Commit Graph

9704 Commits

Author SHA1 Message Date
Tobias Eigen 8210c4c649
Update client.en.yml (#29854)
Updated "Edit link options" link on the invite popup so it now reads "Edit link options or send by email". This will help folks find the legacy send invite by email UI. We are still wanting to move away from that and encourage site members to grab an invite link and send it themselves using email, chat app, social media etc.
2024-11-20 10:25:01 -08:00
Tobias Eigen f080ec3d65
Update server.en.yml to fix typo in tl1 description (#29856)
changed "reading hand" to "reading and"
2024-11-20 10:09:52 -08:00
Discourse Translator Bot abfd065ff0
Update translations (#29835) 2024-11-20 00:21:25 +01:00
Angus McLeod ec7de0fd68
Require permitted scopes when registering a client (#29718) 2024-11-19 15:28:04 -05:00
Ted Johansson d96b8d1001
DEV: Modernize admin emoji JavaScript (#29714)
app/assets/javascripts/admin/addon/templates/emojis.hbs
2024-11-19 15:44:34 +08:00
Martin Brennan 01a160d8af
UX: Add AdminConfigAreaEmptyList component (#29816)
This component can be used as a placeholder on
admin pages where the table has no data as per
the admin UI guidelines.
2024-11-19 16:49:57 +10:00
Jordan Vidrine 2a59df79d3
UX: Add title & adjust dnd image (#29812) 2024-11-18 19:25:41 -06:00
Gary Pendergast 69d9868c7f
FEATURE: Add keyboard shortcuts for jumping to unread channels (#29734) 2024-11-18 11:18:58 +11:00
Ella E. a9d6aba427
UX: Update CTA button label to 'Add Emoji' for clarity (#29774) 2024-11-14 20:56:40 -07:00
Krzysztof Kotlarek 42b1ca8f78
UX: redesign admin permalinks page (#29634)
Redesign the permalinks page to follow the UX guide. In addition, the ability to edit permalinks was added.

This change includes:
- move to RestModel
- added Validations
- update endpoint and clear old values after the update
- system specs and improvements for unit tests
2024-11-14 10:03:58 +11:00
Jan Cernik 3df3ad6ed6
FIX: Hide presence toggle icon is backwards (#29737) 2024-11-13 09:54:40 -03:00
Jan Cernik 234133bd3b
UX: Split `hide_profile_and_presence` user option (#29632)
It splits the hide_profile_and_presence user option and the default_hide_profile_and_presence site setting for more granular control. It keeps the option to hide the profile under /u/username/preferences/interface and adds the presence toggle in the quick user menu.

Co-authored-by: Régis Hanol <regis@hanol.fr>
2024-11-12 22:22:58 -03:00
Discourse Translator Bot d7503a6153
Update translations (#29715) 2024-11-12 14:54:38 +01:00
Martin Brennan 7f1e403a25
Revert "DEV: Enable the normalize_emails site setting by default (#29587)" (#29712)
This reverts commit 7d9d98422c.
2024-11-12 10:23:02 +10:00
Sérgio Saquetim 3019bb577b
DEV: Modernize the post menu from widgets to Glimmer components (#28670)
This commit modernizes the post menu by migrating it from the existing widget-based implementation to Glimmer components. This transition aims to improve the maintainability, performance, and overall developer experience.

It also introduces a new DAG-based transformer API for customizations that aims to be more flexible than the widget base one.

---------

Co-authored-by: David Taylor <david@taylorhq.com>
2024-11-11 15:36:08 -03:00
Bianca Nenciu f1700ca589
FEATURE: Paginate categories when there are many (#29569)
This commit removes the new optimized category style introduced in
previous commits (d37a0d40, 9a80d718 and 430c42ac), in favour of the
existent `categories_only`.
2024-11-11 17:32:45 +02:00
Michael R. Crusoe 8854a7101b
UX: fix link to Highlight JS demo (#29701)
Fixes: https://meta.discourse.org/t/update-or-remove-highlight-js-demo-link/304538
2024-11-11 14:48:41 +01:00
Ted Johansson 189d98f3ca
DEV: Convert admin emojis UI to new layout (#29615)
This PR converts the custom emoji UI in the admin pages to follow the new admin UI guidelines.
2024-11-11 15:04:15 +08:00
Krzysztof Kotlarek 4ad83a98a1
FIX: migrations must be finished to reset flags cache (#29693)
Bug introduced here: https://github.com/discourse/discourse/pull/29609

