Commit Graph

7711 Commits

Author SHA1 Message Date
Arpit Jalan 4326827a4e
FIX: second factor cannot be enabled if SSO is enabled (#10880)
* FIX: second factor cannot be enabled if SSO is enabled

If `enable_sso` setting is enabled then admin should not be able to
enable `enforce_second_factor` setting as that will lock users out.

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-09 22:36:38 +05:30
Guo Xiang Tan cabbc32024 FIX: Scheduled jobs not showing up in /sidekiq/schedule in dev. 2020-10-08 10:24:51 +08:00
Sam 120fa8ad2f
PERF: Introduce absolute limit of digests per 30 minutes (#10845)
To avoid blocking the sidekiq queue a limit of 10,000 digests per 30 minutes
is introduced.

This acts as a safety measure that makes sure we don't keep pouring oil on
a fire.

On multisites it is recommended to set the number way lower so sites do not
dominate the backlog. A reasonable default for multisites may be 100-500.

This can be controlled with the environment var

DISCOURSE_MAX_DIGESTS_ENQUEUED_PER_30_MINS_PER_SITE
2020-10-07 17:30:15 +11:00
Martin Brennan 6e2be3e60b
FIX: When admin changes an email for the user the user must confirm the change (#10830)
See https://meta.discourse.org/t/changing-a-users-email/164512 for additional context.

Previously when an admin user changed a user's email we assumed that they would need a password reset too because they likely did not have access to their account. This proved to be incorrect, as there are other reasons a user needs admin to change their email. This PR:

* Changes the admin change email for user flow so the user is sent an email to confirm the change
* We now record who the email change request was requested by
* If the requested by user is admin and not the user we note this in the email sent to the user
* We also make the confirm change email route open to anonymous users, so it can be clicked by the user even if they do not have access to their account. If there is a logged in user we make sure the confirmation matches the current user.
2020-10-07 13:02:24 +10:00
Arpit Jalan f4c7c7bff3
FEATURE: bulk remove tags (#10831)
https://meta.discourse.org/t/bulk-actions-remove-tags-in-addition-to-change-tags/52145
2020-10-06 22:41:55 +05:30
Discourse Translator Bot 29a9ae1b50 Update translations 2020-10-06 15:43:13 +02:00
Penar Musaraj 4efbf8dc4f
Remove "further reading" step from wizard (#10825)
Instead, add link to top themes on meta in wizard's last step.
2020-10-05 15:06:05 -04:00
Penar Musaraj a4356b99af
FEATURE: Separate base and heading font site_settings (#10807)
Allows site administrators to pick different fonts for headings in the wizard and in their site settings. Also correctly displays the header logos in wizard previews.
2020-10-05 13:40:41 -04:00
Robin Ward 80a5482f28 Embedded topics are now unlisted by default
Previously this site setting `embed unlisted` defaulted to false and
empty topics would be generated for embed, but those topics tend to take
up a lot of room on the topic lists.

This new default creates invisible topics by default until they receive
their first reply.
2020-10-05 12:09:20 -04:00
Arpit Jalan 9b45391cf9
FEATURE: explain why invites are disabled to staff users (#10810)
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-10-03 13:05:26 +05:30
Robin Ward 23f24bfb51 REFACTOR: Move javascript tests inside discourse app
This is where they should be as far as ember is concerned. Note this is
a huge commit and we should be really careful everything continues to
work properly.
2020-10-02 11:29:36 -04:00
Krzysztof Kotlarek 5cf411c3ae
FIX: move hp request from /users to /token (#10795)
`hp` is a valid username and we should not prevent users from registering it.
2020-10-02 09:01:40 +10:00
Robin Ward a3c81a85cd
Update server.en.yml 2020-09-30 14:11:26 -04:00
Robin Ward e2b9d93556
Update server.en.yml 2020-09-30 14:11:12 -04:00
Jeff Atwood 8fd8114e97 minor copyedit 2020-09-30 10:46:27 -07:00
Penar Musaraj fb57fe7e36
FIX: Allow .otf fonts to be delivered via cdn (#10787)
The discourse-fonts package includes NotoSansJP (bold and regular), but
it is an OTF font, and it results in 404s in CDN requests.
2020-09-30 11:59:46 -04:00
Arpit Jalan ff44515a18
FIX: better error message if invite is expired (#10783)
https://meta.discourse.org/t/invite-token-is-invalid/165270/5?u=techapj
2020-09-30 20:32:33 +05:30
Joffrey JAFFEUX 318dadaf37
FIX: correct value of auto and adds nohighlight to the description (#10771) 2020-09-30 15:39:47 +10:00
Jeff Atwood a0bbc346cb minor copyedit 2020-09-29 16:47:54 -07:00
Arpit Jalan 025490ecb9
FEATURE: composer option to reload page and force save draft (#10773) 2020-09-29 22:29:03 +05:30
Discourse Translator Bot ecfca965f2 Update translations 2020-09-29 13:01:52 +00:00
Martin Brennan 3cd601dcc9
FIX: Admin change email for user process improvements and fixes (#10755)
See https://meta.discourse.org/t/changing-a-users-email/164512 for context.

When admin changes an email for a user, we were incorrectly sending the password reset email to the user's old address. Also the new email does not come into effect until the reset password process is done, so this PR adds some notes to the admin to make this clearer.
2020-09-29 09:45:45 +10:00
Arpit Jalan f7940b1d20
FEATURE: advanced search option for max posts count (#10761)
This commit adds an option to search for max posts count and updates
the UI for posts count search to show a min/max range in single line.
2020-09-28 21:34:16 +05:30
Arpit Jalan 4fcb307f84 UX: consistent password label on signup and invites page 2020-09-28 20:45:12 +05:30
Arpit Jalan 50d53508b1 UX: show range for advanced search views filter. 2020-09-28 16:07:44 +05:30
Arpit Jalan 30ffd3a44d Update locale for minimum posts filter on advanced search. 2020-09-25 08:18:03 +05:30
Mark VanLandingham 1a29801e2d
UX: More upbeat message when topic list is empty (#10740) 2020-09-24 12:05:58 -07:00
David Taylor f1d64bbbe5
FEATURE: Add a site setting to control automatic auth redirect (#10732)
This allows administrators to stop automatic redirect to an external authenticator. It only takes effect when there is a single authentication method, and the site is login_required
2020-09-24 17:06:07 +01:00
Penar Musaraj f55807922e
UX: Use simple list for settings without choice options (#10737)
It's a more user-friendly alternative to the default select-kit list,
for settings that are simple lists of items (the regular list widget is
better for settings with choice options).
2020-09-24 08:58:45 -04:00
Arpit Jalan cdf45f4fe6 Update regex for views search filter. 2020-09-24 17:05:55 +05:30
Arpit Jalan 5b0ce25dd7 Update locale for views search filter. 2020-09-24 16:33:53 +05:30
Arpit Jalan 0c5cd0d1ef FEATURE: advanced search filters for view count 2020-09-24 15:22:18 +05:30
Sam Saffron 580383dff3
FEATURE: change default size for search recent posts
The site setting `search_recent_posts_size` controls the window of posts
that we will search through before trying to search through the full index

If this number is too low then the search quality can suffer a lot as recent
posts may dominate search. If the number is too high then performance will
suffer.

This attempts to find a happy medium, 1 million posts will cover the majority
of forums out there and should perform adequately.
2020-09-24 17:04:55 +10:00
Bianca Nenciu eb891778ff
DEV: Do not translate font names (#10723)
Use the names as provided by discourse-fonts and remove the
translated strings.

It also ensures that the selected font is present in case a font will
be removed in the future.
2020-09-23 12:00:07 +03:00
Vinoth Kannan 1504fe7231 DEV: make it possible to enable cdn in development environment. 2020-09-23 11:52:16 +05:30
Simon Cossar 0f04864da1
Improve staff_like_weight copy to indicate how the value is applied (#10726) 2020-09-22 14:57:56 -07:00
Kris cba3d3782d
A11Y: Add label to share link input (#10717) 2020-09-22 17:26:03 -04:00
Robin Ward ce3fe2f4c4 REFACTOR: Support bundling our `admin` section as an ember addon 2020-09-22 15:14:29 -04:00
Discourse Translator Bot c86538097d Update translations 2020-09-22 13:04:13 +00:00
Krzysztof Kotlarek 0bb51dcbfa
FIX: TL2 promotion message and advance training (#10679)
This is a little bit of refactoring. Core Discourse should have default promotion message for TL2.

In addition, when the Discobot plugin is enabled, the user is invited to advanced training
2020-09-22 10:17:52 +10:00
Sam Saffron 8867bd4abe
DEV: allow larger recent post size
Limiting to 100,000 is too small, some sites may want a far higher limit.

Low numbers on recent_posts_size can impact search quality
2020-09-22 08:40:19 +10:00
Jarek Radosz 1db8315a8b UX: Remove the post number from a composer label
It didn't provide much value to users as it often didn't match the number visible in the topic timeline. That's because `postNumber` is an implementation detail, while the timeline counts only full visible posts (no whispers, topic action notices, etc.)
2020-09-21 14:47:36 +02:00
Joffrey JAFFEUX f785b04dc0
FIX: missing / after basePath was causing the URL to be relative (#10708) 2020-09-19 11:27:03 +02:00
Roman Rizzi f85f73be88
FEATURE: Review posts with media. (#10693)
To check if a post contains any embedded media, we look if the "image_sizes" attribute is present in the new post manager arguments.

We want to see one boxed links, but we only store the raw content of the post. To work around this, I extracted the onebox logic from the composer editor into a module.
2020-09-18 12:45:09 -03:00
David Taylor ce686a008f
DEV: Refresh site settings on Redis fallback (#10700)
This ensures that all app instances have up-to-date data, even if they missed a message-bus update during the failover
2020-09-18 11:44:25 +01:00
Guo Xiang Tan d83d9ec408
DEV: Clear all `DistributedCache` on Redis fallback. 2020-09-18 11:31:49 +08:00
Osama Sayegh a92d88747e
DEV: Add ENV variable for enabling MiniProfiler snapshots (#10690)
* DEV: Add ENV variable for enabling MiniProfiler snapshots

* MiniProfiler is not loaded in test env
2020-09-17 18:18:35 +03:00
Daniel Waterworth 6e69c25134 FIX: Use asset_hostnames in rails_multisite
We want to respond to the x-forwarded-for host from the CDN too.
2020-09-17 10:32:43 +01:00
Guo Xiang Tan b47b640598
FEATURE: Hidden `SiteSetting.keep_old_ip_address_count` to track IP history. 2020-09-17 12:50:39 +08:00
Martin Brennan 49bd066037
FEATURE: Default allow embed secure images in email to true (#10688)
We are making the changes from the PR #10563 the default behaviour. Now, if secure media is enabled, secure images will be embedded in emails by default instead of redacting them and displaying a message. This will be a nicer overall experience by default, and for forums that want to be super strict with redaction this setting can always be disabled.
2020-09-17 14:15:02 +10:00
Discourse Translator Bot 6734a82260 Update translations 2020-09-16 10:17:56 +00:00
Discourse Translator Bot 44aac1b44b Update translations 2020-09-16 04:27:51 +00:00
Penar Musaraj 6610576deb
FIX: Clear stylesheet cache on base font change
Previously, we were not clearing the cache on themes using the default
color scheme.
2020-09-15 13:13:09 -04:00
Daniel Waterworth 19b24e178c SECURITY: __ws shouldn't be able to override every domain in multisite 2020-09-15 17:35:57 +01:00
Penar Musaraj 273db57d6e
FEATURE: Allow admins to delete user SSO records in the UI (#10669)
Also displays the user's last payload in the admin UI to help with debugging SSO issues.
2020-09-15 10:00:10 -04:00
Discourse Translator Bot 5990c71c29 Update translations 2020-09-15 13:04:17 +00:00
Martin Brennan 5268568d23
FEATURE: Remove user topic timers and migrate to bookmarks with reminders (#10474)
This PR removes the user reminder topic timers, because that system has been supplanted and improved by bookmark reminders. The option is removed from the UI and all existing user reminder topic timers are migrated to bookmark reminders.

