Commit Graph

29858 Commits

Author SHA1 Message Date
Ted Johansson ad78d28b66
DEV: Remove deprecated target_usernames param from PostsController#create (#22561)
The parameter target_usernames was replaced by target_recipients a while back, and was marked for removal in 2.9.0. This change removes it.
2023-07-12 11:31:24 +08:00
dependabot[bot] df579ab708
Build(deps-dev): Bump patch-package from 7.0.0 to 7.0.1 in /app/assets/javascripts (#22557)
Bumps [patch-package](https://github.com/ds300/patch-package) from 7.0.0 to 7.0.1.
- [Release notes](https://github.com/ds300/patch-package/releases)
- [Changelog](https://github.com/ds300/patch-package/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ds300/patch-package/commits)

---
updated-dependencies:
- dependency-name: patch-package
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-12 07:40:02 +08:00
dependabot[bot] d477f8aaad
Build(deps-dev): Bump terser from 5.18.2 to 5.19.0 in /app/assets/javascripts (#22558)
Bumps [terser](https://github.com/terser/terser) from 5.18.2 to 5.19.0.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.18.2...v5.19.0)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-12 07:37:34 +08:00
Blake Erickson 52b003d915
SECURITY: limit amount of links in custom sidebar section (#22543)
Custom sidebar section can have maximum of 50 links

Co-authored-by: Krzysztof Kotlarek <kotlarek.krzysztof@gmail.com>
2023-07-11 15:25:01 -06:00
Blake Erickson eed7d86601
SECURITY: Don't reuse CSP nonce between requests (#22544)
Co-authored-by: OsamaSayegh <asooomaasoooma90@gmail.com>
2023-07-11 15:24:36 -06:00
Blake Erickson 0718289574
SECURITY: ensure topic is valid before updating category (#22545)
Co-authored-by: David Battersby <info@davidbattersby.com>
2023-07-11 15:24:13 -06:00
Godfrey Chan cfa2f1fea8
DEV: Refactor deprecation silencer (#22526)
- Unify the silencing methods, use a WeakMap to remember the seen objects
- Export a proper plugin and use the absolute path in the config, instead
  of the proprietary config from `broccoli-babel-transpiler`

The latter causes problems in Embroider which doesn't use the broccoli
based babel pipeline.
2023-07-11 17:01:51 +01:00
Bianca Nenciu bdb9ee8507
UX: Improve user tips (#22518)
- Add an icon to the bootstrap user tip to draw attention
- Remove the second "don't show user tip" button from every user tip
2023-07-11 18:22:40 +03:00
David Taylor 5a30583174
DEV: Add backwards-compatibility following i18n export change (#22540)
Some themes were doing `require("i18n").t()`, which was never recommended, but did work prior to f8483295. This commit restores that functionality with a deprecation notice.
2023-07-11 16:15:30 +01:00
Jordan Vidrine b45df10056
CSS: Add background color to signin header (#22539) 2023-07-11 10:04:55 -05:00
chapoi 83352e93ff
UX: double scroll fix for keyboard shortcuts modal (#22535) 2023-07-11 16:30:53 +02:00
Selase Krakani 69e0c23f41
FIX: Conditionally hide `Add Alternate Email` button based on site setting (#22525)
Hide button in UI if `max_allowed_secondary_emails` site setting is 0.
2023-07-11 12:17:40 +00:00
dependabot[bot] 3136f6766b
Build(deps): Bump semver from 5.7.1 to 5.7.2 in /app/assets/javascripts (#22530)
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-11 13:49:27 +08:00
Alan Guo Xiang Tan 91588cf938
DEV: Improve composer-messages implementation for PMs (#22529)
What does this commit do??

This commit introduces two changes:

1. As a follow up review comment to
   cc463c3e9b, we remove the top level
recipientNames cache in composer message to be a property of the
`ComposerMessage` component instead. Across components, we're more
likely to get a cache miss than a hit since we're caching the entire
recipient array so we can just drop it. If we really need this
optimisation, we should probably use a map and cache the information for
each user instead. However, the request is fairly cheap so we avoid that
optimisation for now.

