Commit Graph

19223 Commits

Author SHA1 Message Date
Martin Brennan 8ebd5edd1e
DEV: Rename secure_media to secure_uploads (#18376)
This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality.

This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site.

Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing.

This also keeps compatibility with the `secure-media-uploads` path, and changes new
secure URLs to be `secure-uploads`.

Deprecated settings:

* secure_media -> secure_uploads
* secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails
* secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 09:24:33 +10:00
Osama Sayegh 70b96ac4e7
DEV: Include quote notifications in the replies tab in the user menu (#18401)
The rationale behind this change is that quote notifications are almost always as important as replies notifications so it makes sense for them to be included in the replies tab instead of the "other" tab. Internal topic: t/74748.
2022-09-28 21:41:11 +03:00
Rafael dos Santos Silva ea3bc7d7dc
UX: Restore full sized composer on mobile (#18400) 2022-09-28 15:32:09 -03:00
Jordan Vidrine 64601779f0
UX: Style changes to match updates (#18397) 2022-09-28 12:31:56 -05:00
Keegan George c3d9324d4d
FEATURE: Remember adjusted composer height (#18385)
This PR makes adjusted composer height persistent for a user. After dragging to change the composer height, the updated height will be stored in localStorage and will be restored when opening the composer again.
2022-09-28 08:43:52 -07:00
Penar Musaraj 37b043fefc
FIX: Ensure composer grippie stays visible (#18396)
Fixes a small regression in ab58b0c.
2022-09-28 10:02:03 -04:00
Andrei Prigorshnev 833c8055e1
FEATURE: Optionally show user status on email group user chooser (#18367) 2022-09-28 17:31:20 +04:00
dependabot[bot] 297ce90a88
Build(deps): Bump @babel/core in /app/assets/javascripts (#18388)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.19.1 to 7.19.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.3/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-09-28 12:48:09 +02:00
Osama Sayegh b10b5eb17b
DEV: Unsubscribe from MessageBus channel when leaving review-index route (#18395)
We subscribe to a couple of MessageBus channels when the review-index route is entered, but we should unsubscribe when exiting the route otherwise callbacks would leak every time the review-index is entered and that might cause subtle and weird bugs or errors.
2022-09-28 12:58:19 +03:00
dependabot[bot] 567fcaecb8
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18389)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.19.2 to 7.19.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.3/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-28 11:43:40 +02:00
Osama Sayegh 51cabf0f26
DEV: Use the correct property for checking if redesigned user menu is enabled (#18394)
The correct attribute for the new user menu feature flag is `redesigned_user_menu_enabled`, not `enable_redesigned_user_menu`.
2022-09-28 10:50:52 +03:00
Alan Guo Xiang Tan 4b561277a9
FEATURE: Add review link to community section for logged in user (#18374)
When there are pending reviewables, the review section link is displayed
in the main section. When there are no pending reviewables, the review
section link is displayed under the more links drawer.

Internal ref: /t/74210
2022-09-28 09:58:07 +08:00
Arpit Jalan bc97f3d1c1
FIX: some composer messages were broken (#18392) 2022-09-28 07:21:20 +05:30
Martin Brennan ec83260686
Revert "init (#18387)" (#18391)
This reverts commit c975fa3b29.

CSS changes here break CI
2022-09-28 10:33:09 +10:00
Jordan Vidrine c975fa3b29
init (#18387) 2022-09-27 19:15:11 -05:00
Renato Atilio 4c085873e5
FIX: 404 sending beacon "leave all" on subfolder install 2022-09-27 19:57:38 +01:00
Penar Musaraj cc4af80c7d
DEV: refactor bootbox alerts (#18292) 2022-09-27 14:47:13 -04:00
Keegan George ca1038187f
A11Y: Improve user card accessibility (#18348) 2022-09-27 10:06:20 -07:00
Arpit Jalan 2ee721f8aa
FEATURE: add composer warning when user haven't been seen in a long time (#18340)
* FEATURE: add composer warning when user haven't been seen in a long time

When a user creates a PM and adds a recipient that hasn't been seen in a
long time then we'll now show a warning in composer indicating that the
user hasn't been seen in a long time.
2022-09-27 22:06:40 +05:30
Rafael dos Santos Silva 0f5db0838d
FEATURE: JS API interface for hljs plugins (#18382)
* FEATURE: JS API interface for hljs plugins

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-09-27 13:26:52 -03:00
Penar Musaraj 217274f2c1
A11Y: multiple fixes to user stream items (#18368)
- in group activity, allows avatars to be selectable by tabbing or screen readers
- in user activity > drafts, fixes a bug where for draft replies, the wrong avatar was being shown in the user card
- in both group and user activity, fixes the order of focusable items
2022-09-27 10:59:26 -04:00
Penar Musaraj b97cb222c2
A11Y: Associate label with input in bookmark modal (#18371) 2022-09-27 09:18:59 -04:00
Penar Musaraj 250c0bccbd
A11Y: Add aria label to composer messages `Esc` button (#18372) 2022-09-27 08:52:09 -04:00
Rafael dos Santos Silva ab58b0cffe
FIX: Better virtual keyboard detect on Android (#18298)
* FIX: Better virtual keyboard detect on Android

Firefox has a bug where *sometimes* the visualViewport.height won't be
updated when the keyboard pops up until you scroll, making our composer
stay hidden behind the keyboard. This commit uses both window.innerHeight
and  window.visualViewport.height using the minimum of both to check for
height changes.

