Commit Graph

48629 Commits

Author SHA1 Message Date
Penar Musaraj 57fe57e7ce
FIX: URL fragments not purging (#19324)
Fixes issue introduced in commit 2704a02e3a. Once a user visited an in-page anchor, that URL "stuck" in the browser's address bar. See also https://meta.discourse.org/t/anchors-url-not-purge-when-page-changed/244484 for a detailed report.
2022-12-06 09:52:59 -05:00
Bianca Nenciu e5a18dddac
FIX: Update match_count of screened IP address (#19321)
When a screened IP address is matched because it is either blocked or
allowed it should update match_count. This did not work because it
tried to validate the IP address and it failed as it matched with
itself.
2022-12-06 13:09:38 +02:00
Martin Brennan e6f9504dd6
FEATURE: Allow user_status scope for UserApiKey (#19296)
Follow-up to 6357a3ce33
where we allowed a general API key scope for user status
GET/PUT/DELETE, this commit allows the same for the
UserApiKey system.
2022-12-06 08:56:03 +10:00
Martin Brennan 22a55ef0ce
DEV: Add messages_count to ChatChannel table (#19295)
This commit adds the messages_count column for ChatChannel messages,
which is the number of not-deleted messages in the channel.

This is not updated every time a message is created or deleted in a
channel, so it should not be displayed in the UI.
It is updated eventually via Jobs::ChatPeriodicalUpdates, which
will have additional functions in future after being introduced
here.

Also update these counts for existing channels in a post migration.
2022-12-06 08:40:46 +10:00
dependabot[bot] ea542d632a
Build(deps): Bump timeout from 0.3.0 to 0.3.1 (#19325)
Bumps [timeout](https://github.com/ruby/timeout) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/ruby/timeout/releases)
- [Commits](https://github.com/ruby/timeout/compare/v0.3.0...v0.3.1)

---
updated-dependencies:
- dependency-name: timeout
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:01:32 +08:00
dependabot[bot] 1ab465f1fe
Build(deps): Bump uri from 0.11.0 to 0.12.0 (#19326)
Bumps [uri](https://github.com/ruby/uri) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/ruby/uri/releases)
- [Commits](https://github.com/ruby/uri/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: uri
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:01:25 +08:00
dependabot[bot] 11b324cd09
Build(deps): Bump digest from 3.1.0 to 3.1.1 (#19327)
Bumps [digest](https://github.com/ruby/digest) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby/digest/releases)
- [Commits](https://github.com/ruby/digest/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: digest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:01:13 +08:00
dependabot[bot] 990c156fd5
Build(deps): Bump json from 2.6.2 to 2.6.3 (#19328)
Bumps [json](https://github.com/flori/json) from 2.6.2 to 2.6.3.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.6.2...v2.6.3)

---
updated-dependencies:
- dependency-name: json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:00:50 +08:00
dependabot[bot] eb2ec1e811
Build(deps): Bump net-protocol from 0.1.3 to 0.2.0 (#19330)
Bumps [net-protocol](https://github.com/ruby/net-protocol) from 0.1.3 to 0.2.0.
- [Release notes](https://github.com/ruby/net-protocol/releases)
- [Commits](https://github.com/ruby/net-protocol/compare/v0.1.3...v0.2.0)

---
updated-dependencies:
- dependency-name: net-protocol
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:00:22 +08:00
dependabot[bot] 57ef622d8e
Build(deps): Bump racc from 1.6.0 to 1.6.1 (#19331)
Bumps [racc](https://github.com/tenderlove/racc) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/tenderlove/racc/releases)
- [Changelog](https://github.com/ruby/racc/blob/master/ChangeLog)
- [Commits](https://github.com/tenderlove/racc/compare/v1.6.0...v1.6.1)

