Commit Graph

7202 Commits

Author SHA1 Message Date
Guo Xiang Tan 32735be5bd
DEV: Fix publish to message_bus when forcing pg readonly. 2020-06-01 13:26:12 +08:00
Guo Xiang Tan 2c3ff3e524
DEV: Missing readonly mode banner when forcing PG readonly. 2020-06-01 12:25:27 +08:00
Krzysztof Kotlarek 9a6ef80739
FEATURE: notify admins about old credentials (#9918)
* FEATURE: notify admins about old credentials

Security and API keys should be renewed periodically.
This additional notification should help admins keep their Discourse safe and secure.
2020-06-01 13:49:27 +10:00
Guo Xiang Tan b0b37bf5a3
DEV: Add force rails_over switch via Redis. 2020-06-01 11:23:58 +08:00
Robin Ward 2b2434b82d
Start Discourse in an initializer (#9930)
* DEV: To be pedantic, there is more than EMBER in there now

* DEV: Use less globals. Have `Discourse` start in an initializer

* DEV: Remove another global
2020-05-29 14:37:02 -04:00
David Taylor e159fb06df
FEATURE: Download remote images even for old posts (#9925)
When a post is rebaked, the admins expect it to work the same regardless of how old the post is.
2020-05-29 17:13:55 +01:00
Guo Xiang Tan ca28ad8f9a
DEV: Remove `db_id` from sample multisite config.
See 2bb4d5170c
2020-05-29 10:48:29 +08:00
Vinoth Kannan ce1491e830
UX: remove `in:unpinned` filter from advanced search page. (#9911) 2020-05-29 00:47:28 +05:30
Guo Xiang Tan 8c86a109bb
DEV: Add ENV flag to test out `ActiveRecord::Failover`. 2020-05-28 16:24:22 +08:00
Dan Ungureanu 570b12a903
FEATURE: Show a detailed 404 page for private topics (#9894) 2020-05-27 20:10:01 +03:00
Roman Rizzi 461df7d050
UX: Rename Priority to score for sorting. (#9846) 2020-05-27 12:50:28 -03:00
Régis Hanol 2a4db15544 FIX: don't send digests to users with no primary email
It might happen that some User records have no associated primary emails.
In which case we don't ever want to send them a digest.

Also added a new "user_email_no_email" skipped email log to ensure these cases
are properly handled and surfaced.
2020-05-27 17:09:40 +02:00
Krzysztof Kotlarek 34e5f0a9a3
Revert "FEATURE: notify admins about old credentials (#9854)" (#9886)
This reverts commit 349a67bee6.
2020-05-27 09:52:53 +10:00
Krzysztof Kotlarek 349a67bee6
FEATURE: notify admins about old credentials (#9854)
* FEATURE: notify admins about old credentials

Security and API keys should be renewed periodically.
This additional notification should help admins keep their Discourse safe and secure.
2020-05-27 08:13:47 +10:00
Neil Lalonde 3d20a1143b
Update translations 2020-05-26 10:06:07 -04:00
Bianca Nenciu f47400475e
FEATURE: Send a private message when a group membership is accepted (#9822)
* FEATURE: Send a private message when a group membership is accepted

* DEV: Small code improvements

* FIX: Send PM as group owner

* Copy edits
2020-05-26 16:28:03 +03:00
Joshua Rosenfeld 41f742c2f9
FIX: Copyedit for the dominating topic warning 2020-05-26 07:18:36 -04:00
Guo Xiang Tan 878f06f1fe DEV: Remove custom connection reaper.
Rails 6 fixed the reaper to use one thread to reap all the connection pools.
2020-05-26 09:09:46 +08:00
Rafael dos Santos Silva b48299f81c
FEATURE: Add setting to disable automatic CORS rule install in S3 buckets (#9872) 2020-05-25 17:09:34 -03:00
Gerhard Schlager 631024ae5d FEATURE: Permalinks for tags 2020-05-25 14:51:01 +02:00
Vinoth Kannan 8e56197728
UX: use "icon-picker" & "image-uploader" fields to set group flair. (#9779) 2020-05-25 11:08:47 +05:30
Michael Brown d9a02d1336
Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""
This reverts commit 20780a1eee.

* SECURITY: re-adds accidentally reverted commit:
  03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
  instead of the 03d26cd6 parent (which contains security fixes)
2020-05-23 00:56:13 -04:00
Jeff Atwood 20780a1eee Revert "Merge branch 'master' of https://github.com/discourse/discourse"
This reverts commit e62a85cf6f, reversing
changes made to 2660c2e21d.
2020-05-22 20:25:56 -07:00
Jeff Atwood e62a85cf6f Merge branch 'master' of https://github.com/discourse/discourse 2020-05-22 20:25:42 -07:00
Jeff Atwood 2660c2e21d minor copyedit on theme import error 2020-05-22 20:25:35 -07:00
Mark VanLandingham 1a5bcf2a64
UX: Remove live theme previewing in favor of refresh (#9798) 2020-05-21 08:32:50 -05:00
David Taylor bde8862f0f
FIX: Allow GitHub app client_id to be used for OAuth configuration 2020-05-21 10:44:25 +01:00
Martin Brennan df68d11c38
FEATURE: Add topic excerpt max length site setting (#9847)
Adds a new topic_excerpt_maxlength site setting.

