Commit Graph

8835 Commits

Author SHA1 Message Date
Discourse Translator Bot 8a0bac7bec
Update translations () 2023-01-03 14:46:19 +01:00
Roman Rizzi 2f61d26e3d
PERF: Make chat mention notifications async. ()
This PR removes the limit added to max_users_notified_per_group_mention during  and improve the performance when expanding mentions for large channel or groups by removing some N+1 queries and making the whole process async.

* Fully async chat message notifications

* Remove mention setting limit and get rid of N+1 queries
2023-01-02 11:54:52 -03:00
Discourse Translator Bot 6f570752ab
Update translations () 2022-12-30 17:49:48 +01:00
David Taylor 584a6e3552
FIX: Update nginx config for v1.23 ()
NGINX v1.23 concatenates duplicate headers into a single comma-separated string. We were doing an equality check on `x-forwarded-proto`. If the request includes multiple `x-forwarded-proto` headers then this check would fail under NGINX v1.23, and our config assumed an `http` connection.

This commit updates the config to check for `https` at the end of the header, thereby restoring the old behavior when multiple `x-forwarded-proto` request headers are sent.
2022-12-30 12:35:26 +00:00
Gerhard Schlager 7e33cb3665
FIX: Add missing email template for `user_watching_category_or_tag` ()
Adds a spec to hopefully prevent this in the future.

Follow-up to aa3a9b6fea
2022-12-29 15:36:53 +01:00
Discourse Translator Bot ebe8b868bf
Update translations () 2022-12-28 13:32:29 +01:00
David Taylor d24dfe8f96
DEV: Update minimum and recommended ruby versions ()
Minimum: 2.7.0
Recommended: 3.1.3
2022-12-28 10:09:15 +00:00
Rafael dos Santos Silva 7b53973bd8
DEV: Use WebPush fork for OpenSSL 3 compat ()
* DEV: Use WebPush fork for OpenSSL 3 compat

* add some context on gemfile changes
2022-12-27 15:28:13 -03:00
Vinoth Kannan 598233456d
FEATURE: Warn admins about private group name's exposure to anonymous users. ()
Group names will be used as CSS classes in some components while rendering the public HTML output. It will happen when a group is set as the default primary for users. Or when a group has either a flair icon or flair upload. So we should warn the admins when they restrict the group's visibility level.

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-12-27 13:17:13 +05:30
Tobias Eigen 982adb1c65
UX: Improve copy for contact email and url description ()
The admin settings for contact email and contact url did not explicitly indicate that they are visible to anons on /about page, and that when present the contact url replaces the contact email address. This change makes it so.
2022-12-27 05:53:28 +08:00
Jan Cernik d633467c60
FIX: Whisper tooltip shows the allowed groups () 2022-12-23 15:42:46 -03:00
Ella E 3c0a4b37d0
UX: Setup wizard copy changes and vertically stack logo fields ()
* copy changes to setup wizard step title
* make logo upload stacking; tweaks on medium size screen view
2022-12-22 10:15:09 -07:00
Discourse Translator Bot 1baaf6b5f1
Update translations () 2022-12-20 15:22:28 +01:00
Blake Erickson ae2153b330
UX: Wizard Step Enhancements ()
* UX: Wizard Step Enhancements

- Remove illustrations
- Add Emoji graphic to top of steps
- Add description below step title
- Move point of contact to last step

* Move step count to header, plus some button navigation tweaks

* add remaining emoji to step headers

* fix button logic on steps

* Update Point of Contact

* remove automated messages field

* adjust styling for counter, title, and emoji

* Update wording for logos

* Fix tests

* fix prettier

* fix specs

* set same with for steps except for styling screen

* use sentence case; remove duplicate copy under your organization fields

* fix missing buttons on small screens

* add spacing to buttons; adjust font weight to labels

* adjust styling for community logo step; use sentence case for button

* update copy for point of contact text helper

* use sentence case for field labels

* fix ui tests

* use btn-back class to fix ui tests

* reduce bottom margin for toggle fields

* clean up

Co-authored-by: Ella <ella.estigoy@gmail.com>
2022-12-19 17:24:09 -07:00
Kris bd5f57e90c
FEATURE: add user toggle to mask/unmask passwords () 2022-12-19 18:56:51 -05:00
Selase Krakani 7ba115769a
DEV: Skip push notifications for active online users ()
* DEV: Skip push notifications for active online users

Currently, users with active push subscriptions get push notifications
regardless of their "presence" on the site.

This change introduces a `push_notification_time_window_mins`
site setting which is used in conjunction with a user's `last_seen_at` to
determine if push notifications should be sent. A user is considered to
be actively online if their `last_seen_at` is within `push_notification_time_window_mins`
minutes. `push_notification_time_window_mins` is set to 10 by default.

* DEV: Remove client param for push_notification_time_window_mins site setting

Co-authored-by: Bianca Nenciu <nbianca@users.noreply.github.com>

Co-authored-by: Bianca Nenciu <nbianca@users.noreply.github.com>
2022-12-19 20:17:40 +00:00
Bianca Nenciu 1ad06eb764
UX: Redesign and refactor penalty modals ()
This merges the two modals code to remove duplication and implements
a more consistent design.
2022-12-19 19:36:03 +02:00
Bianca Nenciu b80765f1f4
DEV: Remove enable_whispers site setting ()
* DEV: Remove enable_whispers site setting

Whispers are enabled as long as there is at least one group allowed to
whisper, see whispers_allowed_groups site setting.

* DEV: Always enable whispers for admins if at least one group is allowed.
2022-12-16 18:42:51 +02:00
Andrei Prigorshnev 2d628c80a1
UX: rename "Do Not Disturb" to "Pause Notifications" ()
We decided to rename the "Do Not Disturb" mode to "Pause Notifications". I am starting from changing strings on the client, that will update user interface. And I'm going to do renamings in frontend and backend code after some time.
2022-12-16 17:10:59 +04:00
Andrei Prigorshnev 4908a669e0
FEATURE: integrate DnD with user status ()
This PR adds a new "Pause notifications" checkbox to the user status modal. This checkbox allows enabling the Do-Not-Disturb mode together with user status. Note that we don't remove and don't rename the existing DnD menu item in this PR, so the old way of entering the DnD mode is still available.

Also, we're not making DnD mode a part of user status on backend and in database. The reason is that the DnD mode should still be available on sites with disabled user status, having them separated helps keep the implementation simple.
2022-12-16 16:35:39 +04:00
Selase Krakani 382757d1bd
FEATURE: Add support for desktop push notifications in core ()
* FEATURE: Add support for desktop push notifications in core

Default to push for live notifications on desktop if available and
`enable_desktop_push_notifications` site setting set to true.

This removes the need for desktop-push-notifications plugin.

* DEV: Ensure live notifications are enabled explicitly

Allow a user with push notification access who has directly
enabled notifications via the browser settings to trigger push subscription
flow.
2022-12-16 03:35:33 +00:00
Martin Brennan 624b1b3820
FIX: Remove user_option saving for bookmark auto delete pref ()
We were changing the user's user_option.bookmark_auto_delete_preference
to whatever they changed it to in the bookmark modal to use as default
for future bookmarks. However this was leading to a lot of confusion
since if you wanted to set it for one bookmark you had to remember to
change it back on the next one.

This commit removes that automatic functionality, and instead moves
the bookmark auto delete preference to User Preferences > Interface
in an explicit dropdown.
2022-12-16 08:50:31 +10:00
Osama Sayegh 1c03d6f9b9
FEATURE: Send notifications to admins when new features are released ()
This commit adds a new notification that gets sent to admins when the site gets new features after an upgrade/deploy. Clicking on the notification takes the admin to the admin dashboard at `/admin` where they can see the new features under the "New Features" section.

Internal topic: t/87166.
2022-12-15 20:12:53 +03:00
Kris f01ecd1fb7
UX: update small action text to use sentence case () 2022-12-14 13:28:03 -05:00
Gerhard Schlager 4e42759caa
FIX: Use correct plural rules for Russian ()
Previously this didn't work because Transifex didn't support "many".
2022-12-14 18:56:46 +01:00
Blake Erickson 5c925f2db3
FEATURE: Chat and Sidebar are now on by default ()
FEATURE: Chat and Sidebar are now on by default

- Set the sidebar site setting to be enabled by default
- Set the chat site setting to be enabled by default
- Updated existing specs that assumed the original default
- Use a migration to keep old defaults for existing sites
2022-12-13 17:25:19 -07:00
Krzysztof Kotlarek aa3a9b6fea
FEATURE: Differentiate notification type for directly vs indirectly watched topic ()
When user is watching category or tag (watching or watching first post) notifications are moved to other tab.

To achieve that and distinguish between post create to directly watched topics and indirectly watched topics, new notification type called `watching_category_or_tag` was introduced.
2022-12-14 10:22:26 +11:00
Gerhard Schlager 4c20b54899
DEV: Remove unused English text () 2022-12-14 07:14:58 +08:00
Gerhard Schlager c94401e024
DEV: Remove unused section from "Customize Theme" UI () 2022-12-13 20:13:35 +01:00
Penar Musaraj f58eaf529f
FIX: Remove console warning for "nohighlight" () 2022-12-13 13:43:31 -05:00
Discourse Translator Bot 8b496824c3
Update translations () 2022-12-13 17:14:57 +01:00
Gerhard Schlager f19d687f01
REFACTOR: Update Message Format strings to make them easier to read on Crowdin ()
@discourse-translator-bot keep_translations_and_approvals
2022-12-13 13:30:07 +01:00
Gerhard Schlager 3f1508e72f
FIX: Restore missing text for `read_more` and `read_more_in_category` ()
It was deleted by mistake while cleaning up other locale files in 3eafa39aeb
2022-12-13 11:31:12 +01:00
Jarek Radosz f9bdda84ca
DEV: Admin webhooks interface issues ()
1. The events table had broken styling, making each row overflow
2. It had confusing routes: `/:id` for "edit" and `/:id/events` for "show" (now it's `/:id/edit` and `/:id` respectively)
3. There previously was an unused backend action (`#edit`) - now it is used (and `web_hooks/:id/events` route has been removed)
4. There was outdated/misplaced/duplicated CSS
5. And more
2022-12-13 01:53:08 +01:00
Blake Erickson de53cf7657
FEATURE: Add chat and sidebar toggles to the setup wizard ()
* FEATURE: Add chat and sidebar toggles to the setup wizard

