Commit Graph

23640 Commits

Author SHA1 Message Date
Roman Rizzi c0848a5cc4
FIX: Only include last_posted_at if there's a topic_user object. (#11011)
Trying to include this attribute when topic_user is nil causes an error when visiting a topic as anon. Additionally, we don't display the slow mode banner for these users.
2020-10-23 11:31:59 -03:00
Jordan Vidrine f85f5eb179
FIX: Add check for youtube thumbnail (#11000)
This commit adds a check for the youtube thumbnail class when enforcing max-image-dimensions.
2020-10-23 08:40:49 -05:00
Robin Ward 919f488358 REFACTOR: All remaining acceptance tests converted to new format
Also contains fixes to leaky state in pretender.
2020-10-23 09:28:13 -04:00
Joffrey JAFFEUX 281bf0b345
FIX: optimizes sk body position in RTL mode (#10997) 2020-10-22 16:08:11 +02:00
David Taylor 85f827ee1c
UX: Remove forgot password button from login-preferences (#10998)
Showing this button is confusing for sites which are using external authentication. Clicking 'log in' already pops up the login modal, which includes a forgot password link when appropriate.
2020-10-22 14:34:10 +01:00
Martin Brennan 0d63eb4124
FEATURE: Add detection of post date to use in bookmark modal (#10981)
This PR introduces a feature that will detect a date inside the post that a user is bookmarking, and offer that date as an option in the bookmark modal.

The logic is that we get the first date/time detected in the post. If it does not have a time, just a date, then we default to 8:00am for the time.
2020-10-22 16:23:46 +10:00
Sam Saffron 906ec87d26 DEV: Add more debugging context to onebox generation
Previously if a onebox timed out we would not present the users in the log
with any information regarding the onebox. This makes it very difficult to
debug.

This adds url/topic/user in the debugging output.
2020-10-22 12:50:22 +08:00
Martin Brennan 64b0b50ac0
FIX: Pass user to Email::Sender to avoid broken reply key for group_smtp email (#10978)
Our Email::Sender class accepts an optional user argument, which is used to create a PostReplyKey record when present. This record is used to sub out the %{reply_key} placeholder in the Reply-To mail header, so if we do not pass in the user we get a broken Reply-To header.

This is especially problematic in the IMAP group SMTP situation, because these emails go to customers that we are replying to, and when they reply to us the email bounces! This fixes the issue by passing user to the Email::Sender when sending a group_smtp email but there is still more to do in another PR.

This Email::Sender optional user is a bit of a footgun IMO, especially because most of the time we use it there is a user we can source. I would like to do another PR for this after this one to make the parameter not optional, so we don't end up with these reply issues down the line again.
2020-10-22 10:49:08 +10:00
David Taylor abb00c3780
FIX: Restore users#topic_tracking_state route to api session_info scope (#10992)
This route was inadvertently removed in 1cec333f, and is required for showing new/unread counts in Discourse mobile apps
2020-10-21 19:44:34 +01:00
Osama Sayegh a04c300495
DEV: Add optional ENV variables for MiniProfiler snapshots transporter (#10985) 2020-10-21 19:37:28 +03:00
Kris 08104e058a
UX: Fix mobile padding-top on mobile, follow up to da5841d (#10982) 2020-10-21 17:52:35 +11:00
Angus McLeod 516e7e392b
FEATURE: Add non_automatic group type param to groups index API 2020-10-21 09:46:45 +11:00
Kris a6befcd86c
FIX: include font import for embedded comments (#10967) 2020-10-21 09:35:52 +11:00
Kris 3d9f127228
FIX: Remove need for overflow hidden, follow-up to da5841d (#10971) 2020-10-21 09:35:07 +11:00
Sam 7b3b05f229
FEATURE: CTRL-SHIFT-ENTER and SHIFT-Click do not scroll on post (#10965)
This allows for an advanced feature where hitting control on click or
CTRL-SHIFT-ENTER will lead to a post being made but the browser not to
scroll to the end.
2020-10-21 08:55:58 +11:00
Bianca Nenciu be5efc9410
FIX: Ensure old uploads can have animated field updated (#10963)
If admins decreased the maximum filesize limit the ActiveRecord
validations would fail.
2020-10-20 19:11:43 +03:00
Bianca Nenciu 94cbfa92e1
FEATURE: Show a placeholder instead of videos in preview (#10962)
Adding a video in composer and then continuing to type into it will make the
video element flicker and restart playback on every keystroke, as the preview
is rendered. In certain configurations, this can lead to some performance
problems too.

Onebox already does the same for external videos.
2020-10-20 19:01:32 +03:00
Robin Ward a65b426b8a REFACTOR: Convert many more acceptance tests to the new format 2020-10-20 11:08:12 -04:00
Robin Ward b3b9cf7c5d REFACTOR: New format for acceptance tests
This gets us closer to how newer Ember versions want to do things, but
with a bit of Discourse flair.

`acceptance` now takes a function as a parameter, and tests need to be
declared in that new function context.

A new helper, `needs`, is passed as a parameter. You can use it to set
up the test the way you want.
2020-10-20 11:08:12 -04:00
Roman Rizzi fbb1fb9270
FIX: Ensure slow mode duration is correctly edited and displayed. (#10945)
* FIX: Ensure slow mode duration is correctly edited and displayed.

This commit fixes a bug where you were forced to set hours, minutes, and seconds or you won't be able to set the slow mode. Also, the duration was not displayed correctly due to the seconds not being truncated.

Additionally, we'll always display the hours, minutes, and seconds inputs for clarity and remove the blue banner.