---
updated-dependencies:
- dependency-name: racc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 05:59:45 +08:00
Alan Guo Xiang Tan ff40c890ac
DEV: Correct order of triggering topic trashed and recovered event (#19313)
Previously we would trigger the event before the `Topic#deleted_at`
column has been updated making it hard for plugins to correctly work
with the model when its new state has not been persisted in the
database.
2022-12-06 05:56:16 +08:00
Joffrey JAFFEUX cc769ac916
FIX: new message brings a direct message channel to the top (#19332)
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-12-05 22:49:42 +01:00
Joffrey JAFFEUX 1d42cc94a2
FIX: nullify active channel only when not on a chat channel (#19319)
This would nullify the active channel when going from channel settings page to the channel.
2022-12-05 22:42:35 +01:00
Isaac Janzen 04acee5de3
Fix timeline admin menu button spacing (#19322) 2022-12-05 12:41:24 -06:00
Blake Erickson 738f1958d8
FIX: Only modify secured sidebar links on user promotion/demotion (#19141)
* FIX: Only modify secured sidebar links on user promotion/demotion

If a user is created populate their sidebar with the default
categories/tags that they have access to.

If a user is promoted to admin populate any new categories/tags that
they now have access to.

If an admin is demoted remove any categories/tags that they no longer
have access to.

This will only apply for "secured" categories. For example if these are
the default sitebar categories:

- general
- site feedback
- staff

and a user only has these sidebar categories:

- general

when they are promoted to admin they will only receive the "staff"
category. As this is a default category they didn't previously have
access to.

* Add spec, remove tag logic on update

Change it so that if a user becomes unstaged it used the "add" method
instead of the "update" method because it is essentially following the
on_create path.

On admin promotion/demotion remove the logic for updating sidebar tags because
we don't currently have the tag equivalent like we do for User.secure_categories.

Added the test case for when a user is promoted to admin it should
receive *only* the new sidebar categories they didn't previously have
access to. Same for admin demotion.

* Add spec for suppress_secured_categories_from_admin site setting

* Update tags as well on admin promotion/demotion

* only update tags when they are enabled

* Use new SidebarSectionLinkUpdater

We now have a SidebarSectionLinkUpdater
that was introduced in: fb2507c6ce

* remove empty line
2022-12-05 11:39:10 -07:00
Bianca Nenciu 93859037ef
FEATURE: Improve composer warnings for mentions (#18796)
* FEATURE: Show warning if group cannot be mentioned

A similar warning is displayed when the user cannot be mentioned because
they have not been invited to the topic.

* FEATURE: Resolve mentions for new topic

This commit improves several improvements and refactors
/u/is_local_username route to a better /composer/mentions route that
can handle new topics too.

* FEATURE: Show warning if only some are notified

Sometimes users are still notified even if the group that was mentioned
was not invited to the message. This happens because its members were
invited directly or are members of other groups that were invited.

* DEV: Refactor _warnCannotSeeMention
2022-12-05 20:22:05 +02:00
Isaac Janzen b46a7b51f7
DEV: htmlSafe timeline topic title (#19320) 2022-12-05 11:31:57 -06:00
Bianca Nenciu 7d7551adfc
DEV: Remove user options from current user serializer (#19089)
User options were serialized at the root level of CurrentUserSerializer,
but UserSerializer has a user_option field. This inconsistency caused
issues in the past because user_option fields had to be duplicated on
the frontend.
2022-12-05 18:25:30 +02:00
Joffrey JAFFEUX 68c4f16a73
FEATURE: channels can allow/disallow @all/@here mentions (#19317)
The settings tab of each category channel should now present the option to allow or disallow channel wide mentions: @here and @all.

When disallowed, using these mentions in the channel should have no effect.
2022-12-05 17:03:51 +01:00
Ayke Halder 569299b7a9
DEV: use structured data in topic-list for referencing only (#16235)
This simplifies the ItemList to only be a point of reference to the
actual DiscussionForumPosting objects.

See "Summary page": https://developers.google.com/search/docs/advanced/structured-data/carousel?hl=en#summary-page

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2022-12-05 18:00:32 +02:00
David Taylor f06be7d295
DEV: Fix multiple set-cookie through Ember-CLI proxy (#19316)
The `Set-Cookie` header is an exceptional case where multiple values are allowed, and should not be joined into a single header. Because of its browser-focussed origins (where set-cookie is not visible), `fetch()` does not have a clean API for this. Instead we have to access the `raw()` data.