- Fix css alighnment
- Add Enable Chat Toggle
- Add Enable Sidebar Toggle

* Check for the chat plugin

* Account for new sidebar step

* update chat and sidebar description

* UI: add checkmark as a visual indicator that it is enabled

* use new navigation_memu site setting for enabling the sidebar

* fix tests

* Add tests

* Update lib/wizard/step_updater.rb

Use HEADER_DROPDOWN instead of LEGACY

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>

* Fix spec. Use HEADER_DROPDOWN instead of LEGACY

Co-authored-by: Ella <ella.estigoy@gmail.com>
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-12-12 14:30:21 -07:00
Gerhard Schlager 3eafa39aeb REFACTOR: Remove updated strings from locale files and translation overrides 2022-12-12 17:01:04 +01:00
Gerhard Schlager a13b7f36c8 REFACTOR: Reformat Message Format strings for better readability
@discourse-translator-bot keep_translations_and_approvals
2022-12-12 17:01:04 +01:00
Gerhard Schlager 15f98f727a REFACTOR: Replace unnecessary Message Format string 2022-12-12 17:01:04 +01:00
Gerhard Schlager 03f0b4f54b REFACTOR: Replace concatenated strings to simplify translation 2022-12-12 17:01:04 +01:00
Gerhard Schlager d059c64485 REFACTOR: Update Message Format string to simplify translation 2022-12-12 17:01:04 +01:00
Gerhard Schlager 584abbda54 REFACTOR: Update Message Format string to simplify translation 2022-12-12 17:01:04 +01:00
David Taylor 2c6d6cf485
UX: Add lightbox information to max image width/height settings () 2022-12-12 11:43:27 +01:00
Tobias Eigen 1a0473e890
Make explicit that title and desc are public ()
* Make explicit that title and desc are public

* also updated short_site_description 

the `short_site_description` setting is also visible to all visitors including anons so changed the description.
2022-12-10 09:58:56 -07:00
Discourse Translator Bot 5d1444e3ca
Update translations () 2022-12-09 12:01:05 +01:00
Penar Musaraj 0c50bacbc0
UX: Omit instruction note when `email_time_window_mins` is off ()
A translator noted that this string is odd: "We'll email you immediately
if you haven't read the thing we're emailing you about." We show this
note in the user profile when the user has chosen to be emailed "only
when away" and the site has `email_time_window_mins` off. The message
essentially says that "only when away" in this particular site's config
means "Always".

I think it is best to show no description here. In an ideal world, the
"Only when away" option shouldn't be there when `email_time_window_mins`
is off. But it is rare to choose that override, and adding proper support
for that use case would be complicated.
2022-12-08 21:31:18 -05:00
Alan Guo Xiang Tan b50d071307
DEV: Update copy for `navigation_menu` site setting () 2022-12-09 06:25:11 +08:00
Bianca Nenciu 187b0bfb43
FEATURE: Show similar users when penalizing a user ()
* FEATURE: Show similar users when penalizing a user

Moderators will be notified if other users with the same IP address
exist before penalizing a user.

* FEATURE: Allow staff to penalize multiple users

This allows staff members to suspend or silence multiple users belonging
to the same person.
2022-12-08 14:42:33 +02:00
David Taylor 03fadf91f0
FEATURE: Optionally allow a separate `s3_asset_cdn_url` to be specified ()
If configured, this will be used for static JS assets which are stored on S3. This can be useful if you want to use different CDN providers/configuration for Uploads and JS
2022-12-08 10:36:20 +00:00
Alan Guo Xiang Tan fde9e6bc25
DEV: Migrate sidebar site settings ()
This new site setting replaces the
`enable_experimental_sidebar_hamburger` and `enable_sidebar` site
settings as the sidebar feature exits the experimental phase.

Note that we're replacing this without depreciation since the previous
site setting was considered experimental.

Internal Ref: /t/86563
2022-12-08 09:44:29 +08:00
Michael Brown 02bfac1538
FIX: do not provide advice regarding GDPR compliance () 2022-12-08 08:37:53 +08:00
Penar Musaraj 61924b8a2a
DEV: Update error message string ()
Clarifies what admin should do when permanently deleting a topic with
replies.
2022-12-08 08:34:35 +08:00
Martin Brennan 7bb5da55c6
FIX: Add translation for setting ()
Followup to de080723b5
2022-12-08 10:30:19 +10:00
Martin Brennan de080723b5
DEV: Unhide enable_experimental_hashtag_autocomplete ()
This is in preparation for making this feature opt-in
2022-12-08 07:45:25 +08:00
Krzysztof Kotlarek e313190fdb
FEATURE: better UI to manage 2fa ()
In this PR, we introduced an option, that when all authenticators are disabled, but backup codes still exists, user can authenticate with those backup codes. This was reverted as this is not expected behavior.

https://github.com/discourse/discourse/pull/18982

Instead, when the last authenticator is deleted, backup codes should be deleted as well. Because this disables 2fa, user is asked to confirm that action by typing text.

In addition, UI for 2fa preferences was refreshed.
2022-12-08 09:41:22 +11:00
David Taylor 1db3a578e4
PERF: Improve `Accept` header handling for stylesheets and theme-js ()
The default behavior for Rails is to vary the response of an endpoint based on the `Accept:` header, and therefore it returns a `Vary:` header on responses. This instructs browsers and intermediate proxies to key their caches based on the value of the request's `Accept` header. In some cases (e.g. Akamai), the presence of a `Vary` header is enough to prevent caching entirely.

This commit restructures the Rails route definitions so that:
1. The "format" segment of the route is 'required'
2. The "format" segment of the route is constrained to a single value (e.g. `js` or `css`)

Now that the routes are guaranteed to have a `:format` segment, Rails will always prioritize that over the `Accept` header, and will therefore omit the `Vary` header.

Request specs are also added to test this behaviour for both stylesheets and theme-javascripts.
2022-12-07 15:46:35 +00:00
GeckoLinux 5aaaf26636
Update server.en.yml ()
Remove " on disk" from description of `maximum_backups`, because the setting also works for S3.
2022-12-07 09:38:47 +08:00
Isaac Janzen 5a40c31110
DEV: Update inappropriate flag text () 2022-12-06 12:43:46 -06:00
Roman Rizzi 9c8043a4d2
FEATURE: Enforce mention limits for chat messages ()
* FEATURE: Enforce mention limits for chat messages

The first part of these changes adds a new setting called `max_mentions_per_chat_message`, which skips notifications when the message contains too many mentions. It also respects the `max_users_notified_per_group_mention` setting
and skips notifications if expanding a group mention would exceed it.

We also include a new component to display JIT warning for these limits to the user while composing a message.

* Simplify ignoring/muting filter in chat_notifier

* Post-send warnings for unsent warnings

* Improve pluralization

* Address review feedback

* Fix test

* Address second feedback round

* Third round of feedback

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2022-12-06 14:54:04 -03:00
Discourse Translator Bot 58ffa06d4a
Update translations () 2022-12-06 16:22:23 +01:00
Martin Brennan e6f9504dd6
FEATURE: Allow user_status scope for UserApiKey ()
Follow-up to 6357a3ce33
where we allowed a general API key scope for user status
GET/PUT/DELETE, this commit allows the same for the
UserApiKey system.
2022-12-06 08:56:03 +10:00
Bianca Nenciu 93859037ef
FEATURE: Improve composer warnings for mentions ()
* FEATURE: Show warning if group cannot be mentioned

A similar warning is displayed when the user cannot be mentioned because
they have not been invited to the topic.

* FEATURE: Resolve mentions for new topic

This commit improves several improvements and refactors
/u/is_local_username route to a better /composer/mentions route that
can handle new topics too.

* FEATURE: Show warning if only some are notified

Sometimes users are still notified even if the group that was mentioned
was not invited to the message. This happens because its members were
invited directly or are members of other groups that were invited.

* DEV: Refactor _warnCannotSeeMention
2022-12-05 20:22:05 +02:00
Natalie Tay d2c5c65e29
DEV: Remove unused i18n keys () 2022-12-05 22:01:54 +08:00
maiki a72c9b96ab
UX: add target to start discussion link () 2022-12-02 13:52:40 -08:00
David Taylor badd64ceee
PERF: Add GlobalSetting to redirect avatars instead of proxying ()
When uploads are stored on S3, by default Discourse will fetch the avatars and proxy them through to the requesting client. This is simple, but it can lead to significant inbound/outbound network load in the hosting environment.

This commit adds an optional redirect_avatar_requests GlobalSetting. When enabled, requests for user avatars will be redirected to the S3 asset instead of being proxied. This adds an extra round-trip for clients, but it should significantly reduce server load. To mitigate that extra round-trip for clients, a CDN with 'follow redirect' capability could be used.
2022-12-02 10:07:25 +00:00
Penar Musaraj 4c037b9ba3
UX: Improve UI of group delete dialog () 2022-12-02 12:01:25 +08:00
Isaac Janzen 6ccc0227f3
DEV: Upgrade Topic Timeline to Glimmer ()
In an effort to modernize our codebase to the latest Ember version we have selected the Topic Timeline as a candidate to be refactored. The topic timeline component was originally built with `Widgets` and this PR will upgrade it to `Glimmer Components`. 

The refactored timeline is hidden by default behind a group flag, `SiteSetting.enable_experimental_topic_timeline_groups`. Being part of a group included in this site setting will make the new timeline available for testing.

## Other points of interest

This PR introduces a `Draggable Modifier` available to all components, which will take the place of the existing _drag functionality_ exclusive to widgets. 

It can be included like so:
```
{{draggable didStartDrag=@didStartDrag didEndDrag=@didEndDrag dragMove=@dragMove }}
```
2022-12-01 13:50:44 -06:00
Selase Krakani 0ce38bd7bc
SECURITY: Restrict unlisted topic creation () 2022-12-01 10:26:35 +00:00
Osama Sayegh 23bd993164
FEATURE: Separate notification indicators for new PMs and reviewables ()
This PR adds separate notification indicators for PMs and reviewables that have arrived since the last time the user opened the notifications menu.

The PM indicator is the strongest one of all three indicators followed by the reviewable indicator and then finally the blue indicator. This means that if there's a new PM and a new reviewable, then the PM indicator will be shown.

Meta topic: https://meta.discourse.org/t/no-green-or-red-notification-bubbles/242783?u=osama.

Internal topic: t/82995.
2022-12-01 07:05:32 +08:00
Roman Rizzi 9bb5cf1c46
FIX: Validate unsubscribe key has an associated user ()
* FIX: Validate unsubscribe key has an associated user

* Improve error messages
2022-11-30 14:29:07 -03:00
Jan Cernik 93fcfa58d0
FIX: Improve message when posting a duplicate link ()
If the duplicated link was posted by the user itself, it will display
a different JIT message.
2022-11-29 16:08:27 -03:00
Bianca Nenciu 0cc6e678bb
FIX: Show error message if no uploads are allowed ()
It used to fail without displaying an error message if no upload
extensions were authorized. This also disables the button in the
first place to avoid displaying an error to the user (the error
will be displayed only when drag and dropping a file).
2022-11-29 16:58:50 +02:00
Discourse Translator Bot cf347811c6
Update translations () 2022-11-29 15:36:51 +01:00
Bianca Nenciu 3048d3d07d
FEATURE: Track API and user API requests ()
Adds stats for API and user API requests similar to regular page views.
This comes with a new report to visualize API requests per day like the
consolidated page views one.
2022-11-29 13:07:42 +02:00
Gerhard Schlager 0593e5f7c3
UX: Add instructions for multiple category emails () 2022-11-28 20:51:50 +01:00
Osama Sayegh 498fa14347
UX: Show educational messages for the likes tab when it's empty ()
This commit adds some content to educate the user about the likes tab in the user menu when it's blank.
Internal topic: t/76879.
2022-11-24 22:13:21 +03:00
Andrei Prigorshnev 6357a3ce33
FEATURE: User Status API ()
This adds API scope for the user status. This also adds a get method to the user status controller. We didn't need a dedicated method that returns status before because the server returns status with user objects, but I think we need to provide this method for API clients.
2022-11-24 19:16:28 +04:00
David Taylor 84bec1cbae
DEV: Cleanup legacy asset compilation gems and code ()
We now use Ember CLI (core/plugins) and DiscourseJSProcessor (themes) for all Ember and template compilation. This commit removes the remnants of the legacy Sprockets-based Ember compilation system.