It was checking if `flags` table existed before resetting the cache. However, `require_message` flag was added in further migration:

https://github.com/discourse/discourse/blob/main/db/migrate/20240714231226_duplicate_flags_custom_type_to_require_message.rb#L5

When the admin tried to update Discourse which already has `flags` table but no `require_message` column, it was causing the error.

Therefore, we should ensure that all migrations are finished before resetting flags cache.

Meta: https://meta.discourse.org/t/update-failing-column-require-message-does-not-exist/335030
2024-11-11 12:14:14 +11:00
Angus McLeod cb4b8146a3
Add dedicated user_api_key_clients table to allow for 1:many use cases (#28119) 2024-11-08 12:05:03 -05:00
Ted Johansson f573fd8f5e
FEATURE: Add more bulk dismiss buttons with confirmation (#29331)
When performing bulk dismissal in Unread and New views, the dismiss button stays at the top of the UI. Because of this we want to provide the dismiss action also in the "sticky" menu that's always in view, even when scrolling a long list of topics.
2024-11-08 15:59:12 +08:00
Osama Sayegh 4bc030f76f
FIX: Add back the option to create invite without emailing (#29641)
Follow-up to a5497b74be

In the linked commit, as part of simplifying the invite modal, we removed the option to skip sending an email when creating an invite restricted to a specific address. This has caused confusion about whether an email will be sent by Discourse or not, so we're adding back the option to create a restricted invite without emailing.

Internal topic: t/134023/48.
2024-11-08 07:59:24 +03:00
Natalie Tay 6c36af9f62
DEV: Add verbose logging for google oauth (#29459) 2024-11-08 11:03:17 +08:00
Keegan George 5a23a74bbc
DEV: Show confirmation dialog when admins disable 2FA (#29652)
This PR ensures that admins are shown a confirmation dialog when clicking to disable 2FA for a user. The 2FA button is right below the "Grant Badge" button and as such it can easily be clicked accidentally. It's also good practice to ask for confirmation before removing important functionality.
2024-11-07 16:39:42 -08:00
Keegan George fad0d2ec62
UX: New experimental features should be marked clearly (#29622)
This PR adds a small visual change to the new feature item on the `/admin/whats-new` page. When features are marked with an experimental site setting, they should show an indication on the feature item that it is "Experimental"
2024-11-06 15:26:30 -08:00
Gabriel Grubba 45ecb34aec
UX: update `create_post_for_category_and_tag_changes` to include that it needs whispers enabled to work (#29618)
* UX: update `create_post_for_category_and_tag_changes` to include that it needs whispers enabled to work

* DEV: update phrasing in `create_post_for_category_and_tag_changes`
2024-11-06 11:18:20 -03:00
Krzysztof Kotlarek d57b7abe67
FIX: setup with db:create db:migrate (#29609)
After data seed, we should reset Redis cache to ensure that the correct flags are cached.

However, `db:create` is skipping Redis 

https://github.com/discourse/discourse/blob/main/lib/tasks/db.rake#L39

And uses `ActiveSupport::Cache::MemoryStore.new`

e2292d4c59/lib/discourse.rb (L523)

Therefore, the reset flags cache was moved to initializers and evaluated only when the cache is Redis and Flags table already exists.

Meta: https://meta.discourse.org/t/development-install-fails-when-running-bin-rails-db-migrate/332754
2024-11-06 15:06:17 +11:00
Osama Sayegh ae721bd0f1
DEV: Fetch settings by area name instead of individual settings (#29604)
This commit switches the route for the about config page to retrieve the list of site settings that control the /about page by their area instead of their individual names.

