Commit Graph

21228 Commits

Author SHA1 Message Date
Martin Brennan edbc356593
FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528)
The following methods have long been deprecated in ruby due to flaws in their implementation per http://blade.nagaokaut.ac.jp/cgi-bin/vframe.rb/ruby/ruby-core/29293?29179-31097:

URI.escape
URI.unescape
URI.encode
URI.unencode
escape/encode are just aliases for one another. This PR uses the Addressable gem to replace these methods with its own encode, unencode, and encode_component methods where appropriate.

I have put all references to Addressable::URI here into the UrlHelper to keep them corralled in one place to make changes to this implementation easier.

Addressable is now also an explicit gem dependency.
2019-12-12 12:49:21 +10:00
David Taylor 1e59371a4f DEV: Remove unused omit_stats variable from user serializer (#8513)
* DEV: Remove unused omit_stats variable from user serializer

This was hard-coded to true in a8b5192efd, and is no longer used anywhere

* Remove attribute declarations
2019-12-12 13:27:23 +11:00
Kris 91a5731e7b UX: Small fixes for iOS signup modal 2019-12-11 15:47:25 -05:00
Kris 9c41b66996 UX: Tag combo box styles should match tags on topics 2019-12-11 14:49:39 -05:00
Régis Hanol 278d70f3eb FIX: Add new content type for theme/component
When uploading a theme/component, depending on the extension of the
file and the OS/Browser being used, the content type might differ.

This adds the "application/x-zip-compressed" content type that is being
sent by most Browsers on latest Windows when uploading a .zip file.
2019-12-11 19:50:23 +01:00
Kris 2f8a25b2d5 UX: Minor style updates for tag info 2019-12-11 13:34:01 -05:00
Dan Ungureanu adfa793731
SECURITY: Ensure only image uploads can be inlined
This prevents malicious files (for example special crafted XMLs) to be
used in XSS attacks.
2019-12-11 17:04:49 +02:00
Joffrey JAFFEUX dc6b02f050
UX: attempts to make charts loading less laggy (#8529) 2019-12-11 15:49:17 +01:00
Robin Ward 4abe4454dd
FEATURE: Create IE Support Plugin (#8520)
This core plugin, which could be split off in the future, allows us to load IE specific code on demand.

Co-authored-by: jjaffeux <j.jaffeux@gmail.com>
2019-12-11 09:07:22 -05:00
Martin Brennan 232eb685af Fix improved bookmark toggling/deleting bug
* i was incorrectly toggling the transformed post property
  instead of the actual property in the emberjs post model
  which broke the bookmark/unbookmark functionality
2019-12-11 15:48:27 +10:00
Martin Brennan 6261339da9
Improving bookmarks part 1 (#8466)
Note: All of this functionality is hidden behind a hidden, default false, site setting called `enable_bookmarks_with_reminders`. Also, any feedback on Ember code would be greatly appreciated!

This is part 1 of the bookmark improvements. The next PR will address the backend logic to send reminder notifications for bookmarked posts to users. This PR adds the following functionality:

* We are adding a new `bookmarks` table and `Bookmark` model to make the bookmarks a first-class citizen and to allow attaching reminders to them.
* Posts now have a new button in their actions menu that has the icon of an actual book
* Clicking the button opens the new bookmark modal.
* Both name and the reminder type are optional.
* If you close the modal without doing anything, the bookmark is saved with no reminder.
* If you click the Cancel button, no bookmark is saved at all.
* All of the reminder type tiles are dynamic and the times they show will be based on your user timezone set in your profile (this should already be set for you).
* If for some reason a user does not have their timezone set they will not be able to set a reminder, but they will still be able to create a bookmark.
* A bookmark can be deleted by clicking on the book icon again which will be red if the post is bookmarked.

This PR does NOT do anything to migrate or change existing bookmarks in the form of `PostActions`, the two features live side-by-side here. Also this does nothing to the topic bookmarking.
2019-12-11 14:04:02 +10:00
Blake Erickson b73a133bb5 FIX: Prevent scientific notation in free space check (#8473)
It's possibly that when trying to upload a backup the free space check
will output scientific notation resulting in an incorrect "There is not
enough space on disk" error.

The free space check uses the Linux `print` command which could return a
number using scientific notation like `1.60459e+10` and when ruby
converts it to an integer it will have the value of `1` instead of
`16045879296`. Which means even though you have 16GB of free space you
could not upload a 1GB backup file.

This commit uses the `printf` command instead which allows you to
specify that you do not want scientific notation.

I'm not sure why this hasn't been an issue before, but I was
experiencing it locally in development.
2019-12-11 12:57:03 +11:00
Sam Saffron 7b0cbfc1f9 DEV: lint file
long story but we are sorting out our new GitHub actions so we missed this
2019-12-11 10:48:58 +11:00
Kyle Zhao 2720531750 FIX: Always add username span in quick access item (#8526)
Generate an empty `<span>` even if there is no username, because the
first `<span>` is styled differently.
2019-12-11 09:44:19 +11:00
Neil Lalonde 81a43f2c1e REFACTOR: use rest serializer for tag-info categories
But the "synonyms" can't use the TagSerializer yet. We still have some
code from the discourse-tagging plugin that uses "text" instead of
"name", "count" instead of "topic_count", etc. We should make the js
consistent with the TagSerializer and then stop using tag_counts_json.
2019-12-10 14:58:11 -05:00
Blake Erickson f921909595 FIX: Reorder categories not working
Ember was throwing this error preventing the reorder categories feature
from working:

```
access theidproperty (of <(unknown):ember1803>). ... the object in question
is a special kind of Ember object (a proxy). Therefore, it is still necessary
to use.get('id')in this case.
```

So I updated it to use the `get` method

https://api.emberjs.com/ember/3.14/functions/@ember%2Fobject/get

Follow up to: 6e5fedb312
2019-12-10 12:36:47 -07:00
Penar Musaraj ba8d8a4f93 FIX: alphabetical tag sorting in mini-tag-chooser 2019-12-10 12:36:49 -05:00
Neil Lalonde 20464116ae FIX: tag input doesn't show all top 5 permitted tags 2019-12-10 10:30:01 -05:00
Joffrey JAFFEUX 47731175f4
FIX: ensures slug and id are not arrays (#8495)
If for some reason an URL was create in this format:

```
?slug[]=foo&slug[]=bar
```

This would have create an exception of this kind:

```
NoMethodError (undefined method `tr' for ["foo", "bar"]:Array
Did you mean?  try)
```
2019-12-10 09:28:51 +01:00
Sam Saffron 0c52537f10 DEV: update rubocop to version 0.77
We like to stay as close as possible to latest with rubocop cause the cops
get better.

