Commit Graph

281 Commits

Author SHA1 Message Date
Sam Saffron
bd5fa1737d FIX: add_to_serializer not correctly accounting for inheritance chains
This is a very long standing bug we had, if a plugin attempted to amend a
serializer core was not "correcting" the situation for all descendant classes
this often only showed up in production cause production eager loads serializers
prior to plugins amending them.

This is a critical fix for various plugins
2019-08-27 18:21:53 +10:00
Vinoth Kannan
41f22946c3 FIX: properly load desktop and mobile only plugin css assets.
5bd6b70d98
2019-08-22 08:39:10 +05:30
Vinoth Kannan
5bd6b70d98
DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
Régis Hanol
ae05245b00 DEV: plugin API to register User custom field types 2019-07-24 18:38:44 +02:00
Vinoth Kannan
839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
Joffrey JAFFEUX
9ee2c121c1
FIX: ensures emoji helper is working with custom emojis (#7843) 2019-07-03 09:23:40 +02:00
Roman Rizzi
c3a38d2304 DEV: Make groups/new extensible by plugins (#7642)
* Expose a new plugin outlet. Pass group model to the group-member-dropdown so it can be accessed by plugins

* Added controller tests for group custom fields. update custom fields when updating a group
2019-06-06 12:05:33 +10:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan
451f7842ff DEV: More send -> public_send. 2019-05-07 10:05:58 +08:00
Guo Xiang Tan
152238b4cf DEV: Prefer public_send over send. 2019-05-07 09:33:21 +08:00
Sam Saffron
9be70a22cd DEV: introduce new API to look up dynamic site setting
This removes all uses of both `send` and `public_send` from consumers of
SiteSetting and instead introduces a `get` helper for dynamic lookup

This leads to much cleaner and safer code long term as we are always explicit
to test that a site setting is really there before sending an arbitrary
string to the class

It also removes a couple of risky stubs from the auth provider test
2019-05-07 11:00:30 +10:00
Roman Rizzi
aec457e09a
DEV: Expose a way to extend a method that returns a list 2019-04-08 14:42:36 -03:00
Robin Ward
b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
Penar Musaraj
9bf11a7c02
FEATURE: Add localized timezone names (#7004)
Uses github.com/discourse/moment-timezone-names-translations to translate timezone names.
Plugins can also provide their own timezone name translations.
2019-02-25 14:40:02 -05:00
Gerhard Schlager
84c56e16f9 REFACTOR: Use keyword argument for fallback_to_english flag 2019-02-19 15:28:47 +01:00
Régis Hanol
95e5f8380d FEATURE: Allow plugins to add custom emoji translations
FIX: buildTranslationTree was erroring when translations overlapped (ie. ":-)" and ":-))")
FIX: emoji translations wasn't working properly when translations overlapped
2019-01-04 15:27:46 +01:00
David Taylor
23c65feb6c DEV: Prevent deprecation warnings being incorrectly logged 2018-12-31 14:41:30 +00:00
David Taylor
4e010382cc REFACTOR: Initialize auth providers after plugin.activate!
Also added some helpful functionality for plugin developers:
- Raises RuntimeException if the auth provider has been registered too late
- Logs use of deprecated parameters
2018-11-30 16:58:18 +00:00
Kyle Zhao
488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP (#6704)
* FEATURE: allow plugins and themes to extend the default CSP

For plugins:

```
extend_content_security_policy(
  script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'],
  style_src: ['https://domain.com/style.css']
)
```

For themes and components:

```
extend_content_security_policy:
  type: list
  default: "script_src:https://domain.com/|style_src:https://domain.com"
```

