Commit Graph

2103 Commits

Author SHA1 Message Date
Dan Ungureanu b643526d9a
FIX: Do not autocomplete categories or emojis in code blocks (#8433)
Emojis and category autocomplete show up often when writing code
snippets, which makes it easy to insert unwanted text by mistake.
2019-12-02 18:48:40 +02:00
Robin Ward 5df719a3c2 FEATURE: Support pasting a list of usernames into a PM
This allows you to paste multiple usernames into a PM's recipient list
at once. It supports usernames separated by spaces, commas, and new lines.
2019-12-02 11:28:09 -05:00
Daniel Waterworth 374534f00e DEV: Use category ids in URLs preferentially 2019-12-02 09:28:15 +00:00
Robin Ward 7fee3c61de
Support for custom messages and redirects when creating posts (#8434)
* Support for custom messages and redirects when creating posts

When a post/topic is created Discourse serializes a `NewPostResult`
object. Normally this contains a status like `created_post` or
errors describing why the post could not be created.

There are times when a plugin might want to take the inputted post
and do something in the background. In this case, the plugin
can return a custom `message` and `route_to` attribute in the
`NewPostResult`.

If present, the message will be displayed in an alert, and when "Ok" is
clicked the user will be routed to the new URL.

* Destroy the draft in parallel
2019-11-29 09:30:54 -05:00
Blake Erickson fac91a9e71 DEV: Remove unnecessary watched word test
This test is longer needed now that we are using handlebars which
provides escaping by default.

Follow up to 2bb36d72a3

and bb31e7f5b6
2019-11-27 17:42:22 -07:00
Blake Erickson 2bb36d72a3 DEV: Fix failing test on CI due to whitespace differences
I could not replicate the failure locally, but it was consistently
failing on CI with:

```
  Assertion Failed: it should escape watched words

      Expected:  <img src="x">, Actual:  <img src="x">
```

This commit removes an extra space that was added originally, but I
don't think it is really needed after double checking how it displays in
the UI. The `x` icon and the word have sufficient spacing between them.
If we need to we can tweak it in css instead.
2019-11-27 17:23:49 -07:00
Martin Brennan c54be3ff25
Add tests for oneboxer.js.es6 (#8418) 2019-11-28 08:20:32 +10:00
Joffrey JAFFEUX 119c4d0c1b
DEV: adds a `stringToHTML` helper to be used in tests (#8424)
This will replace the need for jquery: `$(string)`
2019-11-27 17:36:45 +01:00
Mark VanLandingham b92a8131c0
FEATURE: Pie chart option for poll results (#8352) 2019-11-25 11:51:01 -06:00
Dan Ungureanu d2d0937986
DEV: Add test for load-more (#8369)
Follow-up to 3650c64bca.
2019-11-25 14:42:34 +02:00
Dan Ungureanu 60ccfcaa6c
DEV: Add test for opening drafts from Activity screen (#8401)
Follow-up to 520d54d85f.
2019-11-25 14:31:47 +02:00
Martin Brennan dbfe9540fa FIX: be more tactical with replacing markdown chars
* instead of using encodeURIComponent in imageNameFromFileName,
  we just replace the bad characters that we wanted to get rid
  of in the first place where we introduced encodeURIComponent.
  as per review
2019-11-25 16:38:13 +10:00
Martin Brennan b89e634dd4
FIX: Replace %20 with space in markdown file name for uploads (#8405)
Meta: https://meta.discourse.org/t/image-name-has-20-in-file-name/134136

We were ending up with [file%20name](url) in the markdown preview, which looked weird and
affected the alt text. this is because we were calling encodeURIComponent, which has been left in place because this is a valid thing to do for some cases. (e.g. f674b9e)
2019-11-25 13:54:55 +10:00
Robin Ward d7ae052efe DEV: Don't allow `Promise` unless imported from `"rsvp"`
We want to make sure we are using the correct promise implementation so
let's lint out the browser version.
2019-11-20 15:24:59 -05:00
Dan Ungureanu 352d43b101
FIX: Better handling of Group model state (#8356)
The group card and group members page were affecting each other and were
leaking members list and the query parameters which led to bad UX
experience and sub-optimal performance (client made more queries because
it was loading fewer members).