* When topic excerpt is requested for a post, use the new topic_excerpt_maxlength site setting to limit the size of the excerpt
* Remove code for getting/setting Post.excerpt_size as it is not used anywhere
2020-05-21 13:19:48 +10:00
Krzysztof Kotlarek bf7103343a
FIX: sidekiq is using _forim_session (#9825)
Configure Sidekiq to use _forum_session instead of a rack.session
2020-05-21 08:19:21 +10:00
Robin Ward ba04bb7552 FIX: Path should be `addon` not `app` 2020-05-20 12:13:15 -04:00
Bianca Nenciu fb15da43da
Remove old web hooks in favor of 'reviewable' web hook (#9776)
* FIX: Emit web hooks for flags

* FEATURE: Remove 'flag' web hook in favor of 'reviewable' web hook

* FEATURE: Remove 'queued post' web hook in favor of 'reviewable' web hook

* FIX: Do not set a default value for web hooks with no events
2020-05-20 12:07:48 +03:00
Guo Xiang Tan 2f03a879f9
DEV: Require `rails_failover` before global settings. 2020-05-20 16:06:40 +08:00
Guo Xiang Tan f7f436e536
DEV: Install `rails_failover` gem to test our Redis changes. 2020-05-20 15:40:27 +08:00
Sam Saffron 05f7d5a2de
UX: Rename "Edit Message" to "Edit"
This reduces the space taken by the button.
2020-05-20 14:12:58 +10:00
Roman Rizzi 52228b1fa6
DEV: These routes don't exist anymore (#9823) 2020-05-19 16:09:03 -03:00
dave0688 f2574736a2
FEATURE: Add same site cookie 'None' option to make cross domain systems possible (#9374)
Previously reverted in cb8f8de4, but can be re-applied now that Rack has been updated
2020-05-19 10:33:46 +01:00
Guo Xiang Tan 96c02caba7
DEV: Change use of Redis `flushall` to `flushdb`.
FLUSHALL removes all keys from all databases. Instead we only want to
remove keys from the current Redis database.
2020-05-19 10:20:00 +08:00
Robin Ward db8e872bda
DEV: Move select kit to an addon (#9797) 2020-05-15 16:07:35 -04:00
Joffrey JAFFEUX b07f1bfd93
FIX: displays a title on sk header if no selected name (#9794)
none has to be defined.
2020-05-15 17:36:00 +02:00
Justin DiRose 9810ca1dbd
UX: Add copied text upon copy button click (#9793) 2020-05-15 17:08:46 +02:00
Penar Musaraj 5ff2a235f6 DEV: Allow 3-digit HEX color code in single icon route
Followup to aee8e62
2020-05-14 16:37:45 -04:00
Penar Musaraj aee8e62e21
FEATURE: Add endpoint for individual SVG icons (#9765) 2020-05-14 14:17:19 -04:00
Mark VanLandingham a047004c9a
FIX: Specific email error for replies to digest emails (#9770) 2020-05-14 09:04:58 -05:00
Vinoth Kannan c014b93854
UX: don't disable "create account" button & display error message for required fields. (#9643) 2020-05-14 12:15:33 +05:30
David Taylor cb8f8de422
Revert "FEATURE: Add same site cookie 'None' option to make cross domain systems possible (#9374)"
samesite=none is not supported in Rack 2.0.8. We can re-apply this change once Rack has been upgraded.

https://meta.discourse.org/t/cooke-samesite-none-not-working-because-of-outdated-rack-version/151331

This reverts commit 94c0228681.
2020-05-13 16:17:05 +01:00
RK Aranas 7d857d79bd UX: Fix hard coded value in Crazy in Love badge description
Currently, the Crazy in Love badge's description has a hard coded
value of 50.This should correspond to the max_likes_per_day value
instead.
2020-05-13 16:59:28 +08:00
Daniel Waterworth 497dc6eaa7 Add a global setting for CDN origin
This is so that, on a multisite cluster, when we handle a CDN request,
the hostname that is requested corresponds to one of the sites -
specifically the default site.
2020-05-12 16:43:40 +01:00
Penar Musaraj 90b900704b FIX: Improve mobile footer nav accessibility 2020-05-11 16:55:34 -04:00
David Taylor 5fc51ed49c
DEV: Remove unused DiscoursePlugin class (#9715) 2020-05-11 15:46:54 +01:00
Risto a9cf680f76
A typo fix (#9717) 2020-05-11 10:43:21 -04:00
Sam Saffron d8d54a92f1
FEATURE: tighten rate limiting rules for forgot password
1. Total 6 attempts per day per user
2. Total of 5 per unique email/login that is not found per hour
3. If an admin blocks an IP that IP can not request a reset
2020-05-08 13:30:51 +10:00
Sam Saffron 609e929186
Revert "Revert "DEV: upgrade to Rails 6.0.3""
This reverts commit 2ff8b4f5d9.

