* FIX: paste the spreadsheet to the composer
If we paste spreadsheet with the missing label we receive
`" this \n1 2"`
If we trim whitespace at the beginning then our later calculation to determine if it is a table is incorrect:
```
const columns = rows.map((r) => r.split("\t").length);
const isTable =
columns.reduce((a, b) => a && columns[0] === b && b > 1)
```
https://meta.discourse.org/t/pasting-from-spreadsheet-wont-work-if-corner-cell-is-empty/169443
Fixes two small issues:
- buttons stayed disabled after deleting a category
- on a newly-created category, the Edit button was missing on the category landing page
This makes it much easier to check the staff action logs for a specific site setting. A small history icon will appear when hovering over a site setting name. On click, you will be taken to the pre-filtered staff action log for the site setting.
This commit removes the duplicate category description on sub categories in the category list. I believe this went unnnoticed because we are hiding these by default.
The REST adapter generates paths with the /tags/ prefix indescriminately,
but individual tag paths have been moved under the /tag/ prefix to allow
tags with names that would otherwise cause ambiguity like c.
PostDestroyer should accept the option to permanently destroy post from the database. In addition, when the first post is destroyed it destroys the whole topic.
Currently, that feature is limited to private messages and creator of the post. It will be used by discourse-encrypt to explode encrypted private messages.
Paths prefixed with /tag/ are exclusively for when the tag name is the
next string in the path. Therefore, when a category is being used as
context, the path should start with /tags/ instead.
Per Google, sites are encouraged to upgrade from Universal Analytics v3 `analytics.js` to v4 `gtag.js` for Google Analytics tracking. We're giving admins the option to stay on the v3 API or migrate to v4. Admins can change the implementation they're using via the `ga_version` site setting. Eventually Google will deprecate v3, but our implementation gives admins the choice on what to use for now.
We chose this implementation to make the change less error prone, as many site admins are using custom events via the v3 UA API. With the site stetting defaulted to `v3_analytics`, site analytics won't break until the admin is ready to make the migration.
Additionally, in the v4 implementation, we do not enable automatic pageview tracking (on by default in the v4 API). Instead we rely on Discourse's page change API to report pageviews on transition to avoid double-tracking.
We have a div that is inside #main because of the history of Ember explained here. Once we have Ember cli, we can use optional feature flags and disable creating this div with application-template-wrapper: false, and refactor this code and any plugins that rely on that div being present (some plugin regarding remote collaboration??).
* DEV: Move toHumanSize patch into I18n proper
The patch wasn't loaded in Ember CLI environment causing translation discrepancies.
* DEV: Remove String.prototype.i18n
I don't think this patch is needed. Let the CI prove me wrong. :P
* FEATURE - allow category group moderators to delete topics
* Allow individual posts to be deleted
* DEV - refactor for new `can_moderate_topic?` method
We didn't update review settings even if the UI says it was successfully saved. After #11097, we started to clone each setting and store the changes there instead, but we still use the original objects when we perform the save action.
Users could be silenced or suspended by two staff members at the same time and
would not be aware of it. This commit shows an error message if another penalty
has been applied.
- IgnoredUser records should all now have an expiring_at value. This commit enforces that in the DB, and fixes any corrupt rows
- Changes to the ignored user list are now handled by the `/u/{username}/notification_level` endpoint. This allows setting expiration dates on the ignore. This commit removes the old logic for saving a list of usernames in the user preferences.
- Many specs were calling `IgnoredUser.create`. This commit changes them to use `Fabricate(:ignored_user)` for consistency
@danielwaterworth suggested taking a look at this when reviewing a plugin using this API.
When declaring a new nav item using `addNavigationBarItem` and including the `href` attribute, we don't currently process that URL to be subfolder compatible.
Nav bar items coming in via the API are considered `ExtraNavItem` and the `href` value is passed straight through to the `buildItems` method, vs using the computed href method. This PR adds a simple `getURL` call on that href value to ensure it's subfolder-safe.
I also accounted for the `customHref` function in the API to make those URLs subfolder safe as well.