For Chrome/Edge we feature detect the new VirtualKeyboard API and
opt-into it when the composer opens and use it to detect if a keyboard
is being draw. Opting into the API changes how the viewport is
calculated so we have to also change how the full height composer is
calculated. To minimize breakage we opt-out when the composer component
is destroyed.

This commit also moves the `--composer-ipad-padding` to only happen on
iPads.

Bug report at https://meta.discourse.org/t/-/228382
2022-09-26 17:35:58 -03:00
Penar Musaraj e2ee6418c6
UX: Restrict width of "reply where" modal (#18365)
Flex styling was causing the buttons to be too wide in some browsers.
2022-09-26 15:05:00 -04:00
Dan Gebhardt 88413c20d9
DEV: Refine showPopover / hidePopover + introduce isPopoverShown helper for use with d-popover (#18334)
Although showPopover continues to toggle the popover (showing if hidden / hiding if shown), hidePopover now will only hide the popover. Furthermore, isPopoverShown has been introduced to provide insight into whether the popover is currently shown or not, and therefore whether it should be hidden or shown.

Also, the showPopover / hidePopover test has been refined to override `trigger` and `hideOnClick` settings to allow for full imperative control of showing / hiding the popover.
2022-09-26 20:39:17 +02:00
Daniel Waterworth 69d74ae508
DEV: Differentiate staff-writes-only banner (#18364) 2022-09-26 13:16:29 -05:00
Bianca Nenciu b81afa0756
FIX: Update user results page when no users found (#18363)
The page was not updated if the server did not return any results. This
caused the page to be either empty or display the previous result set.
2022-09-26 16:37:56 +03:00
Jarek Radosz f64e7233e5
DEV: De-jQ post-cooked (#18328) 2022-09-26 14:26:38 +02:00
Martin Brennan e62e93f83a
FEATURE: Introduce personal_message_enabled_groups setting (#18042)
This will replace `enable_personal_messages` and
`min_trust_to_send_messages`, this commit introduces
the setting `personal_message_enabled_groups`
and uses it in all places that `enable_personal_messages`
and `min_trust_to_send_messages` currently apply.

A migration is included to set `personal_message_enabled_groups`
based on the following rules:

* If `enable_personal_messages` was false, then set
  `personal_message_enabled_groups` to `3`, which is
  the staff auto group
* If `min_trust_to_send_messages` is not default (1)
  and the above condition is false, then set the
  `personal_message_enabled_groups` setting to
  the appropriate auto group based on the trust level
* Otherwise just set `personal_message_enabled_groups` to
  11 which is the TL1 auto group

After follow-up PRs to plugins using these old settings, we will be
able to drop the old settings from core, in the meantime I've added
 DEPRECATED notices to their descriptions and added them
to the deprecated site settings list.

This commit also introduces a `_map` shortcut method definition
for all `group_list` site settings, e.g. `SiteSetting.personal_message_enabled_groups`
also has `SiteSetting.personal_message_enabled_groups_map` available,
which automatically splits the setting by `|` and converts it into
an array of integers.
2022-09-26 13:58:40 +10:00
Keegan George a446be1069
UX: Fix cut-off accents in sidebar headings (#18349) 2022-09-23 17:18:58 -07:00
Kris 61c5916b2c
Revert "FEATURE: add tooltips to timeline start/end dates (#18294)" (#18346)
This reverts commit b98cd73ace.
2022-09-23 14:20:33 -04:00
David Taylor 8964749989
DEV: Remove invalid pretender calls (#18341)
Get parameters cannot be included in the URL of request stubs. Instead, the callback can check `request.queryParams` to modify behavior.
2022-09-23 12:07:23 +01:00
Alan Guo Xiang Tan 8c7a38449c
FIX: Sidebar categories for anonymous not being sorted by name (#18339)
Sort it by name for now even though we have an on going conversation to
decide how categories should be sorted in sidebar

https://meta.discourse.org/t/sidebar-categories-are-out-of-order-for-anonymous-users/239679
2022-09-23 12:17:42 +08:00
Kris b515a45cf4
UX: fix topic stream placeholders (#18336) 2022-09-23 10:21:00 +08:00
Alan Guo Xiang Tan 0c45aa7900
FIX: Skip uncategorized category in sidebar when disabled (#18324)
When `allow_uncategorized_topics` is set to `false`, we do not want to
show the uncategorized in sidebar by default.

