Commit Graph

42408 Commits

Author SHA1 Message Date
Simon Cossar bbf47345f8
Add min-width rule to fix header display issues on the Android Gmail app (#13827) 2021-07-23 14:21:03 -07:00
Blake Erickson 6ac3f1f7b5
DEV: Return 400 instead of 500 for invalid top period (#13828)
* DEV: Return 400 instead of 500 for invalid top period

This change will prevent a fatal 500 error when passing in an invalid
period param value to the `/top` route.

* Check if the method exists first

I couldn't get `ListController.respond_to?` to work, but was still able
to check if the method exists with
`ListController.action_methods.include?`. This way we can avoid relying
on the `NoMethodError` exception which may be raised during the course
of executing the method.

* Just check if the period param value is valid

* Use the new TopTopic.validate_period method
2021-07-23 14:58:10 -06:00
Andrei Prigorshnev bd4b87245e
DEV: add more tests for future-date-input-selector (#13836)
This PR contains only tests. These tests are from my old PR with refactoring of future-date-input-selector. That PR was closed because we had some changes in our planes about our time-pickers and additionally these tests were flaky.

Tests in this PR aren't flaky, since they use fake time moments in the future. Tests just document current behaviour of future-date-input-selector.
2021-07-23 22:44:23 +04:00
Robin Ward 7b45a5ce55 FIX: Better and more secure validation of periods for TopicQuery
Co-authored-by: Martin Brennan <mjrbrennan@gmail.com>
2021-07-23 14:24:44 -04:00
Kris c7beb0b9a6
UX: prioritize moderator bg color in PMs (#13833) 2021-07-23 13:06:48 -04:00
Kris 7d9d4bcb6d
FIX: Show bulk button on PMs for all users (#13801) 2021-07-23 12:04:18 -04:00
Bianca Nenciu 2c10809244
FIX: Long poll if window becomes active (#13825)
This commit fixes two bugs. The first one is that onPresenceChange was
called with invalid arguments and it did not register a callback. The
second bug is that it triggered the wrong visibilitychange event. The
function it tried to call does not exist in all versions of MessageBus.
It is safer to trigger an event instead because that exists in all
versions.
2021-07-23 15:52:10 +03:00
Alan Guo Xiang Tan 53082e011a DEV: Make rubocop happy. 2021-07-23 16:04:41 +08:00
Alan Guo Xiang Tan 2923abdec7 SECURITY: Don't leak user of previous whisper post when deleting a topic.
A topic's last poster can be incorrectly set to a user of a whisper post
if the whisper post is before the last post and the last post is
deleted.
2021-07-23 15:42:23 +08:00
Alan Guo Xiang Tan 303e9e42b6 SECURITY: Do not reveal post whisperer in personal messages.
Prior to this fix, post whisperer in personal messages are revealed in
the topic's participants list even though non-staff users are unable to
see the whisper.
2021-07-23 15:42:23 +08:00
Mark VanLandingham 9165f0a0f8
DEV: Export pretty text function for plugin use (#13826) 2021-07-22 14:06:46 -05:00
Neil Lalonde cb858af8c7
Version bump to v2.8.0.beta4 (#13824) 2021-07-22 12:23:50 -04:00
Andrei Prigorshnev 8bc01c1bb5
DEV: extract leave_group method from the group#remove_member method (#13823)
* Copy remove_member to new `leave` method

* Remove unneeded code from the leave method

* Rearrange the leave method

* Remove unneeded code from the remove_member method

* Add tests

* Implement on the client side
2021-07-22 20:14:18 +04:00
Dan Ungureanu 27211ee7bb
FIX: Ensure browser history contains correct URLs (#13367)
Clicking on an incomplete link to a topic (/t/ID or /t/SLUG) from
another post could replace current history entry or create two: one for
the incomplete URL and another one for the correct one. Going back was
either impossible or took the user to a redirect loop, redirected back
to /t/ID which redirected them again to /t/SLUG/ID.
2021-07-22 18:59:59 +03:00
Andrei Prigorshnev 73e8183ffb
FIX: update the list of users after user joined group (#13822)
* Make UI update after user have joined a public group