Migration does this:

* Get all topic_timers with status_type 5 (reminders)
* Gets all bookmarks where the user ID and topic ID match
* Loops through the found topic timers
  * If there is no bookmark for the OP of the topic, then we just create a bookmark with a reminder
  * If there is a bookmark for the OP of the topic and it does **not** have a reminder set, then just 
update it with the topic timer reminder
  * If there is a bookmark for the OP of the topic with a reminder then just discard the topic timer
* Cancels all outstanding user reminder topic timers
* **Trashes (not deletes) all user reminder topic timers**

Notes:

* For now I have left the user reminder topic timer job class in place; this is so the jobs can be cancelled in the migration. It and the specs will be deleted in the next PR.
* At a later date I will write a migration to delete all trashed user topic timers. They are not deleted here in case there are data issues and they need to be recovered.
* A future PR will change the UI of the topic timer modal to make it look more like the bookmark modal.
2020-09-14 11:11:55 +10:00
Sam Saffron 44fba9463b
FEATURE: Add support for not persistent sessions
In some cases Discourse admins may opt for sessions not to persist when a
browser is closed.

This is particularly useful in healthcare and education settings where
computers are shared among multiple workers.

By default `persistent_sessions` site setting is enabled, to opt out you
must disable the site setting.
2020-09-11 15:11:24 +10:00
Vinoth Kannan 9e4ed03b8f FEATURE: moderators allowed to view groups which members can see.
Currently, if a group's visibility is set to "Group owners, members" then the mods can't view those group pages. The same rule is applied for members visibility setting too.

This reverts commit 7fc7090. And fixed the spec test fails.
2020-09-11 08:20:13 +05:30
Guo Xiang Tan 7fc70900d2
Revert "FEATURE: moderators allowed to view groups which members can see."
Build is broken.

This reverts commit 2bf0c4188b.
2020-09-11 10:04:54 +08:00
Vinoth Kannan 2bf0c4188b FEATURE: moderators allowed to view groups which members can see.
Currently, if a group's visibility is set to "Group owners, members" then the mods can't view those group pages. The same rule is applied for members visibility setting too.
2020-09-11 03:33:44 +05:30
Martin Brennan dede942007
FEATURE: Allow email image embed with secure media (#10563)
This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced:

* `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them.
* `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`.

`Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients.

All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`.

Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions.

![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
2020-09-10 09:50:16 +10:00
Marcus Baw 24cd3e2c2c fix typo
Permenantly Delete -> Permanently Delete
2020-09-09 13:10:33 -04:00
Discourse Translator Bot 1c71f81144 Update translations 2020-09-09 14:59:40 +00:00
Joffrey JAFFEUX 8413d27cf2
FIX: handles different cases of canInvite/canRemove states in PM (#10607) 2020-09-08 16:35:59 +02:00
awesomerobot 13c9d7e704 UX: Add missing labels to mobile composer buttons 2020-09-04 22:18:29 -04:00
Bianca Nenciu 58b97ace23
DEV: Use a special import to declare font faces (#10583)
Update discourse-fonts to v0.0.3.

Follow-up to 7b7357147e.
2020-09-04 16:25:50 +03:00
Jarek Radosz 4f48304a44 DEV: Remove an unused i18n string
The related code was removed in 86cb5803ba
2020-09-03 16:32:46 +02:00
Bianca Nenciu 803841ca47
FIX: Remove font-famly property in .font- classes 2020-09-02 16:29:09 +03:00
Gerhard Schlager 31c1d57228
FIX: System message wasn't fully translatable 2020-09-02 15:24:25 +02:00
Sam Saffron 7b7357147e
FIX: add cache breaker for fonts
This is a temporary fix since fonts may be cached without CORS

A larger scale change needed.

Our long term solution here is to have the SCSS compilation pipeline take
care of this by introducing some SCSS var that can be consumed in the various
stylesheets.

We do not want to write a file on boot
2020-09-02 12:17:28 +10:00
Sam Saffron f5051ec833
FIX: Allow fonts to be delivered via CDN
We introduced support for custom fonts which are shipped out of the `/fonts`
directory, however we did not provide a bypass in our NGINX config.
2020-09-02 10:19:19 +10:00
Discourse Translator Bot 71da5e0e27 Update translations 2020-09-01 13:02:16 +00:00
Guo Xiang Tan 069a109cbb
DEV: Require scheduled job in development to avoid loading file twice.
This removes the need to memoize constant in order to avoid the "warning: already initialized constant".
2020-09-01 10:14:40 +08:00
Guo Xiang Tan 09a89cff1a
DEV: Increase log levels for more assets/static paths. 2020-09-01 09:52:50 +08:00
tshenry 2550c5bd03
FIX: Ensure disabling 2FA works as expected (#10485) 2020-08-31 09:56:57 -07:00
Bianca Nenciu f2e14a3946
FEATURE: Add site setting and wizard step to set base font (#10250)
Co-authored-by: Neil Lalonde <neillalonde@gmail.com>
2020-08-31 13:14:09 +03:00
Guo Xiang Tan 20bd6d9797
DEV: Only eagerload scheduled jobs in a Sidekiq process. 2020-08-31 14:28:38 +08:00
Penar Musaraj b7cfc9e861
FEATURE: User selectable color schemes (#10544) 2020-08-28 10:36:52 -04:00
David Taylor a3577435f7
FEATURE: Additional control of iframes in oneboxes (#10523)
This commit adds a new site setting "allowed_onebox_iframes". By default, all onebox iframes are allowed. When the list of domains is restricted, Onebox will automatically skip engines which require those domains, and use a fallback engine.
2020-08-27 20:12:13 +01:00
Vinoth Kannan a8502ae1c4
FEATURE: add dismiss unread topics button when filtered by tag. (#10547) 2020-08-27 23:04:45 +05:30
Guo Xiang Tan 40c6d90df3 PERF: Create a partial regular post_search_data index on large sites.
With the addition of `PostSearchData#private_message`, a partial
index consisting of only search data from regular posts can be created.
The partial index helps to speed up searches on large sites since PG
will not have to do an index scan on the entire search data index which
has shown to be a bottle neck.
2020-08-27 13:42:00 +08:00
Gerhard Schlager 354014099d Update copy and remove unused strings 2020-08-26 18:08:41 +02:00
jahan-ggn ae7ff5eb73
FEATURE: Added sort by username for directory items (#10482)
* done-sorting-usernames-on-users-page

* sorted-usernames-on-users-page

* spec written

* specs added
2020-08-26 10:14:20 -04:00
Discourse Translator Bot 6c3b1eb9b9 Update translations 2020-08-26 09:27:35 +00:00
Discourse Translator Bot d495464ead Update translations 2020-08-25 13:02:37 +00:00
Gerhard Schlager 6c09fd4289 DEV: Remove unused code and translations 2020-08-25 11:41:19 +02:00
Gerhard Schlager 10e6e8d307
Use quotes instead of grave accent 2020-08-25 11:39:11 +02:00
Guo Xiang Tan f08d440ea0
DEV: Disable migration advisory locks in dev and test environment.
There is a bug in Rails that leaks an idle PG session which will prevent
the dropping of the database.
2020-08-25 14:20:58 +08:00
Krzysztof Kotlarek 7b6f8517bf
FIX: limit number of users addable to group at once (#10510)
When someone wants to add > 1000 users at once they will hit a timeout.
Therefore, we should introduce limit and inform the user when limit is exceeded.
2020-08-25 08:55:21 +10:00
Roman Rizzi dd13304b81
FEATURE: More API scopes (#10493) 2020-08-24 12:15:08 -03:00
Vinoth Kannan 0b58fee424 minor copyedit on site setting and user option descriptions 2020-08-22 13:11:57 +05:30
Penar Musaraj 1acb2f752b
DEV: Add DISABLE_MINI_PROFILER development ENV variable 2020-08-21 09:33:22 -04:00
Penar Musaraj 8b2c4b07a4
UX: Tweaks to admin color palette dropdown (#10502) 2020-08-21 09:30:11 -04:00
Martin Brennan 2aa1482421
FIX: Bookmark list showing wrong no content message (#10501)
Meta report: https://meta.discourse.org/t/spurious-permissions-error-after-deleting-last-bookmark/161289

When deleting all bookmarks in their list, users were seeing an "access denied" message instead of the regular no content message. This is because when we were calling loadMore and no further results were returned, we were presuming the null response from the resolved promise meant that there was a permissions error. Fixed this and moved the message into a computed property to show the correct message.
2020-08-21 11:01:12 +10:00
Vinoth Kannan 8348a41124
FEATURE: add `regular_categories` field in site setting & user option. (#10477)
Like "default watching" and "default tracking" categories option now the "regular" categories support is added. It will be useful for sites that are muted by default. The user option will be displayed only if `mute_all_categories_by_default` site setting is enabled.
2020-08-20 00:35:04 +05:30
Mark VanLandingham a3c0d4a8b5
FIX: Error message when setting enforce 2fa with social logins (#10479) 2020-08-19 13:16:31 -05:00
Neil Lalonde 96511e4548
UX: better wording when there are no unused tags to delete 2020-08-19 12:17:48 -04:00
jbrw aa1fc01307
FEATURE - Moderators can create and manage groups (#10432)
Enabling the moderators_manage_categories_and_groups site setting will allow moderator users to create/manage groups.

* show New Group form to moderators

* Allow moderators to update groups and read logs, where appropriate

* Rename site setting from create -> manage

* improved tests

* Migration should rename old log entries

* Log group changes, even if those changes mean you can no longer see the group

* Slight reshuffle

* RouteTo /g if they no longer have permissions to view group
2020-08-19 10:41:40 -04:00
Penar Musaraj 328ad921fb
FIX: display label when theme uses default color scheme 2020-08-18 21:11:15 -04:00
Roman Rizzi 390615fbcd
UX: Help users understand the meaning of each scope. (#10468) 2020-08-18 15:12:04 -03:00
Penar Musaraj 882b0aac19
DEV: Let themes extend color definitions (#10429)
Themes can now declare custom colors that get compiled in core's color definitions stylesheet, thus allowing themes to better support dark/light color schemes. 

For example, if you need your theme to use tertiary for an element in a light color scheme and quaternary in a dark scheme, you can add the following SCSS to your theme's `color_definitions.scss` file: 

```
:root {
  --mytheme-tertiary-or-quaternary: #{dark-light-choose($tertiary, $quaternary)};
}
```

And then use the `--mytheme-tertiary-or-quaternary` variable as the color property of that element. You can also use this file to add color variables that use SCSS color transformation functions (lighten, darken, saturate, etc.) without compromising your theme's compatibility with different color schemes.
2020-08-18 13:02:13 -04:00
Discourse Translator Bot d0faee3bd8 Update translations 2020-08-18 13:02:44 +00:00
Vinoth Kannan 562180dd9a
FEATURE: add option to skip new user tips in first notification. (#10462) 2020-08-18 13:43:40 +05:30
Penar Musaraj 3745f2bb86
FEATURE: Dark mode alternative logos (#10441) 2020-08-17 15:43:20 -04:00
jahan-ggn 65649eaef0
User card settings (#10302)
* settings implemented

* prettier

* settings updated

* rubocop

* prettier

* Revert "rubocop"

This reverts commit 7805145a7d.

