Commit Graph

41495 Commits

Author SHA1 Message Date
Robin Ward af5adc440e
DEV: We hadn't enabled `object-rest-spread` in all contexts (#12452)
See: https://babeljs.io/docs/en/babel-plugin-proposal-object-rest-spread

This fixes Discourse in browsers that don't support this syntax yet.
2021-03-19 13:57:04 -04:00
Dan Ungureanu 534008ba24
FIX: Improve handling when email is obfuscated (#12450)
This commit ensures that email validation is skipped when the email is
obfuscated, that the email is no longer send when it is not an invite
link and no username is suggested if the email is hidden as it may
reveal the first part of the email.

Follow up to commit 033d6b6437.
2021-03-19 17:15:46 +02:00
Osama Sayegh c9923a3e3e
UX: Composer actions menu header should display the icon of selected action (#12449)
See a video of the change in the PR: https://github.com/discourse/discourse/pull/12449.
2021-03-19 17:48:43 +03:00
Robin Ward 5b02aad9c1
Support for Testem in Ember CLI (#12442)
* DEV: Use custom tags rather than handlebars server side

These will be skipped if they are ever rendered in a document. The
handlebars really messes stuff up.

* DEV: Build our own locale file for testing purposes

We can't practically proxy everything in test mode, but we can
approximate the logic and build our own locale file for testing purposes
that works quite well. This allows us to run tests without a proxy.

* DEV: Support for testem runner for ember cli tests
2021-03-19 09:32:46 -04:00
Gerhard Schlager 2d1b087efc
FIX: Delete invalid web push subscriptions (#12447)
The endpoint as well as the public and private ECDH keys are required to successfully send a push notification.
2021-03-19 14:24:03 +01:00
Penar Musaraj d470e4fade
FEATURE: Allow users to save draft and close composer (#12439)
We previously included this option conditionally when users were replying
or creating a new topic while they had content already in the composer.

This makes the dialog always include three buttons:
  - Close and discard
  - Close and save draft for later
  - Keed editing

This also changes how the backend notifies the frontend when there is
a current draft topic. This is now sent via the `has_topic_draft`
property in the current user serializer.
2021-03-19 09:19:15 -04:00
Bianca Nenciu 6eab1e83c3
FIX: Do not fail if Postgres is not available (#12440)
Follow-up to 50f8782def.
2021-03-19 12:07:39 +02:00
Robert 4dcdbd7801
REFACTOR: break search results in multiple sub components
This change will introduce:
- search-result-entries
- search-result-entry

making the full-page-search template easier and less risky to override.
2021-03-19 10:49:14 +01:00
Martin Brennan fb0b4e26a9
DEV: Add output_sql_to_stderr! to MethodProfiler (#12445)
This PR adds MethodProfiler.output_sql_to_stderr! for easier debugging of SQL queries and their timings from the console.

This is almost the same as ensure_discourse_instrumentation! but should not
be used in production (save for debugging in the console), and is only instrumenting
PostgresSQL queries.

This is almost the same as ensure_discourse_instrumentation! but should not
be used in production. This logs all SQL queries run and their durations
between start and stop.

It also works for super long running queries. If you interrupt the long-running
query the latest query data will still be logged after stopping the profiler.

Usage:

```
MethodProfiler.output_sql_to_stderr!(filter_transactions: true)
MethodProfiler.start

# some code that runs queries

timings = MethodProfiler.stop
```
2021-03-19 17:48:30 +10:00
dependabot[bot] b432a4acd8
Build(deps-dev): Bump rspec-rails from 5.0.0 to 5.0.1 (#12443)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.0...v5.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-19 01:55:42 +01:00
Martin Brennan 355d51afde
FEATURE: Allow using invites when DiscourseConnect SSO is enabled (#12419)
This PR allows invitations to be used when the DiscourseConnect SSO is enabled for a site (`enable_discourse_connect`) and local logins are disabled. Previously invites could not be accepted with SSO enabled simply because we did not have the code paths to handle that logic.

The invitation methods that are supported include:

* Inviting people to groups via email address
* Inviting people to topics via email address
* Using invitation links generated by the Invite Users UI in the /my/invited/pending route

The flow works like this:

1. User visits an invite URL
2. The normal invitation validations (redemptions/expiry) happen at that point
3. We store the invite key in a secure session
4. The user clicks "Accept Invitation and Continue" (see below)
5. The user is redirected to /session/sso then to the SSO provider URL then back to /session/sso_login
6. We retrieve the invite based on the invite key in secure session. We revalidate the invitation. We show an error to the user if it is not valid. An additional check here for invites with an email specified is to check the SSO email matches the invite email
7. If the invite is OK we create the user via the normal SSO methods
8. We redeem the invite and activate the user. We clear the invite key in secure session.
9. If the invite had a topic we redirect the user there, otherwise we redirect to /

Note that we decided for SSO-based invites the `must_approve_users` site setting is ignored, because the invite is a form of pre-approval, and because regular non-staff users cannot send out email invites or generally invite to the forum in this case.