This update required some code changes, specifically the default is to avoid
explicit returns where implicit is done

Also this renames a few rules
2019-12-10 11:48:39 +11:00
Krzysztof Kotlarek 81c7d6a462
FIX: Muted tags are respected by TopicTrackingState (#8467)
When the tag is muted and topic contains that tag, we should not mark that message as NEW.

There are 3 possible settings which site admin can set.
remove_muted_tags_from_latest - always
It means that if the topic got at least one muted tag, we should not mark that topic as NEW

remove_muted_tags_from_latest - only muted
Similar to above, however, if at least one tag is not muted, the topic is marked as NEW

remove_muted_tags_from_latest - never
Basically, mute tag setting is ignored and all topics are set as NEW
2019-12-10 09:50:05 +11:00
Blake Erickson f5cca4930d DEV: Remove buffered rendering from admin backup logs
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: da66950cf5 in this
series.

This commit affects the display of the backup logs. It is just a
refactor and does not change any functionality.
2019-12-09 14:45:36 -07:00
Krzysztof Kotlarek 5e29ae3ef5
FEATURE: Warning when component is added and not assigned (#8482)
When a component is installed and not assigned to any theme and the user is changing page, we should display a warning.

If the user decides to skip warning or come back later, a warning should not be shown anymore.

Also, when the user clicks "delete" button right after installation, warning about forgotten themes should not be shown.
2019-12-10 08:43:26 +11:00
Mark VanLandingham 14cb386f1e
FEATURE: Featured topic for user profile & card (#8461) 2019-12-09 11:15:47 -08:00
Jarek Radosz b5236591e9
FIX: Don't try to create an empty tag when updating a topic (#8481)
Fixes an issue where updates to the first post in a topic would be visible only for staff.

Before, because the empty tag would find its way to `PostRevisor`, `TopicsController#update` would create a hidden revision, and later `PostsController#update` would only update that revision.

After this change, `TopicsController` doesn't create a revision at all (unless necessary), so `PostsController` can create it (and correctly decide whether the revision should be hidden or not).
2019-12-09 19:55:08 +01:00
Dan Ungureanu 34ccd9ecbb
DEV: Export imageNameFromFileName 2019-12-09 18:19:55 +02:00
Mark VanLandingham 78d67f34f9
FIX: default draft key in openComposerWithTopicParams (#8496) 2019-12-09 07:53:05 -08:00
Dan Ungureanu aa24be1a9a
DEV: Extend plugin API for uploads (#8440)
* DEV: Add API to alter uploads Markdown

* DEV: Extract data attributes from image / download Markdown

For example '[test|attachment|hello=world]' will generate an 'a' element
with a data attribute: 'data-hello=world'.

This commit also makes MarkdownIt to transform '|attachment' into
'class="attachment"'. This transformation used to be a part of the
process which resolves short URLs (i.e. upload://).

* DEV: Export imageNameFromFileName
2019-12-09 16:20:03 +02:00
Dan Ungureanu f62b8990ac
FIX: Do not autocomplete categories or emojis in code blocks (#8459)
This reapplies commit b643526d9a after
being reverted in commit f65c453555.

Unlike the original commit, this does a single pass and does not take
into account unfinished code blocks.
2019-12-09 15:07:15 +02:00
Dan Ungureanu 192ada0067
UX: Remove 'show more' from upload modals (#8470) 2019-12-09 12:57:43 +02:00
Joe e89fa7202d
UX: Removes avatar animation for mobile-user cards (#8483) 2019-12-09 18:19:37 +08:00
dependabot-preview[bot] 9b30922109 Build(deps): Bump rotp from 3.3.1 to 5.1.0 (#8477)
* Build(deps): Bump rotp from 3.3.1 to 5.1.0

Bumps [rotp](https://github.com/mdp/rotp) from 3.3.1 to 5.1.0.
- [Release notes](https://github.com/mdp/rotp/releases)
- [Changelog](https://github.com/mdp/rotp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mdp/rotp/compare/v3.3.1...v5.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Fix breaking ROTP changes
2019-12-09 14:29:48 +10:00
jwjwyoung 5cef71e885 DEV: remove uneeded distinct from relation
No need to call `.distinct` when a unique index already exists.
2019-12-09 14:24:38 +11:00
Blake Erickson da66950cf5 DEV: Remove buffered rendering from backup upload progress
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 54e4559aea in this
series.

This commit affects the display of the backup upload progress bar. It is
just a refactor and does not change any functionality.
2019-12-06 17:11:25 -07:00
Neil Lalonde d0e191a9d5 REFACTOR: changes from tag synonym feedback 2019-12-06 15:42:22 -05:00
Penar Musaraj 68124caae2 FIX: Avoid unpinning composer on iOS when invoking emojis
Specifically when invoking emoji dropdown using a colon and pressing Return.
2019-12-06 14:08:59 -05:00
Vinoth Kannan e51091f199 REFACTOR: do `X-Frame-Options` header removal in application controller.
Co-authored-by: Sam <sam.saffron@gmail.com>
Previous commit: f7084a4339
2019-12-06 18:25:32 +05:30
Blake Erickson 6617015bb5 DEV: Remove commented out code
Forgot to remove this.

Follow up to: 54e4559aea
2019-12-05 20:32:27 -07:00
Blake Erickson 54e4559aea DEV: Remove buffered rendering from topic timers
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: f269e45978 in this
series.

This commit affects the display of topic timers. It is just a refactor
and does not change any functionality.
2019-12-05 20:28:27 -07:00
Martin Brennan e4881290be
FIX: Image file names with dots were showing incorrectly in composer markdown (#8465)
When uploading an image file with dots in the filename we were splitting the string on dots and getting the last of the split items as the extension-less filename. However this did not work with filenames that have dots. We now  just remove the extension using substr.
2019-12-06 10:58:47 +10:00
Vinoth Kannan da2b0b2882 UX: remove the double-encoding of user titles.
`{{}}` in handlebars are already escaping the HTML elements.
2019-12-06 04:07:47 +05:30
Gerhard Schlager 00985559e4 FIX: Login page that redirects to preferences was broken 2019-12-05 22:36:11 +01:00
Gerhard Schlager 86186de1e3 FIX: Redirect to /login-preferences didn't work for subfolders 2019-12-05 22:34:44 +01:00
Blake Erickson f269e45978 DEV: Remove buffered rendering from popup-input-tips
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: fe9293b8b5 in this
series.