Internal topic: t/136384.
2024-11-06 06:56:27 +03:00
Ted Johansson 7d9d98422c
DEV: Enable the normalize_emails site setting by default (#29587)
The normalize_emails setting makes it so that only canonical e-mails are considered for validation purposes. This means disallowing "plus addressing". For example, with this enabled, bob@discourse.org and bob+foo@discourse.org are considered the same address, and you can only sign up with one of them.

Currently this is disabled by default, leading to a lot of spam sign-ups. It's healthier to consider this an opt-out setting.
2024-11-06 11:20:36 +08:00
Discourse Translator Bot 8a201c1e92
Update translations (#29595) 2024-11-05 16:55:45 +01:00
Martin Brennan bba9a99e2e
DEV: Move all experimental settings into new setting category (#29583)
This will allow admins to easily see all the experiments
in one place. In the future, we would like a full Experiments
config page with descriptions and screenshots, but this will
do for now.
2024-11-05 09:43:12 +10:00
Martin Brennan d0a4750caa
DEV: Remove old translations for site settings (#29536)
For experimental_flags_admin_page_enabled_groups, which was deleted
in 205a2bf0d6, and
enable_experimental_bookmark_redesign_groups which was
never a setting, only in translations.
2024-11-05 09:04:17 +10:00
Keegan George 7a936da05c
DEV: Auto grid images no longer experimental (#29572)
Recently we added a new feature for automatically gridding images in the composer (https://github.com/discourse/discourse/pull/29260). After testing this feature under a setting for a short period of time, the feature is no longer experimental anymore.

This PR removes the site setting `experimental_auto_grid_images`.
2024-11-04 08:21:40 -08:00
Mark VanLandingham deeed5b8c1
DEV: Add 'custom' WebHook event type group (#29549) 2024-11-01 13:30:37 -05:00
David Taylor 09e16a3c0d
DEV: Hide composer diffhtml/morphlex setting (#29548)
This has a number of known bugs, and we're unsure whether we'll be continuing development on it

(internal t/108372)
2024-11-01 16:02:15 +00:00
benj cfc23c43e9
FEATURE - Add username column to custom emoji table (#29522)
* Adds emoji column for creator username
2024-11-01 10:32:59 -05:00
Martin Brennan bb13e18855
UX: Use correct case for "Add Flag" button (#29505)
Per https://meta.discourse.org/t/formatting-text-in-discourse-documentation-and-uis/324637
2024-11-01 09:47:53 +10:00
Keegan George 71f808dea9
DEV: Improve method of presenting link clicks (#29453)
Currently the tracking for clicked links are injected into the HTML in a span tag. This leads to the link counter value being highlighted when copying and pasting. Additionally, any means for using CSS to hide link counters result in a gap due to it occupying a specific width.

With this change, we make link counters appear in a data attribute on the link element and visually shown with CSS `::after` element.
2024-10-31 12:44:08 -07:00
Penar Musaraj 95cdb8224f
DEV: Hide experimental lightbox setting (#29519)
This setting is not ready for use, we should hide it from the UI.
2024-10-31 12:01:58 -04:00
Bianca Nenciu 74f1902cd5
DEV: Remove unused translation string (#29518) 2024-10-31 11:34:30 -04:00
Osama Sayegh 0ad1c02932
FEATURE: Add 'Community title' field to about config page (#29500)
This commit adds a new "Community title" field to the about config page. This field controls the `short_site_description` setting, which is shown in the browser tab for key pages such categories pages and topic lists.

Internal topic: t/140812.
2024-10-31 10:04:31 +03:00
Martin Brennan d5b328b193
DEV: Site setting keyword changes (#29486)
This commit contains two changes to how our site setting
keyword system works:

1. Crowdin, our translation provider, does not support YAML lists,
   so we are changing site setting keywords in server.en.yml to
   be pipe-separated (|)
2. It's unclear to translators what they are supposed to do with
   aliases of site settings where the name has changed, e.g.
   min_trust_level_for_here_mention. Instead of getting these as
   keywords from the yml file, we can discern these from
   SiteSettings::DeprecatedSettings automatically, and still use
   them for client-side search

These changes should help improve the situation for translators.
2024-10-31 13:18:34 +10:00
Tobias Eigen 2e3f1a6a62
edited description of must_approve_users (#29480)
* edited description of must_approve_users

When the must_approve_users setting is enabled, the "arrive at topic" invite option is not shown. They have to wait for approval and are sent an email when they are allowed it, and then arrrive on the site home page upon login.