This commit refactors the group model to make it more consistent, remove
dead code, move error handling outside of model.
2019-11-18 14:59:28 +02:00
Dan Ungureanu a9704da34c FIX: A pmOnly tag should link to messages (#8361)
isPrivateMessages represents that the tag list is shown in the context
of private messages and pmOnly represents that the tag is used only in
private messages.
2019-11-18 16:44:08 +11:00
Penar Musaraj cc8baa1a7c Fix Prettier using correct version (1.19.1) 2019-11-15 10:34:26 -05:00
Penar Musaraj 655e610357 Fix Prettier 2019-11-15 10:28:46 -05:00
Martin Brennan abf215a0e4 Bump prettier to 1.19.1 and lock dependency (#8350) 2019-11-15 10:07:45 -05:00
Robin Ward d4b7c028fa REFACTOR: Move upload utilities to their own file 2019-11-14 12:51:08 -05:00
Gerhard Schlager c83ae9a79f DEV: Add option to login at beginning of smoke tests
This is useful for testing sites which do not have any public topics.
2019-11-14 18:28:15 +01:00
Martin Brennan e7226a8c84
FEATURE: Allow scoping search to tag (#8345)
* When viewing a tag, the search widget will now show a checkbox to scope the search by tag, which will limit search results to that tag on desktop and mobile
2019-11-14 10:40:26 +10:00
Robin Ward a4b89f8187 DEV: Remove some extra `Discourse.Site` uses 2019-11-13 16:00:58 -05:00
Robin Ward bc2067898e FIX: Missing User objects in Utilities 2019-11-13 15:55:32 -05:00
Robin Ward f5ed0dc2e6 FIX: Failing tests 2019-11-13 15:34:30 -05:00
Robin Ward 3d0b310368 DEV: Fix some more deprecated Discourse.User and Discourse.Site 2019-11-13 15:34:30 -05:00
Mark VanLandingham 4843414de6 WIP - set Discourse.currentUser 2019-11-13 15:34:30 -05:00
Roman Rizzi 1c179177e7
REFACTOR: Attach resize controls to images from the markdown pipeline (#8314) 2019-11-12 17:32:37 -03:00
Robin Ward afadf361b3 REFACTOR: `idMap` should be a private API 2019-11-12 10:53:22 -05:00
Jarek Radosz 5d4b240453
DEV: Provide radix argument to parseInt (#8281)
* DEV: Provide radix 10 argument to parseInt

* DEV: Provide radix 16 argument to parseInt

* DEV: Remove unnecessary parseInt calls

* Fix year formatting

parseInt was used here to convert decimals to ints
2019-11-12 10:47:42 +01:00
Daniel Waterworth e79cec9fc7 DEV: Remove handling of category top menu items
Support for these kinds of navigation items was dropped in 88f52514, but
the code for handling these menu items was never removed.
2019-11-11 17:36:29 +00:00
Dan Ungureanu 55bdd9e6a2
FIX: Do not skip some emails in user search (#8317)
It used to skip the email addresses containing the plus sign.
2019-11-11 18:42:45 +02:00
Robin Ward f03edb36be REFACTOR: Remove `Discourse.Model` 2019-11-08 14:13:35 -05:00
Robin Ward 291572a97a REFACTOR: Remove `Discourse.Session` constants 2019-11-08 13:46:50 -05:00
Robin Ward 7ac2a55588 REFACTOR: Remove `Discourse.Category` constants 2019-11-08 13:31:00 -05:00
Robin Ward 7e44065bcb REFACTOR: Migrate `Discourse.Post` to imports 2019-11-08 13:13:13 -05:00
Robin Ward 932c169d46 REFACTOR: Remove Discourse.NavItem constants 2019-11-08 12:56:13 -05:00
Robin Ward 779ee3558d REFACTOR: Remove `Discourse.UserAction` from code 2019-11-08 12:52:39 -05:00
Gerhard Schlager 61b1f9c36b FEATURE: Load translation overrides without JS `eval` 2019-11-05 19:16:38 +01:00
David Taylor 52c5cf33f8
FEATURE: Overhaul of admin API key system (#8284)
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
2019-11-05 14:10:23 +00:00
Joe 8e419a772f
FIX: improve regex used for image sizing controls (#8291) 2019-11-05 18:40:02 +08:00
Robin Ward 90f934a660 REFACTOR: Use a module for `Ember.isEmpty` 2019-11-01 13:50:15 -04:00
Leo McArdle 5efa95b5f8 FIX: make notification consent banner usable via keyboard and screenreader (#8255)
* update d-button to support btn-link class