* Revert "prettier"

This reverts commit 2c53f4fa12.

* settings updated and changed

* rubocop

* changes applied

* final changes done

* Server side feature added

* spec changed

* changed user_updater and profile file

* Fix user card specs

* web hook serializer solved

* site-setting changed

Co-authored-by: Mark VanLandingham <markvanlan@gmail.com>
2020-08-17 12:37:45 -04:00
Vinoth Kannan 476d26159a
FEATURE: add new user option `skip_new_user_tips`. (#10437)
And add new site setting `default_other_skip_new_user_tips` in user preferences category.
2020-08-14 19:10:56 +05:30
Neil Lalonde d65a839577
FEATURE: allow group membership to unmute categories and tags
For sites that are configured to mute some or all categories and tags
for users by default, groups can now be configured to set members'
notification level to normal from the group manage UI.
2020-08-13 17:20:53 -04:00
Martin Brennan e059677bf7
Reveal IMAP site settings 2020-08-12 13:08:41 +10:00
Discourse Translator Bot 1a78a429b5 Update translations 2020-08-11 13:04:00 +00:00
Blake Erickson 2032c11f78
FIX: Return 422 when creating topics with tags w/out permission (#10400)
The UI prevents users from trying to create tags on topics when they
don't have permission, but if you are trying to add tags to a topic via
the API and you don't have permission before this change it would
silently succeed in creating the topic, but it wouldn't have any tags.

Now a 422 error will be returned with an error message when trying to
create a topic with tags when tagging is disabled or you don't have
enough trust level to add tags to a topic.

Bug report: https://meta.discourse.org/t/-/70525/14
2020-08-10 16:14:15 -06:00
Mark VanLandingham b7a092bd28
FEATURE: Group category permissions tab (#10388) 2020-08-10 09:49:05 -05:00
Régis Hanol bc63232d2e
FIX: sync reviewable count when opening the hamburger menu (#10368)
When a tab is open but left unattended for a while, the red, green, and blue
pills tend to go out of sync.

So whevener we open the notifications menu, we sync up the notification count
(eg. blue and green pills) with the server.

However, the reviewable count (eg. the red pill) is not a notification and
is located in the hamburger menu. This commit adds a new route on the server
side to retrieve the reviewable count for the current user and a ping
(refreshReviewableCount) from the client side to sync the reviewable count
whenever they open the hamburger menu.

REFACTOR: I also refactored the hamburger-menu widget code to prevent repetitive uses
of "this.".

PERF: I improved the performance of the 'notify_reviewable' job by doing only 1 query
to the database to retrieve all the pending reviewables and then tallying based on the
various rights.
2020-08-07 18:13:02 +02:00
jbrw 3593e582a3
FIX - limit number of embedded media items in a post (#10391)
* FIX - limit number of embedded media items in a post

* Add renamed settings to DeprecatedSettings
2020-08-07 12:08:59 -04:00
Penar Musaraj 86cb5803ba
Convert HEIC uploads to JPG by default (#10395) 2020-08-07 11:17:50 -04:00
Penar Musaraj 9c9aa21726
Add site setting to pick dark mode color scheme (#10390)
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-08-07 08:52:47 -04:00
Guo Xiang Tan e60c74d3c1
FEATURE: Use PG `ts_headline` for highlighting topic title in search. 2020-08-07 12:43:09 +08:00
Krzysztof Kotlarek fb9c2e5f89
FEATURE: notification for vote plugin (#10384)
This must exist in core as we want to see a correct notification after disable of the voting plugin.
2020-08-07 09:51:16 +10:00
Neil Lalonde 1ca81fbb95
FEATURE: set notification levels when added to a group (#10378)
* FEATURE: set notification levels when added to a group

This feature allows admins and group owners to define default
category and tag tracking levels that will be applied to user
preferences automatically at the time when users are added to the
group. Users are free to change those preferences afterwards.
When removed from a group, the user's notification preferences aren't
changed.
2020-08-06 12:27:27 -04:00
Penar Musaraj 6fdc711b4a
FEATURE: Allow users to opt out of automatic dark mode (#10377) 2020-08-06 09:45:37 -04:00
Gerhard Schlager 81247c1f6a DEV: Remove mention of Transifex from locale files 2020-08-06 13:34:00 +02:00
Guo Xiang Tan 2193d02433
PERF: Use PG headlines for blurb generation and highlighting for search. 2020-08-06 14:56:29 +08:00
Discourse Translator Bot a68533b394 Update translations 2020-08-05 13:55:12 +00:00
Sam Saffron ee10002e20
FIX: excerpts larger than 999 are not supported
underlying column can only fit 1000 chars.
2020-08-05 16:20:36 +10:00
Mark VanLandingham b76731d722
FEATURE: Invite emails to groups from add member modal (#10308) 2020-08-04 10:02:01 -05:00
Penar Musaraj c937afc75e
FEATURE: automatic dark mode (#10341)
A first step to adding automatic dark mode color scheme switching. Adds a new SCSS file at `color_definitions.scss` that serves to output all SCSS color variables as CSS custom properties. And replaces all SCSS color variables with the new CSS custom properties throughout the stylesheets. 

This is an alpha feature at this point, can only be enabled via console using the `default_dark_mode_color_scheme_id` site setting.
2020-08-03 22:57:10 -04:00
Blake Erickson 8de635fe92
DEV: Show message when cannot invite user to PM (#10336)
* DEV: Show message when cannot invite user to PM

When inviting a user to a PM return a message that says, "Sorry, this
user can't be invited." if they have been muted or are not in a users
allowed pm users list.

* Minor refactor & improved some text
2020-07-31 09:52:19 -06:00
Vinoth Kannan 6a1746a0c5
FEATURE: add expandable muted categories ui to `/categories` page. (#10303)
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-07-30 23:32:51 +05:30
Sam Saffron dc14d156b6
FEATURE: g,j and g,k to navigate to next and prev topic
After visiting a topic list (by tag / category / top level) we track the list

Once a list is tracked the combo `g` `j` can be used to go to the next topic
in the list and `g` `k` to go to previous topic.

This allows you to quickly work through subsets of topics without having
to navigate back to the top level lists

The shortcut does not work in PM lists yet, or search results, both are
under consideration.
2020-07-30 17:54:47 +10:00
Joffrey JAFFEUX 0c7eaa57b2
FEATURE: allows to display charts by day/week/month (#10325) 2020-07-28 16:14:41 +02:00
Matt Palmer 1ad270965c
FEATURE: Allow the specification of an arbitrary unicorn listen address
Useful if you want to, say, have your unicorn listen on a Unix domain
socket, rather than a TCP port, or you want to be able to bind to a
single address other than 127.0.0.1.
2020-07-28 13:03:17 +10:00
Krzysztof Kotlarek ce53180c3b
FIX: add a translation for reaction notification (#10316)
Follow https://github.com/discourse/discourse/pull/10315
2020-07-27 14:57:37 +10:00
Krzysztof Kotlarek e0d9232259
FIX: use allowlist and blocklist terminology (#10209)
This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist.
2020-07-27 10:23:54 +10:00
Martin Brennan a9905ef7e5
FIX: Add enable_email_sync_demon global variable and disable EmailSync demon by default (#10304)
Demon::EmailSync is used in conjunction with the SiteSetting.enable_imap to sync N IMAP mailboxes with specific groups. It is a process started in unicorn.conf, and it spawns N threads (one for each multisite connection) and for each database spans another N threads (one for each configured group).

We want this off by default so the process is not started when it does not need to be (e.g. development, test, certain hosting tiers)
2020-07-24 17:09:29 +10:00
Martin Brennan 1dd3af20c6
FIX: Do not show Email tab for group settings unless IMAP + SMTP enabled (#10301)
Also hide all the SMTP/IMAP related settings to avoid confusion, as this feature is still not 100% ready to go.
2020-07-24 12:00:36 +10:00
Krzysztof Kotlarek 4b053462c0
FIX: display correct status on unsubscribe page (#10294)
There was a bug that even when `email_digest` was set to false but
`digest_after_minutes` was positive, we were not displaying correct
status.

In addition, the message is improved when the user is unsubscribed +
unsubscribe from all is hidden.
2020-07-23 16:20:10 +10:00
Penar Musaraj 7559758e10
FEATURE: Support converting HEIF images to JPEG (#10079) 2020-07-22 21:40:09 -04:00
David Taylor c09b5807f3
FIX: Include resolved locale in anonymous cache key (#10289)
This only applies when set_locale_from_accept_language_header is enabled
2020-07-22 18:00:07 +01:00
Vinoth Kannan 0884d570b1
FEATURE: add support for `top` filter in tag page. (#10281)
Currently, tag pages only have the `latest` filter.
2020-07-22 19:26:36 +05:30
jbrw 0ed784b4fc
FEATURE: Create logs for Group Moderator changes (#10271) 2020-07-21 14:29:02 -04:00
Guo Xiang Tan bb8f1ce8b1
DEV: Consolidate Unicorn error backtraces when logstash is enabled. 2020-07-21 15:35:41 +08:00
Guo Xiang Tan 23778f4bfd
DEV: Avoid logging Redis cannot connect error during failover.
Reduce amount of noise in our logs.
2020-07-21 14:53:46 +08:00
Guo Xiang Tan df66a559c9
DEV: Pause Sidekiq before readonly mode during PG failover. 2020-07-21 13:51:37 +08:00
Guo Xiang Tan 031a6616a3
DEV: Allow writes to PG even if Redis is readonly mode.
Previously, I thought it was better to drop the site into reading mode
when Redis has failed over to the replica but it created more errors
while Redis is in readonly mode since ActiveRecord would prevent us from
writing to PG even though PG is up.
2020-07-21 12:34:07 +08:00
Martin Brennan 41b43a2a25
FEATURE: Add "delete on owner reply" bookmark functionality (#10231)
This adds an option to "delete on owner reply" to bookmarks. If you select this option in the modal, then reply to the topic the bookmark is in, the bookmark will be deleted on reply.

This PR also changes the checkboxes for these additional bookmark options to an Integer column in the DB with a combobox to select the option you want.

The use cases are:

* Sometimes I will bookmark the topics to read it later. In this case we definitely don’t need to keep the bookmark after I replied to it.
* Sometimes I will read the topic in mobile and I will prefer to reply in PC later. Or I may have to do some research before reply. So I will bookmark it for reply later.
2020-07-21 10:00:39 +10:00
Blake Erickson 690f17bcbe
FEATURE: Allow List for PMs (#10270)
* FEATURE: Allow List for PMs

This feature adds a new user setting that is disabled by default that
allows them to specify a list of users that are allowed to send them
private messages. This way they don't have to maintain a large list of
users they don't want to here from and instead just list the people they
know they do want. Staff will still always be able to send messages to
the user.

* Update PR based on feedback
2020-07-20 15:23:49 -06:00
Daniel Waterworth 0b800d307f SECURITY: Bound the amount of work that embed#topics can do
This commit adds a hidden site setting that limits the maximum number of
topics that can be fetched at once via the embed controller.
2020-07-20 13:25:34 +01:00
Daniel Waterworth 9313706649 DEV: Enable preserve_email_structure_when_styling by default
In 1bd8a075, a hidden site setting was added that causes Email::Styles
to treat its input as a complete document in all cases.

This commit enables that setting by default.

