Commit Graph

23674 Commits

Author SHA1 Message Date
Robin Ward 3862036422 REFACTOR: Use imports for `sinon` and `setResolver`
I also took the opportunity with this commit to move some test specific
stuff out of `discourse-loader` which is loaded on the front end of the
application. The test module building now happens in the `test_helper`
bundle.
2020-10-09 13:54:54 -04:00
hawm d96b35b0f5 FIX: display correct reply count for crawler 2020-10-09 11:11:11 -04:00
Daniel Waterworth 721ee36425
Replace `base_uri` with `base_path` (#10879)
DEV: Replace instances of Discourse.base_uri with Discourse.base_path

This is clearer because the base_uri is actually just a path prefix. This continues the work started in 555f467.
2020-10-09 12:51:24 +01:00
David Taylor 5e3130ac26
FIX: Include subfolder base_path in web app manifest shortcuts (#10878) 2020-10-09 11:40:40 +01:00
Rafael dos Santos Silva 5157e3b6e3
FIX: Favicon count was not updated when window focus returned (#10875)
This misses a test because Favcount doesn't exposes a get to the counter.

Also, since this code deals with all possible notifications configs we support:

- favicon notification
- favicon new content
- title notification
- title new content

the code is a bit complicated to follow. We may look into refactoring it when a
good opportunity arises, like if https://w3c.github.io/badging/ setClientBadge() method
gives us a cleaner way to notify users.
2020-10-09 10:51:39 +11:00
Robin Ward 4a8f5dbfbd REFACTOR: Remove `.erb` file from javascript tests
We can't use erb in Ember CLI (since it does not have Ruby) so this has
been ported to use our `javascript:update_constants` rake test instead.

Note we don't have to run this every time a notification type as it's
only used by fixtures to fill in some specific types we test against.
2020-10-08 18:36:09 -04:00
Robin Ward ef7d99b0a8 REFACTOR: Move test setup to a module
This is long overdue. We had a lot of (not linted) code to initialize
our test suite as part of the Ruby `test_helper.js` bundle.

This refactor moves that out to a `setup-tests` module, which imports
all the modules properly, rather than using `require`.

It also removes the global `server` variable which some tests were using
for pretender. Those tests are fixed, and in the case of widget tests,
support for a `pretend()` was added, which mimics our acceptance tests.

One problematic test was removed, which overwrites `/posts` - this could
break tons of other tests depending on order.
2020-10-08 15:11:51 -04:00
Penar Musaraj 5130b4d674
Ignore disabled out-of-date remote themes (#10870)
No need to alert in admin dashboard about out of date remote themes
that are disabled.
2020-10-08 13:48:16 -04:00
David Taylor e47b847ac2
FIX: Use scope name when serializing UserApiKeys (#10871)
This issue was introduced in 1ba9b34b03, when the scopes were changed from an array of strings to a dedicated table
2020-10-08 18:12:24 +01:00
Joffrey JAFFEUX 8520096043
FIX: ensures insert hyperlink works with mailto (#10867)
The prefixing logic is moved into a `prefixProtocol` function in lib:url.

This commit also renames an incorrectly named test and uses https as default instead of http, in 2020 it's reasonable to think we most likely want https and not http. User can still specify http if required.
2020-10-08 13:16:07 +02:00
Joffrey JAFFEUX c3e8bc0280
FIX: ensures category chooser is working with non english char (#10866)
This commit is also moving one test to a component test.

A followup to this commit would be to ensure every dropdowns are using a regex instead of the normalize/lowercase system we have now.
2020-10-08 13:10:09 +02:00
Gerhard Schlager bdbee36961 DEV: Fix typo 2020-10-07 23:43:11 +02:00
Penar Musaraj 40460fa00a
FIX: missing SVG mask asset in wizard (#10856)
The dark-mode-friendly SVG mask for the wizard's background image
introduced in 8fcfb9586c does not work with
CDNs, because CORS restrictions apply to SVG masks.

It would be complicated to modify CDN access origin rules for this one
specific assets, so instead, this PR moves the contents of the SVG file
inside the stylesheet.
2020-10-07 16:23:14 -04:00
Robin Ward cee80b0e44 FIX: Group Requests loading was broken
We were referencing the wrong property, which meant the footer was
always being hidden and we were trying to load more requests when we'd
already loaded them all.

see:
https://meta.discourse.org/t/constant-loading-on-group-membership-request-tab/166284
2020-10-07 14:54:17 -04:00
Robin Ward 3e8561daaf REFACTOR: Some qunit `module` imports were missing
These are tricky because `module.exports` is used by nodejs files as a
global, which is OK. But we don't want to allow `module` in JS tests
for qunit without importing it first.
2020-10-07 13:25:25 -04:00
David Taylor 16daf3c986
FIX: Compare Jobs::UserEmail type argument as string (#10851)
In specs, symbols are passed through correctly. But in production, all arguments are provided to jobs as strings.

Followup to c0293339b8
2020-10-07 16:55:32 +01:00
Robin Ward 71d37953d5 REFACTOR: Import `QUnit` and related helpers rather than globals
We used many global functions to handle tests when they should be
imported like other libraries in our application. This also gets us
closer to the way Ember CLI prefers our tests to be laid out.
2020-10-07 11:50:49 -04:00
David Taylor c0293339b8
PERF: Do not enqueue digest emails when attempted recently (#10849)
Previously, Jobs::EnqueueDigestEmails would enqueue a digest job for every user, even if there are no topics to send. The digest job would exit, no email would send, and last_emailed_at would not change. 30 minutes later, Jobs::EnqueueDigestEmails would run again and re-enqueue jobs for the same users.

120fa8ad introduced a temporary mitigation for this issue, by randomly selecting a subset of those users each time.

This commit adds a new `digest_attempted_at` column to the `user_stats` table. This column is updated every time a digest job completes for a user. Using this, we can avoid scheduling digest jobs for the same user every 30 minutes. This also removes the random user selection in 120fa8ad, and instead prioritizes users who had digests attempted the longest time ago.
2020-10-07 15:30:38 +01:00
Sam 120fa8ad2f
PERF: Introduce absolute limit of digests per 30 minutes (#10845)
To avoid blocking the sidekiq queue a limit of 10,000 digests per 30 minutes
is introduced.

This acts as a safety measure that makes sure we don't keep pouring oil on
a fire.

On multisites it is recommended to set the number way lower so sites do not
dominate the backlog. A reasonable default for multisites may be 100-500.

This can be controlled with the environment var

DISCOURSE_MAX_DIGESTS_ENQUEUED_PER_30_MINS_PER_SITE
2020-10-07 17:30:15 +11:00
Martin Brennan 6e2be3e60b
FIX: When admin changes an email for the user the user must confirm the change (#10830)
See https://meta.discourse.org/t/changing-a-users-email/164512 for additional context.