Attempt #2 at a Rails update this time we also update the
rails_multisite gem to allow for cleaner reordering
2020-05-08 11:49:22 +10:00
David Taylor 2ff8b4f5d9
Revert "DEV: upgrade to Rails 6.0.3"
This was causing issues during multisite:migrate

https://meta.discourse.org/t/multisite-migrate-broken-since-rails-6-0-3-update/150691

This reverts commit 136a545653.
2020-05-07 11:44:39 +01:00
Sam Saffron 136a545653
DEV: upgrade to Rails 6.0.3
Upgrades Rails to latest, this version has better compatibility
with Ruby 2.7

During the upgrade we needed a new cleaner mechanism for configuring
message bus.

All tests are green.

If anything weird pops up please revert.
2020-05-07 15:53:40 +10:00
Martin Brennan 6fb0f36ce1
FEATURE: Optionally delete bookmark when reminder sent (#9637)
We now show an options gear icon next to the bookmark name.

When expanded we show the "delete bookmark when reminder sent" option. The value of this checkbox is saved in local storage for the user.

If this is ticked, when a reminder is sent for the bookmark the bookmark itself is deleted. This is so people can use the reminder functionality by itself.

Also remove the blue alert reminder section from the "Edit Bookmark" modal as it just added clutter, because the user can already see they had a reminder set:

Adds a default false boolean column `delete_when_reminder_sent` to bookmarks.
2020-05-07 13:37:39 +10:00
Robin Ward 97657aa322 Don't precompile preload-store 2020-05-06 16:47:04 -04:00
Martin Brennan fa572d3a7a
DEV: Remove all code referencing at_desktop bookmark reminders (#9650)
We have found no need for these reminder types, so we are removing the code for them.
2020-05-06 15:22:43 +10:00
Kris e27f07e57d minor followup to 657facb 2020-05-05 17:18:36 -04:00
Robin Ward 612284cef3
DEV: Remove `Discourse.RAW_TEMPLATES` (#9630)
We were sharing `Discourse` both as an application object and a
namespace which complicated things for Ember CLI. This patch
moves raw templates into `__DISCOURSE_RAW_TEMPLATES` and adds
a couple helper methods to create/remove them.
2020-05-05 12:15:03 -04:00
tshenry b8b1cbbfb9
UX: Improve second factor UI (#9526)
This will make a few minor improvements to the second factor user interface. Highlights include:

- Using the site's title to prefix the backup code filename. If non-ascii characters are detected, then prefix "discourse" instead.
- Add icons and change the text on some of the buttons for better clarity and consistency
- Add an education link to the security key modal
2020-05-05 11:05:25 +10:00
Neil Lalonde 3cce608379
Update translations 2020-05-04 10:39:01 -04:00
Vinoth Kannan 0fe8ad13fa UX: change the user merge button's label and icon. 2020-05-04 18:44:30 +05:30
Ahmed Gagan 99abdf51cd
FEATURE: adds a filter for all/unread/read on user's notifications page (#9535) 2020-05-04 08:36:59 +02:00
Jeff Atwood 7fc319b64f more direct "read this topic" prefs link 2020-05-03 22:09:07 -07:00
Martin Brennan bcc9ad6f57
FIX: Bookmark UI tweaks (#9604)
* When hovering over the bookmark icon for a post, show the name of the bookmark at the end of the tooltip _if_ it has been set.
* Order bookmarks by `updated_at DESC` in the user list and show that instead of created at.
2020-05-01 16:14:20 +10:00
Robin Ward d615de9139
DEV: Support for `import Handlebars from 'handlebars'`; (#9600)
* Remove Handlebars.SafeString usage

* DEV: Support for `import Handlebars from 'handlebars'`;

* FIX: Sprockets was broken when `node_modules` was present

By default the old version of sprockets looks for application.js
anywhere, including in a node_modules folder if this exists
(which it will when we move to Ember CLI.)
2020-04-30 16:41:02 -04:00
Jeff Wong 2cb9e85d14
FEATURE: add category banner for why a user cannot post (#9576)
* FEATURE: add category banner for why a user cannot post

Adds a category banner for why a user is unable to post in a category.