Sprockets, and its DiscourseJSProcess-based Babel transformations, is still in use for a few assets. Ideally that will be removed/replaced in the near future.
2022-11-24 12:13:59 +00:00
Martin Brennan 274b21663e
FIX: Experimental hashtag search result matching and limit fixes ()
This changes the hashtag search to first do a lookup to find
results where the slug exactly matches the
search term. Now when we search for hashtags, the
exact matches will be found first and put at the top of
the results.

`ChatChannelFetcher` has also been modified here to allow
for more options for performance -- we do not need to
query DM channels for secured IDs when looking up or searching
channels for hashtags, since they should never show in
results there (they have no slugs). Nor do we need to include
the channel archive records.

Also changes the limit of hashtag results to 20 by default
with a hidden site setting, and makes it so the scroll for the
results is overflowed.
2022-11-24 10:07:59 +10:00
Jordan Vidrine 34e21525d0
UX: Style adjustments & addition of login button on admin invite page ()
* user field label move
* more user field edits
* invite page adjustments
* caps lock adjustment


Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-11-23 12:06:19 +11:00
Discourse Translator Bot 3c1db9bcb6
Update translations () 2022-11-22 21:39:02 +01:00
Gerhard Schlager c75b6cd999
UX: Update "education.dominating_topic" and raise default percentage ()
See /t/82396
2022-11-22 21:11:53 +01:00
Discourse Translator Bot 2eee6fb644
Update translations () 2022-11-22 15:01:19 +01:00
Kris 69e55a0e1c
A11Y: Improve "my posts" sidebar link title () 2022-11-22 08:36:43 -05:00
TheJammiestDodger 91701d677f
FIX: Update link in `group_in_subject` site description ()
Updates the Meta topic link in the `group_in_subject` site description
2022-11-22 10:37:09 +00:00
Kris bb42016a72
A11Y: add title & aria-expanded for sidebar toggle () 2022-11-22 07:17:45 +08:00
Alan Guo Xiang Tan 59e02bd210
UX: Removed tracked section link from Community section in Sidebar ()
Product has decided that the tracked section link provides very little
value at this moment in time so we're removing it.

See https://meta.discourse.org/t/245374 for more context.
2022-11-21 16:45:19 +08:00
Martin Brennan d3f02a1270
FEATURE: Generic hashtag autocomplete lookup and markdown cooking ()
This commit fleshes out and adds functionality for the new `#hashtag` search and
lookup system, still hidden behind the `enable_experimental_hashtag_autocomplete`
feature flag.

**Serverside**

We have two plugin API registration methods that are used to define data sources
(`register_hashtag_data_source`) and hashtag result type priorities depending on
the context (`register_hashtag_type_in_context`). Reading the comments in plugin.rb
should make it clear what these are doing. Reading the `HashtagAutocompleteService`
in full will likely help a lot as well.

Each data source is responsible for providing its own **lookup** and **search**
method that returns hashtag results based on the arguments provided. For example,
the category hashtag data source has to take into account parent categories and
how they relate, and each data source has to define their own icon to use for the
hashtag, and so on.

The `Site` serializer has two new attributes that source data from `HashtagAutocompleteService`.
There is `hashtag_icons` that is just a simple array of all the different icons that
can be used for allowlisting in our markdown pipeline, and there is `hashtag_context_configurations`
that is used to store the type priority orders for each registered context.

When sending emails, we cannot render the SVG icons for hashtags, so
we need to change the HTML hashtags to the normal `#hashtag` text.

**Markdown**

The `hashtag-autocomplete.js` file is where I have added the new `hashtag-autocomplete`
markdown rule, and like all of our rules this is used to cook the raw text on both the clientside
and on the serverside using MiniRacer. Only on the server side do we actually reach out to
the database with the `hashtagLookup` function, on the clientside we just render a plainer
version of the hashtag HTML. Only in the composer preview do we do further lookups based
on this.

This rule is the first one (that I can find) that uses the `currentUser` based on a passed
in `user_id` for guardian checks in markdown rendering code. This is the `last_editor_id`
for both the post and chat message. In some cases we need to cook without a user present,
so the `Discourse.system_user` is used in this case.

**Chat Channels**

This also contains the changes required for chat so that chat channels can be used
as a data source for hashtag searches and lookups. This data source will only be
used when `enable_experimental_hashtag_autocomplete` is `true`, so we don't have
to worry about channel results suddenly turning up.

------

**Known Rough Edges**

- Onebox excerpts will not render the icon svg/use tags, I plan to address that in a follow up PR
- Selecting a hashtag + pressing the Quote button will result in weird behaviour, I plan to address that in a follow up PR
- Mixed hashtag contexts for hashtags without a type suffix will not work correctly, e.g. #ux which is both a category and a channel slug will resolve to a category when used inside a post or within a [chat] transcript in that post. Users can get around this manually by adding the correct suffix, for example ::channel. We may get to this at some point in future
- Icons will not show for the hashtags in emails since SVG support is so terrible in email (this is not likely to be resolved, but still noting for posterity)
- Additional refinements and review fixes wil
2022-11-21 08:37:06 +10:00
Sam 4f63bc8ed2
FEATURE: hidden site setting to suppress unsecured categories from admins ()
The hidden site setting `suppress_secured_categories_from_admin` will
suppress visibility of categories without explicit access from admins
in a few key areas (category drop downs and topic lists)

It is not intended to be a security wall since admins can amend any site
setting. Instead it is feature that allows hiding the categories from the
UI.

Admins will still be able to see topics in categories without explicit
access using direct URLs or flags.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-11-18 14:37:36 +11:00
Kris a6c787345c
UX: reorganize user prefs for experimental user nav ()
Trying out changes to reduce the number of nav items in the experimental horizontal user nav. These changes should only appear with the redesigned_user_page_nav_enabled feature flag.

1. Created a new "Tracking" route. This combines some tracking-related settings from Notifications and Category and Tag tracking (which were separate tabs previously). Don't love the layout yet, but it's something that we can work on.

2. Moved some user-related settings out of Notifications and to the
Users tab. These seem more user-related to me, and it's nice that we can
associate enabling messages with the setting to limit who can send
messages.

3. Moved the App tab (lists app permissions) to be within the Security tab. It's very similar to Recently Used Devices.
2022-11-18 09:09:04 +08:00
Meghna 040136675b
UX: better email login pages ()
* UX: better email login pages

* Update error message for email login error
2022-11-17 13:09:39 +05:30
Martin Brennan 40e8912395
FIX: Invite redemption error if user had already redeemed ()
When opening the invite acceptance page when the user
was already logged in, we were still showing the Accept
Invitation prompt even if the user had already redeemed
the invitation and was present in the `InvitedUser` table.

This would lead to errors when the user clicked on the button.

This commit fixes the issue by hiding the Accept Invitation
button and showing an error message instead indicating that
the user had already redeemed the invitation. This only applies
to multi-use invite links.
2022-11-17 15:51:58 +10:00
Penar Musaraj 19158cde53
Add search tip for `@me` shortcut () 2022-11-16 15:19:34 -05:00
Kris a5f2099884
A11Y: add live area for search menu, labels () 2022-11-16 14:02:39 -05:00
Bianca Nenciu 9f3371f367
DEV: Remove old "first notification" tutorial ()
It was replaced by the new "first notification" user tip.
2022-11-16 14:35:18 +02:00
Discourse Translator Bot 33f601c8ad
Update translations () 2022-11-16 11:39:47 +01:00
Bianca Nenciu ac272c041e
FEATURE: Add user tips for post and topic features ()
* DEV: Add utility to hide all user tips

* DEV: Add UserTip Glimmer component

* DEV: Add tests for existing user tips

* FEATURE: Add user tip for post menu

* FEATURE: Add user tip for topic notification level

* FEATURE: Add user tip for suggested topics

* FEATURE: Hide new popups for existing users
2022-11-15 17:36:08 +02:00
Jan Cernik ad4df89093
FIX: Rename Users to Sign-Ups in About page () 2022-11-14 17:19:32 -03:00
Blake Erickson 7be53b1588
FEATURE: Default Composer Category Site Setting ()
* FEATURE: Default Composer Category Site Setting

- Create the default_composer_category site setting
- Replace general_category_id logic for auto selecting the composer
  category
- Prevent Uncategorized from being selected if not allowed
- Add default_composer_category option to seeded categories
- Create a migration to populate the default_composer_category site
  setting if there is a general_category_id populated
- Added some tests

* Add missing translation for the new site setting

* fix some js tests

* Just check that the header value is null
2022-11-14 11:09:57 -07:00
Martin Brennan 3b735d8fc5
DEV: Require pry-byebug in development mode ()
We already do this in test mode, so let's do it in
development mode too. It adds better step-by-step
debugging and callstack navigation, see the readme
for more details:

https://github.com/deivid-rodriguez/pry-byebug
2022-11-10 09:58:39 +10:00
Gerhard Schlager 5268da037a UX: Replace concatenated translation 2022-11-09 22:33:31 +01:00
Gerhard Schlager 5aa951817c DEV: Remove unused translation
It was removed in 4a872823e7
2022-11-09 22:33:31 +01:00
Gerhard Schlager a292660c75 UX: Fix spelling of "Sidekiq"
@discourse-translator-bot keep_translations_and_approvals
2022-11-09 22:33:31 +01:00
Keegan George 4ae288367e
FIX: Permalinks issues () 2022-11-09 11:23:08 -08:00
Bianca Nenciu 4dad7816b2
FEATURE: Rename onboarding popups to user tips ()
This commit also hides the new user tips for existing users.
2022-11-09 20:20:34 +02:00
Arpit Jalan 8b8c1291e7
FIX: do not preload topic list for new topic/message routes ()
This commit fixes the issue where the sub-category topic list was not
loading for new-topic routes. Since we do not need to preload topic
lists for new topic/message routes this commit adds a no-op controller
that prevents topic lists pre loading and at the same time fixes the sub
category topics not loading issue.
2022-11-09 20:57:42 +05:30
Gerhard Schlager 04b0035009 DEV: Remove unused code and translations
The edit PM button was removed in ecc8e559ec
2022-11-09 14:27:55 +01:00
Martin Brennan c6764d8c74
FIX: Automatically generate category channel slugs ()
This commit automatically ensures that category channels
have slugs when they are created or updated based on the
channel name, category name, or existing slug. The behaviour
has been copied from the Category model.

