Commit Graph

51950 Commits

Author SHA1 Message Date
Godfrey Chan e1f74fcb4b DEV: prep for gjs conversion: rename .js -> .gjs
Some of these files are quite small, and if we rename them in the same
commit where we inlined the template, Git may choose to see them as
different files. This commit forces Git to recognize the rename, which
will preserve the lineage of the refactored files.
2023-11-14 10:53:54 +00:00
Joffrey JAFFEUX 016e91380c
FIX: correct online indicator for non interactive (#24364)
When introducing non interactive user avatar, the `chat-user-avatar__container` div has been omitted, which prevented the css to correctly apply.
2023-11-14 11:46:50 +01:00
Joffrey JAFFEUX b1cff6de6a
UX: shows editing title only on settings page (#24330) 2023-11-14 11:34:54 +01:00
Kelv 2b4251c56c
DEV: change header-topic-title-suffix-outlet to insert into classed span element (#24362) 2023-11-14 14:06:48 +08:00
Martin Brennan 014bb0adb8
FIX: buildQuoteMarkdown fn was not passed down properly (#24360)
Followup to d128dc0e61,
I swear I tried this locally and it worked, but it turns
out it didn't. Need to keep the `action "function"` syntax
here.
2023-11-14 10:42:41 +10:00
Alan Guo Xiang Tan e5b0493b49
FEATURE: Allow `/filter` route to be accessible by anon users (#24359)
Why this change?

There is no reason for us to exclude anon users from viewing this route
so we're making a product decision to change this.
2023-11-14 08:03:24 +08:00
Martin Brennan a238f66b33
DEV: Add quote-share-buttons-before plugin outlet (#24358)
This is so additional buttons can be rendered inbetween
the quote/edit buttons and the share buttons for post quotes
2023-11-14 09:41:44 +10:00
Martin Brennan d128dc0e61
FEATURE: Add buildQuoteMarkdown for post toolbar (#24326)
This allows outlets for the post-text-selection-toolbar to
get just the raw markdown of the selected text for a quote,
rather than opening the composer.
2023-11-14 08:47:39 +10:00
Sérgio Saquetim 9919046c1c
DEV: Improve discovery components plugin-outlets compatibility with existing customizations
This commit changes some plugin outlets in `<Discovery::Layout>`, `<Discovery::Navigation>` and `Discovery::Topics` to improve compatibility with existing customization, simplifying the migration process to the new discovery routes.

In these components, the standard plugin outlets will receive by default at least the arguments: `category` and `tag`.

Furthermore, two new wrapping plugin outlets were added to enable the conversion of existing template overrides to the new pattern: `discovery-list-area` and `topic-list-bottom`. The new template overrides will receive a `model` argument containing the full model handled by the route.

---------

Co-authored-by: David Taylor <david@taylorhq.com>
2023-11-13 19:00:00 -03:00
Penar Musaraj fcf0373b13
FIX: only show passkeys button in login modal (#24351)
We show the rest of the external login buttons in the create account
modal as well, but "login with a passkey" is not relevant in that context.
2023-11-13 16:06:46 -05:00
Joffrey JAFFEUX a0769f6f43
UX: improves search of message creator
- correctly show unread indicator
- handles disabled user correctly
- do not show new-group-chat when filtering
2023-11-13 22:03:47 +01:00
Penar Musaraj a814348176
DEV: Rename `experimental_passkeys` to `enable_passkeys` (#24349)
Also includes a migration.
2023-11-13 15:04:15 -05:00
David Taylor e2e454c480
DEV: Update specs to avoid dependence on ember-cli build (#24347)
The `src` of js files is now dependent on the ember-cli/webpack build, so it's not a good thing to check in specs. In CI it passes because the ember-cli build is not run. But locally it would fail if you had a build in `app/assets/javascripts/discourse/dist`.

This commit updates the specs to check for the presence of a stable data attribute instead.
2023-11-13 14:26:43 -05:00
Joffrey JAFFEUX 1dad379412
DEV: allows to wrap wizard checkbox with outlet (#24334) 2023-11-13 14:02:14 -05:00
David Taylor f395130429
FEATURE: Configure poll 'public' default via site setting (#24348)
Followup to 7e37e3e824
2023-11-13 18:54:21 +00:00
Kris 797da5870b
FEATURE: remove category badge style options, set bullet style as default (#24198) 2023-11-13 10:46:15 -05:00
Jordan Vidrine 70b72ee893
FIX: Hide chat message header with new argument (#24346) 2023-11-13 09:05:18 -06:00
Joffrey JAFFEUX 7f3f682f67
DEV: removes dead code (#24345) 2023-11-13 15:18:15 +01:00
Joffrey JAFFEUX 208491fa00
DEV: uses alphanumeric to avoid flakey specs (#24344)
Faker text with quotes or thread dots for example would cause issues in tests due to cooking.
2023-11-13 14:54:26 +01:00
Godfrey Chan 8444c865e9
DEV: remove slightly less trivial `{{action}}` usages (#24289)
Follow-up to #24278 that is slightly less trivial.