Also adds an extra alert for the user when a user is unable to create a topic in a
category and they still try and click on the disabled-looking new topic
button.
2020-04-30 10:39:11 -07:00
Joffrey JAFFEUX 1b2db44678
FEATURE: allows to limit visible reports and tabs in dashboard (#9598) 2020-04-30 17:31:04 +02:00
Vinoth Kannan 71241a50f7 DEV: improve code readability & add tests for user guardian.
a511bea4cc
2020-04-30 20:59:33 +05:30
Rafael dos Santos Silva 08e4af6636 FEATURE: Add setting to controle the Expect header on S3 calls
Some providers don't implement the Expect: 100-continue support,
which results in a mismatch in the object signature.

With this settings, users can disable the header and use such providers.
2020-04-30 12:12:00 -03:00
Joffrey JAFFEUX 45f704906d
UX: display info about extra files and uploader (#9595)
Co-authored-by: David Taylor <david@taylorhq.com>
2020-04-30 16:02:38 +02:00
Dan Ungureanu fe51f7a863
FEATURE: More improvements to crawler and old browsers view
Related to c85018cdfd.
2020-04-30 12:07:51 +03:00
Sam Saffron d0d5a138c3
DEV: stop freezing frozen strings
We have the `# frozen_string_literal: true` comment on all our
files. This means all string literals are frozen. There is no need
to call #freeze on any literals.

For files with `# frozen_string_literal: true`

```
puts %w{a b}[0].frozen?
=> true

puts "hi".frozen?
=> true

puts "a #{1} b".frozen?
=> true

puts ("a " + "b").frozen?
=> false

puts (-("a " + "b")).frozen?
=> true
```

For more details see: https://samsaffron.com/archive/2018/02/16/reducing-string-duplication-in-ruby
2020-04-30 16:48:53 +10:00
Martin Brennan ca539fdccf
FIX: Rename all instances of bookmarkWithReminder to just bookmark (#9579)
* Rename all instances of bookmarkWithReminder and bookmark_with_reminder to just bookmark
* Delete old bookmark code at the same time
* Add migration to remove the bookmarkWithReminder post menu item if people have it set in site settings
2020-04-30 10:09:22 +10:00
Joshua Rosenfeld 9dccf4f3b8
FIX: Copyedit for "You were logged out" modal (#9584)
See https://meta.discourse.org/t/-/149596
2020-04-29 07:37:06 -07:00
Guo Xiang Tan 4fe4b3cce3
DEV: Revert quiet assets in dev.
Breaks with a gem.
2020-04-29 14:46:56 +08:00
Guo Xiang Tan 16ab6430fe
DEV: Follow up to a078feee07 2020-04-29 14:24:48 +08:00
Guo Xiang Tan a078feee07
DEV: Turn off ActiveRecord development color and query log by default.
It breaks logster.
2020-04-29 14:19:14 +08:00
Guo Xiang Tan fa21c03a1d
DEV: Minor follow up to 1d04fb24f8 2020-04-29 14:09:19 +08:00
Guo Xiang Tan 1d04fb24f8
DEV: Enable all the ActiveRecord goodness in development env. 2020-04-29 14:08:00 +08:00
Guo Xiang Tan 5503eba924
DEV: Add env in dev to support verbose query log. 2020-04-29 11:10:57 +08:00
Martin Brennan 17ca47af1a
FIX: Remove timezone in brackets from user card (#9567)
For clarity and to save space remove the timezone in brackets e.g. (EDT) from the user card. Also add a title to the user time span to say it is Local Time.
2020-04-29 08:45:38 +10:00
David Taylor ba616ffb50
DEV: Use a tmp directory for storing uploads in tests (#9554)
This avoids development-mode upload files from polluting the test environment
2020-04-28 14:03:04 +01:00
mentalstring 67f3fe14aa
FEATURE: support SSO website and location overrides
Add location and website + the ability to override using SSO using the `sso_overrides_location` and `sso_overrides_website` site settings.
2020-04-28 16:06:35 +10:00
Martin Brennan bb4e965a66
FEATURE: Optionally show local time for user in card (#9527)
This adds a site setting (default off) to optionally show a user's local time and timezone in their user card. For example, I live in Brisbane, and if at 3:30PM my time I were to open a user who lives in California's card I would see 22:30 (PST).
2020-04-28 10:13:59 +10:00
Robin Ward 056327c0c9
DEV: Move `discourse.js` to `app/app.js` (#9545)
This is another thing to get our application in line with what Ember CLI
expects.
2020-04-27 13:28:10 -04:00
Gerhard Schlager 30cb5f7d86 Update translations 2020-04-24 15:16:29 +02:00
Sam Saffron 6a18c9aa0b
Revert "FEATURE: enforce_canonical_emails site setting"
This reverts commit 6f9177e2ed.

