Commit Graph

241 Commits

Author SHA1 Message Date
David Taylor afb5ec811d FIX: Don't use DistributedCache to store redis readonly state
This can cause unbound CPU usage in some cases, and excessive logging in other cases. This commit moves redis readonly information into the local process, but maintains the DistributedCache for postgres readonly state.
2019-06-25 11:20:34 +08:00
David Taylor ed21128ee6 FIX: Do not change directory when decompressing S3 inventory
In sidekiq, jobs are run in multiple threads within the same process. `cd` affects the entire process, so can cause unexpected issues in other running jobs.
2019-06-13 17:13:50 +01:00
Sam fa2a5f6f56
FEATURE: SKIP_DB_AND_REDIS env var (#7756)
Sometimes we would like to create a base image without any DB access, this
assists in creating custom base images with custom plugins that already
includes `public/assets`

Following this change set you can run:

```
SPROCKETS_CONCURRENT=1 DONT_PRECOMPILE_CSS=1 SKIP_DB_AND_REDIS=1 RAILS_ENV=production bin/rake assets:precompile
```

Then it is straight forward to create a base image without needing a DB or
Redis.
2019-06-13 12:58:27 +10:00
David Taylor 5666316285 FEATURE: Display 'last updated' on dashboard, improve release notes link (#7560) 2019-05-17 15:42:45 +10:00
Sam Saffron 30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan b7b9960558 DEV: Fix missing port in URLs in development mode. 2019-05-06 13:26:57 +08:00
Vinoth Kannan 92cc57b5da FIX: make 'stats' method compatible with multisite.
a8f410a9c5
2019-05-01 23:34:18 +05:30
Vinoth Kannan a8f410a9c5
FEATURE: Create new helper method 'Discourse.stats' (#7388) 2019-04-17 12:45:04 +05:30
Robin Ward ba6d4b2a8d FIX: Better handling for toggling `must_approve_users`
If you turn it on now, default all users to approved since they were
previously. Also support approving a user that doesn't have a reviewable
record (it will be created first.)

This also includes a refactor to move class method calls to
`DiscourseEvent` into an initializer. Otherwise the load order of
classes makes a difference in the test environment and some settings
might be triggered and others not, randomly.
2019-04-16 15:56:35 -04:00
David Taylor 20cda5d689 DEV: Raise exceptions when jobs fail in test mode
Previously jobs would fail silently in test mode. Now they will raise the exception and cause the relevant test to fail. This identified a few broken tests, which I will fix in a followup commit
2019-04-08 15:59:04 +01:00
David Taylor f524f8f811
Remove Yahoo login support from core and deprecate OpenID2.0 (#7310)
- Plugin developers using OpenID2.0 should migrate to OAuth2 or OIDC. OpenID2.0 APIs will be removed in v2.4.0

- For sites requiring Yahoo login, it can be implemented using the OpenID Connect plugin: https://meta.discourse.org/t/103632

For more information, see https://meta.discourse.org/t/113249
2019-04-08 10:38:25 +01:00
Robin Ward b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
David Taylor 0d3531c2f1 FEATURE: Allow auth providers to define specific icons
Previously we relied on the provider name matching the name of the icon. Now icon names are explicitly set. Plugin providers which do not define an icon will get the default "sign-in-alt" icon
2019-03-27 13:25:04 +00:00
David Taylor 01dd96d178
FIX: Use default frame size for Instagram login
I don't know why this was set to 1x1 pixels, but it shouldn't have been
2019-03-19 18:57:57 +00:00
Guo Xiang Tan 0e0daa2c91 DEV: Prevent race condition when keeping site in readonly mode. 2019-02-20 10:01:18 +08:00
Guo Xiang Tan c29076152d PERF: Reduce hit to Redis server when keeping a site in reaonly mode. 2019-02-19 10:29:08 +08:00
Gerhard Schlager 220944a38a FIX: Unpause sidekiq before adding uploads to backup
tar exits with status 1 when uploads are modified or deleted by a sidekiq job, so we need to treat it like status 0.

According to the documentation it should be safe to ignore status 1 ("Some files differ"):

> If tar was given `--create', `--append' or `--update' option, this exit code means that some files were changed while being archived and so the resulting archive does not contain the exact copy of the file set.

