Commit Graph

7848 Commits

Author SHA1 Message Date
Roman Rizzi 6b613e3076
FEATURE: Review every post using the review queue. (#12734)
* FEATURE: Review every post using the review queue.

If the `review_every_post` setting is enabled, posts created and edited by regular uses are sent to the review queue so staff can review them. We'll skip PMs and posts created or edited by TL4 or staff users.

Staff can choose  to:

- Approve the post (nothing happens)
- Approve and restore the post (if deleted)
- Approve and unhide the post (if hidden)
- Reject and delete it
- Reject and keep deleted (if deleted)
- Reject and suspend the user
- Reject and silence the user

* Update config/locales/server.en.yml

Co-authored-by: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2021-04-21 08:41:36 -03:00
Jeff Atwood 0948c3725b
COPYEDIT: remove one unnecessary word from upload dialog (#12768) 2021-04-20 10:23:25 -07:00
Kris c7653d2e78
UX: Update signup cta styles (#12761) 2021-04-20 13:00:39 -04:00
Arpit Jalan e54b5dadab
UX: show error message instead of disabling save button on tag groups page (#12767)
https://meta.discourse.org/t/unable-to-rename-tag-groups-title-save-button-stays-grayed-out/172293/
2021-04-20 21:40:02 +05:30
Tobias Eigen 48d04e934d
added "in kB" to email total attachment limit (#12765) 2021-04-20 07:16:04 -07:00
Discourse Translator Bot 606860e75a
Update translations (#12764) 2021-04-20 15:33:17 +02:00
Joffrey JAFFEUX 69f8c3b305
UX: displays a descriptive error when theme is not allowed (#12763) 2021-04-20 13:28:59 +02:00
Jeff Atwood 7439136f39
soften language around daily limits and add daily (#12749)
* soften language around daily limits and add daily

let's try to be as gentle as we can with new users

* better copy suggestion from Blake

* further copyedit improvements
2021-04-19 22:13:59 -07:00
Martin Brennan e3b1f5721b
FIX: Enforce tag group count validation before sending to review queue (#12728)
There is a category setting that enforces 1 or more tags must be added to a topic from a specific tag group before creating it. This validation was not being run before the topic was being sent to a review queue for categories that have that setting enabled.

There was an existing validation in `TopicCreator` but it was not correct; it was only validating when the tags did _not_ exist and also only happened on `create`. I now run the validation in `TopicCreator.valid?`

I also improved the error message shown to the user when they have not added the tags required (showing the tag names from the tag group), and changed the composer tag selector to not show "optional" if there are N tags required from a certain group.
2021-04-19 09:43:50 +10:00
Penar Musaraj 9581d71372
FIX: Allow CodeCommit-style theme .git url format (#12739) 2021-04-16 12:46:34 -04:00
Andrei Prigorshnev eb99ecf1d2
FEATURE: In the slow mode dialog make "Enabled Until" mandatory (#12701) 2021-04-15 19:16:01 +04:00
Dan Ungureanu bfa301bd7b
FIX: Show invite validation errors to users (#12717)
The server used to respond with a generic 'error, contact admin' message
which did not offer any hint what the error was. This happened even when
the error could be easily corrected by the user (for example, if they
chose a very common password).
2021-04-15 15:23:49 +03:00
Dan Ungureanu 85d4b60a45
FIX: Improve error messages for invites (#12714)
The error messages used to include an unnecessary 'Validation failed:
Email' prefix which was removed.
2021-04-15 14:46:32 +03:00
Andrei Prigorshnev 3326d1ff73
FEATURE: Tweak slow mode messages and intervals (#12704) 2021-04-15 13:56:10 +04:00
Michael Brown dda1cd6a38 FEATURE: allow setting postgres connection variables via environment 2021-04-14 13:31:32 -04:00
David Taylor 9430185493
SECURITY: Improve theme git import (#12694) 2021-04-14 15:32:47 +01:00
Martin Brennan eeaecd4fd2
FEATURE: Category setting to allow unlimited first post edits by the owner of the topic (#12690)
This PR adds a new category setting which is a column in the `categories` table, `allow_unlimited_owner_edits_on_first_post`.

What this does is:

* Inside the `can_edit_post?` method of `PostGuardian`, if the current user editing a post is the owner of the post, it is the first post, and the topic's category has `allow_unlimited_owner_edits_on_first_post`, then we bypass the check for `LimitedEdit#edit_time_limit_expired?` on that post.
* Also, similar to wiki topics, in `PostActionNotifier#after_create_post_revision` we send a notification to all users watching a topic when the OP is edited in a topic with the category setting `allow_unlimited_owner_edits_on_first_post` enabled.

This is useful for forums where there is a Marketplace or similar category, where topics are created and then updated indefinitely by the OP rather than the OP making new topics or additional replies. In a way this acts similar to a wiki that only one person can edit.
2021-04-14 15:54:09 +10:00
Martin Brennan c07a6eeb6d
FIX: Software update prompt fixes and improvements (#12648)
* Fixes the z-index of the prompt so it is behind the quick access panels
* Adds a dismiss `X` button (made sure the click target of this was quite big)
* Change structure of HTML to address template lint issues
* Fix aria-hidden not returning true/false
* Reload current page instead of navigating to / when clicking on the prompt message
2021-04-14 10:26:23 +10:00
Discourse Translator Bot 27eff709c4
Update translations (#12684) 2021-04-13 16:02:08 +02:00
Roman Rizzi 958fbfb719
FEATURE: Send an email notification when a post is approved. (#12665)
We now send an email when a queued post is approved, and we create a notification.
2021-04-12 12:08:23 -03:00
Osama Sayegh cd24eff5d9
FEATURE: Introduce theme/component QUnit tests (take 2) (#12661)
This commit allows themes and theme components to have QUnit tests. To add tests to your theme/component, create a top-level directory in your theme and name it `test`, and Discourse will save all the files in that directory (and its sub-directories) as "tests files" in the database. While tests files/directories are not required to be organized in a specific way, we recommend that you follow Discourse core's tests [structure](https://github.com/discourse/discourse/tree/master/app/assets/javascripts/discourse/tests).

Writing theme tests should be identical to writing plugins or core tests; all the `import` statements and APIs that you see in core (or plugins) to define/setup tests should just work in themes.

You do need a working Discourse install to run theme tests, and you have 2 ways to run theme tests:

* In the browser at the `/qunit` route. `/qunit` will run tests of all active themes/components as well as core and plugins. The `/qunit` now accepts a `theme_name` or `theme_url` params that you can use to run tests of a specific theme/component like so: `/qunit?theme_name=<your_theme_name>`.

* In the command line using the `themes:qunit` rake task. This take is meant to run tests of a single theme/component so you need to provide it with a theme name or URL like so: `bundle exec rake themes:qunit[name=<theme_name>]` or `bundle exec rake themes:qunit[url=<theme_url>]`.

There are some refactors to how Discourse processes JavaScript that comes with themes/components, and these refactors may break your JS customizations; see https://meta.discourse.org/t/upcoming-core-changes-that-may-break-some-themes-components-april-12/186252?u=osama for details on how you can check if your themes/components are affected and what you need to do to fix them.

This commit also improves theme error handling in Discourse. We will now be able to catch errors that occur when theme initializers are run and prevent them from breaking the site and other themes/components.
2021-04-12 15:02:58 +03:00
Joffrey JAFFEUX b6337b72f1
FEATURE: adds last day to about page stats (#12663)
* FEATURE: adds last day to about page stats

* make it clear it's last 24 hours

* applies same copy fix to days
2021-04-12 12:50:33 +10:00
wilson29thid d5b30b9b7b
FEATURE: Add user_confirmed_email to user event webhook (#12539) 2021-04-12 12:48:42 +10:00
Martin Brennan 1ba5ccd8af
FIX: When user has already hit bookmark limit, do not error for clear_reminder! or other updates (#12658)
We introduced a cap on the number of bookmarks the user can add in be145ccf2f. However this has caused unintended side effects; when the `jobs/scheduled/bookmark_reminder_notifications.rb` runs we get this error for users who already had more bookmarks than the limit:

> Job exception: Validation failed: Sorry, you have too many bookmarks, visit #{url}/my/activity/bookmarks to remove some.