This commit updates a couple of places in the code related to sidebar
which was incorrectly using `suppress_uncategorized_badge` site setting
which is mainly used for hiding the category badge for uncategorized
category and should not be used to determine if uncategorized categories
should be allowed or not.
2022-09-23 10:20:30 +08:00
Alan Guo Xiang Tan 03f83c0eed
FIX: Respect site settings for sidebar users, groups and badges link (#18325)
The links should not be displayed when its associated site setting has
been disabled. This commit maintains parity with the old hamburger menu.
2022-09-23 10:19:59 +08:00
Kris a38e44fd5e
UX: truncate site text titles in a cleaner way (#18335) 2022-09-23 10:19:44 +08:00
Keegan George a23d19fab0
DEV: Emoji picker keyboard accessibility updates (#18331)
This PR makes some updates to the prior keyboard accessibility commit (eb98746):
- Makes `tabindex` attribute only appear on emoji markup in the emoji picker.
- After pressing the Esc key, focus returns to the <textarea/> input (composer editor or chat input)
2022-09-22 15:21:34 -07:00
Vinoth Kannan 998bd191a5
FEATURE: site setting to disable usernames in share links. (#18315)
https://meta.discourse.org/t/share-a-link-for-a-post-should-not-leak-username/66489/22?u=vinothkannans
2022-09-22 23:12:39 +05:30
Kris 3f303d263e
minor sidebar description styling for anons (#18332) 2022-09-22 13:05:32 -04:00
David Taylor 7a622f22bc
FIX: Hide experimental user navigation changes when disabled (#18327)
Followup to b066955838
2022-09-22 10:26:01 +01:00
dependabot[bot] da47e448ac
Build(deps): Bump sass from 1.54.9 to 1.55.0 in /app/assets/javascripts (#18323)
Bumps [sass](https://github.com/sass/dart-sass) from 1.54.9 to 1.55.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.54.9...1.55.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-22 11:05:55 +02:00
Alan Guo Xiang Tan b066955838
DEV: Mobile layout support for experimental user nav (#18308) 2022-09-22 09:45:50 +08:00
Rafael dos Santos Silva f11b926823
DEV: Add test case for syntax highlight of complex HTML (#18320)
* DEV: Add test case for syntax highlight of complex HTML

The commit 685e0da upgrade HighlightJS to version 11, which deprecates
syntax highlight of complex HTML elements. See https://github.com/highlightjs/highlight.js/issues/2889

This brought a regression of syntax highlighting of GitHub oneboxes,
which was fixed in 09cec7d. This commit adds a test case to prevent
future regressions like this one.

* fix test and warning
2022-09-21 19:09:53 -03:00
Keegan George eb987460f2
FEATURE: Select emojis in picker via keyboard (#18163)
* DEV: Make emoji elements focusable

Since emoji elements are of type `<img>` it requires a `tablindex="0"` in order to be focusable.

* WIP: Handle emoji focus/selection via arrow keys

Near completion, however, need a few fixes/improvements and overall code cleanup

* WIP: Testing

* DEV: Fixes and cleanup

* DEV: Follow conventions

* DEV: Improve up/down traversal when recents present

* DEV: Emoji markup in tests should include `tabindex`

* DEV: Add `tabindex` to topic tests

* DEV: Variable name as `searchInput` instead of `searchBar`

* DEV: Use appropriate method name (`_setNumEmojiPerRow`)

* DEV: Add comments and avoid nested if

* WIP: Adding test

* Fix first test

* DEV: Add assertions for arrow keys and escape key

* Some fixes for up/down navigation

This does not fix everything, when going from one section to another,
there are issues

* Fix a small regression

* FIX: Ability to focus on search results

Fixes regression

* Refactor calculating next up/down emoji

* Debugging test failure

* Skip stubborn CI test, add others

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-09-21 13:21:36 -07:00
Daniel Waterworth e37ced96bf
DEV: Don't interpret user field names as HTML (#18317)
This isn't a security bug, because only admins can create user fields
and we have to trust admins, because they can change themes, which are
shown site-wide and can contain unrestricted JS.
2022-09-21 12:21:58 -05:00
dependabot[bot] ed7ba1418b
Build(deps): Bump mout from 1.2.3 to 1.2.4 in /app/assets/javascripts (#18316)
Bumps [mout](https://github.com/mout/mout) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/mout/mout/releases)
- [Changelog](https://github.com/mout/mout/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mout/mout/compare/v1.2.3...v1.2.4)

---
updated-dependencies:
- dependency-name: mout
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-21 17:51:36 +02:00
David Taylor b0a9d8b761
DEV: Improve labelling of Firefox Evergreen/ESR CI runs (#18313)
Both versions are used with `--headless`, so labelling one "Firefox" and the other "Firefox Headless" doesn't really make sense. Evergreen / ESR are better descriptions.
2022-09-21 15:34:26 +01:00
Jarek Radosz eab33af5bf
SECURITY: Handle incomplete quote bbcode (#18311) 2022-09-21 14:02:50 +02:00