We also include a backfill here with a simplified version
of Slug.for with deduplication to fill the slugs for already
created Category chat channels.

The channel slug is also now used for chat notifications,
and for the UI and navigation for chat. `slugifyChannel`
is still used, but now does the following fallback:

* Uses channel.slug if it is present
* Uses channel.escapedTitle if it is present
* Uses channel.title if it is present

In future we may want to remove this altogether
and always rely on the slug being present, but this
is currently not possible because we are not generating
slugs for DM channels at this point.
2022-11-09 10:28:31 +10:00
Discourse Translator Bot d7844a797f
Update translations () 2022-11-09 00:00:28 +01:00
Martin Brennan b9d4336a20
DEV: Add test-site-settings to asset pipeline ()
Follow up to 59da6c6ea2
2022-11-08 11:54:25 +10:00
Martin Brennan b93075a445
DEV: Make admin-start-backup template extendable ()
We need to change the content of this modal in different
plugins based on context, so move some parts of it into
the JS file.
2022-11-08 10:40:56 +10:00
David Taylor 782f43cc55
Improve route error handling in admin/plugins ()
Previously if a specific plugin route was not available (e.g. there was an error loading the plugin's JS due to an ad blocker), the entire page would fail to load. This commit updates the behavior to catch this kind of issue and display a user-friendly message at the top of the screen.
2022-11-07 16:39:27 +00:00
David Taylor 4e0f5eac42
FIX: Increase NGINX request header buffer ()
This allows a large volume of cookies in request headers. Discourse itself tries to minimise cookie size, but we cannot control other cookies set by other tools on the same domain.
2022-11-07 12:11:06 -03:00
Vinoth Kannan dea44ec923
FEATURE: new site setting to hide user profiles by default. ()
Previously, we didn't have a site-wide setting to set the default behavior for user profile visibility and user presence features. But we already have a user preference for that.
2022-11-06 16:44:17 +05:30
Tobias Eigen 49a191bf69
removed some extraneous question marks () 2022-11-03 10:26:27 +09:00
Discourse Translator Bot 82425b23ee
Update translations () 2022-11-02 15:13:47 +01:00
Kris 2531828973
UX: hide new/unread counts in sidebar, use dot by default ()
This updates the behavior of the list destination setting for links in the sidebar.

By default, new/unread content will show a dot like chat, rather than the count of new/unread topics.

If a user chooses to link to new/unread in the sidebar, we'll show the count.

The goal here is to find a simple default for typical users (new/unread indication, no counts, default links) while providing a different workflow for power users (showing new/unread counts, and linking directly to new/unread).

Internal Ref: /t/82626
2022-11-02 20:55:05 +09:00
David Taylor 07ef1a80a1
SECURITY: Fix invite link email validation ()
See https://github.com/discourse/discourse/security/advisories/GHSA-x8w7-rwmr-w278

Co-authored-by: Martin Brennan <martin@discourse.org>
2022-11-01 16:33:32 +00:00
David Taylor 68b4fe4cf8
SECURITY: Expand and improve SSRF Protections ()
See https://github.com/discourse/discourse/security/advisories/GHSA-rcc5-28r3-23rr

Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2022-11-01 16:33:17 +00:00
Alan Guo Xiang Tan cfefdf0832
UX: Switch no categories/tags configured text in sidebar to a link ()
Internal Ref: /t/73500
2022-10-31 06:42:55 +08:00
Gaurang Tandon 5ee5031bfa
UX: Fix grammar typo in trust_level_unlocked_tip () 2022-10-31 06:25:37 +08:00
Penar Musaraj 0297c79cbe
FIX: simplify display of multiple AJAX errors ()
Our dialog service doesn't accept HTML by default and we shouldn't include HTML in the error message string. And given that the Ajax error handler is called in multiple contexts, it's tricky to properly support line breaks via either HTML or `\n` so we are opting for plain text in AJAX error messages.
2022-10-28 08:37:08 -04:00
Sam d99293d837
FEATURE: reduce suspicious distance logins warning to 100km ()
Suspicious login emails are incredibly rare, we are concerned they are in
fact too rare. Attempt to reduce the distance down to 100km.
2022-10-28 07:01:11 +08:00
Blake Erickson 9b1536fb83
DEV: Update expired reset password copy () 2022-10-27 12:29:50 -06:00
Penar Musaraj 9ec62091c6
DEV: Update upload mismatch error message ()
Following feedback from translators, it does not look like we need to
refer to an "upload stub" here.
2022-10-26 15:41:50 -04:00
Gerhard Schlager 3fbae5dd03
UX: Use a friendlier educational message ()
See /t/82115/3
2022-10-26 20:53:57 +02:00
Discourse Translator Bot 5f02f11acc
Update translations () 2022-10-25 17:00:49 +02:00
Penar Musaraj a14825836f
UX: Show category edit button when in tag intersection ()
Given that the category structure is generally speaking the backbone of most Discourse instances, it makes sense to show the edit button for the category even when the user is in a category/tag intersection route.
2022-10-20 15:04:21 -04:00
Bianca Nenciu 0be0bcfc7d
FIX: Do not show a 404 page when visiting messages ()
* DEV: Use list controller and action

It used an empty action handler which just returned the app and it
required another request to get the topic list. By using the correct
controller and action we can preload the topic list.
2022-10-20 16:24:56 +03:00
Bianca Nenciu 66904f2cd2
FEATURE: Add button to reset seen popups () 2022-10-20 09:06:39 +08:00
maiki 0f7d1f2420
UX: correct capitalization () 2022-10-19 10:53:09 -07:00
David Taylor 9a4072fe31
DEV: Load plugin CSS in tests () 2022-10-19 18:10:06 +01:00
Discourse Translator Bot 0af2837b73
Update translations () 2022-10-19 15:19:28 +02:00
Martin Brennan 7c25597da2
FEATURE: Generic hashtag autocomplete part 1 ()
This commit adds a new `/hashtag/search` endpoint and both
relevant JS and ruby plugin APIs to handle plugins adding their
own data sources and priority orders for types of things to search
when `#` is pressed.

A `context` param is added to `setupHashtagAutocomplete` which
a corresponding chat PR https://github.com/discourse/discourse-chat/pull/1302
will now use.

The UI calls `registerHashtagSearchParam` for each context that will
require a `#` search (e.g. the topic composer), for each type of record that
the context needs to search for, as well as a priority order for that type. Core
uses this call to add the `category` and `tag` data sources to the topic composer.

The `register_hashtag_data_source` ruby plugin API call is for plugins to
add a new data source for the hashtag searching endpoint, e.g. discourse-chat
may add a `channel` data source.

This functionality is hidden behind the `enable_experimental_hashtag_autocomplete`
flag, except for the change to `setupHashtagAutocomplete` since only core and
discourse-chat are using that function. Note this PR does **not** include required
changes for hashtag lookup or new styling.
2022-10-19 14:03:57 +10:00
Keegan George 8791b6d5ee
A11Y: Improve group search accessibility () 2022-10-18 12:55:44 -07:00
Penar Musaraj a2596fb306
A11Y: Add aria labels for posts in group activity ()
This view can show multiple posts from the same topic and the aria labels
will now include the post number to more easily differentiate posts in
screen readers.
2022-10-18 13:58:26 -04:00
David Taylor be3d6a56ce
DEV: Introduce minification and source maps for Theme JS ()
Theme javascript is now minified using Terser, just like our core/plugin JS bundles. This reduces the amount of data sent over the network.

This commit also introduces sourcemaps for theme JS. Browser developer tools will now be able show each source file separately when browsing, and also in backtraces.

For theme test JS, the sourcemap is inlined for simplicity. Network load is not a concern for tests.
2022-10-18 18:20:10 +01:00
David Taylor 65a5c84a92 DEV: perform theme extra_js compilation all together
Previously, compiling theme 'extra_js' was done with a number of steps. Each theme_field would be compiled into its own value_baked column, and then the JavascriptCache content would be built by concatenating all of those compiled values.

This commit streamlines things by removing the value_baked step. The raw value of all extra_js theme_fields are passed directly to the ThemeJavascriptCompiler, and then the result is stored in the JavascriptCache.

In itself, this commit should not cause any behavior change. It is designed to open the door to more advanced compilation features which have interdependencies between different source files (e.g. template colocation, sourcemaps).
2022-10-18 10:10:49 +01:00
Martin Brennan 9879cb0e68
FIX: Clarify security key copy ()
In user preferences, we want to make it more obvious
that a security key is a physical device, and also
you can use your phone.
2022-10-18 16:30:48 +10:00
Krzysztof Kotlarek 243efa8931
FEATURE: allow user to set preferred sidebar list destination ()
User can choose between latest or new/unread and that preference will affect behavior of sidebar links.
2022-10-18 13:21:52 +11:00
Alan Guo Xiang Tan fff575ffd2
FEATURE: Add sidebar link for admin to configure default tags ()
Displays a sidebar section link to admin users when
`default_sidebar_tags` site setting has not been configured for the
site.

Internal Ref: /t/73500
2022-10-17 12:08:32 +08:00
Alan Guo Xiang Tan ae6549a6ea
FEATURE: Add sidebar link for admin to configure default categories ()
Displays a sidebar section link to admin users when
`default_sidebar_categories` site setting has not been configured for the
site.

Internal Ref: /t/73500
2022-10-17 12:08:15 +08:00
Alan Guo Xiang Tan d1304ecb46
DEV: Move sidebar site settings to the sidebar category ()
Sidebar category is only shown in the admin panel when `enable_experimental_sidebar_hamburger` site setting is enabled
2022-10-17 10:33:15 +08:00
chapoi 7ed87979a2
UX: theme setting highlight update () 2022-10-15 15:29:37 -05:00
Roman Rizzi 588bb2ccf2
A11Y: Add more information to the "reply to" button label. ()
Includes the post number and poster's username for screen readers.
2022-10-14 17:47:29 -03:00
Tobias Eigen 07a6b6f55c
updated copy for Create your Welcome Topic CTA ()
Fixed a typo and added more guidance on info the welcome topic should contain.
2022-10-14 11:46:24 -07:00
Roman Rizzi 2933baa0ce
A11Y: Signal the toggle header can reorder table elements. ()
While navigating the table, indicate what the button does and if the user pressed it or not. Also, don't lose focus after reordering elements.
2022-10-14 13:28:20 -03:00
David Taylor e0a6d12c55
Use service account credentials for fetching google hd groups ()
The previous implementation would attempt to fetch groups using the end-user's Google auth token. This only worked for admin accounts, or users with 'delegated' access to the `admin.directory.group.readonly` API.

This commit changes the approach to use a single 'service account' for fetching the groups. This removes the need to add permissions to all regular user accounts. I'll be updating the [meta docs](https://meta.discourse.org/t/226850) with instructions on setting up the service account.