Previously when an admin user changed a user's email we assumed that they would need a password reset too because they likely did not have access to their account. This proved to be incorrect, as there are other reasons a user needs admin to change their email. This PR:

* Changes the admin change email for user flow so the user is sent an email to confirm the change
* We now record who the email change request was requested by
* If the requested by user is admin and not the user we note this in the email sent to the user
* We also make the confirm change email route open to anonymous users, so it can be clicked by the user even if they do not have access to their account. If there is a logged in user we make sure the confirmation matches the current user.
2020-10-07 13:02:24 +10:00
Kane York 68e87bb58e
User export: profile as json, export auth token logs (#10819)
* FEATURE: Export the entire user profile as json, not just bio/website

* FEATURE: Add session log information to user export

Even though the columns are named 'auth_token' etc, the content is not actually usable to log into the forum with. Despite all that, it is still truncated for export, to avoid any 'token hash cracking' situations.
2020-10-06 15:51:53 -07:00
Joffrey JAFFEUX 7b34433fc2
REVERT: revert change from action + mut to mut (#10844)
* Revert "FIX: fixes regression where wizard dropdown couldn't update (#10838)"

This reverts commit e3b2fc6074.

* Revert "DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822)"

This reverts commit c0350dc362.
2020-10-06 23:50:05 +02:00
Roman Rizzi a8c47e7c7f
SECURITY: Ensure users can see the topic before setting a topic timer. (#10841) 2020-10-06 16:49:06 -03:00
Joffrey JAFFEUX e3b2fc6074
FIX: fixes regression where wizard dropdown couldn't update (#10838) 2020-10-06 13:33:37 -04:00
Arpit Jalan f4c7c7bff3
FEATURE: bulk remove tags (#10831)
https://meta.discourse.org/t/bulk-actions-remove-tags-in-addition-to-change-tags/52145
2020-10-06 22:41:55 +05:30
Penar Musaraj e175c467cc
DEV: Do not render header in wizard preview when logo is missing (#10835)
This can happen if a plugin skips the logo step of the wizard.
2020-10-06 12:08:41 -04:00
Joffrey JAFFEUX c0350dc362
DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822) 2020-10-06 17:17:45 +02:00
Penar Musaraj 4efbf8dc4f
Remove "further reading" step from wizard (#10825)
Instead, add link to top themes on meta in wizard's last step.
2020-10-05 15:06:05 -04:00
Robin Ward 39ad9a4734 REFACTOR: Support importing of `Pretender`
We shouldn't be using global variables for libraries.
2020-10-05 14:33:55 -04:00
Gerhard Schlager f30c5a5c3a REFACTOR: Removes double check of site setting in badge granter
...and uses `update!` because the result of `update` isn't used
2020-10-05 19:59:57 +02:00
Robin Ward 4dec7d85d0 REFACTOR: Removes `Discourse.SiteSettings` constant from tests
This does not work in the Ember CLI world.
2020-10-05 13:52:13 -04:00
Penar Musaraj a4356b99af
FEATURE: Separate base and heading font site_settings (#10807)
Allows site administrators to pick different fonts for headings in the wizard and in their site settings. Also correctly displays the header logos in wizard previews.
2020-10-05 13:40:41 -04:00
Bianca Nenciu bdfb370f19
FIX: Disallow email invites if enable_local_logins is disabled (#10805)
allowEmails used to always be set to true and did not use
can_invite_via_email, which checks for enable_local_logins.

It was a problem because on sites with local logins
disabled users were allowed to enter email addresses, but
received a generic error "error inviting that user".
2020-10-05 19:38:22 +03:00
Robin Ward 070fe7f45d FIX: Deprecated overwriting of computed property
We can set `hide` to true instead of overwriting the property on
dismiss.
2020-10-05 12:09:01 -04:00
Jarek Radosz cf44cdb082
FIX: Validate category name on parent change (#10815)
Previously, moving a category into another one, that already had a child category of that name (but with a non-conflicting slug) would cause a 500 error:

```
# PG::UniqueViolation:
#   ERROR:  duplicate key value violates unique constraint "unique_index_categories_on_name"
#   DETAIL:  Key (COALESCE(parent_category_id, '-1'::integer), name)=(5662, Amazing Category 0) already exists.
```

It now returns 422, and shows the same message as when you're renaming a category: "Category Name has already been taken".
2020-10-05 11:50:05 +02:00
Joffrey JAFFEUX 702f7a5a67
FIX: makes dashboard periods use current day and weekly 7 days (#10817)
Prior to this fix, weekly could be 8 days and we could have differences between period chooser text and actual results in the chart.

A good followup to this PR would be to add custom date ranges in period-chooser component.
2020-10-05 10:32:12 +02:00
Jarek Radosz 4b5358bb42
FIX: Preload uploads in groups#search to stop N+1 (#10814)
`BasicGroupSerializer` includes `flair_url` which uses `flair_upload` relation, so the N in N+1 in this case was the number of groups with flair in the forum.
2020-10-05 10:22:55 +02:00
Arpit Jalan 9b45391cf9
FEATURE: explain why invites are disabled to staff users (#10810)
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-03 13:05:26 +05:30
Penar Musaraj 97f34d7b71
FIX: Hide empty popular/recent sections in 404 page (#10811) 2020-10-02 15:11:15 -04:00
Robin Ward e363b113a8 FIX: Build was broken because uglify can't accept `let` or `const`
For now we can live with `var`.
2020-10-02 12:04:33 -04:00
Robin Ward 23f24bfb51 REFACTOR: Move javascript tests inside discourse app
This is where they should be as far as ember is concerned. Note this is
a huge commit and we should be really careful everything continues to
work properly.
2020-10-02 11:29:36 -04:00
Vinoth Kannan d0d61e4118
FIX: remove whitespaces around inline HTML tags next to text. (#10803) 2020-10-02 10:56:40 +05:30
Guo Xiang Tan 495c79da1a Revert "FIX: Use topic title headline in search menu result."
This reverts commit 4b8c15b857.

This breaks topic title for topic similar search.
2020-10-02 13:12:31 +08:00
Guo Xiang Tan 4b8c15b857 FIX: Use topic title headline in search menu result. 2020-10-02 09:04:54 +08:00
Krzysztof Kotlarek 5cf411c3ae
FIX: move hp request from /users to /token (#10795)
`hp` is a valid username and we should not prevent users from registering it.
2020-10-02 09:01:40 +10:00
Robin Ward 901ae1ddd1 FIX: Allow staff to use HTML in the category read only banner 2020-10-01 11:55:35 -04:00
Robin Ward 9f95511096 DEV: Add support for `api-initializers` to reduce boilerplate.
You can now create a file in your plugin/theme in the `api-initializers`
directory which has a simpler template than previous initializers.
Example:

```
// api-initializers/my-plugin.js
import { apiInitializer } from "discourse/lib/api";

export default apiInitializer("0.8", api => {
  console.log("hello world from api initializer!");
});
```
2020-09-30 16:05:44 -04:00
Arpit Jalan ff44515a18
FIX: better error message if invite is expired (#10783)
https://meta.discourse.org/t/invite-token-is-invalid/165270/5?u=techapj
2020-09-30 20:32:33 +05:30
Robin Ward 8945a752f2 FIX: Deprecation overwriting `translatedText` CP
This allows us to pass a `textParams` object for options that will be
translated via i18n.
2020-09-30 10:36:31 -04:00
Robin Ward eac5dfd1ef Update app/assets/javascripts/discourse/app/templates/components/share-popup.hbs
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2020-09-30 10:35:46 -04:00
Robin Ward 3d6d3e6cb1 REFACTOR: Remove deprecated `action="something"` attributes
In newer versions of Ember, `this.sendAction` is deprecated:

https://deprecations.emberjs.com/v3.x/#toc_ember-component-send-action

This patch removes most of our current uses (via `d-button`) but also
some other rogue `this.sendAction` calls too.
2020-09-30 10:35:46 -04:00
Martin Brennan 39b2fb8649
FIX: Invalid URLs could raise exceptions when calling UrlHelper.rails_route_from_url (#10782)
Upload.secure_media_url? raised an exceptions when the URL was invalid,
which was a issue in some situations where secure media URLs must be
removed.

