Commit Graph

8499 Commits

Author SHA1 Message Date
Martin Brennan d3f02a1270
FEATURE: Generic hashtag autocomplete lookup and markdown cooking (#18937)
This commit fleshes out and adds functionality for the new `#hashtag` search and
lookup system, still hidden behind the `enable_experimental_hashtag_autocomplete`
feature flag.

**Serverside**

We have two plugin API registration methods that are used to define data sources
(`register_hashtag_data_source`) and hashtag result type priorities depending on
the context (`register_hashtag_type_in_context`). Reading the comments in plugin.rb
should make it clear what these are doing. Reading the `HashtagAutocompleteService`
in full will likely help a lot as well.

Each data source is responsible for providing its own **lookup** and **search**
method that returns hashtag results based on the arguments provided. For example,
the category hashtag data source has to take into account parent categories and
how they relate, and each data source has to define their own icon to use for the
hashtag, and so on.

The `Site` serializer has two new attributes that source data from `HashtagAutocompleteService`.
There is `hashtag_icons` that is just a simple array of all the different icons that
can be used for allowlisting in our markdown pipeline, and there is `hashtag_context_configurations`
that is used to store the type priority orders for each registered context.

When sending emails, we cannot render the SVG icons for hashtags, so
we need to change the HTML hashtags to the normal `#hashtag` text.

**Markdown**

The `hashtag-autocomplete.js` file is where I have added the new `hashtag-autocomplete`
markdown rule, and like all of our rules this is used to cook the raw text on both the clientside
and on the serverside using MiniRacer. Only on the server side do we actually reach out to
the database with the `hashtagLookup` function, on the clientside we just render a plainer
version of the hashtag HTML. Only in the composer preview do we do further lookups based
on this.

This rule is the first one (that I can find) that uses the `currentUser` based on a passed
in `user_id` for guardian checks in markdown rendering code. This is the `last_editor_id`
for both the post and chat message. In some cases we need to cook without a user present,
so the `Discourse.system_user` is used in this case.

**Chat Channels**

This also contains the changes required for chat so that chat channels can be used
as a data source for hashtag searches and lookups. This data source will only be
used when `enable_experimental_hashtag_autocomplete` is `true`, so we don't have
to worry about channel results suddenly turning up.

------

**Known Rough Edges**

- Onebox excerpts will not render the icon svg/use tags, I plan to address that in a follow up PR
- Selecting a hashtag + pressing the Quote button will result in weird behaviour, I plan to address that in a follow up PR
- Mixed hashtag contexts for hashtags without a type suffix will not work correctly, e.g. #ux which is both a category and a channel slug will resolve to a category when used inside a post or within a [chat] transcript in that post. Users can get around this manually by adding the correct suffix, for example ::channel. We may get to this at some point in future
- Icons will not show for the hashtags in emails since SVG support is so terrible in email (this is not likely to be resolved, but still noting for posterity)
- Additional refinements and review fixes wil
2022-11-21 08:37:06 +10:00
Sam 4f63bc8ed2
FEATURE: hidden site setting to suppress unsecured categories from admins (#19098)
The hidden site setting `suppress_secured_categories_from_admin` will
suppress visibility of categories without explicit access from admins
in a few key areas (category drop downs and topic lists)

It is not intended to be a security wall since admins can amend any site
setting. Instead it is feature that allows hiding the categories from the
UI.

Admins will still be able to see topics in categories without explicit
access using direct URLs or flags.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-11-18 14:37:36 +11:00
Kris a6c787345c
UX: reorganize user prefs for experimental user nav (#18764)
Trying out changes to reduce the number of nav items in the experimental horizontal user nav. These changes should only appear with the redesigned_user_page_nav_enabled feature flag.

1. Created a new "Tracking" route. This combines some tracking-related settings from Notifications and Category and Tag tracking (which were separate tabs previously). Don't love the layout yet, but it's something that we can work on.

2. Moved some user-related settings out of Notifications and to the
Users tab. These seem more user-related to me, and it's nice that we can
associate enabling messages with the setting to limit who can send
messages.