2. This commit adds a debounce to `_typeReply` as well since we were not
   debouncing and the method was being called each time we received the
event.
2023-07-11 10:49:27 +08:00
Alan Guo Xiang Tan ab053ac669
UX: Remove section heading for community section (#22405)
Why is this change being made?

We've decided that the previous "community" section should look more
like a primary section that holds the most important navigation links
for the site and the word "community" doesn't quite fit that
description. Therefore, we've made the decision to drop the
section heading for the community section. 

As part of removing the section heading, the following changes are made
as well:

1. Button to customize the section has been moved to the "footer" of the
   "More..." section when `navigation_menu` site setting is set to `sidebar`. 
   When `navigation_menu` is set to `header dropdown`, a button to customize 
   the section is shown inline.

2. The section will no longer be collapsable.

3. The title of the section is no longer customisable as it is no longer
   displayed. As a technical note, we have not dropped any previous
   customisations of the section's title previously in case we have to
   bring back the header in the future.

4. The new topic button that was previously present in the header has
   been removed alongside the header. Admins can add a custom section
   link to the `/new-topic` route if there would like to make it easier for
   users to create a new topic in the sidebar.
2023-07-11 09:40:37 +08:00
Alan Guo Xiang Tan cc463c3e9b
DEV: Fix flaky QUnit tests (#22528)
Why this change?

QUnit tests that involves composer messages for user not seen was flaky
because we were caching the recipient names but not clearing them after
the component has been destroyed.

See
https://github.com/discourse/discourse/actions/runs/5513506446/jobs/10051731946
as an example of failure.
2023-07-11 09:15:09 +08:00
Godfrey Chan 3140a4b2ce
DEV: invert pretty-text build logic (#22524)
Generally follows the same pattern as #22520

There are some changes here, notably it uses the addon's babel
settings rather than the app's, and it goes through the same
treatment as the rest of the addon code (which may include more
than just babel).

However, this probably brings us closer to the normal expectations
you have around developing addon code, and in any case, does not
seem to have any effect on the final output:

```
$ diff dist/assets/markdown-it-bundle.js /tmp/dist-before/assets/markdown-it-bundle.js
```
2023-07-10 23:11:49 +01:00
Kris 7d5db385d6
DEV: Remove header floats and clearfixes (#22523) 2023-07-10 17:57:20 -04:00
Sérgio Saquetim 657c1023fd
FIX: Default parameter recipients to create new message via params must be a string (#22455)
* FIX: Default parameter recipients to create new message via params must be a string

The default parameter recipients was defined as an empty array in:
- route:application#createNewMessageViaParams
- mixin:open-composer#openComposerWithMessageParams

However, in model:composer, targetRecipient is handled as a string as can be
verified due to the existence of the #targetRecipientsArray computed property.

Using the default parameter defined as an array was causing issues with
the `discourse-bcc` plugin when opening the composer using the route
/new-message.

* DEV: Added tests for the composer messages for private messages

* Fix test naming

Co-authored-by: Mark VanLandingham <markvanlan@gmail.com>

---------

Co-authored-by: Mark VanLandingham <markvanlan@gmail.com>
2023-07-10 18:33:58 -03:00
Godfrey Chan 3d7cca5911
DEV: invert admin/wizard build logic (#22520)
Currently, the admin/wizard build relies on the addon build getting
triggered first, so that its `treeForAddon()` hook will be called,
and then it can stash the result on the app's options, which is
super fragile. In Embroider the timing works differently so the
trees end up being `undefined`.

This inverts the logic so that it will be discourse core's build
calling these hooks at a specific timing and return the result
rather than coordinating through the options bag.

```
$ diff dist/assets/admin.js dist-after/assets/admin.js
$ diff dist/assets/wizard.js dist-after/assets/wizard.js
```
2023-07-10 22:07:21 +01:00
Godfrey Chan f84832957d
DEV: use explicit default export in I18n shim (#22519)
Currently the I18n module shim return an object. Per AMD/loader.js,
the properties on the object becomes named exports of the module,
i.e. `import { t } from 'I18n';`.