This is because the `clear_reminder!` call was triggering a bookmark validation, which raised an error because the user already had to many, holding up other reminders.

This PR also adds `max_bookmarks_per_user` hidden site setting (default 2000). This replaces the BOOKMARK_LIMIT const so we can raise it for certain sites.
2021-04-09 13:06:35 +10:00
Roman Rizzi 8339b8f412
FEATURE: Make the tag_groups#search endpoint public. (#12643)
The method uses the "TagGroup#visible" method to respect the tag group visibility settings.
2021-04-08 14:23:13 -03:00
Vinoth Kannan 26d7eedf4c
FEATURE: trigger webhook when a user added/removed in a group. (#12653)
Whenever a group is added or removed from a group a webhook event will get triggered if it's active.
2021-04-08 21:16:34 +05:30
Joffrey JAFFEUX 081ada090c
UX: shows a hint when there are more tags than displayed (#12649) 2021-04-08 15:51:31 +02:00
Martin Brennan 5da7e0c8e5
FIX: behaviour -> behavior spelling in default US translation (#12647) 2021-04-08 09:42:19 +10:00
Tobias Eigen bbc46d5577
tweaks to invite error messages (#12640) 2021-04-07 14:13:18 -07:00
Kris ea2105f3e8
REFACTOR: Consistency, A11Y, and less text for composer toggles (#12627) 2021-04-07 16:15:07 -04:00
Roman Rizzi 5e4c0e2caa
FEATURE: Treat site settings as plain text and add a new HTML type. (#12618)
To add an extra layer of security, we sanitize settings before shipping them to the client. We don't sanitize those that have the "html" type.

The CookedPostProcessor already uses Loofah for sanitization, so I chose to also use it for this. I added it to our gemfile since we installed it as a transitive dependency.
2021-04-07 12:51:19 -03:00
Osama Sayegh 2b9ab3a0d9
Revert "FEATURE: Introduce theme/component QUnit tests (#12517)" (#12632)
This reverts commit a53d8d3e61 and 105634435f.

Reverted because the change broke some components. Will be added back in a few days.
2021-04-07 17:45:49 +03:00
Ahmed Gagan 2308a58113
DEV: Added support for custom site setting 'emoji_list' (#12414)
Example usage:

```
best_emojis:
    type: emoji_list
    default: laughing|open_mouth|cry|angry|hugs
    client: true
```
2021-04-07 15:32:05 +02:00
Discourse Translator Bot 93f74add7d
Update translations (#12614) 2021-04-07 11:58:41 +02:00
Osama Sayegh a53d8d3e61
FEATURE: Introduce theme/component QUnit tests (#12517)
This commit allows themes and theme components to have QUnit tests. To add tests to your theme/component, create a top-level directory in your theme and name it `test`, and Discourse will save all the files in that directory (and its sub-directories) as "tests files" in the database. While tests files/directories are not required to be organized in a specific way, we recommend that you follow Discourse core's tests [structure](https://github.com/discourse/discourse/tree/master/app/assets/javascripts/discourse/tests).

Writing theme tests should be identical to writing plugins or core tests; all the `import` statements and APIs that you see in core (or plugins) to define/setup tests should just work in themes.

You do need a working Discourse install to run theme tests, and you have 2 ways to run theme tests:

* In the browser at the `/qunit` route. `/qunit` will run tests of all active themes/components as well as core and plugins. The `/qunit` now accepts a `theme_name` or `theme_url` params that you can use to run tests of a specific theme/component like so: `/qunit?theme_name=<your_theme_name>`.

* In the command line using the `themes:qunit` rake task. This take is meant to run tests of a single theme/component so you need to provide it with a theme name or URL like so: `bundle exec rake themes:qunit[name=<theme_name>]` or `bundle exec rake themes:qunit[url=<theme_url>]`.

There are some refactors to internal code that's responsible for processing themes/components in Discourse, most notably:

* `<script type="text/discourse-plugin">` tags are automatically converted to modules.

* The `theme-settings` service is removed in favor of a simple `lib` file responsible for managing theme settings. This was done to allow us to register/lookup theme settings very early in our Ember app lifecycle and because there was no reason for it to be an Ember service.

These refactors should 100% backward compatible and invisible to theme developers.
2021-04-07 10:39:57 +03:00
Tobias Eigen 2e17e6269c
FIX: Small tweaks to "no messages" education (#12588)
* Remove "Message" button in quick access menu no messages education
* Reword education prompt
* Remove background colour
2021-04-07 09:28:10 +10:00
Martin Brennan 432b839997
FEATURE: Move site updated modal into a less obtrusive prompt (#12577)
This moves the "This site was just updated" modal asking the user if they want to refresh into a subtle prompt that slides down from the header.

Also in this PR I've added a helper to publish message bus messages in JS tests. So instead of this:

```javascript
// Mimic a messagebus message
MessageBus.callbacks
  .filterBy("channel", "/global/asset-version")
  .map((c) => c.func("somenewversion"));
```

We can have:

```javascript
publishToMessageBus("/global/asset-version", "somenewversion");
```
2021-04-07 08:56:48 +10:00
Jessica Hamilton 0052fcf7c4
FEATURE: Retrieve an existing link only invite (#12575)
In Improve invite system, a newly created link only invite cannot
be retrieved via API with the invitee's email once created. A new
route, /invites/retrieve, is introduced to fetch an already
created invite by email address.
2021-04-06 11:01:07 -04:00
Bianca Nenciu e026af11ac
FIX: Simplify send PM to email settings (#12583)
This feature used to be controlled by two site settings 
enable_personal_email_messages and min_trust_to_send_email_messages.
I removed enable_personal_email_messages and unhide 
min_trust_to_send_email_messages to simplify the process of 
enabling / disabling this feature.
2021-04-06 15:39:27 +03:00
Blake Erickson ce251986bf
DEV: Set min_search_term_length to 1 (#12610)
Japanese languages and the like should have a min_search_term_length of
1.

See: https://meta.discourse.org/t/97359/27

and

https://meta.discourse.org/t/185218/7
2021-04-05 17:37:58 -06:00
Arpit Jalan 6234d7455b
FEATURE: add maximum limit for secondary emails (#12599) 2021-04-05 20:31:42 +05:30
Dan Ungureanu bfd0c00944
FEATURE: Copying invite link triggers a save (#12581)
Changing the invite type from link to email and then copying it was
confusing because it gave user the impression that the invite was
updated and the invite link will reflect the latest changes, but it
did not.
2021-04-02 11:19:30 +03:00
Dan Ungureanu 81e5352e01
FIX: Better error message for redeemed invite (#12580)
This commit improves the error message when a user tries to redeem a
completely redeemed invite link.
2021-04-02 11:11:07 +03:00
Tobias Eigen cc2eb6e7b3
Change to no_messages_body copy (#12587)
The original copy I proposed was too scary, so here's a simplified educational message.
2021-04-01 15:00:20 -07:00
Arpit Jalan 61860098d9
UX: move logs/watched_words to customize/watched_words in admin section (#12571)
https://meta.discourse.org/t/where-is-auto-tag-and-auto-replace/184261
2021-04-01 11:44:17 +05:30
Arpit Jalan c478ffc662
FIX: post merging was failing silently (#12566)
https://meta.discourse.org/t/merging-very-long-posts-removes-them/183597
2021-04-01 06:46:18 +05:30
Martin Brennan 28d67b4583
FEATURE: Show an educational message in the quick access menu for personal messages when there are none (#12564)
If the user has not been sent any messages, show a message in the quick access menu with an educational message. If the user can send private messages, also show a link to open the "new message" composer:

This also adds a general improvement to the quick-access-panel, to be able to show an `emptyStateWidget` instead of just a message if there is nothing to show in the panel, as well as initial general styles for empty state.
2021-04-01 10:22:40 +10:00
jbrw 68d0916eb5
FEATURE: Oneboxer cache response body (#12562)
* FEATURE: Cache successful HTTP GET requests during Oneboxing

Some oneboxes may fail if when making excessive and/or odd requests against the target domains. This change provides a simple mechanism to cache the results of succesful GET requests as part of the oneboxing process, with the goal of reducing repeated requests and ultimately improving the rate of successful oneboxing.

