Commit Graph

2103 Commits

Author SHA1 Message Date
Joffrey JAFFEUX 683cb28099
DEV: enforces ember-template-lint: no-triple-curlies (#9165)
This pr replaces `{{{ }}}` usage by a {{html-safe}} helper. While it doesn't solve the underlying issue, it gives us a path forward without risking breaking too much existing behavior.

Also introduces an htmlSafe computed macro:

```
import { htmlSafe } from "discourse/lib/computed";

htmlDescription: htmlSafe("description")
```

Overtime {{html-safe}} usage should be removed and moved to components properties or specialized components/helpers.
2020-03-11 09:23:10 +01:00
romanrizzi f795c1b8e8 Revert "DEV: enforces ember-template-lint: no-triple-curlies (#9150)"
This reverts commit d436b600fb.

Triple curlies are still necessary for some raw templates.
2020-03-10 15:00:12 -03:00
Joffrey JAFFEUX d436b600fb
DEV: enforces ember-template-lint: no-triple-curlies (#9150)
This pr replaces `{{{ }}}` usage by a {{html-safe}} helper. While it doesn't solve the underlying issue, it gives us a path forward without risking breaking too much existing behavior.

Also introduces an htmlSafe computed macro:

```
import { htmlSafe } from "discourse/lib/computed";

htmlDescription: htmlSafe("description")
```

Overtime {{html-safe}} usage should be removed and moved to components properties or specialized components/helpers.
2020-03-10 16:46:57 +01:00
Penar Musaraj 68328d2d64
DEV: Replace save-button partial with a component (#9066) 2020-03-10 09:37:54 -04:00
Roman Rizzi 826b4793c0
FEATURE: Approve suspect users is now true by default. The suspect users list was removed (#9151) 2020-03-10 08:56:42 -03:00
Joffrey JAFFEUX 78a6b76310
FIX: ensures pinned-options header is showing correct state (#9156) 2020-03-10 09:56:55 +01:00
Martin Brennan baea65e4bc
FIX: Embarassing algoriths typo -> algorithms for security keys (#9126) 2020-03-09 09:22:08 +10:00
Jarek Radosz 48ba65f406
DEV: Clean up Ember imports (#8979)
Includes:
* Import `computed` helpers
* Import `@ember/application`
* Import `isBlank` from `@ember/utils`
* Import `A` from `@ember/array`
* Import `EmberArray` from `@ember/array`
* Import `ArrayProxy` from `@ember/array/proxy`
* Import `warn` from `@ember/debug`
* Import `EmberObject` from `@ember/object`
* Import `Application` from `@ember/application`
* Import `EmberRouter` from `@ember/routing/router`
* Import `isPresent` from `@ember/utils`
* Import `computed` from `@ember/object`
* Import `guidFor` from `@ember/object`
* Import `isArray` from `@ember/array`
* Import `TextField` from `@ember/component`
* Import `TextArea` from `@ember/component`
* Import `Promise` from `rsvp`
* Import `Evented` from `@ember/object/evented`
* Replace deprecated `ember-addons/ember-computed-decorators` imports
2020-03-06 23:49:28 +01:00
Joffrey JAFFEUX 29c9d8a133
FIX: uses only global allow_uncategorized_topics for category drop (#9130) 2020-03-06 20:11:21 +01:00
Jeff Wong 86690155b3
FEATURE: prevent accidental canceling when drafting penalties (#9129)
Pop up a confirmation box when there is input. This prevents accidental closing
of the dialog boxes due to clicking outside.

This adds a development hook on modals in the form of a `beforeClose`
function. Modal windows can abort the close if the funtion returns false.

Additionally fixing a few issues with loop and state on the modal popups:

Escape key with bootbox is keyup.
Updating modal to close on keyup as well so escape key is working.
Fixes an issue where pressing esc will loop immediately back to the modal by:
keydown -> bootbox -> keyup -> acts as "cancel", restores modal

Needs a next call to reopenModal otherwise, keyup is handled again by the modal.
Fixes an issue where pressing esc will loop immediately back to the confirm:
esc keyup will be handled and bubble immediately back to the modal.