This commit affects the display of popup input tips, like in the
composer when the title is too short or too long. It is just a refactor
and does not change any functionality.
2019-12-05 10:59:36 -07:00
Vinoth Kannan aa5d4e9f6e FIX: keep `ruby` & `rt` tags in html to markdown conversion. 2019-12-05 21:18:00 +05:30
Vinoth Kannan 11c4d5eda7 Fix the build - take 3.
754e1238b0
2019-12-05 20:35:39 +05:30
Vinoth Kannan 754e1238b0 Fix the build - take 2.
b0e3062fdf
2019-12-05 19:36:52 +05:30
Vinoth Kannan b0e3062fdf Fix the 'PostMover' spec. 2019-12-05 19:09:50 +05:30
Vinoth Kannan e6dfcda0bc DEV: handle all notification consolidations in new 'NotificationConsolidator' class.
481c8314f0
2019-12-05 14:36:06 +05:30
Blake Erickson fe9293b8b5 DEV: Remove buffered rendering from input tips
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 2290ec9e87 in this
series.

This commit affects the display of input tips. It is just a refactor and
does not change any functionality.
2019-12-04 18:11:00 -07:00
Blake Erickson 2290ec9e87 DEV: Remove buffered rendering from i18n count
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 80f4b9e227 in this
series.

This commit affects the display of translated counts that is used in
multiple places like showing how many posts are selected using the
select posts feature on a topic. It is just a refactor and does not
change any functionality.
2019-12-04 15:39:05 -07:00
Krzysztof Kotlarek fa52ed3b16
FIX: bufferedValuesString.split is not a function (#8463)
Fix an error `bufferedValuesString.split is not a function`.
It is happening when bufferedValue is a positive boolean (checkbox value)
2019-12-05 08:25:49 +11:00
Neil Lalonde 875f0d8fd8
FEATURE: Tag synonyms
This feature adds the ability to define synonyms for tags, and the ability to merge one tag into another while keeping it as a synonym. For example, tags named "js" and "java-script" can be synonyms of "javascript". When searching and creating topics using synonyms, they will be mapped to the base tag.

Along with this change is a new UI found on each tag's page (for example, `/tags/javascript`) where more information about the tag can be shown. It will list the synonyms, which categories it's restricted to (if any), and which tag groups it belongs to (if tag group names are public on the `/tags` page by enabling the "tags listed by group" setting). Staff users will be able to manage tags in this UI, merge tags, and add/remove synonyms.
2019-12-04 13:33:51 -05:00
Vinoth Kannan 400f79cffc FEATURE: add `topic_filtered_posts_count` attribute to web hook post serializer. 2019-12-04 22:52:44 +05:30
Joffrey JAFFEUX c5140ef3fb
FIX: prevents multiple jumps to happen with LockOn (#8460) 2019-12-04 16:45:23 +01:00
Joffrey JAFFEUX b74679f231
FIX: ensures the element is on the page before scroll with lockon (#8458) 2019-12-04 14:12:50 +01:00
Daniel Waterworth 2f5adbe1f4 DEV: Allow the creation of sub-sub-categories
This commits adds a new site setting (max_category_nesting), that
determines whether sub-sub-categories are allowable.
2019-12-04 12:07:05 +00:00
Daniel Waterworth 6e5fedb312 DEV: Use category ids in more URLs preferentially
This is a followup to 374534f0
2019-12-04 09:47:41 +00:00
Krzysztof Kotlarek bb69e8942e
FEATURE: ability to add all active components to theme (#8447)
* FEATURE: ability to add all active components to theme

* FIX: add a component to all themes takes only active ones

* FIX: move select components/themes to top

* FIX: improve defaultIsAvailable

* FIX: Add filter(Boolean) and remove btn class
2019-12-04 17:13:41 +11:00
Krzysztof Kotlarek 46fc45de99
FIX: inbound link when the only slug available (#8457)
Problem mentioned in [meta](https://meta.discourse.org/t/inbound-links-dont-show-up-when-topic-id-is-not-included/100551)

When there is an internal link without ID, only slug, we should still try to create reflection link.
2019-12-04 17:13:20 +11:00
Joe 5e134400e2
UX: prevent scrollbars on initial panel load (#8456) 2019-12-04 11:40:59 +08:00
Blake Erickson 8f708bd6e1 DEV: Run prettier
Follow up to: 80f4b9e227
2019-12-03 17:39:39 -07:00
Blake Erickson 80f4b9e227 DEV: Remove buffered rendering from watched words
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: bb31e7f5b6 in the series.

This commit affects the display of the Webhooks Deliver Status column. It
is just a refactor and does not change any functionality.
2019-12-03 17:23:10 -07:00
Sam Saffron 57bb553499 DEV: nav-item should not fail when no top menu items exist
This can be called from themes where anonymous_top_menu_items is not set
cause the site requires login