* add display attribute to d-button rather than computing on class
2019-10-31 15:36:24 -04:00
David Taylor 7191835989
DEV: Support custom server-side names in rest models (#8265) 2019-10-30 15:25:42 +00:00
Robin Ward 8d34f4bbd9 Revert "Revert Ember.run refactors"
This reverts commit fcb1ca52f9.
2019-10-30 09:48:24 -04:00
Robin Ward fcb1ca52f9 Revert Ember.run refactors
This reverts commit 5ca60fcb6b.
2019-10-29 17:10:47 -04:00
Robin Ward 249dff85c7 FIX: Use modules for `Ember.run.debounce` hack in testing 2019-10-29 16:25:37 -04:00
Robin Ward 5ca60fcb6b REFACTOR: Use imports for `Ember.run` 2019-10-29 15:31:56 -04:00
Mark VanLandingham c7475ee03b
DEV: Import EmberObject rather than global variable (#8256)
* DEV: Import ember/object rather than Ember.Object globally

* fixed broken object proxy import

* prettier on js

* added @ember/object/proxy to loader

* added unstaged file

* Fixed objet proxy reference is loader

* Linting!
2019-10-29 14:23:50 -05:00
Bianca Nenciu 1531644288
DEV: Add test (#8250)
Follow-up to 2863e7c181.
2019-10-29 12:12:09 +02:00
Sam Saffron b92e4465f7 DEV: stop depending on hover for image resize icons
We no longer defer render the resize links, so we no longer need all these
hover events to test it.

Corrects broken test.
2019-10-29 16:01:15 +11:00
Neil Lalonde f686ab988f FIX: close modals on ESC key and clicking outside 2019-10-28 17:23:30 -04:00
David Taylor 071a82efe3 FIX: Correct error when sending PM to email address 2019-10-28 18:32:43 +00:00
Jarek Radosz 5776251cdd
DEV: Remove an obsolete "preferences/about-me" route (#8251)
User's title and bio can be changed on the "preferences/account" page.
2019-10-28 17:29:14 +01:00
Gerhard Schlager 85c08b84a5 DEV: Add a short wait to smoke test to prevent rate limiting 2019-10-24 18:36:27 +02:00
Gerhard Schlager d4d2cb124c DEV: Make smoke tests more reliable 2019-10-24 17:51:48 +02:00
Gerhard Schlager decbc9194d DEV: Fix basic auth in smoke test 2019-10-24 17:43:26 +02:00
Robin Ward 6287eccb35 REFACTOR: Remove `Ember.Controller` in favor of import 2019-10-23 13:06:54 -04:00
David Taylor cc56f226b8 FIX: Correct mention autocomplete in new topics in unsecured categories
When autocompleting mentions in secure categories, we immediately populate the list with users which have permission to view the category. This logic is applied to unsecured categories as well, but the server returns an empty list of users. This commit teaches the autocomplete to understand empty lists of users without terminating the autocomplete dropdown.
2019-10-21 14:52:54 +01:00
Jarek Radosz f6ea986aec
DEV: Remove `suspend` from Admin::UsersController responses (#8206)
`suspend` isn't a User attribute, but was being assigned to the frontend User model as if it was. The model has a computed property that depends on `suspended_till`, so instead of overriding this property, it's better to return relevant attributes.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-10-18 01:49:26 +02:00
David Taylor 943d8e0a97 DEV: Update JS test fixtures
- `site.json` now returns a list of group objects, not a `group_names` array (a6714e25)
- `c/1/show.json` now includes `custom_fields: {}`, even if no fields exist (b8bd0316)
2019-10-15 22:37:15 +01:00
Robin Ward de3db0e485 FIX: Remove another broken test 2019-10-11 15:52:14 -04:00
Robin Ward 204cd43861 FIX: This emoji test was broken too 2019-10-11 15:41:19 -04:00
Robin Ward 342bbe66dd FIX: Flaky tests
We had acceptance tests that were testing the contents of the post
stream preview, not the contents of the eventual topic itself.