We decided on a completely different approach to the problem.

Instead we will let blocked emails be treated as canonical.
2020-04-24 13:52:06 +10:00
Roman Rizzi 7a2e8d3ead
DEV: Add the missing `app` subdirectory (#9499)
* DEV: Add missing  directory to the Discourse ember app

* DEV: Resolve imports correctly
2020-04-23 10:07:54 -03:00
Joffrey JAFFEUX 3bbd8b1258
UX: rework date time input range (#9524) 2020-04-22 22:17:53 +02:00
Vinoth Kannan df0c386f8a
UX: drop the `automatic_membership_retroactive` column from groups model. (#9430) 2020-04-22 22:07:39 +05:30
Robin Ward 13f2723dcb FIX: Don't log an error to logster if a topic could not be updated.
If for some reason an update did not go through (for example,
concurrently updating the same topic twice), we were logging something
like:

```
create_errors_json called with unrecognized type: #<Topic
```

This happened because we knew an error occurred but the active record
object had no errors attached.

This patch fixes the issue by attaching a proper error message in the
event that this happens.
2020-04-22 11:56:04 -04:00
Dan Ungureanu e733701887
FEATURE: Make report filters reusable (#9444)
This commit also adds 'include subcategories' report filter
2020-04-22 11:52:50 +03:00
Vinoth Kannan a511bea4cc
FEATURE: admin UI to merge two users. (#9509) 2020-04-22 14:07:51 +05:30
Martin Brennan 628ba9d1e2
FEATURE: Promote bookmarks with reminders to core functionality (#9369)
The main thrust of this PR is to take all the conditional checks based on the `enable_bookmarks_with_reminders` away and only keep the code from the `true` path, making bookmarks with reminders the core bookmarks feature. There is also a migration to create `Bookmark` records out of `PostAction` bookmarks for a site.

### Summary

* Remove logic based on whether enable_bookmarks_with_reminders is true. This site setting is now obsolete, the old bookmark functionality is being removed. Retain the setting and set the value to `true` in a migration.
* Use the code from the rake task to create a database migration that creates bookmarks from post actions.
* Change the bookmark report to read from the new table.
* Get rid of old endpoints for bookmarks
* Link to the new bookmarks list from the user summary page
2020-04-22 13:44:19 +10:00
Justin DiRose 6559ad0d80
FEATURE: Add copy button to codeblocks (#9451) 2020-04-21 08:02:13 -05:00
Martin Brennan d123138d3a
FIX: Only confirm bookmark delete if a reminder has been set (#9484)
We do not need a secondary bootbox confirm if the bookmark has no reminder, because nothing really will be lost in that case.
2020-04-21 14:29:12 +10:00
Jarek Radosz 17cf300b71
DEV: Use more specific error responses (#9472)
* DEV: Use `render_json_error` (Adds specs for Admin::GroupsController)
* DEV: Use a specific error on blank category slug (Fixes a `render_json_error` warning)
* DEV: Use a specific error on reviewable claim conflict (Fixes a `render_json_error` warning)
* DEV: Use specific errors in Admin::UsersController (Fixes `render_json_error` warnings)
* FIX: PublishedPages error responses
* FIX: TopicsController error responses (There was an issue of two separate `Topic` instances for the same record. This makes sure there's only one up-to-date instance.)
2020-04-21 03:50:20 +02:00
Gerhard Schlager 82f9dcf301 Update translations 2020-04-20 11:37:59 +02:00
Sam Saffron ee36382640
FEATURE: improve rendering of RSS feeds
- Eliminate superfluous "author wrote" block
- Eliminate block-quote for all posts
- Move participant count and reply count to 1 line
- Prioritize name over username if forum requests
- Use fabrication in list controller spec to speed up spec
2020-04-20 16:08:24 +10:00
Martin Brennan 344ef5226c
FEATURE: Edit bookmark reminders from post and explicit delete button (#9455)
There is now an explicit "Delete Bookmark" button in the edit modal. A confirmation is shown before deleting.

Along with this, when the bookmarked post icon is clicked the modal is now shown instead of just deleting the bookmark. Also, the "Delete Bookmark" button from the user bookmark list now confirms the action.

Add a `d d` shortcut in the modal to delete the bookmark.
2020-04-20 13:30:04 +10:00
Gerhard Schlager 3e3ac704e1 Remove unused translation
It isn't used anymore since a19e43fd3b
2020-04-19 16:44:14 +02:00
David Taylor 576872a2d9
PERF: Enable new user card route by default (#9442)
https://meta.discourse.org/t/changes-to-the-user-card-data-source/139951
2020-04-17 09:42:57 +01:00
Martin Brennan 8f0544137a
FEATURE: Allow editing bookmark reminders (#9437)
Users can now edit the bookmark name and reminder time from their list of bookmarks.