For example, sending digests used PrettyText.strip_secure_media,
which used Upload.secure_media_url? to replace secure media with
placeholders. If the URL was invalid, then an exception would be raised
and left unhandled.

Now instead in UrlHelper.rails_route_from_url we return nil if there is something wrong with the URL.

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2020-09-30 15:20:00 +10:00
Jordan Vidrine 3d1ab601d0
UI: Remove background from group notifications of @mentions (#10775)
This commit removes the background color from group @mention notifications. This resolves visual contrast issues when 'unread' styles are applied.
2020-09-29 18:44:12 -05:00
Gerhard Schlager 9d4009b0e8
FIX: Use correct locale for error messages (#10776)
Error messages for exceeded rate limits and invalid parameters always used the English locale instead of the default locale or the current user's locale.
2020-09-29 21:42:45 +02:00
Robin Ward 4987d61448 FIX: We were overriding the `canCreateTopicOnCategory` computed property
It seems to be set everytime by the route so the old CP was not
required. This is not allowed in newer versions of ember.
2020-09-29 14:57:34 -04:00
Arpit Jalan 025490ecb9
FEATURE: composer option to reload page and force save draft (#10773) 2020-09-29 22:29:03 +05:30
Mark VanLandingham d8bf2810ff
DEV: Plugin api function to add saveable user fields (#10774) 2020-09-29 08:44:19 -07:00
Joffrey JAFFEUX de94506c1e
FIX: empty highlighted_languages resulted in ["", "auto", "nohighlight"] (#10772) 2020-09-29 14:34:46 +02:00
David Taylor 1ba9b34b03
DEV: Move UserApiKey scopes to dedicated table (#10704)
This has no functional impact yet, but it is the first step in adding more granular scopes to UserApiKeys
2020-09-29 10:57:48 +01:00
Arpit Jalan 91ac70a32d UX: increase input width on accept invite page. 2020-09-29 10:12:23 +05:30
awesomerobot ffdcac9dfc UX: Replace cog icon in user menu with user icon 2020-09-28 22:26:56 -04:00
Martin Brennan 4193eb0419
FIX: Respect force download when downloading secure media via lightbox (#10769)
The download link on the lightbox for images was not downloading the image if the upload was marked secure, because the code in the upload controller route was not respecting the dl=1 param for force download.

This PR fixes this so the download link works for secure images as well as regular ligthboxed images.
2020-09-29 12:12:03 +10:00
Penar Musaraj aca2697a42
UX: Don't truncate category names in search panel
But keep truncating long category names in hamburger menu.
2020-09-28 21:59:45 -04:00
Martin Brennan 3cd601dcc9
FIX: Admin change email for user process improvements and fixes (#10755)
See https://meta.discourse.org/t/changing-a-users-email/164512 for context.

When admin changes an email for a user, we were incorrectly sending the password reset email to the user's old address. Also the new email does not come into effect until the reset password process is done, so this PR adds some notes to the admin to make this clearer.
2020-09-29 09:45:45 +10:00
Arpit Jalan edad403049 UX: fix styling for posts and views advanced search 2020-09-28 21:44:33 +05:30
Joe 72361738d0
DEV: don't add username to share links when badges are disabled (#10730)
Context: https://meta.discourse.org/t/stop-appending-username-to-url-when-badge-system-disabled/164904

Share links for topics and posts have the current username appended to them when the user is logged in. 

If badges are disabled, those added usernames are not beneficial since they're only used to track progress towards certain badges. 

This PR makes two change. 

1. it moves the logic for the share link url to a centralized helper because it's shared in both topic and post models. 
2. it stops username params from being added to share links when badges are disabled.
2020-09-29 00:12:16 +08:00
Arpit Jalan f7940b1d20
FEATURE: advanced search option for max posts count (#10761)
This commit adds an option to search for max posts count and updates
the UI for posts count search to show a min/max range in single line.
2020-09-28 21:34:16 +05:30
Joffrey JAFFEUX c230d2e443
FIX: prevents scrollbar jumping in the emoji picker (#10749)
This was mostly due to `content-visibility: auto;` but setting the width/height is also a good practice.
2020-09-28 13:23:46 +02:00
Arpit Jalan 50d53508b1 UX: show range for advanced search views filter. 2020-09-28 16:07:44 +05:30
Arpit Jalan 4498c59085 FEATURE: add alias for min_post_count search filter 2020-09-28 16:07:44 +05:30
Krzysztof Kotlarek e7c72cd1e4
FIX: deprecate whitelist constants (#10716)
Deprecation of:
WHITELISTED_REDIRECT_HOSTNAMES
CUSTOM_INTERPOLATION_KEYS_WHITELIST
WHITELISTED_SVG_ELEMENTS
2020-09-28 13:52:05 +10:00
jjaffeux bab56fdb9d Revert "UX: Prevent categories from overflowing select-kit"
This reverts commit f1ac3cf888.
2020-09-26 22:14:52 +02:00
awesomerobot 6acd2ab7d4 UX: Allow horizontal scroll on mobile post buttons 2020-09-25 21:06:17 -04:00
awesomerobot 7c206b321f theme settings need some bottom margin 2020-09-25 20:34:29 -04:00
awesomerobot f1ac3cf888 UX: Prevent categories from overflowing select-kit 2020-09-25 19:31:41 -04:00
Mark VanLandingham b8015ab654
FIX: Dismiss unread respects tracked query param (#10714)
* WIP:  'dismiss...' respectes tracked query param

* Address review comments

* Dismiss new respects query params

* Remove comment

* Better variable name

* remove self
2020-09-25 12:39:37 -07:00
jbrw 4421820354
FIX: don’t include category in quote topic title, if present 2020-09-25 15:01:57 -04:00
Penar Musaraj f031869e08
UX: Center wizard vertically 2020-09-25 11:05:10 -04:00
Penar Musaraj ea59f43f6c
UX: Use pointer cursor for wizard buttons 2020-09-25 09:44:32 -04:00
Penar Musaraj b1692422b1
FEATURE: Support using system font in wizard font step (#10742)
Co-authored-by: Bianca Nenciu <nbianca@users.noreply.github.com>
2020-09-25 09:39:14 -04:00
Penar Musaraj 8fcfb9586c
FEATURE: Dark-mode-friendly wizard (#10739)
Co-authored-by: Jordan Vidrine <jordan@jordanvidrine.com>
2020-09-25 08:56:23 -04:00
Mark VanLandingham 1a29801e2d
UX: More upbeat message when topic list is empty (#10740) 2020-09-24 12:05:58 -07:00
Justin DiRose 82a18f125f
FIX: Don't skip the new user badge (#10743)
The NewUserOfTheMonth badge is part of the Badges::GettingStarted group. This group is skipped in BadgeGranter if the user skips the new user tips. However, the NewUserOfTheMonth badge granter job does not account for this. Instead, it notifies the user they've received the badge even if they did not.

