da2889a7a8
DEV: Add more verbose logging for image uploads (#13270)
Image optimization fails randomly (very rare) without a trace and it is
near impossible to find culprit image, reproduce the issue and attempt
to fix.
2021-06-04 15:13:58 +03:00
Ikko Ashimine 9431051ac1 FIX: misspelling in associate_accounts_controller_spec.rb
non-existant -> non-existent
2021-06-04 13:55:35 +08:00
Martin Brennan b01e4738ab
DEV: Add more keyboard shortcut acceptance tests (#13280)
This adds acceptance tests for keyboard shortcuts to
dismiss new and unread topics.

Also, I cleaned out a few old specs for the unit test for
keyboard-shortcuts. Some were introduced way back in
5100c2bbd2
but then supplanted by
9548876c2d
and never cleaned up, so they were doing nothing.

Follow up to https://review.discourse.org/t/fix-dismiss-topics-keyboard-shortcut-not-working-pr-13260/22157/4?u=martin
2021-06-04 14:04:20 +10:00
dependabot[bot] 27763da412
Build(deps): Bump nokogiri from 1.11.6 to 1.11.7 (#13275)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.6 to 1.11.7.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.11.6...v1.11.7)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-04 13:05:36 +10:00
Kris e3b0abc575
UX: Revert some search dropdown styles (#13274) 2021-06-03 22:54:22 -04:00
Alan Guo Xiang Tan 982eaab9b0 PERF: Defer setting of distributed cache in category.
See follow up commit for rational.

Follow-up to 8cfe203
2021-06-04 10:49:54 +08:00
Alan Guo Xiang Tan 9625208f40 DEV: Clean up state leak in BootstrapController spec.
The state leak was causing `ExtraLocalesController.client_overrides_exist?` specs to fail randomly.

Follow-up to 1976306539
2021-06-04 10:10:11 +08:00
Penar Musaraj 33cb1b7cf1
FIX: Ensure images in polls don't cause abrupt scrolling (#13272)
In some very rare cases, poll options can end up with images that have
no dimensions, in which case, navigating to replies in that post stream
might result in unexpected scrolling (as the browser loads the images
and adjusts its layout).

This ensures that if width/height attributes are missing from an image,
the image is forced to display within a 200 by 200 pixels space.

Co-authored-by: David Taylor <david@taylorhq.com>
2021-06-03 22:09:59 -04:00
Alan Guo Xiang Tan 3c1f4d5771 FIX: Clear post action types application serializer fragment cache.
The bug was introduced in dc10bdee3d
2021-06-04 09:14:49 +08:00
Alan Guo Xiang Tan cadf5eafe6 DEV: Move Discourse app specific concern out of unicorn conf. 2021-06-04 09:13:34 +08:00
Alan Guo Xiang Tan a8667b5454 PERF: Defer setting of distributed cache in more spots.
See follow up commit for rational.

Follow-up to 8cfe203383
2021-06-04 09:13:18 +08:00
Kris cd9941e0ca
UX: more consistent setting/edit buttons (#13276) 2021-06-03 18:33:36 -04:00
jbrw 9d8bc6a405
FIX: Return `naturalWidth` and `naturalHeight` for Composer image sizes (#13271)
Rather than returning the size of the currently rendered image in the composer window (which is dependent on browser settings such as window size and zoom level), return the actual dimensions of the image file itself.

(Also see commit abac614492 which was an earlier attempt to fix this by excluding Oneboxed images entirely. That was reverted as the CSS selector didn’t work on all browsers.)
2021-06-03 16:21:56 -04:00
Penar Musaraj 9a449ac534
UX: Adjustments to tag groups layout (#13269) 2021-06-03 13:58:28 -04:00
Arpit Jalan b27674597c
FIX: redirect non-staff user to homepage when deleting own topic (#13267) 2021-06-03 20:27:29 +05:30
David Taylor 4134173bbf
FEATURE: Add global admin api key rate limiter (#12527) 2021-06-03 10:52:43 +01:00
Alan Guo Xiang Tan 58b30fb510 PERF: Preload settings, groups and badge icons in SvgSprite.
Identified as a hot path in production. Preload it early instead of
executing the queries in a live request.
2021-06-03 16:45:56 +08:00
Martin Brennan eb2c399445
FEATURE: Use group SMTP settings for sending user notification emails (initial) (#13220)
This PR changes the `UserNotification` class to send outbound `user_private_message` using the group's SMTP settings, but only if:

* The first allowed_group on the topic has SMTP configured and enabled
* SiteSetting.enable_smtp is true
* The group does not have IMAP enabled, if this is enabled the `GroupSMTPMailer` handles things

The email is sent using the group's `email_username` as both the `from` and `reply-to` address, so when the user replies from their email it will go through the group's SMTP inbox, which needs to have email forwarding set up to send the message on to a location (such as a hosted site email address like meta@discoursemail.com) where it can be POSTed into discourse's handle_mail route.

Also includes a fix to `EmailReceiver#group_incoming_emails_regex` to include the `group.email_username` so the group does not get a staged user created and invited to the topic (which was a problem for IMAP), as well as updating `Group.find_by_email` to find using the `email_username` as well for inbound emails with that as the TO address.