We use "Custom" for the date and time in the modal because if the user set a reminder for "tomorrow" then edit the reminder "tomorrow", the definition of what "tomorrow" is has changed.
2020-04-17 11:08:07 +10:00
David Taylor ed6b3b82bd
FIX: Reopen sidekiq log files after rotation (#9429)
Unicorn uses the USR1 to indicate that log files should be reopened. This commit implements the same functionality for our forked sidekiq workers:

- USR1 is intercepted in the unicorn master, and re-issued to all child processes
- USR1 is trapped in the sidekiq processes, and `Unicorn::Util.reopen_logs` is used to re-open log files
2020-04-16 12:13:13 +01:00
Martin Brennan d7f744490a
FEATURE: Decorate topic-level bookmark button with reminder time (#9426)
* Show the correct bookmark with clock icon when topic-level bookmark reminder time is set and show the time of the reminder in the title on hover.
* Add a new bookmark lib and reminder time formatting function to show time with today/tomorrow shorthand for readability. E.g. tomorrow at 8:00am instead of Apr 16 2020 at 8:00am. This only applies to today + tomorrow, future dates are still treated the same.
2020-04-16 09:20:44 +10:00
Vinoth Kannan 884eea7a83 FEATURE: add support for `upload` format in theme settings. 2020-04-15 18:34:02 +05:30
Kane York 5a5685766a DEV: Fix all 'require-valid-alt-text' lints except in reused compoments
Three violations require parameters from the caller to generate valid alt text.
2020-04-14 17:21:20 -07:00
Sam Saffron 6f9177e2ed
FEATURE: enforce_canonical_emails site setting
The new `enforce_canonical_emails` site setting ensures that emails in the
canonical form are unique.

This mean that if `s.a.m+1@gmail.com` is registered `sam@gmail.com` will
not be allowed.

The commit contains a blanket "tag strip" (stripping everything after +)
it also contains special handling of a "dot strip" for googlemail and gmail.

The setting only impacts new registrations after `enforce_canonical_emails`

The setting is default false so it will not impact any existing installs.
2020-04-14 14:16:30 +10:00
Robin Ward b6b92a562c
FEATURE: New site setting `embed_unlisted` (#9391)
If enabled, posts imported to discourse via embeddings will default to
unlisted until they receive a reply.
2020-04-13 15:17:02 -04:00
tshenry 617692a6c4
UX: Note "Summarize This Topic" settings behavior
We use the `periodical_updates` and `weekly` background jobs to retroactively add/remove the "Summarize This Topic" button for topics according to the `summary_posts_required` or `summary_likes_required` site settings.
2020-04-10 09:46:36 -07:00
Dan Ungureanu 3d9c320aab
PERF: Cache Category.subcategory_ids (#9350)
Also reset category cache after backup restore.
2020-04-09 15:42:24 +03:00
Martin Brennan bedefd2e8a Fix broken bookmark translations for French 2020-04-09 14:51:57 +10:00
Kane York 138d4aebde FEATURE: Webhooks and Event for user being granted a badge
Adding a webhook for badge revocation is left for future work as it's relatively rare.
2020-04-08 14:38:30 -07:00
Kane York abdc10ae70 FIX: Labels for modal close and dismiss-error buttons 2020-04-08 11:56:29 -07:00
Dan Ungureanu 73d71e3fee
FEATURE: Show noscript view to unsupported browsers (#9373) 2020-04-08 20:24:18 +03:00
Robin Ward e1f8014acd
FEATURE: Support for publishing topics as pages (#9364)
If the feature is enabled, staff members can construct a URL and publish a
topic for others to browse without the regular Discourse chrome.

This is useful if you want to use Discourse like a CMS and publish
topics as articles, which can then be embedded into other systems.
2020-04-08 12:52:36 -04:00
dave0688 94c0228681
FEATURE: Add same site cookie 'None' option to make cross domain systems possible (#9374) 2020-04-08 10:03:50 +01:00
Rafael dos Santos Silva 3053c6d95e
FEATURE: Enable offline browsing and fullscreen PWA in iOS by default 2020-04-07 16:58:21 -03:00
Martin Brennan 42c2678d8f
FIX: Show topic level bookmark with reminder modal (#9336)
* When using the topic-level bookmark button or shortcut, we now show the bookmark with reminder modal for consistency.
* When hovering on a bookmark reminder notification where the bookmark has a name, show the name of the bookmark on hover.
2020-04-07 15:43:00 +10:00
Martin Brennan 93c38cc175
FEATURE: Bookmark keyboard shortcuts (#9318)
Adds keyboard bindings and associated help menu for selecting reminder type in bookmark modal, and pressing Enter to save.