<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in Javascript). If your code does not include test coverage, please include an explanation of why it was omitted. -->
Ensures the newly created category record gives the current user permission to create a new topic and sets her notification level to the default (regular).
After 5fc239b535, the category dropdown
was showing "undefined" for the "all-categories" and "no-categories"
messages. This commit introduces a check to run the HTML parser only if
we're dealing with a real category, which fixes the above issue.
Using arrow functions changes `this` context, which is undesired in tests, e.g. it makes it impossible to setup things like pretender (`this.server`) in `beforeEach` hooks.
Ember guides always use classic functions in examples (e.g. https://guides.emberjs.com/release/testing/test-types/), and that's what it uses in its own test suite, as do various addons and ember apps.
It was also already used in Discourse where `this` was required. Moving forward, it will be needed in more places as we migrate toward ember-cli.
(I might later add a custom rule to eslint-discourse-ember to enforce this)
We remove the slow mode composer message and provide better messages when rejecting new posts and edits. The client now validates if the user tries to post again immediately. Finally, we replaced the `hourglass-end` icon with the `hourglass-start` one.
This reverts commit e3de45359f.
We need to improve out strategy by adding a cache breaker with this change ... some assets on CDNs and clients may have incorrect CORS headers which can cause stuff to break.
When `must_approve_users` is enabled then staff users assume that all
users will have to be approved manually. But in case of invite we
auto-approve users if they are invited by users. This commit adds an
info on the bottom of invite modal informing staff users that new users
will be auto-approved as soon as they accept invite.
This is a way to detect that Discourse isn't able to receive online updates from
the server, and will be used to trigger an UI warning to the user that the session
is working on offline mode.
Meta request https://meta.discourse.org/t/offline-indicator/123000?u=falco
This is because the translations were being applied when the JS files
were parsed, which is before the overrides are loaded.
The solution is to return the filters in a function which is executed
when they are needed.
In newer Embers jQuery is removed. There is a `find` but it only returns
one element and not a jQuery selector. This patch migrates our code to a
new helper `queryAll` which allows us to remove the global.
Most proxies out there will work with chunked encoding transfer. However
some proxies buffer, causing large delays which in turn force the message
bus client to disable chunked encoding. This wastes a request to the message
bus causing superfluous load on the server.
Also
- enableLongPolling is already default true in the client, no need to set it
- remove confusing comment about zepto
Before deleting a topic that has a high number of views (default of 5000), the user will be prompted with a confirmation popup. This works for all delete buttons on the topic located in: topic-timeline, topic-admin-menu, topic-footer-buttons, and post-menu if the post's ID is 1.
The delete button will be disabled while deletion is in progress, to prevent any unwanted behavior.
A site setting is also available to change the minimum amount of views required to display the confirmation popup.
All kudos are going to @RickyC0626. I only rebased with master and added few qunit tests to ensure that this feature works as expected.
Original PR: #10459
* Move new/edit category modals to its own page
* Fix JS tests
* Minor fixes to new-category UI
* Add mobile toggle
* Use global pretender endpoint so plugins can benefit too
* Alignment fix
* Minor review fixes
* Styling refactor
* Move some SCSS out of the modal
Trying to include this attribute when topic_user is nil causes an error when visiting a topic as anon. Additionally, we don't display the slow mode banner for these users.
Showing this button is confusing for sites which are using external authentication. Clicking 'log in' already pops up the login modal, which includes a forgot password link when appropriate.
This PR introduces a feature that will detect a date inside the post that a user is bookmarking, and offer that date as an option in the bookmark modal.
The logic is that we get the first date/time detected in the post. If it does not have a time, just a date, then we default to 8:00am for the time.
This allows for an advanced feature where hitting control on click or
CTRL-SHIFT-ENTER will lead to a post being made but the browser not to
scroll to the end.
Adding a video in composer and then continuing to type into it will make the
video element flicker and restart playback on every keystroke, as the preview
is rendered. In certain configurations, this can lead to some performance
problems too.
Onebox already does the same for external videos.
This gets us closer to how newer Ember versions want to do things, but
with a bit of Discourse flair.
`acceptance` now takes a function as a parameter, and tests need to be
declared in that new function context.