* Check if a group exists in the join method
2021-07-22 18:48:26 +04:00
Bianca Nenciu 18c32a809b
FIX: Validate email_accent_bg_color color (#13778)
Using an invalid value was allowed. This commit tries to automatically
fix the color by adding missing # symbol or will show an error to the
user if it is not possible and it is not a CSS color either.
2021-07-22 17:42:47 +03:00
Discourse Translator Bot 3667cc6447
Update translations (#13821) 2021-07-22 12:31:19 +02:00
Ruoxin Wang f9aaed7020
FIX: MyBB importer exposes deleted posts (#13700)
The MyBB importer exposes posts marked as deleted in MyBB. This may lead to a privacy issue.
2021-07-22 09:55:02 +02:00
Andrei Prigorshnev 3cf7a3766a
DEV: extract join_group method from groups#add_members method (#13807)
* Copy the add_members method to the new join method

* Remove unneeded code from the join method

* Rearrange the join method

* Remove unneeded stuff from the add_members method

* Extract add_user_to_group method

* Implement of the client side

* Tests

* Doesn't inline users.uniq

* Return promise from join.then()

* Remove unnecessary begin and end

* Revert "Return promise from join.then()"

This reverts commit bda84d8d

* Remove variable already_in_group
2021-07-22 11:11:23 +04:00
Martin Brennan f41908ad5b
SECURITY: Validate period param for top topic routes (#13818)
Fixes a possible SQL injection vector
2021-07-22 16:31:53 +10:00
jbrw 09d23a37a5
DEV: Add default `Accept-Language` to FinalDestination requests (#13817)
Not specifying an `Accept-Language` should be equivalent to specifying an `Accept-Language` of `*`, however some webservers seem to prefer it if we are explicit about being able to handle a response of content in any language.
2021-07-22 15:49:59 +10:00
dependabot[bot] c191194046 Build(deps-dev): Bump listen from 3.5.1 to 3.6.0
Bumps [listen](https://github.com/guard/listen) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/guard/listen/releases)
- [Commits](https://github.com/guard/listen/compare/v3.5.1...v3.6.0)

---
updated-dependencies:
- dependency-name: listen
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-22 09:11:39 +08:00
Joffrey JAFFEUX 5eb6e9281a
FIX: manually adds frowning_face_with_open_mouth for apple (#13528) 2021-07-21 23:27:20 +02:00
Robin Ward 78ab3f37b8 FIX: Don't proxy `/qunit` URL when using Ember CLI
This is confusing because you're running the tests on the older version
of Ember. Use `/tests` for Ember CLI, and `/qunit` when using Rails'
asset pipeline (but only if REALLY necessary!)
2021-07-21 15:21:09 -04:00
Penar Musaraj 8a470e508e
UX: Improve quick search suggestions (#13813) 2021-07-21 14:00:27 -04:00
Robin Ward 4f328089d6 FIX: Force timeline/progress to re-insert into DOM on topic change
We have CSS animations which depend on the timeline/progress being
completely cleared when navigating from one topic directly to another.
This always worked because our loading component would clear the entire page
between topics but with our new experimental loading component the DOM was being
re-used.

This patch ensures that the timeline is removed completely from the DOM
if the topic changes.
2021-07-21 12:37:40 -04:00
Kris 5ebae8a64d
need to check if currentUser exists (#13814) 2021-07-21 12:26:28 -04:00
Régis Hanol da81cfe317
Fixed a typo in the 'same_site_cookies' site setting description (#13809) 2021-07-21 17:21:04 +02:00
Kris aa6daeaa3e
FEATURE: New style for personal messages (#13800) 2021-07-21 10:41:04 -04:00
Joffrey JAFFEUX a10fd95a7e
DEV: removes unused version_bump script (#13811) 2021-07-21 10:35:24 -04:00
Penar Musaraj 2ce2c83bc9
FIX: Show user filter hints when typing `@` in search (#13799)
Will show the last 6 seen users as filtering suggestions when typing @ in quick search. (Previously the user suggestion required a character after the @.)

