Commit Graph

6426 Commits

Author SHA1 Message Date
Mark VanLandingham deeed5b8c1
DEV: Add 'custom' WebHook event type group (#29549) 2024-11-01 13:30:37 -05:00
Bianca Nenciu 723dc1fa55
Dev fix some types (#29547)
The primary key is usually a bigint column, but the foreign key columns
are usually of integer type. This can lead to issues when joining these
columns due to mismatched types and different value ranges.

This was using a temporary plugin / test API to make tests pass. After
more careful consideration, we concluded that it is safe to alter the
tables directly.
2024-11-01 19:19:25 +02:00
benj cfc23c43e9
FEATURE - Add username column to custom emoji table (#29522)
* Adds emoji column for creator username
2024-11-01 10:32:59 -05:00
Martin Brennan 254cf22559
FIX: Allow `target` attribute in translation overrides (#29503)
Some of our translations are HTML and have `target='_blank'`
included, we should allow the same when sanitizing input for
translation overrides.
2024-11-01 09:48:07 +10:00
Régis Hanol 927054b01e
FIX: duplicate topics in digests / summaries (#29517)
When using the `digest_suppress_tags` site setting to list some tags that should be removed from the digests, if there was a topic that had one suppressed tag and other regular tag(s), it would be duplicated in the summaries.

https://meta.discourse.org/t/multiple-repeated-summary-mail-entries/296539

Thanks to @scossar for [figuring it out](https://meta.discourse.org/t/multiple-repeated-summary-mail-entries/296539/30).
2024-10-31 18:22:41 +01:00
Martin Brennan 1c717f733c
FIX: Blank "Legacy Pageviews" report showed no data (#29502)
Followup bd4e8422fe

In the previous commit, we introduced the `page_view_legacy_total_reqs`
report. However this was not tested properly, and due to a typo
the report returned no data.

This commit fixes the issue and adds a spec to catch this.
2024-10-31 12:51:29 +10:00
Bianca Nenciu 430c42acde
FEATURE: Conditionally force optimized category style (#29473)
The `categories_only_optimized` category page style has been introduced
in commit d37a0d401c. This commit makes
sure that style is enforced for users who can see over 1000 categories
in order to keep `/categories` page functional.
2024-10-30 16:46:56 +02:00
Osama Sayegh 19672faba6
FEATURE: Add invite link to the sidebar (#29448)
This commit adds a new "Invite" link to the sidebar for all users who can invite to the site. Clicking the link opens the invite modal without changing the current route the user is on. Admins can customize the new link or remove it entirely if they wish by editing the sidebar section.

Internal topic: t/129752.
2024-10-30 05:31:14 +03:00
Osama Sayegh 2ffe413b0b
FEATURE: Enable the new /about page for everyone (#29390)
This commit removes the feature flag for the new /about page, enabling it for all sites, and removes the code for old the /about page.

Internal topic: t/140413.
2024-10-29 18:40:11 +03:00
Martin Brennan 27bdfb6437
FEATURE: Add user preference to disable smart lists (#29434)
Followup 30fdd7738e

Adds a new site setting and corresponding user preference
to disable smart lists. By default they are enabled, because
this is a better experience for most users. A small number of
users would prefer to not have this enabled.

Smart lists automatically append new items to each
list started in the composer when enter is pressed. If
enter is pressed on an empty list item, it is cleared.

This setting will be removed when the new composer is complete.
2024-10-28 14:18:15 +10:00
Martin Brennan 456fbb1dbf
FEATURE: Allow themes to define screenshots (#29079)
This commit allows themes to define up to 2 screenshots
in about.json. These should be paths within the theme's
git repository, images with a 1MB max file size and max width 3840x2160.

These screenshots will be downloaded and stored against a theme
field, and we will use these in the redesigned theme grid UI.

These screenshots will be updated when the theme is updated
in the same way the additional theme files are.

For now this is gated behind a hidden `theme_download_screenshots`
site setting, to allow us to test this on a small number of sites without
making other sites make unnecessary uploads.