#### Note

This is safe to merge without impacting anyone seriously. If people had SMTP enabled for a group they would have IMAP enabled too currently, and that is a very small amount of users because IMAP is an alpha product, and also because the UserNotification change has a guard to make sure it is not used if IMAP is enabled for the group. The existing IMAP tests work, and I tested this functionality by manually POSTing replies to the SMTP address into my local discourse.

There will probably be more work needed on this, but it needs to be tested further in a real hosted environment to continue.
2021-06-03 14:47:32 +10:00
Osama Sayegh 3249312c81
FIX: Escape periods in current user's username before generating `RegExp` (#13247)
If we don't escape periods, they are interpreted as wildcards and it
becomes impossible to visit profiles of other users whose usernames
match. E.g., if your username was `a.c` and attempted to visit `abc`'s
profile, you would be incorrectly redirected to your own profile.
2021-06-03 14:15:38 +10:00
Kris f3e021ad45
UX: Update search panel styles, consistency (#13262) 2021-06-03 14:14:24 +10:00
Bianca Nenciu d184fe59ca
FEATURE: Censor Oneboxes (#12902)
Previously onebox content was not passed by the censor regex, meaning you could sneak in censored words via onebox.
2021-06-03 11:39:12 +10:00
Alan Guo Xiang Tan 58cb120aa2
DEV: Minor code clean up in assets.rake. (#13245) 2021-06-03 11:37:06 +10:00
jbrw b57dca90fc
Revert "FIX: Ignore `allowlistgeneric` Onebox image sizes (#13240)" (#13261)
This reverts commit abac614492.

The CSS selector I was trying to use does not appear to be widely supported.
2021-06-02 21:36:46 -04:00
Bianca Nenciu 648d2fd793
DEV: Add test for link watched words (#13251) 2021-06-03 11:36:07 +10:00
Alan Guo Xiang Tan 8cfe203383 PERF: Defer setting of distributed cache in performance critical paths.
Setting a key/value pair in DistributedCache involves waiting on the
write to Redis to finish. In most cases, we don't need to wait on the
setting of the cache to finish. We just need to take our return value
and move on.
2021-06-03 09:30:52 +08:00
Martin Brennan 83211cff25
FIX: Change order of topic_tracking_state SELECT SQL (#13259)
This allows us to do DISTINCT on the topic_id to remove
duplicates (e.g. in extensions to the report SQL), and
also introduces an additional_join_sql string to allow
extensions to JOIN additional tables.
2021-06-03 11:21:33 +10:00
Martin Brennan 006d52f32b
FIX: Dismiss topics keyboard shortcut not working (#13260)
This issue is a result of
7a79bd7da3,
where the ID for the bottom Dismiss Topic buttons changed to
dismiss-topic-bottom.
2021-06-03 11:20:20 +10:00
jbrw abac614492
FIX: Ignore `allowlistgeneric` Onebox image sizes (#13240)
* FIX: Ignore `allowlistgeneric` Onebox image sizes

The size of an image contained within the preview pane of a Composer window may vary depending on the configuration of the browser displaying the Composer (e.g., dimension of browser window, zoom level, etc.).

Presently, the dimensions of the images from the browser creating the post containing the Onebox will be used to render the Onebox to anyone who views the post. It is safer to let the backend figure out the dimensions of the images. Therefore, exclude `.onebox.allowlistedgeneric` images from the list of `image_sizes` sent to the backend.

* DEV: Replace jQuery selector with pure JS

* DEV: remove more jQuery
2021-06-02 20:02:13 -04:00
Jordan Vidrine 188ac1c51f
FIX: Add check for if element doesnt exist on ensureDropClosed (#13256) 2021-06-02 13:44:21 -05:00
Jarek Radosz 3bb765ac92
DEV: Remove the remaining Travis code (#13255)
The second attempt at #10041 now that all our plugins use GitHub Actions CI instead.
2021-06-02 20:29:47 +02:00
jbrw 4a7c043382
DEV: bundle update fastimage (#13253)
FastImage 2.2.4 - includes a fix for BOM characters in SVG files, and HEIC support
2021-06-02 14:06:20 -04:00
Penar Musaraj d3e9a028f5
SECURITY: Do not allow unauthorized access to category edit UI (#13252) 2021-06-02 13:18:45 -04:00
Penar Musaraj fd9ef14ec0
FIX: Show required tags to staff by default and override limit (#13242)
This improves the display of available tags in categories that are
configured to require at least (x) tags from a tag group.

There are two changes included:
- regular users will now see all the available tags in the required tag
group (previously they could see a max. of 5 tags)
- staff users will now see the tags from the required tag group when
the tag group contains more tags than the default limit (also set to 5)

Both changes only apply to the default query (i.e. no search terms).
2021-06-02 12:43:34 -04:00
Bianca Nenciu e81a5182b3
FEATURE: Stage post edits immediately (#13249)
After editing a post, it is refreshed by two ways. One of them is
triggered by the client side which will route the client to the edited
post and force a reload this way. The other way is via Message Bus.

This commit ignores both of the ways and tries to update the post
immediately and then refresh the post stream.
2021-06-02 17:30:36 +03:00
Andrei Prigorshnev 2672358b72
FIX: active record annotation of topic model (#13250)
I've removed constraint from the excerpt column in 00300b1, but forgot to change annotation
2021-06-02 18:16:03 +04:00
Dan Ungureanu 447d8dfc44
UX: Use icons as bulleted list in invite modal (#13229) 2021-06-02 16:28:54 +03:00