Commit Graph

29551 Commits

Author SHA1 Message Date
Sam 83f1a13374
DEV: stop leaking data into tables during test (#21403)
This amends it so our cached counting reliant specs run in synchronize mode

When running async there are situations where data is left over in the table
after a transactional test. This means that repeat runs of the test suite
fail.
2023-05-06 07:15:33 +10:00
David Taylor c9a6d9ac89
FIX: Resolve timezone issues with date-time-input (#21414)
- Ensure changing timezones are reflected immediately in the date-time-input (the computed property was missing a dependent key)

- Ensure date-input doesn't lose timezone information (calling `toDate()` causes moment timestamps to lose timezone information)

This was created to resolve issues in the discourse-calendar plugin (https://github.com/discourse/discourse-calendar/pull/399)
2023-05-05 18:18:24 +01:00
Bianca Nenciu 37cacf72ae
FIX: Service worker should cache only 200 requests (#21409)
This can cause CORB issues when combining S3, secure uploads and
service workers.
2023-05-05 11:33:47 -04:00
David Taylor 98ea356fec DEV: re-enable skipped modifyClass test
This issue is fixed in Ember 3.28.12
2023-05-05 12:56:24 +01:00
dependabot[bot] ca1ee6751f Build(deps): Bump ember-source in /app/assets/javascripts
Bumps [ember-source](https://github.com/emberjs/ember.js) from 3.28.11 to 3.28.12.
- [Release notes](https://github.com/emberjs/ember.js/releases)
- [Changelog](https://github.com/emberjs/ember.js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember.js/compare/v3.28.11...v3.28.12)

---
updated-dependencies:
- dependency-name: ember-source
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-05 12:56:24 +01:00
Kris f705e6d367
DEV: add class names to group directory table (#21393) 2023-05-05 09:30:54 +10:00
Joffrey JAFFEUX 5e5a67ef88
Revert "DEV: Replace Ember implicit injections with base class extensions (#21258)" (#21397)
This reverts commit 6ce1fbc479.
2023-05-05 09:26:07 +10:00
Daniel Waterworth 0a96579cef
DEV: Allow site setting errors to be displayed as html if they are safe (#21342)
This is only useful for plugins currently

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-05-04 15:01:19 -05:00
Kris 2cc644cec7
DEV: add panel-body-bottom outlet to user menu (#21386) 2023-05-04 13:17:50 -04:00
Andrei Prigorshnev e7faef9d65
DEV: extract emulateAutocomplete test helper (#21363) 2023-05-04 18:09:05 +04:00
Penar Musaraj 76157c6fb0
Revert "A11Y: select kit close on focus out (#21274)" (#21383)
This reverts commit 1b2a1c94d4. Noticed
some issues in Safari macOS that need to be addressed.
2023-05-04 09:45:19 -04:00
Andrei Prigorshnev c1c017f433
DEV: drop a deprecated function (#21364)
I've made sure there are no usages in plugins
2023-05-04 15:25:19 +04:00
Selase Krakani 0424eb8db2
FIX: Ensure expand table works regardless of click event target (#21373)
In the expand table event handler, we currently rely on `event.target`
to select the table being expanded. Sometimes, the target is the svg icon
wrapped inside the button instead of the button itself. This throws
things off.

This change uses `currentTarget` which refers to the button
element even if the event originated from svg icon.
2023-05-04 10:09:37 +00:00
dependabot[bot] b75c17fe42
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#21351)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.21.4 to 7.21.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.8/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-04 11:50:23 +02:00
dependabot[bot] 104b7ed236
Build(deps): Bump @babel/core in /app/assets/javascripts (#21349)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.21.4 to 7.21.8.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.8/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-04 11:30:57 +02:00
David Taylor 05cd39d4d9
FIX: Do not log 'personal message view' when sending webhook (#21375)
Similar to the issue resolved by 3b55de90e5
2023-05-04 10:15:31 +01:00
dependabot[bot] c8232792eb
Build(deps): Bump webpack in /app/assets/javascripts (#21376)
Bumps [webpack](https://github.com/webpack/webpack) from 5.81.0 to 5.82.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.81.0...v5.82.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-04 10:51:39 +02:00
Penar Musaraj d4a2e9a740
UX: Use fixed colors for admin stacked chart reports (#21371)
* UX: Use fixed colors for admin stacked chart reports

* Fix specs
2023-05-04 08:35:19 +02:00
Krzysztof Kotlarek 709fa24558
DEV: move sidebar community section to database (#21166)
* DEV: move sidebar community section to database

Before, community section was hard-coded. In the future, we are planning to allow admins to edit it. Therefore, it has to be moved to database to `custom_sections` table.

Few steps and simplifications has to be made:
- custom section was hidden behind `enable_custom_sidebar_sections` feature flag. It has to be deleted so all forums, see community section;
- migration to add `section_type` column to sidebar section to show it is a special type;
- migration to add `segment` column to sidebar links to determine if link should be displayed in primary section or in more section;
- simplify more section to have one level only (secondary section links are merged);
- ensure that links like `everything` are correctly tracking state;
- make user an anonymous links position consistence. For example, from now on `faq` link for user and anonymous is visible in more tab;
- delete old community-section template.
2023-05-04 12:14:09 +10:00
Kris 36c3a2422b
UX: in sidebar dropdown mode expose 'more' items (#21372) 2023-05-04 07:26:00 +08:00
Alan Guo Xiang Tan c636fcf4fc
FIX: Blank user messages inbox dropdown on subfolder setup. (#21356)
This commit fixes a bug on subfolder setups where the user messages
inbox dropdown will always be blank. This is because we were comparing
URLs using values from `router.currentURL` and `router.urlFor` where
`router.currentURL` does not include `router.rootURL` while
`router.urlFor` does.
2023-05-04 06:18:05 +08:00
Kris 4f306cf88f
UX: fix color scheme setting reset position (#21365) 2023-05-03 13:37:23 -04:00
Kris 856755a383
FIX: ensure user admin button is present on mobile (#21366) 2023-05-03 13:34:51 -04:00
Bianca Nenciu cc18a99105
FEATURE: Add new notification for admin problems (#21287)
Add new notification for admin problems to replace old PM-based flow.
2023-05-03 19:35:22 +03:00
David Taylor 6ce1fbc479
DEV: Replace Ember implicit injections with base class extensions (#21258)
Ember's implicit injections feature is removed in Ember 4.x. We want to give ourselves more time to migrate to explicit injections, so this commit re-implements our implicit injections as extensions to the base framework classes.

Incremental migration to newer patterns can be achieved using the `@disableImplicitInjections` class decorator (available from `discourse/lib/implicit-injections').

This resolves and unsilences the `implicit-injections` deprecation.
2023-05-03 10:39:30 +01:00
NullVoxPopuli 393e6b4797
DEV: Move app build-time dependencies to devDependencies (#21310) 2023-05-03 09:25:13 +01:00
Loïc Guitaut 783c935dcb DEV: Set limits for text fields in reviewables 2023-05-03 09:54:54 +02:00
Kris 3ea86985b9
UX: fix color preference layout (#21346) 2023-05-03 10:11:52 +08:00
Kris 8caa58acf2
DEV: remove old and experimental user menu styles (#21326) 2023-05-02 15:07:42 -04:00
Penar Musaraj 1b2a1c94d4
A11Y: select kit close on focus out (#21274)
When navigating with the keyboard, the select-kit would not close when
focus was moved to an element outside of the body. For example, when
navigating via Tab or Shift+Tab, once the end (or beginning) of the list
was reached, focus would move out of the SK element, but the SK itself
would stay visible.

Switching from a click event to a focusout event solves the issue and
covers both mouse and keyboard navigation.
2023-05-02 14:22:31 -04:00
Joffrey JAFFEUX 616f4a1118
FIX: disables send btn while uploads in progress (#21298)
Before this fix you could press send while upload was in progress and lose it as it was not yet uploaded.
2023-05-02 18:11:40 +02:00
David Taylor 19540dfa0e
DEV: Do not include silenced Discourse deprecations in counter (#21336)
Silenced Ember deprecations were already being excluded from the test output. This applies the same logic to Discourse deprecations.
2023-05-02 14:55:41 +01:00
NullVoxPopuli b3e063bc63
DEV: Co-locate select-kit component templates (#20779) 2023-05-02 14:10:53 +01:00
Joffrey JAFFEUX 6c90747dea
FIX: correctly use types for reviewables type (#21333)
Before this fix if the underlying model of a reviewable was changed, the filter wouldn't work anymore as it was expecting a 1:1 relation between filter type and model name.

This commit also relies on the `Reviewable.types` array to check against valid types instead of a regex not checking much.

Finally this commit adds a spec to ensure chat reviewables are listable from the review index page.
2023-05-02 14:21:14 +02:00
Gerhard Schlager 01dc461cc2
FIX: Disallow invisible Unicode characters in usernames (#21331)
The list of excluded characters is based on https://invisible-characters.com/ and the list of invisible characters used by Visual Studio Code (https://github.com/hediet/vscode-unicode-data)
2023-05-02 17:34:53 +10:00
Krzysztof Kotlarek a8e28060d1
FIX: rename notify_about_flags_after to notify_about_reviewable_item_after (#21320)
Change name and description for SiteSetting to make it easier to understand.
2023-05-02 08:08:22 +10:00
Mark VanLandingham 86385bc9cf
REVERT: "FEATURE: Offline indicator controlled by message-bus connectivity (#21324)" (#21327)
This reverts commit b1da670898.
2023-05-01 15:27:02 -05:00
Penar Musaraj d697fd5766
DEV: Do not rerender widgets on mouseup/mousedown (#21300)
Ran into an issue with these hooks preventing click events on anchors from completing (because the triggered rerender cancels the click). See:
https://github.com/discourse/discourse-header-search/pull/24

This change should have no effect on existing usage of these hooks. Current usage is limited to:

- legacy navigation (should be a no-op)
- reactions plugin (should be a no-op)
- discourse-header-search (will fix the issue!)
2023-05-01 14:07:49 -04:00
Mark VanLandingham b1da670898
FEATURE: Offline indicator controlled by message-bus connectivity (#21324) 2023-05-01 12:41:30 -05:00
Mark VanLandingham 685e1de3ea
DEV: Fire appEvents for user menu events (opening/clicking) (#21322) 2023-05-01 11:31:57 -05:00
Kris 4cca7de22d
UX: two column dropdown sidebar layout (#21288) 2023-05-01 10:41:28 -04:00
Blake Erickson e2fbf4865a
DEV: Check if video thumbnails site setting is enabled (#21306) 2023-04-28 14:08:20 -06:00
Blake Erickson 0dea991156
FIX: Empty video thumbnails (#21290)
* FIX: Empty video thumbnails

This fix ensures that topic video thumbnail generation is completed
before the composer is allowed to submit which should prevent some bugs
around missing thumbnails on video topics.