To enable:

Set `SiteSetting.cache_onebox_response_body` to `true`

Add the domains you’re interesting in caching to `SiteSetting. cache_onebox_response_body_domains` e.g. `example.com|example.org|example.net`

Optionally set `SiteSetting.cache_onebox_user_agent` to a user agent string of your choice to use when making requests against domains in the above list.

* FIX: Swap order of duration and value in redis call

The correct order for `setex` arguments is `key`, `duration`, and `value`.

Duration and value had been flipped, however the code would not have thrown an error because we were caching the value of `1.day.to_i` for a period of 1 seconds… The intention appears to be to set a value of 1 (purely as a flag) for a period of 1 day.
2021-03-31 13:19:34 -04:00
Kris 9c8ec372f1
UX: remove reference to contact form in settings (#12554) 2021-03-30 14:18:06 -04:00
Kris 6d65320aae
UX: login modal adjustments (#12552) 2021-03-30 14:16:50 -04:00
Discourse Translator Bot 598718a19d
Update translations (#12556) 2021-03-30 15:44:13 +02:00
Bianca Nenciu 52a5c7e438
FIX: Improve error messages if user cannot send PM emails (#12547) 2021-03-30 12:18:57 +03:00
tison 21b4fef175
DEV: Correct the ruby version check (#12551)
Makes it Ruby 3 compatible.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-03-30 09:44:53 +02:00
Bianca Nenciu 013b4f353b
FIX: Replace 'Chromebook' with 'Chrome OS' (#12508)
There are many Chrome OS devices and no way to determine the exact device.
2021-03-25 17:09:32 +02:00
Roman Rizzi 4505951d32
UX: Display a tooltip when trying to delete an automatic group. (#12493) 2021-03-25 11:07:38 -03:00
Jarek Radosz 6ff888bd2c
DEV: Retry-after header values should be strings (#12475)
Fixes `Rack::Lint::LintError: a header value must be a String, but the value of 'Retry-After' is a Integer`. (see: 14a236b4f0/lib/rack/lint.rb (L676))

I found it when I got flooded by those warning a while back in a test-related accident 😉 (ember CLI tests were hitting a local rails server at a fast rate)
2021-03-23 20:32:36 +01:00
Discourse Translator Bot e477a9a47d
Update translations (#12490) 2021-03-23 16:12:04 +01:00
Rafael dos Santos Silva fb4486d5f1
FEATURE: Add CSP frame-ancestors support (#12404) 2021-03-22 16:00:25 -03:00
Roman Rizzi 706ea6692d
UI: Rename button with a duplicated name. (#12480)
There're two buttons name "Flag Post". Rename one of them to avoid confusion.
2021-03-22 15:50:44 -03:00
Dan Ungureanu 4e46732346
FEATURE: Implement browser update in crawler view (#12448)
browser-update script does not work correctly in some very old browsers
because the contents of <noscript> is not accessible in JavaScript.
For these browsers, the server can display the crawler page and add the
browser update notice.

Simply loading the browser-update script in the crawler view is not a
solution because that means all crawlers will also see it.
2021-03-22 19:41:42 +02:00
Bianca Nenciu ec7415ff49
FEATURE: Check email availability in signup form (#12328)
* FEATURE: Check email availability on focus out

* FIX: Properly debounce username availability
2021-03-22 17:46:03 +02:00
Jarek Radosz 695288f8ff
FIX: Restore client.zh_TW.yml (#12470)
Accidentally removed in b7556fca80
2021-03-22 10:58:46 +01:00
lhkjacky b7556fca80
DEV: Add ap-east-1 S3 region (#12457)
Asia Pacific (Hong Kong) ap-east-1
2021-03-22 10:22:29 +01:00
Martin Brennan 49f4c548ef
FEATURE: Bookmark pinning (#12431)
Users can now pin bookmarks from their bookmark list. This will anchor the bookmark to the top of the list, and show a pin icon next to it. This also applies in the nav bookmarks panel. If there are multiple pinned bookmarks they sort by last updated order.
2021-03-22 09:50:22 +10:00
David Taylor 374ab82dd6
FIX: Ensure 100-logster initializer is run before 101-lograge (#12455)
The logster initializer tries to adds RailsMultisite::Formatter to the STDOUT logger. In production, the lograge initializer then removes the RailsMultisite:Formatter because the JSON log will include the database.

e10a74694a used `Rails.application.reloader.to_prepare` to defer running the 100-logster initializer, which meant it ran **after** 101-lograge. This meant that we were writing JSON logs with a non-json text prefix.

The `to_prepare` was added because our freedom-patches are now deferred using `to_prepare`, and some initializers were relying on the freedom patches. However, following 1533cbb38b, we decided to load the RailsMultisite freedom patch without `to_prepare`. Therefore, `005-site_settings` and `100-logster` no longer need to use `to_prepare`. Removing it means that these initializers are back to running in sequential order, and the logging issue will be resolved.

The only remaining initializer which depends on freedom patches is `100-i18n`. I've added a comment to explain why.
2021-03-19 19:51:13 +00:00
Penar Musaraj d470e4fade
FEATURE: Allow users to save draft and close composer (#12439)
We previously included this option conditionally when users were replying
or creating a new topic while they had content already in the composer.

This makes the dialog always include three buttons:
  - Close and discard
  - Close and save draft for later
  - Keed editing

This also changes how the backend notifies the frontend when there is
a current draft topic. This is now sent via the `has_topic_draft`
property in the current user serializer.
2021-03-19 09:19:15 -04:00
Martin Brennan 355d51afde
FEATURE: Allow using invites when DiscourseConnect SSO is enabled (#12419)
This PR allows invitations to be used when the DiscourseConnect SSO is enabled for a site (`enable_discourse_connect`) and local logins are disabled. Previously invites could not be accepted with SSO enabled simply because we did not have the code paths to handle that logic.

The invitation methods that are supported include:

* Inviting people to groups via email address
* Inviting people to topics via email address
* Using invitation links generated by the Invite Users UI in the /my/invited/pending route

The flow works like this:

1. User visits an invite URL
2. The normal invitation validations (redemptions/expiry) happen at that point
3. We store the invite key in a secure session
4. The user clicks "Accept Invitation and Continue" (see below)
5. The user is redirected to /session/sso then to the SSO provider URL then back to /session/sso_login
6. We retrieve the invite based on the invite key in secure session. We revalidate the invitation. We show an error to the user if it is not valid. An additional check here for invites with an email specified is to check the SSO email matches the invite email
7. If the invite is OK we create the user via the normal SSO methods
8. We redeem the invite and activate the user. We clear the invite key in secure session.
9. If the invite had a topic we redirect the user there, otherwise we redirect to /

Note that we decided for SSO-based invites the `must_approve_users` site setting is ignored, because the invite is a form of pre-approval, and because regular non-staff users cannot send out email invites or generally invite to the forum in this case.