Some tests were removed that were broken by this change. They tested the
behaviour of applying email styles to empty strings. They weren't useful
because:

 * Sending empty email is not something we ever intend to do,
 * They were testing incidental behaviour - there are lots of
   valid ways to process the empty string,
 * Their intent wasn't clear from their descriptions,
2020-07-20 10:21:32 +01:00
Guo Xiang Tan 383537a2fa
DEV: Force ActiveRecord reading role on Redis failover take 2. 2020-07-20 16:11:20 +08:00
Guo Xiang Tan 5adf2ccaca
DEV: Force ActiveRecord reading role on Redis failover. 2020-07-20 15:10:53 +08:00
Penar Musaraj bf22f7080d
FEATURE: optional quote sharing buttons (#10254) 2020-07-17 14:44:31 -04:00
Martin Brennan 716ccf7fe4
FIX: Bookmark search fixes (#10239)
* Remove unneeded bookmark name index.
* Change bookmark search query to use post_search_data. This allows searching on topic title and post content
* Tweak the style/layout of the bookmark list so the search looks better and the whole page fits better on mobile.
2020-07-17 15:55:07 +10:00
Roman Rizzi f13ec11c64
FEATURE: Add scopes to API keys (#9844)
* Added scopes UI

* Create scopes when creating a new API key

* Show scopes on the API key show route

* Apply scopes on API requests

* Extend scopes from plugins

* Add missing scopes. A mapping can be associated with multiple controller actions

* Only send scopes if the use global key option is disabled. Use the discourse plugin registry to add new scopes

* Add not null validations and index for api_key_id

* Annotate model

* DEV: Move default mappings to ApiKeyScope

* Remove unused attribute and improve UI for existing keys

* Support multiple parameters separated by a comma
2020-07-16 15:51:24 -03:00
Kane York fa612fca82
FIX: Off-by-one-slash error in topic.notifications.reasons (#10246) 2020-07-15 14:37:27 -07:00
Robin Ward 72c5a389eb FIX: filterPlaceholder is a computed property
These cannot be overridden.
2020-07-15 13:32:27 -04:00
David Taylor 7d300006a1
Revert "PERF: Move highlightjs to a background worker, and add result cache (#10191)"
This caused a CORS error when used with S3 asset storage

This reverts commit d09f283e91.
2020-07-15 13:52:35 +01:00
David Taylor d09f283e91
PERF: Move highlightjs to a background worker, and add result cache (#10191)
Syntax highlighting is a CPU-intensive process which we run a lot while rendering posts and while using the composer preview. Moving it to a background worker releases the main thread to the browser, which makes the UX much smoother.
2020-07-15 12:48:07 +01:00
Guo Xiang Tan 6385fbbfbf
FIX: Ignore document length in search when ranking by relevance.
Considering document length in search introduced too much variance in
our search results such that it makes certain searches better but at the
same time made certain searches worst. Instead, we want to have a more
determistic way of ranking search so that it is easier to reason about
why a post is rank higher in search than another.

The long term plan to tackle repeated terms is to restrict the number of
positions for a given lexeme in our search index.
2020-07-15 13:43:14 +08:00
jbrw 06073fe8c6
FEATURE: Allow group moderators to close/archive topics
* FEATURE: Allow group moderators to close/archive topics
2020-07-14 12:36:19 -04:00
Guo Xiang Tan 5c230266d3
FIX: Inject extra lexemes for host lexeme.
```
discourse_development=# SELECT alias, lexemes FROM TS_DEBUG('www.discourse.org');
 alias |       lexemes
-------+---------------------
 host  | {www.discourse.org}

discourse_development=# SELECT TO_TSVECTOR('www.discourse.org');
      to_tsvector
-----------------------
 'www.discourse.org':1
```

Given the above lexeme, we will inject additional lexeme by splitting
the host on `.`. The actual tsvector stored will look something like

```
               tsvector
---------------------------------------
 'discourse':1 'discourse.org':1 'org':1 'www':1 'www.discourse.org':1
```
2020-07-14 15:32:40 +08:00
Martin Brennan bcc80e0ea8
FEATURE: Add search to user bookmark list (#10230)
User bookmarks can now be searched by name or post raw content. The q querystring param is hooked up from the Ember router as well.
2020-07-14 14:43:41 +10:00
Martin Brennan f4f3e8c401
FIX: Various improvements to bookmark modal UI (#10225)
* Do not autofocus name input on mobile
* Improve code for formatted reminder type times to not be computed, so the modal times update correctly
* Change wording of "Next Monday" to "Monday" for all days except when today is Monday
2020-07-14 14:02:13 +10:00
Dan Ungureanu cf02c518b9
DEV: Merge category and tag hashtags code paths (#10216)
Category and tag hashtags used to be handled differently even though
most of the code was very similar. This design was the root cause of
multiple issues related to hashtags.

This commit reduces the number of requests (just one and debounced
better), removes the use of CSS classes which marked resolved hashtags,
simplifies a lot of the code as there is a single source of truth and
previous race condition fixes are now useless.

It also includes a very minor security fix which let unauthorized users
to guess hidden tags.
2020-07-13 19:13:17 +03:00
Arpit Jalan 7532f24668 UX: better error message if moderator is not allowed to invite to group
UX: do not show invite to group option if mod is not owner of any group
2020-07-13 18:09:36 +05:30
Guo Xiang Tan 54d002f7db
DEV: Fix error introduced in d5c56a846. 2020-07-13 10:13:37 +08:00
Bianca Nenciu 275b748016
FIX: Replace links to removed uploads from reviewables with a placeholder (#10180) 2020-07-10 17:57:06 +03:00
Dan Ungureanu c72bc27888
FEATURE: Implement support for IMAP and SMTP email protocols. (#8301)
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-07-10 12:05:55 +03:00
Rafael dos Santos Silva e866e3d609
FEATURE: Add global rate limit for anon searches (#10208) 2020-07-10 09:08:34 +10:00
Guo Xiang Tan d5c56a846a
DEV: Only failover the entire cluster when the default db goes down. 2020-07-09 11:49:03 +08:00
Martin Brennan 31e31ef449
SECURITY: Add content-disposition: attachment for SVG uploads
* strip out the href and xlink:href attributes from use element that
  are _not_ anchors in svgs which can be used for XSS
* adding the content-disposition: attachment ensures that
  uploaded SVGs cannot be opened and executed using the XSS exploit.
  svgs embedded using an img tag do not suffer from the same exploit
2020-07-09 13:31:48 +10:00
Guo Xiang Tan fd38c2fac3
FIX: Force ActiveRecord reading role if Redis is down take 2.
follow-up f03c7a1ba1
2020-07-09 11:14:19 +08:00
Guo Xiang Tan f03c7a1ba1
FIX: Force ActiveRecord reading role if Redis is down. 2020-07-09 11:13:02 +08:00
Kris 66257ca8b6 FEATURE: Add "smallest" option to user text size preferences 2020-07-07 13:08:19 -04:00
Bianca Nenciu 6705c45156
FEATURE: Add reply_as_new_group_message composer action (#10168) 2020-07-07 18:30:48 +03:00
Joffrey JAFFEUX 56475f57c5
UX: simplifies editing email templates by always having a default (#10179) 2020-07-07 11:44:13 +02:00
Daniel Waterworth 1bd8a075d8 FIX: Make Email::Styles operate on html documents instead of fragments
`Nokogiri::HTML.fragment` is a huge hack (a comment in the source code
admits this). The current behavior of `Email::Styles` is to try to
emulate `fragment` using nokogumbo, but it misses some edge cases. In
particular, meta tags in a email template don't make it through to the
final email.

Instead of treating the provided HTML as an indeterminate fragment, this
commit makes `Email::Styles` treat the HTML as a complete document. This
means that the generated HTML for an email will now always contain top
level structure (a doctype, html, head and body tags).

This new behavior is behind a hidden site setting for now and defaults
off.
2020-07-06 11:45:39 +01:00
David Taylor 5284d41a8e
FEATURE: Optionally skip the create account popup for external auth 2020-07-06 10:18:57 +01:00
David Taylor 977766e7a8
FEATURE: sso_overrides_(email|username|name) for all auth methods
These settings previously applied only to discourse-sso. Now they work for all external authentication methods.
2020-07-06 10:18:45 +01:00
Sam Saffron 199a53e936
UX: suppress "in reply to" section in emails by default
Previously we would include this section, unfortunately

1. It is usually elided in gmail
2. It can make the emails longer and more confusing
3. Omission is a feature, it means people need to visit site to get context
2020-07-06 10:40:04 +10:00
Guo Xiang Tan af52df2d96
DEV: Add hidden site setting for PG search ranking normalization. 2020-07-02 14:11:18 +08:00
Guo Xiang Tan 82964265cc
DEV: Remove logster current context config.
Multisite middleware sits at the top of the middleware stack.
2020-07-01 11:44:22 +08:00
Mark VanLandingham cd5cfc1496
FEATURE: Site setting to always show category definitions (#10124) 2020-06-29 13:22:02 -05:00
Guo Xiang Tan 2c4c953bf8
DEV: Avoid logging errors on bad Redis connection during PG failover. 2020-06-29 11:54:55 +08:00
Sam Saffron 88459e08c9
FEATURE: allow disabling of extra term injection in search
There is a feature in search where we take over from the tokenizer
in postgres and attempt to inject more words into search.

So for example: sam.i.am will inject the words i and am.

This is not ideal cause there are many edge cases and this can
cause extreme index bloat.

This is an opening move commit to make it configurable, over the
next few weeks we will evaluate and decide if we disable this by
default or simply remove.
2020-06-25 13:36:52 +10:00
Guo Xiang Tan 42a6c8a85f
DEV: Rescue from ActiveRecord::Readonly error in lograge. 2020-06-25 10:25:28 +08:00
Neil Lalonde 8e07ee7e36
Update translations
Carefully because permalink.external_url is untranslated in many
locales due to a recent change in client.en.yml in 516a03be09.
2020-06-24 10:47:45 -04:00
Guo Xiang Tan 27b2e335ef
DEV: Retry on distributed mutex timeout error when starting sidekiq.
We need Sidekiq to start `mini_scheduler` no matter what. Timeouts
happen when trying to boot an app with Redis in readonly mode.
2020-06-23 15:43:28 +08:00
Bianca Nenciu 68f767a557
FEATURE: Check if selectable avatars exist before enabling them (#10032) 2020-06-22 16:58:26 +03:00
Bianca Nenciu 685646540a
FIX: Hide PM tags if the site setting is disabled (#10089)
* FIX: Hide PM tags if the site setting is disabled

* Apply code suggestions
2020-06-22 16:48:24 +03:00
Guo Xiang Tan 3370ef188e
FEATURE: Remove deprecated uploads url site settings.
The site settings have been replaced with direct image upload since
Discourse 2.3.
2020-06-22 14:32:29 +08:00
Martin Brennan 516a03be09
FIX: Improve admin permalink UX (#10101)
The admin permalink list was a little tricky to use because the URLs are easily reduced with a ... if they are too long. This adds a copy to clipboard button for the URL and a title on hover so the full text of the URL can be seen.
2020-06-22 13:14:16 +10:00
Gerhard Schlager 390dc5c7a9 Update translations 2020-06-21 11:58:21 +02:00
Robin Ward 4a2871f7f6
FEATURE: Don't display muted/ignored users under "who liked" (#10084)
* FEATURE: Don't display muted/ignored users under "who liked"

Previously, if you clicked on the heart icon below a post
it would show you the avatar for a user even if you ignored or muted
them.

This commit will instead display a (?) icon. The count of likes will
remain correct, but you needn't be reminded of the person you
preferred not to see.