* move callback to on upload-success
2023-04-28 12:14:36 -06:00
Jarek Radosz 4a08c23965
DEV: Show select-kit deprecations in non-dev envs (#21297)
We should have them in CI ;) (silenced for now, fixing them is not a priority)
2023-04-28 17:58:41 +02:00
Penar Musaraj a67c96438c
UX: Fix user onebox layout (#21284) 2023-04-28 09:50:49 -04:00
Mark VanLandingham 36d388b57f
Revert "FEATURE: Reimplement offline indicator (#21285)" (#21296)
This reverts commit de1066abcd.
2023-04-28 06:59:10 -05:00
Mark VanLandingham de1066abcd
FEATURE: Reimplement offline indicator (#21285) 2023-04-28 06:32:35 -05:00
dependabot[bot] fe3944f188
Build(deps): Bump webpack in /app/assets/javascripts (#21272)
Bumps [webpack](https://github.com/webpack/webpack) from 5.79.0 to 5.81.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.79.0...v5.81.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-27 20:45:49 +02:00
Daniel Waterworth ae63d9ea09
PERF: Remove unnecessary queries from Theme#set_field (#21281) 2023-04-27 13:04:58 -05:00
Mark VanLandingham 3527fbcd8e
Revert "FEATURE: Service to track message bus connectivity + offline indicator(#21259)" (#21282)
This reverts commit 6bba514b64.
2023-04-27 12:55:41 -05:00
Mark VanLandingham 6bba514b64
FEATURE: Service to track message bus connectivity + offline indicator(#21259) 2023-04-27 11:04:56 -05:00
David Taylor f5fa1ef771
UX: Use dvh for sidebar height (#21278)
This will automatically adjust when browser UI is shown/hidden (e.g. when scrolling up/down on mobile Safari).

Similar approach to c82094cd9d, which targeted the 'slide-in' version of menus.
2023-04-27 16:31:09 +01:00
Loïc Guitaut c4c2da83b4 DEV: Set limits for text fields in badges 2023-04-27 17:22:32 +02:00
Selase Krakani 552697e194
DEV: Add deprecation warning for user_badge_removed event (#21255)
`user_badge_removed` event has been replaced with `user_badge_revoked`
2023-04-27 13:07:02 +00:00
Andrei Prigorshnev e49d338c21
DEV: extract updating status on mentions into a lib function (#21265)
We'll be using this lib function for adding status to mentions in chat.
It's covered with tests in post-inline-mentions-test.js.
2023-04-27 16:02:21 +04:00
Loïc Guitaut a89b3c27aa DEV: set limits for text fields on groups 2023-04-27 13:58:46 +02:00
Sam 2ccc5fc66e
FEATURE: add support for figure and figcaption tags in embeddings (#21276)
Many blog posts use these to illustrate and images were previously omitted

Additionally strip superfluous HTML and BODY tags from embed HTML.

This was incorrectly returned from server.
2023-04-27 19:57:06 +10:00
Penar Musaraj 3abc542e63
FIX: Include group flair in homepage category topic lists (#21268)
Followup to c03f83bbea.

The `flair_group_id` parameter is now required to show the flair, and this serializer was missing that detail. 

This also fixes a typo in the `include_flair_group_name?` method.
2023-04-27 10:18:16 +08:00
dependabot[bot] b988f13817
Build(deps): Bump sass from 1.62.0 to 1.62.1 in /app/assets/javascripts (#21273)
Bumps [sass](https://github.com/sass/dart-sass) from 1.62.0 to 1.62.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.62.0...1.62.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-27 09:03:12 +08:00
Selase Krakani 37cc056c1b
FIX: Ensure group-filtered group user event webhooks fire (#21254)
Group user event webhooks filtered by group fail silently
because the `group_ids` job arg wasn't being passed into the job.

This change add's `group_ids` to the `EmitWebHookEvent` jobs queued for
`user_added_to_group` and `user_removed_from_group` events.
2023-04-26 22:38:28 +00:00
Penar Musaraj 3c4241c0b6
A11Y: Use correct structure for badge headings (#21267) 2023-04-26 17:40:00 -04:00
Blake Erickson 67a8c13197
DEV: Create a site setting for video thumbnails (#21266)
Creating a way to disable the auto generation of video thumbnails.
2023-04-26 14:18:59 -06:00
Isaac Janzen c6d44e504f
DEV: Remove legacy resolver (#21263) 2023-04-26 13:39:15 -05:00
chapoi 1372c5c435
UX: onebox/blockquote/chatreaction slight accent colour change (#21252) 2023-04-26 15:11:20 +02:00
Andrei Prigorshnev 9932f144c2
DEV: Warn when trying to track user status for user models without ID (#21205)
User status updates come from the server in a map where keys are user IDs. 
If user.trackStatus() is called for a user model without an ID, the model 
cannot identify its status updates and silently misses them. It's quite hard to 
notice that a user rendered in the UI doesn't receive live status updates. 
Also, it's not immediately obvious what's the reason of the problem. 
A warning will be very helpful here.
2023-04-26 17:05:47 +04:00
David Taylor 22991bba44 DEV: Update references from `controller:composer` to `service:composer` 2023-04-26 12:19:41 +01:00
David Taylor 346d80b582 DEV: Convert composer controller to service
Named outlets are deprecated and will be removed in Ember 4.x.

Backwards-compatibility shims are introduced so that plugin overrides to `controller:composer` are ported to `service:composer`.
2023-04-26 12:19:41 +01:00
David Taylor 0d4f77af54 DEV: Move composer template and controller to component/service
This commit simply renames the files to make our git history cleaner
2023-04-26 12:19:41 +01:00
dependabot[bot] dd19f3dbc0
Build(deps): Bump patch-package in /app/assets/javascripts (#21244)
Bumps [patch-package](https://github.com/ds300/patch-package) from 6.5.1 to 7.0.0.
- [Release notes](https://github.com/ds300/patch-package/releases)
- [Changelog](https://github.com/ds300/patch-package/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ds300/patch-package/compare/v6.5.1...v7.0.0)

---
updated-dependencies:
- dependency-name: patch-package
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-26 10:45:23 +02:00
Joffrey JAFFEUX 427fa36edd
FIX: generates markdown from pasting link (#21241)
After removing `TextareaTextManipulation` from `ChatComposer` and using `TextareaInteractor` as a proxy, one function has been forgotten: `paste(event)` which is not available in glimmer components anymore, and even less avaiable now that the mixin is not tied to a component anymore but a real DOM node. As a solution we now add a manual paste event listener which will call `paste(event)`.
2023-04-26 10:05:48 +02:00
Canapin 1de513cbdd
UX: Fix space position in badge counts (#21240) 2023-04-26 06:15:26 +08:00
Kris 06893d8505
UX: minor installation success style adjustments (#21239) 2023-04-25 15:50:54 -04:00
Penar Musaraj 4e0c07c56d
UX: Include subcategories in crawler view (#21227)
Adds a bit more information to the categories view for crawlers, for better indexing of deep content.

This only works when the "Subcategories with Featured Topics" is the selected layout.
2023-04-25 10:51:45 -04:00
Andrei Prigorshnev 0ea5ae86ff
DEV: return user IDs on the user search route (#21206)
We call the `/u/search/users` URL when autocompleting users. It returns 
user's name, username and avatar template, but not user ID.

We need it to return user IDs in order to display user status in certain situations. 
I could add ID to FoundUserWithStatusSerializer, so it will be added only if 
user status is enabled in site settings. But I feel that it's good to always return it, 
it's not a lot of data comparing to what we already return, and it should be useful 
in other scenarios.
2023-04-25 18:25:57 +04:00
Penar Musaraj b59e0b22f4
DEV: Add error message styling (#21225)
To security key errors when confirming new email.
2023-04-25 08:40:18 -04:00
Joffrey JAFFEUX bf886662df
UX: improves composer and thread panel (#21210)
This pull request is a full overhaul of the chat-composer and contains various improvements to the thread panel. They have been grouped in the same PR as lots of improvements/fixes to the thread panel needed an improved composer. This is meant as a first step.

### New features included in this PR

- A resizable side panel
- A clear dropzone area for uploads
- A simplified design for image uploads, this is only a first step towards more redesign of this area in the future

### Notable fixes in this PR

- Correct placeholder in thread panel
- Allows to edit the last message of a thread with arrow up
- Correctly focus composer when replying to a message
- The reply indicator is added instantly in the channel when starting a thread
- Prevents a large variety of bug where the composer could bug and prevent sending message or would clear your input while it has content

### Technical notes

To achieve this PR, three important changes have been made:

- `<ChatComposer>` has been fully rewritten and is now a glimmer component
- The chat composer now takes a `ChatMessage` as input which can directly be used in other operations, it simplifies a lot of logic as we are always working a with a `ChatMessage`
- `TextareaInteractor` has been created to wrap the existing `TextareaTextManipulation` mixin, it will make future migrations easier and allow us to have a less polluted `<ChatComposer>`

Note ".chat-live-pane" has been renamed ".chat-channel"

Design for upload dropzone is from @chapoi
2023-04-25 10:23:03 +02:00
Ted Johansson 02625d1edd
DEV: Only allow expanding hidden posts for author and staff (#21052) 2023-04-25 13:37:29 +08:00
Sam fd4aea7bc5
FIX: bbcode URLs not handling paths correctly (#21215)
Due to the order we were parsing markdown, bbcode [url] elements were not
handled properly.