* Set slow mode modal tweaks.

Uses labels instead of placeholders.
Input fields only visible when custom option selected.
Replace "Custom Duration" with "Pick Duration".

Additionally, place the `Set slow mode` button at the bottom of the topic actions menu.

* Perform the slow_mode validation also on the client-side before saving trying to save the post. This way, the post won't be staged.
2020-10-20 06:52:03 -03:00
Kris 1946fa3c53
FIX: Loading container needs same width as posts, follow up to da5841d (#10966) 2020-10-20 19:09:12 +11:00
Kris da5841de0b
REFACTOR: Remove position fixed from the header and use sticky instead (#10781)
This removes fixed positioning from d-header and the topic timeline.

Plugins, themes and components that use the above/below header plugin outlet will likely need some margin/padding adjustments.
2020-10-19 17:26:38 -04:00
jbrw a74805d3f8
FIX: moderators can add/remove group owners (#10960)
If `SiteSetting.moderators_manage_categories_and_groups` is enabled, a moderator shoud be able to add/remove group owners.
2020-10-19 16:30:21 -04:00
Robin Ward 5597aeb1b9 Revert "FEATURE: CTRL-SHIFT-ENTER and SHIFT-Click do not scroll on post (#10939)"
This broke "composePrivateMessage" (and possibly others) because `d-button` now passes the event as a
second argument, and that action has an optional second argument.
2020-10-19 14:07:35 -04:00
Arpit Jalan 6051a3da68
FIX: enable "remove tags" button only when tagging is enabled (#10957)
UX: remove tags button does not qualify to be a danger button
2020-10-19 22:08:11 +05:30
David Taylor b7c680853d DEV: Introduce plugin API to contribute user api key scopes 2020-10-19 10:40:55 +01:00
David Taylor 23e5c605f6 DEV: Add support for allowed parameters in user api key scopes
Initially, this feature is only intended for use in core/plugins, so there is no API for requesting a parameter-scoped key. That may change in future.
2020-10-19 10:40:55 +01:00
David Taylor 1cec333f48 REFACTOR: Introduce RouteMatcher class
This consolidates logic used to match routes in ApiKey, UserApiKey and DefaultCurrentUserProvider. This reduces duplicated logic, and will allow UserApiKeysScope to easily re-use the parameter matching logic from ApiKeyScope
2020-10-19 10:40:55 +01:00
Sam c8e0547bcc
FEATURE: CTRL-SHIFT-ENTER and SHIFT-Click do not scroll on post (#10939)
* FEATURE: CTRL-SHIFT-ENTER and SHIFT-Click do not scroll on post

This allows for an advanced feature where hitting control on click or
CTRL-SHIFT-ENTER will lead to a post being made but the browser not to
scroll to the end.
2020-10-19 17:21:50 +11:00
Gerhard Schlager 1ac010db3c
FIX: "Sorry an error has occurred" was shown when flagging a post (#10948) 2020-10-18 13:47:54 +02:00
Roman Rizzi 1ff45dc194
FIX: Only TL4 users and staff should be able to see the disable slow mode button (#10942) 2020-10-16 17:52:31 -03:00
Roman Rizzi 21c53ed249
FEATURE: Topic slow mode. (#10904)
Adds a new slow mode for topics that are heating up. Users will have to wait for a period of time before being able to post again.

We store this interval inside the topics table and track the last time a user posted using the last_posted_at datetime in the TopicUser relation.
2020-10-16 16:24:38 -03:00
Robin Ward b460a6d059 REFACTOR: Continue to converge on what Ember CLI wants us to do
* The creation of a testing div is specific to Rails, so that is
moved back out of setupTests();

* We've removed the `Discourse` globals from the acceptance helpers in favor of
`setApplication`/`getApplication`.

* We pass the container to setupTests because there is no
`__container__` in later Ember versions.

* `App` is now `app` because it's not a constant or class, it's an
instance of an application.
2020-10-16 10:53:13 -04:00
Gerhard Schlager 7adf71a203
Fix i18n issues reported on Crowdin (#10925)
* Pluralize `discourse_narrative_bot.dice.not_enough_dice`
  The number of dice requires a pluralized string.
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/278/en-ar#51346

* Always use "two-factor" instead of "second factor" or "two factor"
  Using different terms for the same thing is quite confusing.
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-nl#40096

* Remove whitespace before ellipsis for consistency
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-nl#53978

* Remove unused strings from locale file

* Correct grammar in `site_settings.review_media_unless_trust_level`
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#54018

* Correct grammar in `reviewables.reasons.contains_media`
  Fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#54020

* Correct grammar in user notifications
  It also adds a link to the /about page in order to give the user a clue who the site admins are.
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#54084

* Use "log in" instead of "login" when it's a verb
  This fixes multiple issues:
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-nl#40940
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#47858
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-nl#49458

* Replace "Github" with "GitHub"

* Remove "discourse.org" from title of 503 error page

* Replace weirdly formatted multi line string

* Pluralize `js.composer.group_mentioned_limit`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41158

* Remove unused string and pluralize `js.topic.feature_topic.confirm_pin_globally`
  This kinda fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42114 as `js.topic.feature_topic.confirm_pin` wasn't used anymore.