* Update server.en.yml

escaped quotes. (thanks michael!)
2024-10-30 06:08:07 -07:00
Osama Sayegh 19672faba6
FEATURE: Add invite link to the sidebar (#29448)
This commit adds a new "Invite" link to the sidebar for all users who can invite to the site. Clicking the link opens the invite modal without changing the current route the user is on. Admins can customize the new link or remove it entirely if they wish by editing the sidebar section.

Internal topic: t/129752.
2024-10-30 05:31:14 +03:00
Osama Sayegh 2ffe413b0b
FEATURE: Enable the new /about page for everyone (#29390)
This commit removes the feature flag for the new /about page, enabling it for all sites, and removes the code for old the /about page.

Internal topic: t/140413.
2024-10-29 18:40:11 +03:00
Discourse Translator Bot 4d0ed2e146
Update translations (#29467) 2024-10-29 15:31:41 +01:00
Jordan Vidrine f902e0fdd7
UX: Look and feel changes (#29245)
This PR:

- Removes components from being displayed in the card
- Adds a DMenu to house previous footer actions
- Allows themes to be updated from this grid, with an animation and different border to show the update is happening
- Stops position of cards changing when default changes
- Fixes outline colour not changing when default changes
- Show a global notice on the page when previewing a theme
- Allows updating a theme from the grid, and showing an indicator of what theme needs to be updated
- Moves "Set as default" to the dropdown for the theme
- Show screenshot for theme if it is available
- Prevent page reloading when updating the theme
- Fixes theme install modal on grid page
- Temporarily remove sorting of default theme to the top
2024-10-29 12:25:17 +10:00
Ella E. 311c042700
UX: Add description config area card (#29418)
* DEV: add a description to the config area card component

* UX: update strings and placeholders for your org config area card
2024-10-28 09:39:51 -06:00
Martin Brennan 27bdfb6437
FEATURE: Add user preference to disable smart lists (#29434)
Followup 30fdd7738e

Adds a new site setting and corresponding user preference
to disable smart lists. By default they are enabled, because
this is a better experience for most users. A small number of
users would prefer to not have this enabled.

Smart lists automatically append new items to each
list started in the composer when enter is pressed. If
enter is pressed on an empty list item, it is cleared.

This setting will be removed when the new composer is complete.
2024-10-28 14:18:15 +10:00
Martin Brennan 456fbb1dbf
FEATURE: Allow themes to define screenshots (#29079)
This commit allows themes to define up to 2 screenshots
in about.json. These should be paths within the theme's
git repository, images with a 1MB max file size and max width 3840x2160.

These screenshots will be downloaded and stored against a theme
field, and we will use these in the redesigned theme grid UI.

These screenshots will be updated when the theme is updated
in the same way the additional theme files are.

For now this is gated behind a hidden `theme_download_screenshots`
site setting, to allow us to test this on a small number of sites without
making other sites make unnecessary uploads.

**Future considerations:**

* We may want to have a specialized naming system for screenshots. E.g. having light.png/dark.png/some_palette.png
* We may want to show more than one screenshot for the theme, maybe in a carousel or reacting to dark mode or color palette changes
* We may want to allow clicking on the theme screenshot to show a lightbox
* We may want to make an optimized thumbnail image for the theme grid

---------

Co-authored-by: Ted Johansson <ted@discourse.org>
2024-10-28 10:10:20 +10:00
Kris 74bb520877
A11Y: fix and improve user card accessibility (#29399) 2024-10-25 12:43:43 -04:00
Ella E. 92cd2818ad
UX: Update /about config page copy (#29387)
* UX: Update formkit description copy

* UX: Remove unused string
2024-10-25 09:54:28 -06:00
chapoi 8ac1f6ad9a
UX: Visual adjustments to login/signup forms (#28680)
This adds several improvements to the signup/login forms. Some of them include:

- Added a minimal signup progress bar design for mobile.
- Made the signup/login modals full height on mobile.
- Improved the activation, account creation, and login-required pages on mobile.
- Removed the subheader and emoji from the welcome component.
- Removed most input instructions.
- Used consistent font size for text below the inputs.
- Displayed input instructions only when the field is focused.
- Improved the vertical alignment of input labels.
- Increased the spacing between inputs.
- Fixed label positioning for custom fields.
- Moved the "(optional)" text for the name input outside the instructions.
- Disabled buttons during login to prevent layout shifts.
- Reused the CTA component for modals as well.
- Matched the invite CTA styles with the signup form.

---------

Co-authored-by: Jan Cernik <jancernik12@gmail.com>
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2024-10-25 09:34:59 -03:00
Jan Cernik edd114aee2
DEV: Make `experimental_full_page_login` not hidden (#29371) 2024-10-25 09:29:30 -03:00
Guhyoun Nam 82ad7f9d17
DEV: Delete plugin specific webhook event types (#29374)
Background
When creating webhooks on a site without the Discourse Category Experts plugin installed, the category_experts_unapproved_event and category_experts_approved_event webhook events are getting automatically added to webhooks without a way to disable them.

The category_experts_unapproved_event and category_experts_approved_event webhook events are associated with the Discourse Category Experts plugin so I am moving these webhook events into the Category Experts plugin.

Changes
This PR deletes Category Experts plugin specific webhook event types added into core.
2024-10-24 11:02:58 -05:00
Bianca Nenciu d37a0d401c
FEATURE: Introduce an optimized style for category page (#29239)
The new style is called `categories_only_optimized` and it is designed
to show only the parent categories, without any subcategories. This
works best for communities with many categories (over a thousand).
2024-10-24 13:46:42 +03:00
Krzysztof Kotlarek 2ec5c2c514
FIX: reword auto action type field for flags (#29361)
Simplified wording for `auto_action_type` flags.
2024-10-24 08:52:19 +11:00
Kris 5aa32b4621
A11Y: add screenreader markup for category color pickers (#29351) 2024-10-22 18:38:13 -04:00
Kris bca8e1dbc6
A11Y: Label site setting buttons (#29348) 2024-10-22 18:04:42 -04:00
Osama Sayegh 72f57524b4
UX: Add link to /about in the about config page (#29345)
This commit changes the description for the about config page so it contains a link to the /about page itself for easy access when editing the page.
2024-10-22 21:35:01 +03:00
Penar Musaraj cbdab52056
DEV: restore custom route for custom homepage (#29343) 2024-10-22 13:17:36 -04:00
Osama Sayegh 91c674f0bc
FIX: Prevent 'NaN' display by hiding visitor stats on /about until they're ready (#29334)
The visitor stats on the /about page were previously showing as `NaN` immediately after enabling the `display_eu_visitor_stats` site setting because the stats for the /about page are cached and updated once every 30 minutes in a sidekiq job. The `NaN` would go away upon the next run of the relevant sidekiq job, but it's not good UX to display a cryptic `NaN` until the job runs. So, this commit ensures that the visitor stats is not displayed at all until the visitor stats is calculated and available.

Internal topic: t/128480.
2024-10-22 19:29:44 +03:00
Discourse Translator Bot 28c5fb94d3
Update translations (#29335) 2024-10-22 22:44:33 +09:00
Martin Brennan bd4e8422fe
FEATURE: Revive legacy pageview reports (#29308)
This commit brings back some reports hidden or changed
by the commit in 14b436923c if
the site setting `use_legacy_pageviews` is false.

* Unhide the old “Consolidated Pageviews” report and rename it
  to “Legacy Consolidated Pageviews”
* Add a legacy_page_view_total_reqs report called “Legacy Pageviews”,
  which calculates pageviews in the same way the old page_view_total_reqs
  report did.