* clear CSP base url before each test

we have a test that stubs `Rails.env.development?` to true

* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
Penar Musaraj
03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
David Taylor
052bf37578 FIX: Use Discourse.deprecate instead of Rails.logger.warn
This will significantly reduce the volume of logs when the condition is hit
2018-11-22 15:59:47 +00:00
Sam
42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
David Taylor
c6f364224e
FEATURE: Allow plugins to whitelist user custom fields for public display (#6499)
This works exactly the same as `whitelist_staff_user_custom_fields`, but is not limited to staff
2018-10-17 10:33:27 +01:00
Guo Xiang Tan
1c9b5e75e7 DEV: Support post deployment migrations for plugins. 2018-10-09 13:11:45 +08:00
David Taylor
4382fb5fac DEV: Allow plugins to whitelist specific user custom_fields for editing (#6358) 2018-09-04 20:45:36 +10:00
Robin Ward
5895507153 FEATURE: Ability for plugins to whitelist custom fields for flags
You can now call `whitelist_flag_post_custom_field` from your plugins
and those custom fields will be available on the flagged posts
area of the admin section.
2018-08-09 10:49:14 -04:00
Sam
4b000f5d12 FIX: do not use lib for requires
this breaks loading the app from arbitrary dirs
2018-08-07 11:04:29 +10:00
David Taylor
812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
David Taylor
8d1acbd4c2 DEV: Include specific authenticator name in warning message 2018-07-30 11:33:48 +01:00
David Taylor
467c529920 FIX: Remove return statement from inside block 2018-07-26 15:52:39 +01:00
David Taylor
0d0d78841b
FIX: Remove plugin.enabled? checks at initialization time (#6166)
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
  - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
  - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.

Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.