* Pluralize `js.user.second_factor_backup.remaining_codes`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40054

* Pluralize `js.composer.error.tags_missing`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41184

* Pluralize `js.post.errors.too_many_dragged_and_dropped_files`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42408

* Remove unused `js.posts_long` and `js.likes_long`
  This fixes the following issues in an unexpected way:
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42974
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#42994

* Pluralize `js.bootstrap_mode_enabled`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#38726

* Remove unused `long_form` from `post_action_types`
  This more or less fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/248/en-ar#47158

* Pluralize `js.presence.replying` and `js.presence.replying`
  This fixes the following issues:
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/282/en-ar#51588
  * https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/282/en-ar#51590

* Pluralize `js.user.second_factor_backup.manage`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40044

* Stop using concatenated strings for "Recently Used Devices"
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#40308

* Pluralize `js.category_row.topic_count`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41056

* Pluralize `js.select_kit.invalid_selection_length`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41072

* Pluralize `js.notifications.membership_request_consolidated`
  This fixes https://discourse.crowdin.com/translate/f3230e7607a36bb0a2f97fd90605a44e/246/en-ar#41416
2020-10-16 15:24:58 +02:00
Bianca Nenciu 43e52a7dc1
DEV: Remove gifsicle dependency (#10357)
Dependency on gifsicle, allow_animated_avatars and allow_animated_thumbnails
site settings were all removed. Animated GIF images are still allowed, but
the generated optimized images are no longer animated for those (which were
used for avatars and thumbnails).

The added 'animated' is populated by extracting information using FastImage.
This field was used to selectively reoptimize old animations. This process
happens in the background.
2020-10-16 13:41:27 +03:00
Sam 14cb587b7e
PERF: don't ask for new posts while loading new posts (#10937)
Previous to this change we had no protection to ensure we wait on a request
for more posts prior starting another request.

In outlier cases if 10 people post at the same time on a topic a flood of
requests could start.

To improve this situation we now ensure that we are done asking for new posts
prior to asking for the next batch.

Also addresses some style issues raised previously and moves init to top
of class.
2020-10-16 10:51:58 +11:00
Sam 110e9a455b
FEATURE: when we fail to ship topic timings attempt to retry (#10916)
* FEATURE: when we fail to ship topic timings attempt to retry

This change amends it so

1. Topic timings are treated as background requests and subject to more
 aggressive rate limits.

2. If we notice an error when we ship timings we back off exponentially

The commit allows 405, 429, 500, 501, 502, 503 and 504 errors to be retried.

500+ errors usually happen when self hosters are rebuilding or some other
weird condition.

405 happens when site is in readonly.
429 happens when user is rate limited.

The retry cadence is hardcoded in AJAX_FAILURE_DELAYS, longest delay is
40 seconds, we may consider enlarging it.

After the last delay passes we give up and do not write timings to the
server.

* Address feedback

- Omit promise, no need to use promises in sendNextConsolidatedTiming
- Correct issue where >= -1 was used and > -1 was intended
- Use objects for consolidated timings instead of Array
- Stop using shift/unshift and instead use push / pop which are faster

* Move consolidated timing initialization to constructor

* Remove TODO and just console.warn if we have an issue
2020-10-16 09:49:55 +11:00
Jeff Wong e9eeea26b2
DEV: rewrite _penalize without async (#10935)
* DEV: rewrite _penalize without async

async is not yet supported in object methods due to uglifyjs.
2020-10-15 11:48:13 -07:00
Penar Musaraj 5763309953
FEATURE: WCAG compliant color schemes (#10882)
Co-authored-by: Kris <kris.aubuchon@discourse.org>
2020-10-15 14:05:48 -04:00
Jeff Wong d68ad82a9e
FEATURE: add penalty options for take action (#10926)
* FEATURE: add penalty options for take action

Add the ability to silence or suspend users from the "take action"
button when moderators are flagging posts. This allows for a more streamlined
active moderation workflow, when moderating against a topic directly.
2020-10-15 10:48:52 -07:00
Joffrey JAFFEUX e062b94e7f
REFACTOR: merges redirectTo implementation into one function (#10919) 2020-10-15 19:26:05 +02:00
Robin Ward 51d10db7f2 REFACTOR: Import `visit` helper rather than using a global variable 2020-10-15 13:22:05 -04:00
Joffrey JAFFEUX da00c80e90
FIX: styleguide is only a parent url and is accessed with /styleguide (#10930) 2020-10-15 11:06:37 +02:00
Kris 5f26c36834
UX: Increase width & center category reorder input (#10928) 2020-10-15 14:42:42 +11:00
Jordan Vidrine e8ebaad771
FIX: Check for link target attribute on link clink (#10923)
* FEATURE: Add ability to add target to link

This commit will add the ability for a link's target attribute to be specified.

Allowing`target: "_blank"` to work properly.
2020-10-14 15:01:39 -05:00
jbrw 099bf97dca
Tag groups can belong to groups (#10854) 2020-10-14 13:15:54 -04:00
Jordan Vidrine e22370a8e1
FEATURE: Add category slug to body class on tag pages if it is part of a category (#10911)
This commit will add the category slug class to the body if the tag is a child of a category.

Currently, when visiting a tag topic list only the tag name is added to the body class.
2020-10-14 11:52:45 -05:00
Joffrey JAFFEUX 73d207a568
DEV: load styleguide assets only when needed (#10918) 2020-10-14 16:29:40 +02:00
Penar Musaraj 74de7a49f5
Simplify theme and color scheme seeding (#10872)
Now that we have support for user-selectable color schemes, it makes sense
to simplify seeding and theme updates in the wizard. 