This will allow admins to better compare old and new pageview
stats which are based on browser detection if they have switched
over to _not_ use legacy pageviews.
2024-10-22 10:06:22 +10:00
Krzysztof Kotlarek 433fadbd52
FEATURE: allow admins to enable announced experimental features (#29244)
Toggle the button to enable the experimental site setting from "What's new" announcement.

The toggle button is displayed when:
- site setting exists and is boolean;
- potentially required plugin is enabled.
2024-10-22 10:56:58 +11:00
Krzysztof Kotlarek 644e6c7f46
FEATURE: auto_action_type field for flags (#29306)
Allow admins to specify if the flag should be `auto_action_type`. If yes, then when an admin flags a post,  it is automatically actioned.

Meta: https://meta.discourse.org/t/allow-creation-of-custom-flags-which-auto-hide-content-similar-to-spam-and-inapproriate/329894
2024-10-22 10:56:31 +11:00
Keegan George ea1473e532
FEATURE: Automatically grid images when 3 or more image uploads (#29260)
This PR adds the feature where three or more image uploads in the composer will result in the images being surrounded by `[grid]` tags. This helps take advantage of the grid feature (https://github.com/discourse/discourse/pull/21513) and display images in a more appealing way immediately after upload.
2024-10-21 11:15:24 -07:00
Osama Sayegh a5497b74be
UX: Simplify invite modal (#28974)
This commit simplifies the initial state of the invite modal when it's opened to make it one click away from creating an invite link. The existing options/fields within the invite modal are still available, but are now hidden behind an advanced mode which can be enabled.

On the technical front, this PR also switches the invite modal to use our FormKit library.

Internal topic: t/134023.
2024-10-21 13:11:43 +03:00
Ted Johansson 56df077931
FIX: Don't error out on empty reserved_usernames setting (#29305)
We're seeing errors in logs due to some sites setting the reserved_usernames setting to nil. This is causing multiple use cases upstream of User#reserved_username? to error out.

This commit changes from using the raw #reserved_usernames to using the #reserved_usernames_map helper which exists on list-type site settings. It returns an empty array if the raw value is nil or empty string.
2024-10-21 14:38:37 +08:00
Penar Musaraj 6bdb6650a2
Revert "FEATURE: Enable image optimization on iOS >= 18 (#29257)" (#29287)
This reverts commit 2ee63e4164.
2024-10-18 13:01:14 -04:00
Jarek Radosz 7f15fdb611
DEV: Make the dev watcher ignore node_modules (#29263) 2024-10-17 23:34:10 +02:00
Rafael dos Santos Silva 2ee63e4164
FEATURE: Enable image optimization on iOS >= 18 (#29257) 2024-10-17 11:51:50 -03:00
Jordan Vidrine f28f82f99e
UX: Multiple fixes to theme card rendering (#29225)
* Improvements, refactors, remove dead code

---------

Co-authored-by: Martin Brennan <martin@discourse.org>
2024-10-16 11:13:36 -05:00
David Battersby 6e6dbde898
DEV: move chat time formats to core locales (#29236)
This change moves the date/time formats to core locales, so that they can be used outside of the plugin.
2024-10-16 20:10:40 +04:00
Discourse Translator Bot e5f2416eff
Update translations (#29212) 2024-10-16 17:52:01 +09:00
Jordan Vidrine 3ad2fd032b
FEATURE: Initial themes config area with grid (#28828)
* UX: More additions

* UX: more

* DEV: Add admin/config/themes route

* UX: Use admin config card

* syntax merge fixes

* cleanup

* cleanup

* checkbox

* more

* error

* save on click

* more

* fix setter

* DEV: Implement vanilla checkbox

* cleanup

* UX: save themes as default

* DEV: Add component list to card

* DEV: Add placeholder for no screenshots

* DEV: Fix default theme reactivity

Also add content/optionalAction yields to config area
card and put the theme user selectable checkbox there,
along with adding styles.