This commit introduces a simple fix to allow granting of this badge even to users who skipped the new user tips.
2020-09-24 12:58:31 -05:00
David Taylor f1d64bbbe5
FEATURE: Add a site setting to control automatic auth redirect (#10732)
This allows administrators to stop automatic redirect to an external authenticator. It only takes effect when there is a single authentication method, and the site is login_required
2020-09-24 17:06:07 +01:00
Arpit Jalan cdf45f4fe6 Update regex for views search filter. 2020-09-24 17:05:55 +05:30
Arpit Jalan 0c5cd0d1ef FEATURE: advanced search filters for view count 2020-09-24 15:22:18 +05:30
Osama Sayegh d745568633
DEV: Stop polluting `Class` with deprecated settings methods (#10736)
`self.class` here evaluates to `Class` and then we're calling `define_method` on it which means all classes will have those methods defined in them. For example:

```
~/discourse(master*) » rails c
Loading development environment (Rails 6.0.3.3)
[1] pry(main)> Integer.methods
=> [:sqrt,
 :yaml_tag,
 :email_domains_blacklist=,
 :email_domains_whitelist=,
 :unicode_username_character_whitelist=,
 :user_website_domains_whitelist=,
 :whitelisted_link_domains=,
 :email_domains_blacklist,
 :email_domains_whitelist,
 :unicode_username_character_whitelist,
...
...
```

Fix here is to use `self.define_singleton_method`.
2020-09-24 01:58:53 +03:00
Robin Ward c5a2de99d1 FIX: `mouseEnter` is deprecated in newer Ember releases
This is the recommended fix via:
https://deprecations.emberjs.com/v3.x/#toc_component-mouseenter-leave-move
2020-09-23 15:29:41 -04:00
Robin Ward 1976306539 Add extra locales to bootstrap.json
This allows an app (such as Ember CLI) to get the full list of locales
for a user, including admin and overrides.
2020-09-23 14:48:52 -04:00
Arpit Jalan 3684337e4a FIX: email always settings were not being respected
https://meta.discourse.org/t/email-notification-for-messages/163937/10?u=techapj
2020-09-23 22:00:15 +05:30
Joe 061ab75343 UX: ensures new-topic badge renders consistently
We previously used the "●" Unicode character for this circle. Using Unicode for this means that it's up to the browser / OS  to determine how it renders.

This commit changes it to a CSS shape so that we always get the same rendering regardless of the user's browser / OS.
2020-09-23 23:32:19 +08:00
jbrw 09a97363da
FIX: allow editing in composer before a category is selected (#10724)
* FIX: allow editing in composer before a category is selected

If the site setting `allow_uncategorized_topics` is disabled, but no site categories have a topic template, the textarea of the composer should be enabled. This allows for a post body to be entered, however the post/topic should not be successfully created until a category is selected.

If `allow_uncategorized_topics` is disabled *and* one or more categories have a topic template, the textarea of the composer should remain disabled until a category is chosen (so that the body of their post isn’t overwritten by the template).

* Avoid recalculating hasTopicTemplates repeatedly
2020-09-23 10:28:56 -04:00
Penar Musaraj 59a83634c4
FIX: Use scrollY for current scroll position
This replaces an invalid `window.scrollTop` occurrence, left over from a
jQuery refactoring. It should fix an undesirable "shake effect" I have
run into in Safari when navigating to a reply in the post stream.
2020-09-23 10:21:02 -04:00
Bianca Nenciu eb891778ff
DEV: Do not translate font names (#10723)
Use the names as provided by discourse-fonts and remove the
translated strings.

It also ensures that the selected font is present in case a font will
be removed in the future.
2020-09-23 12:00:07 +03:00
Bianca Nenciu 4abbe3d361
FEATURE: Make search filters case insensitive (#10715) 2020-09-23 11:59:42 +03:00
Vinoth Kannan 1504fe7231 DEV: make it possible to enable cdn in development environment. 2020-09-23 11:52:16 +05:30
awesomerobot 6977f78266 A11Y: Hide post avatar link from screen readers 2020-09-22 22:23:10 -04:00
Kris cba3d3782d
A11Y: Add label to share link input (#10717) 2020-09-22 17:26:03 -04:00
Kris 614e0bab57
A11Y: Don't show title attr on post avatars (#10719) 2020-09-22 16:21:21 -04:00
Robin Ward ce3fe2f4c4 REFACTOR: Support bundling our `admin` section as an ember addon 2020-09-22 15:14:29 -04:00
Joffrey JAFFEUX 530d9ab071
DEV: enforces eslint’s curly rule to the codebase (#10720)
eslint --fix is capable of fix it automatically for you, ensure prettier is run after eslint as eslint --fix could leave the code in an invalid prettier state.
2020-09-22 16:28:28 +02:00
Krzysztof Kotlarek 69fdd32fbb
FIX: prettier popular-themes.js (#10718)
Add trailing comas
2020-09-22 13:08:57 +10:00
awesomerobot 23b962d934 A11Y: Label posters column on topic lists 2020-09-21 23:03:42 -04:00
tshenry 11ce7b5e18
Fix prettier offenses 2020-09-21 19:39:45 -07:00
tshenry 3fe646b94d
FIX: Replace broken Material Design preview link
The original link points to a site that no longer exists. This moves the preview to theme-creator, aligning with the rest of our theme previews.
2020-09-21 18:48:45 -07:00
Krzysztof Kotlarek 0bb51dcbfa
FIX: TL2 promotion message and advance training (#10679)
This is a little bit of refactoring. Core Discourse should have default promotion message for TL2.

In addition, when the Discobot plugin is enabled, the user is invited to advanced training
2020-09-22 10:17:52 +10:00
Krzysztof Kotlarek c934a0f759
FIX: don't error Topic#similar_to when prepared raw is blank (#10711)
If raw contains incorrect URL, `prepare_data` returns empty string:

https://github.com/discourse/discourse/blob/master/lib/search.rb#L91

Therefore we should not only check if the cooked post is not blank but also if prepared data is not blank.
2020-09-22 07:53:12 +10:00
jbrw 8dac8abdb4
DEV - write JS files to versioned subdirectories (#10707)
* DEV - write JS files to versioned subdirectories

* Cleaner JS in cacheBuster
2020-09-21 15:06:56 -04:00
Penar Musaraj f7ca93b2fa
FIX: Do not downcase group name in notification payload
Followup to 3d39b4bb
2020-09-21 13:33:29 -04:00
Jarek Radosz 1db8315a8b UX: Remove the post number from a composer label
It didn't provide much value to users as it often didn't match the number visible in the topic timeline. That's because `postNumber` is an implementation detail, while the timeline counts only full visible posts (no whispers, topic action notices, etc.)
2020-09-21 14:47:36 +02:00
Jarek Radosz b2adbead59 DEV: Apply `unselectable` style consistently 2020-09-21 13:32:46 +02:00
Jarek Radosz fc299bed0d UX: Replace "Loading..." in quotes with a spinner 2020-09-21 13:26:19 +02:00
Vinoth Kannan 6b818fb855 FIX: use normal logo in published pages if small not available.
It was returning an error if small logo is not available. If both logos are not available then it will be hidden now.
2020-09-21 09:20:39 +05:30
Sam Saffron dce518477c
FIX: if no group is found, raise correct error
Previously missing group could lead to an error cause can_see_group_messages
expects a group.
2020-09-21 10:27:08 +10:00
Sam Saffron cba5baa427
FIX: compensate for typographer
typographer can change " to ” leading to breakages in parser

At least codify this. Longer term we want to re-prioritize typographer so
it always runs after bbcode parsing.
2020-09-21 09:44:37 +10:00
Sam Saffron a91ee45de9
FIX: Nested quotes in BBCode
Previously attributes such as `[test a='a"a' b="a'a"]` were not correctly
handled.