We now:

- seed only one theme, named "Default" (previously "Light")
- seed a user-selectable Dark color scheme
- rename the "Themes" wizard step to "Colors"
- update the default theme's color scheme if a default is set
(a new theme is created if there is no default)
2020-10-14 10:18:02 -04:00
Krzysztof Kotlarek d77e31b7e9
FIX: sort using ruby to avoid N+1 queries (#10915)
We are using preload to load tags into topics. When later we try to use `order` or `pluck` it is causing N+1

Usually, topics don't have many tags so sorting using ruby should be reasonably performant.
2020-10-14 18:20:41 +11:00
Penar Musaraj 2b5ca8af12
FIX: Wizard theme preview when logo is missing (#10914)
Fixes empty theme previews in the wizard, a bug introduced by yours
truly in a4356b99af
2020-10-13 20:06:09 -04:00
Martin Brennan c3cede697d
FEATURE: Add weekly bookmark cleanup code (#10899)
When posts or topics are deleted we don't want to immediately delete associated bookmarks, so we have a grace period to recover them and their reminders if the post or topic is un-deleted. This PR adds a task to the Weekly scheduled job to go and delete bookmarks attached to posts or topics deleted > 3 days ago.
2020-10-14 09:38:57 +10:00
Justin DiRose 8c77b84aac
Revert "FEATURE: Upgrade analytics.js to gtag.js (#10893)" (#10910)
Reverting due to a few unforseen issues with customizations.
2020-10-13 12:20:41 -05:00
Justin DiRose f4034226c2
FEATURE: Upgrade analytics.js to gtag.js (#10893)
Per Google, sites are encouraged to upgrade from `analytics.js` to `gtag.js` for Google Analytics tracking. This commit updates core Discourse to use the new `gtag.js` API Google is asking sites to use. This API has feature parity with `analytics.js` but does not use trackers.
2020-10-13 11:24:06 -05:00
Roman Rizzi 108414e47c
DEV: Users must be able to see a topic to moderate it. (#10906)
Follows-up a8c47e7c. It makes more sense to check if the user can see the topic inside the `can_moderate?` method instead of doing it separately.
2020-10-13 13:03:14 -03:00
Mark VanLandingham b19e8ea206
FIX: Error messages from editing user being swallowed (#10908) 2020-10-13 10:37:33 -05:00
Jordan Vidrine 95a142741c
UX: New Topics Will Appear Here display changes (#10895)
* UI: No new topics changes
This commit changes the way the 'new topics will appear here' message displays.
2020-10-13 10:29:27 -05:00
Bianca Nenciu 25b8ed740b
DEV: Make site setting type uploaded_image_list use upload IDs (#10401)
It used to be a list of concatenated upload URLs which was prone to
break.
2020-10-13 16:17:06 +03:00
Joffrey JAFFEUX a73fd4227f
FIX: disabled option for sk was not working correctly (#10900)
Name was incorrect and it was only removing cursor events and not changing style.
2020-10-13 11:31:07 +02:00
Sam 32393f72b1
PERF: backoff background requests when overloaded (#10888)
When the server gets overloaded and lots of requests start queuing server
will attempt to shed load by returning 429 errors on background requests.

The client can flag a request as background by setting the header:
`Discourse-Background` to `true`

Out-of-the-box we shed load when the queue time goes above 0.5 seconds.

The only request we shed at the moment is the request to load up a new post
when someone posts to a topic.

We can extend this as we go with a more general pattern on the client.

Previous to this change, rate limiting would "break" the post stream which
would make suggested topics vanish and users would have to scroll the page
to see more posts in the topic.

Server needs this protection for cases where tons of clients are navigated
to a topic and a new post is made. This can lead to a self inflicted denial
of service if enough clients are viewing the topic.

Due to the internal security design of Discourse it is hard for a large
number of clients to share a channel where we would pass the full post body
via the message bus.

It also renames (and deprecates) triggerNewPostInStream to triggerNewPostsInStream

This allows us to load a batch of new posts cleanly, so the controller can
keep track of a backlog

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-10-13 16:56:03 +11:00
Kris c94defb35e
FIX: use new color variables in embed.scss, remove hardcoded colors (#10898) 2020-10-13 12:24:54 +11:00
Krzysztof Kotlarek e98eae6bc8
Revert "FIX: use new color variables in embed.scss, remove hardcoded colors (#10887)" (#10897)
This reverts commit a361f86c62.
2020-10-13 09:23:54 +11:00
Krzysztof Kotlarek 6be60b0ae5
FEATURE: respect tags_sort_alphabetically setting when display tags (#10889)
Currently, tag labels are displayed in random order.

They should be displayed in alphabetical or popularity order based on SiteSetting (tags_sort_alphabetically)

Meta: https://meta.discourse.org/t/how-to-apply-tag-sorts-by-popularity-to-topic-list-currently-it-seems-only-apply-to-tag-page/163186/7
2020-10-13 08:23:04 +11:00
Kris a361f86c62
FIX: use new color variables in embed.scss, remove hardcoded colors (#10887) 2020-10-12 16:27:58 -04:00
jbrw ac31fe8321
FEATURE - SiteSetting to disable user option to hide their profiles and presences (#10885)
* FEATURE - SiteSetting to disable user option to hide their profiles and presences
2020-10-09 17:18:44 -04:00
Robin Ward 195119b77c FIX: Observers weren't working on admin email logs
We were trying to observe a non-ember object which is undefined
behavior and was leaking to odd bugs. This replaces the `filter` object
with an Ember Object and things seem to work.
2020-10-09 16:27:22 -04:00
Robin Ward 3862036422 REFACTOR: Use imports for `sinon` and `setResolver`
I also took the opportunity with this commit to move some test specific
stuff out of `discourse-loader` which is loaded on the front end of the
application. The test module building now happens in the `test_helper`
bundle.
2020-10-09 13:54:54 -04:00
hawm d96b35b0f5 FIX: display correct reply count for crawler 2020-10-09 11:11:11 -04:00
Daniel Waterworth 721ee36425
Replace `base_uri` with `base_path` (#10879)
DEV: Replace instances of Discourse.base_uri with Discourse.base_path