A new helper, `needs`, is passed as a parameter. You can use it to set
up the test the way you want.
* FIX: Ensure slow mode duration is correctly edited and displayed.
This commit fixes a bug where you were forced to set hours, minutes, and seconds or you won't be able to set the slow mode. Also, the duration was not displayed correctly due to the seconds not being truncated.
Additionally, we'll always display the hours, minutes, and seconds inputs for clarity and remove the blue banner.
* Set slow mode modal tweaks.
Uses labels instead of placeholders.
Input fields only visible when custom option selected.
Replace "Custom Duration" with "Pick Duration".
Additionally, place the `Set slow mode` button at the bottom of the topic actions menu.
* Perform the slow_mode validation also on the client-side before saving trying to save the post. This way, the post won't be staged.
This removes fixed positioning from d-header and the topic timeline.
Plugins, themes and components that use the above/below header plugin outlet will likely need some margin/padding adjustments.
This broke "composePrivateMessage" (and possibly others) because `d-button` now passes the event as a
second argument, and that action has an optional second argument.
* FEATURE: CTRL-SHIFT-ENTER and SHIFT-Click do not scroll on post
This allows for an advanced feature where hitting control on click or
CTRL-SHIFT-ENTER will lead to a post being made but the browser not to
scroll to the end.
Adds a new slow mode for topics that are heating up. Users will have to wait for a period of time before being able to post again.
We store this interval inside the topics table and track the last time a user posted using the last_posted_at datetime in the TopicUser relation.
* The creation of a testing div is specific to Rails, so that is
moved back out of setupTests();
* We've removed the `Discourse` globals from the acceptance helpers in favor of
`setApplication`/`getApplication`.
* We pass the container to setupTests because there is no
`__container__` in later Ember versions.
* `App` is now `app` because it's not a constant or class, it's an
instance of an application.
Dependency on gifsicle, allow_animated_avatars and allow_animated_thumbnails
site settings were all removed. Animated GIF images are still allowed, but
the generated optimized images are no longer animated for those (which were
used for avatars and thumbnails).
The added 'animated' is populated by extracting information using FastImage.
This field was used to selectively reoptimize old animations. This process
happens in the background.
Previous to this change we had no protection to ensure we wait on a request
for more posts prior starting another request.
In outlier cases if 10 people post at the same time on a topic a flood of
requests could start.
To improve this situation we now ensure that we are done asking for new posts
prior to asking for the next batch.
Also addresses some style issues raised previously and moves init to top
of class.
* FEATURE: when we fail to ship topic timings attempt to retry
This change amends it so
1. Topic timings are treated as background requests and subject to more
aggressive rate limits.
2. If we notice an error when we ship timings we back off exponentially
The commit allows 405, 429, 500, 501, 502, 503 and 504 errors to be retried.
500+ errors usually happen when self hosters are rebuilding or some other
weird condition.
405 happens when site is in readonly.
429 happens when user is rate limited.
The retry cadence is hardcoded in AJAX_FAILURE_DELAYS, longest delay is
40 seconds, we may consider enlarging it.
After the last delay passes we give up and do not write timings to the
server.
* Address feedback
- Omit promise, no need to use promises in sendNextConsolidatedTiming
- Correct issue where >= -1 was used and > -1 was intended
- Use objects for consolidated timings instead of Array
- Stop using shift/unshift and instead use push / pop which are faster
* Move consolidated timing initialization to constructor
* Remove TODO and just console.warn if we have an issue
* FEATURE: add penalty options for take action
Add the ability to silence or suspend users from the "take action"
button when moderators are flagging posts. This allows for a more streamlined
active moderation workflow, when moderating against a topic directly.
* FEATURE: Add ability to add target to link
This commit will add the ability for a link's target attribute to be specified.
Allowing`target: "_blank"` to work properly.
This commit will add the category slug class to the body if the tag is a child of a category.
Currently, when visiting a tag topic list only the tag name is added to the body class.
Per Google, sites are encouraged to upgrade from `analytics.js` to `gtag.js` for Google Analytics tracking. This commit updates core Discourse to use the new `gtag.js` API Google is asking sites to use. This API has feature parity with `analytics.js` but does not use trackers.
