Commit Graph

9632 Commits

Author SHA1 Message Date
Martin Brennan
ca26099a8d
UX: Add descriptions to auto groups and auto group indicator (#28630)
This commit adds a description for all the auto groups
which will be shown in the group list and show group
pages, which will help admins understand their purpose
better.

Also adds an indicator with a tooltip to explain what
the auto groups are on the group show page.
2024-08-30 10:52:34 +10:00
Discourse Translator Bot
68c9553251
Update translations (#28577) 2024-08-29 15:37:52 -04:00
David Taylor
c760b30190
DEV: Redirect /theme-tests to /theme-qunit (#28617)
The name `/theme-qunit` comes from the days when we served the main qunit tests at `/qunit`. Nowadays, with ember-cli, the core tests are on `/tests`, so `/theme-tests` makes more sense, and might be what people think to try.

Changing the name would be a fairly large refactor. But we can add a redirect very easily.
2024-08-29 09:48:47 +01:00
Jan Cernik
b092ccbdc5
UX: Add progress bar to the registration flow (#27694) 2024-08-28 08:43:39 -03:00
Gabriel Grubba
c8f5445030
Revert "DEV: Removal of create_post_for_category_and_tag_changes setting (#28…" (#28587)
This reverts commit fc33826dc5.
2024-08-27 16:19:51 -03:00
Osama Sayegh
da4657d7ec
DEV: Unhide the display_eu_visitor_stats setting (#28567)
Follow-up to 10ae7ef44a
2024-08-27 04:58:13 +03:00
Krzysztof Kotlarek
df6c152fa1
UX: flag settings tab to follow UI guidelines (#28479)
Add settings tab to flags moderation page.
2024-08-27 09:47:19 +10:00
Martin Brennan
a16faa27cd
FEATURE: Allow showing site text search in selected locale (#28453)
When searching for site texts for admin using the english
version of the text, previously we would show the english
version in the results _even if_ there was another locale
translated version available when a locale was selected
from the dropdown.

This commit adds a "Only show results in selected locale"
checkbox option which will instead make it so the results
shown are in the target locale, making it easier for translators
to tell when there is actually translations vs. missing tranlsations.
2024-08-26 11:25:36 +10:00
Osama Sayegh
bb04a1e0d3
DEV: Small copyedit to visitors stats notice (#28514) 2024-08-23 15:07:07 +03:00
Martin Brennan
e60b808f49
UX: Apply new admin UI guidelines to What's New (#28454) 2024-08-22 10:28:29 +10:00
Jan Cernik
5090a56aa2
UX: Show topic map in topics without replies by default (#28468) 2024-08-21 17:41:50 -03:00
Martin Brennan
9dd47ca755
UX: Fix restore info link on admin backups page (#28452)
Followup 1446596089

The link to inform admins that restore is disabled
was not correct. This fixes it and also changes it
to go to /admin/backups/settings
2024-08-21 13:23:24 +10:00
Osama Sayegh
10ae7ef44a
FEATURE: Add estimated number of global and EU visitors to the about page (#28382)
This commit implements 2 new metrics/stats in the /about page for the _estimated_ numbers of unique visitors from the EU and the rest of the world. This new feature is currently off by default, but it can be enabled by turning on the hidden `display_eu_visitor_stats` site settings via the rails console.

There are a number of assumptions that we're making here in order to estimate the number of unique visitors, specifically:

1. we're assuming that the average of page views per anonymous visitor is similar to the average number of page views that a logged-in visitor makes, and
2. we're assuming that the ratio of logged in visitors from the EU is similar to the ratio of anonymous visitors from the EU

Discourse keeps track of the number of both logged-in and anonymous page views, and also the number of unique logged-in visitors and where they're from. So with those numbers and the assumptions above, we can estimate the number of unique anonymous visitors from the EU and the rest of the world.

Internal topic: t/128480.
2024-08-21 00:03:42 +03:00
Tobias Eigen
5916eaac13
Update client.en.yml (#28442)
changed "contact us at email" to "contact email", which is shorter and reads well even if site is run by an individual.
2024-08-20 10:26:03 -07:00
Discourse Translator Bot
9f32bef544
Update translations (#28438) 2024-08-20 17:54:10 +02:00
Osama Sayegh
35b748e7f4
FIX: Don't show silence button on staff users and display similar users (#28423)
This commit fixes a bug where the silence button is incorrectly displayed on the admin page of a staff user. It's not actually possible to silence a staff user because the backend correctly prevents it, but the frontend isn't checking if the button should be displayed.

Another small bug that this commit fixes is the similar users list not showing up inside the silence/suspend modals due to also a bug in the frontend.