* Use a circle instead of (?) for unknown user
2020-06-19 10:44:21 -04:00
Robin Ward 494a27dc27 FIX: A much nicer error message if you can't ignore/mute a user 2020-06-18 13:41:27 -04:00
Patrick Schleizer 2d63d7d05e
make unix domain sockets listening example match web.socketed.template.yml (#10060) 2020-06-18 11:30:08 -04:00
Bernhard Suttner e31471585a
DEV: allow to have duplicate topic titles if categegory is different (#10034)
Co-authored-by: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-06-18 11:19:47 -04:00
Jeff Atwood 978aba632e minor copyedit on site setting description 2020-06-17 14:13:52 -07:00
David Taylor 159fc41f40
FIX: Restore missing translation keys
These were accidentally removed/renamed in 5bfe1ee4
2020-06-17 14:24:22 +01:00
Joffrey JAFFEUX 9da3a7f436
FEATURE: allows published pages to be public (#10053) 2020-06-17 12:42:20 +02:00
Samuel Carvalho Santos ce37561e10
UX: Improve revert label in post history modal (#10038) 2020-06-16 11:31:25 -04:00
Jeff Atwood 2bbb870b11 copyedit on push icon help text 2020-06-15 22:43:55 -07:00
Guo Xiang Tan def4cd33ea
DEV: Disable Redis warnings. 2020-06-16 12:53:04 +08:00
Guo Xiang Tan c611f3703c
DEV: Don't use logster when logging in Redis failover. 2020-06-16 11:53:52 +08:00
Guo Xiang Tan b08a0d15c4
DEV: Fix undefined method due to rails_failover. 2020-06-16 11:03:57 +08:00
Guo Xiang Tan 092ae858af
DEV: Bump rails_failover.
Avoid configuring AR stuff if `replica_host` and `replica_port` hasn't
been provided.
2020-06-16 10:51:21 +08:00
Guo Xiang Tan 402b80f306
DEV: Make rails_failover compatible with `SKIP_DB_AND_REDIS` env. 2020-06-15 16:23:24 +08:00
Guo Xiang Tan e0d798c06c
DEV: Fix undefined method. 2020-06-15 16:04:41 +08:00
Guo Xiang Tan f38438c6de
DEV: Don't configure rails_failover is db and redis is skipped take 2 2020-06-15 16:02:30 +08:00
Guo Xiang Tan e0fdf41537
DEV: Don't configure rails_failover is db and redis is skipped. 2020-06-15 15:56:57 +08:00
Guo Xiang Tan 58e52c0e4f
DEV: Use rails_failover gem for ActiveRecord and Redis failover handling 2020-06-15 15:47:07 +08:00
Guo Xiang Tan d8cd912769
DEV: Switch to db config to disable advisory locks. 2020-06-15 14:33:41 +08:00
Martin Brennan 35a157619a
FEATURE: Add "Now" as an option (default hidden) to the future date input selector (#10047)
Sometimes you need to schedule things from now onward. "Now" in this case is now + 1 minute. this option is hidden by default.
2020-06-15 14:06:03 +10:00
Guo Xiang Tan 0ff86b00cb
DEV: Upgrade Redis to 4.2.1. 2020-06-15 10:05:22 +08:00
Gerhard Schlager 36a3675e0a Update translations 2020-06-14 23:39:33 +02:00
Guo Xiang Tan c9964b95ce
DEV: Increase log level for `/srv/status` route.
This reduces the amount of noise in our logs.
2020-06-12 12:17:28 +08:00
Guo Xiang Tan 78b5ab746c
DEV: No longer need to clear anon cache when toggling readonly mode. 2020-06-12 09:58:17 +08:00
Guo Xiang Tan dc4071dfef
DEV: Use `Rails.logger` instead of logster for rails_failover callbacks
`Discourse.warn_exception` logs to logger by default but it means we
lose all the backtrace when the logs are written to the log file.
2020-06-11 17:24:32 +08:00
Guo Xiang Tan b66f2187f1
DEV: Don't use logstash for unicorn if ENV is blank. 2020-06-11 15:58:18 +08:00
Guo Xiang Tan 1411b095eb
DEV: Rescue errors when runngin AR failover/fallback callbacks. 2020-06-11 13:02:42 +08:00
Guo Xiang Tan 34ee1f2e71
DEV: Fix undefined method in rails_failover initializer. 2020-06-11 12:30:01 +08:00
Guo Xiang Tan cbb4ea1ea8
DEV: Don't blow up request redis can't be reached during failover. 2020-06-11 11:41:06 +08:00
Dan Ungureanu 5bfe1ee4f1
FEATURE: Improve UX support for multiple email addresses (#9691) 2020-06-10 19:11:49 +03:00
Neil Lalonde 65dd8e2fa2
Update translations 2020-06-10 12:01:02 -04:00
Dan Ungureanu 3a7ca97c36
FIX: Use include-subcategories filter in report export (#10007)
Some filters were renamed and the conversion of the filter names and arguments
was removed.
2020-06-10 18:57:39 +03:00
Vinoth Kannan 3ff3e6dc10 minor copyedit on category setting options.
`default_list_filter`

3e7f7fdde8
2020-06-10 16:03:57 +05:30
Guo Xiang Tan a3dfd553a1
Revert "Bump redis to 4.2.0."
This reverts commit 98bc28cea2.
2020-06-10 14:52:05 +08:00
Guo Xiang Tan 98bc28cea2
Bump redis to 4.2.0. 2020-06-10 14:28:56 +08:00
Guo Xiang Tan 2ce829cc01
DEV: Allow multisite apps to boot with reading connection handler. 2020-06-10 14:18:29 +08:00
Sam Saffron 7589551d68
PERF: enable bootsnap globally
If people wish to opt out they can use `DISABLE_BOOTSNAP = 1`

Bootsnap is production ready and was tested on our production
servers for safety.

Promoting it now so it is enabled globally.

Will result in faster application boot
2020-06-10 12:20:17 +10:00
Jeff Atwood 7e1c93326f copyedit: make it more clear PMs are blocked by ignore and mute 2020-06-09 18:56:30 -07:00
Arpit Jalan 3094459cd9
FEATURE: multiple use invite links (#9813) 2020-06-09 20:49:32 +05:30
Guo Xiang Tan a1c13eb3c6
DEV: Redis failover should only clear redis recently readonly. 2020-06-09 16:36:31 +08:00
Kane York 9b050f2822
FIX: Enforce maximum of 100 years on all site settings counted in days (#9991) 2020-06-09 12:48:51 +10:00
Gerhard Schlager 0bf753a739 DEV: Remove unused routes 2020-06-08 10:26:29 +02:00
Guo Xiang Tan f6628e4f43
DEV: Disable messageBus keepalive when Redis fails over. 2020-06-08 12:33:08 +08:00
OsamaSayegh 985900818f DEV: Fix indentation for routes.rb 2020-06-05 05:49:31 +03:00
Guo Xiang Tan 320b1e95bf
DEV: Silence all freedom patches trace in verbose query logs. 2020-06-05 09:09:54 +08:00
Guo Xiang Tan e82d4d8a75
DEV: Update rails_failover to avoid monkey patching Rails config. 2020-06-05 09:05:19 +08:00
Jeff Wong de29b4a511
PERF: rate limit search, and add anon cache for search results (#9969)
Adds new hidden site settings for rate limits:
30 for logged in users, 15 for anon

Adds an anon cache for searching, caches results of searches for 1 minute
2020-06-04 09:26:08 -07:00
Penar Musaraj 2d880b42a3
UX: Add simple-list setting type (#9970) 2020-06-04 10:44:54 -04:00
Guo Xiang Tan 87673e6571
DEV: Fix moving of rails_failover middleware. 2020-06-04 20:29:47 +08:00
Guo Xiang Tan aaece34e8b DEV: Update rails_failover so that we can move middleware up the stack. 2020-06-04 17:14:13 +08:00
Guo Xiang Tan 54f79ea3ba DEV: Pausing Sidekiq is multisite aware. 2020-06-04 15:46:30 +08:00
Guo Xiang Tan 8e1681d356 Bump rails_failover. 2020-06-04 15:22:35 +08:00
Jeff Atwood 50d4ad562e copyedit, better email reply rejection copy 2020-06-03 19:59:51 -07:00
Vinoth Kannan 3e7f7fdde8
FEATURE: category setting for default list filter. (#9975) 2020-06-04 00:56:56 +05:30
Robin Ward 22789e0201 New `bootstrap.json` endpoint for starting up Discourse
Discourse needs a bunch of data preloaded before it can start up.
Normally we throw blobs of this into the HTML document that is requested
but in some cases that's awkward to retrieve.

For example with Ember CLI you have a separate javascript application
that needs to make its own HTML.

This API endpoint returns a JSON object with all the data Discourse needs to
bootstrap and start up.
2020-06-03 14:45:23 -04:00
Sam Saffron cbaad631a4
PERF: add FORCE_BOOTSNAP env var
Bootsnap is designed to work in production per:
https://github.com/Shopify/bootsnap

Over the years we have seen very few issues with it, none of which
were corruption.

This allows us to enable bootsnap in production

Having bootsnap enabled means that we can speed up deploys by
about 5 seconds per server. It also means a lot less waiting for
various production rake tasks and so on.
2020-06-03 15:18:47 +10:00
Sam Saffron 57a3d4e0d2
FEATURE: whitelist theme repo mode (experimental)
In some restricted setups all JS payloads need tight control.

This setting bans admins from making changes to JS on the site and
requires all themes be whitelisted to be used.

There are edge cases we still need to work through in this mode
hence this is still not supported in production and experimental.

Use an example like this to enable:

`DISCOURSE_WHITELISTED_THEME_REPOS="https://repo.com/repo.git,https://repo.com/repo2.git"`

By default this feature is not enabled and no changes are made.

One exception is that default theme id was missing a security check
this was added for correctness.
2020-06-03 13:19:57 +10:00
Guo Xiang Tan 062db10c52
FIX: `EmailValidator` needs to validate format of email. 2020-06-03 10:34:37 +08:00
Gerhard Schlager 9c42c0fe9a FIX: Broken MessageFormat string 2020-06-02 21:42:39 +02:00
Gerhard Schlager 0cf297725f DEV: Use consistent interpolation key format in translations
From now on client strings can easily be reused on the server and you don’t have to think about choosing the right format anymore.
2020-06-02 19:05:10 +02:00
Guo Xiang Tan 439db7ca1e
DEV: Add `REDIS_RAILS_FAILOVER` env to test our new redis failover. 2020-06-02 17:24:14 +08:00
Bianca Nenciu d76ea9fa6b
FIX: Do not destroy $.fileupload element (#9888)
conditional-loading-section component rerendered the <input> element
and lost the necessary event handlers for jQuery-File-Upload.
2020-06-02 16:14:41 +10:00
Guo Xiang Tan 426b62a04a
DEV: Add silencer for verbose query logs in development. 2020-06-02 12:15:31 +08:00
Guo Xiang Tan e4cd4f7e0b
DEV: Avoid reaching for `Redis#_client` which is considered deprecated. 2020-06-02 11:46:55 +08:00
Guo Xiang Tan ade60b0cbc
DEV: Enable readonly mode for all multisite sites when PG goes down.
The risk here is that the database for one site goes down in the multisite setup and we drop everything to readonly mode. However, I discussed this with Sam and we agree that one database having problem is very rare. Most of the time, it is the entire DB cluster that goes down.
2020-06-02 11:32:07 +08:00
Guo Xiang Tan 326d6d5b0f
DEV: Pause Sidekiq when forcing pg readonly mode. 2020-06-02 09:20:03 +08:00
Neil Lalonde 72c09ab4ae
Update translations 2020-06-01 13:58:51 -04:00
Guo Xiang Tan 32735be5bd
DEV: Fix publish to message_bus when forcing pg readonly. 2020-06-01 13:26:12 +08:00
Guo Xiang Tan 2c3ff3e524
DEV: Missing readonly mode banner when forcing PG readonly. 2020-06-01 12:25:27 +08:00
Krzysztof Kotlarek 9a6ef80739
FEATURE: notify admins about old credentials (#9918)
* FEATURE: notify admins about old credentials

