Commit Graph

50557 Commits

Author SHA1 Message Date
dependabot[bot] db423ba153
Build(deps-dev): Bump eslint from 8.45.0 to 8.46.0 in /app/assets/javascripts (#22868)
Bumps [eslint](https://github.com/eslint/eslint) from 8.45.0 to 8.46.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.45.0...v8.46.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-31 09:17:31 +08:00
Kris 8c75fa5dfd
UX: increase experimental lightbox z-index (#22865) 2023-07-28 18:06:48 -04:00
David Taylor 27cdd724ce
PERF: Add exponential backoff for `/presence/update` errors (#22864)
We already handled 429 rate limit errors correctly. This commit adds backoff logic to other types of error to avoid requests being retried every second.
2023-07-28 22:42:46 +01:00
Jordan Vidrine 0f1479e896
UX: Refactor AI summarizing animation (#22839) 2023-07-28 14:02:26 -05:00
Kris 331507f6b0
UX: allow composer title to shrink when needed (#22863) 2023-07-28 14:48:23 -04:00
Joffrey JAFFEUX 1d2cb3abdc
DEV: skip flakey spec in deleted messages (#22862) 2023-07-28 20:37:41 +02:00
Blake Erickson 274c3c9396
DEV: Update code comment wording (#22861)
Follow up to: a8c504aee4

See: https://github.com/discourse/discourse/pull/22829#discussion_r1277747036
2023-07-28 11:47:22 -06:00
Joffrey JAFFEUX 891aabde19
FIX: when using arrow to bottom fetch from newest (#22860)
We were attempting to fetch from last read but this is actually complicated to get right when you have a lot unread, as we might still have more to load after this but the last unread id is still the same and would make the user end up in a loop.
2023-07-28 19:31:28 +02:00
Carson Chang 98e3bbd6bf
FIX: Breaking typo, missing closing parenthesis in topic-post.scss (#22852)
* Breaking typo, Update topic-post.scss

* Update topic-post.scss
2023-07-28 09:55:04 -07:00
Andrei Prigorshnev 7c67360d4a
DEV: a better way of picking of the earliest date (#22858)
See https://github.com/discourse/discourse/pull/22854#discussion_r1277542736.
2023-07-28 20:17:04 +04:00
Selase Krakani 81cf481b16
FIX: Missing pending queued posts from topic view (#22838)
A previous change updated `ReviewableQueuedPost`'s `created_by`
to be consistent with other reviewable types. It assigns
the the creator of the post being queued to `target_created_by` and sets
the `created_by` to the creator of the reviewable itself.

This fix updates some of the `created_by` references missed during the
intial fix.
2023-07-28 16:16:23 +00:00
Penar Musaraj 3bee2a41f4
UX: More tweaks to compact tag picker (#22859)
Input font size was too small.
2023-07-28 12:11:24 -04:00
Selase Krakani 4471eabd49
FIX: Hydration of embedded records (#22809)
The store expects values for property names ending with `_id` to be a resource id
and `_ids` to be an array of resource ids.

This change ensures the store gracefully handles situations where an
embedded field with incompliant data structure sneaks its way to production.
2023-07-28 15:58:55 +00:00
Blake Erickson a8c504aee4
FIX: Internal oneboxes with github links (#22829)
Internal oneboxes to posts that contained oneboxed github links to
commits or PRs with long enough commit messages to have the `show-more`
and the `excerpt hidden` classes in their html were being stripped of
their content resulting in empty internal oneboxes.

see: https://meta.discourse.org/t/269436

This fixes a regression introduced in:

0b3cf83e3c
2023-07-28 09:07:53 -06:00
Ella E 9e4c747657
FIX: Tweak right arrow position; set other arrow placements to default (#22848) 2023-07-28 08:58:34 -06:00
Selase Krakani e67fe1d07c
FIX: Member Highlights on Group Cards (#22828)
By default, only 10 members are highlighted on group cards. However,
joining/leaving a big group via the buttons on the group card results in
up to 50 members being highlighted. For large groups, this causes the card
to move off-screen.