I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
  - `post_custom_fields_whitelist`
  - `whitelist_staff_user_custom_field`
  - `add_permitted_post_create_param`
2018-07-25 16:44:09 +01:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Robin Ward
6901e0e043 FIX: Rails.logger isn't always available when loading plugin locales 2018-06-22 10:20:20 -04:00
Joffrey JAFFEUX
24c27b5321
FEATURE: adds a add_report method accessible in plugin.rb 2018-06-19 15:00:11 +02:00
Guo Xiang Tan
c6f45fcfdb Expose an API for plugins to be hidden on the admin plugin page. 2018-05-08 13:24:58 +08:00
Guo Xiang Tan
8cf0f51eb2 UX: Display site settings shortcut for poll and discourse-nginx-performance-report.
https://meta.discourse.org/t/improving-admin-plugins/84585/29?u=tgxworld
2018-05-08 10:34:32 +08:00
Robin Ward
93b40d5e59 Don't use puts here since it happens in tests 2018-04-30 12:26:43 -04:00
Robin Ward
cfcdc4b420 Output when a locale is invalid 2018-04-20 15:29:18 -04:00
Joffrey JAFFEUX
45f657336e
FEATURE: adds support for loading existing core asset in pretty text 2018-04-10 08:37:16 +02:00
Gerhard Schlager
eb52c5469e FEATURE: Allow plugins to register a new locale 2018-01-25 14:57:41 +01:00
Jeff Wong
b094894c94 Feature: Add service worker registration method to plugin API 2017-11-28 14:01:41 +08:00
Robin Ward
966c7e7f07 FEATURE: Allow plugins to dynamically add seed fixture paths
This is useful if your plugin wants different seed data for different
locales for example.
2017-11-16 14:43:17 -05:00
Robin Ward
838568cbc3 Refactor flag types for more customization 2017-10-19 13:55:23 -04:00
Robin Ward
823936ca9c A plugin API to catch exceptions 2017-10-02 12:05:12 -04:00
Robin Ward
34f98f362f Add a plugin hook to specify a class on the body of the document 2017-09-28 13:17:09 -04:00
Guo Xiang Tan
77d4c4d8dc Fix all the errors to get our tests green on Rails 5.1. 2017-09-25 13:48:58 +08:00
Robin Ward
e7885c20cb Add reloadable support for patching in an avatar lookup 2017-08-30 14:24:03 -04:00
Guo Xiang Tan
2157079d09 Add Plugin API to register a category custom field. 2017-08-17 15:59:57 +09:00
Régis Hanol
55f449edc5 FIX: reloading issues with classes 2017-08-16 23:00:52 +02:00
Robin Ward
5ed809a15b FIX: Reloading issues with classes 2017-08-13 13:19:50 -04:00
Régis Hanol
51ef36abb4 Add a bunch of reload-friendly class variables accessors plugin APIs 2017-08-12 04:21:02 +02:00
Régis Hanol
04460ecac5 'add_to_serializer' should define the 'include_' method by default 2017-08-09 22:22:18 +02:00
Robin Ward
f11253dcb6 Allow plugin patches to reload in development mode 2017-08-09 12:30:27 -04:00
Robin Ward
43fd90b2da Remove serve_public_dir -- it's not needed 2017-07-28 13:44:38 -04:00
Robin Ward
5ae79697b8 Remove unused register_theme code, expose serve_public 2017-07-28 11:47:25 -04:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Sam
6a1f579c6e FIX: don't search for plugins in nested subdirectories 2017-05-16 17:28:56 -04:00
Robin Ward
1363988cd7 Support for an HTML builder that can create dynamic HTML 2017-04-17 17:32:55 -04:00
Régis Hanol
747f4812e4 fix custom emoji support when using subfolder 2017-03-24 02:09:39 +01:00
Régis Hanol
9f65658c5c register_emoji should work with subfolder installs 2017-03-24 01:08:12 +01:00
Guo Xiang Tan
e7c972ac89 FIX: Don't use backticks that take in inputs. 2017-03-17 15:33:51 +08:00
Robin Ward
fffa285dbf Insert middleware in production mode if enabled 2017-01-18 18:05:56 -05:00
Robin Ward
adb73180f7 FEATURE: Let plugins register themes easily 2017-01-13 11:50:52 -05:00
Robin Ward
b60bc47a4c Plugins can register providers for global settings 2017-01-09 17:18:58 -05:00
Guo Xiang Tan
3909f342f6 FEATURE: Allow options to be set when adding model callbacks. 2016-11-21 10:20:31 +08:00
Sam
f4c754b389 FEATURE: split JavaScript application bundle, so plugins live in own file
This adds plugin.js and plugin_third_party.js files
2016-11-15 11:43:13 +11:00
Guo Xiang Tan
49c27d9a88 FEATURE: Add interface in Plugin::Instance to register a seedfu fixture. 2016-10-25 14:57:31 +08:00
Robin Ward
af266acac1 FIX: Plugin Custom emoji weren't working correctly on the server side 2016-07-22 12:59:43 -04:00
Robin Ward
c11f7bee99 FIX: Registering emoji via plugin.rb was broken 2016-07-21 14:15:51 -04:00
Robin Ward
b8261a662b FIX: siteSettings weren't getting applied to plugin auth 2016-07-13 16:11:48 -04:00
Robin Ward
b8125b3512 REFACTOR: Remove Discourse.Ajax 2016-07-11 12:57:05 -04:00
Robin Ward
56f07529bb REFACTOR: Migrate more legacy JS to ES6 2016-07-11 12:57:05 -04:00
Robin Ward
a546395397 REFACTOR: Migrate markdown functionality in ES6 2016-07-11 12:57:05 -04:00
Neil Lalonde
e5918c7d00 FEATURE: Merge tagging plugin into core 2016-04-27 11:58:53 -04:00
Robin Ward
1006b1ba94 Various Plugin Enhancements and Extension Points 2016-03-11 15:53:37 -05:00
Régis Hanol
fc27b7442f FIX: it should have been an array of arrays...:fired: 2015-11-06 15:42:16 +01:00
Régis Hanol
86f76e5b4d FIX: better plugin emojis API 2015-11-06 15:02:40 +01:00
Régis Hanol
13e96ffd3b FEATURE: add support for custom emojis via plugins 2015-11-05 17:25:26 +01:00
Neil Lalonde
abeac7f681 two more places: make it possible for plugins to add methods to classes that don't follow naming conventions 2015-11-04 14:53:45 -05:00
Robin Ward
c4b1b848bc More extension points for login buttons, used by OAuth2 plugin 2015-09-25 11:29:40 -04:00
Neil Lalonde
db1820f39c make it possible for plugins to add methods to classes that don't follow naming conventions 2015-09-14 16:10:54 -04:00
Robin Ward
42e510753d Support for Acceptance tests in plugins 2015-08-27 17:07:11 -04:00
Neil Lalonde
3faeeca5c8 FIX: plugins that use models in their initialize section might fail when bootstrapping a new database 2015-08-25 16:38:25 -04:00
Robin Ward
2b72bd3592 FIX: Missed incrementing idx 2015-08-21 11:39:40 -04:00
Robin Ward
37f2d8c73c Adds more helpers for plugin authors
`add_class_method` can be used to add a class method that only
executes when the plugin is enabled.