Introduce the following APIs for `KeyboardShortcuts`:

* `pause` - Uses the provided array of combinations and unbinds them using `Mousetrap`.
* `unpause` - Uses the provided combinations and rebinds them to their default shortcuts listed in `KeyboardShortcuts`.
* `addBindings` - Adds the array of keyboard shortcut bindings and calls the provided callback when a binding is fired with Mousetrap.
* `unbind` - Takes an object literal of a binding map and unbinds all of them e.g. `{ enter: { handler: saveAndClose" } };`
2020-04-07 14:03:15 +10:00
Martin Brennan 40546af217
FIX: Remove date from bookmark reminder non-English translations (#9354)
The {{date}} interpolated value was removed from the English translations in #9329 but not from the other translations, causing breakages.

Also adds a , inbetween date and time for reminders using long_no_year for readability.
2020-04-06 13:14:46 +10:00
Daniel Waterworth bca126f3f5 REFACTOR: Move the multisite middleware to the front
Both request tracking and message bus rely on multisite before the
middleware has run which is not ideal.

Follow-up-to: ca1208a636
2020-04-02 16:44:44 +01:00
Daniel Waterworth ca1208a636 Revert "REFACTOR: Move the multisite middleware to the front"
Looks like this is causing problems.

Follow-up-to: a91843f0dc
2020-04-02 15:20:28 +01:00
Daniel Waterworth a91843f0dc REFACTOR: Move the multisite middleware to the front
Both request tracking and message bus rely on multisite before the
middleware has run which is not ideal.
2020-04-02 10:15:38 +01:00
Martin Brennan d261a809e2
FEATURE: Bookmark reminder type changes and bugfixes (#9329)
New Reminder Types
-------------------------------------

* Add a "later this week" reminder which is today + 2 days, will not show if we are on the days Thu-Sun
* Add a "start of next business week" reminder which is 8am Monday

Bugfixes and Tweaks
--------------------------------------

* Move dates out of translation for reminder types and yield HTML for tap-tile for more customizable content and styling
* Make sure double clicking the bookmark icon in quick access takes users to the new bookmarks-with-reminders page
* Sane default to 8am (start of day) for custom reminder with no time
2020-04-02 09:57:48 +10:00
Kane York cdaa60b56b FEATURE: Allow admins to disable self-service account deletion
https://meta.discourse.org/t/-/146276
2020-04-01 15:16:07 -07:00
Martin Brennan b79ea986ac
FEATURE: High priority bookmark reminder notifications (#9290)
Introduce the concept of "high priority notifications" which include PM and bookmark reminder notifications. Now bookmark reminder notifications act in the same way as PM notifications (float to top of recent list, show in the green bubble) and most instances of unread_private_messages in the UI have been replaced with unread_high_priority_notifications.

The user email digest is changed to just have a section about unread high priority notifications, the unread PM section has been removed.

A high_priority boolean column has been added to the Notification table and relevant indices added to account for it.

unread_private_messages has been kept on the User model purely for backwards compat, but now just returns unread_high_priority_notifications count so this may cause some inconsistencies in the UI.
2020-04-01 09:09:20 +10:00
Arpit Jalan b2a0d34bb7
FEATURE: add setting `auto_approve_email_domains` to auto approve users (#9323)
* FEATURE: add setting `auto_approve_email_domains` to auto approve users

This commit adds a new site setting `auto_approve_email_domains` to
auto approve users based on their email address domain.

Note that if a domain already exists in `email_domains_whitelist` then
`auto_approve_email_domains` needs to be duplicated there as well,
since users won’t be able to register with email address that is
not allowed in `email_domains_whitelist`.

* Update config/locales/server.en.yml

Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2020-03-31 23:59:15 +05:30
Robin Ward db35baba26 FEATURE: Display "Last Updated At" on user directory 2020-03-30 14:34:48 -04:00
Joffrey JAFFEUX 0996c3b7b3
FEATURE: allows multiple custom emoji groups (#9308)
Note: DBHelper would fail with a sql syntax error on columns like "group".

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2020-03-30 20:16:10 +02:00
Kane York 07dc8d20c4 DEV: Enable and fix the 'require-iframe-title' lint 2020-03-26 12:31:34 -07:00
Sam Saffron 25f1f23288
FEATURE: Stricter rules for user presence
Previously we would consider a user "present" and "last seen" if the
browser window was visible.

This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.

Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility

This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
2020-03-26 17:36:52 +11:00
Sam Saffron ecbccab159
FEATURE: invite_code is case-insensitive
Previously we required exact casing for invite code, this can cause a lot
of confusion. Relax the requirement.
2020-03-26 13:44:02 +11:00
Martin Brennan 097851c135
FIX: Change secure media to encompass attachments as well (#9271)
If the “secure media” site setting is enabled then ALL files uploaded to Discourse (images, video, audio, pdf, txt, zip etc. etc.) will follow the secure media rules. The “prevent anons from downloading files” setting will no longer have any bearing on upload security. Basically, the feature will more appropriately be called “secure uploads” instead of “secure media”.