This happens because, while the initial render explicitly fetches only 10
members, we don't seem to apply the same limit as part of the member
reload performed when a user leaves/joins via the buttons on the card.

This PR fixes that by only making the first 10 users available for
highlight regardless of the number of members loaded in the store.
2023-07-28 14:33:42 +00:00
Andrei Prigorshnev cd45f33430
FEATURE: Remove restrictions from the chat messages export (#22854)
Now, when we took care of performance in fbe0e4c and ad05924 
there is no need anymore to restrict the export to
- 6 months
- 10000 rows
2023-07-28 17:04:57 +04:00
David Taylor 263afe6b6a
Bump version to v3.1.0.beta7 2023-07-28 13:05:29 +01:00
Daniel Waterworth 26e267478d
SECURITY: Don't allow a particular site to monopolize the defer queue 2023-07-28 12:53:51 +01:00
Bianca Nenciu 0736611423
SECURITY: Hide restricted tags in noscript view
The hidden tags are usually filtered out by the serializer, but the
noscript view uses the topic objects instead of the serialized objects.
2023-07-28 12:53:50 +01:00
Penar Musaraj dcc825bda5
SECURITY: Limit length of edit reason column 2023-07-28 12:53:49 +01:00
Blake Erickson 62a609ea2d
SECURITY: Handle concurrent invite accepts
Raise an error on concurrent invite accept attempts.
2023-07-28 12:53:48 +01:00
Alan Guo Xiang Tan bfc3132bb2
SECURITY: Impose a upper bound on limit params in various controllers
What is the problem here?

In multiple controllers, we are accepting a `limit` params but do not
impose any upper bound on the values being accepted. Without an upper
bound, we may be allowing arbituary users from generating DB queries
which may end up exhausing the resources on the server.

What is the fix here?

A new `fetch_limit_from_params` helper method is introduced in
`ApplicationController` that can be used by controller actions to safely
get the limit from the params as a default limit and maximum limit has
to be set. When an invalid limit params is encountered, the server will
respond with the 400 response code.
2023-07-28 12:53:46 +01:00
OsamaSayegh 0976c8fad6
SECURITY: Don't reuse CSP nonce between anonymous requests 2023-07-28 12:53:44 +01:00
Alan Guo Xiang Tan 672f3e7e41
Revert "DEV: Skip flaky QUnit tests (#22847)" (#22850)
This reverts commit 26fc5d2d1f.

Flaky test has been fixed in e7208ab4c6
2023-07-28 17:37:31 +08:00
David Battersby 383f48c688
FIX: reset scrollbar position for mobile on lightbox images (#22822)
Using pinch-zoom on mobile devices with lightbox images can lead to scrolling of background content.

This change handles this by capturing the window.scrollY value when opening the lightbox, then when exiting we check if the scroll position has changed and reset it.
2023-07-28 15:03:04 +08:00
Alan Guo Xiang Tan 32d4810e2b
FIX: Can't dismiss new topics that belong to a sub-sub category (#22849)
What is the context for this change?

Prior to this change, there is a bug in `TopicsController#reset_new`
where it does not dismiss new topics in sub-subcategories when the
`category_id` and `include_subcategories=true` params are present. This
is because the controller did not account for sub-subcategories when
fetching the category ids of the new topics that should be dismissed.

This commit fixes the problem by relying on the `Category.subcategory_ids` class
method which accounts for sub-subcategories.
2023-07-28 12:06:42 +08:00
Alan Guo Xiang Tan 26fc5d2d1f
DEV: Skip flaky QUnit tests (#22847)
See
https://github.com/discourse/discourse/actions/runs/5683868303/job/15405355263
and https://github.com/discourse/discourse/actions/runs/5684998320/job/15408941916
2023-07-28 11:05:15 +08:00
Martin Brennan 3c8cc0c73e
DEV: Remove chat TODO (#22846)
This is unnecessary, I already fixed this problem
2023-07-28 09:10:14 +08:00
dependabot[bot] 3c236fb44d
Build(deps-dev): Bump patch-package in /app/assets/javascripts (#22844)
Bumps [patch-package](https://github.com/ds300/patch-package) from 7.0.2 to 8.0.0.
- [Release notes](https://github.com/ds300/patch-package/releases)
- [Changelog](https://github.com/ds300/patch-package/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ds300/patch-package/commits)