`[url]https://example.com/path[/url]` was not currectly parsing cause
linkify was detecting the url as: `https://example.com/path[/url]` which is
legit.

To resolve this I swapped url to use a replace rule, and instead re-parsed
the internal payload and injected the tokens in.

This fix is complex cause we support stuff like

`[url][b]test.com[/b][/url]`

So we need to parse the content inside url `[b]test.com[/b]`
2023-04-25 11:28:32 +10:00
Isaac Janzen 366ff0e76b
FIX: Don't display destroy reviewable button on client (#21226)
# Context

https://meta.discourse.org/t/missing-translate-in-review-page/262604

![image](https://user-images.githubusercontent.com/50783505/234089049-72332040-e7d5-4081-824a-b0b36e37187a.png)

An additional button was added as a result of dd495a0e19 which was intended to grant access to deleting reviewable from the API. 

We were being too flexible by only checking if the user was an admin

012aaf0ba3/lib/guardian.rb (L237)

where it should instead by scoped to check if the request was an API call.

# Fix

https://github.com/discourse/discourse/pull/21226/files#diff-0a2548be4b18bd4ef2dffb3ef8e44984d2fef7f037b53e98f67abea52ef75aa2R237

# Additions

Added a new guard of `is_api?`

https://github.com/discourse/discourse/pull/21226/files#diff-0a2548be4b18bd4ef2dffb3ef8e44984d2fef7f037b53e98f67abea52ef75aa2R657-R660

In `app/models/reviewable.rb` we check if the user has the permissions to the destroy action via the `Guardian`. To do this we were instantiating a new `Guardian` class which then caused us to lose the context of the request. The request is a necessary component in the guard of `is_api?` so we needed to pass the already defined Guardian from the `app/controllers/reviewables_controller.rb` to the `#perform` method to ensure the request is present.
2023-04-24 20:22:37 -05:00
Selase Krakani cdf1589a85
FEATURE: Add support for user badge revocation webhook events (#21204)
Currently, only user badge grants emit webhook events. This change
extends the `user_badge` webhook to emit user badge revocation events.

A new `user_badge_revoked` event has been introduced instead of relying
on the existing `user_badge_removed` event. `user_badge_removed` emitted
just the `badge_id` and `user_id` which aren't helpful for generating a
meaningful webhook payload for revoked(deleted) user badges.

The new event emits  the user badge object.
2023-04-24 20:36:40 +00:00
Jan Cernik c03f83bbea
FIX: Show auto-group flair according to user preferences (#21221) 2023-04-24 16:04:26 -03:00
Blake Erickson 6890beb95a
FIX: Blank video thumbnails (#21200)
* FIX: Blank video thumbnails

On some mobile and possibly other browsers, the automatic video
thumbnail generation would create blank or all white images.

This commit addresses several different issues that was preventing image
generation from working correctly on mobile.

* fix typo
2023-04-24 12:34:30 -06:00
David Taylor cd88af8876
FIX: Ensure reviewable counts are updated correctly for new user menu (#21222)
On the client-side, message-bus subscriptions and reviewable count UI is based on the 'redesigned_user_menu_enabled' boolean. We need to use the same logic on the server-side to ensure things work correctly when legacy navigation is used alongside the new user menu.
2023-04-24 16:59:32 +01:00
Mark VanLandingham 012aaf0ba3
PERF: Don't serialize value for theme_fields unnecessarily (#21201)
The value field of ThemeField is only used when viewing a diff in the staff action logs and local theme editing. value is being serialized into the theme index as well, which is not used. It's a huge amount of JSON that we can cut by removing it.

This also breaks up the various theme serializers into separate classes so they autoload properly (or at least restart the server on edit)
2023-04-24 09:30:51 -05:00
Isaac Janzen 599979902e
FIX: Error when trying to bump a topic with no category (#21207)
When revising a post, if the topic that post belonged to did not have a category attached it would error with 

> NoMethodError (undefined method `read_restricted' for nil:NilClass)
2023-04-24 09:28:10 -05:00
David Taylor aa5038a352
DEV: Update plugin-api docs for new user menu (#20808)
The updated user menu is the default for new sites, and will soon be enabled on older sites. This commit removes the 'EXPERIMENTAL' warning from the new `registerUserMenuTab` API, and adds a note to the `addUserMenuGlyph` documentation.
2023-04-24 12:00:22 +01:00
dependabot[bot] 4aa81e709e
Build(deps): Bump eslint in /app/assets/javascripts (#21213)
Bumps [eslint](https://github.com/eslint/eslint) from 8.38.0 to 8.39.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.38.0...v8.39.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 11:19:57 +02:00
Jarek Radosz 9e2a490f79
DEV: Extract build-quote tests (#21217)
They are not related to pretty-text.
2023-04-24 11:19:28 +02:00
dependabot[bot] 7464634f69
Build(deps): Bump sinon from 15.0.3 to 15.0.4 in /app/assets/javascripts (#21195)
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.0.3 to 15.0.4.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v15.0.3...v15.0.4)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-24 14:42:00 +10:00
Osama Sayegh 2bcbabc087
FIX: Include liked_consolidated and reaction types in the likes tab unread count (#21198) 2023-04-24 14:33:09 +10:00
Blake Erickson 6ae0c42c01
FIX: Do not overwrite existing thumbnails (#21199)
* FIX: Do not overwrite existing thumbnails

When auto generating video thumbnails they should not overwrite any
existing topic thumbnails.

This also addresses an issue with capitalized file extensions like .MOV
that were being excluded.

* Update app/models/post.rb

Remove comment

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>

---------

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-04-21 13:33:33 -06:00
Penar Musaraj 34ffc0065a
FIX: Better detect text selection in search input (#21202)
Followup to 17ba00c395.
Fix for https://meta.discourse.org/t/-/261917

This fixes a usability issue where the user couldn't switch to the user
menu when the search menu was visible and the text in the input was
selected.

Explanation: The `click` event is triggered both when clicking and when
selecting some text and clicking. This means that when selecting text in
the search input, at the end of the selection event, a click event was
triggered. And if that click event happened to be outside of the search
menu, then the menu would be dismissed.

Previously, we fixed this by checked if a current text selection was
present. But that results in a small side-effect of not switching to
other menus. This PR switches to setting a flag during `mouseDown` and
then using that flag when evaluating whether to trigger clickOutside or
not.
2023-04-21 14:30:47 -04:00
Krzysztof Kotlarek 3e414996c2
FIX: increase reorder sidebar delay for desktop (#21196)
100ms as a single click was too fast, because average single click is closer to 250ms.

Previous PR: https://github.com/discourse/discourse/pull/21098
2023-04-21 11:01:52 +10:00
Isaac Janzen ce9cccb2fc
FIX: Don't render error for bad-sequence (#21187)
We are seeing issues with the composer not being able to close due to the addition of a error message when rescuing from `Draft::OutOfSequence`. This PR will revert to the original solution implemented prior to https://github.com/discourse/discourse/pull/21148 that just silently rescues from `Draft::OutOfSequence`
2023-04-20 10:26:11 -05:00
Isaac Janzen dd495a0e19
FEATURE: Allow admins to delete reviewables via API (#21174)
This PR adds the ability to destroy reviewables for a passed user via the API. This was not possible before as this action was reserved for reviewables for you created only.

If a user is an admin and calls the `#destroy` action from the API they are able to destroy a reviewable for a passed user. A user can be targeted by passed either their:
- username
- external_id (for SSO) 

to the request.

In the case you attempt to destroy a non-personal reviewable and
- You are not an admin
- You do not access the `#destroy` action via the API

you will raise a `Discourse::InvalidAccess` (403) and will not succeed in destroying the reviewable.
2023-04-20 09:38:41 -05:00
Kris a03f85ad4a
UX: better digest centering in event of truncation (#21176) 2023-04-20 09:33:50 -04:00
Jarek Radosz 43e0025141
Revert "DEV: Merge package.json files (#21172)" (#21182)
This reverts commit 49a1e1cd0e.

Is causing issues in prod-adjacent environments (Jenkins)
2023-04-20 14:57:40 +02:00
Jarek Radosz 49a1e1cd0e
DEV: Merge package.json files (#21172)
This means: a single yarn.lock and removing one of the package.json files
2023-04-20 12:46:12 +02:00
Ted Johansson e002a24eca
FEATURE: Add new don't feed the trolls feature (#21001)
Responding to negative behaviour tends to solicit more of the same. Common wisdom states: "don't feed the trolls".

This change codifies that advice by introducing a new nudge when hitting the reply button on a flagged post. It will be shown if either the current user, or two other users (configurable via a site setting) have flagged the post.
2023-04-20 15:49:35 +08:00
Martin Brennan 86204fa4f0
FIX: Hashtag subcategory ref incorrect when not highest-ranked type (#21163)
This commit fixes the following scenario:

1. The user is searching for hashtags in chat, where the subcategory
   type is not highest-ranked in priority order.
2. There can, but doesn't have to be, a higher-ranked matching chat
   channel that has the same slug as the subcategory.
3. Since it is not the highest-ranked type, the subcategory, which
   normally has a ref of parent:child, has its ref changed to
   child::category, which does not work

This was happening because whenever a hashtag type was not highest
ranked, if _any_ other hashtag results conflicted slugs, we would
append the ::type suffix. Now, we only append this suffix if a
higher-ranked type conflicts with the hashtag, and we use the current ref
to build the new typed ref to preserve this parent:child format as well,
it's more accurate.
2023-04-20 09:03:55 +10:00
Isaac Janzen a3693fec58
FEATURE: Allow drafts to be deleted via the API (#21148)
This PR adds the ability to destroy drafts for a passed user via the API. This was not possible before as this action was reserved for only your personal drafts.

If a user is an admin and calls the `#destroy` action from the API they are able to destroy a draft for a passed user. A user can be targeted by passed either their:
- username
- external_id (for SSO) 

to the request.