When the server gets overloaded and lots of requests start queuing server
will attempt to shed load by returning 429 errors on background requests.
The client can flag a request as background by setting the header:
`Discourse-Background` to `true`
Out-of-the-box we shed load when the queue time goes above 0.5 seconds.
The only request we shed at the moment is the request to load up a new post
when someone posts to a topic.
We can extend this as we go with a more general pattern on the client.
Previous to this change, rate limiting would "break" the post stream which
would make suggested topics vanish and users would have to scroll the page
to see more posts in the topic.
Server needs this protection for cases where tons of clients are navigated
to a topic and a new post is made. This can lead to a self inflicted denial
of service if enough clients are viewing the topic.
Due to the internal security design of Discourse it is hard for a large
number of clients to share a channel where we would pass the full post body
via the message bus.
It also renames (and deprecates) triggerNewPostInStream to triggerNewPostsInStream
This allows us to load a batch of new posts cleanly, so the controller can
keep track of a backlog
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
We were trying to observe a non-ember object which is undefined
behavior and was leaking to odd bugs. This replaces the `filter` object
with an Ember Object and things seem to work.
I also took the opportunity with this commit to move some test specific
stuff out of `discourse-loader` which is loaded on the front end of the
application. The test module building now happens in the `test_helper`
bundle.
This misses a test because Favcount doesn't exposes a get to the counter.
Also, since this code deals with all possible notifications configs we support:
- favicon notification
- favicon new content
- title notification
- title new content
the code is a bit complicated to follow. We may look into refactoring it when a
good opportunity arises, like if https://w3c.github.io/badging/ setClientBadge() method
gives us a cleaner way to notify users.
We can't use erb in Ember CLI (since it does not have Ruby) so this has
been ported to use our `javascript:update_constants` rake test instead.
Note we don't have to run this every time a notification type as it's
only used by fixtures to fill in some specific types we test against.
This is long overdue. We had a lot of (not linted) code to initialize
our test suite as part of the Ruby `test_helper.js` bundle.
This refactor moves that out to a `setup-tests` module, which imports
all the modules properly, rather than using `require`.
It also removes the global `server` variable which some tests were using
for pretender. Those tests are fixed, and in the case of widget tests,
support for a `pretend()` was added, which mimics our acceptance tests.
One problematic test was removed, which overwrites `/posts` - this could
break tons of other tests depending on order.
The prefixing logic is moved into a `prefixProtocol` function in lib:url.
This commit also renames an incorrectly named test and uses https as default instead of http, in 2020 it's reasonable to think we most likely want https and not http. User can still specify http if required.
This commit is also moving one test to a component test.
A followup to this commit would be to ensure every dropdowns are using a regex instead of the normalize/lowercase system we have now.
The dark-mode-friendly SVG mask for the wizard's background image
introduced in 8fcfb9586c does not work with
CDNs, because CORS restrictions apply to SVG masks.
It would be complicated to modify CDN access origin rules for this one
specific assets, so instead, this PR moves the contents of the SVG file
inside the stylesheet.
These are tricky because `module.exports` is used by nodejs files as a
global, which is OK. But we don't want to allow `module` in JS tests
for qunit without importing it first.
We used many global functions to handle tests when they should be
imported like other libraries in our application. This also gets us
closer to the way Ember CLI prefers our tests to be laid out.
See https://meta.discourse.org/t/changing-a-users-email/164512 for additional context.
Previously when an admin user changed a user's email we assumed that they would need a password reset too because they likely did not have access to their account. This proved to be incorrect, as there are other reasons a user needs admin to change their email. This PR:
* Changes the admin change email for user flow so the user is sent an email to confirm the change
* We now record who the email change request was requested by
* If the requested by user is admin and not the user we note this in the email sent to the user
* We also make the confirm change email route open to anonymous users, so it can be clicked by the user even if they do not have access to their account. If there is a logged in user we make sure the confirmation matches the current user.