Additionally, only handle key events when the #discourse-modal is visible.
This resolves issues where escape or enter events were being handled by
a hidden modal window.
2020-03-06 09:36:56 -08:00
Martin Brennan 29ccdf5d35
FIX: Show a nicer error if name/code missing for TOTP/Security Keys (#9124)
Meta: https://meta.discourse.org/t/improve-error-message-when-not-including-name-setting-up-totp/143339

* when the user creates a TOTP second factor method we want
to show them a nicer error if they forget to add a name
or the code from the app, instead of the param missing error
* also add a client-side check for this and for security key name,
no need to bother the server if we can help it
2020-03-06 14:37:40 +10:00
Jeff Wong 6fe91bbbbb
Revert "FEATURE: prevent accidental canceling when drafting penalties (#9105)" (#9122)
This reverts commit 243284f998.

There are some issues in how the JS tests interact that I will need to figure out here before this can be merged.
2020-03-05 17:29:51 -08:00
Jeff Wong 243284f998
FEATURE: prevent accidental canceling when drafting penalties (#9105)
Pop up a confirmation box when there is input. This prevents accidental closing
of the dialog boxes due to clicking outside.

This adds a development hook on modals in the form of a `beforeClose`
function. Modal windows can abort the close if the funtion returns false.

Additionally fixing a few issues with loop and state on the modal popups:

Escape key with bootbox is keyup.
Updating modal to close on keyup as well so escape key is working.
Fixes an issue where pressing esc will loop immediately back to the modal by:
keydown -> bootbox -> keyup -> acts as "cancel", restores modal

Needs a next call to reopenModal otherwise, keyup is handled again by the modal.
Fixes an issue where pressing esc will loop immediately back to the confirm:
esc keyup will be handled and bubble immediately back to the modal.

Additionally, only handle key events when the #discourse-modal is visible.
This resolves issues where escape or enter events were being handled by
a hidden modal window.
2020-03-05 15:55:35 -08:00
Martin Brennan 3e54e0191e
FIX: Use full URL for secure attachments when secure media enabled (#9037)
When secure media is enabled and an attachment is marked as secure we want to use the full url instead of the short-url so we get the same access control post protections as secure media uploads.
2020-03-04 10:11:08 +11:00
Martin Brennan 0df72a51b8
FIX: Stop infinite lookup-urls issue for video/audio on page (#9096)
Meta report: https://meta.discourse.org/t/excessive-requests-to-uploads-lookup-urls-leading-to-429-response/143119

* The data-orig-src attribute was not being removed from cooked
video and audio so the composer was infinitely trying to get the
URLs for them, which would never resolve to anything
* Also the code that retrieved the short URL was unscoped, and was
getting everything on the page. if running from the composer we
now scope to the preview window
* Also fixed a minor issue where the element href for the video
and audio tags was not being set when the short URL was found
2020-03-03 15:44:01 +11:00
Jarek Radosz 4da357e378
DEV: Use async functions in tests (#9087)
This change both improves readability and fixes potential race-condition issues where promises were nested instead of being chained.

Also includes:
* Use arrow functions and Promise shorthands
* Remove the obsolete `asyncTestDiscourse` helper
2020-03-02 21:20:19 +01:00
Robin Ward a653737a66
FIX: Add aria-labels to topic list items (#9048)
* FIX: Add aria-labels to topic list items

Before this fix you could navigate the topic list using a screen reader
and a keyboard but some of the items were not as descriptive as they
could be. The newly added labels make it easier to understand what you
are tabbing over.

context:
https://meta.discourse.org/t/accessibility-aria-attributes-are-not-defined-for-links-under-replies-category/142539

* Update app/assets/javascripts/discourse/lib/utilities.js.es6

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* Multiline fix

* Fix more tests

Co-authored-by: Régis Hanol <regis@hanol.fr>
2020-03-02 14:28:54 -05:00
Mark VanLandingham 176aa0ac7d
DEV: Import pretender instead of global server var (#8996)
* DEV: Remove server global test variable

* Delete yarn-error.log

* prettier and some eslint fixes

* add global server variable back for plugins

* rename imported server to pretender

* prettier

* support plugin server. usage

* Export pretender as named

* Prettier

* change default pretender export

* fix bad import

* Use pretender() and original default export

* export new Pretender as default

* fix accidental change

* WIP testing

* add pretend handlers in correct location

* move more stuff into the correct pretender

* Consolidated more pretenders

* comment out another bad test

* fix user acceptance tests

* commented out bad test

* fixed another composer server stub

* fix more tests

* fixed tag test pretender

* Fix admin email test

* removed another draft handler

* add back test

* fix and uncomment another test

* remove test that is not useful

* remove commented out lines

* reapply handlers between every test

* no need to re-stub requests now :)