Security and API keys should be renewed periodically.
This additional notification should help admins keep their Discourse safe and secure.
2020-06-01 13:49:27 +10:00
Guo Xiang Tan b0b37bf5a3
DEV: Add force rails_over switch via Redis. 2020-06-01 11:23:58 +08:00
Robin Ward 2b2434b82d
Start Discourse in an initializer (#9930)
* DEV: To be pedantic, there is more than EMBER in there now

* DEV: Use less globals. Have `Discourse` start in an initializer

* DEV: Remove another global
2020-05-29 14:37:02 -04:00
David Taylor e159fb06df
FEATURE: Download remote images even for old posts (#9925)
When a post is rebaked, the admins expect it to work the same regardless of how old the post is.
2020-05-29 17:13:55 +01:00
Guo Xiang Tan ca28ad8f9a
DEV: Remove `db_id` from sample multisite config.
See 2bb4d5170c
2020-05-29 10:48:29 +08:00
Vinoth Kannan ce1491e830
UX: remove `in:unpinned` filter from advanced search page. (#9911) 2020-05-29 00:47:28 +05:30
Guo Xiang Tan 8c86a109bb
DEV: Add ENV flag to test out `ActiveRecord::Failover`. 2020-05-28 16:24:22 +08:00
Dan Ungureanu 570b12a903
FEATURE: Show a detailed 404 page for private topics (#9894) 2020-05-27 20:10:01 +03:00
Roman Rizzi 461df7d050
UX: Rename Priority to score for sorting. (#9846) 2020-05-27 12:50:28 -03:00
Régis Hanol 2a4db15544 FIX: don't send digests to users with no primary email
It might happen that some User records have no associated primary emails.
In which case we don't ever want to send them a digest.

Also added a new "user_email_no_email" skipped email log to ensure these cases
are properly handled and surfaced.
2020-05-27 17:09:40 +02:00
Krzysztof Kotlarek 34e5f0a9a3
Revert "FEATURE: notify admins about old credentials (#9854)" (#9886)
This reverts commit 349a67bee6.
2020-05-27 09:52:53 +10:00
Krzysztof Kotlarek 349a67bee6
FEATURE: notify admins about old credentials (#9854)
* FEATURE: notify admins about old credentials

Security and API keys should be renewed periodically.
This additional notification should help admins keep their Discourse safe and secure.
2020-05-27 08:13:47 +10:00
Neil Lalonde 3d20a1143b
Update translations 2020-05-26 10:06:07 -04:00
Bianca Nenciu f47400475e
FEATURE: Send a private message when a group membership is accepted (#9822)
* FEATURE: Send a private message when a group membership is accepted

* DEV: Small code improvements

* FIX: Send PM as group owner

* Copy edits
2020-05-26 16:28:03 +03:00
Joshua Rosenfeld 41f742c2f9
FIX: Copyedit for the dominating topic warning 2020-05-26 07:18:36 -04:00
Guo Xiang Tan 878f06f1fe DEV: Remove custom connection reaper.
Rails 6 fixed the reaper to use one thread to reap all the connection pools.
2020-05-26 09:09:46 +08:00
Rafael dos Santos Silva b48299f81c
FEATURE: Add setting to disable automatic CORS rule install in S3 buckets (#9872) 2020-05-25 17:09:34 -03:00
Gerhard Schlager 631024ae5d FEATURE: Permalinks for tags 2020-05-25 14:51:01 +02:00
Vinoth Kannan 8e56197728
UX: use "icon-picker" & "image-uploader" fields to set group flair. (#9779) 2020-05-25 11:08:47 +05:30
Michael Brown d9a02d1336
Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""
This reverts commit 20780a1eee.

* SECURITY: re-adds accidentally reverted commit:
  03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
  instead of the 03d26cd6 parent (which contains security fixes)
2020-05-23 00:56:13 -04:00
Jeff Atwood 20780a1eee Revert "Merge branch 'master' of https://github.com/discourse/discourse"
This reverts commit e62a85cf6f, reversing
changes made to 2660c2e21d.
2020-05-22 20:25:56 -07:00
Jeff Atwood e62a85cf6f Merge branch 'master' of https://github.com/discourse/discourse 2020-05-22 20:25:42 -07:00
Jeff Atwood 2660c2e21d minor copyedit on theme import error 2020-05-22 20:25:35 -07:00
Mark VanLandingham 1a5bcf2a64
UX: Remove live theme previewing in favor of refresh (#9798) 2020-05-21 08:32:50 -05:00
David Taylor bde8862f0f
FIX: Allow GitHub app client_id to be used for OAuth configuration 2020-05-21 10:44:25 +01:00
Martin Brennan df68d11c38
FEATURE: Add topic excerpt max length site setting (#9847)
Adds a new topic_excerpt_maxlength site setting.

* When topic excerpt is requested for a post, use the new topic_excerpt_maxlength site setting to limit the size of the excerpt
* Remove code for getting/setting Post.excerpt_size as it is not used anywhere
2020-05-21 13:19:48 +10:00
Krzysztof Kotlarek bf7103343a
FIX: sidekiq is using _forim_session (#9825)
Configure Sidekiq to use _forum_session instead of a rack.session
2020-05-21 08:19:21 +10:00
Robin Ward ba04bb7552 FIX: Path should be `addon` not `app` 2020-05-20 12:13:15 -04:00
Bianca Nenciu fb15da43da
Remove old web hooks in favor of 'reviewable' web hook (#9776)
* FIX: Emit web hooks for flags

* FEATURE: Remove 'flag' web hook in favor of 'reviewable' web hook

* FEATURE: Remove 'queued post' web hook in favor of 'reviewable' web hook

* FIX: Do not set a default value for web hooks with no events
2020-05-20 12:07:48 +03:00
Guo Xiang Tan 2f03a879f9
DEV: Require `rails_failover` before global settings. 2020-05-20 16:06:40 +08:00
Guo Xiang Tan f7f436e536
DEV: Install `rails_failover` gem to test our Redis changes. 2020-05-20 15:40:27 +08:00
Sam Saffron 05f7d5a2de
UX: Rename "Edit Message" to "Edit"
This reduces the space taken by the button.
2020-05-20 14:12:58 +10:00
Roman Rizzi 52228b1fa6
DEV: These routes don't exist anymore (#9823) 2020-05-19 16:09:03 -03:00
dave0688 f2574736a2
FEATURE: Add same site cookie 'None' option to make cross domain systems possible (#9374)
Previously reverted in cb8f8de4, but can be re-applied now that Rack has been updated
2020-05-19 10:33:46 +01:00
Guo Xiang Tan 96c02caba7
DEV: Change use of Redis `flushall` to `flushdb`.
FLUSHALL removes all keys from all databases. Instead we only want to
remove keys from the current Redis database.
2020-05-19 10:20:00 +08:00
Robin Ward db8e872bda
DEV: Move select kit to an addon (#9797) 2020-05-15 16:07:35 -04:00
Joffrey JAFFEUX b07f1bfd93
FIX: displays a title on sk header if no selected name (#9794)
none has to be defined.
2020-05-15 17:36:00 +02:00
Justin DiRose 9810ca1dbd
UX: Add copied text upon copy button click (#9793) 2020-05-15 17:08:46 +02:00
Penar Musaraj 5ff2a235f6 DEV: Allow 3-digit HEX color code in single icon route
Followup to aee8e62
2020-05-14 16:37:45 -04:00
Penar Musaraj aee8e62e21
FEATURE: Add endpoint for individual SVG icons (#9765) 2020-05-14 14:17:19 -04:00
Mark VanLandingham a047004c9a
FIX: Specific email error for replies to digest emails (#9770) 2020-05-14 09:04:58 -05:00
Vinoth Kannan c014b93854
UX: don't disable "create account" button & display error message for required fields. (#9643) 2020-05-14 12:15:33 +05:30
David Taylor cb8f8de422
Revert "FEATURE: Add same site cookie 'None' option to make cross domain systems possible (#9374)"
samesite=none is not supported in Rack 2.0.8. We can re-apply this change once Rack has been upgraded.

https://meta.discourse.org/t/cooke-samesite-none-not-working-because-of-outdated-rack-version/151331

This reverts commit 94c0228681.
2020-05-13 16:17:05 +01:00
RK Aranas 7d857d79bd UX: Fix hard coded value in Crazy in Love badge description
Currently, the Crazy in Love badge's description has a hard coded
value of 50.This should correspond to the max_likes_per_day value
instead.
2020-05-13 16:59:28 +08:00
Daniel Waterworth 497dc6eaa7 Add a global setting for CDN origin
This is so that, on a multisite cluster, when we handle a CDN request,
the hostname that is requested corresponds to one of the sites -
specifically the default site.
2020-05-12 16:43:40 +01:00
Penar Musaraj 90b900704b FIX: Improve mobile footer nav accessibility 2020-05-11 16:55:34 -04:00
David Taylor 5fc51ed49c
DEV: Remove unused DiscoursePlugin class (#9715) 2020-05-11 15:46:54 +01:00
Risto a9cf680f76
A typo fix (#9717) 2020-05-11 10:43:21 -04:00
Sam Saffron d8d54a92f1
FEATURE: tighten rate limiting rules for forgot password
1. Total 6 attempts per day per user
2. Total of 5 per unique email/login that is not found per hour
3. If an admin blocks an IP that IP can not request a reset
2020-05-08 13:30:51 +10:00
Sam Saffron 609e929186
Revert "Revert "DEV: upgrade to Rails 6.0.3""
This reverts commit 2ff8b4f5d9.

Attempt #2 at a Rails update this time we also update the
rails_multisite gem to allow for cleaner reordering
2020-05-08 11:49:22 +10:00
David Taylor 2ff8b4f5d9
Revert "DEV: upgrade to Rails 6.0.3"
This was causing issues during multisite:migrate

https://meta.discourse.org/t/multisite-migrate-broken-since-rails-6-0-3-update/150691

This reverts commit 136a545653.
2020-05-07 11:44:39 +01:00
Sam Saffron 136a545653
DEV: upgrade to Rails 6.0.3
Upgrades Rails to latest, this version has better compatibility
with Ruby 2.7

During the upgrade we needed a new cleaner mechanism for configuring
message bus.

All tests are green.

If anything weird pops up please revert.
2020-05-07 15:53:40 +10:00
Martin Brennan 6fb0f36ce1
FEATURE: Optionally delete bookmark when reminder sent (#9637)
We now show an options gear icon next to the bookmark name.

When expanded we show the "delete bookmark when reminder sent" option. The value of this checkbox is saved in local storage for the user.

If this is ticked, when a reminder is sent for the bookmark the bookmark itself is deleted. This is so people can use the reminder functionality by itself.