Also deletes some group invite checks as per https://github.com/discourse/discourse/pull/12353
2021-03-19 10:20:10 +10:00
Penar Musaraj aee7ef0dc9
DEV: Fix build due to highlight.js branch issue (#12441)
Highlight.js changed their default branch from master to main. This switches to the @highlightjs/cdn-assets package, thus sidestepping the problem. It's a slightly cleaner integration though (no need to build locally anymore).
2021-03-18 18:21:23 -04:00
jbrw aaf96edee0
FIX: all staff members (regardless of TL) should be able to pin/unpin topics (#12435) 2021-03-18 15:32:42 -04:00
Joffrey JAFFEUX 67e1ae3f7d
A11Y: makes search results count readable by screen reader (#12437) 2021-03-18 18:44:26 +01:00
Dan Ungureanu 033d6b6437
FEATURE: Obfuscate emails on invite show page (#12433)
The email should not be ever displayed in clear text, except the case
when the user authenticates using another service.
2021-03-18 19:09:23 +02:00
Dan Ungureanu da1e37d2ce
FIX: browser-update should work with old browsers (#12436)
This caused issues in IE10 / IE11 with compatibility mode.
2021-03-18 19:09:01 +02:00
Dan Ungureanu 5024ea72d2
UX: Show first unique letters in invite link (#12434) 2021-03-18 19:05:38 +02:00
Roman Rizzi da210b6d77
FEATURE: Replace markdown-it replacements rule. (#12417)
We override the default replacements rule to no longer replace "(c)", "(p)", and "(p)". Additionally, we merged the custom arrows rule into the replacement function.
2021-03-18 10:55:41 -03:00
Bianca Nenciu 1a433193d1
FIX: Do not treat code tag as block level element (#12432)
When syncing code elements, the inner text used to be escaped, which
rendered the actual HTML code instead. This commit overwrites default
parser settings to fix the way code tags are handled.
2021-03-18 15:30:15 +02:00
Joffrey JAFFEUX cf703ccf66
A11Y: improves avatar menu focus/active states (#12422) 2021-03-18 13:29:27 +01:00
dependabot[bot] 06c60b017c
DEV: Bump unicorn from 5.8.0 to 6.0.0 (#12430)
Bumps [unicorn](https://yhbt.net/unicorn/) from 5.8.0 to 6.0.0.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-18 16:08:51 +11:00
Krzysztof Kotlarek c5a116859d
FIX: delete post action from permanently deleted posts (#12309)
When Post is permanently deleted, we should delete correlated PostAction as well.
2021-03-18 15:22:41 +11:00
Kris 7e470bf8ae
UX: Improve topic footer alignment and layout (#12420) 2021-03-17 22:42:52 -04:00
Jordan Vidrine 74dbf2b1dc
UX: Move modal footer into better container (#12429)
* UX: Move modal footer into better container

This commit moves the modal footer under the sign-up form for a more cohesive feel between the login + create account modals.
2021-03-17 14:10:49 -05:00
Blake Erickson 44153cde18
FIX: Be able to handle long file extensions (#12375)
* FIX: Be able to handle long file extensions

Some applications have really long file extensions, but if we truncate
them weird behavior ensues.

This commit changes the file extension size from 10 characters to 255
characters instead.

See:

https://meta.discourse.org/t/182824

* Keep truncation at 10, but allow uppercase and dashes
2021-03-17 12:01:29 -06:00
Penar Musaraj eb7f0ec766
FIX: In components, fall back to default theme color variables (#12423)
Component SCSS compilation should use the current theme's SCSS color
variables as a fallback before using the default core colors.

This is mostly a backwards-compatibility fix, new themes and components
should use CSS custom properties, which offer better support for on-the-fly
color scheme changes (dark mode support, etc.).
2021-03-17 13:34:15 -04:00
Bianca Nenciu 97623f5351
FIX: Do not raise if post no longer exists (#12428) 2021-03-17 19:22:05 +02:00
Robin Ward 52859bdeab
FIX: Viewing some tag routes wasn't rendering the list without JS (#12344) 2021-03-17 13:02:32 -04:00
Robin Ward 11e6e9cca2
FIX: Tests in `admin/tests` were not running (#12391)
Since we want to run them in the core app they've been moved into the
`tests` directory for discourse, and updated to the latest format.
2021-03-17 13:02:12 -04:00
Bianca Nenciu 50f8782def
FIX: Fix narrative bot settings in multisites (#12380)
after_initialize is not called for each multisite database, but just
for first (default) database.
2021-03-17 17:41:31 +02:00
Bianca Nenciu 16b5fa030b
DEV: Set disable_mailing_list_mode automatically (#12402)
The user mailing list mode continued to be silently enabled and
UserEmail job checked just that ignoring site setting
disable_mailing_list_mode.