**Future considerations:**

* We may want to have a specialized naming system for screenshots. E.g. having light.png/dark.png/some_palette.png
* We may want to show more than one screenshot for the theme, maybe in a carousel or reacting to dark mode or color palette changes
* We may want to allow clicking on the theme screenshot to show a lightbox
* We may want to make an optimized thumbnail image for the theme grid

---------

Co-authored-by: Ted Johansson <ted@discourse.org>
2024-10-28 10:10:20 +10:00
Martin Brennan 77f63a45d3
FIX: Use site contact user + group for Revise... review action (#29271)
Followup 9762e65758

When we added the Revise... option for posts/new topics
in the review queue, which sends a PM to the user, we used
`SystemMessage.create_from_system_user`, which always sends
the PM from the system user. However, this makes it so if the
user replies to the PM, which they are encouraged to do,
no one will see it unless they actively monitor the system inbox.

This commit changes it so `SystemMessage.create` is used,
which uses the `site_contact_username` and `site_contact_group`
site settings as participants in the sent PM. Then, when the
user replies, it will send to that inbox instead.

If `site_contact_username` is blank, the system user is used.
2024-10-28 09:40:10 +10:00
Guhyoun Nam 82ad7f9d17
DEV: Delete plugin specific webhook event types (#29374)
Background
When creating webhooks on a site without the Discourse Category Experts plugin installed, the category_experts_unapproved_event and category_experts_approved_event webhook events are getting automatically added to webhooks without a way to disable them.

The category_experts_unapproved_event and category_experts_approved_event webhook events are associated with the Discourse Category Experts plugin so I am moving these webhook events into the Category Experts plugin.

Changes
This PR deletes Category Experts plugin specific webhook event types added into core.
2024-10-24 11:02:58 -05:00
Bianca Nenciu d37a0d401c
FEATURE: Introduce an optimized style for category page (#29239)
The new style is called `categories_only_optimized` and it is designed
to show only the parent categories, without any subcategories. This
works best for communities with many categories (over a thousand).
2024-10-24 13:46:42 +03:00
Jarek Radosz 7acf9e6caf
FIX: Invalid `raise` syntax (#29364) 2024-10-23 11:40:14 +02:00
Kelv 8f9b827d15
DEV: drop password-related columns from users table (#29187) 2024-10-23 13:42:35 +08:00
Ted Johansson f31f8cc15f
FIX: Avoid duplicate problem admin notices (#29329)
As part of #29272 we made a unique index work on PG13 by introducing a dummy string to represent "NULL".

We missed one spot, leading to a potential for duplicate admin notices for problems without a target.

This fixes that.
2024-10-22 11:17:27 +08:00
Martin Brennan bd4e8422fe
FEATURE: Revive legacy pageview reports (#29308)
This commit brings back some reports hidden or changed
by the commit in 14b436923c if
the site setting `use_legacy_pageviews` is false.

* Unhide the old “Consolidated Pageviews” report and rename it
  to “Legacy Consolidated Pageviews”
* Add a legacy_page_view_total_reqs report called “Legacy Pageviews”,
  which calculates pageviews in the same way the old page_view_total_reqs
  report did.

This will allow admins to better compare old and new pageview
stats which are based on browser detection if they have switched
over to _not_ use legacy pageviews.
2024-10-22 10:06:22 +10:00
Régis Hanol 88449541a5
FIX: participating users statistics... (#29293)
* FIX: participating users statistics...

... was (mis-)counting

- bots
- anonymous users
- suspended users

There's now a "valid_users" function that holds the AR query for valid users and which is used in all "users", "active_users", and "participating_users" queries.

Internal ref - t/138435
2024-10-21 18:18:42 +02:00
Ted Johansson 56df077931
FIX: Don't error out on empty reserved_usernames setting (#29305)
We're seeing errors in logs due to some sites setting the reserved_usernames setting to nil. This is causing multiple use cases upstream of User#reserved_username? to error out.