* cleanup from review

* more cleanup
2020-03-02 14:24:31 -05:00
Joffrey JAFFEUX ed85cfe141
FIX: prevents click on sk header to bubble (#9084) 2020-03-02 20:06:02 +01:00
Joffrey JAFFEUX 2db8ada222
FIX: ensures category url of category drop is built using slug and id (#9069) 2020-02-28 17:58:22 +01:00
Mark VanLandingham 337b823ec6
Merge pull request from GHSA-vw39-6w7q-gfx5
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-02-27 11:47:15 -06:00
Penar Musaraj d6a603cc50
FIX: Translate none-tag and all-tags labels in tag filter (#9030)
* FIX: Translate none-tag and all-tags labels in tag filter
* Add test
2020-02-25 07:57:24 +11:00
Joffrey JAFFEUX f336aeee6f
FIX: ensures scoped search category is searching in all categories (#9031) 2020-02-24 19:19:53 +01:00
Joffrey JAFFEUX 69a2ad626b
FIX: ensures group automatic membership dropdown works (#9022)
This commit also fixes a deprecation warning as the previous  component was overriding a computed property from the group model.

Finally a test has been added as this is the only place where we use list-setting outside of the settings, this was highly subject to regressions.
2020-02-21 22:14:24 +01:00
Joffrey JAFFEUX 0b0290cddb
FIX: muted was not working in topic timeline (#9021) 2020-02-21 21:32:58 +01:00
Joffrey JAFFEUX cb69e89d7c
FIX: correctly shows suggested topics label (#9017) 2020-02-21 12:35:49 +01:00
Joffrey JAFFEUX e807dff6fc
FIX: ensures mini-tag-chooser is respecting max_tags_per_topic (#9018) 2020-02-21 12:16:05 +01:00
Martin Brennan 3af2670bd5
FIX: Consider webp a supported image format for upload (#9015)
* Also fixes an issue where if webp was a downloaded hotlinked
  image and then secure + sent in an email, it was not being
  redacted because webp was not a supported media format in
  FileHelper
* Webp originally removed as an image format in
  https://github.com/discourse/discourse/pull/6377
  and there was a spec to make sure a .bin webp
  file did not get renamed from its type to webp.

  However we want to support webp images now to make
  sure they are properly redacted if secure media is
  on, so change the example in the spec to use tiff,
  another banned format, instead
2020-02-21 13:08:01 +10:00
Joffrey JAFFEUX 74f2d48018
FIX: makes setting-object capable of defining value/name properties itself (#9003) 2020-02-19 10:01:21 +01:00
Roman Rizzi 99305511bc
DEV: Remove unused BreakString class (#8942) 2020-02-14 15:32:59 -03:00
Robin Ward d51107e2c9 FIX: If a group is unmentionable, don't render it as mentionable
Now if a group is visible but unmentionable, users can search for it
when composing by typing with `@`, but it will be rendered without the
grey background color.

It will also no longer pop up a JIT warning saying "You are about to
mention X people" because the group will not be mentioned.
2020-02-14 12:29:56 -05:00
Penar Musaraj 89d9704194 FIX: value-list choices when removing a value
Fixes an issue where choices were broken when removing an item from the value-list component.

Adds test case for this scenario.
2020-02-14 11:21:06 -05:00
David Taylor ce588006e3
DEV: Update the site title in qunit fixtures (#8959)
This confuses me every time I run qunit tests in the browser. The tab is labelled Meta, but it's not meta! This change has no functional impact on the tests
2020-02-14 11:30:04 +00:00
Dan Ungureanu 09edde8ef7
DEV: Add test (#8961)
Follow-up to 67c9940d72.
2020-02-14 10:19:57 +02:00
Joffrey JAFFEUX 6405159484
FEATURE: adds a new plugin api to decorate plugin outlets (#8937)
```
api.decoratePluginOutlet(
  "discovery-list-container-top",
  elem => {
    if (elem.classList.contains("foo")) {
      elem.style.backgroundColor = "yellow";
    }
  }
);
```
2020-02-13 23:44:34 +01:00
David Taylor 8d50f092b5
DEV: Use classes for styling user and group cards (#8913)
Styling based on element-ids, it is impossible for themes/plugins to display multiple cards on a single page. Using classes is a more flexible approach. The element-ids are maintained for backwards compatibility with existing plugins/themes.
2020-02-13 09:58:17 +00:00
Joffrey JAFFEUX 42bda52486
FIX: ensures select-kit can select a row with 0 as value (#8955) 2020-02-13 09:04:32 +01:00
Martin Brennan e1e74abd4f
FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954)
### UI Changes