Also deletes some group invite checks as per https://github.com/discourse/discourse/pull/12353
2021-03-19 10:20:10 +10:00
Dan Ungureanu 5024ea72d2
UX: Show first unique letters in invite link (#12434) 2021-03-18 19:05:38 +02:00
Blake Erickson 44153cde18
FIX: Be able to handle long file extensions (#12375)
* FIX: Be able to handle long file extensions

Some applications have really long file extensions, but if we truncate
them weird behavior ensues.

This commit changes the file extension size from 10 characters to 255
characters instead.

See:

https://meta.discourse.org/t/182824

* Keep truncation at 10, but allow uppercase and dashes
2021-03-17 12:01:29 -06:00
Gerhard Schlager 38dd81d38a
DEV: Remove deprecated Sidekiq config (#12427)
> WARNING: Sidekiq::Web.sessions= is no longer relevant and will be removed in Sidekiq 7.0.
2021-03-17 16:29:10 +01:00
Osama Sayegh a23d0f9961
UX: Add image uploader widget for uploading badge images (#12377)
Currently the process of adding a custom image to badge is quite clunky; you have to upload your image to a topic, and then copy the image URL and pasting it in a text field. Besides being clucky, if the topic or post that contains the image is deleted, the image will be garbage-collected in a few days and the badge will lose the image because the application is not that the image is referenced by a badge.

This commit improves that by adding a proper image uploader widget for badge images.
2021-03-17 08:55:23 +03:00
Discourse Translator Bot bc88ea5976
Update translations (#12412) 2021-03-16 15:49:29 +01:00
Dan Ungureanu eda8a839d4
UX: Show Topic column in invites pending tab (#12413) 2021-03-16 16:29:41 +02:00
Krzysztof Kotlarek e10a74694a
FIX: deprecation warning - initialization autoloaded the constant (#12400)
Get rid of deprecation related to Zeitwerk autoloader.

Original PR was reverted because of multisite bug #12381 - thank you @davidtaylorhq for fixing it.

I added the last commit to fix that multisite problem.
2021-03-16 09:47:57 +11:00
Dan Ungureanu 790c4ad4a7
FEATURE: Improve expired invites tab (#12392)
This commit extends functionality of the expired invites tab, making
it more similar to the pending tab. It also implements a different
layout for mobile.
2021-03-15 11:52:58 +02:00
David Taylor 7970d1d99f
FEATURE: Allow a cluster_name to be configured and used for /srv/status (#12365)
The cluster name can be configured by setting the `DISCOURSE_CLUSTER_NAME` environment variable. If set, you can then call /srv/status with a `?cluster=` parameter. If the cluster does not match, an error will be returned. This is useful if you need a load balancer to be able to verify the identity, as well as the presence, of an application container.
2021-03-15 15:41:59 +11:00
Vinoth Kannan 1c672c97d3
DEV: mount `DiscourseDev` engine routes at `/dev` path. (#12376) 2021-03-13 00:17:06 +05:30
Roman Rizzi 9a779ca99a
FIX: Show a proper error message when trying to bulk award a disabled badge. (#12384) 2021-03-12 14:28:27 -03:00
David Taylor 1533cbb38b
Revert "FIX: deprecation warning - initialization autoloaded the constant (#12347)" (#12381)
This reverts commit 9a5a38a529.

This change was preventing `rake multisite:migrate` from working
2021-03-12 13:48:46 +00:00
Krzysztof Kotlarek 9a5a38a529
FIX: deprecation warning - initialization autoloaded the constant (#12347)
Get rid of deprecation related to Zeitwerk autoloader.
2021-03-12 08:42:53 +11:00
Roman Rizzi 8fcad73b36
FEATURE: Admins can flag posts so they can review them later. (#12311)
Staff can send a post to the review queue by clicking the "Flag Post" button next to "Take Action...". Clicking it flags the post using the "Notify moderators" score type and hides it. A custom message will be sent to the user.
2021-03-11 08:21:24 -03:00
David Taylor 0902e56162
FEATURE: Flag to disable DiscourseConnect CSRF protection (#12356)
This is not recommended. But if you have other protections in place for CSRF mitigation, you may wish to disable Discourse's implementation. This site setting is not visible in the UI, and must be changed via the console.
2021-03-11 10:38:34 +00:00
Kris 83519e7f3a
FEATURE: Always show tag dropdown when tagging is enabled (#12209) 2021-03-10 21:13:15 -05:00
Penar Musaraj 10780d2448
DEV: support json_schema in theme settings (#12294) 2021-03-10 20:15:04 -05:00
Jeff Atwood ec00482027
UX: add bell emoji for better unread education (#12348) 2021-03-11 10:07:53 +11:00
Simon Cossar 1a0cca5539
Update disable mailing list mode setting description (#12346) 2021-03-10 14:32:40 -08:00
Bianca Nenciu c0421e4586
FEATURE: Implement bulk operations for PMs (#12286) 2021-03-10 14:49:38 +02:00
Bianca Nenciu 990a26d14b
FIX: Add translation string for clear all watched words (#12336) 2021-03-10 14:48:13 +02:00
Dan Ungureanu 687e09c885
UX: Minor improvements to invites (#12324)
* FIX: Show resend button only if an email was sent

Otherwise, show the "save and send email" button.

* UX: Copy change

* UX: Show feedback when link was copied
2021-03-09 16:56:18 +02:00
Discourse Translator Bot d1cf773730
Update translations (#12323) 2021-03-09 15:19:02 +01:00
Alan Guo Xiang Tan ce04db8610 FEATURE: Allow invites redemption with Omniauth providers. 2021-03-09 09:27:18 +08:00
Alan Guo Xiang Tan ebe4896e48 FEATURE: Change very high/low search priority to rank at absolute ends.
Prior to this change, we had weights for very_high, high, low and
very_low. This means there were 4 weights to tweak and what weights to
use for `very_high/high` and `very_low/low` pair was hard to explain.
This change makes it such that `very_high` search priority will always
ensure that the posts are ranked at the top while `very_low` search
priority will ensure that the posts are ranked at the very bottom.
2021-03-09 09:20:37 +08:00
Dan Ungureanu 7f3240ea31
FEATURE: Various improvements to invite system (#12298)
* FIX: Do not show expired invites under Pending tab

* DEV: Controller action was renamed in previous commit

* FEATURE: Add 'Expired' tab to invites

* FEATURE: Refresh model after removing expired invites

* FEATURE: Do not immediately add invite to the list

Opening the 'create-invite' modal used to automatically generate an
invite to reserve an invite link. If the user did not save it and
closed the modal, the invite would be destroyed. This operations caused
the invite list to change in the background and confuse users.

* FEATURE: Sort redeemed users by creation time

* UX: Improve show / hide advanced options link

* FIX: Show redeemed users even if invites were trashed

* UX: Change modal title when editing invite

* UX: Remove Get Link button

Users can get it from the edit modal

* FEATURE: Add limit for invite links generated by regular users

* FEATURE: Add option to skip email

* UX: Show better error messages

* FIX: Show "Invited by" even if invite was trashed

Follow up to 1fdfa13a099d8e46edd0c481b3aaaafe40455ced.

* FEATURE: Add button to save without sending email

Follow up to c86379a465f28a3cc64a4a8c939cf32cf2931659.