This commit changes from using the raw #reserved_usernames to using the #reserved_usernames_map helper which exists on list-type site settings. It returns an empty array if the raw value is nil or empty string.
2024-10-21 14:38:37 +08:00
Ted Johansson 93625ef07c
FIX: Make problem check tracker unique constraint work on PG13 (#29272)
In #29169 we added a NULLS NOT DISTINCT option to the unique index on problem_check_trackers. This is to enforce uniqueness even when the target is NULL. (Postgres considers all NULLs to be distinct by default.)

However, this only works in PG15. In PG13 it does nothing.

This commit adds a default dummy string value __NULL__ to target. Since it's a string, PG13 will be able to correctly identify duplicate records.
2024-10-21 10:45:09 +08:00
Ted Johansson fc2093fc7e
FIX: Don't error out on nested top topic period param (#29275)
We're expecting the period param to be something that neatly coerces into a symbol. If we receive something like a nested parameter, this will blow up.

This commit raises an InvalidParameters exception in the case of a non-stringy period parameter.
2024-10-21 10:44:43 +08:00
Kelv 698748bfec
FIX: setting new password should reset password_expired_at (#29296) 2024-10-21 07:24:43 +08:00
Roman Rizzi f227f66b11
DEV: Trigger an event after updating topic hot scores (#29261) 2024-10-18 11:08:48 -03:00
Bianca Nenciu c1f078cacf
FIX: Make subcategories page more like categories (#29240)
The subcategories page was not paginated and it was using the
subcategory style from the category settings. The same page style should
be used for categories and subcategories page.
2024-10-17 19:47:53 +03:00
Sam c08c40dc23
FEATURE: theme_modifiers can depend on theme settings (plus serialize_post_user_badges) (#29227)
Theme modifiers can now be defined as theme settings, this allows for
site operators to override behavior of theme modifiers.

New syntax is:

```
{
    ...
   "modifiers": {
      "modifier_name": {
         "type": "setting",
         "value": "setting_name"
      }
   }
}
```

This also introduces a new theme modifier for serialize_post_user_badges. Name of badge must match the name of the badge in the badges table. The client-side is updated to load this new data from the post-stream serializer.

Co-authored-by: David Taylor <david@taylorhq.com>
2024-10-17 15:16:16 +01:00
Alan Guo Xiang Tan 322a3be2db
DEV: Remove logical OR assignment of constants (#29201)
Constants should always be only assigned once. The logical OR assignment
of a constant is a relic of the past before we used zeitwerk for
autoloading and had bugs where a file could be loaded twice resulting in
constant redefinition warnings.
2024-10-16 10:09:07 +08:00
Bianca Nenciu 8016fcab33
DEV: Drop old notification id columns (#28550)
The `id` column of `notifications` table and `notification_id` columns
of the other tables have been migrated to bigint in previous commits
(for example, 799a45a).

In order to run the migrations with zero downtime, the data had to be
copied to new columns and swapped, but the old columns have been kept
to allow for rollback. They are no longer needed now.
2024-10-15 11:58:57 +03:00
Jarek Radosz 8105b545c3
DEV: Fix random typos (#29161) 2024-10-10 16:11:55 +02:00
Mark VanLandingham 909264ee75
DEV: Publish DiscourseEvent after top topic period is calculated (#29142) 2024-10-10 08:10:39 -05:00
Kelv 32e261ef73
DEV: Migrate user passwords data to UserPassword table (#28746)
* Add migrations to ensure password hash is synced across users & user_passwords

* Persist password-related data in user_passwords instead of users

* Merge User#expire_old_email_tokens with User#expire_tokens_if_password_changed

* Add post deploy migration to mark password-related columns from users table as read-only

* Refactored UserPassword#confirm_password? and changes required to accommodate hashing the password after validations
2024-10-10 09:23:06 +08:00
Alan Guo Xiang Tan 27c34915ae
DEV: Fix flaky request tracker system spec (#29136)
`Date.today` relies on the system's timezone instead of
`Rails.configuration.time_zone`. This can cause tests to fail when we
assert against the date of a record. Just use `Time.zone.today` instead
so that we always follow `Rails.configuration.time_zone`.
2024-10-09 07:53:08 +08:00
Krzysztof Kotlarek 4ea3d69979
FIX: flaky flags system spec (#29039)
Because of unreliability, the spec was temporarily disabled. However, it is ensuring that the custom flags system is working correctly. Therefore it would be great to enable it again.