* Some were "trivial" usages that were missed in the previous PR because the same file that had at least one other non-trivial usage.
* These involve extra arguments or inheritance but I have checked that they seem correct.
2023-11-13 13:29:20 +01:00
dependabot[bot] fcafc8872f
Build(deps): Bump ember-route-template in /app/assets/javascripts (#24338)
Bumps [ember-route-template](https://github.com/discourse/ember-route-template) from 1.0.1 to 1.0.2.
- [Commits](https://github.com/discourse/ember-route-template/commits)

---
updated-dependencies:
- dependency-name: ember-route-template
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-13 11:13:19 +00:00
David Taylor 4982f95472
FIX: EmberCli cache clearance issue in production (#24343) 2023-11-13 10:34:06 +00:00
David Battersby 4b78254065
FIX: Post moved small action links should respect subfolder installs (#24336)
This change fixes an issue with small action links (when post is moved) to add the subfolder path to the url.
2023-11-13 11:06:25 +08:00
Jarek Radosz 1e1bb45b96
FIX: Add a missing service injection (#24341)
Fixes the reorder-categories modal.
2023-11-13 01:31:04 +01:00
Martin Brennan ea0b37c1cf
FIX: Hide old min_trust_level_for_here_mention setting (#24342)
Followup to 67ac4c5616
2023-11-13 09:23:56 +10:00
David Taylor 7e37e3e824
UX: Create polls with public=true by default (#24332)
In the vast majority of cases, people want poll voters to be public. Previously, the checkbox for this was hidden behind the 'show advanced' settings in the poll builder UI.

This commit makes three changes to improve the experience:

1. Add `public=true|false` to poll markup (previously it would only be added when true

2. Bring the 'public' switch outside the 'show advanced' section for improved visibility

3. Change the default to 'true'
2023-11-13 09:07:51 +11:00
David Taylor cdbe0f74e8
FIX: Load highlightjs bundle via CDN (#24335) 2023-11-10 22:19:06 +00:00
David Taylor 0878dde213
DEV: Modernise highlightjs loading (#24197)
- Remove vendored copy
- Update Rails implementation to look for language definitions in node_modules
- Use webpack-based dynamic import for hljs core
- Use browser-native dynamic import for site-specific language bundle (and fallback to webpack-based dynamic import in tests)
- Simplify markdown implementation to allow all languages into the `lang-{blah}` className
- Now that all languages are passed through, resolve aliases at runtime to avoid the need for the pre-built `highlightjs-aliases` index
2023-11-10 20:39:48 +00:00
Daniel Waterworth e845138bc1
FIX: Updating presence status in readonly mode should fail gracefully (#24333) 2023-11-10 14:27:43 -06:00
Blake Erickson bed4b3ee91
DEV: Remove .github/workflows/check-branches.yml (#24331)
We no longer need this workflow.
2023-11-10 08:49:38 -07:00
David Taylor ac896755bb
DEV: Simplify ember-cli proxy strategy (#24242)
Previously, the app HTML served by the Ember-CLI proxy was generated based on a 'bootstrap json' payload generated by Rails. This inevitably leads to differences between the Rails HTML and the Ember-CLI HTML.

This commit overhauls our proxying strategy. Now, we totally ignore the ember-cli `index.html` file. Instead, we take the full HTML from Rails and surgically replace script URLs based on a `data-discourse-entrypoint` attribute. This should be faster (only one request to Rails), more robust, and less confusing for developers.
2023-11-10 11:16:06 +00:00
David Taylor 80208d0ab6
DEV: Support legacy precompiler paths in theme compiler (#24329)
This updates the behaviour to match ember-cli-htmlbars, and should take care of the handful of themes which were relying on runtime compilation in tests (see 4425e99bf9)
2023-11-10 10:37:50 +00:00
Joffrey JAFFEUX ab832cc865
FEATURE: introduces group channels (#24288)
Group channels will allow users to create channels with a name and invite people. It's possible to add people even after creation of the channel. Removing users is not yet possible but will be added in the near future.

Technically a group channel is `direct_message_channel` with a group attribute set to true on its direct message (chatable). This model might evolve in the future but offers much flexibility for now without having to rely on a complex migration.

The commit essentially consists of:
- a migration to set existing direct message channels with more than 2 users to a group
- a new message creator which allows to search, add members, and create groups
- a new `AddUsersToChannel` service
- a modified `SearchChatable` service
2023-11-10 11:29:28 +01:00
Martin Brennan a8d6dc4d3a
DEV: Fix bookmark flaky (#24327)
Fixes this problem that happens sometimes in specs:

> Mocha::StubbingError:
> #<Mock:0x135150> was instantiated in one test but it is receiving
invocations within another test. This can lead to unintended
interactions between tests and hence unexpected test failures. Ensure
that every test correctly cleans up any state that it introduces.
2023-11-10 11:16:22 +01:00
David Taylor de8c8f1d28
DEV: Limit re-use of bundler/yarn caches in CI (#24256)
Using restore-keys means we will always use an old cache, and then add more dependencies to it. This leads to the cache growing over time and becoming increasingly slow. Instead, we should rebuild the cache from scratch each time our dependencies change.
2023-11-10 10:03:15 +00:00
Krzysztof Kotlarek c0c525056f
UX: number site setting validation message (#24303)
Format big numbers validation to easy to read format like 1,000,000
2023-11-10 14:27:35 +11:00
Martin Brennan fb2756537d
DEV: Remove flaky setting deprecation logging specs (#24322)
Followup to baeac8f105,
I tried to fix this in 6bf66ccd1a
but it is still not reliable, just removing since they are
too unreliable for value provided
2023-11-10 10:46:28 +10:00
Martin Brennan 620485ada2
DEV: Skip flaky sidebar mobile spec (#24321) 2023-11-10 10:46:19 +10:00
Martin Brennan 731dffdf92
DEV: Align S3 transfer acceleration global settings (#24302)
Followup to fe05fdae24

For consistency with other S3 settings, make the global setting
the same name as the site setting and use SiteSetting.Upload
too so it reads from the correct place.
2023-11-10 09:50:23 +10:00
Kris 36ab7ff2a9
FIX: update tag-chooser & category-selector action (#24318) 2023-11-10 00:05:02 +01:00
dependabot[bot] 10167ad8ee
Build(deps): Bump the babel group (#24310)
Bumps the babel group in /app/assets/javascripts with 2 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) and [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone).


Updates `@babel/core` from 7.23.2 to 7.23.3
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.3/packages/babel-core)

Updates `@babel/standalone` from 7.23.2 to 7.23.3
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.3/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: babel
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: babel
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-10 00:00:05 +01:00
Daniel Waterworth 6e161d3e75
DEV: Allow fab! without block (#24314)
The most common thing that we do with fab! is:

    fab!(:thing) { Fabricate(:thing) }

This commit adds a shorthand for this which is just simply:

    fab!(:thing)

i.e. If you omit the block, then, by default, you'll get a `Fabricate`d object using the fabricator of the same name.
2023-11-09 16:47:59 -06:00
Andrei Prigorshnev d91456fd53
DEV: Ability to collect stats without exposing them via API (#23933)
This adds the ability to collect stats without exposing them 
among other stats via API.

The most important thing I wanted to achieve is to provide 
an API where stats are not exposed by default, and a developer 
has to explicitly specify that they should be 
exposed (`expose_via_api: true`). Implementing an opposite 
solution would be simpler, but that's less safe in terms of 
potential security issues. 

When working on this, I had to refactor the current solution. 
I would go even further with the refactoring, but the next steps 
seem to be going too far in changing the solution we have, 
and that would also take more time. Two things that can be 
improved in the future:
1. Data structures for holding stats can be further improved
2. Core stats are hard-coded in the About template (it's hard 
to fix it without correcting data structures first, see point 1):
    63a0700d45/app/views/about/index.html.erb (L61-L101)

The most significant refactorings are:
1. Introducing the `Stat` model
2. Aligning the way the core and the plugin stats' are registered
2023-11-10 00:44:05 +04:00
Bianca Nenciu bdb81b5346
DEV: Use a single registry for preloaded category custom fields (#24272)
There was a registry for preloaded site categories and a new one has
been introduced recently for categories serialized through a
CategoryList.

Having two registries created a lot of friction for developers and this
commit merges them into a single one, providing a unified API.
2023-11-09 18:23:24 +02:00
Martin Brennan e772bb9fce
DEV: Allow new_features URL to be configurable (#24306)
This is so the new features plugin can be tested
easier locally.
2023-11-09 13:50:21 +10:00
Krzysztof Kotlarek e5e7dd78c2 Bump version to v3.2.0.beta4-dev 2023-11-09 14:25:44 +11:00
Krzysztof Kotlarek 95b7cbd8a1 Bump version to v3.2.0.beta3 2023-11-09 14:25:44 +11:00
Ted Johansson 95a82d608d SECURITY: Prevent Onebox cache overflow by limiting downloads and URL lengths 2023-11-09 13:39:18 +11:00
Martin Brennan 3c5fb871c0 SECURITY: Filter unread bookmark reminders the user cannot see
There is an edge case where the following occurs:

1. The user sets a bookmark reminder on a post/topic
2. The post/topic is changed to a PM before or after the reminder
   fires, and the notification remains unread by the user
3. The user opens their bookmark reminder notification list
   and they can still see the notification even though they cannot
   access the topic anymore

There is a very low chance for information leaking here, since
the only thing that could be exposed is the topic title if it
changes to something sensitive.

This commit filters the bookmark unread notifications by using
the bookmarkable can_see? methods and also prevents sending
reminder notifications for bookmarks the user can no longer see.
2023-11-09 13:39:16 +11:00
Penar Musaraj 6183d9633d SECURITY: Limit height of pre/svg elements
Ensures posts cannot have SVG or PRE elements that are too tall.
2023-11-09 13:39:13 +11:00