Allows site administrators to pick different fonts for headings in the wizard and in their site settings. Also correctly displays the header logos in wizard previews.
allowEmails used to always be set to true and did not use
can_invite_via_email, which checks for enable_local_logins.
It was a problem because on sites with local logins
disabled users were allowed to enter email addresses, but
received a generic error "error inviting that user".
Prior to this fix, weekly could be 8 days and we could have differences between period chooser text and actual results in the chart.
A good followup to this PR would be to add custom date ranges in period-chooser component.
This is where they should be as far as ember is concerned. Note this is
a huge commit and we should be really careful everything continues to
work properly.
You can now create a file in your plugin/theme in the `api-initializers`
directory which has a simpler template than previous initializers.
Example:
```
// api-initializers/my-plugin.js
import { apiInitializer } from "discourse/lib/api";
export default apiInitializer("0.8", api => {
console.log("hello world from api initializer!");
});
```
See https://meta.discourse.org/t/changing-a-users-email/164512 for context.
When admin changes an email for a user, we were incorrectly sending the password reset email to the user's old address. Also the new email does not come into effect until the reset password process is done, so this PR adds some notes to the admin to make this clearer.
Context: https://meta.discourse.org/t/stop-appending-username-to-url-when-badge-system-disabled/164904
Share links for topics and posts have the current username appended to them when the user is logged in.
If badges are disabled, those added usernames are not beneficial since they're only used to track progress towards certain badges.
This PR makes two change.
1. it moves the logic for the share link url to a centralized helper because it's shared in both topic and post models.
2. it stops username params from being added to share links when badges are disabled.
We previously used the "●" Unicode character for this circle. Using Unicode for this means that it's up to the browser / OS to determine how it renders.
This commit changes it to a CSS shape so that we always get the same rendering regardless of the user's browser / OS.
* FIX: allow editing in composer before a category is selected
If the site setting `allow_uncategorized_topics` is disabled, but no site categories have a topic template, the textarea of the composer should be enabled. This allows for a post body to be entered, however the post/topic should not be successfully created until a category is selected.
If `allow_uncategorized_topics` is disabled *and* one or more categories have a topic template, the textarea of the composer should remain disabled until a category is chosen (so that the body of their post isn’t overwritten by the template).
* Avoid recalculating hasTopicTemplates repeatedly
This replaces an invalid `window.scrollTop` occurrence, left over from a
jQuery refactoring. It should fix an undesirable "shake effect" I have
run into in Safari when navigating to a reply in the post stream.
eslint --fix is capable of fix it automatically for you, ensure prettier is run after eslint as eslint --fix could leave the code in an invalid prettier state.
It didn't provide much value to users as it often didn't match the number visible in the topic timeline. That's because `postNumber` is an implementation detail, while the timeline counts only full visible posts (no whispers, topic action notices, etc.)
typographer can change " to ” leading to breakages in parser
At least codify this. Longer term we want to re-prioritize typographer so
it always runs after bbcode parsing.
Previously attributes such as `[test a='a"a' b="a'a"]` were not correctly
handled.
This amends the regex parser to ensure it correctly parses attributes
without breaking incorrectly on the first nested quote
We don't delegate `mouseMove` so this code has not been called in a long
time. It also seems that `screenX`/`screenY`/`lastX`/`lastY` was never
used so they were removed too.
Before this patch, discourse-markdown depended on the modules in its
bundle being defined in a specific order or it wouldn't load properly.
Now, any file in the bundle can export a `priority` const (default 0)
and files will be loaded in order of ascending priority instead. This
allows us to use a bundle packaged in any order we want.
To check if a post contains any embedded media, we look if the "image_sizes" attribute is present in the new post manager arguments.
We want to see one boxed links, but we only store the raw content of the post. To work around this, I extracted the onebox logic from the composer editor into a module.
This commit also:
- deprecate an old way of using actions for future removal
- removes all the hidden/block/... logic, as we just rely on parent being displayed or not
* FEATURE: Diffrentiate between group + individual mentions
This commit adds the necessary code for Discorse core to differentiate between group + individual mentions in the notification user panel and notification page.
It changes the group mention icon from `at` to `users` as well as adds context as to which group was mentioned in the topic.