This is clearer because the base_uri is actually just a path prefix. This continues the work started in 555f467.
2020-10-09 12:51:24 +01:00
David Taylor 5e3130ac26
FIX: Include subfolder base_path in web app manifest shortcuts (#10878) 2020-10-09 11:40:40 +01:00
Rafael dos Santos Silva 5157e3b6e3
FIX: Favicon count was not updated when window focus returned (#10875)
This misses a test because Favcount doesn't exposes a get to the counter.

Also, since this code deals with all possible notifications configs we support:

- favicon notification
- favicon new content
- title notification
- title new content

the code is a bit complicated to follow. We may look into refactoring it when a
good opportunity arises, like if https://w3c.github.io/badging/ setClientBadge() method
gives us a cleaner way to notify users.
2020-10-09 10:51:39 +11:00
Robin Ward 4a8f5dbfbd REFACTOR: Remove `.erb` file from javascript tests
We can't use erb in Ember CLI (since it does not have Ruby) so this has
been ported to use our `javascript:update_constants` rake test instead.

Note we don't have to run this every time a notification type as it's
only used by fixtures to fill in some specific types we test against.
2020-10-08 18:36:09 -04:00
Robin Ward ef7d99b0a8 REFACTOR: Move test setup to a module
This is long overdue. We had a lot of (not linted) code to initialize
our test suite as part of the Ruby `test_helper.js` bundle.

This refactor moves that out to a `setup-tests` module, which imports
all the modules properly, rather than using `require`.

It also removes the global `server` variable which some tests were using
for pretender. Those tests are fixed, and in the case of widget tests,
support for a `pretend()` was added, which mimics our acceptance tests.

One problematic test was removed, which overwrites `/posts` - this could
break tons of other tests depending on order.
2020-10-08 15:11:51 -04:00
Penar Musaraj 5130b4d674
Ignore disabled out-of-date remote themes (#10870)
No need to alert in admin dashboard about out of date remote themes
that are disabled.
2020-10-08 13:48:16 -04:00
David Taylor e47b847ac2
FIX: Use scope name when serializing UserApiKeys (#10871)
This issue was introduced in 1ba9b34b03, when the scopes were changed from an array of strings to a dedicated table
2020-10-08 18:12:24 +01:00
Joffrey JAFFEUX 8520096043
FIX: ensures insert hyperlink works with mailto (#10867)
The prefixing logic is moved into a `prefixProtocol` function in lib:url.

This commit also renames an incorrectly named test and uses https as default instead of http, in 2020 it's reasonable to think we most likely want https and not http. User can still specify http if required.
2020-10-08 13:16:07 +02:00
Joffrey JAFFEUX c3e8bc0280
FIX: ensures category chooser is working with non english char (#10866)
This commit is also moving one test to a component test.

A followup to this commit would be to ensure every dropdowns are using a regex instead of the normalize/lowercase system we have now.
2020-10-08 13:10:09 +02:00
Gerhard Schlager bdbee36961 DEV: Fix typo 2020-10-07 23:43:11 +02:00
Penar Musaraj 40460fa00a
FIX: missing SVG mask asset in wizard (#10856)
The dark-mode-friendly SVG mask for the wizard's background image
introduced in 8fcfb9586c does not work with
CDNs, because CORS restrictions apply to SVG masks.

It would be complicated to modify CDN access origin rules for this one
specific assets, so instead, this PR moves the contents of the SVG file
inside the stylesheet.
2020-10-07 16:23:14 -04:00
Robin Ward cee80b0e44 FIX: Group Requests loading was broken
We were referencing the wrong property, which meant the footer was
always being hidden and we were trying to load more requests when we'd
already loaded them all.

see:
https://meta.discourse.org/t/constant-loading-on-group-membership-request-tab/166284
2020-10-07 14:54:17 -04:00
Robin Ward 3e8561daaf REFACTOR: Some qunit `module` imports were missing
These are tricky because `module.exports` is used by nodejs files as a
global, which is OK. But we don't want to allow `module` in JS tests
for qunit without importing it first.
2020-10-07 13:25:25 -04:00
David Taylor 16daf3c986
FIX: Compare Jobs::UserEmail type argument as string (#10851)
In specs, symbols are passed through correctly. But in production, all arguments are provided to jobs as strings.

Followup to c0293339b8
2020-10-07 16:55:32 +01:00
Robin Ward 71d37953d5 REFACTOR: Import `QUnit` and related helpers rather than globals
We used many global functions to handle tests when they should be
imported like other libraries in our application. This also gets us
closer to the way Ember CLI prefers our tests to be laid out.
2020-10-07 11:50:49 -04:00
David Taylor c0293339b8
PERF: Do not enqueue digest emails when attempted recently (#10849)
Previously, Jobs::EnqueueDigestEmails would enqueue a digest job for every user, even if there are no topics to send. The digest job would exit, no email would send, and last_emailed_at would not change. 30 minutes later, Jobs::EnqueueDigestEmails would run again and re-enqueue jobs for the same users.

120fa8ad introduced a temporary mitigation for this issue, by randomly selecting a subset of those users each time.