In the case you attempt to destroy a non-personal draft and
- You are not an admin
- You do not access the `#destroy` action via the API

you will raise a `Discourse::InvalidAccess` (403) and will not succeed in destroying the draft.
2023-04-19 14:41:45 -05:00
Mark VanLandingham ff56f403a2
DEV: Add class to composer-ope plugin outlet container (#21171) 2023-04-19 11:47:56 -05:00
Jarek Radosz 9858171f3c
FIX: Resetting user directory columns (#21162)
Having any `plugin` type columns was breaking "Reset to default" functionality.
2023-04-19 17:27:41 +02:00
Canapin 4b9a52cd7c
UX: fix time pickers input width on mobile (#21170) 2023-04-19 10:08:24 -05:00
Canapin bc7ef70380
UX: fix kbd tag text's color in the composer full screen prompt (#21169) 2023-04-19 10:05:26 -05:00
Kris 4eb7d2d79b
UX: improve layout and styles for solo preferences (#21094) 2023-04-19 09:41:02 -04:00
Kris af58dbeb24
UX: update ring animation to avoid scroll (#21150) 2023-04-19 09:13:50 -04:00
Jarek Radosz 9a34625cb8
DEV: Update ember-cli to 4.12.0 (#21074)
It's backward compatible so still supports our 3.28 ember-source.

The visible change is finally getting rid of this message:

```
WARNING: Node v18.12.0 is not tested against Ember CLI on your platform. We recommend that you use the most-recent "Active LTS" version of Node.js. See https://git.io/v7S5n for details.
```

---

`@ember/string` dependency is added for future compatibility. See: https://github.com/ember-cli/ember-cli/pull/10125

---

`tests/helpers/index.js` is unused for now, but is a nice pattern. We could move some of our test setup into local `setupApplicationTest/setupRenderingTest/setupTest` helpers.

Co-authored-by: David Taylor <david@taylorhq.com>
2023-04-19 12:58:29 +02:00
dependabot[bot] 1139478a8c
Build(deps): Bump terser in /app/assets/javascripts (#21168)
Bumps [terser](https://github.com/terser/terser) from 5.17.0 to 5.17.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.17.0...v5.17.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-19 11:37:51 +02:00
dependabot[bot] ade35c7973
Build(deps): Bump terser in /app/assets/javascripts (#21159)
Bumps [terser](https://github.com/terser/terser) from 5.16.9 to 5.17.0.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.16.9...v5.17.0)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-19 09:49:03 +02:00
Keegan George fb21d7bb2d
FIX: Quote button doesn't press on mobile (#21149) 2023-04-18 22:30:24 -07:00
Jarek Radosz 0cd8659b06
DEV: Add a test for the "duplicate link" message (#21139)
A followup to cb1e95cd3d

---

`warning_message = nil` in the rb file was an unused variable
2023-04-18 22:23:20 +02:00
Jarek Radosz 0650504bf5
DEV: Remove `after-transition` function (#21142)
All supported browsers use `transitionend` event now, so this code is not necessary and makes it difficult to use that event in tests (you'd have to trigger all variants to cover the bases)

That function was used only in core (no hits in all-the*) in two places, so I think it's rather safe to just trash it without deprecating it first.

(History Corner – this helper was originally added in the initial commit of Discourse! 1839614bcc/app/assets/javascripts/discourse/components/transition_helper.js.coffee)
2023-04-18 20:45:20 +02:00
NullVoxPopuli e2f65cd170
DEV: Replace virtual-dom fork with patch-package (#21007)
Using patch-package is much easier to reason with than maintaining a full fork of virtual-dom.

Original reasoning for the fork can be found in e216a98f

Patch is based on the diff at c64007150a (diff-f648eb0588a88af826e29622f64aca611e191c66eb9e79396d559edaef622313)
2023-04-18 19:42:25 +01:00
David Taylor 7a8ed517a4
DEV: Improve modifyClass warning message (#21140)
- Print warning when it affects user/currentUser
- Improve description and link to Meta topic
2023-04-18 11:41:38 +01:00
Joffrey JAFFEUX 4fee0fc333
UX: ensures cursor is pointer over custom sections (#21138) 2023-04-18 11:23:09 +02:00
chapoi fbdafd712b
UX: improve contrast of overridden setting indicator dot (#21128) 2023-04-18 09:09:38 +02:00
Ted Johansson f3f30d6865
SECURITY: Encode embed url (#21133)
The embed_url in "This is a companion discussion..." could be used for
XSS.

Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>
2023-04-18 15:05:29 +08:00
Ted Johansson 437b73e322
SECURITY: Ensure site setting being updated is a configurable site setting (#21131) 2023-04-18 14:32:18 +08:00
Penar Musaraj b869d35f94
FIX: Dismiss modal when "Keep Editing" is used (#21117)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-04-17 17:44:21 -04:00
Keegan George d3f3914ade
DEV: Add an offset mobile devices (#21119) 2023-04-17 13:35:11 -07:00
Arpit Jalan 8405ae7733
FEATURE: add a setting to allowlist DiscourseConnect return path domains (#21110)
* FEATURE: add a setting to allowlist DiscourseConnect return path domains

This commit adds a site setting to allowlist DiscourseConnect return
path domains. The setting needs supports exact domain or wildcard
character (*) to allow for any domain as return path.

* Add more specs to clarify what is allowed in site setting

* Update setting description to explain what is allowed
2023-04-17 22:53:50 +05:30
Meghna 68549fe54e
UX: Vertical alignment issues on mobile (#21118)
Vertical alignment fixes for topic closed small message and poll info.
2023-04-17 22:51:13 +05:30
Loïc Guitaut a5235f7d16
DEV: Refactor STI/polymorphic associations in chat (#20789) 2023-04-17 15:41:56 +02:00
Kris 87515b1aa0
FIX: composer collapse position while uploading (#21101) 2023-04-17 09:21:32 -04:00
Mark VanLandingham ae5aa0c79f
DEV: Plugin API addQuickAccessProfileItem adds to revamped user menu (#21084) 2023-04-17 06:15:16 -05:00
Joffrey JAFFEUX 2535381f44
FIX: ensures tag notification level is changed (#21106)
Following a change in e9f7262813 which prevents the notification level to be returned from the update endpoint, the model couldn't update itself. This commit makes the update manually and adds a test to prevent future regressions.

Note we could also change the backend endpoint, but this should work correctly with minimum risk.
2023-04-17 10:48:41 +02:00
Jarek Radosz dd98ecb7d1
DEV: Remove unnecessary `getURL("/")` (#21103)
Our `ajax()` prepends the protocol/host/subfolder path.
2023-04-15 14:34:25 +02:00
Jarek Radosz b8cf79895e
DEV: Set QUnit per-test timeout (#21102)
60s is a lot, and I'd prefer 15s, but the first test in a suite can take up to 40s. 60s is still better than `Infinity` 😌
2023-04-15 14:34:13 +02:00
dependabot[bot] d6b6041ae2
Build(deps): Bump webpack in /app/assets/javascripts (#21089)
Bumps [webpack](https://github.com/webpack/webpack) from 5.78.0 to 5.79.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.78.0...v5.79.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-14 13:22:33 +02:00
Krzysztof Kotlarek 933d276b7d
FIX: decrease reorder sidebar delay for desktop (#21098)
Delay to reorder links in custom sidebar section doesn't have to be that long for desktop compared to touch screen.
2023-04-14 12:31:21 +10:00
Canapin 4b9061ae3f
UX: Remove color attribute from `<kbd>` tag (#20429)
As a single example, if a `<kbd>` tag is wrapped by a `<a>` link, it doesn't inherit the link color:

`[<kbd> **Support**</kbd>](https://meta.discourse.org)`

It's because the `<kbd>` tag has a `color: var(--primary);` CSS rule which seems superfluous.

If we disable it, the `<kbd>` tag inherits all the normal colors (including the link color 👌).

The direct `<kbd>` parent that assigns the text color is `<html>` (can't go higher!) which has an identical `color: var(--primary);`. 

WCAG palettes don't seem to assign specific colors in this context.

It seems fairly safe to remove `color: var(--primary);` from `<kbd>` so it won't interfere anymore with its content.
2023-04-14 10:06:12 +08:00
Canapin b328ada667
UX: Prevents letters from being partially cut off on the profile summary page (#20715) 2023-04-14 10:04:05 +08:00
Canapin b9ca4c9031
UX: fix anchor z-index (#21002) 2023-04-14 10:02:57 +08:00
David Battersby 967010e545
FEATURE: Add an emoji deny list site setting (#20929)
This feature will allow sites to define which emoji are not allowed. Emoji in this list should be excluded from the set we show in the core emoji picker used in the composer for posts when emoji are enabled. And they should not be allowed to be chosen to be added to messages or as reactions in chat.

This feature prevents denied emoji from appearing in the following scenarios:
- topic title and page title
- private messages (topic title and body)
- inserting emojis into a chat
- reacting to chat messages
- using the emoji picker (composer, user status etc)
- using search within emoji picker

It also takes into account the various ways that emojis can be accessed, such as:
- emoji autocomplete suggestions
- emoji favourites (auto populates when adding to emoji deny list for example)
- emoji inline translations
- emoji skintones (ie. for certain hand gestures)
2023-04-13 15:38:54 +08:00
Jarek Radosz cb1e95cd3d
FIX: Educational composer messages regressed in 788dc0a (#21082)
Tests coming in another PR
2023-04-12 20:05:52 +02:00
David Taylor 93c33e02f0
PERF: Avoid full `posts` table scans during anonymisation (#21081)
2e78045a fixed the anonymization job so that it correctly updated self-mentions, which are not logged in the post_actions table. The solution was to scan the entire `posts` table with an `raw ILIKE` query. On sites with many posts, this can take a very long time.

This commit updates the job to take a two-pass approach:

First, we update posts based on the post_actions table. This is much more efficient than a full table scan, and takes care of all 'non-self' mentions.