This became apparent when I introduced a new promise which caused the
tests to finish waiting for work properly. Before that, it was up to the
speed of the execution, very spooky!
2019-10-11 15:33:34 -04:00
Penar Musaraj 3a469a79cf
FEATURE: search topics when adding a link in composer (#8178) 2019-10-11 11:37:44 -04:00
Penar Musaraj a91ad81ed1 UX: Trigger primary action in modals using Enter
A modal's primary action (blue button in the default theme) can now be invoked
by hitting Enter on the keyboard. This applies to all modals that aren't strict
forms as long as the focus is not on a textarea element.
2019-10-09 13:28:07 -04:00
Rimian Perkins 074ce70c28 FEATURE: Load pretenders in plugins too. (#8173)
* allows plugins to auto load *-pretender files
* Allows hyphens in the name eg: `my-plugin-pretender.js.es6`
2019-10-09 10:23:44 -04:00
Penar Musaraj 30cda1761d
UX: Better composer hyperlink modal (#8160) 2019-10-08 16:19:07 -04:00
Dan Ungureanu fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. (#8014)
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
David Taylor d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Robin Ward f5d391a48a
REFACTOR: Move `app-events:main` to `service:app-events` (#8152)
AppEvents was always a service object in disguise, so we should move it
to the correct place in the application. Doing this allows other service
objects to inject it easily without container access.

In the future we should also deprecate `this.appEvents` without an
explicit injection too.
2019-10-04 10:06:08 -04:00
Martin Brennan 68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2019-10-01 19:08:41 -07:00
Joffrey JAFFEUX 0b93f1239b
DEV: attempts to make date-time-input-range test more reliable (#8126) 2019-10-02 02:12:36 +02:00
Joffrey JAFFEUX b4d42d1151
DEV: removes memory profiling from qunit tests (#8120)
Most of the work on it has been done and it's un-necessary work for now.
2019-10-01 22:17:53 +02:00
Joffrey JAFFEUX 4aefe589de
DEV: rake qunit:test was crashing on macOS due to a flag (#8119)
flag: --disable-software-rasterizer
2019-10-01 20:40:48 +02:00
Kyle Zhao fb200e3055 FIX: Escape $ in translations before interpolating (#8100)
The dollar sign (`$`) is a special replace pattern, and `$&` inserts the
matched string. Thus dollars signs need to be escaped with the special
pattern `$$`, which inserts a single `$`.
2019-09-16 13:52:49 -04:00
Penar Musaraj 1de5d10f61 DEV: Fix Prettier 2019-09-16 11:36:27 -04:00
Penar Musaraj 6debd72c6c DEV: Add qunit test for emojis in search blurbs
Followup to cf230163
2019-09-16 11:25:55 -04:00
Kyle Zhao f0f03acb2c FIX: Do not escape `fancy_title` again. (#8095)
`fancy_title` is already escaped by Rails. Escaping it again would print
the HTML entity as-is, e.g. `&quot;` instead of `"`.

This fixes the issue by introducing a new `escapedContent` attribute on
the `QuickAccessItem` widget.
2019-09-13 10:04:14 -04:00
Jarek Radosz 1dcdcb5c31
FIX: Cast all numerical values in reports (#8087)
* FIX: Cast all numerical values in reports

The backend can return some numerical values in report as strings. That results in unexpected order of values when sorting report tables.

* Create `toNumber()` helper

The `typeof` and `parseFloat` seem to be the fastest path: https://jsperf.com/number-vs-typeof-vs-parsefloat#results
2019-09-12 15:17:34 +02:00
Dan Ungureanu 8b2c272f04
UX: Use medium format for displaying time in post notices. (#8074) 2019-09-11 13:00:53 +03:00
Kyle Zhao 9b10a78d82 FEATURE: Quick access panels in user menu (#8073)
* Extract QuickAccessPanel from UserNotifications.

* FEATURE: Quick access panels in user menu.

This feature adds quick access panels for bookmarks and personal
messages. It allows uses to browse recent items directly in the user
menu, without being redirected to the full pages.

* REFACTOR: Use QuickAccessItem for messages.

Reusing `DefaultNotificationItem` feels nice but it actually requires a
lot of extra work that is not needed for a quick access item.

Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread
private message"), and it is not trivial to remove / override that.

* Use a plain JS object instead.

An Ember object was required when `DefaultNotificationItem` was used.

* Prefix instead suffix `_` for private helpers.

* Set to null instead of deleting object keys.

JavaScript engines can optimize object property access based on the
object’s shape. https://mathiasbynens.be/notes/shapes-ics

* Change trivial try/catch to one-liners.

* Return the promise in case needs to be waited on.

* Refactor showAll to a link with href

* Store `emptyStatePlaceholderItemText` in state.

* Store items in Session singleton instead.