This also adds a default limit of 6 to the user search query, previously the backend was returning 20 results but a maximum of 6 results was being shown anyway.
2021-07-21 09:14:53 -04:00
Joffrey JAFFEUX 519528daa2
FIX: allows to use icon-picker in wizard (#13786)
- inlines dasherize helper in sk
- uses an ajax helper to load wizard's ajax lib when in wizard
- amends wizard's ajax lib to work with string as first arg
- disabled loading spinner in wizard as it's not available
2021-07-21 13:49:21 +02:00
Bianca Nenciu 4da0a33524
FIX: Allow only groups with flairs to be selected (#13744)
It used the same permission check as for primary groups which is
wrong because not all groups that can be primary have a flair.
2021-07-21 14:41:04 +03:00
Andrei Prigorshnev d9faae483d
FIX: Consider 100 years suspension as permanent (instead of 500-years suspension) (#13808)
That'll be consistent with recent changes in https://github.com/discourse/discourse/pull/13776
2021-07-21 15:28:47 +04:00
Joffrey JAFFEUX 265e32e3e2
DEV: uses main instead of master in version_bump script (#13805) 2021-07-21 10:40:35 +02:00
Discourse Translator Bot 28b5e6e47d
Update translations (#13796) 2021-07-21 10:30:34 +02:00
Krzysztof Kotlarek 40f6ceb6f2
FIX: display warning when SSO email is different from invite email (#13804)
In this commit, we skipped frontend validation when email is obfuscated:
https://github.com/discourse/discourse/commit/534008ba24c

However, if email from SSO is different from email from invite, we should still display warning.
2021-07-21 17:03:04 +10:00
mintsaxon 7162ecfb04 FEATURE: Per-category default slow mode duration for topics.
When configured, all topics in the category inherits the slow mode
duration from the category's default.

Note that currently there is no way to remove the slow mode from the
topics once it has been set.
2021-07-21 12:32:07 +08:00
Gerhard Schlager 0ea58fe51f DEV: Spec shouldn't depend on translation 2021-07-21 12:24:54 +08:00
Alan Guo Xiang Tan 0d8144b62b DEV: Improve logging of errors in `Jobs::ProcessUserNotificationSchedules`
Gives us the actual error and backtrace to work with. Otherwise, the
logging of the error is not useful at all.
2021-07-21 12:20:44 +08:00
Jarek Radosz 4223541bc5
DEV: Fix release_note task warnings (#13794)
There was a bunch of warnings repeated over and over during spec runs:

```
/var/www/discourse/lib/tasks/release_note.rake:3: warning: already initialized constant DATE_REGEX
/var/www/discourse/lib/tasks/release_note.rake:3: warning: previous definition of DATE_REGEX was here
/var/www/discourse/lib/tasks/release_note.rake:5: warning: already initialized constant CHANGE_TYPES
/var/www/discourse/lib/tasks/release_note.rake:5: warning: previous definition of CHANGE_TYPES was here
```
2021-07-20 20:25:48 +02:00
Kris 5f6b9e36ed
UX: New text and style for dominating topic message (#13789) 2021-07-20 13:58:38 -04:00
Mark VanLandingham af5cf5ec2a
FIX: User directory - correct variable names (#13798) 2021-07-20 09:58:54 -05:00
Andrei Prigorshnev efc8d5f134
DEV: ignore the 2FA table when moving timestamps (#13793)
or 2FA will be broken after moving. We use this script for moving timestamps when restoring Try.
2021-07-20 15:49:20 +04:00
Andrei Prigorshnev 1a8c949900
UX: suspend forever time period messages (#13776)
When the Forever option is selected for suspending a user, the user is suspended for 1000 years. Without customizing the site’s text, this time period is displayed to the user in the suspension email that is sent to the user, and if the user attempts to log back into the site. Telling someone that they have been suspended for 1000 years seems likely to come across as a bad attempt at humour.

This PR special case messages when a user suspended or silenced forever.
2021-07-20 14:42:08 +04:00
Jarek Radosz 351ef6c2cc
UX: Tweak groups page css (#13775)
Improves icon-name alignment.
2021-07-20 12:26:52 +02:00
Bianca Nenciu 3d387d7891
FIX: Serialize flair group ID for preferences page (#13741)
Staff viewing the user preferences page of other users did not see the
selected flair because that information was not serialized for them.
2021-07-20 13:06:40 +03:00
Joffrey JAFFEUX 4cb65675c6
DEV: uses main branch in lefthooks (#13792) 2021-07-20 10:18:55 +02:00
Vinoth Kannan 08c6a7679d
DEV: allow `dev:populate` rake task in production environment. (#13777)
To use this rake task in production `ALLOW_DEV_POPULATE` environment variable should be set to "1".
2021-07-20 12:25:59 +05:30
Kris b335211038
FEATURE: Add input name so 1password ignores input (#13790) 2021-07-20 15:06:05 +10:00