This fixes various authentication-related issues when developing via the Ember CLI proxy.
2022-12-05 15:01:55 +00:00
Kris 6d1de26279
UX: refactor & update small post styles (#19274) 2022-12-05 09:54:29 -05:00
Penar Musaraj 1245743595
FIX: Don't force show topic map on non-first posts (#19302)
By default, the topic map in the OP shows only if there are replies.
Some themes may want to show it at all times, and to do so, they can
use the API via `api.includePostAttributes('topicMap');`.

But this was including the topic map in every post. This change ensures
that attribute is only set for the first post (and it only affects that
API endpoint).
2022-12-05 15:42:32 +01:00
Natalie Tay d2c5c65e29
DEV: Remove unused i18n keys (#19312) 2022-12-05 22:01:54 +08:00
Joffrey JAFFEUX 105f38c04a
FIX: ensures chat channel metadata date is updated (#19314) 2022-12-05 14:47:01 +01:00
David Taylor 3c6bd97efe
DEV: Document `ALLOW_EMBER_CLI_PROXY_BYPASS` in error page (#19315) 2022-12-05 13:44:16 +00:00
dependabot[bot] cc88e9fdda
Build(deps): Bump decode-uri-component in /app/assets/javascripts (#19311)
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:39:50 +01:00
dependabot[bot] 8034614dd3
Build(deps): Bump terser in /app/assets/javascripts (#19309)
Bumps [terser](https://github.com/terser/terser) from 5.16.0 to 5.16.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/5.16.0...v5.16.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:39:00 +01:00
dependabot[bot] 3df6a2bca9
Build(deps): Bump eslint in /app/assets/javascripts (#19307)
Bumps [eslint](https://github.com/eslint/eslint) from 8.28.0 to 8.29.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.28.0...v8.29.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:31:33 +08:00
Alan Guo Xiang Tan 02f48414b8
FEATURE: Add experimental plugin API to register messages nav dropdown (#19294)
This commit also removes the `user-messages-nav` plugin outlet without
deprecation in the redesigned user page navigation.
2022-12-05 12:31:09 +08:00
Krzysztof Kotlarek 425bebb337
FIX: user menu bug when transit from narrow screen (#19310)
When narrow screen is enable and hamburgerVisible is set to true, transition to wide screen is breaking user-menu button.

We need to reset hamburgerVisible and domClean is a great way to achieve it.
2022-12-05 14:44:50 +11:00
dependabot[bot] 54424640e6
Build(deps-dev): Bump selenium-webdriver from 4.6.1 to 4.7.1 (#19308)
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.6.1 to 4.7.1.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 10:21:49 +08:00
Jarek Radosz 5c9bb73ffe
DEV: Remove discobot pm scrolling code (#19300)
1. Originally the feature did "Scroll to new posts when user is near bottom of PM" (74e1889924)
2. Then that feature was limited to "Only scroll to posts that are not your own in PMs." (4a26561927)
3. It was limited further to "Only scroll PMs on new message" (eaf7746ec9)
4. And later to "only scroll to bottom for discobot" (267d129f38)
5. And the code was relegated to new-user-narrative plugin (48b7696dbc)

I don't think it's worth it to keep this scrolling code just for this very small specific case.