I made a few fixes to try to mitigate this situation:
- Reduced amount of Redis calls;
- When deleting, ensure that the modal is closed before checking the result;
- Moved duplicated name tests to a separate block;
- Increased wait time to 3 times the default because I noticed that sometimes it gets stuck for a moment. Most of the time it is fast, but sometimes when I run tests in a loop 50 times I see slowness.
2024-10-08 08:38:42 +11:00
Régis Hanol 34d04e7507
SECURITY: add pagination to post replies
When a post has some replies, and the user click on the button to show them, we would load ALL the replies. This could lead to DoS if there were a very large number of replies.

This adds support for pagination to these post replies.

Internal ref t/129773

FIX: Duplicated parent posts

DEV: Query refactor
2024-10-07 11:48:48 +08:00
Jeff Wong 7d441e3782
FIX: skips caching a generated secret key base token if `skip_redis` is true. (#29029)
Allows for `SKIP_DB_AND_REDIS` env var to be used without a secret key setup in
global setting env.
2024-10-06 06:46:58 -07:00
Kris cd220299cf
UX: Add label for delete own post button in review queue (#28991) 2024-09-30 10:35:16 -04:00
Linca a1e5796ba1
FEAT: Allow admin delete user's associated accounts (#29018)
This commit introduces a feature that allows an admin to delete a user's
associated account. After deletion, a log will be recorded in staff
actions.

ref=t/136675
2024-09-27 20:08:05 +08:00
Ted Johansson e60876ce49
FIX: Appropriately handle uninstalled problem checks (#28771)
When running checks, we look to the existing problem check trackers and try to grab their ProblemCheck classes.

In some cases this is no longer in the problem check repository, e.g. when the check was part of a plugin that has been uninstalled.

In the case where the check was scheduled, this would lead to an error in one of the jobs
2024-09-18 10:11:52 +08:00
Loïc Guitaut bee8214399 DEV: Drop unused column `translation_overrides.compiled_js` 2024-09-17 09:58:10 +02:00
Ted Johansson be33363f13
FEATURE: Add ability to dismiss admin notices (#28916)
his is a new feature that lets admins dismiss notices from the dashboard. This helps with self-service in cases where a notice is "stuck", while we work on provisions to prevent "sticking" in the first place.
2024-09-17 14:43:34 +08:00
Jan Cernik 0c019b2e45
FIX: Error when moving the group default notification state (#28910) 2024-09-13 16:01:20 -03:00
Kris a914d3230b
DEV: remap all core icons for fontawesome 6 upgrade (#28715)
Followup to 7d8974d02f

Co-authored-by: David Taylor <david@taylorhq.com>
2024-09-13 16:50:52 +01:00
Osama Sayegh 3baf6233aa
FIX: Remove anonymous users from users directory (#28892)
Anonymous users are "shadow" users created when an existing real user desires to post anonymously. This feature is off by default, but it can be enabled via the `allow_anonymous_posting` site setting. Those shadow users shouldn't be included in the users directory (`/u`).
2024-09-13 15:12:57 +03:00
Alan Guo Xiang Tan 97143efc52
PERF: Drop `user_search_similar_results` site setting (#28874)
In 14cf8eacf1, we added the
`user_search_similar_results` site setting which when enabled will use
trigram matching for similarity search in `UserSearch`. However, we
noted that adding the `index_users_on_username_lower_trgm` index is
causing the PG planner to not use the `index_users_on_username_lower`
index when the `=` operator is used against the `username_lower` column.