We can drop `staleItems` (and `findStaleItems`) altogether. Because
`(old) items === staleItems` when switching back to a quick access
panel.

* Add `limit` parameter to the `user_actions` API.

* Explicitly import Session instead.
2019-09-09 11:03:57 -04:00
Penar Musaraj 4d6eacac5c FIX: close user card after clicking Message button
This was primarily an issue on mobile, where after clicking the "Messsage" button in the user card, the composer would load behind the user card overlay.
2019-08-30 13:40:12 -04:00
David Taylor f2331ef07f
DEV: Stop serializing user_auth_token_logs (#8043)
These are no longer used in the user interface
2019-08-27 13:07:03 +01:00
Joffrey JAFFEUX 08e7211d7d
DEV: attempts to fix an heisentest in date-time-input-range (#8017) 2019-08-19 12:39:30 +02:00
Joffrey JAFFEUX 936d4ce17a
FEATURE: favorites emojis will also show in composer autocomplete (#8011) 2019-08-16 11:47:03 +02:00
Vinoth Kannan 88359b0f16
FEATURE: add support for group members visibility level (#8004)
There are 5 visibility levels (similar to group visibility)

public (default)
logged-in users
members only
staff
owners

Admins & group owners always have visibility to group members.
2019-08-14 19:00:04 +05:30
Bianca Nenciu ba396a5384
DEV: Use ResultSet with staff action logs. (#7661) 2019-08-13 20:55:05 +03:00
Bianca Nenciu 37e7998a82
FEATURE: Send notification when member was accepted to group. (#7614) 2019-08-06 13:29:46 +03:00
Sam Saffron f780920759 FEATURE: mention in secure category to prioritize groups
This feature allows @ mentions to prioritize showing members of a group who
have explicit permission to a category.

This makes it far easier to @ mention group member when composing topics in
categories where only the group has access.

For example:

If Sam, Jane an Joan have access to bugs category.

Then `@` will auto complete to (jane,joan,sam) ordered on last seen at

This feature works on new topics and existing topics. There is an explicit
exclusion of trust level 0,1,2 groups cause they get too big.
2019-08-06 17:57:56 +10:00
David Taylor 06e757245f FEATURE: Add a test facility to the watched words admin interface 2019-08-02 15:29:12 +01:00
David Taylor 39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Robin Ward f57fdee2f6 FIX: Modal `onClose` was being called repeatedly
This happened because the modal controller was not clearing the `name`
attribute, which is used for looking up the controller to call `onClose`
on.

Every page navigation would call the method over and over, breaking
state in odd ways.
2019-08-01 15:42:43 -04:00
David Taylor d4acd35466
FEATURE: Sync unread state live to topic lists (#7933) 2019-07-29 10:28:42 +01:00
Guo Xiang Tan 49d9557337 Revert commit that was pushed by mistake.
This reverts commit c7516c42e9.
2019-07-29 11:04:38 +08:00
Guo Xiang Tan c7516c42e9 Revert "FIX: reverts #18e2816 (#7940)"
This reverts commit c7b146cbdf.
2019-07-29 09:18:53 +08:00
David Taylor 4f1382a54a FIX: Hide live-loaded posts from ignored users 2019-07-25 12:01:29 +01:00
Joffrey JAFFEUX 460d431621
DEV: uses ember-cli recommended chrome flags (#7939) 2019-07-25 11:38:05 +02:00
Joffrey JAFFEUX c7b146cbdf
FIX: reverts #18e2816 (#7940) 2019-07-25 11:14:23 +02:00
Joffrey JAFFEUX c1d2fb115c
DEV: prevents staff computed property to be overridden (#7931) 2019-07-24 22:01:08 +02:00
Osama Sayegh 5fc5a7f5ae FEATURE: Add search operator to see all direct messages from a user (#7913)
* FEATURE: Add search operator to see all direct messages from a user

* Only show message if related messages >= 5

* Make "all messages" the hyperlink

* Review
2019-07-22 10:55:49 -04:00
Roman Rizzi eb26bee046
DEV: group_list site settings should store IDs instead of group names (#7860)
* DEV: group_list site settings should store IDs instead of group names

* Ship site setting to know when we should migrate group_list settings

* Migrate existing group_list site settings

* Bump migration timestamp and don't set null when migrating is not possible.
2019-07-19 15:17:58 -03:00
Robin Ward 8dd3cbfcb9
FEATURE: Allow choice of category when making a PM public (#7907)
* FEATURE: Allow choice of category when making a PM public

Previously it would default to uncategorized, which was not ideal on
some forums. This gives the staff member more choice about what they'd
like to do.