Bail out cleanly if that is the case
2019-12-04 10:30:04 +11:00
Mark VanLandingham 6fe27b9e97
FEATURE: Plugin outlet adjacent to new topic btn (#8443) 2019-12-03 13:57:07 -06:00
Gerhard Schlager 9ebb69e8eb FIX: Respect `enable_inline_emoji_translation` setting in titles 2019-12-03 20:39:11 +01:00
Gerhard Schlager e7c3c10829 FIX: Prepends whitespace when inserting via emoji picker 2019-12-03 20:39:11 +01:00
Daniel Waterworth ee2473d7d5 FIX: linting 2019-12-03 16:07:55 +00:00
Daniel Waterworth af5bcb25d5 DEV: Make bread-crumb component work with sub-sub-categories 2019-12-03 15:56:13 +00:00
romanrizzi d0bb6314c6 DEV: '= true' is not necessary 2019-12-03 11:32:45 -03:00
Joe 98b600f1e1
UX: Adjusts wizard step margins (#8452) 2019-12-03 22:28:03 +08:00
romanrizzi c86ca3609e FIX: Filter readers avatars correctly when the post is a whisper 2019-12-03 10:50:02 -03:00
Dan Ungureanu e4f05a0d15
FIX: Call the right method 2019-12-03 14:16:06 +02:00
Joffrey JAFFEUX 0d3d2c43a0
DEV: s/\$redis/Discourse\.redis (#8431)
This commit also adds a rubocop rule to prevent global variables.
2019-12-03 10:05:53 +01:00
Roman Rizzi 9eccfb7b52 FIX: Guarantee order to correctly defer replies in review queue (#8426)
Our code used to  approve the first flagged post and ignore the rest in some specific conditions.
2019-12-03 18:39:10 +11:00
Blake Erickson 69213d2ea4 FIX: 500 error for missing badge grouping (#8446)
If a badge grouping happens to have been deleted a 500 error will be
thrown when looking a user's badges.

This fix allows the badge page to still be shown without any errors. The
badge with the missing badge grouping is still displayed.

I'll follow up with a separate pr/commit that will ensure if a badge
grouping is deleted, all badges with that badge_grouping_id will also be
updated.
2019-12-03 18:37:01 +11:00
Martin Brennan f3109a1f25 Add timezone to current_user_serializer (#8448)
* the code to get current user already got their
  user_option record as well, so adding the timezone
  column to the attributes returned should not create
  any additional overhead. this timezone will be very
  useful for getting momentjs dates relative to the
  user's timezone
2019-12-03 18:31:15 +11:00
Sam Saffron f65c453555 Revert "FIX: Do not autocomplete categories or emojis in code blocks (#8433)"
This reverts commit b643526d9a.

Sadly this introduces a regex runaway CPU condition, we will re-work
this so it is safe.
2019-12-03 09:27:26 +11:00
Dan Ungureanu b643526d9a
FIX: Do not autocomplete categories or emojis in code blocks (#8433)
Emojis and category autocomplete show up often when writing code
snippets, which makes it easy to insert unwanted text by mistake.
2019-12-02 18:48:40 +02:00
Robin Ward 5df719a3c2 FEATURE: Support pasting a list of usernames into a PM
This allows you to paste multiple usernames into a PM's recipient list
at once. It supports usernames separated by spaces, commas, and new lines.
2019-12-02 11:28:09 -05:00
Daniel Waterworth 712e171b34 DEV: Don't pass multiple categories to tag-drop
The tag-drop component uses the passed in categories to calculate paths,
but only the last category is relevant, since, from a category we can
calculate its ancestors.
2019-12-02 12:27:19 +00:00
Daniel Waterworth 374534f00e DEV: Use category ids in URLs preferentially 2019-12-02 09:28:15 +00:00
Daniel Waterworth 9251065768 FIX: Generate redirect URL correctly when using a subdirectory
The url property of a category contains the base_uri and so it shouldn't
be concatated into a larger URL unless it is the prefix.
2019-12-02 09:28:15 +00:00
Daniel Waterworth c414db107c FIX: Handle none path correctly with three levels
With a path like "/c/foo/1/none", "none" was being interpreted as an id.
2019-12-02 09:28:15 +00:00
Joffrey JAFFEUX 3cf4ba5069
FIX: ensures censor has always at least an empty string to handle (#8442) 2019-12-02 10:24:07 +01:00
Vinoth Kannan 580b289861 UX: skip leading spaces in selection when adding a link. 2019-11-30 20:14:22 +05:30
Bianca Nenciu 57f108899a
FEATURE: Make site texts controller handle pages and locales (#8408)
Some endpoints are returning i18n keys instead of translated messages
and with these changes, the site_texts endpoint can help translating
those.

Pagination part is needed for better wildcard support. For example,
looking for 'js.notifications' would set 'has_more' to true, but return
only the first 50 messages with no way of fetching the remaining.
2019-11-30 15:16:36 +02:00
David Taylor 06c2e28bbb DEV: Remove two more references to instagram_user_infos
Follow-up to ad6f33e5b1
2019-11-29 17:12:06 +00:00
David Taylor cdec5f154b DEV: Remove remaining reference to instagram_user_infos
Follow-up to ad6f33e5b1
2019-11-29 16:53:53 +00:00
David Taylor ad6f33e5b1 DEV: Remove unused instagram_user_info model
This has been unused since 703c724cf3
2019-11-29 16:43:38 +00:00
David Taylor dd8fe1a9e7 DEV: Update annotations 2019-11-29 15:49:08 +00:00
Robin Ward 7fee3c61de
Support for custom messages and redirects when creating posts (#8434)
* Support for custom messages and redirects when creating posts

When a post/topic is created Discourse serializes a `NewPostResult`
object. Normally this contains a status like `created_post` or
errors describing why the post could not be created.

There are times when a plugin might want to take the inputted post
and do something in the background. In this case, the plugin
can return a custom `message` and `route_to` attribute in the
`NewPostResult`.

If present, the message will be displayed in an alert, and when "Ok" is
clicked the user will be routed to the new URL.

* Destroy the draft in parallel
2019-11-29 09:30:54 -05:00
Arpit Jalan 8237e0e001
UX: show group full name even when title is same. (#8437) 2019-11-29 13:07:24 +05:30
Daniel Waterworth 11a73b3f15 DEV: Client side routing for routes with tag and category context
This moves also moves some of the logic to Category.
2019-11-28 17:58:04 +00:00
Daniel Waterworth 4eb8d1e717 FIX: fix typo 2019-11-28 17:53:13 +00:00
Daniel Waterworth 6431daaa2e DEV: Rename dynamic segment to snake case to fit with Ember convention 2019-11-28 17:53:11 +00:00
Jarek Radosz 0911a9202e
FIX: Make sure the suspended status is up to date (#8432)
Continuation of #8206

The returned suspend attribute was overwriting a computed property, which made the user admin page go out of sync.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-11-28 16:46:14 +01:00
Joffrey JAFFEUX e92e06c3a7
FIX: adds data-topic-id to quick-access-item (#8430)
This fix will allow discourse-encrypt to decrypt messages titles of the quick-access-pannel for PMs
2019-11-28 11:27:36 +01:00
Joffrey JAFFEUX 7fc99f5e7b
UX: do not show shadow on hover images on touch devices (#8429) 2019-11-28 10:51:08 +01:00
Sam Saffron d10f55c3e9 Revert "FIX: adds data-topic-id to quick-access-item (#8422)"
This reverts commit 700bd280e4.