* DEV: Use a buffer to hold all changed data

* FEATURE: Close modal after save

* FEATURE: Rate limit resend invite email

* FEATURE: Make the save buttons smarter

* FEATURE: Do not always send email even for new invites
2021-03-06 13:29:35 +02:00
Tobias Eigen ce34a46669 clarify copy "this site was just updated" popup
as per: https://meta.discourse.org/t/this-site-was-just-updated-popups-are-annoying/181125?u=tobiaseigen
2021-03-05 15:57:33 +08:00
Rafael dos Santos Silva 4af3c42904
FEATURE: Add opt-in screenshots to the web app manifest (#12288)
This will be used by Chrome on Android on the install prompt,
as show in https://twitter.com/alexey_rodionov/status/1349612958754762753

Follows the spec at https://www.w3.org/TR/manifest-app-info/
2021-03-04 18:39:58 -03:00
Joshua Rosenfeld 75dc01627d
FEATURE: Mailing list mode default disabled (#11091)
Mailing list mode can generate significant email volume, especially on sites with a large user base. Disable mailing list mode via site settings by default so sites don't experience an unexpectedly large cost from outgoing email.
2021-03-04 15:24:37 -05:00
Tobias Eigen 9cb72e1895
copy changes to new invite system (#12277)
I made some adjustments to the invite system copy, to reflect the mockups at https://meta.discourse.org/t/improve-invite-system/173756 - the goal is to try to reduce the number of words and make it as simple as possible, similar to discord.
2021-03-03 09:42:50 -08:00
Dan Ungureanu c047640ad4
FEATURE: Various improvements to invite system (#12023)
The user interface has been reorganized to show email and link invites
in the same screen. Staff has more control over creating and updating
invites. Bulk invite has also been improved with better explanations.

On the server side, many code paths for email and link invites have
been merged to avoid duplicated logic. The API returns better responses
with more appropriate HTTP status codes.
2021-03-03 11:45:29 +02:00
Bianca Nenciu 039d0d3641
FEATURE: Move security related user preferences to different tab (#12264) 2021-03-03 11:09:22 +02:00
Bianca Nenciu b49b455e47
FEATURE: Autotag watched words (#12244)
New topics with be matched against a set of watched words and be
tagged accordingly.
2021-03-03 10:53:38 +02:00
Martin Brennan 8d38438725
FIX: Sort topic timer and bookmark time options (#12270)
remove 3 month option for topic timer
move relative time input inside the custom
date and time shortcut
make sure special options are always at the bottom
2021-03-03 13:33:47 +10:00
Martin Brennan 31fab3f84d
FEATURE: Add year to relative time picker (#12268)
Add a new year interval option to relative time picker, and also fix some rounding issues (Math.floor is not ideal because it gets rid of half days etc.)

Also adding some component tests here for relative-time-picker.
2021-03-03 11:41:07 +10:00
Rafael dos Santos Silva 83f332b5a5
FEATURE: Add a site setting to allow emojis to come from an external URL (#12180) 2021-03-02 16:04:16 -03:00
David Taylor 8fd46c04ea
Drop flash video onebox (#12261)
Flash was discontinued by Adobe at the end of 2020. There is no need to continue OneBox support for it
2021-03-02 17:11:14 +00:00
Discourse Translator Bot c21cba70f6
Update translations (#12258) 2021-03-02 15:28:30 +01:00
Martin Brennan 6b4d066834
FIX: Skip sending PM email for user silence (#12240)
We were sending 2 emails for user silencing if a message was provided in the UI. Also always send email for user silence and user suspend with reason regardless of whether message provided.
2021-03-02 09:18:09 +10:00
Penar Musaraj 6809cccd88
DEV: Add experimental json_scheme site setting type (#12226) 2021-03-01 09:15:17 -05:00
1resu feaf3cb97e
remove daemonize setting (#12232)
This configuration setting was [removed](https://github.com/puma/puma/blob/master/docs/deployment.md#should-i-daemonize) with Puma 5
2021-03-01 16:42:50 +11:00
Bianca Nenciu 4b0496b2fc
FIX: Reintroduce auto_silence_first_post_regex (#12223)
Follow-up to 533800a87b.
2021-02-26 15:07:04 +02:00
Penar Musaraj 45c5fd2172
DEV: Remove JoyPixels emoji option (#12197)
- removes the option from site settings
- deletes the site setting on existing sites that have it
- marks posts using emojis as requiring a rebake

Note that the actual image files are not removed here, the plan is to
remove them in a few weeks/months (when presumably the rebaking of old
posts has been completed).
2021-02-26 07:44:52 -05:00
Arpit Jalan 93a0a906b5
FIX: allow adding user to PM when inviter is in allowed list (even (#12212)
though other participants are not in allowed list)

If you create an allowlist of users who can PM you, and use the function
“Only specific users can send me private messages”, then you can’t be
added to group messages unless everyone in that message is already in
your allow list.

This commit allows user to be added to a group message even when other
participants are not in allowed list
2021-02-25 22:56:49 +05:30
Bianca Nenciu 533800a87b
Add watched words of type "replace" (#12020)
This commit includes other various improvements to watched words.

auto_silence_first_post_regex site setting was removed because it overlapped
with 'require approval' watched words.
2021-02-25 14:00:58 +02:00
Martin Brennan 13c2a4886f
FEATURE: Add disable_onebox_media_download_controls hidden site setting (#12208)
Uses discourse/onebox@ff9ec90

Adds a hidden site setting called disable_onebox_media_download_controls which will add controlslist="nodownload" to video and audio oneboxes, and also to the local video and audio oneboxes within Discourse.
2021-02-25 12:39:15 +10:00
Kris 362dd798ae
UX: add link for email login below username, remove button (#12118) 2021-02-24 16:30:08 -05:00
Vinoth Kannan 437c348598
DEV: add CORS header for all nginx rules of public folder files. (#12205)
* DEV: add CORS header for all nginx rules of public folder files.

This reverts commit d628c65af0 and adding CORS header in two more places individually.
2021-02-25 02:57:37 +05:30
Bianca Nenciu dc7e3fab50
FIX: Pass ajax function to loadOneboxes (#12199)
When enable_diffhtml_preview is true, oneboxes failed to load because a
wrong parameter was passed.

This commit also unhides enable_diffhtml_preview.
2021-02-24 21:42:09 +02:00
Bianca Nenciu 845987ce23
FIX: Improve error message when login_required sites are under load
Previously a confusing message would pop up making private communities thing that anonymous access is granted.
2021-02-24 13:25:55 +11:00
Sam c9256b717f
DEV: hide the site setting rebake_old_posts_count (#12181)
This setting is confusing admins, it is now hidden by default

It only applies to major updates of the rendering engine or imports and
very infrequently needs tweaking
2021-02-24 09:45:26 +11:00
Roman Rizzi 4bc3a64982
A11Y: Improve the header menu "view all" title. (#12175)
* A11Y: Improve the header menu "view all" title.

The title attribute has been used to attempt to provide the link with an accessible name, but the value of the title attribute is “view all” for the link in each of the tabs, and so their purpose is not uniquely identified.
2021-02-23 12:24:42 -03:00
Discourse Translator Bot 2757003ef1
Update translations (#12186) 2021-02-23 15:10:04 +01:00
David Taylor 3787bbc223
DEV: Remove unused `max_api_keys_per_user` site setting (#12185)
This was added in fc095acaaa, but a check was never implemented
2021-02-23 13:07:42 +00:00
Penar Musaraj 7fb4633b5a
DEV: Remove very old mocha deprecation workaround (#12151) 2021-02-22 20:26:49 -05:00
Penar Musaraj 0620f6298e
UX: Remove emoji step in wizard (#12169) 2021-02-22 12:14:18 -05:00
Arpit Jalan f75e1867ff
FIX: do not send rejection emails to auto-deleted reviewable users (#12160)
FIX: add context when user is deleted via auto handle queued reviewable
FIX: do not delete email_log when a user is deleted
2021-02-22 18:37:47 +05:30
Joffrey JAFFEUX 0b14eb6ab1
A11Y: makes edit username and avatar accessible (#12162)
This commit also adds name as a bindable attribute of link-to
2021-02-22 12:10:44 +01:00
Penar Musaraj 916e1d85cf
FEATURE: Quick theme installs via query parameters (#12128) 2021-02-18 12:51:44 -05:00
Bianca Nenciu 08acf51be0
FEATURE: Use diffhtml to update composer preview (#11237)
Displaying videos, animated GIFs or any kind of rich content in preview
used to refresh on every keystroke, which could cause performance
problems.
2021-02-18 16:07:26 +02:00
Vinoth Kannan d628c65af0
DEV: add CORS header for all files served from public folder. (#12119)
It's required when we enable cors mod in service worker.
2021-02-18 08:41:13 +05:30
Martin Brennan e0f0fe5624
FIX: Bump max topic timer duration to 20 years (#12107)
This way it has some sort of cap, even if it seems pretty
high, and we don't have to worry about requests for increasing
it from 2 to 5 to 10 etc.
2021-02-18 11:52:30 +10:00
Arpit Jalan a174c8b8d4
FIX: hide sso payload behind a button click and log views (#12110) 2021-02-17 21:27:51 +05:30
Penar Musaraj 431c6de480
UX: Add editing guidance for remote themes (#12111) 2021-02-17 10:24:34 -05:00
Simon Cossar 71904277e2
Add bad_destination_address template to email_templates_controller (#12102)
Add bad_destination_address template to email_templates_controller;
Update bad_destination_address email copy
2021-02-17 09:57:38 +01:00
Discourse Translator Bot f283bde25a
Update translations (#12097) 2021-02-16 15:24:37 +01:00
Martin Brennan c0c7c237aa
FIX: Clean up topic-timer-info CSS classes, add edit button, and improve UI (#12080)
This PR adds an edit button to the topic timer info message which opens the modal.