3. Moved the App tab (lists app permissions) to be within the Security tab. It's very similar to Recently Used Devices.
2022-11-18 09:09:04 +08:00
Meghna 040136675b
UX: better email login pages (#19058)
* UX: better email login pages

* Update error message for email login error
2022-11-17 13:09:39 +05:30
Martin Brennan 40e8912395
FIX: Invite redemption error if user had already redeemed (#19070)
When opening the invite acceptance page when the user
was already logged in, we were still showing the Accept
Invitation prompt even if the user had already redeemed
the invitation and was present in the `InvitedUser` table.

This would lead to errors when the user clicked on the button.

This commit fixes the issue by hiding the Accept Invitation
button and showing an error message instead indicating that
the user had already redeemed the invitation. This only applies
to multi-use invite links.
2022-11-17 15:51:58 +10:00
Penar Musaraj 19158cde53
Add search tip for `@me` shortcut (#19062) 2022-11-16 15:19:34 -05:00
Kris a5f2099884
A11Y: add live area for search menu, labels (#19061) 2022-11-16 14:02:39 -05:00
Bianca Nenciu 9f3371f367
DEV: Remove old "first notification" tutorial (#19036)
It was replaced by the new "first notification" user tip.
2022-11-16 14:35:18 +02:00
Discourse Translator Bot 33f601c8ad
Update translations (#19033) 2022-11-16 11:39:47 +01:00
Bianca Nenciu ac272c041e
FEATURE: Add user tips for post and topic features (#18964)
* DEV: Add utility to hide all user tips

* DEV: Add UserTip Glimmer component

* DEV: Add tests for existing user tips

* FEATURE: Add user tip for post menu

* FEATURE: Add user tip for topic notification level

* FEATURE: Add user tip for suggested topics

* FEATURE: Hide new popups for existing users
2022-11-15 17:36:08 +02:00
Jan Cernik ad4df89093
FIX: Rename Users to Sign-Ups in About page (#19020) 2022-11-14 17:19:32 -03:00
Blake Erickson 7be53b1588
FEATURE: Default Composer Category Site Setting (#18967)
* FEATURE: Default Composer Category Site Setting

- Create the default_composer_category site setting
- Replace general_category_id logic for auto selecting the composer
  category
- Prevent Uncategorized from being selected if not allowed
- Add default_composer_category option to seeded categories
- Create a migration to populate the default_composer_category site
  setting if there is a general_category_id populated
- Added some tests

* Add missing translation for the new site setting

* fix some js tests

* Just check that the header value is null
2022-11-14 11:09:57 -07:00
Martin Brennan 3b735d8fc5
DEV: Require pry-byebug in development mode (#18952)
We already do this in test mode, so let's do it in
development mode too. It adds better step-by-step
debugging and callstack navigation, see the readme
for more details:

https://github.com/deivid-rodriguez/pry-byebug
2022-11-10 09:58:39 +10:00
Gerhard Schlager 5268da037a UX: Replace concatenated translation 2022-11-09 22:33:31 +01:00
Gerhard Schlager 5aa951817c DEV: Remove unused translation
It was removed in 4a872823e7
2022-11-09 22:33:31 +01:00
Gerhard Schlager a292660c75 UX: Fix spelling of "Sidekiq"
@discourse-translator-bot keep_translations_and_approvals
2022-11-09 22:33:31 +01:00
Keegan George 4ae288367e
FIX: Permalinks issues (#18939) 2022-11-09 11:23:08 -08:00
Bianca Nenciu 4dad7816b2
FEATURE: Rename onboarding popups to user tips (#18826)
This commit also hides the new user tips for existing users.
2022-11-09 20:20:34 +02:00
Arpit Jalan 8b8c1291e7
FIX: do not preload topic list for new topic/message routes (#18959)
This commit fixes the issue where the sub-category topic list was not
loading for new-topic routes. Since we do not need to preload topic
lists for new topic/message routes this commit adds a no-op controller
that prevents topic lists pre loading and at the same time fixes the sub
category topics not loading issue.
2022-11-09 20:57:42 +05:30
Gerhard Schlager 04b0035009 DEV: Remove unused code and translations
The edit PM button was removed in ecc8e559ec
2022-11-09 14:27:55 +01:00
Martin Brennan c6764d8c74
FIX: Automatically generate category channel slugs (#18879)
This commit automatically ensures that category channels
have slugs when they are created or updated based on the
channel name, category name, or existing slug. The behaviour
has been copied from the Category model.