However, this is not how we actually consume this module. We always
do `import I18n from 'I18n';`.

The returned object from the shim (`window.I18n`) does NOT have a
`default` property on it. This is only working because loader.js
has a `makeDefaultExport` feature that defaults to true, which we
are relying on to synthesize the default export for us.

That feature has been noted as undesirable and may some day be
deprecated. In Embroider, it specifically disables the feature in
loader.js.

https://github.com/embroider-build/embroider/issues/539
2023-07-10 22:06:18 +01:00
Isaac Janzen 049c4b606a
FIX: Update remaining backup code count after creation (#22475) 2023-07-10 13:37:14 -05:00
Bianca Nenciu 0b16fc8172
FEATURE: Show tooltip for bootstrap mode (#22257)
Improve user tips UX and make them smoother.
2023-07-10 20:42:09 +03:00
Meghna 0b36cf5a3f
UX: Fix margin for group label (#22510) 2023-07-10 21:18:12 +05:30
Kris 26d19fc1bd
UX: indicate main sidebar section is always public (#22492) 2023-07-10 11:44:40 -04:00
chapoi 0ce0bcd8ff
Remove border radius from chat (#22437)
* add border-radius-large variable

* UX: replace chat border-radius with variable
2023-07-10 15:07:38 +02:00
Joffrey JAFFEUX 9830c40386
DEV: makes chat modals use the new <DModal /> component (#22495)
This commit also standardize the naming pattern of modals: `<Chat::Modal::FooBar />` and changes css class accordingly.

Co-authored-by: David Taylor <david@taylorhq.com>
2023-07-10 13:43:33 +02:00
David Taylor ed2dae6d1a
FIX: Ensure dialogs are still rendered if triggered during boot (#22511)
When the loading slider is enabled, the rendering of `application.hbs` is slightly delayed compared to the old 'spinner' strategy. This means that if a route tried to render a dialog during its `model()` hook, the dialog wrapper element would not be present and an error would occur.

This commit detects that situation and delays rendering the error until the next runloop iteration. If the element is still not found, we print a useful error to the console.

In the long term, we should ideally convert the dialog service to use a pure-ember rendering strategy instead of leaning on a11y-dialog. But for now, this workaround should resolve the problems identified by the chat system specs.
2023-07-10 11:29:04 +01:00
David Taylor 9a1a3906c4
DEV: Support rendering `<DModal>` as a `<form>` element (#22507) 2023-07-10 10:28:45 +01:00
Ted Johansson 9915236e42
FEATURE: Warn about outdated translation overrides in admin dashboard (#22384)
This PR adds a feature to help admins stay up-to-date with their translations. We already have protections preventing admins from problems when they update their overrides. This change adds some protection in the other direction (where translations change in core due to an upgrade) by creating a notice for admins when defaults have changed.

Terms:

- In the case where Discourse core changes the default translation, the translation override is considered "outdated".
- In the case above where interpolation keys were changed from the ones the override is using, it is considered "invalid".
- If none of the above applies, the override is considered "up to date".

How does it work?

There are a few pieces that makes this work:

- When an admin creates or updates a translation override, we store the original translation at the time of write. (This is used to detect changes later on.)
- There is a background job that runs once every day and checks for outdated and invalid overrides, and marks them as such.
- When there are any outdated or invalid overrides, a notice is shown in admin dashboard with a link to the text customization page.

Known limitations

The link from the dashboard links to the default locale text customization page. Given there might be invalid overrides in multiple languages, I'm not sure what we could do here. Consideration for future improvement.
2023-07-10 10:06:40 +08:00
Daniel Waterworth cb794275a7
Revert "FIX: Always clear caches after committing the current transaction" (#22493)
This reverts commit 8310c7842c.