Oops looks like this breaks tests:

```
Module Failed: widget:quick-access-item
  Test Failed: escapedContent attribute is not escaped
    Assertion Failed: TypeError: Cannot read property 'match' of undefined
      Expected: true, Actual: false
  Test Failed: anonymous
    Assertion Failed: failed, expected argument to be truthy, was: 0
      Expected: true, Actual: 0
    Assertion Failed: Element .enable-anonymous not found.
  Test Failed: anonymous - switch back
    Assertion Failed: failed, expected argument to be truthy, was: 0
      Expected: true, Actual: 0
    Assertion Failed: Element .disable-anonymous not found.
  Test Failed: log out
    Assertion Failed: failed, expected argument to be truthy, was: 0
      Expected: true, Actual: 0
    Assertion Failed: Element .logout not found.
  Test Failed: content attribute is escaped
    Assertion Failed: TypeError: Cannot read property 'match' of undefined
      Expected: true, Actual: false
```
2019-11-28 16:38:26 +11:00
Joffrey JAFFEUX 700bd280e4 FIX: adds data-topic-id to quick-access-item (#8422)
This fix will allow discourse-encrypt to decrypt messages titles of the quick-access-pannel for PMs
2019-11-28 16:29:17 +11:00
Krzysztof Kotlarek b120728999
FEATURE: Ability to add components to all themes (#8404)
* FEATURE: Ability to add components to all themes

This is the first and functional step from that topic https://dev.discourse.org/t/adding-a-theme-component-is-too-much-work/15398/16

The idea here is that when a new component is added, the user can easily assign it to all themes (parents).

To achieve that, I needed to change a site-setting component to accept `setDefaultValues` action and `setDefaultValuesLabel` translated label.
Also, I needed to add `allowAny` option to disable that for theme selector.

I also refactored backend to accept both parent and child ids with one method to avoid duplication (Renamed `add_child_theme!` to more general `add_relative_theme!`)

* FIX: Improvement after code review

* FIX: Improvement after code review2

* FIX: use mapBy and filterBy directly
2019-11-28 16:19:01 +11:00
Sam Saffron 7371b427cd DEV: correct a few Ruby 2.7 deprecations
Note:

```
def foo(bar: 1)
end

foo({bar: 2})
# raises a deprecation, instead use:

foo(**{bar: 2})
```

Additionally when matching regexes always use strings. It does not make
sense to match a non string to a regex.
2019-11-28 13:13:29 +11:00
Blake Erickson 2bb36d72a3 DEV: Fix failing test on CI due to whitespace differences
I could not replicate the failure locally, but it was consistently
failing on CI with:

```
  Assertion Failed: it should escape watched words

      Expected:  <img src="x">, Actual:  <img src="x">
```

This commit removes an extra space that was added originally, but I
don't think it is really needed after double checking how it displays in
the UI. The `x` icon and the word have sufficient spacing between them.
If we need to we can tweak it in css instead.
2019-11-27 17:23:49 -07:00
Vinoth Kannan dcada66aa0 Merge branch 'master' of github.com:discourse/discourse 2019-11-28 05:19:56 +05:30
Vinoth Kannan fd8ce7256c DEV: don't send staff welcome message to first admin. 2019-11-28 05:19:46 +05:30
Blake Erickson 83a521e8c6 DEV: Fix failing test with watched words
Follow up to: bb31e7f5b6

This commit fixes this failing test:

`Assertion Failed: it should escape watched words`

Now that we have a handlebars template we can us it for escaping because
it does that for us.
2019-11-27 16:48:01 -07:00
Vinoth Kannan 0fed417439 DEV: always trigger 'notification_created' event.
And make prettier happy.
2019-11-28 04:31:55 +05:30
Blake Erickson bb31e7f5b6 DEV: Remove buffered rendering from watched words
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 2673cad142 in this
series.

This commit affects the display of watched words on the admin watched
word page. It is just a refactor and does not change any functionality.
2019-11-27 15:47:13 -07:00
Vinoth Kannan 481c8314f0 FEATURE: consolidate group membership request notifications. 2019-11-28 04:02:35 +05:30
Martin Brennan 901054fd75
FIX: Cache failed onebox URL request server-side (#8421)
We already cache failed onebox URL requests client-side, we now want to cache this on the server-side for extra protection. failed onebox previews will be cached for 1 hour, and any more requests for that URL will fail with a 404 status. Forcing a rebake via the Rebake HTML action will delete the failed URL cache (like how the oneboxer preview cache is deleted).
2019-11-28 07:48:29 +10:00
Martin Brennan e7c7a05097
FIX: Mark secure media upload insecure automatically if used for theme component (#8413)
When uploading a file to a theme component, and that file is existing and has already been marked as secure, we now automatically mark the file as secure: false, change the ACL, and log the action as the user (also rebake the posts for the upload)
2019-11-28 07:32:17 +10:00
Roman Rizzi 1c9d18f094
FIX: Correctly ignore/approve replies when acting on a flagged post (#8425) 2019-11-27 17:19:44 -03:00
David Taylor b6e08c06c5 DEV: Remove unused user_auth_token_log_serializer
Usage was removed in f2331ef07f
2019-11-27 16:50:31 +00:00
David Taylor a227083c1c
FEATURE: Limit the number of active sessions for a user (#8411)
If a user has more than 60 active sessions, the oldest sessions will be terminated automatically. This protects performance when logging in and when loading the list of recently used devices.
2019-11-27 12:39:31 +00:00
David Taylor 1a6bbfd10b
FIX: Do not start the login flow when logging out from SSO/Authenticator (#8423)
This affects login_required sites which use SSO or have only one authenticator enabled. Previously, logging out would redirect to the homepage, which would then redirect to the identity provider. Now, users will be redirected to the Discourse login page. This avoids the confusing situation where a user appears to remain logged in after clicking logout.

Sites which have explicitly defined a logout_redirect url are not affected by this change.