Also, I have cleaned up a few more places where we were referencing "topic status update" which is what these were called prior to being called topic timers.

The category settings for auto-close topic hours has now also been modified to use the new relative-time-picker component.

Finally, the relative-time-picker input step and min is dynamic based on mins/other intervals selected, see https://review.discourse.org/t/feature-relative-time-input-for-timers-and-bookmarks-and-promote-auto-close-after-last-post-timer-12063/19204/7?u=martin
2021-02-16 12:07:30 +10:00
Gerhard Schlager f71ff2c34b
UX: relative-time-picker should use pluralized strings (#12086) 2021-02-15 14:15:22 +01:00
David Taylor d8705ee0ad
UX: Fix local-dates styling (#12085)
Renames the new `relative-time` component to `relative-time-picker` to
avoid CSS class conflict with local-dates.
2021-02-15 10:44:30 +00:00
Martin Brennan 84c7b2c404
FEATURE: Relative time input for timers and bookmarks and promote auto-close after last post timer (#12063)
This PR adds a new relative-time component, that is an input box with a SK dropdown of minutes, hours, days, and months which outputs the duration selected in minutes. This new component is used in the time shortcuts list (used by bookmarks and topic timers) as a new Relative Time shortcut.

Also in this PR, I have made the "Auto-Close After Last Post" timer into a top level timer type in the UI, and removed the "based on last post" custom time shortcut.
2021-02-15 12:49:57 +10:00
Vinoth Kannan cc1c4265c1
DEV: add allow origin header to public javascript files. (#12059) 2021-02-12 19:37:57 +05:30
Discourse Translator Bot a3c363c8f0
Update translations (#12065) 2021-02-12 13:18:05 +01:00
Vinoth Kannan 5a11e72c51
UX: remove pluralization in single category notification types. (#12061) 2021-02-12 14:26:44 +05:30
Martin Brennan ff1ac57feb
FIX: Validate duration minutes values for topic timer (#12040)
Add server and client side validations to ensure topic timer durations cannot exceed 2 years and cannot be less than or equal to 0.
2021-02-12 09:05:14 +10:00
Blake Erickson 395a903cf6
DEV: Show warning message when using ember css selectors (#12036)
* DEV: Show warning message when using ember css selectors

When editing the theme css via the admin UI a warning message
will be displayed if it detects that the `#emberXXX` or `.ember-view`
css selectors are being used. These are dynamic selectors that ember
generates, but they can change so they should not be used.

* Update error message text to be more helpful

* Display a warning instead of erroring out

This allows the theme to still be saved, but a warning is displayed.

Updated the tests to check for the error message.

Updated the pre tags css so that it wraps for long messages.
2021-02-11 13:48:57 -07:00
Arpit Jalan 12b57c0dee
FEATURE: Add "Recently read topics" tab to user activity page (#12047) 2021-02-11 22:36:50 +05:30
Jordan Vidrine 5e1c8111d3
UI: Adjust gradient, icon hover, capitalizations (#12045)
This commit adjusts the scroll gradient on the login modal, changes `email / username` to `Email / Username` and adjusts the color of social button icons on hover in the login modal.
2021-02-11 10:08:01 -06:00
Jarek Radosz 956f849250 DEV: Enable unicorn logger in test environment 2021-02-11 15:24:15 +01:00
Jordan Vidrine 4580595bd8
Login signup zazz (#11957)
This PR re-styles the login and create account modals.
2021-02-10 14:53:18 -06:00
Discourse Translator Bot b3fa521bf4
Update translations (#12019) 2021-02-09 14:56:15 +01:00
Joffrey JAFFEUX 6d31ead050
A11Y: correctly sets a name on combo-boxes for single selects (#12009) 2021-02-08 11:24:42 +01:00
David Taylor 821bb1e8cb
FEATURE: Rename 'Discourse SSO' to DiscourseConnect (#11978)
The 'Discourse SSO' protocol is being rebranded to DiscourseConnect. This should help to reduce confusion when 'SSO' is used in the generic sense.

This commit aims to:
- Rename `sso_` site settings. DiscourseConnect specific ones are prefixed `discourse_connect_`. Generic settings are prefixed `auth_`
- Add (server-side-only) backwards compatibility for the old setting names, with deprecation notices
- Copy `site_settings` database records to the new names
- Rename relevant translation keys
- Update relevant translations

This commit does **not** aim to:
- Rename any Ruby classes or methods. This might be done in a future commit
- Change any URLs. This would break existing integrations
- Make any changes to the protocol. This would break existing integrations
- Change any functionality. Further normalization across DiscourseConnect and other auth methods will be done separately

The risks are:
- There is no backwards compatibility for site settings on the client-side. Accessing auth-related site settings in Javascript is fairly rare, and an error on the client side would not be security-critical.
- If a plugin is monkey-patching parts of the auth process, changes to locale keys could cause broken error messages. This should also be unlikely. The old site setting names remain functional, so security-related overrides will remain working.

A follow-up commit will be made with a post-deploy migration to delete the old `site_settings` rows.
2021-02-08 10:04:33 +00:00
Kris ded0f5b4e5
UX: Remove Helvetica from our font stack (#11876)
Arial is more consistently available across operating systems and aligns better.
2021-02-05 17:01:21 -05:00
Vinoth Kannan a6e3877b8a
DEV: use `request_path` instead of `script_name` to find static file requests. (#11986)
`script_name` env variable would be empty for public static assets.
2021-02-05 09:09:55 +05:30
tshenry 2695f7dae8
FIX: The invite success email translation variable was renamed (#11988)
`emailOrUsername` was renamed to `invitee` in a recent change to app/assets/javascripts/discourse/app/components/invite-panel.js and needed to be updated in client.en.yml
2021-02-04 19:10:34 -08:00
Kris 6d6436e9e7
UX: Fix & clarify bulk notification change modal (#11969) 2021-02-04 14:35:47 -05:00
Arpit Jalan 309adb82ba
UX: add a confirmation modal to "Remove All Tags" action (#11973)
UX: update label for "Remove Tags" action
2021-02-04 18:30:01 +05:30
Jarek Radosz 704778f448
FIX: Don't invite new users via group with SSO on or local logins off (#11950)
Issue originally reported in https://meta.discourse.org/t/bypass-sso-by-adding-unkown-email-to-group/177339

Inviting people via email address to a group when SSO is enabled (or local logins are disabled) led to a situation where user records were being created bypassing single sign-on.