This commit adds a new `digest_attempted_at` column to the `user_stats` table. This column is updated every time a digest job completes for a user. Using this, we can avoid scheduling digest jobs for the same user every 30 minutes. This also removes the random user selection in 120fa8ad, and instead prioritizes users who had digests attempted the longest time ago.
2020-10-07 15:30:38 +01:00
Sam 120fa8ad2f
PERF: Introduce absolute limit of digests per 30 minutes (#10845)
To avoid blocking the sidekiq queue a limit of 10,000 digests per 30 minutes
is introduced.

This acts as a safety measure that makes sure we don't keep pouring oil on
a fire.

On multisites it is recommended to set the number way lower so sites do not
dominate the backlog. A reasonable default for multisites may be 100-500.

This can be controlled with the environment var

DISCOURSE_MAX_DIGESTS_ENQUEUED_PER_30_MINS_PER_SITE
2020-10-07 17:30:15 +11:00
Martin Brennan 6e2be3e60b
FIX: When admin changes an email for the user the user must confirm the change (#10830)
See https://meta.discourse.org/t/changing-a-users-email/164512 for additional context.

Previously when an admin user changed a user's email we assumed that they would need a password reset too because they likely did not have access to their account. This proved to be incorrect, as there are other reasons a user needs admin to change their email. This PR:

* Changes the admin change email for user flow so the user is sent an email to confirm the change
* We now record who the email change request was requested by
* If the requested by user is admin and not the user we note this in the email sent to the user
* We also make the confirm change email route open to anonymous users, so it can be clicked by the user even if they do not have access to their account. If there is a logged in user we make sure the confirmation matches the current user.
2020-10-07 13:02:24 +10:00
Kane York 68e87bb58e
User export: profile as json, export auth token logs (#10819)
* FEATURE: Export the entire user profile as json, not just bio/website

* FEATURE: Add session log information to user export

Even though the columns are named 'auth_token' etc, the content is not actually usable to log into the forum with. Despite all that, it is still truncated for export, to avoid any 'token hash cracking' situations.
2020-10-06 15:51:53 -07:00
Joffrey JAFFEUX 7b34433fc2
REVERT: revert change from action + mut to mut (#10844)
* Revert "FIX: fixes regression where wizard dropdown couldn't update (#10838)"

This reverts commit e3b2fc6074.

* Revert "DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822)"

This reverts commit c0350dc362.
2020-10-06 23:50:05 +02:00
Roman Rizzi a8c47e7c7f
SECURITY: Ensure users can see the topic before setting a topic timer. (#10841) 2020-10-06 16:49:06 -03:00
Joffrey JAFFEUX e3b2fc6074
FIX: fixes regression where wizard dropdown couldn't update (#10838) 2020-10-06 13:33:37 -04:00
Arpit Jalan f4c7c7bff3
FEATURE: bulk remove tags (#10831)
https://meta.discourse.org/t/bulk-actions-remove-tags-in-addition-to-change-tags/52145
2020-10-06 22:41:55 +05:30
Penar Musaraj e175c467cc
DEV: Do not render header in wizard preview when logo is missing (#10835)
This can happen if a plugin skips the logo step of the wizard.
2020-10-06 12:08:41 -04:00
Joffrey JAFFEUX c0350dc362
DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822) 2020-10-06 17:17:45 +02:00
Penar Musaraj 4efbf8dc4f
Remove "further reading" step from wizard (#10825)
Instead, add link to top themes on meta in wizard's last step.
2020-10-05 15:06:05 -04:00
Robin Ward 39ad9a4734 REFACTOR: Support importing of `Pretender`
We shouldn't be using global variables for libraries.
2020-10-05 14:33:55 -04:00
Gerhard Schlager f30c5a5c3a REFACTOR: Removes double check of site setting in badge granter
...and uses `update!` because the result of `update` isn't used
2020-10-05 19:59:57 +02:00
Robin Ward 4dec7d85d0 REFACTOR: Removes `Discourse.SiteSettings` constant from tests
This does not work in the Ember CLI world.
2020-10-05 13:52:13 -04:00
Penar Musaraj a4356b99af
FEATURE: Separate base and heading font site_settings (#10807)
Allows site administrators to pick different fonts for headings in the wizard and in their site settings. Also correctly displays the header logos in wizard previews.
2020-10-05 13:40:41 -04:00
Bianca Nenciu bdfb370f19
FIX: Disallow email invites if enable_local_logins is disabled (#10805)
allowEmails used to always be set to true and did not use
can_invite_via_email, which checks for enable_local_logins.

It was a problem because on sites with local logins
disabled users were allowed to enter email addresses, but
received a generic error "error inviting that user".
2020-10-05 19:38:22 +03:00
Robin Ward 070fe7f45d FIX: Deprecated overwriting of computed property
We can set `hide` to true instead of overwriting the property on
dismiss.
2020-10-05 12:09:01 -04:00
Jarek Radosz cf44cdb082
FIX: Validate category name on parent change (#10815)
Previously, moving a category into another one, that already had a child category of that name (but with a non-conflicting slug) would cause a 500 error:

```
# PG::UniqueViolation:
#   ERROR:  duplicate key value violates unique constraint "unique_index_categories_on_name"
#   DETAIL:  Key (COALESCE(parent_category_id, '-1'::integer), name)=(5662, Amazing Category 0) already exists.
```

It now returns 422, and shows the same message as when you're renaming a category: "Category Name has already been taken".
2020-10-05 11:50:05 +02:00
Joffrey JAFFEUX 702f7a5a67
FIX: makes dashboard periods use current day and weekly 7 days (#10817)
Prior to this fix, weekly could be 8 days and we could have differences between period chooser text and actual results in the chart.