This amends the regex parser to ensure it correctly parses attributes
without breaking incorrectly on the first nested quote
2020-09-21 08:56:25 +10:00
Joffrey JAFFEUX 50647366ed
FIX: NotificationLevels import was incorrect (#10709)
This was causing NotificationLevels.muted to be undefined.
2020-09-19 11:27:20 +02:00
Robin Ward 9c1e21b874 REFACTOR: Remove dead code (mouseMove)
We don't delegate `mouseMove` so this code has not been called in a long
time. It also seems that `screenX`/`screenY`/`lastX`/`lastY` was never
used so they were removed too.
2020-09-18 13:57:12 -04:00
Robin Ward ba3014f9f9 REFACTOR: Do not rely on module order for discourse-markdown loading
Before this patch, discourse-markdown depended on the modules in its
bundle being defined in a specific order or it wouldn't load properly.

Now, any file in the bundle can export a `priority` const (default 0)
and files will be loaded in order of ascending priority instead. This
allows us to use a bundle packaged in any order we want.
2020-09-18 13:31:55 -04:00
Penar Musaraj 23abd0d953
UX: Update dark mode styling of new user overlay (#10694) 2020-09-18 12:02:28 -04:00
Penar Musaraj fec6411fbf
UX: Landscape spacing in iOS devices with a notch
Avoids some content being covenred by the notch in some iOS devices.
2020-09-18 11:59:40 -04:00
Roman Rizzi f85f73be88
FEATURE: Review posts with media. (#10693)
To check if a post contains any embedded media, we look if the "image_sizes" attribute is present in the new post manager arguments.

We want to see one boxed links, but we only store the raw content of the post. To work around this, I extracted the onebox logic from the composer editor into a module.
2020-09-18 12:45:09 -03:00
Robin Ward f3156a6478 REFACTOR: Move the `discourse-markdown` engine out of the addon repo
The reasoning here is that we want to make a unique bundle for this
folder and the default approach is to include everything in `addon`.
2020-09-18 11:42:22 -04:00
Joffrey JAFFEUX cc2a306936
FIX: hidden was defined as static instead of relying on attribute (#10701)
This commit also:
- deprecate an old way of using actions for future removal
- removes all the hidden/block/... logic, as we just rely on parent being displayed or not
2020-09-18 15:11:34 +02:00
Penar Musaraj 3d39b4bbb5
FIX: Do not downcase group name in current user serializer 2020-09-17 13:03:42 -04:00
Penar Musaraj dbdb5b9a47
DEV: Use border-box sizing for admin controls
Fixes floating issues in admin site settings on screen widths between
768 and 880 pixels. This also cleans up spacing on mobile.
2020-09-17 11:49:41 -04:00
Jordan Vidrine 931d8725de
FEATURE: Diffrentiate between group + individual mentions (#10691)
* FEATURE: Diffrentiate between group + individual mentions

This commit adds the necessary code for Discorse core to differentiate between group + individual mentions in the notification user panel and notification page.

It changes the group mention icon from `at` to `users` as well as adds context as to which group was mentioned in the topic.
2020-09-17 10:23:19 -05:00
Osama Sayegh a92d88747e
DEV: Add ENV variable for enabling MiniProfiler snapshots (#10690)
* DEV: Add ENV variable for enabling MiniProfiler snapshots

* MiniProfiler is not loaded in test env
2020-09-17 18:18:35 +03:00
Daniel Waterworth 6e69c25134 FIX: Use asset_hostnames in rails_multisite
We want to respond to the x-forwarded-for host from the CDN too.
2020-09-17 10:32:43 +01:00
Guo Xiang Tan b47b640598
FEATURE: Hidden `SiteSetting.keep_old_ip_address_count` to track IP history. 2020-09-17 12:50:39 +08:00
Martin Brennan 80268357e7
DEV: Change upload verified column to be integer (#10643)
Per review https://review.discourse.org/t/dev-add-verified-to-uploads-and-fill-in-s3-inventory-10406/14180

Change the verified column for Upload to a verified_status integer column, to avoid having NULL as a weird implicit status.
2020-09-17 13:35:29 +10:00
Neil Lalonde b207842720
FIX: group tag notifications included for all users
Regression from my last commit
2020-09-16 16:02:28 -04:00
Neil Lalonde 04be39ed46
FIX: don't show Tags tab in group management if tags are disabled 2020-09-16 15:43:11 -04:00
Neil Lalonde 8333872e88
FIX: N+1 for admins viewing groups page
Groups page was loading fields that are only used on the group show
page, so move those fields to the GroupShowSerializer.
Also only fetch the default category and tag notifications once.
2020-09-16 14:58:52 -04:00
Joffrey JAFFEUX 28cd1aaf8e
FIX: uses get() on properties of groups/badges which could be POJOs (#10682) 2020-09-16 16:45:11 +02:00
Joffrey JAFFEUX 02dec8c209
UI: minor size/spacing inconsistencies in search advanced options (#10681) 2020-09-16 15:05:19 +02:00
Joffrey JAFFEUX 4af48f7998
FIX: attempts to make autofocus more resilient in modals (#10680)
The current situation could cause a transition on the button to end after/during modal has shown and causing the button to get focus again. Browsers would then refuse to switch focus.

This is a kinda convulted solution, but it's a general purpose solution which doesn't involve changing anything in plugins/themes or core templates.
2020-09-16 11:05:02 +02:00
Arpit Jalan 32d6286bea FIX: category slug route was not working for subfolder setup
https://meta.discourse.org/t/relative-url-root-issues-incorrect-latest-link-incorrect-redirect/163266

URLs like `/forum/c/staff` (subfolder setup) were landing on
`/forum/forum/c/staff/3`. Note the extra "/forum". This commit
strips the redundant subfolder path from category URL.
2020-09-16 12:09:16 +05:30
Robin Ward 8c384ae6b8 Create proper shim for xss library - second attempt 2020-09-15 10:42:51 -04:00
Penar Musaraj 273db57d6e
FEATURE: Allow admins to delete user SSO records in the UI (#10669)
Also displays the user's last payload in the admin UI to help with debugging SSO issues.
2020-09-15 10:00:10 -04:00
Penar Musaraj 6d7b8a71c0
FIX: topic progress wrapper positioning regression
Followup to 94ed54a616
2020-09-15 09:38:06 -04:00
Jarek Radosz 02e6f4c5d4 UX: Remove extraneous ellipsis after "loading"
The "loading" string already contains an ellipsis: 5990c71c29/config/locales/client.en.yml (L1480)
2020-09-15 15:22:46 +02:00
Joffrey JAFFEUX 15b3477145
FIX: img width and height should be in quotes (#10675) 2020-09-15 11:39:12 +02:00
Joffrey JAFFEUX 53e281a3fd
FIX: simplifies updating searchedTerms from connectors (#10674) 2020-09-15 11:21:38 +02:00
Joffrey JAFFEUX 324aa3eb61
REFACTOR: reworks all the search-advanced-options panel (#10661)
* REFACTOR: reworks all the search-advanced-options panel