An additional migrate was added to set disable_mailing_list_mode
to false if any users enabled the mailing list mode already.
2021-03-17 17:39:10 +02:00
Gerhard Schlager 38dd81d38a
DEV: Remove deprecated Sidekiq config (#12427)
> WARNING: Sidekiq::Web.sessions= is no longer relevant and will be removed in Sidekiq 7.0.
2021-03-17 16:29:10 +01:00
Daniel Waterworth 9c3d5f861d
DEV: Speed up topics_controller_spec.rb (#12395) 2021-03-17 10:25:43 -05:00
Joffrey JAFFEUX 482bcc8726
A11Y: associates lists with labels on interface page (#12426) 2021-03-17 16:03:09 +01:00
Joffrey JAFFEUX cb0427ffdf
A11Y: links change username input to its label (#12424) 2021-03-17 15:47:27 +01:00
Bianca Nenciu 9b4b2149ff
FIX: Allow group owners manage group flair (#12415)
Follow up to commit 901cee55cd.
2021-03-17 16:35:51 +02:00
Osama Sayegh d56b2e85aa
FIX: Escape Font Awesome icons (#12421)
This is not a security issue because regular users are not allowed to insert FA icons anywhere in the app. Admins can insert icons via custom badges, but they do have the ability to create themes with JS.
2021-03-17 16:11:40 +03:00
Osama Sayegh a23d0f9961
UX: Add image uploader widget for uploading badge images (#12377)
Currently the process of adding a custom image to badge is quite clunky; you have to upload your image to a topic, and then copy the image URL and pasting it in a text field. Besides being clucky, if the topic or post that contains the image is deleted, the image will be garbage-collected in a few days and the badge will lose the image because the application is not that the image is referenced by a badge.

This commit improves that by adding a proper image uploader widget for badge images.
2021-03-17 08:55:23 +03:00
Kris 26bfb5d6b9
UX: reduce opacity of code copy button (#12418) 2021-03-16 19:22:35 -07:00
Krzysztof Kotlarek 146775072a
FIX: mention notification takes precedence over group (#12407)
When a specific user is mentioned and group to which this user belongs, a direct mention notification should take precedence.
2021-03-17 08:20:41 +11:00
Robin Ward 37c42a57b0
DEV: Make `dockcontainer` and `hidepassed` the defaults (#12416)
This makes running qunit tests in a browser much simpler
2021-03-16 14:34:59 -04:00
Dan Ungureanu fb19ee9eee
FIX: Correctly use invite to topic email templates (#12411)
It was used both when inviting from a topic page and when creating
invites with "Send to topic on first login", while it should be used
only in the former case.
2021-03-16 17:08:54 +02:00
Discourse Translator Bot bc88ea5976
Update translations (#12412) 2021-03-16 15:49:29 +01:00
Arpit Jalan 64d2f260a9
FIX: do not convert format for site setting uploads (#12410) 2021-03-16 20:14:41 +05:30
Dan Ungureanu eda8a839d4
UX: Show Topic column in invites pending tab (#12413) 2021-03-16 16:29:41 +02:00
dependabot[bot] 49a3fcb0f1
Build(deps): Bump sidekiq from 6.1.3 to 6.2.0 (#12406)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.1.3 to 6.2.0.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.1.3...v6.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-16 09:48:50 -04:00
Robin Ward 1c82ed9f3e
REFACTOR: Use a `<script src>` tag to start the app (#12401)
This is to help with potential CSP issues.
2021-03-16 09:36:11 -04:00
Roman Rizzi dc3af285b2
UX: Show the `Dismiss New` button at the top of the topics. (#12403)
We want to be consistent across desktop and mobile.
2021-03-16 10:07:04 -03:00
Krzysztof Kotlarek e10a74694a
FIX: deprecation warning - initialization autoloaded the constant (#12400)
Get rid of deprecation related to Zeitwerk autoloader.

Original PR was reverted because of multisite bug #12381 - thank you @davidtaylorhq for fixing it.

I added the last commit to fix that multisite problem.
2021-03-16 09:47:57 +11:00
dependabot[bot] ddf8e9b6b6
Build(deps): Bump omniauth-google-oauth2 from 0.8.1 to 0.8.2 (#12405)
Bumps [omniauth-google-oauth2](https://github.com/zquestz/omniauth-google-oauth2) from 0.8.1 to 0.8.2.
- [Release notes](https://github.com/zquestz/omniauth-google-oauth2/releases)
- [Changelog](https://github.com/zquestz/omniauth-google-oauth2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zquestz/omniauth-google-oauth2/compare/v0.8.1...v0.8.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-03-15 22:34:14 +01:00