We also include a backfill here with a simplified version
of Slug.for with deduplication to fill the slugs for already
created Category chat channels.

The channel slug is also now used for chat notifications,
and for the UI and navigation for chat. `slugifyChannel`
is still used, but now does the following fallback:

* Uses channel.slug if it is present
* Uses channel.escapedTitle if it is present
* Uses channel.title if it is present

In future we may want to remove this altogether
and always rely on the slug being present, but this
is currently not possible because we are not generating
slugs for DM channels at this point.
2022-11-09 10:28:31 +10:00
Discourse Translator Bot d7844a797f
Update translations (#18948) 2022-11-09 00:00:28 +01:00
Martin Brennan b9d4336a20
DEV: Add test-site-settings to asset pipeline (#18935)
Follow up to 59da6c6ea2
2022-11-08 11:54:25 +10:00
Martin Brennan b93075a445
DEV: Make admin-start-backup template extendable (#18904)
We need to change the content of this modal in different
plugins based on context, so move some parts of it into
the JS file.
2022-11-08 10:40:56 +10:00
David Taylor 782f43cc55
Improve route error handling in admin/plugins (#18911)
Previously if a specific plugin route was not available (e.g. there was an error loading the plugin's JS due to an ad blocker), the entire page would fail to load. This commit updates the behavior to catch this kind of issue and display a user-friendly message at the top of the screen.
2022-11-07 16:39:27 +00:00
David Taylor 4e0f5eac42
FIX: Increase NGINX request header buffer (#18758)
This allows a large volume of cookies in request headers. Discourse itself tries to minimise cookie size, but we cannot control other cookies set by other tools on the same domain.
2022-11-07 12:11:06 -03:00
Vinoth Kannan dea44ec923
FEATURE: new site setting to hide user profiles by default. (#18864)
Previously, we didn't have a site-wide setting to set the default behavior for user profile visibility and user presence features. But we already have a user preference for that.
2022-11-06 16:44:17 +05:30
Tobias Eigen 49a191bf69
removed some extraneous question marks (#18847) 2022-11-03 10:26:27 +09:00
Discourse Translator Bot 82425b23ee
Update translations (#18813) 2022-11-02 15:13:47 +01:00
Kris 2531828973
UX: hide new/unread counts in sidebar, use dot by default (#18797)
This updates the behavior of the list destination setting for links in the sidebar.

By default, new/unread content will show a dot like chat, rather than the count of new/unread topics.

If a user chooses to link to new/unread in the sidebar, we'll show the count.

The goal here is to find a simple default for typical users (new/unread indication, no counts, default links) while providing a different workflow for power users (showing new/unread counts, and linking directly to new/unread).

Internal Ref: /t/82626
2022-11-02 20:55:05 +09:00
David Taylor 07ef1a80a1
SECURITY: Fix invite link email validation (#18817)
See https://github.com/discourse/discourse/security/advisories/GHSA-x8w7-rwmr-w278