* Make the optional category more explicit

* Joffrey's feedback
2019-07-19 11:52:50 -04:00
Bianca Nenciu 9f500a4ff4
FIX: Show same username or name for post notices. (#7862) 2019-07-19 11:05:48 +03:00
Joffrey JAFFEUX 95ad4f9077
FEATURE: new date/time components (#7898) 2019-07-18 17:29:41 +02:00
Penar Musaraj a571efba35
FIX: Rename deprecated icons, allow custom icons in badges
- adds a migration renaming FA4 icon names in badges
- allows all icons to be used in badges (previously was limited to icons prefixed with fa-)
- renames remaining FA 4.7 icons equivalents
2019-07-16 11:13:44 -04:00
Vinoth Kannan 839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
Guo Xiang Tan cbb4af124b Fix the build.
Follow up to 4b0cf7f6dd.
2019-07-15 16:38:54 +08:00
Guo Xiang Tan 4b0cf7f6dd SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:55:50 +08:00
Bianca Nenciu c4d1833588 FIX: Do not show bootbox if post has no replies. (#7866)
When we delete a post that has replies, we show a modal asking if the user wants to delete the post, the post and its direct replies or the post and all its replies.

If replies are deleted before a post, that modal would ask the user if they want to delete the post and 0 replies.

That commit ensure we skip the modal and directly delete the post in this case.
2019-07-12 11:42:57 +02:00
Vinoth Kannan 1bb258ab49 DEV: use upload short-url in html to markdown conversion if 'base62-sha1' data attr available. 2019-07-05 10:06:41 +05:30
Penar Musaraj c78634284c UI: when in a different topic context, allow dismissing draft without destroying it
This changes the label and behaviour of the "No, keep" button in the confirmation modal when user cancels a draft while on a different topic. The new button label is "No, save draft", and when clicked, the composer will be dismissed without destroying the draft.
2019-07-04 11:45:57 -04:00
Joffrey JAFFEUX a60ec00f7a
fix tests (#7853) 2019-07-03 16:32:27 +02:00
Joffrey JAFFEUX d521959768
DEV: simpler report page test (#7851) 2019-07-03 16:08:48 +02:00
Joffrey JAFFEUX f9f1df7611
DEV: prevents reports key to be time dependant when testing (#7850) 2019-07-03 15:43:01 +02:00
Bianca Nenciu bfdf740a05 FIX: Show 'Export' button for all tabular reports. (#7838) 2019-07-03 14:47:36 +02:00
Joffrey JAFFEUX 1c6bb8748b
fix tests (#7849) 2019-07-03 13:45:03 +02:00
Osama Sayegh 3d64532273 FEATURE: allow disabling theme components (#7812)
This allows you to temporarily disable components without having to remove them from a theme. 

This feature is very handy when doing quick fix engineering.
2019-07-03 18:18:11 +10:00
Joffrey JAFFEUX 39e3162323
DEV: skip click-track to attempt to reduce timeouts in tests (#7836) 2019-07-02 10:08:28 +02:00
Ralph Rooding 4ba35472e6 Don't check for second factor when switching to anonymous account (#7803) 2019-06-27 15:01:26 -07:00
Joffrey JAFFEUX a61147d838
FEATURE: displays tags in search menu results when enabled (#7819) 2019-06-27 19:26:14 +02:00
Gerhard Schlager fe870a1e54 DEV: Respond with error 400 to uploads requested via XHR
follow-up to 13f38055
2019-06-27 11:15:35 +02:00
Joffrey JAFFEUX df9b295510
DEV: skip load-script to prevent timeouts (#7817) 2019-06-27 10:57:40 +02:00
Joffrey JAFFEUX 5b9a3f8acd
DEV: attempts to make load-script more reliable (#7816)
We don't check on script anymore, but we still check on window.ace making very unlikely to regress.
2019-06-27 10:19:55 +02:00
Jeff Wong 79d657203d fix tests 2019-06-26 17:44:23 -07:00
Jeff Wong 88ef5e55fe
FEATURE: add ability to have multiple totp factors (#7626)
Adds a second factor landing page that centralizes a user's second factor configuration.