Then, we make a second pass using the `raw ILIKE` approach. Since we already took care of most posts, we can scope this down to self-mentions only. By filtering the query to a specific posts.user_id, it is significantly more performant than a full table scan.
2023-04-12 18:39:10 +01:00
David Taylor fa5a423681
Revert "DEV: Support modifyClass for native class fields on EmberObjects (#20987)" (#21080)
This reverts commit a19efc4304.

This is causing issues in production - reverting while we investigate
2023-04-12 17:38:44 +01:00
David Taylor a19efc4304
DEV: Support modifyClass for native class fields on EmberObjects (#20987)
EmberObject's `reopen` feature allows changes to be made to the prototype of the class, but it does not work with native class fields. Native class field values are set on the instance in the constructor, and therefore override any values from the prototype.

This commit implements a workaround which detects possible field overrides and then sets the values during the `init()` function of the EmberObject. This isn't perfect - old field values will still be present while any constructor function is running. But in the vast majority of cases, it should provide parity with old non-native-class EmberObject properties.

This commit also adds a warning when trying to override fields on non-EmberObject classes. There is no change in behavior here - we're just warning about the fact it doesn't work.
2023-04-12 16:49:57 +01:00
Jarek Radosz 788dc0a096
DEV: Refactor ComposerMessages (#21077)
Co-authored-by: David Taylor <david@taylorhq.com>
2023-04-12 17:02:37 +02:00
David Taylor db16700355
PERF: Memoize element references for `dockCheck` (#21079)
This is run frequently in a scroll listener. Removing the need for repeated `querySelector` calls makes those scroll handlers much faster.
2023-04-12 14:17:43 +01:00
David Taylor a328153ec2
DEV: Enable patch-package in production and in `javascripts/discourse` (#21078)
When running `yarn install` in a yarn workspace, the lifecycle hooks in the root package.json are not triggered. https://github.com/yarnpkg/yarn/issues/5790

As a workaround, we can additionally run `patch-package` from the `javascripts/discourse/package.json` `postinstall` hook. `patch-package` is idempotent, so it doesn't matter if it is triggered multiple times.

Longer term we intend to move to pnpm, which has built-in patch support.
2023-04-12 13:15:53 +01:00
David Battersby 7d34ba38a2
FIX: all staff_counters should be pluralized strings (#21048)
Make all staff_counters pluralized strings
2023-04-12 17:13:37 +08:00
Alan Guo Xiang Tan 2eb60c9713
DEV: Switch sidebar section link identifier to data attribute (#21051)
Data attribute is less restrictive than relying on the class attribute
2023-04-12 15:52:10 +08:00
Loïc Guitaut d151f4ee9d
FIX: Don’t assume post is available in UserEmail job (#21054)
Currently, we’re performing a check when a user is suspended in the
`UserEmail` job and we’re assuming a `post` is always available, which
is not the case. The code indeed breaks when the job is called with the
`account_suspended` type option.

This patch fixes this issue by making the check use the safe navigation
operator, thus making it working when `post` is not provided.
2023-04-12 12:34:22 +10:00
dependabot[bot] f0435844df
Build(deps): Bump sass from 1.61.0 to 1.62.0 in /app/assets/javascripts (#21063)
Bumps [sass](https://github.com/sass/dart-sass) from 1.61.0 to 1.62.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.61.0...1.62.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-12 09:08:49 +08:00
Kris ce601ac84c
UX: improve composer control spacing on mobile (#21021) 2023-04-11 14:11:00 -05:00
Rafael dos Santos Silva 087ee8c5e2
DEV: Experimental JS plugin API for topic summary HTML (#20963) 2023-04-11 11:22:34 -04:00
Jan Cernik a3801a9e16
DEV: Stop event propagation in `DTooltip` (#20897) 2023-04-11 12:07:03 -03:00
Jan Cernik 352bd35bf6
Add RenderGlimmer support for embedded posts (#21046) 2023-04-11 06:22:42 -03:00
David Taylor 9238767f7e
FEATURE: Persist password hashing algorithm/params in database (#20980)
Previously, Discourse's password hashing was hard-coded to a specific algorithm and parameters. Any changes to the algorithm or parameters would essentially invalidate all existing user passwords.

This commit introduces a new `password_algorithm` column on the `users` table. This persists the algorithm/parameters which were use to generate the hash for a given user. All existing rows in the users table are assumed to be using Discourse's current algorithm/parameters. With this data stored per-user in the database, we'll be able to keep existing passwords working while adjusting the algorithm/parameters for newly hashed passwords.

Passwords which were hashed with an old algorithm will be automatically re-hashed with the new algorithm when the user next logs in.

Values in the `password_algorithm` column are based on the PHC string format (https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md). Discourse's existing algorithm is described by the string `$pbkdf2-sha256$i=64000,l=32$`

To introduce a new algorithm and start using it, make sure it's implemented in the `PasswordHasher` library, then update `User::TARGET_PASSWORD_ALGORITHM`.
2023-04-11 10:16:28 +01:00
Jarek Radosz b6cfcdfbb3
DEV: Force an upgrade of watch-detector (#21053)
Fixes the unnecessary message when starting ember server:

```
Invalid watchman found, version: [2023.04.03.00] did not satisfy [>= 3.0.0].
Visit https://ember-cli.com/user-guide/#watchman for more info.
```
2023-04-11 11:14:57 +02:00
NullVoxPopuli c320c286f9
DEV: Use patch-package to apply ember-jquery workaround
Co-authored-by: David Taylor <david@taylorhq.com>
2023-04-11 10:12:30 +01:00
dependabot[bot] 47eced2050
Build(deps): Bump terser in /app/assets/javascripts (#21042)
Bumps [terser](https://github.com/terser/terser) from 5.16.8 to 5.16.9.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.16.8...v5.16.9)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-11 10:38:49 +02:00
Alan Guo Xiang Tan 90172e5a9e
FIX: Incorrect message inbox displayed due to username case sensitivity (#21049) 2023-04-11 11:31:10 +08:00
Krzysztof Kotlarek 63a0466548
FIX: improve performance of UserStat.ensure_consistency (#21044)
Optimize `UserStatpost_read_count` calculation.

In addition, tests were updated to fail when code is not evaluated. Creation of PostTiming was updating `post_read_count`. Count it has to be reset to ensure that ensure_consitency correctly calculates result.

Extracting users seen in the last hour to separate Common Table Expression reduces the amount of processed rows.

Before
```
Update on user_stats  (cost=267492.07..270822.95 rows=2900 width=174) (actual time=12606.121..12606.127 rows=0 loops=1)
  ->  Hash Join  (cost=267492.07..270822.95 rows=2900 width=174) (actual time=12561.814..12603.689 rows=10 loops=1)
        Hash Cond: (user_stats.user_id = x.user_id)
        Join Filter: (x.c <> user_stats.posts_read_count)
        Rows Removed by Join Filter: 67
        ->  Seq Scan on user_stats  (cost=0.00..3125.34 rows=75534 width=134) (actual time=0.014..39.173 rows=75534 loops=1)
        ->  Hash  (cost=267455.80..267455.80 rows=2901 width=48) (actual time=12558.613..12558.617 rows=77 loops=1)
              Buckets: 4096  Batches: 1  Memory Usage: 39kB
              ->  Subquery Scan on x  (cost=267376.03..267455.80 rows=2901 width=48) (actual time=12168.601..12558.572 rows=77 loops=1)
                    ->  GroupAggregate  (cost=267376.03..267426.79 rows=2901 width=12) (actual time=12168.595..12558.525 rows=77 loops=1)
                          Group Key: pt.user_id
                          ->  Sort  (cost=267376.03..267383.28 rows=2901 width=4) (actual time=12100.490..12352.106 rows=2072830 loops=1)
                                Sort Key: pt.user_id
                                Sort Method: external merge  Disk: 28488kB
                                ->  Nested Loop  (cost=1.28..267209.18 rows=2901 width=4) (actual time=0.040..11528.680 rows=2072830 loops=1)
                                      ->  Nested Loop  (cost=0.86..261390.02 rows=13159 width=8) (actual time=0.030..3492.887 rows=3581648 loops=1)
                                            ->  Index Scan using index_users_on_last_seen_at on users u  (cost=0.42..89.71 rows=28 width=4) (actual time=0.010..0.201 rows=78 loops=1)
                                                  Index Cond: (last_seen_at > '2023-04-11 00:22:49.555537'::timestamp without time zone)
                                            ->  Index Scan using index_post_timings_on_user_id on post_timings pt  (cost=0.44..9287.60 rows=4455 width=8) (actual time=0.081..38.542 rows=45919 loops=78)
                                                  Index Cond: (user_id = u.id)
                                      ->  Index Scan using forum_threads_pkey on topics t  (cost=0.42..0.44 rows=1 width=4) (actual time=0.002..0.002 rows=1 loops=3581648)
                                            Index Cond: (id = pt.topic_id)
                                            Filter: ((deleted_at IS NULL) AND ((archetype)::text = 'regular'::text))
                                            Rows Removed by Filter: 0
Planning Time: 0.692 ms
Execution Time: 12612.587 ms
```
After
```
Update on user_stats  (cost=9473.60..12804.30 rows=2828 width=174) (actual time=677.724..677.729 rows=0 loops=1)
  ->  Hash Join  (cost=9473.60..12804.30 rows=2828 width=174) (actual time=672.536..677.706 rows=1 loops=1)
        Hash Cond: (user_stats.user_id = x.user_id)
        Join Filter: (x.c <> user_stats.posts_read_count)
        Rows Removed by Join Filter: 54
        ->  Seq Scan on user_stats  (cost=0.00..3125.34 rows=75534 width=134) (actual time=0.012..23.977 rows=75534 loops=1)
        ->  Hash  (cost=9438.24..9438.24 rows=2829 width=48) (actual time=647.818..647.822 rows=55 loops=1)
              Buckets: 4096  Batches: 1  Memory Usage: 37kB
              ->  Subquery Scan on x  (cost=9381.66..9438.24 rows=2829 width=48) (actual time=647.409..647.805 rows=55 loops=1)
                    ->  HashAggregate  (cost=9381.66..9409.95 rows=2829 width=12) (actual time=647.403..647.786 rows=55 loops=1)
                          Group Key: pt.user_id
                          Batches: 1  Memory Usage: 121kB
                          ->  Nested Loop  (cost=1.86..9367.51 rows=2829 width=4) (actual time=0.056..625.245 rows=120022 loops=1)
                                ->  Nested Loop  (cost=1.44..3692.96 rows=12832 width=8) (actual time=0.047..171.754 rows=217440 loops=1)
                                      ->  Nested Loop  (cost=1.00..254.63 rows=25 width=12) (actual time=0.030..1.407 rows=56 loops=1)
                                            Join Filter: (u.id = user_stats_1.user_id)
                                            ->  Nested Loop  (cost=0.71..243.08 rows=25 width=8) (actual time=0.018..1.207 rows=87 loops=1)
                                                  ->  Index Scan using index_users_on_last_seen_at on users u  (cost=0.42..86.71 rows=27 width=4) (actual time=0.009..0.156 rows=87 loops=1)
                                                        Index Cond: (last_seen_at > '2023-04-11 00:47:07.437568'::timestamp without time zone)
                                                  ->  Index Only Scan using user_stats_pkey on user_stats us  (cost=0.29..5.79 rows=1 width=4) (actual time=0.011..0.011 rows=1 loops=87)
                                                        Index Cond: (user_id = u.id)
                                                        Heap Fetches: 87
                                            ->  Index Scan using user_stats_pkey on user_stats user_stats_1  (cost=0.29..0.45 rows=1 width=4) (actual time=0.002..0.002 rows=1 loops=87)
                                                  Index Cond: (user_id = us.user_id)
                                                  Filter: (posts_read_count < 10000)
                                                  Rows Removed by Filter: 0
                                      ->  Index Scan using index_post_timings_on_user_id on post_timings pt  (cost=0.44..92.98 rows=4455 width=8) (actual time=0.036..2.492 rows=3883 loops=56)
                                            Index Cond: (user_id = user_stats_1.user_id)
                                ->  Index Scan using forum_threads_pkey on topics t  (cost=0.42..0.44 rows=1 width=4) (actual time=0.002..0.002 rows=1 loops=217440)
                                      Index Cond: (id = pt.topic_id)
                                      Filter: ((deleted_at IS NULL) AND ((archetype)::text = 'regular'::text))
                                      Rows Removed by Filter: 0
Planning Time: 1.406 ms
Execution Time: 677.817 ms
```
2023-04-11 12:28:08 +10:00
Daniel Waterworth fcc73b441d
FIX: Make emoji cache store marshalled objects (#21029)
We only marshal arrays, hashes and sets, which meant that the emojis
here were just getting `to_s`ed.