Also remove the blue alert reminder section from the "Edit Bookmark" modal as it just added clutter, because the user can already see they had a reminder set:

Adds a default false boolean column `delete_when_reminder_sent` to bookmarks.
2020-05-07 13:37:39 +10:00
Robin Ward 97657aa322 Don't precompile preload-store 2020-05-06 16:47:04 -04:00
Martin Brennan fa572d3a7a
DEV: Remove all code referencing at_desktop bookmark reminders (#9650)
We have found no need for these reminder types, so we are removing the code for them.
2020-05-06 15:22:43 +10:00
Kris e27f07e57d minor followup to 657facb 2020-05-05 17:18:36 -04:00
Robin Ward 612284cef3
DEV: Remove `Discourse.RAW_TEMPLATES` (#9630)
We were sharing `Discourse` both as an application object and a
namespace which complicated things for Ember CLI. This patch
moves raw templates into `__DISCOURSE_RAW_TEMPLATES` and adds
a couple helper methods to create/remove them.
2020-05-05 12:15:03 -04:00
tshenry b8b1cbbfb9
UX: Improve second factor UI (#9526)
This will make a few minor improvements to the second factor user interface. Highlights include:

- Using the site's title to prefix the backup code filename. If non-ascii characters are detected, then prefix "discourse" instead.
- Add icons and change the text on some of the buttons for better clarity and consistency
- Add an education link to the security key modal
2020-05-05 11:05:25 +10:00
Neil Lalonde 3cce608379
Update translations 2020-05-04 10:39:01 -04:00
Vinoth Kannan 0fe8ad13fa UX: change the user merge button's label and icon. 2020-05-04 18:44:30 +05:30
Ahmed Gagan 99abdf51cd
FEATURE: adds a filter for all/unread/read on user's notifications page (#9535) 2020-05-04 08:36:59 +02:00
Jeff Atwood 7fc319b64f more direct "read this topic" prefs link 2020-05-03 22:09:07 -07:00
Martin Brennan bcc9ad6f57
FIX: Bookmark UI tweaks (#9604)
* When hovering over the bookmark icon for a post, show the name of the bookmark at the end of the tooltip _if_ it has been set.
* Order bookmarks by `updated_at DESC` in the user list and show that instead of created at.
2020-05-01 16:14:20 +10:00
Robin Ward d615de9139
DEV: Support for `import Handlebars from 'handlebars'`; (#9600)
* Remove Handlebars.SafeString usage

* DEV: Support for `import Handlebars from 'handlebars'`;

* FIX: Sprockets was broken when `node_modules` was present

By default the old version of sprockets looks for application.js
anywhere, including in a node_modules folder if this exists
(which it will when we move to Ember CLI.)
2020-04-30 16:41:02 -04:00
Jeff Wong 2cb9e85d14
FEATURE: add category banner for why a user cannot post (#9576)
* FEATURE: add category banner for why a user cannot post

Adds a category banner for why a user is unable to post in a category.

Also adds an extra alert for the user when a user is unable to create a topic in a
category and they still try and click on the disabled-looking new topic
button.
2020-04-30 10:39:11 -07:00
Joffrey JAFFEUX 1b2db44678
FEATURE: allows to limit visible reports and tabs in dashboard (#9598) 2020-04-30 17:31:04 +02:00
Vinoth Kannan 71241a50f7 DEV: improve code readability & add tests for user guardian.
a511bea4cc
2020-04-30 20:59:33 +05:30
Rafael dos Santos Silva 08e4af6636 FEATURE: Add setting to controle the Expect header on S3 calls
Some providers don't implement the Expect: 100-continue support,
which results in a mismatch in the object signature.

With this settings, users can disable the header and use such providers.
2020-04-30 12:12:00 -03:00
Joffrey JAFFEUX 45f704906d
UX: display info about extra files and uploader (#9595)
Co-authored-by: David Taylor <david@taylorhq.com>
2020-04-30 16:02:38 +02:00
Dan Ungureanu fe51f7a863
FEATURE: More improvements to crawler and old browsers view
Related to c85018cdfd.
2020-04-30 12:07:51 +03:00
Sam Saffron d0d5a138c3
DEV: stop freezing frozen strings
We have the `# frozen_string_literal: true` comment on all our
files. This means all string literals are frozen. There is no need
to call #freeze on any literals.

For files with `# frozen_string_literal: true`

```
puts %w{a b}[0].frozen?
=> true

puts "hi".frozen?
=> true

puts "a #{1} b".frozen?
=> true

puts ("a " + "b").frozen?
=> false

puts (-("a " + "b")).frozen?
=> true
```

For more details see: https://samsaffron.com/archive/2018/02/16/reducing-string-duplication-in-ruby
2020-04-30 16:48:53 +10:00
Martin Brennan ca539fdccf
FIX: Rename all instances of bookmarkWithReminder to just bookmark (#9579)
* Rename all instances of bookmarkWithReminder and bookmark_with_reminder to just bookmark
* Delete old bookmark code at the same time
* Add migration to remove the bookmarkWithReminder post menu item if people have it set in site settings
2020-04-30 10:09:22 +10:00
Joshua Rosenfeld 9dccf4f3b8
FIX: Copyedit for "You were logged out" modal (#9584)
See https://meta.discourse.org/t/-/149596
2020-04-29 07:37:06 -07:00
Guo Xiang Tan 4fe4b3cce3
DEV: Revert quiet assets in dev.
Breaks with a gem.
2020-04-29 14:46:56 +08:00
Guo Xiang Tan 16ab6430fe
DEV: Follow up to a078feee07 2020-04-29 14:24:48 +08:00
Guo Xiang Tan a078feee07
DEV: Turn off ActiveRecord development color and query log by default.
It breaks logster.
2020-04-29 14:19:14 +08:00
Guo Xiang Tan fa21c03a1d
DEV: Minor follow up to 1d04fb24f8 2020-04-29 14:09:19 +08:00
Guo Xiang Tan 1d04fb24f8
DEV: Enable all the ActiveRecord goodness in development env. 2020-04-29 14:08:00 +08:00
Guo Xiang Tan 5503eba924
DEV: Add env in dev to support verbose query log. 2020-04-29 11:10:57 +08:00
Martin Brennan 17ca47af1a
FIX: Remove timezone in brackets from user card (#9567)
For clarity and to save space remove the timezone in brackets e.g. (EDT) from the user card. Also add a title to the user time span to say it is Local Time.
2020-04-29 08:45:38 +10:00
David Taylor ba616ffb50
DEV: Use a tmp directory for storing uploads in tests (#9554)
This avoids development-mode upload files from polluting the test environment
2020-04-28 14:03:04 +01:00
mentalstring 67f3fe14aa
FEATURE: support SSO website and location overrides
Add location and website + the ability to override using SSO using the `sso_overrides_location` and `sso_overrides_website` site settings.
2020-04-28 16:06:35 +10:00
Martin Brennan bb4e965a66
FEATURE: Optionally show local time for user in card (#9527)
This adds a site setting (default off) to optionally show a user's local time and timezone in their user card. For example, I live in Brisbane, and if at 3:30PM my time I were to open a user who lives in California's card I would see 22:30 (PST).
2020-04-28 10:13:59 +10:00
Robin Ward 056327c0c9
DEV: Move `discourse.js` to `app/app.js` (#9545)
This is another thing to get our application in line with what Ember CLI
expects.
2020-04-27 13:28:10 -04:00
Gerhard Schlager 30cb5f7d86 Update translations 2020-04-24 15:16:29 +02:00
Sam Saffron 6a18c9aa0b
Revert "FEATURE: enforce_canonical_emails site setting"
This reverts commit 6f9177e2ed.

We decided on a completely different approach to the problem.

Instead we will let blocked emails be treated as canonical.
2020-04-24 13:52:06 +10:00
Roman Rizzi 7a2e8d3ead
DEV: Add the missing `app` subdirectory (#9499)
* DEV: Add missing  directory to the Discourse ember app

* DEV: Resolve imports correctly
2020-04-23 10:07:54 -03:00
Joffrey JAFFEUX 3bbd8b1258
UX: rework date time input range (#9524) 2020-04-22 22:17:53 +02:00
Vinoth Kannan df0c386f8a
UX: drop the `automatic_membership_retroactive` column from groups model. (#9430) 2020-04-22 22:07:39 +05:30
Robin Ward 13f2723dcb FIX: Don't log an error to logster if a topic could not be updated.
If for some reason an update did not go through (for example,
concurrently updating the same topic twice), we were logging something
like:

```
create_errors_json called with unrecognized type: #<Topic
```

This happened because we knew an error occurred but the active record
object had no errors attached.

This patch fixes the issue by attaching a proper error message in the
event that this happens.
2020-04-22 11:56:04 -04:00
Dan Ungureanu e733701887
FEATURE: Make report filters reusable (#9444)
This commit also adds 'include subcategories' report filter
2020-04-22 11:52:50 +03:00
Vinoth Kannan a511bea4cc
FEATURE: admin UI to merge two users. (#9509) 2020-04-22 14:07:51 +05:30
Martin Brennan 628ba9d1e2
FEATURE: Promote bookmarks with reminders to core functionality (#9369)
The main thrust of this PR is to take all the conditional checks based on the `enable_bookmarks_with_reminders` away and only keep the code from the `true` path, making bookmarks with reminders the core bookmarks feature. There is also a migration to create `Bookmark` records out of `PostAction` bookmarks for a site.

### Summary

* Remove logic based on whether enable_bookmarks_with_reminders is true. This site setting is now obsolete, the old bookmark functionality is being removed. Retain the setting and set the value to `true` in a migration.
* Use the code from the rake task to create a database migration that creates bookmarks from post actions.
* Change the bookmark report to read from the new table.
* Get rid of old endpoints for bookmarks
* Link to the new bookmarks list from the user summary page
2020-04-22 13:44:19 +10:00
Justin DiRose 6559ad0d80
FEATURE: Add copy button to codeblocks (#9451) 2020-04-21 08:02:13 -05:00
Martin Brennan d123138d3a
FIX: Only confirm bookmark delete if a reminder has been set (#9484)
We do not need a secondary bootbox confirm if the bookmark has no reminder, because nothing really will be lost in that case.
2020-04-21 14:29:12 +10:00
Jarek Radosz 17cf300b71
DEV: Use more specific error responses (#9472)
* DEV: Use `render_json_error` (Adds specs for Admin::GroupsController)
* DEV: Use a specific error on blank category slug (Fixes a `render_json_error` warning)
* DEV: Use a specific error on reviewable claim conflict (Fixes a `render_json_error` warning)
* DEV: Use specific errors in Admin::UsersController (Fixes `render_json_error` warnings)
* FIX: PublishedPages error responses
* FIX: TopicsController error responses (There was an issue of two separate `Topic` instances for the same record. This makes sure there's only one up-to-date instance.)
2020-04-21 03:50:20 +02:00
Gerhard Schlager 82f9dcf301 Update translations 2020-04-20 11:37:59 +02:00
Sam Saffron ee36382640
FEATURE: improve rendering of RSS feeds
- Eliminate superfluous "author wrote" block
- Eliminate block-quote for all posts
- Move participant count and reply count to 1 line
- Prioritize name over username if forum requests
- Use fabrication in list controller spec to speed up spec
2020-04-20 16:08:24 +10:00
Martin Brennan 344ef5226c
FEATURE: Edit bookmark reminders from post and explicit delete button (#9455)
There is now an explicit "Delete Bookmark" button in the edit modal. A confirmation is shown before deleting.

Along with this, when the bookmarked post icon is clicked the modal is now shown instead of just deleting the bookmark. Also, the "Delete Bookmark" button from the user bookmark list now confirms the action.

Add a `d d` shortcut in the modal to delete the bookmark.
2020-04-20 13:30:04 +10:00
Gerhard Schlager 3e3ac704e1 Remove unused translation
It isn't used anymore since a19e43fd3b
2020-04-19 16:44:14 +02:00
David Taylor 576872a2d9
PERF: Enable new user card route by default (#9442)
https://meta.discourse.org/t/changes-to-the-user-card-data-source/139951
2020-04-17 09:42:57 +01:00
Martin Brennan 8f0544137a
FEATURE: Allow editing bookmark reminders (#9437)
Users can now edit the bookmark name and reminder time from their list of bookmarks.