This contains both TOTP and Backup, and also allows multiple TOTP tokens to be registered and organized by a name. Access to this page is authenticated via password, and cached for 30 minutes via a secure session.
2019-06-26 16:58:06 -07:00
Joffrey JAFFEUX c63268467e
DEV: prettier 1.18.2 (#7810) 2019-06-26 17:09:52 +02:00
Penar Musaraj 76307611dc
UX: new inline button to remove a topic timer (#7790) 2019-06-26 11:08:53 -04:00
Gerhard Schlager 13f38055ac SECURITY: XSS in routes
Co-authored-by: Guo Xiang Tan <tgx_world@hotmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2019-06-26 16:34:15 +02:00
Joffrey JAFFEUX cea3a027f3
FIX: category-chooser search should be scoped to category (#7794) 2019-06-24 10:45:30 +02:00
Joffrey JAFFEUX 59e84e8e05
DEV: skip tests instead of commenting them (#7774) 2019-06-17 10:24:20 +02:00
Robin Ward 035e63c81f FIX: Allow the clear callbacks to execute in acceptance tests 2019-06-14 13:29:13 -04:00
Robin Ward a8793d0d9a REFACTOR: Test Memory Usage Fixes (#7769)
* Calling `Discourse.reset()` creates a new container
We should run our de-initializers only after acceptance tests,
since initializers are not run outside of acceptance tests anyway,
and the container at this point can be passed properly to the
`teardown()` method.

* Remove `Discourse.reset` from tests
This would cause a new container to be created which leaks many objects.

* `updateCurrentUser` is more accurate than `replaceCurrentUser`
2019-06-14 14:54:20 +02:00
Guo Xiang Tan 7bb94e8716 DEV: Increase wait duration between smoke test further during edit.
Otherwise, the app detects that we're replying too quickly.
2019-06-14 12:21:54 +08:00
Sam Saffron 62f4284865 DEV: 302 status is normal in smoke test
Login can redirect there are potentially other cases
2019-06-14 14:21:07 +10:00
Guo Xiang Tan 5b55252e10 DEV: Add more wait between edit so we don't end up replying too quickly. 2019-06-13 09:14:17 +08:00
Joffrey JAFFEUX 19ca2d4772
DEV: reset widget clean callback between tests (#7761) 2019-06-12 17:49:02 +02:00
Robin Ward 9daba50d48 FIX: Unsubscribe seemed to be missing some events (#7762)
This forces an unsubscribe from all events.
2019-06-12 17:48:01 +02:00
Maja Komel 621b6493f7 DEV: test badge titles presence on badge page
follow-up on 2863e7c
2019-06-12 15:04:21 +02:00
David Taylor f60451a89d DEV: Fix linting error 2019-06-12 00:19:52 +01:00
Joffrey JAFFEUX 23f457b87d
DEV: disables d-editor emoji test to attempt to fix timeouts (#7755) 2019-06-12 00:30:11 +02:00
Joffrey JAFFEUX 5da91fa8f8
DEV: disable emoji-picker test to attempt to fix timeouts (#7754) 2019-06-12 00:11:21 +02:00
Joffrey JAFFEUX 1feaacaecb
DEV: skip emoji picker opening test to attempt to fix timeouts (#7753) 2019-06-11 23:54:20 +02:00
Joffrey JAFFEUX 58057484fe
DEV: skip ace-editor to attempt to avoid timeouts (#7752) 2019-06-11 23:38:43 +02:00
Joffrey JAFFEUX cb08d3cc26
DEV: adds module debugging to js tests (#7751) 2019-06-11 23:14:42 +02:00
Robin Ward 3d7c26c15e FIX: Memory Leaks w/ Container (#7750)
Gives instance initializers the ability to add a `teardown` method that
will be called between tests to clean up after themselves.
2019-06-11 18:41:27 +02:00
Joffrey JAFFEUX dc15486f0a Revert "DEV: resets csrf ajax prefilter only if present (#7747)"
This reverts commit 6612218a4e.
2019-06-11 13:34:25 +02:00
David Taylor 000a35b219 FIX: Do not live-load posts from ignored users 2019-06-11 12:07:14 +01:00
Joffrey JAFFEUX 6612218a4e
DEV: resets csrf ajax prefilter only if present (#7747) 2019-06-11 12:50:20 +02:00
Joffrey JAFFEUX ebf77f74b7 Revert "DEV: prevents csrf token to leak state between tests (#7746)"
This reverts commit b29d63a52d.
2019-06-11 12:19:49 +02:00