Based on the PG mailing list discussion where support for the `=`
operator in gist_trgm_ops was being considered, it stated that "I also have checked that btree_gist is preferred over pg_trgm gist
index for equality search." This is however quite different from reality
on our own PG clusters where the btree index is not preferred leading to
significantly slower queries when the `=` operator is used.

Since the pg_trgm gist index is only used for queries when the `user_search_similar_results` site setting
is enabled, we decided to drop the feature instead as it is hidden and
disabled by default. As such, we can consider it experiemental and drop
it without deprecation.

PG mailing list discussiong: https://www.postgresql.org/message-id/CAPpHfducQ0U8noyb2L3VChsyBMsc5V2Ej2whmEuxmAgHa2jVXg%40mail.gmail.com
2024-09-13 09:04:02 +08:00
Joffrey JAFFEUX ad90b9cfd1
DEV: Increases external avatar url limit (#28893)
We recently increased it to 1500 but that was not enough: 113e6fd274
2024-09-13 01:08:01 +02:00
Martin Brennan 78268ca767
DEV: Fix another report flaky (#28868)
Followup 0323b366f3

This was happening because another spec was adding a
report using the plugin API, but there was nothing
resetting that, so later in the reports controller
when we did Report.singleton_methods, we ended up
with another report with no translation, causing another
error.
2024-09-12 10:34:38 +10:00
Krzysztof Kotlarek 1f1709d249
FIX: use a custom prefix for custom flags (#28839)
Currently, when the custom flag has the same name as the system flag (which is disabled) then it is not displayed. To fix the problem, `custom_` prefix as `name_key` is used to distinguish between the system and the custom flag.

I considered writing a migration to fix existing custom flags name key. However, at the end of migration I would need to run rails code to reset cache `Flag.reset_flag_settings!`. I decided to skip that step as it is a very edge case. If someone has the same flag name as the system flag, then all they have to do is edit the flag and click save.

In addition, I made 2 small fixes:
- edit flag title was missing translation;
- flag form UI was not showing that description is the required field.
2024-09-11 15:30:20 +10:00
Keegan George f2059bf15f
FIX: Form template limit validation (#28791) 2024-09-10 08:11:44 -07:00
Osama Sayegh 0a994a9221
FEATURE: Add setting to exclude groups from /about page (#28809)
This commit adds a new `about_page_hidden_groups` setting to exclude members of specific groups from the admin and moderator lists on the /about page.

Internal topic: t/137717.
2024-09-10 14:43:41 +03:00
Martin Brennan 14b436923c
FEATURE: Switch to new methods of pageview measurement and reporting (#28729)
### UI changes

All of the UI changes described are gated behind the `use_legacy_pageviews`
site setting.

This commit changes the admin dashboard pageviews report to
use the "Consolidated Pageviews with Browser Detection" report
introduced in 2f2da72747 with
the following changes:

* The report name is changed to "Site traffic"
* The pageview count on the dashboard is counting only using the new method
* The old "Consolidated Pageviews" report is renamed as "Consolidated Legacy Pageviews"
* By default "known crawlers" and "other" sources of pageviews are hidden on the report

When `use_legacy_pageviews` is `true`, we do not show or allow running
the "Site traffic" report for admins. When `use_legacy_pageviews` is `false`,
we do not show or allow running the following legacy reports:

* consolidated_page_views
* consolidated_page_views_browser_detection
* page_view_anon_reqs
* page_view_logged_in_reqs

### Historical data changes

Also part of this change is that, since we introduced our new "Consolidated
Pageviews with Browser Detection" report, some admins are confused at either:

* The lack of data before a certain date , which didn’t exist before
  we started collecting it
* Comparing this and the current "Consolidated Pageviews" report data,
  which rolls up "Other Pageviews" into "Anonymous Browser" and so it
  appears inaccurate

All pageview data in the new report before the date where the _first_
anon or logged in browser pageview was recorded is now hidden.
2024-09-10 09:51:49 +10:00