We already prevent that in most places. This adds required checks to `GroupsController`.
2021-02-03 18:13:00 +01:00
Jarek Radosz 45931f86be
DEV: Remove bulk group admin endpoints (#11949)
Originally added in 47e25648df. Looks like all related code was removed in c82b2dcc24 and b76731d722.
2021-02-03 18:12:22 +01:00
Penar Musaraj 04dd4a75af
UX: Always show confirmation dialog when converting themes/components (#11953) 2021-02-03 11:45:25 -05:00
Jarek Radosz 39a9651847
DEV: Remove `update_mail_receiver` and `deprecated_api_usage` (#11947)
`update_mail_receiver`-related code was removed in 269ec70ba8 and `deprecated_api_usage`-related code was removed in d04ba4b3b2.
2021-02-03 17:41:47 +01:00
Vinoth Kannan 024f2720f3
DEV: apply cdn headers to public javascripts endpoint too. (#11942)
It will add CORS header `Access-Control-Allow-Origin: '*'` to the files inside `public/javascripts` folder.
2021-02-03 20:15:52 +05:30
Bianca Nenciu 901cee55cd
FEATURE: Improve group settings and members management (#11878)
This pull requests contains a series of improvements to groups
settings and member management such as:

- Showing which users have set a group as primary
- Moving similar settings together under Effects
- Adding bulk select and actions to members page
2021-02-03 16:11:08 +02:00
Martin Brennan 6d72c8ab19
FEATURE: Topic timer UI revamp (#11912)
This PR revamps the topic timer UI, using the time shortcut selector from the bookmark modal.

* Fixes an issue where the duration of hours/days after last reply or auto delete replies was not enforced to be > 0
* Fixed an issue where the timer dropdown options were not reloaded correctly if the topic status changes in the background (use `MessageBus` to publish topic state in the open/close timer jobs)
* Moved the duration input and the "based on last post" option from the `future-date-input` component, as it was only used for topic timers. Also moved out the notice that is displayed which was also only relevant for topic timers.
2021-02-03 10:13:32 +10:00
Gerhard Schlager fa33e4863d
DEV: Remove deprecated bootsnap options (#11929)
Bootsnap started printing these warnings:

```
[DEPRECATED] Bootsnap's `autoload_paths_cache:` option is deprecated and will be removed. If you use Zeitwerk this option is useless, and if you are still using the classic autoloader upgrading is recommended.
[DEPRECATED] Bootsnap's `disable_trace:` option is deprecated and will be removed. If you use Ruby 2.5 or newer this option is useless, if not upgrading is recommended.
```
2021-02-02 14:39:51 +01:00
Discourse Translator Bot 4860c7c6ee
Update translations (#11928) 2021-02-02 14:37:52 +01:00
Gerhard Schlager d055552994
Fix i18n issues reported on Crowdin (#11747)
* Pluralize `groups.errors.adding_too_many_users`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-ar#53882

* Pluralize `js.composer.error.title_too_short`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41172

* Pluralize `js.composer.error.title_too_long`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41174

* Pluralize `js.composer.error.post_length`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41178

* Pluralize `js.topic.progress.jump_prompt_of`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41958

* Use translations to join strings about posters
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-ar#49334
  It also makes some changes to the crawler view:
    * Removes `poster.moreCount` which is only available on the client for PMs
    * CSS class names are actually stored in `poster.extras` instead of `poster.extraClasses`

* Stop concatenating category stats
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40740

* Pluralize `js.summary.description`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40782

* Pluralize `js.summary.description_time_MF`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40784

* Use translation to join list of tags
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#43372

* Pluralize `admin_js.admin.groups.manage.membership.automatic_membership_user_count`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#43720

* Pluralize `js.post.controls.delete_topic_confirm_modal`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#54804

* Stop concatenating `js.post.last_edited_on`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42358

* Stop concatenating `js.post.wiki_last_edited_on`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42356
  It also fixes a regression because `js.post.wiki_last_edited_on` wasn't used anymore since 2017.
2021-02-02 10:50:04 +01:00
Penar Musaraj 0f31a221c9
DEV: Performance fixes to filtered replies (#11916) 2021-02-01 11:53:13 -05:00
Dan Ungureanu dd175537f3
FIX: Existing shared drafts should be accessible (#11915)
Disabling shared drafts used to leave topics in an inconsistent state
where they were not displayed as shared drafts and thus there was no
way of publishing them. Moreover, they were accessible just to users
who have permissions to create shared drafts.

This commit adds another permission check that is used for most
operations and the old can_create_shared_draft? remains used just when
creating a new shared draft.
2021-02-01 16:16:34 +02:00
Osama Sayegh 98201ecc24
DEV: {{user-selector}} replacement (#11726)
This PR is the first step towards replacing our `{{user-selector}}` and eventually deprecating and removing it from our codebase. Some of `{{user-selector}}` problems are:

1. It's called `{{user-selector}}`, but in reality in can also select groups and emails.
2. It's an Ember component, yet it doesn't have a handlebars template and uses jQuery to render itself and modify the DOM. An example of this problem is when you want to clear the selected users programmatically, see [this](6c155dba77/app/assets/javascripts/discourse/app/components/user-selector.js (L179-L185)).
3. We now have select kit which does very similar things but a lot better.

This PR introduces `{{email-group-user-chooser}}` which is meant to replace `{{user-selector}}`. It extends select kit and has the same features that `{{user-selector}}` has. `{{user-selector}}` is still used in a few places in core, but they'll all be replaced with the new component in a separate commit. 

Once `{{user-selector}}` is not used anywhere in core, it'll be deprecated and then removed after the 2.7 release.
2021-02-01 13:07:11 +03:00
Martin Brennan 3e3f3f7b7e
DEV: Add time shortcut picker component and libs and refactor bookmark modal controller into component which uses time shortcut picker (#11802)
This PR moves all of the time picking functionality from the bookmark modal and controller into a reusable time-shortcut-picker component, which will be used for the topic timer UI revamp. All of the utility JS for getting dates like tomorrow/next week/next month etc. have also been moved into a separate utility lib.

The time-shortcut-picker has a couple of options that can be passed in:

* prefilledDatetime - The date and time to parse and prefill into the custom date and time section, useful for editing interfaces.
* onTimeSelected (callback) - Called when one of the time shortcuts is clicked, and passes the type of the shortcut (e.g. tomorrow) and the datetime selected.
* additionalOptionsToShow - An array of option ids to show (by default `later_today` and `later_this_week` are hidden)
* hiddenOptions - An array of option ids to hide
* customOptions - An array of custom options to display (e.g. the option to select a post date for the bookmarks modal). The options should have the below properties:
    * id
    * icon
    * label (I18n key)
    * time (moment datetime object)
    * timeFormatted
    * hidden

The other major work in this PR is moving all of the bookmark functionality out of the bookmark modal controller and into its own component, where it makes more sense to be able to access elements on the page via `document`. Tests have been added to accompany this move, and existing acceptance tests for bookmark are all passing.
2021-02-01 09:03:41 +10:00
Simon Cossar ba2f4f3393
Improve invite to forum modal description (#11903) 2021-01-29 16:59:39 -08:00
Jeff Atwood 39ba3f8291
remove hidden area in flagged removed post msg (#11901)
because users were having trouble figuring out how to expand the hidden post to determine "what post of mine was removed??", per customer reports
2021-01-29 15:42:04 -08:00
Vinoth Kannan a5923ad603
DEV: apply allow origin response header for CDN requests. (#11893)
Currently, it creates a CORS error while accessing those static files.
2021-01-29 07:44:49 +05:30
Martin Brennan 4af4d36175
FIX: IMAP allow unknown senders to reply to group topics via email (#11877)
Adds a new column/setting to groups, allow_unknown_sender_topic_replies, which is default false. When enabled, this scenario is allowed via IMAP:

* OP sends an email to the support email address which is synced to a group inbox via IMAP, creating a group topic
* Group user replies to the group topic
* An email notification is sent to the OP of the topic via GroupSMTPMailer
* The OP has several email accounts and the reply is sent to all of them, or they forward their reply to another email account
* The OP replies from a different email address than the OP (gloria@gmail.com instead of gloria@hey.com for example)
* The a new staged user is created, the new reply is accepted and added to the topic, and the staged user is added to the topic allowed users

Without allow_unknown_sender_topic_replies enabled the new reply creates an entirely new topic (because the email address it is sent from is not previously part of the topic email chain).
2021-01-29 09:59:10 +10:00
Jarek Radosz 8881ae4af4
DEV: Remove dead code (`latestTopicOnly`) (#11833)
Background: I wanted to see `categories.latest_by` translation in context in a live app but couldn't find it, so I traced it throughout the code.