If `SiteSetting.enable_bookmarks_with_reminders` is enabled:

* Clicking "Bookmark" on a topic will create a new Bookmark record instead of a post + user action
* Clicking "Clear Bookmarks" on a topic will delete all the new Bookmark records on a topic
* The topic bookmark buttons control the post bookmark flags correctly and vice-versa
Disabled selecting the "reminder type" for bookmarks in the UI because the backend functionality is not done yet (of sending users notifications etc.)

### Other Changes

* Added delete bookmark route (but no UI yet)
* Added a rake task to sync the old PostAction bookmarks to the new Bookmark table, which can be run as many times as we want for a site (it will not create duplicates).
2020-02-13 16:26:02 +10:00
Penar Musaraj efa9ba4975
UX: Prevent category-drop topic count from wrapping to new line (#8943) 2020-02-12 14:34:16 -05:00
Dan Ungureanu ecaf2c2f4e
FIX: Make category slug validation less strict (#8915)
This was changed recently and caused issues saving old categories which
already had digits at the beginning of the slug (for example, '30-days').
2020-02-11 17:01:12 +02:00
Joffrey JAFFEUX 9d50e1b40f
DEV: introducing user-chooser (#8910) 2020-02-11 15:54:56 +01:00
Martin Brennan 7ff58f1787
FIX: Disable preloading audio + video when secure media enabled (#8922)
Meta topic: https://meta.discourse.org/t/secure-media-uploads-expire/140894

This fixes the issue where if secure media was enabled, audio
and video files would do an initial load using the presigned
URL for the media to get metadata information e.g. duration of
track/video. However this started the expiry countdown for the
URL, so when a user pressed play on the media after 15 seconds
the media would be expired and AWS would return a 403 error.

We do not preload media if secure media is enabled. Otherwise
we just set the preload type to "metadata" which is the browser
default anyway.
2020-02-11 11:49:58 +10:00
Joffrey JAFFEUX f5f4ce90c1 DEV: adds afterRender decorator (#8864) 2020-02-10 08:13:13 +01:00
Bianca Nenciu 88a4d5a2c1
FIX: Properly convert quotes to Markdown (#8808)
* FIX: Properly convert quotes to Markdown

When quoting a quote it used to convert the quote header, including the
user avatar and username, into a image and some text and then the
contents. This also caused issues when quoting full paragraphs (or when
selecting paragraphs by triple-clicking) because the user avatar and
name from the following quote would also be included.

This commit implements the support necessary to convert
<aside class="quote"> elements to proper Discourse quotes.
2020-02-07 16:25:23 +01:00
Dan Ungureanu 2a884e25be
DEV: Make image resize controls more resilient (#8867)
Commit aa24be1 made it possible to build data attributes from image's
Markdown and this changes ensure that the resize controls still work
when data attributes are present.
2020-02-06 17:19:24 +02:00
Mark VanLandingham 499b57a9ed
DEV: Ember linting - disallow Ember.* variable usage (#8782) 2020-02-05 10:14:42 -06:00
Mark VanLandingham c8a02161dd
FIX: Warn users of overwriting new topic draft (#8841) 2020-02-04 09:59:56 -06:00
Jarek Radosz 4ab696dd2f
DEV: Add the `@action` decorator (#8836)
This also enables`@action` use in plugin connectors.

Setting `actions` earlier allows `setupComponents` to use them, for example, when setting up event listeners.
2020-02-04 11:42:25 +01:00
Penar Musaraj 6301477b4c FIX: Make dropdown custom user fields compatible with select-kit 2 2020-02-03 13:19:38 -05:00
Joffrey JAFFEUX 0431942f3d
DEV: select-kit 2 (#7998)
This new iteration of select-kit focuses on following best principales and disallowing mutations inside select-kit components. A best effort has been made to avoid breaking changes, however if you content was a flat array, eg: ["foo", "bar"] You will need to set valueProperty=null and nameProperty=null on the component.

Also almost every component should have an `onChange` handler now to decide what to do with the updated data. **select-kit will not mutate your data by itself anymore**
2020-02-03 14:22:14 +01:00