This is technically a breaking change in behavior, but the existing implementation was marked experimental, and is currently unusable in production google workspace environments.
2022-10-13 16:04:42 +01:00
Andrei Prigorshnev 0fe111e492
FEATURE: add user status to user preferences () 2022-10-12 23:35:25 +04:00
Bianca Nenciu 7611fec0da
FEATURE: Implement new onboarding popups ()
This commit introduces a new framework for building user tutorials as
popups using the Tippy JS library. Currently, the new framework is used
to replace the old notification spotlight and tips and show a new one
related to the topic timeline.

All popups follow the same structure and have a title, a description and
two buttons for either dismissing just the current tip or all of them
at once.

The state of all seen popups is stored in a user option. Updating
skip_new_user_tips will automatically update the list of seen popups
accordingly.
2022-10-12 18:38:45 +03:00
Rafael dos Santos Silva 6888eb5c2d
Revert "Revert "FEATURE: Preload resources via link header ()" ()" ()
* Revert "Revert "FEATURE: Preload resources via link header ()" ()"

This reverts commit 95a57f7e0c.

* put behind feature flag

* env -> global setting

* declare global setting

* forgot one spot
2022-10-11 20:11:44 -03:00
Jordan Vidrine 356cf358f7
FIX: Change text () 2022-10-11 11:49:39 -05:00
Osama Sayegh ac9fbb56a4
DEV: Improve UX for user menu tabs when they're empty ()
This commit adds more helpful/education messages that show up in the replies and "other notifications" tabs when they're empty. Internal topic: t/76879.
2022-10-11 18:33:09 +03:00
Rafael dos Santos Silva 4d525a70be
DEV: Increase nginx proxy buffer size ()
* DEV: Increase nginx proxy buffer size

This is needed so we can reland the patch to move our asset preloading
from link tags in the response document to response headers.
2022-10-11 11:33:07 -03:00
Discourse Translator Bot f7db4150da
Update translations () 2022-10-11 16:29:04 +02:00
Martin Brennan 472abe532e
DEV: Add experimental setting for hashtag-autocomplete changes ()
This initial PR just adds a enable_experimental_hashtag_autocomplete
setting, and related JS & HBR files, replacing direct setup of
the autocomplete within d-editor and instead using the new
lib/hashtag-autocomplete. This is the beginning of preparations
to allow other data sources to be added to this autocomplete,
as well as a redesign of the menu and rendered tags in the composer
preview and posts.
2022-10-11 13:15:16 +10:00
Martin Brennan 086f4775cd
FIX: Hide old PM settings ()
Follow up to e62e93f83a.
It's confusing and unexpected that deprecated settings
unconditionally change the new setting's value via the
`SiteSettingsController`, even if `override` was set to `false`,
a follow-up PR will correct the issue in `SiteSettingsController`.
2022-10-11 10:13:53 +10:00
Bianca Nenciu dc89b72d46
FIX: Show error if field is same as password ()
* FIX: Show user fields validation errors

* FIX: Show error if user field is same as password
2022-10-10 20:00:52 +03:00
Bianca Nenciu 08ab09c928
FIX: Remove public topic invite functionality ()
This can no longer be used from the user interface and could be used to
generate useless topic invites notifications. This commit adds site 
setting max_topic_invitations_per_minute to prevent invite spam.
2022-10-10 19:21:51 +03:00
Penar Musaraj a1d67122b1
DEV: Refactor the last few bootbox dialogs () 2022-10-07 11:38:27 -04:00
Jan Cernik 08476f17ff
FEATURE: Add dark mode option for category logos ()
Adds a new upload field for a second dark mode category logo. 
This alternative will be used when the browser is in dark mode (similar to the global site setting for a dark logo).
2022-10-07 11:00:44 -04:00
Discourse Translator Bot e812e10c3b
Update translations () 2022-10-05 15:32:10 +02:00
Alan Guo Xiang Tan 63b7f7c85c
UX: `More...` -> `More` in Sidebar ()
We already have an icon so `...` is redundant
2022-10-05 12:50:30 +08:00
Bianca Nenciu cf646b2061
FIX: Count resulting bulk invites correctly ()
Skipped invites were not counted at all and some invites could generate
more than one error and resulted in a grand total that was not equal to
the count of bulk invites.
2022-10-04 18:41:06 +03:00
Alan Guo Xiang Tan de071fc1e8
DEV: Convert messages user page nav to experimental redesign ()
No tests are written for now as we're still in a highly iterative stage
2022-10-04 12:05:09 +08:00
Blake Erickson 3b86974367
FEATURE: Make General the default category ()
* FEATURE: Make General the default category

* Set general as the default category in the composer model instead

* use semicolon

* Enable allow_uncategorized_topics in create_post spec helper for now

* Check if general_category_id is set

* Enable allow_uncategorized_topics for test env

* Provide an option to the create_post helper to not set allow_uncategorized_topics

* Add tests to check that category… is not present and that General is selected automatically
2022-09-30 12:20:21 -06:00
Bianca Nenciu 35a90b6a3f
FIX: Add better and more strict invite validators ()
* FIX: Add validator for email xor domain

* FIX: Add validator for max_redemptions_allowed

* FIX: Add validator for redemption_count
2022-09-30 13:35:00 +03:00
Bianca Nenciu f60e6837c6
FEATURE: Add setting to always confirm old email ()
By default, only staff members have to confirm their old email when
changing it. This commit adds a site setting that when enabled will
always ask the user to confirm old email.
2022-09-30 00:49:17 +03:00
Jarek Radosz ae1e536e83
SECURITY: moderator shouldn't be able to import a theme via API ()
* SECURITY: moderator shouldn't be able to import a theme via API.
* DEV: apply `AdminConstraint` for all the "themes" routes.

Co-authored-by: Vinoth Kannan <svkn.87@gmail.com>
2022-09-29 20:00:20 +02:00
Martin Brennan 8ebd5edd1e
DEV: Rename secure_media to secure_uploads ()
This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality.

This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site.

Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing.

This also keeps compatibility with the `secure-media-uploads` path, and changes new
secure URLs to be `secure-uploads`.

Deprecated settings:

* secure_media -> secure_uploads
* secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails
* secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 09:24:33 +10:00
Alan Guo Xiang Tan 4b561277a9
FEATURE: Add review link to community section for logged in user ()
When there are pending reviewables, the review section link is displayed
in the main section. When there are no pending reviewables, the review
section link is displayed under the more links drawer.

Internal ref: /t/74210
2022-09-28 09:58:07 +08:00
Discourse Translator Bot 5dea425ee9
Update translations () 2022-09-27 19:07:56 +02:00
Arpit Jalan 2ee721f8aa
FEATURE: add composer warning when user haven't been seen in a long time ()
* FEATURE: add composer warning when user haven't been seen in a long time

When a user creates a PM and adds a recipient that hasn't been seen in a
long time then we'll now show a warning in composer indicating that the
user hasn't been seen in a long time.
2022-09-27 22:06:40 +05:30
Penar Musaraj 250c0bccbd
A11Y: Add aria label to composer messages `Esc` button () 2022-09-27 08:52:09 -04:00
Vinoth Kannan 076abe46fa
FEATURE: new site setting to set locale from cookie for anonymous users. ()
This new hidden default-disabled site setting `set_locale_from_cookie` will set locale from anonymous user's cookie value.
2022-09-27 14:26:06 +05:30
Vinoth Kannan 0b6c89dc62
FEATURE: add site setting to include user associated account ids. ()
By default, we won't include associated account ids in current user serializer. If the new hidden site setting `include_associated_account_ids` is enabled then we will add it in the serializer.
2022-09-27 12:40:20 +05:30
Daniel Waterworth 69d74ae508
DEV: Differentiate staff-writes-only banner () 2022-09-26 13:16:29 -05:00
Andrei Prigorshnev 4c4cc20c61
FEATURE: make user status a public experimental feature () 2022-09-26 17:44:31 +04:00
Pixlz a142460f35
FIX: Incorrect casing for CTA () 2022-09-26 14:33:04 +08:00
Martin Brennan e62e93f83a
FEATURE: Introduce personal_message_enabled_groups setting ()
This will replace `enable_personal_messages` and
`min_trust_to_send_messages`, this commit introduces
the setting `personal_message_enabled_groups`
and uses it in all places that `enable_personal_messages`
and `min_trust_to_send_messages` currently apply.

A migration is included to set `personal_message_enabled_groups`
based on the following rules:

* If `enable_personal_messages` was false, then set
  `personal_message_enabled_groups` to `3`, which is
  the staff auto group
* If `min_trust_to_send_messages` is not default (1)
  and the above condition is false, then set the
  `personal_message_enabled_groups` setting to
  the appropriate auto group based on the trust level
* Otherwise just set `personal_message_enabled_groups` to
  11 which is the TL1 auto group

After follow-up PRs to plugins using these old settings, we will be
able to drop the old settings from core, in the meantime I've added
 DEPRECATED notices to their descriptions and added them
to the deprecated site settings list.

This commit also introduces a `_map` shortcut method definition
for all `group_list` site settings, e.g. `SiteSetting.personal_message_enabled_groups`
also has `SiteSetting.personal_message_enabled_groups_map` available,
which automatically splits the setting by `|` and converts it into
an array of integers.
2022-09-26 13:58:40 +10:00
Vinoth Kannan 998bd191a5
FEATURE: site setting to disable usernames in share links. ()
https://meta.discourse.org/t/share-a-link-for-a-post-should-not-leak-username/66489/22?u=vinothkannans
2022-09-22 23:12:39 +05:30
Alan Guo Xiang Tan b066955838
DEV: Mobile layout support for experimental user nav () 2022-09-22 09:45:50 +08:00
David Taylor e06b9d4a52
DEV: Remove support for legacy plugin JS compilation pipeline ()
This became the default in b1755137
2022-09-21 12:38:02 +01:00
Alan Guo Xiang Tan c73ca74585
DEV: Make enable_new_user_profile_nav_groups site setting unhidden ()
This improves the usability of the feature flag. Previously, the only
way was to add the right environment variable.
2022-09-21 13:23:51 +08:00
Alan Guo Xiang Tan da3e72c2b4
DEV: Ship first pass of new user page navigation behind feature flag ()
This commits introduces a new SiteSetting.enable_new_user_profile_nav_groups
feature flag. When configured, users of the configured groups will see
the new user page navigation links.

As of this commit, only the user activity navigation link has been
converted to the newly proposed dropdown of navigation links.