Co-authored-by: Martin Brennan <martin@discourse.org>
2022-11-01 16:33:32 +00:00
David Taylor 68b4fe4cf8
SECURITY: Expand and improve SSRF Protections (#18815)
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2022-11-01 16:33:17 +00:00
Alan Guo Xiang Tan cfefdf0832
UX: Switch no categories/tags configured text in sidebar to a link (#18787)
Internal Ref: /t/73500
2022-10-31 06:42:55 +08:00
Gaurang Tandon 5ee5031bfa
UX: Fix grammar typo in trust_level_unlocked_tip (#18793) 2022-10-31 06:25:37 +08:00
Penar Musaraj 0297c79cbe
FIX: simplify display of multiple AJAX errors (#18763)
Our dialog service doesn't accept HTML by default and we shouldn't include HTML in the error message string. And given that the Ajax error handler is called in multiple contexts, it's tricky to properly support line breaks via either HTML or `\n` so we are opting for plain text in AJAX error messages.
2022-10-28 08:37:08 -04:00
Sam d99293d837
FEATURE: reduce suspicious distance logins warning to 100km (#18767)
Suspicious login emails are incredibly rare, we are concerned they are in
fact too rare. Attempt to reduce the distance down to 100km.
2022-10-28 07:01:11 +08:00
Blake Erickson 9b1536fb83
DEV: Update expired reset password copy (#18778) 2022-10-27 12:29:50 -06:00
Penar Musaraj 9ec62091c6
DEV: Update upload mismatch error message (#18759)
Following feedback from translators, it does not look like we need to
refer to an "upload stub" here.
2022-10-26 15:41:50 -04:00
Gerhard Schlager 3fbae5dd03
UX: Use a friendlier educational message (#18760)
See /t/82115/3
2022-10-26 20:53:57 +02:00
Discourse Translator Bot 5f02f11acc
Update translations (#18740) 2022-10-25 17:00:49 +02:00
Penar Musaraj a14825836f
UX: Show category edit button when in tag intersection (#18679)
Given that the category structure is generally speaking the backbone of most Discourse instances, it makes sense to show the edit button for the category even when the user is in a category/tag intersection route.
2022-10-20 15:04:21 -04:00
Bianca Nenciu 0be0bcfc7d
FIX: Do not show a 404 page when visiting messages (#18652)
* DEV: Use list controller and action

It used an empty action handler which just returned the app and it
required another request to get the topic list. By using the correct
controller and action we can preload the topic list.
2022-10-20 16:24:56 +03:00
Bianca Nenciu 66904f2cd2
FEATURE: Add button to reset seen popups (#18586) 2022-10-20 09:06:39 +08:00
maiki 0f7d1f2420
UX: correct capitalization (#18671) 2022-10-19 10:53:09 -07:00
David Taylor 9a4072fe31
DEV: Load plugin CSS in tests (#18668) 2022-10-19 18:10:06 +01:00
Discourse Translator Bot 0af2837b73
Update translations (#18642) 2022-10-19 15:19:28 +02:00
Martin Brennan 7c25597da2
FEATURE: Generic hashtag autocomplete part 1 (#18592)
This commit adds a new `/hashtag/search` endpoint and both
relevant JS and ruby plugin APIs to handle plugins adding their
own data sources and priority orders for types of things to search
when `#` is pressed.

A `context` param is added to `setupHashtagAutocomplete` which
a corresponding chat PR https://github.com/discourse/discourse-chat/pull/1302
will now use.

The UI calls `registerHashtagSearchParam` for each context that will
require a `#` search (e.g. the topic composer), for each type of record that
the context needs to search for, as well as a priority order for that type. Core
uses this call to add the `category` and `tag` data sources to the topic composer.

The `register_hashtag_data_source` ruby plugin API call is for plugins to
add a new data source for the hashtag searching endpoint, e.g. discourse-chat
may add a `channel` data source.

This functionality is hidden behind the `enable_experimental_hashtag_autocomplete`
flag, except for the change to `setupHashtagAutocomplete` since only core and
discourse-chat are using that function. Note this PR does **not** include required
changes for hashtag lookup or new styling.
2022-10-19 14:03:57 +10:00
Keegan George 8791b6d5ee
A11Y: Improve group search accessibility (#18651) 2022-10-18 12:55:44 -07:00
Penar Musaraj a2596fb306
A11Y: Add aria labels for posts in group activity (#18601)
This view can show multiple posts from the same topic and the aria labels
will now include the post number to more easily differentiate posts in
screen readers.
2022-10-18 13:58:26 -04:00
David Taylor be3d6a56ce
DEV: Introduce minification and source maps for Theme JS (#18646)
Theme javascript is now minified using Terser, just like our core/plugin JS bundles. This reduces the amount of data sent over the network.

This commit also introduces sourcemaps for theme JS. Browser developer tools will now be able show each source file separately when browsing, and also in backtraces.

For theme test JS, the sourcemap is inlined for simplicity. Network load is not a concern for tests.
2022-10-18 18:20:10 +01:00