This is being done because there are communities out there that would like all attachments and media to be secure based on category rules but still allow anonymous users to download attachments in public places, which is not possible in the current arrangement.
2020-03-26 07:16:02 +10:00
Kane York 6a1fe9ff87
FIX: Use 1 column instead of 4 for permalink destination (#9260) 2020-03-25 11:30:39 -07:00
Dan Ungureanu 3ae26c6c59
FEATURE: List search menu shortcuts in instructions modal (#9273) 2020-03-25 17:11:33 +02:00
Dan Ungureanu 49395ec577
FIX: Fix image optimization pipeline (#9257)
* FIX: Do not use original filename to extract the original filename

Prefer extracting filename from the destination path, which is build
using extracted image information.

* UX: Show better error images
2020-03-25 12:59:16 +02:00
Bianca Nenciu d8640fd042
DEV: Move requested_group_id custom field from post to topic (#9127)
Follow-up-to accbbded15
2020-03-24 11:12:52 +02:00
Martin Brennan b8b29e79ad
FIX: Improve user timezone saving (#9230)
Based on issues identified in https://meta.discourse.org/t/improved-bookmarks-with-reminders/144542/20

* Implement the resolvedTimezone() function on the user model where we return the user's timezone if it has been set, or we guess it using moment and save it to the user using an update call if it has not yet been set. This covers the cases of users who do not log out/in often who will not get their timezone set via login. This also makes sure the guess + save is done in a non-obtrusive way not on every page -- only when it is needed.

* Before if a user's timezone was blank when they visited their profile page we were autofilling the dropdown with the guessed timezone from moment. However this was confusing as it would appear you have that timezone saved in the DB when you really didn't. Now we do not autofill the dropdown and added a button to automatically guess the current timezone to make everything more explicit.
2020-03-24 11:39:09 +10:00
Kane York 4b8acce92b FIX: Check for permalinks before showing the 404 page
Limitations: the user profile "open external links in new tab setting" is
slightly broken for "External URL" permalinks.

Remove the copy from the admin permalinks page stating that this doesn't work.
2020-03-23 16:31:07 -07:00
Vinoth Kannan aad12822b7
FEATURE: automatically delete replies on a topic after N days. (#9209) 2020-03-19 21:06:31 +05:30
Martin Brennan 8769ca08bb SECURITY: Prevent access to other user's bookmark lists 2020-03-19 10:59:32 +10:00
Rafael dos Santos Silva d6838608ff FEATURE: iCalendar feed for Bookmark reminders 2020-03-18 17:51:16 -03:00
Roman Rizzi 4663304775
FEATURE: Show rejected posts count in user summary (#9204) 2020-03-16 09:52:08 -03:00
David Taylor fb8b0ca197
DEV: Remove unused middleware (#9203)
This has not been used since January 2014, per 166a8d29
2020-03-16 12:37:43 +00:00
Rishabh 0c71f7bbd1 UX: Improve suspect user copy on /review 2020-03-16 16:08:58 +05:30
Martin Brennan 4cce564b35
FIX: Bookmark reminders and improvements changes (#9213)
* Cosmetic fixes for the bookmark modal
* Do not show "later today" when the later time will be > 5pm
* When a custom reminder time is selected, store it in localStorage. The next time the modal is opened, if the last datetime is > now, then a new tile with "Last" will be shown that lets the user reselect that same time.
* Also add an explicit "No Reminder" option that is selected by default
2020-03-16 16:05:44 +10:00
Sam Saffron a1d660d951
FEATURE: optional global invite_code for account registration
On some sites when bootstrapping communities it is helpful to bootstrap
with a "light weight" invite code.

Use the site setting `invite_code` to set a global invite code.

In this case the administrator can share the code with
a community which is very easy to remember and then anyone who has
that code can easily register accounts.

People without the invite code are not allowed account registration.

Global invite codes are less secure than indevidual codes, in that they
tend to leak in the community however in some cases when starting a brand
new community the security guarantees of invites are not needed.
2020-03-15 21:17:28 +11:00
Gerhard Schlager 8022e51179 FIX: Failed to restore backups from versions without translation overrides
Rails calls I18n.translate during initialization and by default translation overrides are used. Database migrations would fail if the system tried to migrate from an old version that didn't have the `translation_overrides` table with all its columns yet.

This makes restoring really old backups work again. Running `DISABLE_TRANSLATION_OVERRIDES=1 rake db:migrate` will allow you to upgrade such an old database as well.
2020-03-14 00:00:22 +01:00