Mobile support has not been considered.
2022-09-21 12:32:47 +08:00
Alan Guo Xiang Tan 1413de2809
UX: Add short site description for anonymous user in sidebar ()
Displays the `short_site_description` site setting in the community
section when the site setting is set
2022-09-21 11:38:29 +08:00
Osama Sayegh 3d2de7ca03
FIX: Add missing string for reviewables in user menu when reviewable post is deleted () 2022-09-21 09:05:08 +10:00
Osama Sayegh 496f910f03
DEV: Various A11Y improvements for the new user menu ()
This commit includes various accessibility improvements for the new user menu:

* Add `title` attributes to the user menu tabs
* Properly label lists (by adding `aria-labelledby` to `<ul>` elements) for screen readers
* Change the user menu structure so that the tabs come before the content panel in the DOM, but use CSS to reverse them visually.
  Normally, changing the order of elements via CSS is bad for accessibility, but I believe this is one of the rare scenarios where it [makes sense](https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Flexible_Box_Layout/Ordering_Flex_Items#use_cases_for_order). Prior to this change, if you want to reach the first notification item after you select a tab using the keyboard, you have to hit <kbd>ctrl</kbd>+<kbd>tab</kbd> because the notifications list is before the tabs list. However, with this change, <kbd>tab</kbd> will move you to the first item in the list after you select a tab using your keyboard.
* Aria-hide the unread notifications badge/count on the tabs because the `title` attribute on the tab indicates the unread count.
* Add some tests.
2022-09-20 19:31:56 +03:00
Rafael dos Santos Silva 685e0da8c3
DEV: Update highlight.js to version 11 () 2022-09-20 12:43:28 -03:00
Discourse Translator Bot 59071a13f4
Update translations () 2022-09-20 16:03:15 +02:00
Osama Sayegh 0414bd00ae
DEV: Tone down copy in experimental user menu for pending users ()
The experimental user menu has a tab that displays recent reviewables and at the moment when a new signs up for the site and they need to be approved, admins see a very scary "suspicious user" copy in the reviewables tab in the user menu. We don't need the copy to be very scary because when a user needs to be approved, it's because the site operator has configured the site to force all new users to go through the review queue and it's not some kind of spam detector flagging the user.
2022-09-19 19:32:34 +03:00
Alan Guo Xiang Tan 754ad42344
UX: Use the same text for linking to more categories and tags in sidebar ()
Before this change, anonymous user and a logged in user used different
text for the links to the categories and tags routes.

Follow-up to 321aa4b4b4
2022-09-19 12:01:08 +08:00
David Taylor 3679c081a9
Improve Safari 13 warning copy () 2022-09-16 14:21:54 +01:00
David Taylor 3904c23121
Introduce warning message for Safari 13 and below ()
Discourse will be dropping support for these browsers in early 2023. https://meta.discourse.org/t/224747
2022-09-16 11:17:49 +01:00
Penar Musaraj 86ecb6c58b
DEV: update yes/no confirmation dialogs () 2022-09-14 11:06:56 -04:00
Discourse Translator Bot d00cd3295e
Update translations () 2022-09-13 16:04:18 +02:00
Kris 321aa4b4b4
UX: sidebar more link for categories & tags () 2022-09-12 13:25:25 -04:00
Penar Musaraj 7547878cde
FIX: Regression with admin user delete dialog buttons ()
This also adds a test to prevent regressions and refactors the very similar delete dialog in the user summary screen.
2022-09-05 09:31:17 +02:00
Bianca Nenciu 19ed9dd183
FIX: Keep private theme key secret from user ()
The generate RSA key and import theme routes worked separate from each
other. The RSA key returned both the public and private key and it was
the frontend which posted the private key back to the server. With this
commit, only the public key is necessary as the server keeps a map of
public and private keys that is used to get the private key back from
a public key.
2022-09-01 13:15:23 +03:00
Discourse Translator Bot 1ed4442c10
Update translations () 2022-08-30 20:17:57 +02:00
Blake Erickson eba8b8d34d
FEATURE: Replace Lounge with General Category ()
- Seed the General category so that the general chat channel will have
  a home
- Do not seed the Lounge category anymore
- Move the "Welcome to Site" topic to the General category
2022-08-29 13:05:41 -06:00
David Taylor 1bd1664ae0
DEV: Compile markdown-it-bundle with ember-cli ()
We were already compiling the markdown bundle via ember-cli, but that version was only being used in the test environment. This commit improves the implementation, and updates the filename so it's also used in production.

This commit also
- Removes the vendored copy of `markdown-it.js` and fetches from node_modules instead
- Updates `pretty_text.rb` to remove the custom sprockets-manifest-parsing
- Removes `pretty-text-bundle.js`, which was only being used by `pretty_text.rb`
2022-08-29 19:11:59 +01:00
Penar Musaraj 4116bce902
DEV: Add A11Y-friendly dialog addon ()
This adds a new framework for accessible dialogs that will eventually replace bootbox. Under the hood, it uses the a11y-dialog package and an in-repo Ember addon. See PR for usage details.
2022-08-29 13:59:57 -04:00
Andrei Prigorshnev b6e0219a74
DEV: extract until date formatting in a library function () 2022-08-29 15:45:36 +04:00
Kris 000c4e1084
UX: fix styles for the wizard congrats step () 2022-08-26 12:29:40 -04:00
Discourse Translator Bot 62b87b2df9
Update translations () 2022-08-26 11:04:49 +02:00
Gerhard Schlager ec93bca99e
UX: Remove confusing fallback locale warning () 2022-08-26 01:22:04 +02:00
Alan Guo Xiang Tan 7f198bd975 DEV: Add dedicated translations for links in sidebar
We do not want to depend on existing translations which are used
elsewhere and can break the sidebar experience when changed.
2022-08-25 09:34:36 +08:00
Martin Brennan b197ca02b7
DEV: Do not MiniProfile theme-javascripts ()
This creates a huge amount of noise depending on
the themes/theme components installed and doesn't
provide much value.
2022-08-24 16:01:42 +10:00
Stephen White 6771673a1b
Fix constraints typo in routes config () 2022-08-24 10:27:05 +08:00
Discourse Translator Bot d7ce2d40dd
Update translations () 2022-08-23 17:24:36 +02:00
David Taylor 33a2624f09
DEV: Introduce flag for compiling Plugin JS with Ember CLI ()
When `EMBER_CLI_PLUGIN_ASSETS=1`, plugin application JS will be compiled via Ember CLI. In this mode, the existing `register_asset` API will cause any registered JS files to be made available in `/plugins/{plugin-name}_extra.js`. These 'extra' files will be loaded immediately after the plugin app JS file, so this should not affect functionality.

Plugin compilation in Ember CLI is implemented as an addon, similar to the existing 'admin' addon. We bypass the normal Ember CLI compilation process (which would add the JS to the main app bundle), and reroute the addon Broccoli tree into a separate JS file per-plugin. Previously, Sprockets would add compiled templates directly to `Ember.TEMPLATES`. Under Ember CLI, they are compiled into es6 modules. Some new logic in `discourse-boot.js` takes care of remapping the new module names into the old-style `Ember.TEMPLATES`.

This change has been designed to be a like-for-like replacement of the old plugin compilation system, so we do not expect any breakage. Even so, the environment variable flag will allow us to test this in a range of environments before enabling it by default.

A manual silence implementation is added for the build-time `ember-glimmer.link-to.positional-arguments` deprecation while we work on a better story for plugins.
2022-08-22 09:56:39 +01:00
Krzysztof Kotlarek caab916569
FEATURE: default sidebar categories and tags ()
Ability to set up default sidebar categories and tags for authenticated users
2022-08-22 08:46:20 +10:00
Andrei Prigorshnev 21d5904d7c UX: fix typo in a blank page copy 2022-08-19 09:36:51 +08:00
Bianca Nenciu b082f459c9
FEATURE: Limit maximum recipients for group emails ()
New maximum_recipients_per_new_group_email site setting can be used to
prevent spam group emails with many recipients.
2022-08-18 18:18:58 +03:00
Andrei Prigorshnev e49167b311
UX: Improve empty state copy on the activity/replies page () 2022-08-18 18:00:15 +04:00
Andrei Prigorshnev d7c1ff3116
UX: show blank page placeholder instead of the blue panel that says "No Activity" () 2022-08-18 17:24:52 +04:00
Alan Guo Xiang Tan 5990842dd9 UX: Revamp styling of sidebar
The following changes are made in this commit:

1. Move caret icon in sidebar section header to the right.
1. Each row in sidebar takes the full width which enables us to do a
full width highlight on hover and when sidebar link is active.
1. Ensure each row in Sidebar is of the same height.

Internal refs: /t/70546, /t/72196, /t/71820
2022-08-18 16:14:49 +08:00
Keegan George de8bf7466e
DEV: `list_type: simple` to allow for easy re-ordering () 2022-08-16 10:23:14 -07:00
Discourse Translator Bot 563036a862
Update translations () 2022-08-16 16:12:43 +02:00
Rafael dos Santos Silva ef505c0b73
DEV: Declare new SMTP settings from 3a37a7f ()
Follow up to 3a37a7f where adding those new SMTP settings forgot to
declare it in our defaults file.
2022-08-15 13:45:23 -03:00
Roland 3a37a7f6b4
FEATURE: Allow configuration of smtp timeout settings ()
Adds DISCOURSE_SMTP_OPEN_TIMEOUT and DISCOURSE_SMTP_READ_TIMEOUT GlobalSettings that allow site admins to configure the SMTP connection behavior to match the needs of their SMTP server.
2022-08-15 12:14:09 -03:00
David Taylor 3ffc213fa9
FEATURE: Add safe-mode toggle to `/u/admin-login` ()
Previously, this would require manually adding `?safe_mode=...` multiple times during the email-based login flow. `/u/admin-login` is often used when debugging a site, so it makes sense for this to be easier.

This commit introduces a new checkbox on the `/u/admin-login` screen. When checked, it'll set the safe_mode parameter on the `/email-login` link, and then pass it all the way through to the homepage redirect.
2022-08-15 15:30:07 +01:00
David Taylor 64a66cf82b
UX: Improve safe-mode usability ()
- `no_custom` -> `no_themes` (history: before themes existed, we had a similar tool called 'customizations')
- `only_official` -> `no_unofficial_plugins` (matches format of `no_themes` and `no_plugins`, and makes it clear that this doesn't affect themes)
- `?safe_mode=no_themes%2C%no_plugins` -> `?safe_mode=no_themes,no_plugins` (the query portion of a URL does not require commas to be encoded. This is much nicer to read)
- If `no_plugins` is chosen from `/safe-mode` the URL generated will omit the superfluous `no_unofficial_plugins` flag
- Some tweaks to copy on `/safe-mode`
2022-08-15 15:15:15 +01:00
Alan Guo Xiang Tan abd9f461ea
DEV: Make experimental sidebar site settings public ()
This commits makes the `enable_experimental_sidebar_hamburger` and
`enable_sidebar` site settings public for site admins to enable. While
the site settings are public, do note that the features are still under
heavy development and are subjected to rapid changes
2022-08-15 14:29:55 +08:00
Joe c85921a548
FEATURE: Adds full screen composer submit button and prompt ()
Context: https://meta.discourse.org/t/still-display-the-reply-create-topic-button-when-using-full-screen-composition/123597/6?u=johani

Right now, we don't show the submit buttons when you enter the full-screen composer. The reasons for that are described in the context link above.

This PR adds the improvements highlighted here: https://meta.discourse.org/t/still-display-the-reply-create-topic-button-when-using-full-screen-composition/123597/12?u=johani

Here's a list of the changes this PR introduces:

1. When you enter full-screen mode, we will now add a prompt that matches the browser fullscreen <kbd>F11</kbd> function. It looks like so

    <img width="500" src="https://user-images.githubusercontent.com/33972521/183529813-71a20167-a661-466c-b9ef-c4d34e231000.png">
    
    The prompt fades away after a couple of seconds.
    