This commit includes the following changes:
- prevents any mutation of external (to the component) values
- get rid of observers
- uses @action
- minor UI tweaks
- dropped the unecessary debounce
- drops all the legacy code for badges/groups which is not being used
- replaces user-selector by user-chooser and improves multi-select to not show `search` if maximum has been reached

Most importantly this refactor should fix multiple bugs due to _update() being called multiple times if searchTerm was empty and other various bugs where some changes in searchTerm was not applied to the sidebar.
2020-09-15 09:39:12 +02:00
Guo Xiang Tan 49f53bdc50
DEV: Fix another `MessageBus::InvalidMessageTarget` error.
Follow-up to c2f2b57a9b.
2020-09-15 14:25:10 +08:00
Guo Xiang Tan f7438fc64b
DEV: Fix `MessageBus::InvalidMessageTarget` error after upgrading mb.
Follow-up to c2f2b57a9b
2020-09-15 14:15:42 +08:00
Guo Xiang Tan e3b4632f04
Revert "Create proper shim for xss library"
This reverts commit 30e9112535.
2020-09-15 11:38:40 +08:00
jbrw b2f556232f
REFACTOR: improve readability of cacheBuster 2020-09-14 16:46:17 -04:00
Robin Ward 30e9112535 Create proper shim for xss library 2020-09-14 15:57:32 -04:00
Robin Ward 7699b90f1a FIX: Wizard does not include `discourse-shims`
This allowed tests to pass even when wizard was broken, which is
obviously very bad.
2020-09-14 12:34:16 -04:00
Joffrey JAFFEUX 9238a9e427
FIX: adds shims for popper in wizard (#10658) 2020-09-14 12:33:14 -04:00
Faizaan Gagan 21adc07057
FIX: upload errors were sometimes not displayed properly (#10605) 2020-09-14 00:13:38 -07:00
Joffrey JAFFEUX e02da64091
FIX: Make form use /u/admin-login instead of /users/admin-login (#10663) 2020-09-14 12:27:06 +10:00
Martin Brennan 5268568d23
FEATURE: Remove user topic timers and migrate to bookmarks with reminders (#10474)
This PR removes the user reminder topic timers, because that system has been supplanted and improved by bookmark reminders. The option is removed from the UI and all existing user reminder topic timers are migrated to bookmark reminders.

Migration does this:

* Get all topic_timers with status_type 5 (reminders)
* Gets all bookmarks where the user ID and topic ID match
* Loops through the found topic timers
  * If there is no bookmark for the OP of the topic, then we just create a bookmark with a reminder
  * If there is a bookmark for the OP of the topic and it does **not** have a reminder set, then just 
update it with the topic timer reminder
  * If there is a bookmark for the OP of the topic with a reminder then just discard the topic timer
* Cancels all outstanding user reminder topic timers
* **Trashes (not deletes) all user reminder topic timers**

Notes:

* For now I have left the user reminder topic timer job class in place; this is so the jobs can be cancelled in the migration. It and the specs will be deleted in the next PR.
* At a later date I will write a migration to delete all trashed user topic timers. They are not deleted here in case there are data issues and they need to be recovered.
* A future PR will change the UI of the topic timer modal to make it look more like the bookmark modal.
2020-09-14 11:11:55 +10:00
Joffrey JAFFEUX 0a4a273ccc
FEATURE: adds support for mobile view on page publishing (#10662) 2020-09-13 13:50:23 +02:00
Joffrey JAFFEUX e8053d17f6
FIX: selected diversity was off by one (#10659) 2020-09-12 09:44:45 +02:00
Robin Ward 24f19e8372 Revert "FIX: Was using a global `Popper` variable"
This reverts commit 05831c2b42.
2020-09-11 17:30:53 -04:00
Robin Ward 7887aaf587 FIX: `isVisible` is no longer allowed even if used properly
This changes it to `shouldShow` instead.
2020-09-11 15:05:50 -04:00
Robin Ward 05831c2b42 FIX: Was using a global `Popper` variable 2020-09-11 15:02:12 -04:00
Robin Ward ac08dfac45 FIX: Ember has deprecated `isVisible` in newer versions 2020-09-11 14:53:44 -04:00
Joffrey JAFFEUX 07d7adb8b4
UX: makes emoji picker case insensitive (#10655) 2020-09-11 19:54:19 +02:00
jbrw 033cebf978
DEV - versions of JS files written to a JS file to be included by loa… (#10649)
* DEV - versions of JS files written to a JS file to be included by load-script and appended as params to URLs

* Formatting

* Incorporate feedback from PR

* Update filename of public-js-versions
2020-09-11 13:53:56 -04:00
Joffrey JAFFEUX 10bdf36a24
FIX: ensures focus is dropped before focus hyperlink input (#10653) 2020-09-11 16:45:51 +02:00
Joffrey JAFFEUX d9aa105c8e
FIX: wrap modal onShow inside next (#10651)
Before this commit, onShow code could be impacted by code happening after the onShow call. This should ensure this code works for example:

```
onShow() {
  afterRender(() => {
    someInput.focus();
  })
}
```
2020-09-11 16:00:31 +02:00
Roman Rizzi 636a3be827
UX: Make the api-keys new and show page a little more responsive (#10629) 2020-09-11 10:38:28 -03:00
Guo Xiang Tan 543e972fec
PERF: Remove category_user lookup when loading private messages.
Private messages do not belong to categories so the query is unnecessary
overhead.
2020-09-11 16:26:38 +08:00
Guo Xiang Tan cd78bcee3a
DEV: Avoid creating the same object repeatedly.
Less objects created per request means less objects for the GC to
collect.
2020-09-11 15:51:11 +08:00
Guo Xiang Tan dbc630f45b
PERF: Fix N+1 queries on private messages route. 2020-09-11 15:20:27 +08:00
Vinoth Kannan 9e4ed03b8f FEATURE: moderators allowed to view groups which members can see.
Currently, if a group's visibility is set to "Group owners, members" then the mods can't view those group pages. The same rule is applied for members visibility setting too.

This reverts commit 7fc7090. And fixed the spec test fails.
2020-09-11 08:20:13 +05:30
Guo Xiang Tan 245d29e5a3
SECURITY: Mod should not see `group_users` and `second_factor_enabled`.
Moderators should not be able to see `UserSerializer#group_users` and `UserSerializer#second_factor_enabled` of other users.

Impact of leaking this is low because the information leaked is not
exploitable.
2020-09-11 10:23:35 +08:00
Guo Xiang Tan 468417a716
PERF: Fix broken memoization in `GroupShowSerializer`. 2020-09-11 10:08:06 +08:00
Guo Xiang Tan 7fc70900d2
Revert "FEATURE: moderators allowed to view groups which members can see."
Build is broken.