A good followup to this PR would be to add custom date ranges in period-chooser component.
2020-10-05 10:32:12 +02:00
Jarek Radosz 4b5358bb42
FIX: Preload uploads in groups#search to stop N+1 (#10814)
`BasicGroupSerializer` includes `flair_url` which uses `flair_upload` relation, so the N in N+1 in this case was the number of groups with flair in the forum.
2020-10-05 10:22:55 +02:00
Arpit Jalan 9b45391cf9
FEATURE: explain why invites are disabled to staff users (#10810)
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-03 13:05:26 +05:30
Penar Musaraj 97f34d7b71
FIX: Hide empty popular/recent sections in 404 page (#10811) 2020-10-02 15:11:15 -04:00
Robin Ward e363b113a8 FIX: Build was broken because uglify can't accept `let` or `const`
For now we can live with `var`.
2020-10-02 12:04:33 -04:00
Robin Ward 23f24bfb51 REFACTOR: Move javascript tests inside discourse app
This is where they should be as far as ember is concerned. Note this is
a huge commit and we should be really careful everything continues to
work properly.
2020-10-02 11:29:36 -04:00
Vinoth Kannan d0d61e4118
FIX: remove whitespaces around inline HTML tags next to text. (#10803) 2020-10-02 10:56:40 +05:30
Guo Xiang Tan 495c79da1a Revert "FIX: Use topic title headline in search menu result."
This reverts commit 4b8c15b857.

This breaks topic title for topic similar search.
2020-10-02 13:12:31 +08:00
Guo Xiang Tan 4b8c15b857 FIX: Use topic title headline in search menu result. 2020-10-02 09:04:54 +08:00
Krzysztof Kotlarek 5cf411c3ae
FIX: move hp request from /users to /token (#10795)
`hp` is a valid username and we should not prevent users from registering it.
2020-10-02 09:01:40 +10:00
Robin Ward 901ae1ddd1 FIX: Allow staff to use HTML in the category read only banner 2020-10-01 11:55:35 -04:00
Robin Ward 9f95511096 DEV: Add support for `api-initializers` to reduce boilerplate.
You can now create a file in your plugin/theme in the `api-initializers`
directory which has a simpler template than previous initializers.
Example:

```
// api-initializers/my-plugin.js
import { apiInitializer } from "discourse/lib/api";

export default apiInitializer("0.8", api => {
  console.log("hello world from api initializer!");
});
```
2020-09-30 16:05:44 -04:00
Arpit Jalan ff44515a18
FIX: better error message if invite is expired (#10783)
https://meta.discourse.org/t/invite-token-is-invalid/165270/5?u=techapj
2020-09-30 20:32:33 +05:30
Robin Ward 8945a752f2 FIX: Deprecation overwriting `translatedText` CP
This allows us to pass a `textParams` object for options that will be
translated via i18n.
2020-09-30 10:36:31 -04:00
Robin Ward eac5dfd1ef Update app/assets/javascripts/discourse/app/templates/components/share-popup.hbs
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2020-09-30 10:35:46 -04:00
Robin Ward 3d6d3e6cb1 REFACTOR: Remove deprecated `action="something"` attributes
In newer versions of Ember, `this.sendAction` is deprecated:

https://deprecations.emberjs.com/v3.x/#toc_ember-component-send-action

This patch removes most of our current uses (via `d-button`) but also
some other rogue `this.sendAction` calls too.
2020-09-30 10:35:46 -04:00
Martin Brennan 39b2fb8649
FIX: Invalid URLs could raise exceptions when calling UrlHelper.rails_route_from_url (#10782)
Upload.secure_media_url? raised an exceptions when the URL was invalid,
which was a issue in some situations where secure media URLs must be
removed.

For example, sending digests used PrettyText.strip_secure_media,
which used Upload.secure_media_url? to replace secure media with
placeholders. If the URL was invalid, then an exception would be raised
and left unhandled.

Now instead in UrlHelper.rails_route_from_url we return nil if there is something wrong with the URL.

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2020-09-30 15:20:00 +10:00
Jordan Vidrine 3d1ab601d0
UI: Remove background from group notifications of @mentions (#10775)
This commit removes the background color from group @mention notifications. This resolves visual contrast issues when 'unread' styles are applied.
2020-09-29 18:44:12 -05:00
Gerhard Schlager 9d4009b0e8
FIX: Use correct locale for error messages (#10776)
Error messages for exceeded rate limits and invalid parameters always used the English locale instead of the default locale or the current user's locale.
2020-09-29 21:42:45 +02:00
Robin Ward 4987d61448 FIX: We were overriding the `canCreateTopicOnCategory` computed property
It seems to be set everytime by the route so the old CP was not
required. This is not allowed in newer versions of ember.
2020-09-29 14:57:34 -04:00
Arpit Jalan 025490ecb9
FEATURE: composer option to reload page and force save draft (#10773) 2020-09-29 22:29:03 +05:30
Mark VanLandingham d8bf2810ff
DEV: Plugin api function to add saveable user fields (#10774) 2020-09-29 08:44:19 -07:00
Joffrey JAFFEUX de94506c1e
FIX: empty highlighted_languages resulted in ["", "auto", "nohighlight"] (#10772) 2020-09-29 14:34:46 +02:00
David Taylor 1ba9b34b03
DEV: Move UserApiKey scopes to dedicated table (#10704)
This has no functional impact yet, but it is the first step in adding more granular scopes to UserApiKeys
2020-09-29 10:57:48 +01:00
Arpit Jalan 91ac70a32d UX: increase input width on accept invite page. 2020-09-29 10:12:23 +05:30
awesomerobot ffdcac9dfc UX: Replace cog icon in user menu with user icon 2020-09-28 22:26:56 -04:00
Martin Brennan 4193eb0419
FIX: Respect force download when downloading secure media via lightbox (#10769)
The download link on the lightbox for images was not downloading the image if the upload was marked secure, because the code in the upload controller route was not respecting the dl=1 param for force download.