This is a hack.
2023-04-10 10:44:11 -05:00
David Battersby 569b923fb6
FIX: staff_counters should be pluralized strings (#21039)
Small change to format the staff counter template to apply the correct pluralization for flagged posts/topics.
2023-04-10 17:00:31 +08:00
dependabot[bot] bb94cc0251
Build(deps): Bump eslint from 8.37.0 to 8.38.0 in /app/assets/javascripts (#21033)
Bumps [eslint](https://github.com/eslint/eslint) from 8.37.0 to 8.38.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.37.0...v8.38.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-10 08:09:09 +08:00
Kris e823ac7ff8
UX: truncate theme toggle text to avoid overflow (#21022) 2023-04-07 17:16:44 -04:00
Kris ba119555fe
A11Y: increase contrast of elements in wcag scheme (#21025) 2023-04-07 17:16:27 -04:00
Kris 1f0aff2719
UX: remove extra space from emoji in notifications (#21024) 2023-04-07 13:55:11 -04:00
Kris 18470c9195
UX: fix solo preference page layout (#21012) 2023-04-07 08:55:32 -04:00
Jarek Radosz 584a3a4237
DEV: Remove unneeded optional chaining operators (#21019)
(and fix a typo, and remove an unnecessary `this.element` check)
2023-04-07 14:10:49 +02:00
dependabot[bot] 92420bad6f
Build(deps): Bump sass from 1.60.0 to 1.61.0 in /app/assets/javascripts (#21014)
Bumps [sass](https://github.com/sass/dart-sass) from 1.60.0 to 1.61.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.60.0...1.61.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-07 09:53:32 +02:00
Vinoth Kannan 7cedb911a7
FEATURE: add category name in articleSection meta tag for schema. (#21004)
https://schema.org/DiscussionForumPosting
2023-04-06 23:30:19 +05:30
Daniel Waterworth 0ff86feb96
DEV: Rely on helpers for ajax error handling to reduce repetition (#20988) 2023-04-06 11:25:24 -05:00
Daniel Waterworth 355b44472b
DEV: Allow HTML errors whenever a popup is generated (#20989)
Follow-up-to: 6bbf832400
2023-04-06 10:00:54 -05:00
dependabot[bot] cee06bdc77
Build(deps): Bump @uppy/aws-s3 in /app/assets/javascripts (#20996)
Bumps [@uppy/aws-s3](https://github.com/transloadit/uppy) from 3.0.5 to 3.0.6.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/aws-s3@3.0.5...@uppy/aws-s3@3.0.6)

---
updated-dependencies:
- dependency-name: "@uppy/aws-s3"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 13:39:31 +02:00
Jarek Radosz d6bf5f40fb
DEV: Change the params for categoryNone redirect (#20944)
Makes the params (`router.currentRoute.params`) the same in this codepath as in the regular flow. (issue originally reported in: https://meta.discourse.org/t/category-banners/86241/174)

See also https://github.com/discourse/discourse-category-banners/pull/31 for the first stab at the bug.
2023-04-06 12:26:19 +02:00
dependabot[bot] 3485936517
Build(deps): Bump @uppy/aws-s3-multipart in /app/assets/javascripts (#20998)
Bumps [@uppy/aws-s3-multipart](https://github.com/transloadit/uppy) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/aws-s3-multipart@3.1.2...@uppy/aws-s3-multipart@3.1.3)

---
updated-dependencies:
- dependency-name: "@uppy/aws-s3-multipart"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 12:24:20 +02:00
dependabot[bot] 38adfca295
Build(deps): Bump @uppy/xhr-upload in /app/assets/javascripts (#20993)
Bumps [@uppy/xhr-upload](https://github.com/transloadit/uppy) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/xhr-upload@3.1.0...@uppy/xhr-upload@3.1.1)

---
updated-dependencies:
- dependency-name: "@uppy/xhr-upload"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 12:21:00 +02:00
NullVoxPopuli 97d8614811
DEV: Extract global compat code into module (#20901)
Moves a couple things from discourse-boot.js to a different JS file imported from app/app.js.

This is a forwards compatible technique to import and throw data on the window.

One thing to make note of, though, is that if the virtual-dom and discourse-widget-hbs/helpers were previously included in the build elsewhere, they will now become part of the app bundle.
Later, when using embroider, all bundles will be chunks, and webpack will optimize which chunk contains which modules appropriately.
2023-04-06 10:09:12 +01:00
dependabot[bot] 9014cd6a6f
Build(deps): Bump @uppy/utils in /app/assets/javascripts (#20992)
Bumps [@uppy/utils](https://github.com/transloadit/uppy) from 5.1.3 to 5.2.0.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/utils@5.1.3...@uppy/utils@5.2.0)

---
updated-dependencies:
- dependency-name: "@uppy/utils"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 10:57:41 +02:00
dependabot[bot] 718a8d1164
Build(deps): Bump webpack in /app/assets/javascripts (#20999)
Bumps [webpack](https://github.com/webpack/webpack) from 5.77.0 to 5.78.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.77.0...v5.78.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-06 10:55:24 +02:00
Ted Johansson 1b132dad0d
FIX: Correctly pre-select first option in bookmark notification drop-down (#20976)
When selecting the "Keep bookmark" in the user preference for what to do after a bookmark reminder is sent, it does not propagate to the drop-down in the "Create bookmark" modal. Instead it defaults to "Keep bookmark and clear reminder". All other options work fine.

We set a default ("Keep bookmark and clear reminder") if no user preference is found, However, this uses the index of the option, and the index of the first option ("Keep bookmark") is 0, which is treated as falsey in JavaScript, thus causing the default to be selected.

This change switches from logical "or" conditional `||` operator to nullish coalescing `??` operator.
2023-04-06 14:58:40 +08:00
Krzysztof Kotlarek e586f6052f
FEATURE: public custom sidebar sections visible to anonymous (#20931)
Previously, public custom sections were only visible to logged-in users. In this PR, we are making them visible to anonymous as well.

The reason is that Community Section will be moved into custom section model to be easily editable by admins.
2023-04-06 08:55:47 +10:00
Daniel Waterworth cd6d47e012
FIX: Handle errors when we show the edit user directory columns modal (#20986) 2023-04-05 14:31:32 -05:00
Daniel Waterworth 79c87b5003
FIX: Show better default error when failing to delete all user posts (#20985) 2023-04-05 14:26:00 -05:00
Keegan George 3d7833d67e
FIX: `<QuoteButton/>` shifts when content is added to header (#20878) 2023-04-05 12:08:38 -07:00
Bianca Nenciu e1a5f36d52
UX: Do not show bootstrap mode button on mobile (#20984)
It took too much place in the header.
2023-04-05 21:50:27 +03:00
dependabot[bot] 81566949f5
Build(deps): Bump ember-auto-import in /app/assets/javascripts (#20970)
Bumps [ember-auto-import](https://github.com/ef4/ember-auto-import/tree/HEAD/packages/ember-auto-import) from 2.6.1 to 2.6.2.
- [Release notes](https://github.com/ef4/ember-auto-import/releases)
- [Changelog](https://github.com/ef4/ember-auto-import/blob/main/packages/ember-auto-import/CHANGELOG.md)
- [Commits](https://github.com/ef4/ember-auto-import/commits/v2.6.2/packages/ember-auto-import)

---
updated-dependencies:
- dependency-name: ember-auto-import
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-05 12:43:21 +02:00
Martin Brennan c63783cf30
FIX: Error in CSS generation for anon on login_required (#20978)
Followup to 6ad9e4ad06,
I was not aware that `site.categories` is undefined if
the user is anon and the site is login_required, this
handles that scenario and does not continue trying to
generate CSS.
2023-04-05 19:08:44 +10:00
Martin Brennan 6ad9e4ad06
FEATURE: Add CSS class generation for category colors and hashtags (#20951)
This commit adds a system to generate CSS variables and classes for categories
and hashtags, which will be used in an effort to remove baked icons for hashtags
and add color to those icons.