This reverts commit 2bf0c4188b.
2020-09-11 10:04:54 +08:00
Kane York e0a0928420
FEATURE: Add bookmarks to the user export (#10591) 2020-09-11 11:03:22 +10:00
Vinoth Kannan 2bf0c4188b FEATURE: moderators allowed to view groups which members can see.
Currently, if a group's visibility is set to "Group owners, members" then the mods can't view those group pages. The same rule is applied for members visibility setting too.
2020-09-11 03:33:44 +05:30
Gerhard Schlager ac70c48be4 FIX: Prevent "uploads are missing in S3" alerts after restoring a backup
After restoring a backup it takes up to 48 hours for uploads stored on S3 to appear in the S3 inventory. This change prevents alerts about missing uploads by preventing the EnsureS3UploadsExistence job from running in the first 48 hours after a restore. During the restore it  deletes the count of missing uploads from the PluginStore, so that an alert isn't triggered by an old number.
2020-09-10 21:37:48 +02:00
Vinoth Kannan ba2f3119c0 UX: display moderators group name in the group dropdown menu. 2020-09-11 00:06:40 +05:30
Penar Musaraj 94ed54a616
DEV: Small refactor of topic progress wrapper positioning (#10646)
This moves the logic for horizontally placing the topic progress wrapper from the JS component to SCSS. Doing so means it is more easily overridable by themes and plugins.

This also changes the left/right spacing from 1em to 2em for non-mobile screens (it fits better on iPad portrait especially).
2020-09-10 13:29:14 -04:00
Ahmed Gagan ddab7cc239
DEV: Add plugin api to permit bulk_action parameters (#10638) 2020-09-10 17:18:45 +01:00
Arpit Jalan 296c707f55 FEATURE: show existing tag name on rename modal
FIX: tags_filter_regexp was not being applied on tag rename
2020-09-10 21:45:05 +05:30
Robert dee451605b
FEATURE: add user opt to select bookmarks as home (#10597)
Admins can currently add the bookmarks discovery route link
to the homepage interface, but users can't presently select
that as their default home view.  This change facilitates that,
adding the option to the existing Default Home Page dropdown on
the User Preferences Interface page.
2020-09-10 11:13:12 -04:00
Jordan Vidrine 5a34c7cc9e FIX: Adds important declaration to `.hidden` utility/helper class
This commit adds the `!important` declaration to `.hidden` utility/helper class. Without the `!important` declaration, it is not applied correctly across the site.
2020-09-10 11:06:50 -04:00
Neil Lalonde 53ffbc8d6e
DEV: add plugin outlet below the categories-only component 2020-09-10 10:39:04 -04:00
Joshua Rosenfeld 86764f3aac
Revert "PERF: Use 1 query to load group and tag notification default."
This reverts commit 5ef9d4d537.

The reverted commit caused issues, https://meta.discourse.org/t/there-are-no-visible-groups/163604. Reverting until further fixes can be put in place.
2020-09-10 08:52:53 -04:00
Guo Xiang Tan f27de87bf3
FIX: Update first_pm_unread_at of user's groups without unread.
If a user always read all group messages, we will never update the
`first_pm_unread_at` column since the previous query will not return the
group_user. Instead, we should update `first_pm_unread_at` to the
current timestamp if the user has read everything.

Follow-up to 9b75d95fc6
2020-09-10 17:19:38 +08:00
Guo Xiang Tan 81d3c4a7a1
DEV: Remove unused function. 2020-09-10 15:11:35 +08:00
Guo Xiang Tan 5ef9d4d537 PERF: Use 1 query to load group and tag notification default. 2020-09-10 13:19:43 +08:00
Martin Brennan 40d5739a80
DEV: Review fixes for bookmark-list (#10642)
Make removeBookmark return a promise and do not use setProperties for no reason.

More context at https://review.discourse.org/t/fix-add-bookmark-list-component-10451/14450/3
2020-09-10 15:01:53 +10:00
Guo Xiang Tan 521782fc9c
FIX: Search checkboxes incorrectly being checked on similar prefix.
Incorrect search filters like `in:personalasd` will end up checking the
checkbox for `in:personal` because the regexp used was only doing prefix
matching.
2020-09-10 11:49:52 +08:00
Martin Brennan 7f2f87bf59
DEV: Review fixes (#10641)
See comments in https://review.discourse.org/t/dev-imap-log-to-database-10435/14337/6 for context.
2020-09-10 13:41:46 +10:00
Martin Brennan dede942007
FEATURE: Allow email image embed with secure media (#10563)
This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced:

* `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them.
* `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`.

`Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients.

All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`.

Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions.

![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-10 09:50:16 +10:00
Ahmed Gagan 097f06b4fa
DEV: Add plugin api for adding to search-advanced-options dropdowns (#10606) 2020-09-09 15:17:39 +01:00
Joffrey JAFFEUX 38c934e1e1
UX: prevents auto capitalize/correct in the emoji picker (#10636) 2020-09-09 15:43:18 +02:00
Guo Xiang Tan 4994b0ed34
PERF: Remove an unncessary query when check for dark mode. 2020-09-09 15:18:52 +08:00
Guo Xiang Tan fb7bbae3f4
PERF: Memoize calls to `ApplicationHelper#scheme_id`.
The same query was executed 4 times per full page load.
2020-09-09 15:15:15 +08:00
Guo Xiang Tan 9b75d95fc6 PERF: Keep track of first unread PM and first unread group PM for user.
This optimization helps to filter away topics so that the joins on
related tables when querying for unread messages is not expensive.
2020-09-09 14:05:41 +08:00
Robin Ward 4dd07843c6 FIX: We have changed the way `__widget_helpers` are resolved 2020-09-08 12:10:59 -04:00
Joffrey JAFFEUX 8413d27cf2
FIX: handles different cases of canInvite/canRemove states in PM (#10607) 2020-09-08 16:35:59 +02:00
dependabot[bot] d21119ee4f Build(deps): Bump lodash in /app/assets/javascripts/pretty-text
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:45 -04:00
dependabot[bot] 00e2339e82 Build(deps): Bump lodash in /app/assets/javascripts/discourse-common
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
2020-09-08 10:25:31 -04:00
Joffrey JAFFEUX 02495510e8
FIX: workaround constructor name not available after transpilation (#10623)
This is only reproducible en production build. In this case, constructor.name could be any value like "i" for example.
2020-09-08 10:14:41 +02:00
Guo Xiang Tan b0f22f2523
SECURITY: Remove indication that a group exists if user can't see it.
Minor security fix but we should not leak any hints that a group exists
even if a user does not have access to the group.
2020-09-08 10:53:48 +08:00
Guo Xiang Tan 5ed84d9885
SECURITY: Don't allow moderators to list PMs of all groups.
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
2020-09-08 10:37:00 +08:00
Joffrey JAFFEUX 0b8e7d88fe
FIX: wraps popper call in afterRender and uses createPopper (#10621)
Before this fix, popper was sometimes not applied.
2020-09-07 13:33:52 +02:00
dependabot[bot] 27751ca69f
Build(deps): Bump websocket-extensions (#10617)
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:38 +02:00
dependabot[bot] b191ea4f59
Build(deps): Bump websocket-extensions (#10615)
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:27 +02:00
dependabot[bot] 2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text (#10611)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:02:09 +02:00
dependabot[bot] 6bff8636e2
Build(deps): Bump elliptic in /app/assets/javascripts/discourse-common (#10612)
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:01:37 +02:00
dependabot[bot] 9b187b7e11
Build(deps): Bump http-proxy in /app/assets/javascripts/discourse-common (#10613)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:25 +02:00
dependabot[bot] c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text (#10614)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-09-07 12:00:10 +02:00
awesomerobot 13c9d7e704 UX: Add missing labels to mobile composer buttons 2020-09-04 22:18:29 -04:00
Robin Ward da918ac43e FIX: Allow us to call `script_asset_url` in controllers
Without this patch fingerprinting was not applied in production.
2020-09-04 15:23:01 -04:00
Robin Ward 0f9a58e06f FEATURE: Add stylesheets to bootstrap.json endpoint
This allows API consumers (such as Ember CLI) to dynamically get a list
of styles to embed.
2020-09-04 14:12:49 -04:00
Joffrey JAFFEUX c5b8a47901
FIX: ensures we don't attempt to concat an empty list (#10600) 2020-09-04 19:08:07 +02:00
Bianca Nenciu d4471e0316
FIX: Preload bold fonts in wizard
The bold fonts are used in previews for topic title.
2020-09-04 19:23:46 +03:00
Joffrey JAFFEUX ed05839dfc
FIX: prevents error when opening a composer from a tag page (#10596) 2020-09-04 15:47:22 +02:00
Bianca Nenciu 58b97ace23
DEV: Use a special import to declare font faces (#10583)
Update discourse-fonts to v0.0.3.