---
updated-dependencies:
- dependency-name: patch-package
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:58:36 +02:00
dependabot[bot] 4cc895ed40
Build(deps-dev): Bump mocha from 2.0.4 to 2.1.0 (#22841)
Bumps [mocha](https://github.com/freerange/mocha) from 2.0.4 to 2.1.0.
- [Changelog](https://github.com/freerange/mocha/blob/main/RELEASE.md)
- [Commits](https://github.com/freerange/mocha/compare/v2.0.4...v2.1.0)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:42:39 +02:00
dependabot[bot] 028cd2a79e
Build(deps): Bump lograge from 0.12.0 to 0.13.0 (#22842)
Bumps [lograge](https://github.com/roidrage/lograge) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/roidrage/lograge/releases)
- [Changelog](https://github.com/roidrage/lograge/blob/master/CHANGELOG.md)
- [Commits](https://github.com/roidrage/lograge/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: lograge
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-28 00:42:18 +02:00
marstall e7208ab4c6
FIX: fix flaky test from settings editor PR (discouse:main:80f5018) (#22834) 2023-07-27 17:46:58 -04:00
Isaac Janzen de6070fac4
DEV: Convert `delete-topic-disallowed` modal to component-based API (#22830) 2023-07-27 15:08:37 -05:00
Natalie Tay 173de8afe6
DEV: Add logging and rescue when user already exists and connecting via DiscourseConnect (#22833)
This is happening because despite the user already existing in the forum, the `SingleSignOnRecord` doesn't exist and "require_activation" is set on the provider, causing us to skip looking for the email, and resulting in us creating a new User then seeing Validation failed: Primary email has already been taken when DiscourseConnect is attempting to make a new account.
2023-07-28 02:53:33 +08:00
Andrei Prigorshnev ad05924bdf
DEV: Do one query per month when exporting chat messages (#22746)
We did some testing and saw that making one query per month is 
cheaper than querying all chat messages at ones. Note that even 
though the export job will be performing one query per month, 
the exported messages will be streamed into a single CSV file, so 
nothing changes from the user's point of view.
2023-07-27 21:56:32 +04:00
marstall 80f5018924
FEATURE: JSON editor for theme settings (#21647)
provide the ability to edit theme settings in the json editor, and also copy them as a text file so they can be pasted into another instance.

Reference: /t/65023
2023-07-27 13:48:59 -04:00
Jarek Radosz a44378a1b6
FIX: Toggling overridden settings broke in #21572 (#22831) 2023-07-27 19:41:42 +02:00
Isaac Janzen 291629834d
DEV: Convert `delete-topic-confirm` modal to component-based API (#22813)
<img width="677" alt="Screenshot 2023-07-26 at 4 19 52 PM" src="https://github.com/discourse/discourse/assets/50783505/5b969d38-0283-4217-9f70-de3561f82dd5">
2023-07-27 11:52:12 -05:00
Tobias Eigen 84ffea4916
Update ADMIN-QUICK-START-GUIDE.md (#22788)
This is a fairly extensive update to add checklists and to reorganize the presented information so it is more accessible. Some info is relegated to links to docs on meta. For convenience and regular reference, this topic is now linked to from a GETTING STARTED button next to the site title as long as the site is in bootstrap mode.
2023-07-27 08:44:38 -07:00
Joffrey JAFFEUX db0aef1192
DEV: removes unused group_manager model (#22827)
The associated table has been removed in 2015: 6dd4bc7d57 (diff-53b8234c51c429b92eb91d0212e15bbab16fcd5d1cbd3db64509977c9e1a060d)
2023-07-27 17:10:58 +02:00
David Taylor 507433f45c
FIX: Share topic shortcut (shift+s) (#22826)
This has been broken for a long time (since 04a63cfaaa)
2023-07-27 15:39:42 +01:00
chapoi 7b3f9dc86b
UX: different way of centering chat notice to accommodate longer texts (#22779)
* UX: different way of centering chat notice to accommodate longer