This is in two parts. First I added an initializer generate a category color CSS
variable style tag in the head tag that looks like this:

```css
:root {
--category-1-color: #0088CC;
--category-2-color: #808281;
--category-3-color: #E45735;
--category-4-color: #A461EF;
--category-5-color: #ee56c9;
--category-6-color: #da28c2;
--category-7-color: #ab8b0a;
--category-8-color: #45da37;
...
}
```

The number is the category ID. This only generates CSS variables for categories
the user can access based on `site.categories`. If you need the parent color variable
you can just use the `category.parentCategory.id` to get it.

Then, I added an initializer to generate a hashtag CSS style tag using these variables.
Only the category and channel hashtags need this, the category one generates the
background-gradient needed for the swatch, and the channel just generates a color
for the icon. This is done in an extendable way using the new `api.registerHashtagType`
JS plugin API:

```css
hashtag-color--category-1 {
  background: linear-gradient(90deg, var(--category-1-color) 50%, var(--category-1-color) 50%);
}
hashtag-color--category-2 {
  background: linear-gradient(90deg, var(--category-2-color) 50%, var(--category-2-color) 50%);
}
hashtag-color--category-5 {
  background: linear-gradient(90deg, var(--category-5-color) 50%, var(--category-4-color) 50%);
}
...
.hashtag-color--channel-4 {
  color: var(--category-12-color);
}
.hashtag-color--channel-92 {
  color: var(--category-24-color);
}
```

Note if a category has a parent, its color is used in the gradient correctly. The numbers
here are again IDs (e.g. channel ID, category ID) and the channel’s chatable ID is used
to find the category color variable.
2023-04-05 13:02:35 +10:00
Krzysztof Kotlarek b72282123b
FIX: public sidebar sections belong to system user (#20972)
Before, public sidebar sections were belonging to admin. However, a better choice is system user.
2023-04-05 10:52:18 +10:00
Kris 56f2fdf430
UX: fix spacing between assign tags (#20967) 2023-04-04 17:26:06 -04:00
Bianca Nenciu e9cd74a9e7
FIX: Show correct status for user reviewables (#20959)
The status should use the word "user" instead of "flag", for example
"approved user" instead of "approved flag". The problem was caused by
a mismatched type.
2023-04-04 19:53:04 +03:00
Mark VanLandingham 73325c6c35
FEATURE: SiteSetting to default user path to different routes (#20962) 2023-04-04 11:48:48 -05:00
Penar Musaraj 17ba00c395
FIX: icon toggles saerch menu display on click (#20950)
Using the `mouseDownOutside` event was problematic here because two
events were being triggered consecutively: `mouseDown`
would toggle the menu off and `click` would then toggle it back on. This
switches the logic to use `clickOutside` again, but with two changes:
- it limits the action to the `search-menu` key (so that theme component
overrides can do their own handling)
- it does not trigger the event when there is an active text selection
 (this was the original reason for switching to `mouseDownOutside`, see
https://github.com/discourse/discourse/pull/14788)
2023-04-04 09:49:55 -04:00
Kris 7658341b0b
UX: use relative units to prevent timeline crop (#20943) 2023-04-04 09:40:43 -04:00
Bianca Nenciu 6da2fbbf76
FIX: Use correct translation key (#20958)
The translation key is built using the name of the reviewable as it was
defined in Ruby. The chat plugin uses the `Chat` namespace and defines
`Chat::ReviewableMessage`. This was then transformed to
`chat::reviewable_message`, but it should be `chat_reviewable_message`
to resemble the other translation keys.
2023-04-04 16:28:04 +03:00
David Taylor 2386ad12f2
Update default ga_version to v4 and add warning message for v3 (#20936)
Sites which are already using ga3 will stay on that version, and will be shown a warning in the admin panel until they update.

https://meta.discourse.org/t/upgrade-to-google-analytics-4-before-july-2023/260498
2023-04-04 13:14:20 +01:00
Joffrey JAFFEUX 8de45602ff
DEV: allows <UserStatusMessage /> to accept custom css class (#20954)
This will now allow:

```
<UserStatusMessage @status={{@message.user.status}} @class="foo" />
```
2023-04-04 10:04:40 +02:00
Alan Guo Xiang Tan e792f779d0
UX: Make input on `/filter` route full width (#20952) 2023-04-04 14:10:39 +10:00
Alan Guo Xiang Tan b82cd6c148
DEV: Nuke plugin related code from core (#20928)
Plugin related code should be not polluting core's code base.
2023-04-04 07:33:31 +08:00
Alan Guo Xiang Tan e54359c135
DEV: Drop plugin related index from core (#20930)
The migration of the index has since been moved into the
discourse-akismet plugin where it should have always been.
2023-04-04 07:31:09 +08:00
Jarek Radosz 3b28d03780
DEV: Fix a use-after-destroy issue (#20948) 2023-04-04 01:29:27 +02:00
Roman Rizzi cbc5b2febc
DEV: Get headline excerpt config from GroupedSearchResult in serializer. (#20942)
Follow-up to #20939
2023-04-03 15:02:42 -03:00
Jarek Radosz 29e2e3ff3b
DEV: Fix random typos (#20937) 2023-04-03 19:27:32 +02:00
Alan Guo Xiang Tan fd34032db2
DEV: Support filter for topics in specific subcategories on /filter (#20927)
This commit adds support for filtering for topics in specific
subcategories via the categories filter query language.

For example: `category:documentation:admins` will filter for topics and
subcategory topics in
the category with slug "admins" whose parent category has the slug
"documentation".

The `=` prefix can also be used such that
`=category:documentation:admins` will exclude subcategory topics of the
category with slug "admins" whose parent category has the slug
"documentation".
2023-04-03 18:36:59 +08:00
dependabot[bot] b042e1cbf7
Build(deps): Bump eslint in /app/assets/javascripts (#20883)
Bumps [eslint](https://github.com/eslint/eslint) from 8.36.0 to 8.37.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.36.0...v8.37.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:37:48 +02:00
dependabot[bot] 5ec169725b
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#20920)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.21.3 to 7.21.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.4/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:37:16 +02:00
dependabot[bot] 42a6d0c5b1
Build(deps): Bump webpack in /app/assets/javascripts (#20885)
Bumps [webpack](https://github.com/webpack/webpack) from 5.76.3 to 5.77.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.76.3...v5.77.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:36:53 +02:00
Vinoth Kannan 8405ec2831
FEATURE: use "Comment" schema type for post replies. (#20932)
Previously, we used the schema type "DiscussionForumPosting" for all the posts including replies. This is not recommended as per Google search experts. This commit changes the schema type to "Comment" for replies.
2023-04-03 14:36:47 +05:30
dependabot[bot] 0e04404e6b
Build(deps): Bump @babel/core in /app/assets/javascripts (#20923)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.21.3 to 7.21.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.4/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-04-03 11:01:24 +02:00
chapoi df31b8dd2e
UX: reviewq flagging (#20913)
* DEV: add context question to flagged chat messages too

* UX: added -ai-flagged badge colour + grey fallback

* UX: add one more badge name
2023-04-02 12:16:26 +02:00
Roman Rizzi ea4f7fb660
FEATURE: Experimental API for custom full-page search types. (#20915)
This change adds an experimental API tagged as "Do not use", only intended to conduct a PoC to test semantic search in the AI plugin.
2023-03-31 15:13:24 -03:00
Krzysztof Kotlarek c86d772277
FIX: Drop internal URL validation for paths in sidebar (#20891)
`Rails.application.routes.recognize_path(value)` was not working for /admin paths because StaffConstraint.new requires user to check permission.

This validation is not bringing much value, and the easiest way is to drop it. In the worse case scenario, a user will have an incorrect link in their sidebar.

Bug reported: https://meta.discourse.org/t/custom-sidebar-sections-being-tested-on-meta/255303/66
2023-03-31 13:26:56 +08:00
Martin Brennan ef1b781ced
FIX: Prevent errors from uppy performance logging (#20910)
Back in d0e1c222f7 we added
performance measuring for uppy uploads using the Performance
API in the browser. However we recently discovered that
sometimes performance.measure can fail if for whatever reason
one of the marks passed to it does not exist:

> Failed to upload ... Performance.measure: Given mark name, upload-uppy-....-create-multipart-success, is unknown

This would cause the entire upload to fail, which is unnecessary
for a debugger. Improve the situation so if this happens again
the error does not stop the upload.
2023-03-31 14:29:07 +10:00
Kris 1ff9bc6e55
UX: onebox site icon needs a right margin (#20902) 2023-03-31 11:06:46 +11:00
Krzysztof Kotlarek fd718c1a42
FIX: use unselectable mixin in sidebar drag and drop (#20886)
7dcaaec90c/app/assets/stylesheets/common/foundation/mixins.scss (L122)
2023-03-31 09:28:22 +11:00
Natalie Tay 068a36d354
UX: Improve error message when a topic cannot be moved due to category restrictions (#20900) 2023-03-31 02:18:57 +08:00
Canapin 58270954b6
Fix keyboard shortcut button hover color for WCAG color schemes (#20431) 2023-03-30 14:18:20 -04:00
Mark VanLandingham 9518e47204
FEATURE: ability to bulk_remove users from a group (#20876) 2023-03-30 08:06:36 -05:00
Martin Brennan 84ff96bd07
FIX: Do not validate email in TL promotion (#20892)
There is no need to validate the user's emails when
promoting/demoting their trust level, this can cause
issues in things like Jobs::Tl3Promotions, we don't
need to fail in that case when all we are doing is changing
trust level.
2023-03-30 13:52:10 +10:00
Alan Guo Xiang Tan 49e7e639cc
DEV: Update experimental `/filter` route with tags support (#20874)
The following are the changes being introduced in this commit:

1. Instead of mapping the query language to various query params on the
client side, we've decided that the benefits of having a more robust
query language far outweighs the benefits of having a more human readable query params in the URL.
As such, the `/filter` route will just accept a single `q` query param
and the query string will be parsed on the server side.