Follow-up to 7b7357147e.
2020-09-04 16:25:50 +03:00
Joffrey JAFFEUX 52672b9eab
DEV: apply new coding standards (#10592) 2020-09-04 13:42:47 +02:00
awesomerobot e4ebc303bb FEATURE: Add below-static plugin outlet 2020-09-03 22:58:58 -04:00
Vinoth Kannan ea423b471a FIX: make crawler linkback list compatible with google schema guidelines. 2020-09-04 04:35:32 +05:30
Robin Ward 8c0f18794e FEATURE: Deprecate lodash so we can remove it.
It's currently 240k of Javascript we don't need anymore. It's been
replaced by ES6 and a couple helper functions.
2020-09-03 10:03:33 -04:00
Robin Ward 3a46e44ed8 Rename `merge` to `deepMerge` so it's more clear what it's doing 2020-09-03 10:03:33 -04:00
Robin Ward f365d4639a REFACTOR: Remove `_.isEqual` 2020-09-03 10:03:33 -04:00
Robin Ward c4079780be REFACTOR: Remove `_.merge` 2020-09-03 10:03:33 -04:00
Robin Ward 720cd57fb5 FIX: Convert jQuery array to JS array 2020-09-03 10:03:33 -04:00
Robin Ward 5e5d5b4f35 REFACTOR: Remove `_.last` 2020-09-03 10:03:33 -04:00
Robin Ward 0da953b40e REFACTOR: Remove `_.compact` 2020-09-03 10:03:33 -04:00
Robin Ward c2cfa62000 REFACTOR: Remove `_.intersection` 2020-09-03 10:03:33 -04:00
Robin Ward 0b098566ff REFACTOR: Remove `_.union` 2020-09-03 10:03:33 -04:00
Robin Ward e60d06d880 REFACTOR: Remove `_.isString` 2020-09-03 10:03:33 -04:00
Robin Ward b4444070b3 REFACTOR: Remove `_.groupBy` 2020-09-03 10:03:33 -04:00
Robin Ward 1265a5f7c0 REFACTOR: Remove `_.max` 2020-09-03 10:03:33 -04:00
Robin Ward d06deb0c4f REFACTOR: Remove `_.chain` 2020-09-03 10:03:33 -04:00
Robin Ward 71ddcefffa REFACTOR: Remove `_.filter` 2020-09-03 10:03:33 -04:00
Robin Ward 87b3caf927 REFACTOR: Remove `_.reject` 2020-09-03 10:03:33 -04:00
Robin Ward 2a4dfa83b0 REFACTOR: Remove `_.omit` 2020-09-03 10:03:33 -04:00
Robin Ward 17bca14c4b REFACTOR: Remove `_.sortBy` 2020-09-03 10:03:33 -04:00
Robin Ward 2353794a30 REFACTOR: Remove `_.findIndex` 2020-09-03 10:03:33 -04:00
Robin Ward e3ec7b72d0 REFACTOR: Remove `_.uniq` and use ember version 2020-09-03 10:03:33 -04:00
Robin Ward 66021abe41 REFACTOR: Remove `_.first` from codebase 2020-09-03 10:03:33 -04:00
Robin Ward 55c9c54b8b REFACTOR: Remove `_.range` and use ES6 instead 2020-09-03 10:03:33 -04:00
Robin Ward 115b3b6921 REFACTOR: Remove `_.isEmpty` in favor of the existing version 2020-09-03 10:03:33 -04:00
Robin Ward 65f6a92129 REFACTOR: Replace `_.extend` with `Object.assign` 2020-09-03 10:03:33 -04:00
Robin Ward 2f11457263 REFACTOR: Use `Array.isArray` instead of `_.isArray` 2020-09-03 10:03:33 -04:00
Blake Erickson 67dec38f31 FIX: Gravatar download attempt if user is missing their email
It is possible that a user could exist without an email, if so we should
not enqueue a job to download their gravatar.

This commit resolves this error that can occur:

```
Job exception: undefined method `email' for nil:NilClass
/var/www/discourse/app/models/user.rb:1204:in `email'
/var/www/discourse/app/jobs/regular/update_gravatar.rb:12:in `execute'
```

This commit also fixes the original spec which actually was wrong. The
job never enqueued in the original spec and so the gravatar was never
actually updated and the test was checking if the two values were the
same, but they were both null and never updated, so of course they were
the same!

A new test has also been added to make sure the gravatar job isn't
enqueued when a user's email is missing.
2020-09-02 20:19:46 -06:00
Krzysztof Kotlarek 9954a677ab
FIX: don't send mailing list for post with empty content (#10577)
discourse-assign is creating posts with empty content to show that a specific user was assign/unassigned for a specific topic.

It is causing confusing emails with empty content

The bug was mentioned here: https://meta.discourse.org/t/again-on-empty-emails-and-notifications-generated-on-topic-assignment/162213
2020-09-03 08:58:25 +10:00
Joffrey JAFFEUX de038c0eab
FIX: highlightjs 10 requires some languages to be loaded before others (#10584)
cs is also not present in 10 and relies only on csharp file, but for cs alias to work csharp has to be loaded.
2020-09-02 21:32:57 +02:00
Penar Musaraj 6a837c32e4
DEV: Add class to wizard HTML element 2020-09-02 14:53:38 -04:00
Penar Musaraj 50827684d5
UX: Hide category settings badges checkbox when enable_badges is off 2020-09-02 11:23:59 -04:00
Robin Ward 0a492829ea Add category id to webhook post serializer 2020-09-02 10:42:51 -04:00