Status 2 ("Fatal error") still results in an exception.
2019-02-12 13:50:50 +01:00
Penar Musaraj d639cadb7a
DEV: Plugin scss errors should break precompile (#6974) 2019-02-07 09:27:42 -05:00
Vinoth Kannan b4f713ca52
FEATURE: Use amazon s3 inventory to manage upload stats (#6867) 2019-02-01 10:10:48 +05:30
Guo Xiang Tan b0adffdef5 FIX: Clear anon cache when clearing recently readonly. 2019-01-22 09:53:04 +08:00
Guo Xiang Tan c732ae9ca9 FIX: Don't update `User#last_seen_at` when PG is in readonly. 2019-01-21 13:29:29 +08:00
Guo Xiang Tan d7660dfe40 FIX: Enabling readonly mode should clear anon cache as well. 2018-12-18 11:56:25 +08:00
Guo Xiang Tan c0aae16f6b FIX: Clear anon cache when disabling readonly mode.
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
Guo Xiang Tan 9e795b9d90 Follow up to 704a122656. 2018-12-17 16:39:46 +08:00
Guo Xiang Tan e75ad37aaf FIX: Switch recently readonly mdoe cache to a `DistributedCache`.
A per process cache is hard to reason about. During PostgreSQL
failovers. The site may bounce in and out of readonly mode depending on
which server and process that a request hits.
2018-12-17 13:28:36 +08:00
Guo Xiang Tan 704a122656 Remove Ruby warning due to assignment in conditional. 2018-12-17 13:08:12 +08:00
Xiao Guan 7ec124fc89 FEATURE: Improved deprecation warnings (#6722)
* FEATURE: Discourse.deprecate can report version

* Ember counterpart for deprecation
2018-12-06 11:38:01 +00:00
Gerhard Schlager 555f467727 DEV: Add less confusing aliases for base_uri and base_url_no_prefix 2018-11-07 11:33:52 +01:00
Guo Xiang Tan 1c9b5e75e7 DEV: Support post deployment migrations for plugins. 2018-10-09 13:11:45 +08:00
Guo Xiang Tan 40fa96777d
FEATURE: Post deployment migrations. (#6406)
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.