For context, see https://meta.discourse.org/t/134138/2
2019-11-27 11:41:07 +00:00
David Taylor 13a0da8c39 DEV: Use shared logout function when revoking all sessions 2019-11-27 11:09:44 +00:00
Dan Ungureanu 2d3113e4da
FIX: Correctly resize lazy loaded images in Oneboxes 2019-11-27 11:49:32 +02:00
Sam Saffron 88ecb650a9 DEV: Implement a faster Discourse.cache
This is a bottom up rewrite of Discourse cache to support faster performance
and a limited surface area.

ActiveSupport::Cache::Store accepts many options we do not use, this partial
implementation only picks the bits out that we do use and want to support.

Additionally params are named which avoids typos such as "expires_at" vs "expires_in"

This also moves a few spots in Discourse to use Discourse.cache over setex
Performance of setex and Discourse.cache.write is similar.
2019-11-27 16:11:49 +11:00
Sam Saffron 0fb497eb23 DEV: use Discourse.cache over Rails.cache
Discourse.cache is a more consistent method to use and offers clean fallback
if you are skipping redis

This is part of a larger change that both optimizes Discoruse.cache and omits
use of setex on $redis in favor of consistently using discourse cache

Bench does reveal that use of Rails.cache and Discourse.cache is 1.25x slower
than redis.setex / get so a re-implementation will follow prior to porting
2019-11-27 12:36:19 +11:00
Joffrey JAFFEUX 0807751390
REFACTOR: poll-pie-chart widget (#8415)
This commit mostly get rid of the later() call and encapsulate all pie chart display logic inside discourse-poll-pie-canvas widget instead of sharing it between discourse-poll-pie-chart and discourse-poll-pie-canvas
2019-11-27 00:10:43 +01:00
Blake Erickson 2673cad142 DEV: Remove buffered rendering from user directory
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: e0199e8094 in this
series.

This commit affects the table header sorting on the user directory page.
It is just a refactor and should not change any functionality.
2019-11-26 15:48:43 -07:00
Kris 5f7948ace6 follow up adjustment to ff34ab6 2019-11-26 16:04:40 -05:00
Kris ff34ab6aef UX: Show obvious message when backup restoration is disabled 2019-11-26 12:55:25 -05:00
Arpit Jalan 7e08dabeac FIX: do not validate topic when resetting `bumped_at`
Migrated topics were failing when resetting `bumped_at` via
`reset-bump-date` endpoint because there was an existing
(imported) topic with same title.
2019-11-26 23:12:47 +05:30
Leo McArdle 2714149fd2 FEATURE: hide posts from incoming email based on dmarc verdict (#8333) 2019-11-26 15:55:22 +01:00
Joffrey JAFFEUX 8ea114007f
UX: adds hover effect on lightboxed images (#8416)
* UX: adds hover effect on lightboxed images

This commits also adds two scss functions:

- is-light-color-scheme()
- is-dark-color-scheme()

This hover effect won't be added on dark color schemes, as images already standout nicely on dark backgrounds.

Co-Authored-By: David Taylor <david@taylorhq.com>
2019-11-26 15:06:30 +01:00
Daniel Waterworth 8876db874f DEV: Client side category routing changes
This commit corresponds to d84c34ad which applies the same changes to
the server-side. This changes the category routes, except for the routes
that contain tags.
2019-11-26 13:52:14 +00:00
Arpit Jalan 2dd47df6d1 FIX: show updated_at for invite sent date. 2019-11-26 13:22:48 +05:30
Sam Saffron 941162e90e FIX: draft not clearing when replying to new topic
This amends our API so we provide it with the draft key when saving a post
this means post creator can clean up the draft consistently even if we are
doing fancy stuff like replying to a new topic or new pm or whatever.

There will be some followup work to clean it up so client never calls destroy
on draft during normal operation and the #create/#update endpoints takes care of it
every time
2019-11-26 18:23:20 +11:00
Martin Brennan d0246104ee
FIX: oneboxer.js infinitely retrying failed requests (#8414)
* setFailedCache was used like a variable object, when it was in fact a function
2019-11-26 15:49:58 +10:00
Blake Erickson e0199e8094 DEV: Remove buffered rendering from admin-directory toggle
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: d0ad5ecc6d in this
series.

This commit affects the table header sorting on the admin directory page.
It is just a refactor and should not change any functionality.
2019-11-25 18:09:18 -07:00
Krzysztof Kotlarek 6e403f20ee
FIX: Don't error when the empty current value in dif (#8406)
If current value is nil we should use `&.` combined with `dig` to protect diff from erroring

It is happening when for example theme is delete (new value is empty)
2019-11-26 09:17:14 +11:00
Blake Erickson d0ad5ecc6d
DEV: Remove buffered rendering from group-index-toggle (#8399)
* DEV: Remove buffered rendering from group-index-toggle

This is the first step in a refactor to remove all uses of our Buffered
Renderer:

01e2d5a670/app/assets/javascripts/discourse-common/lib/buffered-render.js.es6 (L3)

This commit affects the header sorting on the group member and the group
requests pages. It is a refactor only with no change in functionality.
2019-11-25 13:36:00 -07:00
Daniel Waterworth 720101b3ee FIX: Update site data when we receive a list of categories
When we receive a list of categories, we should store them so that we
are able to query them in the browser without a page refresh.

This removes a previous fix for the same issue that was much less
general.
2019-11-25 16:50:54 +00:00
Dan Ungureanu d2d0937986
DEV: Add test for load-more (#8369)
Follow-up to 3650c64bca.
2019-11-25 14:42:34 +02:00
Dan Ungureanu d5f5d9b867
FIX: Show quoted images correctly. (#8391)
This commit attempts to fix two issues that affect quoted images.

The first issue is observed while loading. The 'position: absolute' CSS
property makes 'width' and 'height' behave differently. Instead of using
the known image size, this makes it use the computed width and height of
the image, which should be the right size, as shown to the user.