My step-by-step reasoning for the removal is:

1. `categories-only` does not use `latestTopicOnly`, so there's no need to call it with that argument
2. `parent-category-row` is never called with `latestTopicOnly` argument, so the reference to that arg can be removed from its template
3. after that, `featured-topic` is now no longer ever called with `latestTopicOnly` argument (except in the `ghost` theme, but that's because its override of `categories-only` template 4e2fba963c/common/header.html (L119) is based on the old version of that template from core), so it seems safe to remove it there too (`categories.latest_by` i18n string is also no longer needed)
4. then, nothing is using `latestTopicOnly` anymore so it can be removed from `categories` hbs/js

I checked in each step that there are no plugins or themes (in all-the-plugins/all-the-themes) using those properties/arguments/strings.
2021-01-28 11:48:51 +01:00
David Taylor 60515547bc
DEV: Use $upstream for logging performance headers in NGINX (#11856)
This ensures that the logs will still work, even if the headers are
hidden with `proxy_hide_header`
2021-01-26 21:03:20 +00:00
Discourse Translator Bot 3c028cb67f
Update translations (#11848) 2021-01-26 14:52:35 +01:00
David Taylor 67db5e97f8
FEATURE: Add extra response headers to nginx log format (#11840)
These headers are useful for debugging and performance analysis
2021-01-26 11:32:43 +00:00
Vinoth Kannan c7781f1139
UX: respect `email_editable` site setting in user activation page. (#11835)
Previously, when both `enable_local_logins` and `email_editable` are disabled still user can change the email in  user activation page.
2021-01-25 22:19:26 +05:30
Penar Musaraj 4f01ca87e3
FEATURE: Add new features section in admin dashboard (#11731) 2021-01-22 10:09:02 -05:00
Gerhard Schlager 71656d2c37
UX: Makes the theme editor display placeholder correctly for RTL languages (#11800)
This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-he#53834
2021-01-22 16:03:43 +01:00
Kris e031679f99
A11Y: Add aria-label to input clear button (#11803) 2021-01-21 21:58:34 -05:00
Vinoth Kannan 872f3e6934
UX: warn about messages to be orphaned while deleting a group. (#11727)
Currently, after destroying a group its messages are inaccessible to everyone. Only admins can access using direct URLs.
2021-01-22 03:29:34 +05:30
Jarek Radosz b6afcf98b9
DEV: Remove an unused i18n string (#11783)
Originally added in 95ad4f9077. The only usage removed in 3bbd8b1258.
2021-01-21 12:32:44 +01:00
Discourse Translator Bot 0e8c155b70
Update translations (#11779) 2021-01-20 22:58:26 +01:00
Roman Rizzi 1e28d2900e
UX: Fallback locale warning improvements. (#11775)
- Improve warning message.
- Only display the warning if the language has a fallback and either "allow_user_locale", or "set_locale_from_accept_language_header" are enabled.
2021-01-20 18:08:02 -03:00
Gerhard Schlager 3b2f6e129a
FEATURE: Add English (UK) as locale (#11768)
* "English" gets renamed into "English (US)"
* "English (UK)" replaces "English"

@discourse-translator-bot keep_translations_and_approvals
2021-01-20 21:32:22 +01:00
Mark VanLandingham 1a7922bea2
FEATURE: Create notification schedule to automatically set do not disturb time (#11665)
This adds a new table UserNotificationSchedules which stores monday-friday start and ends times that each user would like to receive notifications (with a Boolean enabled to remove the use of the schedule). There is then a background job that runs every day and creates do_not_disturb_timings for each user with an enabled notification schedule. The job schedules timings 2 days in advance. The job is designed so that it can be run at any point in time, and it will not create duplicate records.

When a users saves their notification schedule, the schedule processing service will run and schedule do_not_disturb_timings. If the user should be in DND due to their schedule, the user will immediately be put in DND (message bus publishes this state).

The UI for a user's notification schedule is in user -> preferences -> notifications. By default every day is 8am - 5pm when first enabled.
2021-01-20 10:31:52 -06:00
Jarek Radosz 6667f1a008
FIX: Polish lang label (#11767)
Absolutely no need for "language" prefix…
2021-01-20 15:09:18 +01:00
Discourse Translator Bot 7f7bae1262
Update translations (#11764) 2021-01-20 12:43:57 +01:00
Krzysztof Kotlarek 8b10fc2f8c
FIX: remove rendering UX from ember models (#11724)
Fix for `admin-user.js` and `backup.js` models.
2021-01-20 16:04:21 +11:00
Kris e968af6dd4
A11Y: Add aria-labels to search inputs and search button (#11752) 2021-01-19 14:32:32 -05:00
Discourse Translator Bot 440b63e833
Update translations (#11756) 2021-01-19 16:14:59 +01:00
Martin Brennan be145ccf2f
FIX: Add bookmark limits (#11725)
Adds a bookmark search per page limit, a total bookmark creation limit, and a rate limit per day for bookmark creation.
2021-01-19 08:53:49 +10:00
Roman Rizzi ea8b5c18db
UX: Text customization for different languages. (#11729)
Admins can now edit translations in different languages without having to change their locale. We display a warning when there's a fallback language set.
2021-01-18 14:53:45 -03:00
Roman Rizzi 7ac9a4d2ec
FIX: Allow users to opt-out of using the site's small logo as the system user avatar. (#11744) 2021-01-18 14:09:07 -03:00
godmar 9aeece465f
FEATURE: support DISCOURSE_SMTP_FORCE_TLS option (#11733)
Background: RFC 8314 3.3 asks that:

clients and servers SHOULD implement both STARTTLS on
port 587 and Implicit TLS on port 465

Discourse currently cannot be configured this way.
With this patch, it's possible to set
DISCOURSE_SMTP_FORCE_TLS=true to use implicit TLS on port 465
2021-01-18 11:56:18 -05:00
Roman Rizzi 19b2011601
UX: Show a warning on the category edit page when category style is none and colors are disabled. (#11742) 2021-01-18 13:13:38 -03:00
Krzysztof Kotlarek 06b7c44593
FEATURE: reason to reject user signup (#11700)
Feature for `Must Approve Users` setup. When a user is rejected, a staff member can optionally set a reason for audit purposes. In addition, feedback email can be sent to the user.

Meta: https://meta.discourse.org/t/account-rejection-email/103112/8
2021-01-15 09:43:26 +11:00
Roman Rizzi 1ad378f5c5
FEATURE: Log when a group is deleted. (#11706)
We include the group "name" and "granted_trust_level" attributes.
2021-01-13 15:53:18 -03:00
Discourse Translator Bot 0e8e3f4813
Update translations (#11689) 2021-01-12 14:29:05 +01:00
Arpit Jalan 25b4e82601
FEATURE: allow disabling self-deletions of posts (#11668)
https://meta.discourse.org/t/restoring-deleted-messages/173647/6?u=techapj
2021-01-08 20:35:13 +05:30