* linting

* UX: keep close button in top right corner
2023-07-27 15:53:43 +02:00
Jan Cernik 807390bb93
DEV: Remove experimental setting row for chat threads (#22730) 2023-07-27 15:29:28 +02:00
Joffrey JAFFEUX 0aa524821e
DEV: skip flaky spec (#22825)
An attempt to make this spec more stable has been made in f76a9aab22 which doesn’t seem to workout: https://github.com/discourse/discourse/actions/runs/5679336462/job/15391318065#step:31:1128
2023-07-27 15:12:22 +02:00
chapoi d10fd697b4
UX: responsive oneboxing with images in chat (#22824)
* UX: fix narrow oneboxing with images in chat

* UX: more responsive oneboxing

* UX: onebox-avatar limits

* ony flex non onebox-avatars
2023-07-27 13:57:30 +02:00
Jarek Radosz 3a11c82547
DEV: Update minitest to 5.19.0 (#22821) 2023-07-27 12:18:40 +02:00
Loïc Guitaut 1377186d38 DEV: Refactor chat channel fetching
This is extracted from #22390.

This patch introduces a scope to avoid duplication and a new method,
`Chat::Channel.find_by_id_or_slug` to allow finding a channel either by
its id or by its slug (or its category slug).
2023-07-27 11:55:17 +02:00
Joffrey JAFFEUX 05aa55e172
DEV: moves logic from job to a service (#22691)
`Jobs::AutoJoinChannelBatch` was holding a lot of logic which should be in a service. Moreover, this refactoring is the opportunity to address a bug which could cause a duplicate key error.

From now when trying to insert a new membership it won't fail if a membership is already present.

Example error:

```
Job exception: ERROR:  duplicate key value violates unique constraint "user_chat_channel_unique_memberships"
DETAIL:  Key (user_id, chat_channel_id)=(1, 2) already exists.

Backtrace
rack-mini-profiler-3.1.0/lib/patches/db/pg.rb:110:in `exec'
rack-mini-profiler-3.1.0/lib/patches/db/pg.rb:110:in `async_exec'
(eval):29:in `async_exec'
mini_sql-1.4.0/lib/mini_sql/postgres/connection.rb:209:in `run'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:38:in `block in run'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:34:in `block in with_lock'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:25:in `handle_interrupt'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:25:in `block in synchronize'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:21:in `handle_interrupt'
activesupport-7.0.5.1/lib/active_support/concurrency/load_interlock_aware_monitor.rb:21:in `synchronize'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:34:in `with_lock'
mini_sql-1.4.0/lib/mini_sql/active_record_postgres/connection.rb:38:in `run'
mini_sql-1.4.0/lib/mini_sql/postgres/connection.rb:64:in `query_single'
/var/www/discourse/plugins/chat/app/jobs/regular/chat/auto_join_channel_batch.rb:38:in `execute'
```

Note this commit is also using main branch of `shoulda-matchers` as the gem has not been released yet.

Co-authored-by: Loïc Guitaut <5648+Flink@users.noreply.github.com>
2023-07-27 10:25:41 +02:00
Joffrey JAFFEUX 2d567cee26
FEATURE: thread pagination (#22624)
Prior to this commit we were loading a large number of thread messages without any pagination. This commit attempts to fix this and also improves the following points:

- code sharing between channels and threads:
Attempts to reuse/share the code use in channels for threads. To make it possible part of this code has been extracted in dedicated helpers or has been improved to reduce the duplication needed.

Examples of extracted helpers:
- `stackingContextFix`: the ios hack for rendering bug when momentum scrolling is interrupted
- `scrollListToMessage`, `scrollListToTop`, `scrollListToBottom`:  a series of helper to correctly scroll to a specific position in the list of messages

- better general performance of listing messages:
One of the main changes which has been made is to remove the computation of visible message during scroll, it will only happen when needed (update last read for example). This constant recomputation of `message.visible` on intersection observer event while scrolling was consuming a lot of CPU time.
2023-07-27 09:57:03 +02:00