This PR fixes this so the download link works for secure images as well as regular ligthboxed images.
2020-09-29 12:12:03 +10:00
Penar Musaraj aca2697a42
UX: Don't truncate category names in search panel
But keep truncating long category names in hamburger menu.
2020-09-28 21:59:45 -04:00
Martin Brennan 3cd601dcc9
FIX: Admin change email for user process improvements and fixes (#10755)
See https://meta.discourse.org/t/changing-a-users-email/164512 for context.

When admin changes an email for a user, we were incorrectly sending the password reset email to the user's old address. Also the new email does not come into effect until the reset password process is done, so this PR adds some notes to the admin to make this clearer.
2020-09-29 09:45:45 +10:00
Arpit Jalan edad403049 UX: fix styling for posts and views advanced search 2020-09-28 21:44:33 +05:30
Joe 72361738d0
DEV: don't add username to share links when badges are disabled (#10730)
Context: https://meta.discourse.org/t/stop-appending-username-to-url-when-badge-system-disabled/164904

Share links for topics and posts have the current username appended to them when the user is logged in. 

If badges are disabled, those added usernames are not beneficial since they're only used to track progress towards certain badges. 

This PR makes two change. 

1. it moves the logic for the share link url to a centralized helper because it's shared in both topic and post models. 
2. it stops username params from being added to share links when badges are disabled.
2020-09-29 00:12:16 +08:00
Arpit Jalan f7940b1d20
FEATURE: advanced search option for max posts count (#10761)
This commit adds an option to search for max posts count and updates
the UI for posts count search to show a min/max range in single line.
2020-09-28 21:34:16 +05:30
Joffrey JAFFEUX c230d2e443
FIX: prevents scrollbar jumping in the emoji picker (#10749)
This was mostly due to `content-visibility: auto;` but setting the width/height is also a good practice.
2020-09-28 13:23:46 +02:00
Arpit Jalan 50d53508b1 UX: show range for advanced search views filter. 2020-09-28 16:07:44 +05:30
Arpit Jalan 4498c59085 FEATURE: add alias for min_post_count search filter 2020-09-28 16:07:44 +05:30
Krzysztof Kotlarek e7c72cd1e4
FIX: deprecate whitelist constants (#10716)
Deprecation of:
WHITELISTED_REDIRECT_HOSTNAMES
CUSTOM_INTERPOLATION_KEYS_WHITELIST
WHITELISTED_SVG_ELEMENTS
2020-09-28 13:52:05 +10:00
jjaffeux bab56fdb9d Revert "UX: Prevent categories from overflowing select-kit"
This reverts commit f1ac3cf888.
2020-09-26 22:14:52 +02:00
awesomerobot 6acd2ab7d4 UX: Allow horizontal scroll on mobile post buttons 2020-09-25 21:06:17 -04:00
awesomerobot 7c206b321f theme settings need some bottom margin 2020-09-25 20:34:29 -04:00
awesomerobot f1ac3cf888 UX: Prevent categories from overflowing select-kit 2020-09-25 19:31:41 -04:00
Mark VanLandingham b8015ab654
FIX: Dismiss unread respects tracked query param (#10714)
* WIP:  'dismiss...' respectes tracked query param

* Address review comments

* Dismiss new respects query params

* Remove comment

* Better variable name

* remove self
2020-09-25 12:39:37 -07:00
jbrw 4421820354
FIX: don’t include category in quote topic title, if present 2020-09-25 15:01:57 -04:00
Penar Musaraj f031869e08
UX: Center wizard vertically 2020-09-25 11:05:10 -04:00
Penar Musaraj ea59f43f6c
UX: Use pointer cursor for wizard buttons 2020-09-25 09:44:32 -04:00
Penar Musaraj b1692422b1
FEATURE: Support using system font in wizard font step (#10742)
Co-authored-by: Bianca Nenciu <nbianca@users.noreply.github.com>
2020-09-25 09:39:14 -04:00
Penar Musaraj 8fcfb9586c
FEATURE: Dark-mode-friendly wizard (#10739)
Co-authored-by: Jordan Vidrine <jordan@jordanvidrine.com>
2020-09-25 08:56:23 -04:00
Mark VanLandingham 1a29801e2d
UX: More upbeat message when topic list is empty (#10740) 2020-09-24 12:05:58 -07:00
Justin DiRose 82a18f125f
FIX: Don't skip the new user badge (#10743)
The NewUserOfTheMonth badge is part of the Badges::GettingStarted group. This group is skipped in BadgeGranter if the user skips the new user tips. However, the NewUserOfTheMonth badge granter job does not account for this. Instead, it notifies the user they've received the badge even if they did not.

This commit introduces a simple fix to allow granting of this badge even to users who skipped the new user tips.
2020-09-24 12:58:31 -05:00
David Taylor f1d64bbbe5
FEATURE: Add a site setting to control automatic auth redirect (#10732)
This allows administrators to stop automatic redirect to an external authenticator. It only takes effect when there is a single authentication method, and the site is login_required
2020-09-24 17:06:07 +01:00