2. This PR adds the submit buttons to the full-screen composer mode. The submit buttons should work like normal if the post has no errors. If the post has errors (title too short, body too short, required categories/tags), then the button will make the composer exit the full-screen mode so that users will see the errors and fix them. The error logic is based on what we currently have; this PR doesn't add any new validation. Here's a video of what that looks like:

    https://meta.discourse.org/t/-/127948/14?u=johani
2022-08-11 14:38:56 +08:00
Bianca Nenciu e029a9b36c
FEATURE: Allow private themes to be partially installed ()
A public key must be added to GitHub when installing private themes.
When the process happens asynchronously (for example if the admin does
not have admin permissions to the GitHub repository), installing
private themes becomes very difficult.

In this case, the Discourse admin can partially install the theme by
letting Discourse save the private key, create a placeholder theme and
give the admin a public key to be used as a deploy key. After the key
is installed, the admin can finish theme installation by pressing a
button on the theme page.
2022-08-10 13:30:18 +03:00
Osama Sayegh 473695ee4d
DEV: Add messages tab to the new user menu ()
Some of the changes in this PR are extracted from https://github.com/discourse/discourse/pull/17379.

Similar to the bookmarks tab in the new user menu, the messages tab also displays a mix of notifications and messages. When there are unread message notifications, the tab displays all of these notifications at the top and fills the remaining space in the menu with a list of the user's messages. The bubble/badge count on the messages tab indicates how many unread message notifications there are.
2022-08-10 08:25:39 +03:00
Discourse Translator Bot 5773260ca2
Update translations () 2022-08-09 20:39:59 -04:00
Arpit Jalan 10a1b6b0a9
FEATURE: update bootstrap mode notice to add invite and wizard links ()
* FEATURE: update bootstrap mode notice to add invite and wizard links

* Updates per feedback on PR

* Fix the wizard link not showing

* Remove unneeded function

* Remove router service injection
2022-08-10 00:13:42 +05:30
Arpit Jalan d57bea4de3
FEATURE: add welcome topic cta banner () 2022-08-09 21:52:39 +05:30
Discourse Translator Bot 5138347e48
Update translations () 2022-08-09 16:58:34 +02:00
David Taylor 47824bc69f
DEV: Bump asset compiler versions ()
This will trigger recompilation of theme/plugin assets following 7f9c2c0b
2022-08-09 12:06:15 +01:00
Osama Sayegh 4fdb275683
DEV: Add bookmarks tab to the new user menu ()
Some of the changes in this commit are extracted from https://github.com/discourse/discourse/pull/17379.

The bookmarks tab in the new user menu is different from the other tabs in that it can display a mixture of notifications and bookmarks. When there are unread bookmark reminder notifications, the tab displays all of these notifications at the top and fills the remaining space in the menu with the rest of the bookmarks. The bubble/badge count on the bookmarks tab indicates how many unread bookmark reminder notifications there are.

On the technical aspect, since this commit introduces a new `bookmark-item` component, we've done some refactoring so that all 3 "item" components (`notification-item`, `reviewable-item` and the new `bookmark-item`) inherit from a base component and get identical HTML structure so they all look consistent.

Internal tickets: t70584 and t65045.
2022-08-08 17:24:04 +03:00
Blake Erickson d6641ee9b6
DEV: Improve wording about daily like limits ()
https://meta.discourse.org/t/-/149489

Improving the wording about daily like limits because there might be
some confusion around the word “daily”. This feature is really
just a 24 hour sliding window and has no concept of days.
2022-08-08 12:47:28 +01:00
Andrei Prigorshnev 8f66d57b86
UX: Improve empty state copy on the activity/topics page () 2022-08-05 18:37:06 +04:00
Daniel Waterworth e0ece3a77e
Revert "DEV: Improve multisite db scripts in dev ()" ()
This reverts commit 2e4056d185.

Unfortunately, this broke db:create and db:drop when multisite config
wasn't present.
2022-08-04 16:15:06 -05:00
Ghassan Maslamani 2d6bd30dd8
FEATURE: add image delete button in preview. ()
This commit adds a delete button to the composer preview next to the image scale buttons.

Reference: https://meta.discourse.org/t/image-remover-button-to-composer-preview/233005
2022-08-04 16:33:23 -04:00
Martin Brennan d2ddb140dd
FEATURE: Show SMTP response on admin email sent list and rearrange columns ()
Follow up to 4d3c1ceb44, this commit
shows the SMTP response in the admin email sent list and also moves the
topic/post link into a new column. Reply key is now in its own column.
2022-08-03 08:11:54 +10:00
Discourse Translator Bot f06e586c19
Update translations () 2022-08-02 16:54:12 +02:00
Selase Krakani 862007fb18
FEATURE: Add support for case-sensitive Watched Words ()
* FEATURE: Add case-sensitivity flag to watched_words

Currently, all watched words are matched case-insensitively. This flag
allows a watched word to be flagged for case-sensitive matching.
To allow allow for backwards compatibility the flag is set to false by
default.

* FEATURE: Support case-sensitive creation of Watched Words via API

Extend admin creation and upload of Watched Words to support case
sensitive flag. This lays the ground work for supporting
case-insensitive matching of Watched Words.

Support for an extra column has also been introduced for the Watched
Words upload CSV file. The new column structure is as follows:

 word,replacement,case_sentive

* FEATURE: Enable case-sensitive matching of Watched Words

WordWatcher's word_matcher_regexp now returns a list of regular
expressions instead of one case-insensitive regular expression.

With the ability to flag a Watched Word as case-sensitive, an action
can have words of both sensitivities.This makes the use of the global
Regexp::IGNORECASE flag added to all words problematic.

To get around platform limitations around the use of subexpression level
switches/flags, a list of regular expressions is returned instead, one for each
case sensitivity.

Word matching has also been updated to use this list of regular expressions
instead of one.

* FEATURE: Use case-sensitive regular expressions for Watched Words

Update Watched Words regular expressions matching and processing to handle
the extra metadata which comes along with the introduction of
case-sensitive Watched Words.

This allows case-sensitive Watched Words to matched as such.

* DEV: Simplify type casting of case-sensitive flag from uploads

Use builtin semantics instead of a custom method for converting
string case flags in uploaded Watched Words to boolean.

* UX: Add case-sensitivity details to Admin Watched Words UI

Update Watched Word form to include a toggle for case-sensitivity.
This also adds support for, case-sensitive testing and matching of  Watched Word
in the admin UI.

* DEV: Code improvements from review feedback

 - Extract watched word regex creation out to a utility function
 - Make JS array presence check more explicit and readable

* DEV: Extract Watched Word regex creation to utility function

Clean-up work from review feedback. Reduce code duplication.

* DEV: Rename word_matcher_regexp to word_matcher_regexp_list

Since a list is returned now instead of a single regular expression,
change `word_matcher_regexp` to `word_matcher_regexp_list` to better communicate
this change.

* DEV:  Incorporate WordWatcher updates from upstream

Resolve conflicts and ensure apply_to_text does not remove non-word characters in matches
that aren't at the beginning of the line.
2022-08-02 10:06:03 +02:00
Alan Guo Xiang Tan f204538f7c
UX: Remove count from more section links ()
Less is more...
2022-08-02 11:20:55 +08:00
Arpit Jalan cfd0a04965
FIX: wizard last step "corporate" was not saving changes () 2022-08-01 14:49:09 +05:30
Wolftallemo f590b62a31
FIX: Accept HEAD requests for mandrill webhook ()
Madrill uses a HEAD request for validation, accept it.
2022-07-29 16:26:31 +10:00
Alan Guo Xiang Tan 9efeaf2ae3
UX: Reduce number of links displayed in Community by default ()
Additional links are hidden by default and can be accessed via the
"more..." link.
2022-07-28 16:46:46 +08:00
Osama Sayegh 988a175e94
DEV: Add reviewables tab to the new user menu ()
This commit is a subset of the changes proposed in https://github.com/discourse/discourse/pull/17379.
2022-07-28 11:16:33 +03:00
Gerhard Schlager ff78a1eca7
DEV: Remove workaround for advisory lock ()
This reverts f08d440ea0 because the issue has been resolved in Rails 6.1.0 and later.
2022-07-28 09:17:25 +08:00
Roman Rizzi 7b1ff41716
SECURITY: Do not cache error responses for static assets () 2022-07-27 16:41:44 -03:00
Blake Erickson 8b08b9a763
FIX: Rejected emails should not be cleaned up before their logs ()
* FIX: Rejected emails should not be cleaned up before their logs

If we delete the rejected emails before we delete their associated logs
we will receive 404 errors trying to inspect an email message for that
log.

* don't add a blank line

* test for max value as well

* pr cleanup and add migration

* Fix failing test
2022-07-27 07:28:44 +01:00
Alan Guo Xiang Tan 3bd5f2d411
DEV: Introduce SiteSetting to enable/disable Sidebar. ()
This commit removes the ability to enable/disable the Sidebar on a per
user basis and introduces a site wide setting. For testing purposes, sidebar can be enabled/disabled via the `enable_sidebar=1` or `enable_sidebar=0` query param.
2022-07-27 13:42:26 +08:00
Arpit Jalan 10f200a5d3
FEATURE: revamped wizard ()
* FEATURE: revamped wizard

* UX: Wizard redesign ()

* UX: Step 1-2

* swap out images

* UX: Finalize all steps

* UX: mobile

* UX: Fix test

* more test

* DEV: remove unneeded wizard components

* DEV: fix wizard tests

* DEV: update rails tests for new wizard

* Remove empty hbs files that were created because of rebase

* Fixes for rebase

* Fix wizard image link

* More rebase fixes

* Fix rails tests

* FIX: Update preview for new color schemes: ()

* UX: make layout more responsive, update images

* fix typo

* DEV: move discourse logo svg to template only component

* DEV: formatting improvements

* Remove unneeded files

* Add tests for privacy step

* Fix banner image height for step "ready"

Co-authored-by: Jordan Vidrine <30537603+jordanvidrine@users.noreply.github.com>
Co-authored-by: awesomerobot <kris.aubuchon@discourse.org>
2022-07-27 06:53:01 +05:30
Discourse Translator Bot 5894e7d30f
Update translations () 2022-07-26 19:40:53 +02:00
Jean 424a274c12
FEATURE: add categories page style to order topics by created date () 2022-07-25 09:41:43 -04:00
Joffrey JAFFEUX 43b8cfeae3
FIX: improves handling of filter with invalid tag chars ()
Tags mixin is already filtering a lot of data from the user submitted filter in `createContentFromInput()` which can lead to sk receiving an empty filter while the input actually has a value.
2022-07-25 12:00:52 +02:00
Joe a6680fce03
UX: Updates sign up CTA copy ()
Before:

<img width="500" src="https://user-images.githubusercontent.com/33972521/180416547-300203d3-b092-4cb6-b65e-720b6a004b47.png">

After

<img width="500" src="https://user-images.githubusercontent.com/33972521/180415992-9f610bf8-ca67-4c69-a9dc-1409c4cb7f3f.png">

Internal topic
/t/-/70417
2022-07-22 18:35:46 +08:00
Alan Guo Xiang Tan 49d4f7c066
FEATURE: Add users and groups links to community section in sidebar () 2022-07-22 16:00:06 +08:00
Alan Guo Xiang Tan a626b99a50
UX: Remove bookmarks link from community section ()
Product decision to drop it from Sidebar at this moment.
2022-07-22 15:55:13 +08:00
Alan Guo Xiang Tan 4594ce2723
UX: Rename Sidebar 'Topics' section to 'Community' ()
Product decision to rename as not all links under the section falls
under the topics umbrella
2022-07-22 15:20:01 +08:00
Alan Guo Xiang Tan 99073338de
FEATURE: Replace hamburger dropdown with Sidebar when undock ()
When the experimental Sidebar is enabled, the hamburger drop down is replaced by a sidebar drop down. A user is given the ability to dock and undock the sidebar depending on their personal preference.