* DEV: Change to generic "look and feel" config area

* DEV: Auto redirect to themes on base look and feel route

* UX: Remove computed from sorted themes

* linting

* UX: Turn update icon into button that routes to settings

* DEV: remove unused function

* UX: center icons with title

* DEV: Lint

* UX: Hook up theme preview button

* DEV: Minor fixes

---------

Co-authored-by: Martin Brennan <martin@discourse.org>
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2024-10-15 10:54:38 -05:00
Jan Cernik 7e1cca87a9
UX: Add option to use fullpages for login and signup (#29034)
This adds dedicated routes for /login and /signup, replacing the use of modals. Currently, this is behind the experimental_full_page_login feature flag. It also includes some small consistency fixes related to formatting, spacing, icons, and the loading of certain elements
2024-10-15 11:10:54 -03:00
Tobias Eigen ae2b871037
Add link to meta to forwarded emails behaviour desc (#29174)
Added a link to https://meta.discourse.org/t/configuring-incoming-email-to-create-new-topics-or-group-messages/62977 to the `forwarded emails behaviour` setting description, to help admins learn how email forwarding works.
2024-10-11 11:07:35 -07:00
Kelv 32e261ef73
DEV: Migrate user passwords data to UserPassword table (#28746)
* Add migrations to ensure password hash is synced across users & user_passwords

* Persist password-related data in user_passwords instead of users

* Merge User#expire_old_email_tokens with User#expire_tokens_if_password_changed

* Add post deploy migration to mark password-related columns from users table as read-only

* Refactored UserPassword#confirm_password? and changes required to accommodate hashing the password after validations
2024-10-10 09:23:06 +08:00
Alan Guo Xiang Tan c1f25cdf5b
FIX: Unicorn master and Sidekiq reopening logs at the same time (#29137)
In our production environment, we have been seeing Sidekiq processes
getting stuck randomly when a USR1 signal is sent to the Unicorn master
process. We have not been able to identify the root cause of why the
Sidekiq process gets stuck. We however noticed that when the Unicorn
master process receives a USR1 signal, it will reopen the logs for the
Unicorn master process first before sending a USR1 signal for the
Unicorn worker processes to reopen the logs. We figured that we should
do the same for the Sidekiq process as well when a USR1 signal.

In this commit, we introduce an arbitrary delay of 1 second before we
the Sidekiq process reopens its log files so as to allow enough time for the Unicorn
master to finish reopening it logs first.

We also do not send reopen logs for the Sidekiq process if the `DISCOURSE_LOG_SIDEKIQ`
env is not present because there is no need to reopen any logs.
2024-10-10 08:01:40 +08:00
Discourse Translator Bot a4531be580
Update translations (#29123) 2024-10-08 20:21:43 +02:00
Penar Musaraj 59c3f2e5a2
DEV: Fix build by removing custom route that triggers error (#29131) 2024-10-08 13:27:43 -04:00
Penar Musaraj 520f71b8f8
FIX: Routing back to homepage from admin sidebar (#29125) 2024-10-08 10:05:08 -04:00
Régis Hanol 34d04e7507
SECURITY: add pagination to post replies
When a post has some replies, and the user click on the button to show them, we would load ALL the replies. This could lead to DoS if there were a very large number of replies.

This adds support for pagination to these post replies.

Internal ref t/129773

FIX: Duplicated parent posts

DEV: Query refactor
2024-10-07 11:48:48 +08:00
Natalie Tay d984646c97
DEV: Update warning when deleting associated accounts (#29053) 2024-10-03 19:50:29 +08:00
Keegan George d0c3f3b8fe
DEV: Remove FontAwesome 5 references (#29060)
Recently we updated the icon library from Font Awesome `5` to `6.6.0`. Since we were running Font Awesome 5 for a long time while 6 had already been released, we often specified in the codebase with the text _"FontAwesome 5"_. However, now that we are in the latest version, there is no need for our API's/comments to keep specifying for version 5. This PR updates all instances of FontAwesome 5 or FA5 and removes the version number to be the more generic: "FontAwesome"
2024-10-02 13:41:51 -07:00
marstall 23fbaf7ee3
UX: change twitter share link to X (#29056) 2024-10-02 14:43:40 -04:00
Discourse Translator Bot 76ad581f67 Update translations 2024-10-02 08:55:44 +02:00
Martin Brennan 8fc34e9323
DEV: Add a skeleton for section landing page & items (#28477)
We are going to start making section landing pages
for admin for each sidebar section. This lays the framework
with routes and simple components that can be further
refined by a designer, but I have taken the base CSS from
AI which Kris made.