The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.

```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```

To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
Guo Xiang Tan be89f593f9 DEV: Include caller in error message for `Discourse#execute_command`. 2018-08-17 16:17:07 +08:00
Régis Hanol de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Sam 6cae47aa53 collect extra environment correctly 2018-08-13 16:33:28 +10:00
Sam 168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Gerhard Schlager 6ddf7fcd1f Fix warnings about already initialized constants 2018-08-09 17:29:02 +02:00
Sam ed4c0f256e FIX: check permalinks for deleted topics
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
David Taylor 812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Neil Lalonde 4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
David Taylor eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Guo Xiang Tan 97d8cd820e No need to expire readonly mode key immediately. 2018-06-21 17:52:42 +08:00
Sam 44091f20c6 DEV: allow for method deprecation using Discourse.deprecate
New method deprecator will ensure one log message an hour happens
for all deprecated method calls per call site

Also removes unused monkey patches to ActiveRecord::Base
2018-06-20 17:53:49 +10:00
Guo Xiang Tan 41c1e1b302 FIX: `Discourse.keep_readonly_mode` does not work for multisite. 2018-06-19 15:44:08 +08:00
Guo Xiang Tan 34e4c8f573 FIX: `Discourse.keep_readonly_mode` spins a new thread each time it is called. 2018-06-19 10:24:08 +08:00
Guo Xiang Tan c34100d1e7 Remove unused variable. 2018-06-15 07:45:51 +08:00
Sam Saffron 6123f61f5f seconds is not needed here 2018-06-14 20:53:24 +10:00
Sam 87fabdc2f3 FIX: correct pool reaper
This removes a freedom patch and replaces with a custom reaper thread
it also captures an issue where reaper would fail when connections where
empty
2018-06-14 18:22:02 +10:00
Sam 71aa20bd30 FIX: pool drainer to use Rails 5.2 implementation
old implementation did not reap abandoned connections
2018-06-14 15:54:48 +10:00
Guo Xiang Tan 805fd17b23 ActiveRecord in Rails 5.2 discards connection pools after fork. 2018-06-12 09:30:52 +08:00
Guo Xiang Tan bfa0f71e2b FIX: `Discouse.keep_readonly_mode` incorrect extends expiry. 2018-06-12 00:21:29 +08:00
Guo Xiang Tan aa5805e8b0 Revert "Initialize the v8 context after forking."
This reverts commit 41c4e32e64.
2018-06-06 14:33:20 +08:00
Guo Xiang Tan 41c4e32e64 Initialize the v8 context after forking. 2018-06-05 11:36:38 +08:00
Guo Xiang Tan bbc85258c9 Rename `display_plugins` -> `visible_plugins`. 2018-05-09 07:52:45 +08:00
Guo Xiang Tan c6f45fcfdb Expose an API for plugins to be hidden on the admin plugin page. 2018-05-08 13:24:58 +08:00
Guo Xiang Tan 45fe5dc793 `$redis.client` -> `$redis._client`.
See c239abb43c
2018-04-20 13:01:17 +08:00
Guo Xiang Tan 142571bba0 Remove use of `rescue nil`.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Sam f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Robin Ward 569e57f0a9 FIX: Delete the invalid auth cookie even if you hit the rate limit 2018-02-09 19:09:54 -05:00
Sam 4f946319b4 improve warning text 2018-01-19 08:32:15 +11:00
Sam 25f4d98307 improve error logging for warn_exception 2018-01-05 09:54:42 +11:00
Robin Ward aed37770e3 FIX: Load the route format before discourse 2017-12-21 16:29:11 -05:00
Sam 6c82a50903 Improve error handling in hijacked code 2017-12-01 16:23:32 +11:00
Sam f52111f787 FEATURE: allow plugins to easily detect if running in Rack
Usage: Discourse.running_in_rack? to tell if rack was booted
2017-11-16 08:39:29 +11:00
Sam 70bb2aa426 FEATURE: allow specifying s3 config via globals
This refactors handling of s3 so it can be specified via GlobalSetting

This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3

It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Sam a4d4db4f0c PERF: code not correctly caching git commands
Every check for Discourse version could result in shelling out.
2017-10-04 14:22:38 +11:00
Robin Ward 460ed3c8cf Revert "Allow `NotFound` to specify an optional `Location` for the resource"
This reverts commit 4ae66c9e01.
2017-09-26 12:58:24 -04:00
Robin Ward 4ae66c9e01 Allow `NotFound` to specify an optional `Location` for the resource 2017-09-26 09:10:18 -04:00
Robin Ward d1ebc62065 The ability to display errors on flagging actions. 2017-09-25 12:28:01 -04:00
Robin Ward 717ed75fc4 Add warning when plugins changed by `tmp` was not removed 2017-09-08 13:38:46 -04:00
Guo Xiang Tan 4d840d10db PERF: Reduce number of Redis hits per requests. 2017-09-07 13:34:27 +08:00
Sam Saffron 7f8a90ef63 remove non english comment 2017-08-31 17:00:37 -04:00
Sam 552fbd3c8d lint 2017-08-28 12:25:34 -04:00
darix 4b5724ec02 Extend config/version.rb with more informations (#5061)
This gives installations not using git checkouts
to provide all the informations needed for the
internal version checks and version display in
the dashboard.

The build:stamp rake task was extended to also
add the new informations.
2017-08-28 12:24:56 -04:00
Guo Xiang Tan 0e656ff213 FIX: Can't reset AR schema cache due to versions table. 2017-08-17 19:27:35 +09:00
Guo Xiang Tan 86adc8d717 Fix typo. 2017-08-16 13:06:47 +09:00
Guo Xiang Tan ed851dbfff FIX: Avoid publishing a gigantic payload.
* Certain sites have way too many categories.
2017-08-16 11:38:30 +09:00
Guo Xiang Tan 3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan 439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Erick Guan 468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Guo Xiang Tan 5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Robin Ward d2490cbbb8 Test failures for Inline Onebox 2017-07-20 16:01:16 -04:00
Robin Ward 3882722195 FEATURE: Inline (Mini) Oneboxing
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Guo Xiang Tan e7c972ac89 FIX: Don't use backticks that take in inputs. 2017-03-17 15:33:51 +08:00
Sam 1935f624b8 FEATURE: reset active record cache in sidekiq if needed
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Robin Ward adb73180f7 FEATURE: Let plugins register themes easily 2017-01-13 11:50:52 -05:00
Régis Hanol dfb633fde3 remove 'already initialized constant' warning 2017-01-11 11:03:36 +01:00
Guo Xiang Tan cdd550e947 Use a different Redis key when PG failover sets site to readonly mode. 2017-01-11 16:38:49 +08:00
Guo Xiang Tan 22059d4df9 Add Rake task to clean up unused multisite Redis keys. 2016-12-05 11:46:34 +08:00
Guo Xiang Tan e8a3043129 Spawn a single thread that checks for PostgreSQL fallback. 2016-11-17 13:52:08 +08:00
Sam f4c754b389 FEATURE: split JavaScript application bundle, so plugins live in own file
This adds plugin.js and plugin_third_party.js files
2016-11-15 11:43:13 +11:00
Sam c995fd65be fix oops 2016-11-02 17:00:24 +11:00
Sam 7e43e73df6 FIX: properly reset all contexts after forking
Fixes hang on backup
2016-11-02 13:34:20 +11:00
Guo Xiang Tan 2f39293867 FIX: User enabled readonly mode was not working. 2016-08-25 23:31:59 +08:00
Robin Ward 2891f230d1 SECURITY: Make sure uploaded_urls have corresponding upload records 2016-07-28 13:54:17 -04:00
Sam Saffron 6777bd2629 warm up v8 after fork 2016-07-16 15:11:34 +10:00
Guo Xiang Tan f256e3afb6 Merge pull request #4297 from tgxworld/handle_user_enabled_readonly_mode
Handle user enabled readonly mode
2016-07-05 19:54:32 +08:00
Régis Hanol 5169bcdb6e FIX: httpshttps ultra secure URLs 2016-06-30 16:55:01 +02:00
Guo Xiang Tan 64858c10fe
FIX: Set a not expiring key for user enabled readonly mode. 2016-06-29 15:10:01 +08:00
Guo Xiang Tan 20359788dc
Rename `SiteSetting#use_https` to `force_https`. 2016-06-29 15:02:43 +08:00
Guo Xiang Tan 7619c2fa2f
FIX: Make sure we add a TTL when we enable readonly mode. 2016-06-29 13:55:17 +08:00
Régis Hanol 2194ccec6e slightly better automatic flag reason messages 2016-04-25 23:03:17 +02:00