Do also note that the experimental sidebar is well, considered experimental at this point so I do not intend for the features here to be perfect. What I aim to do here is to ship the changes fast so that it can be used internally by the team to provide feedback. Custom links added by plugins and dark mode toggle has not been implemented as part of this commit as I aim to tackle it in another commit.

Co-authored-by: awesomerobot <kris.aubuchon@discourse.org>
2022-07-22 13:06:47 +08:00
Osama Sayegh 6b8d635943
DEV: Add implementations for various notification types for the new user menu ()
This commit is a subset of the changes proposed in https://github.com/discourse/discourse/pull/17379.
2022-07-22 05:07:32 +03:00
Discourse Translator Bot c58a8b0fe6
Update translations () 2022-07-19 20:45:57 +02:00
Gerhard Schlager 6e2199cd58
FIX: Correctly pluralize sidebar strings () 2022-07-19 15:36:14 +02:00
Osama Sayegh fac04f3e73
DEV: Introduce a basic version of the new notifications menu behind a feature flag () 2022-07-19 10:35:02 +08:00
Bianca Nenciu 9e603e9374
COPY: Change "old" to "unsupported" browser ()
The word choice was inaccurate because new browsers may still not work
well with Discourse because not all required browser features are
present.
2022-07-18 19:32:04 +03:00
David Taylor f774083016
FIX: Allow Symbol objects to be deserialized in PostRevision ()
Followup to ee07f6da7d
2022-07-15 13:14:57 +01:00
David Taylor 7d9b98a161
FIX: Allow Time objects to be deserialized in PostRevision ()
Followup to ee07f6da7d
2022-07-15 00:17:41 +01:00
Jarek Radosz 4b935b61eb
FIX: CSS tweak and production position fix for miniprofiler ()
* DEV: Format miniprofiler html
* FIX: Move miniprofiler to the right in production
* UX: Fix and merge miniprofiler css
2022-07-14 13:03:43 +02:00
Alan Guo Xiang Tan 737c0a7b9f
DEV: Allow sidebar section caret title to be translated () 2022-07-14 15:27:01 +08:00
Andrei Prigorshnev 43c0bbb6a4
FEATURE: show status in the tooltip on the status bubble on the user menu () 2022-07-13 16:02:59 +04:00
David Taylor ee07f6da7d
SECURITY: Bump Rails to 7.0.3.1 ()
https://discuss.rubyonrails.org/t/81017
2022-07-13 11:17:46 +01:00
Alan Guo Xiang Tan b4b87454f2
DEV: Move mini profiler badge to the right ()
In the era where we have left aligned sidebar, the mini profiler badge
gets in the way
2022-07-13 13:40:12 +08:00
Discourse Translator Bot 0c269dfd18
Update translations () 2022-07-12 17:26:04 +02:00
Jarek Radosz 162a1f8ba7
DEV: Remove asset precompilation hack ()
I don't think it's needed anymore?
2022-07-11 22:52:20 +02:00
Jarek Radosz 040e1650f6
DEV: Remove old redis option ()
`Redis.exists_returns_integer` is now true by default
2022-07-11 22:15:30 +02:00
Jarek Radosz 5b70b67e78
FIX: Just inline the QUnit CSS in theme-test html ()
Side-steps sassc compilation issues.
2022-07-11 12:01:47 +02:00
Jordan Vidrine fec3df60cb
DEV: Add more color schemes () 2022-07-08 16:46:32 -05:00
Rafael dos Santos Silva 75e40baa64
FIX: min/max username length limits weren't validated ()
* FIX: min/max username length limits weren't validated

The custom validators introduced in e0d7cda made so we ignored the mix
and max values set on site_settings.yml. That change allowed admins to
set values outside of the range defined on the yaml file.

Related to https://meta.discourse.org/t/group-names-with-more-than-60-characters-broken/232115?u=falco

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-07-08 12:00:47 -03:00
Alan Guo Xiang Tan d9eab4bbbb
DEV: Add env to enable ActiveRecord query log tags () 2022-07-08 08:57:09 +08:00
Jarek Radosz 2e4056d185
DEV: Improve multisite db scripts in dev ()
## Without multisite.yml config

No change. `bin/rails db:create` / `db:migrate` / `db:drop` should work the same.

## With multisite.yml config

### db:create

`bin/rails db:create` creates development, test, and all databases from the multisite config

`RAILS_DB=[site] bin/rails db:create` creates the database for the specified site from the multisite config

### db:migrate

`bin/rails db:migrate` migrates the development database and all databases from the multisite config

`RAILS_ENV=test bin/rails db:migrate` migrates the test database and `discourse_test_multisite`

`RAILS_DB=[site] bin/rails db:migrate` migrates the database for the specified site from the multisite config

### db:drop

`bin/rails db:drop` drops development, test, and all databases from the multisite config

`RAILS_DB=[site] bin/rails db:create` drops the database for the specified site from the multisite config
2022-07-06 10:39:03 +02:00
Discourse Translator Bot ba77c98c5d
Update translations () 2022-07-06 09:15:02 +02:00
Andrei Prigorshnev c59f1729a6
FEATURE: auto remove user status after predefined period () 2022-07-05 19:12:22 +04:00
Joe e3c71221e5
UX: Makes splash screen setting enabled by default ()
We now want the splash screen to be enabled by default.
2022-07-05 02:06:28 +08:00
Alan Guo Xiang Tan 3266350e80
FEATURE: Decouple category/tag presence in sidebar from notifi level () 2022-06-30 14:54:20 +08:00
Gabe Pacuilla db53c6650b
FIX: max value for SiteSetting.delete_removed_posts_after () 2022-06-30 12:46:48 +08:00
Krzysztof Kotlarek 09932738e5
FEATURE: whispers available for groups ()
Before, whispers were only available for staff members.

Config has been changed to allow to configure privileged groups with access to whispers. Post migration was added to move from the old setting into the new one.

I considered having a boolean column `whisperer` on user model similar to `admin/moderator` for performance reason. Finally, I decided to keep looking for groups as queries are only done for current user and didn't notice any N+1 queries.
2022-06-30 10:18:12 +10:00
Discourse Translator Bot c6b3d3e4b4
Update translations () 2022-06-28 20:52:09 +02:00
Natalie Tay ff77ad7ac0
UX: Change copy for user-selector placeholder () 2022-06-28 19:01:16 +08:00
Jarek Radosz a7284d3b96
DEV: Auto-allow multisite hosts in dev () 2022-06-27 21:58:33 +02:00
Rafael dos Santos Silva f56c44d1c7
FEATURE: Validate tags in WatchedWords ()
* FEATURE: Validate tags in WatchedWords

We didn't validate watched words automatic tagging, so it was possible
for an admin to created watched words with an empty tag list which would
result in an exception when users tried to create a new topic that
matched the misconfigured watched word.

Bug report: https://meta.discourse.org/t/lib-topic-creator-fails-when-the-word-math-appears-in-the-topic-title-or-text/231018?u=falco
2022-06-27 16:16:33 -03:00
Jarek Radosz aabb98aedc
DEV: Deprecate `DISCOURSE_DEV_HOSTS` ()
`RAILS_DEVELOPMENT_HOSTS` is a Rails standard that does exactly the same thing.
2022-06-27 19:04:42 +02:00
Joe 801750ffc4
UX: Makes splash setting visible ()
The setting was previously hidden but we're now in a state where we want admins to see and experiment with it.
2022-06-24 08:50:29 +08:00
Alan Guo Xiang Tan 0b8e6adabe
FEATURE: New/unread messages count in experimental sidebar ()
* FEATURE: Expand messages filter links when viewing private messages.

* FEATURE: New/unread messages count in experimental sidebar
2022-06-22 11:01:37 +08:00
Joe e82a2ce9ae
UX: Introduces a splash screen behind a hidden site setting ()
This PR introduces a new hidden site setting that allows admins to display a splash screen while site assets load.

The splash screen can be enabled via the `splash_screen` hidden site setting.

This is what the splash screen currently looks like

5ceb72f085.mp4

Once site assets load, the splash screen is automatically removed.

To control the loading text that shows in the splash screen, you can change the preloader_text translation string in admin > customize > text
2022-06-22 04:35:46 +08:00
Discourse Translator Bot 46622be72b
Update translations () 2022-06-21 15:46:34 +02:00
Penar Musaraj fd294a60cf
DEV: Hide `content_security_policy_collect_reports` setting () 2022-06-21 09:48:45 +10:00
Régis Hanol 1ad1979e50
FIX: link to "recently used devices" in suspicious_login email notification ()
The link used to point to `/my/preferences/account` but the list of recently used devices now lives in `/my/preferences/security`.
2022-06-20 23:16:34 +02:00
David Taylor 90993e2459
FIX: Precompile admin-plugins.js () ()
This was inadvertently removed in 1b4692039e
2022-06-20 16:22:49 +01:00
David Taylor 9c6ce0fa3e
FIX: Precompile start-discourse.js ()
This was inadvertently removed in 1b4692039e
2022-06-20 16:02:18 +01:00
Jarek Radosz 2c1fc28d00
DEV: Remove ember-cli flags from the backend ()
…and other auxiliary code

* Restore `QUNIT_EMBER_CLI` flag warning
* Add `ALLOW_EMBER_CLI_PROXY_BYPASS`
2022-06-20 16:33:05 +02:00
David Taylor 1b4692039e DEV: Remove legacy JS manifests and vendored scripts
Now that we've switched to Ember CLI, these things are no longer used.

- These sprockets manifests are superceded by the assets generated by ember cli
- These vendored scripts are now fetched by ember-auto-import at compile time
2022-06-20 15:01:06 +01:00
Osama Sayegh 5176c689e9
UX: Change wording for 'regular' categories to 'normal' ()
At some point in the past we decided to rename the 'regular' notification state of topics/categories to 'normal'. However, some UI copy was missed when the initial renaming was done so this commit changes the spots that were missed to the new name.
2022-06-20 06:49:33 +03:00