This did potentially confict with other post scrolling code, and also using `modifyClass` is something we'd like to avoid.
2022-12-03 18:35:54 +01:00
maiki a72c9b96ab
UX: add target to start discussion link (#19291) 2022-12-02 13:52:40 -08:00
Joffrey JAFFEUX 801b3f087f
FIX: deactivate is not called in every cases (#19301)
Resets active channel each time we transition through "chat" route.
2022-12-02 18:28:15 +01:00
Jarek Radosz ef31c7df63
DEV: Remove unused new-user-narrative code (#19299)
This method override was misnamed from the beginning and nobody noticed that this special bookmark handling was missing so…
2022-12-02 17:46:49 +01:00
Joffrey JAFFEUX add6c671d6
DEV: glimmerify chat-channel-row (#19287) 2022-12-02 16:57:35 +01:00
Selase Krakani fbd6c300d2
SECURITY: Restrict unlisted topic creation (#19258) 2022-12-02 15:55:17 +00:00
David Taylor 666fd43c37
FIX: Include CDN in result of `avatarUrl` helper (#19298)
Consumers of this utility function (e.g. the chat sidebar) expect to be able to use the resultant URL without any further transformations. Previously, it was only returning the user_avatar path without any CDN consideration. This commit ensures the result will include the app CDN URL when enabled.
2022-12-02 11:39:08 +00:00
David Taylor f8aec41678
DEV: Update cache lifetime in user_avatars spec (#19297)
Followup to badd64ceee
2022-12-02 10:34:08 +00:00
David Taylor badd64ceee
PERF: Add GlobalSetting to redirect avatars instead of proxying (#19281)
When uploads are stored on S3, by default Discourse will fetch the avatars and proxy them through to the requesting client. This is simple, but it can lead to significant inbound/outbound network load in the hosting environment.

This commit adds an optional redirect_avatar_requests GlobalSetting. When enabled, requests for user avatars will be redirected to the S3 asset instead of being proxied. This adds an extra round-trip for clients, but it should significantly reduce server load. To mitigate that extra round-trip for clients, a CDN with 'follow redirect' capability could be used.
2022-12-02 10:07:25 +00:00
GeckoLinux cc5b4cd49a
FIX: change drupal permalink creation to use /node/
Drupal URL scheme for nodes begins with `/node/` , not `/topic/` .
2022-12-02 16:03:00 +11:00
Penar Musaraj 4c037b9ba3
UX: Improve UI of group delete dialog (#19292) 2022-12-02 12:01:25 +08:00
Selase Krakani a65c3ba079
FIX: Fix failing spec caused by unpersisted user instance (#19288)
Active Record's `to_sql` method seems to return an empty string instead
of the expected SQL query when called on a query involving an
unpersisted model instance.

This replaces the admin `user` used in the specs with a persisted instance.
2022-12-02 03:28:05 +00:00
Alan Guo Xiang Tan 9b5bc60325
DEV: Simplify new user page nav messages dropdown. (#19289)
With the refactoring of the user messages routes in
4da2e3fef4, we can now depend on the top
level routes like `userPrivateMessages.user`, `userPrivateMessages.group` and `userPrivateMessages.tags`
to determine what the active value for the dropdown should be which
greatly simplifies the logic.
2022-12-02 10:02:04 +08:00
Martin Brennan 7212a2ad51
FIX: Ensure chat channel slug uniqueness at DB level (#19277)
There must have been a small loophole that allowed
setting the channel slug in the DB which has led to
conflicts in some cases.

This commit fixes the conflicting chat channel
slugs and then changes the channel slug index
to a unique one in the DB.
2022-12-02 11:15:43 +10:00
Jeff Wong f0c8bc9e4d DEV: handle ember-cli test proxying for relative roots
Allow tests to be able to be found and run
when DISCOURSE_RELATIVE_ROOT is set.
2022-12-01 17:08:13 -08:00
Martin Brennan 8437081d94
FIX: Add MessageBust.last_id to chat channel subscriptions (#19255)
This commit adds variousMessageBus.last_ids to serializer payloads
for chat channels and the chat view (for chat live pane) so
we can use those IDs when subscribing to MessageBus channels
from chat.

This allows us to ensure that any messages created between the
server being hit and the UI loaded and subscribing end up being
delivered to the client, rather than just silently dropped.

This commit also fixes an issue where we were subscribing to
the new-messages and new-mentions MessageBus channels multiple
times when following/unfollowing a channel multiple times.
2022-12-02 10:57:53 +10:00
Alan Guo Xiang Tan a2cec6366f
DEV: Port `user-private-messages` controller to native class (#19285) 2022-12-02 07:02:04 +08:00
Jeff Wong 7658765736 FIX: relative URL routing on ember-cli only page 2022-12-01 14:47:48 -08:00