`add_model_callback` can be used to attach a callback to an
ActiveRecord model such as `before_save` that will only execute
when the plugin is enabled.
2015-08-21 11:29:45 -04:00
Robin Ward
7eb32be4de Add support for plugins to declare ES6 in the admin bundle 2015-08-17 15:03:55 -04:00
Kane York
af042ffe5e FEATURE: Per-plugin settings buttons, "Enabled" column
Also, added enabled_site_setting to the Poll plugin so it shows up properly.
2015-07-02 10:59:06 -07:00
Neil Lalonde
f1637fc11e FEATURE: plugins can register a custom admin quick start topic that will be seeded into new sites 2015-06-04 15:56:17 -04:00
Régis Hanol
86d7412f30 REFACTOR: rename "total_votes" poll field to the more accurate "voters"
FEATURE: automagically load plugin's migrations
2015-05-04 16:01:57 +02:00
Régis Hanol
724f4a1c55 FEATURE: automatically load plugin's rake tasks 2015-04-29 23:32:49 +02:00
Robin Ward
de42c627c5 Allow plugins to specify a minimum requires version 2015-04-27 13:07:12 -04:00
Régis Hanol
151dea4088 FIX: editing a poll/post with a poll wasn't working properly 2015-04-26 00:12:19 +02:00
Régis Hanol
8bda53a8cd FIX: compatibility issue with akismet plugin 2015-04-23 20:02:16 +02:00
Régis Hanol
a737090442 - FEATURE: revamped poll plugin
- add User.staff scope
- inject MessageBus into Ember views (so it can be used by the poll plugin)
- REFACTOR: use more accurate is_first_post? method instead of post_number == 1
- FEATURE: add support for JSON-typed custom fields
- FEATURE: allow plugins to add validation
- FEATURE: add post_custom_fields to PostSerializer
- FEATURE: allow plugins to whitelist post_custom_fields
- FIX: don't bump when post did not save successfully
- FEATURE: polls are supported in any post
- FEATURE: allow for multiple polls in the same post
- FEATURE: multiple choice polls
- FEATURE: rating polls
- FEATURE: new dialect allowing users to preview polls in the composer
2015-04-23 19:33:29 +02:00
Robin Ward
3d7b534564 FEATURE: New "Plugins" admin section with extensibility support 2015-02-06 17:33:24 -05:00
Robin Ward
25daca8f23 Helpers for plugins to support enabling/disabling 2015-02-04 16:23:56 -05:00
Robin Ward
530b20d339 Memoize readers for plugins to avoid nil checks 2015-02-04 16:23:55 -05:00
Robin Ward
4748b21c56 Allow us to extend serializers easily in a plugin 2015-01-12 10:53:08 -05:00
Robin Ward
57b89a2c7f Plugin stuff:
* Allow plugins to work with only autoloaded assets.
* Give a plugin outlet a class name based on its name if no view class
* Give the `topic-title` outlet a default class of `clear: both`
2014-12-30 16:29:28 -05:00
Régis Hanol
e6e7948617 FEATURE: support for emoji sets
Added following emoji sets
  - Apple/International
  - Emoji One (default)
  - Android/Google
  - Twitter