The second issue is caused by 'object-fit: cover' property which trimmed
the left and right sides of wide pictures to make them fit inside the
quote.
2019-11-25 14:32:38 +02:00
Dan Ungureanu a992caf741
DEV: Replace magic values (#8398)
Follow-up to 35942f7c7c.
2019-11-25 14:32:19 +02:00
Martin Brennan f1cd0d6388 Remove unnecessary commented code 2019-11-25 16:40:27 +10:00
Martin Brennan dbfe9540fa FIX: be more tactical with replacing markdown chars
* instead of using encodeURIComponent in imageNameFromFileName,
  we just replace the bad characters that we wanted to get rid
  of in the first place where we introduced encodeURIComponent.
  as per review
2019-11-25 16:38:13 +10:00
Martin Brennan b89e634dd4
FIX: Replace %20 with space in markdown file name for uploads (#8405)
Meta: https://meta.discourse.org/t/image-name-has-20-in-file-name/134136

We were ending up with [file%20name](url) in the markdown preview, which looked weird and
affected the alt text. this is because we were calling encodeURIComponent, which has been left in place because this is a valid thing to do for some cases. (e.g. f674b9e)
2019-11-25 13:54:55 +10:00
Martin Brennan afb5533581
FEATURE: Add timezone to core user_options (#8380)
* Add timezone to user_options table

* Also migrate existing timezone values from UserCustomField,
  which is where the discourse-calendar plugin is storing them

* Allow user to change their core timezone from Profile

* Auto guess & set timezone on login & invite accept & signup

* Serialize user_options.timezone for group members. this is so discourse-group-timezones can access the core user timezone, as it is being removed in discourse-calendar.

* Annotate user_option with timezone

* Validate timezone values
2019-11-25 10:49:27 +10:00
Krzysztof Kotlarek 43ddf60cdf
FIX: When dismissing category inform via MessageBus (#8371)
When category is dismissed, `dismiss_new` message is sent to fronted to clean state.

In addition, I noticed that when old dismiss new button is clicked, no message is sent so I decided to kill two birds with one stone.
2019-11-25 06:17:31 +11:00
romanrizzi 01e2d5a670 UX: Set selected scale to 100% if scale is undefined 2019-11-22 18:19:35 -03:00
Kris f9fa9b45d0 Facebook square icon has been deprciated for Facebook circle 2019-11-22 15:25:20 -05:00
Roman Rizzi c92f0b8775
FEATURE: New API to apply custom filters to the review queue (#8392) 2019-11-22 16:33:10 -03:00
Kris 680cf24965 UX: Make share icons consistent color for dark themes 2019-11-22 13:04:36 -05:00
romanrizzi a53b00a858 DEV: Pass query to the icon outlet 2019-11-22 13:44:31 -03:00
Angus McLeod 2c335efd1e FIX: method names incorrect (#8393) 2019-11-22 15:16:14 +01:00
Daniel Waterworth 2e9e557360 DEV: Remove dead code
Given that this is a route, the 'model' attribute is the hook rather
than an object.
2019-11-22 11:19:48 +00:00
Kris bbfafc31a7 UX: Increase fade on long sign-up form content for more evident scroll 2019-11-21 14:43:20 -05:00
Mark VanLandingham 94e8fd68bf
FIX: Remove uneeded from discourse loader (#8390) 2019-11-21 11:46:27 -06:00
Mark VanLandingham 5ba63f8a98
FIX: Aliases for require functioning (#8387) 2019-11-21 11:39:50 -06:00
Penar Musaraj 11d22293fb FIX: Allow private media uploads to be reused in login_required sites
In non-login-required sites, we prevent secure uploads already used in PMs from being used in public topics.

In login_required sites, secure uploads should be reusable in any topic, PM or not.
2019-11-21 09:14:06 -05:00
Kris cc0df69ea6 minor spacing adjustment for 09579bf 2019-11-21 09:10:52 -05:00
Daniel Waterworth ffba242de1 DEV: Prevent setting filterMode where it can be already be computed
The plan is to switch over all cases where filterMode is set, but, to
prevent breaking plugins and themes, the category and noSubcategories
need to be inferred from any given filterMode before that can happen.
2019-11-21 14:07:10 +00:00
Daniel Waterworth 3344312fb5 FIX: Replace this.get("foo") with this.foo to fix linting checks 2019-11-21 11:29:50 +00:00
Daniel Waterworth 5762498391 DEV: Use new filterType property where possible 2019-11-21 11:01:28 +00:00
Daniel Waterworth 585a229d3f DEV: Add new style filterType property to NavItem model 2019-11-21 10:59:30 +00:00
Daniel Waterworth 556b29952c FIX: followup to a8d58c3b
It helps to include the files you intend to add
2019-11-21 10:52:50 +00:00
Daniel Waterworth a8d58c3b21 DEV: Make filterModes obsolete
This mixin handles the translation between old filterModes and new
filterTypes. filterModes have context information, filterTypes do not.
2019-11-21 10:51:18 +00:00
Daniel Waterworth 026832fb80 FIX: Mobile top topic list with a period and a category or tag 2019-11-21 10:17:24 +00:00
Sam Saffron b57e108e84 FEATURE: improve email change workflow
- Show old and new email address during the process
- Ensure correct user is logged on when attempting to make email changes
- Support reloading a page during the email reset process without resubmit
of form
- Improve tests
- Fixed issue where redirect back to site was not linking correctly in
subfolder setups

Internal refactor of single action into 4 distinct actions that are simpler
to reason about.

This also removes the step that logs on an account after you confirm an
email change, since it is no longer needed which leaves us with safer
internals.

This left me no choice but to amend translations cause the old route was
removed.
2019-11-21 16:28:35 +11:00
Kris 09579bffbe UX: More obvious alt auth link 2019-11-20 23:44:10 -05:00
Jeff Wong c6d8dbd4a9 Revert "FEATURE: Normalize the service worker route (#8359)"
This reverts commit 9799a651b6.
2019-11-20 14:10:17 -08:00
Robin Ward 947416004f FIX: EventTarget error 2019-11-20 15:51:42 -05:00
Robin Ward d7ae052efe DEV: Don't allow `Promise` unless imported from `"rsvp"`
We want to make sure we are using the correct promise implementation so
let's lint out the browser version.
2019-11-20 15:24:59 -05:00
Jeff Wong 9799a651b6
FEATURE: Normalize the service worker route (#8359)
* FEATURE: Normalize the service worker route

Update cache headers so they are not immutable outside of the rails app

Add the ability to purge the service worker cache from localhost

Rails -> nginx will pass immutable flags so the file is cached until reloaded.
In most cases, nginx will have its cache flushed on rebuild (new image)