We use "Custom" for the date and time in the modal because if the user set a reminder for "tomorrow" then edit the reminder "tomorrow", the definition of what "tomorrow" is has changed.
2020-04-17 11:08:07 +10:00
David Taylor ed6b3b82bd
FIX: Reopen sidekiq log files after rotation (#9429)
Unicorn uses the USR1 to indicate that log files should be reopened. This commit implements the same functionality for our forked sidekiq workers:

- USR1 is intercepted in the unicorn master, and re-issued to all child processes
- USR1 is trapped in the sidekiq processes, and `Unicorn::Util.reopen_logs` is used to re-open log files
2020-04-16 12:13:13 +01:00
Martin Brennan d7f744490a
FEATURE: Decorate topic-level bookmark button with reminder time (#9426)
* Show the correct bookmark with clock icon when topic-level bookmark reminder time is set and show the time of the reminder in the title on hover.
* Add a new bookmark lib and reminder time formatting function to show time with today/tomorrow shorthand for readability. E.g. tomorrow at 8:00am instead of Apr 16 2020 at 8:00am. This only applies to today + tomorrow, future dates are still treated the same.
2020-04-16 09:20:44 +10:00
Vinoth Kannan 884eea7a83 FEATURE: add support for `upload` format in theme settings. 2020-04-15 18:34:02 +05:30
Kane York 5a5685766a DEV: Fix all 'require-valid-alt-text' lints except in reused compoments
Three violations require parameters from the caller to generate valid alt text.
2020-04-14 17:21:20 -07:00
Sam Saffron 6f9177e2ed
FEATURE: enforce_canonical_emails site setting
The new `enforce_canonical_emails` site setting ensures that emails in the
canonical form are unique.

This mean that if `s.a.m+1@gmail.com` is registered `sam@gmail.com` will
not be allowed.

The commit contains a blanket "tag strip" (stripping everything after +)
it also contains special handling of a "dot strip" for googlemail and gmail.

The setting only impacts new registrations after `enforce_canonical_emails`

The setting is default false so it will not impact any existing installs.
2020-04-14 14:16:30 +10:00
Robin Ward b6b92a562c
FEATURE: New site setting `embed_unlisted` (#9391)
If enabled, posts imported to discourse via embeddings will default to
unlisted until they receive a reply.
2020-04-13 15:17:02 -04:00
tshenry 617692a6c4
UX: Note "Summarize This Topic" settings behavior
We use the `periodical_updates` and `weekly` background jobs to retroactively add/remove the "Summarize This Topic" button for topics according to the `summary_posts_required` or `summary_likes_required` site settings.
2020-04-10 09:46:36 -07:00
Dan Ungureanu 3d9c320aab
PERF: Cache Category.subcategory_ids (#9350)
Also reset category cache after backup restore.
2020-04-09 15:42:24 +03:00
Martin Brennan bedefd2e8a Fix broken bookmark translations for French 2020-04-09 14:51:57 +10:00
Kane York 138d4aebde FEATURE: Webhooks and Event for user being granted a badge
Adding a webhook for badge revocation is left for future work as it's relatively rare.
2020-04-08 14:38:30 -07:00
Kane York abdc10ae70 FIX: Labels for modal close and dismiss-error buttons 2020-04-08 11:56:29 -07:00
Dan Ungureanu 73d71e3fee
FEATURE: Show noscript view to unsupported browsers (#9373) 2020-04-08 20:24:18 +03:00
Robin Ward e1f8014acd
FEATURE: Support for publishing topics as pages (#9364)
If the feature is enabled, staff members can construct a URL and publish a
topic for others to browse without the regular Discourse chrome.

This is useful if you want to use Discourse like a CMS and publish
topics as articles, which can then be embedded into other systems.
2020-04-08 12:52:36 -04:00
dave0688 94c0228681
FEATURE: Add same site cookie 'None' option to make cross domain systems possible (#9374) 2020-04-08 10:03:50 +01:00
Rafael dos Santos Silva 3053c6d95e
FEATURE: Enable offline browsing and fullscreen PWA in iOS by default 2020-04-07 16:58:21 -03:00
Martin Brennan 42c2678d8f
FIX: Show topic level bookmark with reminder modal (#9336)
* When using the topic-level bookmark button or shortcut, we now show the bookmark with reminder modal for consistency.
* When hovering on a bookmark reminder notification where the bookmark has a name, show the name of the bookmark on hover.
2020-04-07 15:43:00 +10:00
Martin Brennan 93c38cc175
FEATURE: Bookmark keyboard shortcuts (#9318)
Adds keyboard bindings and associated help menu for selecting reminder type in bookmark modal, and pressing Enter to save.

Introduce the following APIs for `KeyboardShortcuts`:

* `pause` - Uses the provided array of combinations and unbinds them using `Mousetrap`.
* `unpause` - Uses the provided combinations and rebinds them to their default shortcuts listed in `KeyboardShortcuts`.
* `addBindings` - Adds the array of keyboard shortcut bindings and calls the provided callback when a binding is fired with Mousetrap.
* `unbind` - Takes an object literal of a binding map and unbinds all of them e.g. `{ enter: { handler: saveAndClose" } };`
2020-04-07 14:03:15 +10:00
Martin Brennan 40546af217
FIX: Remove date from bookmark reminder non-English translations (#9354)
The {{date}} interpolated value was removed from the English translations in #9329 but not from the other translations, causing breakages.

Also adds a , inbetween date and time for reminders using long_no_year for readability.
2020-04-06 13:14:46 +10:00
Daniel Waterworth bca126f3f5 REFACTOR: Move the multisite middleware to the front
Both request tracking and message bus rely on multisite before the
middleware has run which is not ideal.

Follow-up-to: ca1208a636
2020-04-02 16:44:44 +01:00
Daniel Waterworth ca1208a636 Revert "REFACTOR: Move the multisite middleware to the front"
Looks like this is causing problems.

Follow-up-to: a91843f0dc
2020-04-02 15:20:28 +01:00
Daniel Waterworth a91843f0dc REFACTOR: Move the multisite middleware to the front
Both request tracking and message bus rely on multisite before the
middleware has run which is not ideal.
2020-04-02 10:15:38 +01:00
Martin Brennan d261a809e2
FEATURE: Bookmark reminder type changes and bugfixes (#9329)
New Reminder Types
-------------------------------------

* Add a "later this week" reminder which is today + 2 days, will not show if we are on the days Thu-Sun
* Add a "start of next business week" reminder which is 8am Monday

Bugfixes and Tweaks
--------------------------------------

* Move dates out of translation for reminder types and yield HTML for tap-tile for more customizable content and styling
* Make sure double clicking the bookmark icon in quick access takes users to the new bookmarks-with-reminders page
* Sane default to 8am (start of day) for custom reminder with no time
2020-04-02 09:57:48 +10:00
Kane York cdaa60b56b FEATURE: Allow admins to disable self-service account deletion
https://meta.discourse.org/t/-/146276
2020-04-01 15:16:07 -07:00
Martin Brennan b79ea986ac
FEATURE: High priority bookmark reminder notifications (#9290)
Introduce the concept of "high priority notifications" which include PM and bookmark reminder notifications. Now bookmark reminder notifications act in the same way as PM notifications (float to top of recent list, show in the green bubble) and most instances of unread_private_messages in the UI have been replaced with unread_high_priority_notifications.

The user email digest is changed to just have a section about unread high priority notifications, the unread PM section has been removed.

A high_priority boolean column has been added to the Notification table and relevant indices added to account for it.

unread_private_messages has been kept on the User model purely for backwards compat, but now just returns unread_high_priority_notifications count so this may cause some inconsistencies in the UI.
2020-04-01 09:09:20 +10:00
Arpit Jalan b2a0d34bb7
FEATURE: add setting `auto_approve_email_domains` to auto approve users (#9323)
* FEATURE: add setting `auto_approve_email_domains` to auto approve users

This commit adds a new site setting `auto_approve_email_domains` to
auto approve users based on their email address domain.

Note that if a domain already exists in `email_domains_whitelist` then
`auto_approve_email_domains` needs to be duplicated there as well,
since users won’t be able to register with email address that is
not allowed in `email_domains_whitelist`.

* Update config/locales/server.en.yml

Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2020-03-31 23:59:15 +05:30
Robin Ward db35baba26 FEATURE: Display "Last Updated At" on user directory 2020-03-30 14:34:48 -04:00
Joffrey JAFFEUX 0996c3b7b3
FEATURE: allows multiple custom emoji groups (#9308)
Note: DBHelper would fail with a sql syntax error on columns like "group".

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2020-03-30 20:16:10 +02:00
Kane York 07dc8d20c4 DEV: Enable and fix the 'require-iframe-title' lint 2020-03-26 12:31:34 -07:00
Sam Saffron 25f1f23288
FEATURE: Stricter rules for user presence
Previously we would consider a user "present" and "last seen" if the
browser window was visible.

This has many edge cases, you could be considered present and around for
days just by having a window open and no screensaver on.

Instead we now also check that you either clicked, transitioned around app
or scrolled the page in the last minute in combination with window
visibility

This will lead to more reliable notifications via email and reduce load of
message bus for cases where a user walks away from the terminal
2020-03-26 17:36:52 +11:00
Sam Saffron ecbccab159
FEATURE: invite_code is case-insensitive
Previously we required exact casing for invite code, this can cause a lot
of confusion. Relax the requirement.
2020-03-26 13:44:02 +11:00
Martin Brennan 097851c135
FIX: Change secure media to encompass attachments as well (#9271)
If the “secure media” site setting is enabled then ALL files uploaded to Discourse (images, video, audio, pdf, txt, zip etc. etc.) will follow the secure media rules. The “prevent anons from downloading files” setting will no longer have any bearing on upload security. Basically, the feature will more appropriately be called “secure uploads” instead of “secure media”.

This is being done because there are communities out there that would like all attachments and media to be secure based on category rules but still allow anonymous users to download attachments in public places, which is not possible in the current arrangement.
2020-03-26 07:16:02 +10:00
Kane York 6a1fe9ff87
FIX: Use 1 column instead of 4 for permalink destination (#9260) 2020-03-25 11:30:39 -07:00
Dan Ungureanu 3ae26c6c59
FEATURE: List search menu shortcuts in instructions modal (#9273) 2020-03-25 17:11:33 +02:00
Dan Ungureanu 49395ec577
FIX: Fix image optimization pipeline (#9257)
* FIX: Do not use original filename to extract the original filename

Prefer extracting filename from the destination path, which is build
using extracted image information.

* UX: Show better error images
2020-03-25 12:59:16 +02:00
Bianca Nenciu d8640fd042
DEV: Move requested_group_id custom field from post to topic (#9127)
Follow-up-to accbbded15
2020-03-24 11:12:52 +02:00
Martin Brennan b8b29e79ad
FIX: Improve user timezone saving (#9230)
Based on issues identified in https://meta.discourse.org/t/improved-bookmarks-with-reminders/144542/20

* Implement the resolvedTimezone() function on the user model where we return the user's timezone if it has been set, or we guess it using moment and save it to the user using an update call if it has not yet been set. This covers the cases of users who do not log out/in often who will not get their timezone set via login. This also makes sure the guess + save is done in a non-obtrusive way not on every page -- only when it is needed.

* Before if a user's timezone was blank when they visited their profile page we were autofilling the dropdown with the guessed timezone from moment. However this was confusing as it would appear you have that timezone saved in the DB when you really didn't. Now we do not autofill the dropdown and added a button to automatically guess the current timezone to make everything more explicit.
2020-03-24 11:39:09 +10:00
Kane York 4b8acce92b FIX: Check for permalinks before showing the 404 page
Limitations: the user profile "open external links in new tab setting" is
slightly broken for "External URL" permalinks.

Remove the copy from the admin permalinks page stating that this doesn't work.
2020-03-23 16:31:07 -07:00