1. On the `/filter` route, the tags filtering query language is now
   supported in the input per the example provided below:

   ```
   tags:bug+feature tagged both bug and feature
   tags:bug,feature tagged either bug or feature
   -tags:bug+feature excluding topics tagged bug and feature
   -tags:bug,feature excluding topics tagged bug or feature
   ```

   The `tags` filter can also be specified multiple
times in the query string like so `tags:bug tags:feature` which will
filter topics that contain both the `bug` tag and `feature` tag. More
complex query like `tags:bug+feature -tags:experimental` will also work.
2023-03-30 09:00:42 +08:00
Jan Cernik afe3e36363
DEV: Remove lazy-yt and replace with lazy-videos (#20722)
- Refactors the old plugin to remove jquery usage
- Adds support for Vimeo videos (default on) and Tiktok (experimental and default off)
2023-03-29 11:54:25 -04:00
Osama Sayegh 78befbc53e
DEV: Remove `{{user-selector}}` (#17753)
`{{user-selector}}` was deprecated in 293fd1f743 more than 2 years ago and it's time we deleted it.
2023-03-29 11:49:47 +03:00
Krzysztof Kotlarek b854fa8cdb
FIX: disable text select on sidebar (#20871)
To make drag&drop links reliable, we have to disable user-select option on whole sidebar.

https://developer.mozilla.org/en-US/docs/Web/CSS/user-select
2023-03-29 14:32:28 +11:00
Krzysztof Kotlarek f5fadc3149
FIX: reorder custom sidebar links on touch screen (#20856)
Previously, reorder on touch screens was disabled https://github.com/discourse/discourse/pull/20769.

This PR enables it again. However, link has to be hold for 300 ms to enable drag&drop. Otherwise, normal scroll is performed.
2023-03-29 08:57:04 +11:00
Blake Erickson aa09a78d14
DEV: Remove diffhtml_preview for video thumbnails (#20865)
Video thumbnail generation is no longer dependent on
`enable_diffhtml_preview` being enabled.
2023-03-28 12:38:50 -06:00
Rafael dos Santos Silva 2a7bdb2d66
FIX: Push notification delay should not be longer than specified (#20864)
When user.last_seen was less than push_notification_time_window_mins we
where delaying the notification for the whole
push_notification_time_window_mins PLUS the time the user was away from.

Originally reported in https://meta.discourse.org/t/-/259688
2023-03-28 13:22:54 -03:00
Penar Musaraj f8720a20f9
Revert "UX: Take sticky header into account when spacebar scrolling (#20848)" (#20863)
This reverts commit cb92ea3c2b.

Was causing unexpected scrolling when interacting with the header. Will
investigate.
2023-03-28 11:13:51 -04:00
Vinoth Kannan 08ff6eebad
FIX: skip category preference update if already set by group. (#20823)
`default_categories_*` site settings will update the category preferences on user creation. But it shouldn't update the user's category preference if a group's setting already updated it for that user.
2023-03-28 19:43:01 +05:30
Ella E 0b05fa71ca
UX: Improve login required page (#20847)
* UX: improve static login page

* DEV: separate welcome header to its own translation line

* Define waving_hand_url helper

* Remove redundant copy

* Update translations for welcome_message

* DEV: remove unused imported getURL

---------

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2023-03-28 07:09:44 -05:00
Sam 49f0cc16ba
PERF: optimise serialization for topic tracking state (#20860)
This corrects two issues:

1. We were double serializing topic tracking state (as_json calls were not cached)
2. We were inefficiently serializing items by instantiating extra objects
2023-03-28 18:09:22 +11:00
Sam 7038540af6
PERF: ensure sidebar section link index is correctly ordered (#20854)
We perform lookups on sidebar section links based on sidebar_section_id
totally ignoring user. This ensures we have an index to work with.

This removes the previous index `links_user_id_section_id_position` which
partially doubled up `idx_unique_sidebar_section_links`
2023-03-28 15:13:44 +11:00
Penar Musaraj cb92ea3c2b
UX: Take sticky header into account when spacebar scrolling (#20848) 2023-03-27 20:37:01 -04:00
Krzysztof Kotlarek 326a7a47e7
FIX: global sidebar section icon not moving on scroll (#20851)
Global section icon is using absolute position. To make it move on scroll, the parent element has to be relative.

https://meta.discourse.org/t/globe-icon-at-sidebar-behaves-badly/259382
2023-03-28 10:13:27 +11:00
Canapin 2dba3ab7c9
UX: Improve the "install theme/component" modal on mobile (#20777) 2023-03-27 14:11:31 -04:00
NullVoxPopuli e988628186
DEV: Update browserslist (#20846)
Silences some verbose logging while booting the UI
2023-03-27 19:15:04 +02:00
Jarek Radosz cbabc01e0e
DEV: Make `capabilities` into a service (#18678) 2023-03-27 19:06:36 +02:00
Daniel Waterworth d563b73202
DEV: Make category topic_ids cache work like other caches (#20814) 2023-03-27 09:23:29 -05:00
Daniel Waterworth 3e80ab3143
DEV: Make category subcategory_ids cache work like other caches (#20815) 2023-03-27 09:23:23 -05:00
Daniel Waterworth b2554e1490
DEV: Make hex cache work like other caches (#20816) 2023-03-27 09:22:53 -05:00
Daniel Waterworth 0f4bb19524
DEV: make developer cache work like other caches (#20817) 2023-03-27 09:22:33 -05:00
dependabot[bot] 3d0b67372f
Build(deps): Bump @uppy/aws-s3-multipart in /app/assets/javascripts (#20032)
Bumps [@uppy/aws-s3-multipart](https://github.com/transloadit/uppy) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/aws-s3-multipart@3.1.1...@uppy/aws-s3-multipart@3.1.2)

---
updated-dependencies:
- dependency-name: "@uppy/aws-s3-multipart"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 13:38:11 +02:00
dependabot[bot] f425e9c66c
Build(deps): Bump @uppy/utils in /app/assets/javascripts (#20567)
Bumps [@uppy/utils](https://github.com/transloadit/uppy) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/utils@5.1.2...@uppy/utils@5.1.3)

---
updated-dependencies:
- dependency-name: "@uppy/utils"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 13:35:34 +02:00
dependabot[bot] 142ef6088c
Build(deps): Bump @uppy/aws-s3 in /app/assets/javascripts (#20033)
Bumps [@uppy/aws-s3](https://github.com/transloadit/uppy) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/aws-s3@3.0.4...@uppy/aws-s3@3.0.5)

---
updated-dependencies:
- dependency-name: "@uppy/aws-s3"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 12:50:56 +02:00
dependabot[bot] dd0c9a96b9
Build(deps): Bump @popperjs/core in /app/assets/javascripts (#20831)
Bumps [@popperjs/core](https://github.com/popperjs/popper-core) from 2.11.6 to 2.11.7.
- [Release notes](https://github.com/popperjs/popper-core/releases)
- [Commits](https://github.com/popperjs/popper-core/compare/v2.11.6...v2.11.7)

---
updated-dependencies:
- dependency-name: "@popperjs/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 11:52:53 +02:00
dependabot[bot] f56a6a1c28
Build(deps): Bump sinon from 15.0.2 to 15.0.3 in /app/assets/javascripts (#20829)
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.0.2 to 15.0.3.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v15.0.2...v15.0.3)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 11:51:33 +02:00
dependabot[bot] e7ef5afb1b
Build(deps): Bump sass from 1.59.3 to 1.60.0 in /app/assets/javascripts (#20830)
Bumps [sass](https://github.com/sass/dart-sass) from 1.59.3 to 1.60.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.59.3...1.60.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 11:50:55 +02:00
dependabot[bot] 30417b7f18
Build(deps): Bump terser in /app/assets/javascripts (#20832)
Bumps [terser](https://github.com/terser/terser) from 5.16.6 to 5.16.8.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.16.6...v5.16.8)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-27 11:50:06 +02:00
Ted Johansson 392cea5852
DEV: Only show plugin tab for admin (#20841)
As part of another regression, we realized that the plugins tab is visible to moderators, but they cannot interact with anything inside without triggering authorization errors.

This change hides the plugin tab for non-admin users.
2023-03-27 16:08:16 +08:00
Krzysztof Kotlarek e0cf2849fd
FIX: admin always see configure default sidebar categories (#20836)
When an admin removes all the categories from their personal sidebar configuration, the section should remain visible to them with the “Configure default categories” prompt.

Similar solution for tags.

/t/95036
2023-03-27 15:46:39 +11:00
Alan Guo Xiang Tan e0155b6955
DEV: Introduce dedicated controller and route for `discovery.filter` (#20837)
Instead of being tied to the old implementation and constraints, a
dedicated route and controller for the `discovery.filter` app route will
allow us to iterate on changes much faster.
2023-03-27 10:08:11 +08:00
Krzysztof Kotlarek 4047073292
FIX: display validation under custom sidebar fields (#20772)
Before, incorrectly filled fields were marked with red border. Now, additional information under the field is displayed to notify the user what is incorrect.

/t/93696
2023-03-27 13:03:16 +11:00
Keegan George c66323f964
UX: Make table wrapper popup button icon only (#20820) 2023-03-24 13:23:05 -07:00
David Taylor e47af9bb72
FIX: Check for staff without triggering anonymous user error (#20819)
Followup to 142d2ab65e
2023-03-24 19:11:57 +00:00
Keegan George 83db0bf41a
FIX: Post height issues with Expand Table button (#18810) 2023-03-24 11:55:49 -07:00