For those needing dynamic re-caching (such as upgrading via the UI),
a rake task for flushing the service worker script is provided
through `assets:flush_sw`
2019-11-20 11:33:41 -08:00
Penar Musaraj 797045f5a9
DEV: Move some autocomplete input styling to SCSS (#8381) 2019-11-20 12:32:00 -05:00
David Taylor e1fcbf4aef DEV: Remove new_version_emails global setting reference
All site settings are now shadowed by global settings, so there is no need to lookup the global setting explicitly
2019-11-20 15:54:09 +00:00
Dan Ungureanu 555711ccb5
FIX: Use correct MIME type for theme exports (#8379) 2019-11-20 17:19:16 +02:00
Daniel Waterworth 3b5c214ac3 DEV: fix linting 2019-11-20 14:03:45 +00:00
Daniel Waterworth d541183906 DEV: Make it possible to deprecate plugin outlet properties 2019-11-20 13:56:26 +00:00
Martin Brennan 02cb01406e
FIX: Allow secure uploads if global s3 setting active and enable_s3_uploads validations (#8373)
The secure media functionality relied on `SiteSetting.enable_s3_uploads?` which, as we found in dev, did not take into account global S3 settings via `GlobalSetting.use_s3?`. We now use `SiteSetting.Upload.enable_s3_uploads` instead to be more consistent.

Also, we now validate `enable_s3_uploads` changes, because if `GlobalSetting.use_s3?` is true users should NOT be enabling S3 uploads manually.
2019-11-20 07:46:44 +10:00
Robin Ward 9b60900b8d FIX: More `Promise` uses that were not imported 2019-11-19 15:58:40 -05:00
David Taylor 46841888b7 FIX: For a single authenticator, do not interrupt registration flow
Followup to 0a14b9b42a
2019-11-19 19:15:11 +00:00
Neil Lalonde 565a967192 FIX: email excerpts for posts starting with a quote were displaying a username
If a post starts with a post quote and has no other text content,
then the email excerpt was the name of the person quoted and
nothing else. The intention was to show the contents of the
first paragraph or div after the quote.

With this change, a quote followed by an image will use the
image as the excerpt. A quote followed by a onebox will use the
onebox.
2019-11-19 12:35:23 -05:00
Blake Erickson 7ba2b677a6 DEV: Use enum instead of id for topic timer query
Follow up to 266e486037
2019-11-19 10:10:14 -07:00
Blake Erickson 266e486037 FIX: Turn off auto bumping for topics with scheduled bumps
If a topic has a timer scheduled to bump a topic it should be excluded
from being auto bumped.
2019-11-19 07:27:49 -07:00
Daniel Waterworth 7886a3e58a DEV: Update annotations 2019-11-19 10:21:06 +00:00
Neil Lalonde a4dbec5bf9 FIX: unable to remove required tag group from a category 2019-11-18 15:54:00 -05:00
Neil Lalonde 228c4814be FIX: errors when using tags with colons in their name 2019-11-18 13:20:37 -05:00
David Taylor 6f9afde9a8 UX: Allow enter key to submit test email in admin panel 2019-11-18 15:36:06 +00:00
Roman Rizzi a3df065058
PERF: Do fewer queries when converting posts. (#8358)
- Avoid using User#find and then fetching the user_stat association just to update a counter - We did this for every post in the topic.
- Avoid having to query the topic_allowed_user table everytime we want add a new topic_allowed_user
- Use pluck to fetch just what we need.
2019-11-18 11:04:21 -03:00
David Taylor 172832f353
DEV: Submit forms via `type=submit` button, not explicit form action (#8368) 2019-11-18 13:26:26 +00:00
Dan Ungureanu 3650c64bca
FIX: Ensure load-more considers current position (#8357)
The loadMore action was not called if user was already at the bottom
of the page.
2019-11-18 15:09:47 +02:00
Dan Ungureanu 352d43b101
FIX: Better handling of Group model state (#8356)
The group card and group members page were affecting each other and were
leaking members list and the query parameters which led to bad UX
experience and sub-optimal performance (client made more queries because
it was loading fewer members).

This commit refactors the group model to make it more consistent, remove
dead code, move error handling outside of model.
2019-11-18 14:59:28 +02:00
David Taylor 1c1c3cae85 FIX: Enter key should submit password reset form, not refresh the page 2019-11-18 11:54:41 +00:00
Joe 84107c61a7
FIX: PM glyph in user-menu should always be shown to staff 2019-11-18 17:25:07 +08:00
Vinoth Kannan 3bb7ad4be1
FEATURE: remove support for 'suppress_from_latest' category setting. (#8308) 2019-11-18 12:28:35 +05:30
Vinoth Kannan 4e4844f4db REFACTOR: reduce the number of db queries. 2019-11-18 12:06:13 +05:30
Sam Saffron 79b8c08d45 DEV: give categories-separator class to HR after cateogries
This allows for better styling of the hamburger menu
2019-11-18 17:31:01 +11:00
Martin Brennan af0cc89b11 Mark upload show paths as is_asset_path (#8365)
* this is to avoid excessive rate limiting, especially
  for secure media on media-heavy topics
2019-11-18 16:56:20 +11:00
Dan Ungureanu a9704da34c FIX: A pmOnly tag should link to messages (#8361)
isPrivateMessages represents that the tag list is shown in the context
of private messages and pmOnly represents that the tag is used only in
private messages.
2019-11-18 16:44:08 +11:00
Krzysztof Kotlarek 975165f25f
FIX: Don't error CleanUpInactiveUserJob when user is missing (#8362) 2019-11-18 16:14:15 +11:00
Penar Musaraj 102909edb3 FEATURE: Add support for secure media (#7888)
This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. 

A few notes: 

- the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads
- the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured
- upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status
- when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error
- when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-18 11:25:42 +10:00
Vinoth Kannan 56b19ba740 UX: instead of total user count display only the count of users going to be affected.
edec922803
2019-11-18 00:09:38 +05:30
Penar Musaraj 99b4f79a90 FIX: Include 5 participants in topic summary 2019-11-15 15:11:09 -05:00
Roman Rizzi 4cf3c9cccb
FEATURE: Filter reviewables by date range (#8354) 2019-11-15 15:29:59 -03:00
Penar Musaraj 6e74350f18 Fix Prettier again
Not sure how I missed a few files in the last commit
2019-11-15 10:52:06 -05:00