The initial section landing items will be used in AI to replace
the placeholders added in this commit b8b3c61451
2024-10-02 12:19:38 +10:00
GeckoLinux d99b73d489
UX: Proper description of the `allowed_iframes` setting (#28997)
https://meta.discourse.org/t/regression-iframe-embedding-broken-with-allowed-src-domain/327852/13

The `allowed_iframes` isn't a list of simple domain names; it requires a full or partial URL with `https://` at the beginning and a trailing slash at the end.
2024-09-30 16:45:06 +10:00
Alan Guo Xiang Tan 37abd93564
DEV: Remove unused file (#28980)
This was added 11 years ago and I don't see us using this anywhere.
2024-09-30 10:18:51 +08:00
Krzysztof Kotlarek c5a024f8df
FIX: custom flag name should be unique (#28869)
Validation to ensure that the custom flag name is unique.
2024-09-30 09:17:19 +10:00
Linca a1e5796ba1
FEAT: Allow admin delete user's associated accounts (#29018)
This commit introduces a feature that allows an admin to delete a user's
associated account. After deletion, a log will be recorded in staff
actions.

ref=t/136675
2024-09-27 20:08:05 +08:00
Ted Johansson be33363f13
FEATURE: Add ability to dismiss admin notices (#28916)
his is a new feature that lets admins dismiss notices from the dashboard. This helps with self-service in cases where a notice is "stuck", while we work on provisions to prevent "sticking" in the first place.
2024-09-17 14:43:34 +08:00
Alan Guo Xiang Tan d7a46e1702
DEV: Remove unused lines (#28940)
We don't support puma at all
2024-09-17 15:46:01 +10:00
Martin Brennan 31ff371ccf
UX: Add link to bootstrap mode docs (#28898)
Links to https://meta.discourse.org/t/understanding-and-managing-bootstrap-mode/322876
in site settings and getting started guide.
2024-09-13 12:44:39 +10:00
Alan Guo Xiang Tan 97143efc52
PERF: Drop `user_search_similar_results` site setting (#28874)
In 14cf8eacf1, we added the
`user_search_similar_results` site setting which when enabled will use
trigram matching for similarity search in `UserSearch`. However, we
noted that adding the `index_users_on_username_lower_trgm` index is
causing the PG planner to not use the `index_users_on_username_lower`
index when the `=` operator is used against the `username_lower` column.

Based on the PG mailing list discussion where support for the `=`
operator in gist_trgm_ops was being considered, it stated that "I also have checked that btree_gist is preferred over pg_trgm gist
index for equality search." This is however quite different from reality
on our own PG clusters where the btree index is not preferred leading to
significantly slower queries when the `=` operator is used.

Since the pg_trgm gist index is only used for queries when the `user_search_similar_results` site setting
is enabled, we decided to drop the feature instead as it is hidden and
disabled by default. As such, we can consider it experiemental and drop
it without deprecation.

PG mailing list discussiong: https://www.postgresql.org/message-id/CAPpHfducQ0U8noyb2L3VChsyBMsc5V2Ej2whmEuxmAgHa2jVXg%40mail.gmail.com
2024-09-13 09:04:02 +08:00
Ella E. fa83e7b07d
FIX: Regression in short description in admin badges page (#28884) 2024-09-12 12:21:42 -06:00
Tobias Eigen 451572cf0d
updated sidebar links to security settings and spam settings (#27993)
made sidebar links to "security settings" and "spam settings" unambiguous.
2024-09-12 09:03:04 -07:00
Tobias Eigen ca232d834b
removed periods from one-liner instructions on signup form (#27902)
* removed periods from one-liner instructions on signup form

we want to skip periods and unnecessary punctuation on single sentence instructions in the UI, to make them easier to scan for users

* Update client.en.yml
2024-09-12 09:01:52 -07:00