This was breaking precompilation.
2023-07-07 18:05:38 -05:00
Daniel Waterworth 9dd01ca2ef
FIX: Always clear caches after committing the current transaction (#22491)
Instead of having to remember every time, just always wait until the
current transaction (if it exists) has committed before clearing any
DistributedCache.

The only exception to this is caches that aren't caching things from
postgres.

This means we have to do the test setup after setting the test
transaction, because doing the test setup involves clearing caches.
2023-07-07 14:24:56 -05:00
Bianca Nenciu 25a0c00e72
DEV: Raise error instead of warning in testing (#22440)
Some plugins call require_plugin with a wrong argument instead of the
plugin name. In a production environment that used to be a warning, but
there is no reason to keep it like that in a testing environment
because the issue will continue to be ignored.
2023-07-07 13:58:42 +03:00
Martin Brennan ba53df5254
FIX: Show preview of Arial/System font in wizard (#22486)
Followup to db80a8ce79

The previous commit broke previewing the Arial and System fonts (which do
not have variant URLs to load).
2023-07-07 15:28:40 +10:00
Osama Sayegh d2d6d727de
FEATURE: Add default site settings to control the defaults of navigation menu preferences (#22485)
Follow-up to b27e12445d

This commit adds 2 new site settings `default_sidebar_link_to_filtered_list` and `default_sidebar_show_count_of_new_items` to control the default values for the navigation menu preferences that were added in the linked commit (`sidebar_link_to_filtered_list` and `sidebar_show_count_of_new_items` respectively).
2023-07-07 04:52:10 +03:00
Alan Guo Xiang Tan bf582290ba
FIX: Can't dismiss new topics for experimental new new view (#22484)
Regressed in 8b80132f88 due to a lack of
tests.
2023-07-07 08:28:27 +08:00
dependabot[bot] 67c7b1cc46
Build(deps-dev): Bump @babel/standalone from 7.22.6 to 7.22.8 in /app/assets/javascripts (#22479)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.22.6 to 7.22.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.22.8/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 07:09:37 +08:00
dependabot[bot] 271e60e8c4
Build(deps-dev): Bump @babel/core from 7.22.6 to 7.22.8 in /app/assets/javascripts (#22482)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.22.6 to 7.22.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.22.8/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 06:55:10 +08:00
Kris 98afea4748
UX: adjust sidebar modal styles, consolidate css (#22444)
This gets all the related CSS into the common file, and removes desktop and mobile variants.

This also makes some general styling adjustments.
2023-07-07 06:54:47 +08:00
Joffrey JAFFEUX f0d82de5d9
DEV: fix flakeyness with drawer specs (#22476)
Chat drawer was using the `DiscourseURL` hook `afterRouteComplete`. This hook suffer from a very poor implementation which makes it very unreliable:

```javascript
if (typeof opts.afterRouteComplete === "function") {
  schedule("afterRender", opts.afterRouteComplete);
}
```

This commit attempts to return the promise from `handleURL` to directly use it and have a very reliable after transition hook.
2023-07-07 00:46:04 +02:00
Isaac Janzen a9040be47c
FIX: Don't redirect when manually adding 2fa (#22474)
<img width="369" alt="Screenshot 2023-07-06 at 3 41 12 PM" src="https://github.com/discourse/discourse/assets/50783505/847d54ed-a62a-4266-b99e-31279f5bf747">