FIX: translations from plugins weren't properly merged with default translations
FEATURE: new 'site_setting_changed' event
2014-12-11 17:08:47 +01:00
Robin Ward
e76449d800 When using automatic file includes (es6, hbs) from plugins, allow the
asset pipeline to find new and deleted files with deleting the `tmp`
folder and restarting the server.
2014-12-09 15:23:14 -05:00
Robin Ward
663cd93c6d Move register_asset into PluginRegistry -- the logic works better
there.
2014-12-09 14:20:53 -05:00
Robin Ward
cebb47134f Automatically include all .hbs files from plugins 2014-12-09 12:16:47 -05:00
Robin Ward
f361adef44 Make plugin load order deterministic 2014-11-03 15:26:25 -05:00
Robin Ward
d0fb8bbcfc Instead of .js.handlebars use .hbs for handlebars templates 2014-09-26 15:23:15 -04:00
Sam
f1a28d62a3 FEATURE: support registration of custom html by plugins 2014-06-05 11:39:33 +10:00
Neil Lalonde
3e16ac62c3 Add register_color_scheme for plugins 2014-06-03 12:37:29 -04:00
Robin Ward
3f9c4100ef Many Plugin upgrades. 2014-06-03 10:33:47 -04:00
Vikhyat Korrapati
b9e15a240f Allow registering ES6 modules from plugins. 2014-05-15 23:44:30 +05:30
Benjamin Kampmann
64918c35f5 Improved Plugins SCSS management
- Moves the import of plugins for both mobile and desktop from common after discourse loading, allowing plugins to overwrite
 - Make desktop-option behave like the mobile-option: SCSS/CSS marked with that option will only be loaded for desktop from now on and ignored in mobile
 - Add variables-keyword, allowing plugins to ship and overwrite variables before they get imported by discourse (great for theming)
2014-04-25 18:25:45 +02:00
Sam
de9aa49b52 BUGFIX: default should register CSS for both mobile and desktop
If you want desktop only use :desktop option
2014-04-10 16:30:22 +10:00
Benjamin Kampmann
d22df7731d Allow plugins to ship custom styles only for mobile
- adds another :mobile-flag to register_assets
- adds test for plugin registering of assets
- load plugins when on desktop and plugins_mobile when on mobile
2014-04-07 16:33:35 +02:00
Benjamin Kampmann
e63b9b362e allow apps to give custom admin javascripts 2014-03-17 13:19:08 +01:00
Erik Ordway
34f9e17eac Allow plugins to specify the value used for require statements. This allows using forked gems in plugins until the original gem gets updated. 2014-02-11 15:53:54 -08:00
Shiv Kumar
c281dd2c1e sub space for underscore in 'name' when registering public folder in plugin 2014-01-17 15:35:52 -08:00
Sam
ce8bc3682f BUGFIX: do not install dependencies from plugin, must be explicit 2014-01-17 12:33:42 +11:00
Régis Hanol
9a3ce5f54f there is no need for that much $ 2014-01-06 14:02:42 +01:00
Régis Hanol
7fd88a52c9 FEATURE: allow plugins to overwrite handlebars templates 2013-12-31 16:43:29 +01:00
Sam
95cbcc198e FEATURE: add support for gem source in plugins 2013-12-31 09:58:58 +11:00
Sam
37267f36a6 we better rm on startup to work around jenkins messing it up, till I figure a cleaner way 2013-11-20 17:31:58 +11:00
Sam
8278fdb9dd relocate emoji plugin, stop pre-compiling assets 2013-11-20 14:38:21 +11:00
Régis Hanol
fcd85b8a72 allow plugins to be symlinked 2013-10-21 19:59:28 +02:00
Sam Saffron
964809f73b if we have not automatic assets, don't try deleting them 2013-09-20 14:39:14 -07:00
Robin Ward
e3a56864dd Changes to support Spoiler Alert plugin 2013-09-19 18:01:30 -07:00
Sam
6af1e12cc1 after_initialize callback for plugins 2013-09-17 10:24:15 +10:00
Sam
6d5e20fe4a plugins need paths too 2013-09-12 11:29:45 +10:00
Sam
afd1a3ac7b yeah ... we should be installing the gem :) 2013-08-26 13:52:15 +10:00
Sam
818bf1355d PluginStore for plugin specific bits of storage
Amended plugin interfaces so they work with the vk sample
2013-08-26 12:59:17 +10:00
Sam
213ce33af2 Fixed all broken specs
Moved middleware config into authenticators
2013-08-26 12:59:17 +10:00
Sam
075002a6d5 refactoring the plugin interfaces to allow for better extensible 2013-08-26 12:59:17 +10:00