No changes in styling, the adding of classes was to give targets for testing
2023-07-06 16:44:40 -05:00
Rafael dos Santos Silva 3fd327c458
FEATURE: Basic support for threads.net onebox (#22471) 2023-07-06 16:02:49 -03:00
Alan Guo Xiang Tan effaf95355
UX: Improve position of modal close button (#22450) 2023-07-06 13:45:19 -04:00
Isaac Janzen 7df4eab038
DEV: Convert activation modals to new component-based API (#22227)
This PR converts the following modals:
- `activation-edit`
- `activation-resent`
- `not-activated`

to make use of the new component-based API
2023-07-06 12:36:23 -05:00
Isaac Janzen 8b80132f88
DEV: Convert dismiss modals to component-based API (#22262)
This PR converts the following modals:
- `dismiss-new`
- `dismiss-read`
- `dismiss-notification-confirmation`

to make use of the new component-based API

# Additional Changes
## Before
By default we display a warning modal when dismissing a notification however we bypass the warning modal for specific notification types when they are a 'low priority' type of notification (eg. likes). To do this we were overwriting `dismissWarningModal` on a given notification type component

```javascript
dismissWarningModal() {
  return null
}
```

but in the case we wanted to change the text within the modal we were calling `showModal` and then passing in the respective options all over again, putting the logic of rendering the modal in multiple places.

```javascript
dismissWarningModal() {
  const modalController = showModal("dismiss-notification-confirmation");
  modalController.set(
    "confirmationMessage",
    I18n.t("notifications.dismiss_confirmation.body.assigns", {
      count: this._unreadAssignedNotificationsCount,
    })
  );
  return modalController;
}
```
 

## After
I simplified this by adding an extensible `dismissConfirmationText` function that can be updated on a per component basis as that was the only option being overridden. 

eg

```javascript
get dismissConfirmationText() {
  return I18n.t("notifications.dismiss_confirmation.body.bookmarks", {
    count: this.#unreadBookmarkRemindersCount,
});
```

This saves us from importing the entire modal again and keeps the core logic in one place.

Instead of overwriting the `dismissWarningModal` function and returning `null` to bypass the confirmation modal, I added another extension point of `renderDismissConfirmation` (defaults to true) to _toggle_ whether we should display a confirmation when dismissing notifications.

eg

```javascript
get renderDismissConfirmation() {
  return false;
}
```

we utilize this in core for specific _low priority_ notification types. When you need the confirmation modal to be displayed no matter the case you can set `alwaysRenderDismissConfirmation` to `true`

```
get alwaysRenderDismissConfirmation(){
  return true
}
```

This can be useful when you want to render the confirmation modal on a custom notification type that is not deemed as _high priority_, leading to the confirmation modal never being rendered.

You can see this in use in [Discourse Assign](https://github.com/discourse/discourse-assign/pull/481)
2023-07-06 12:14:26 -05:00
Isaac Janzen c05e54e461
DEV: Convert second-factor-backup-edit modal to component-based API (#22366)
This PR converts the `second-factor-backup-edit` modal to make use of the new component-based API
2023-07-06 11:03:18 -05:00
David Taylor f92ed88c52
FEATURE: Enable loading slider by default (#22439)
Followup to d51baa3bb3

Also includes: Force full rerender of post-stream widget when switching topics. This ensures that plugin/theme decorators are re-run when we switch between topics with the loading slider enabled.
2023-07-06 17:02:59 +01:00
David Taylor f0f0c7cd6c
DEV: Simplify 'dismiss' button display logic (#22467)
Previously we were using the `didInsertElement` hook and querying the DOM to check whether the other button was visible. This is problematic from a performance point of view because it forces the browser to render the layout prematurely. It can also lead to subtle bugs based on the current scroll position.

In addition, having this logic on a `didInsertElement` hook makes it totally incompatible with the new 'loading slider' feature (because the component is not re-rendered between different topic lists).

This commit updates the logic to be based simply on the count of topics in the list. If there are fewer than 5 topics, the top button is hidden.
2023-07-06 15:28:45 +01:00
David Taylor b40347dcac
FIX: Do not attempt to focus topic-list-item after destroy (#22468)
Under certain conditions, this `afterRender` hook can be triggered after the topic-list-item has been removed from the DOM. This is more likely when the 'loading slider' strategy is used on a site.
2023-07-06 15:27:19 +01:00
David Taylor c6cd3af5b5
DEV: Convert share-topic modal to new component-based API (#22154) 2023-07-06 11:46:20 +01:00