I've also changed the way similar users are loaded so that they're not returned by the `admin/users#show` endpoint anymore and moved them into a new endpoint that the penalize modals (suspend and silence) can call directly to retrieve the list of users. This is done because the similar users list is never shown on the admin user page (`/admin/users/:user_id/:username`); they're only needed when the suspend or silence modals are opened.

Internal topic: t/130014.
2024-08-20 15:27:29 +03:00
Martin Brennan
e9b427ff53
FEATURE: Change default for push_notification_time_window_mins (#28431)
Currently the push_notification_time_window_mins is set to 10
minutes by default. We want to change this to 1 minute, which is the
delay it has been set to on meta and our internal site already for over
a year now.

This conforms to the expectation users have that notifications are
delivered close to immediately.
2024-08-20 15:46:07 +10:00
Martin Brennan
1446596089
UX: Apply admin interface guidelines to Backups page (#28051)
This commit converts the Backups page in the admin interface
to follow our new admin interface guidelines.

As part of this work, I've also made `AdminPageHeader` and `AdminPageSubheader`
components that can be reused on any admin page for consistency, that handle
the title and action buttons and also breadcrumbs.

Also renamed `AdminPluginFilteredSiteSettings` to `AdminFilteredSiteSettings` since
it can be used generally to show a subset of filtered site settings, not only
settings for a plugin. Not sure if it's ideal to have to define a new route for this
for every config area, but not sure how else to do it right now.
2024-08-20 09:59:43 +10:00
David Taylor
e8308f783d
DEV: Skip unnecessary work when booting dev server on linux (#28401)
The Listen gem watches recursively, which has a cost per-file on Linux (via rb-inotify). This commit skips a bunch of unnecessary directories to reduce the startup cost.
2024-08-16 16:05:41 +01:00
Guhyoun Nam
9c1812e071
FEATURE: add system_user_max_attachment_size_kb site setting (#28351)
* System user attachment size WIP

* spec check

* controller update

* add max to system_user_max_attachment_size_kb

* DEV: update to use static method for `max_attachment_size_for_user`

add test to use large image.
add check for failure.

* DEV: update `system_user_max_attachment_size_kb` default value to 0

remove unecessary test.
update tests to reflect the new default value of `system_user_max_attachment_size_kb`

* DEV: update maximum_file_size to check when is an attachment made by a system user

Add tests for when `system_user_max_attachment_size_kb` is over and under the limit
Add test for checking interaction with `max_attachment_size_kb`

* DEV: move `max_attachment_size_for_user` to private methods

* DEV: turn `max_attachment_size_for_user` into a static method

* DEV: typo in test case

* DEV: move max_attachment_size_for_user to private class method

* Revert "DEV: move max_attachment_size_for_user to private class method"

This reverts commit 5d5ae0b715.

---------

Co-authored-by: Gabriel Grubba <gabriel@discourse.org>
2024-08-16 11:03:39 -03:00
Osama Sayegh
a92cf019db
FIX: Make cancel and reset buttons work for file_size_restriction settings (#28347)
This commit fixes a number of bugs in `file_size_restriction` settings and does a little of refactoring to reduce duplicated code in site setting types (the refactoring is necessary to fix one of the bugs).

The bugs in `file_size_restriction` settings that are fixed in this commit:

1. Save/cancel buttons next to a `file_size_restriction` setting are shown upon navigating to the settings page without changes being made to the setting
2. Cancel button that discards changes made to the setting doesn't work
3. Reset button that resets the setting to its default doesn't work
4. Validation error message isn't cleared when resetting/cancelling changes

To repro those bugs, navigate to `/admin/site_settings/category/files` and observe the top 2 settings in the page (`max image size kb` and `max attachment size kb`).

Internal topic: t/134726.
2024-08-15 19:38:47 +03:00
Gabriel Grubba
fc33826dc5
DEV: Removal of create_post_for_category_and_tag_changes setting (#28321)
* DEV: Removal of create_post_for_category_and_tag_changes setting

reverting commit: #65f35e1
and adding a migration to remove the setting
ref: t/132320

* DEV: change checks for zeros to check for nils

* DEV: remove create_post_for_category_and_tag_changes migration file

If anything goes wrong, we can always revert back to the previous state.
2024-08-14 12:12:21 -03:00
Discourse Translator Bot
5c5cf491b2
Update translations (#28364) 2024-08-14 08:10:44 +02:00
Alan Guo Xiang Tan
10ff0ee0cc
FIX: Ensure we dispose of MiniRacer::Context before forking daemons (#28361)
This commit updates `Demon::Base#start` to call `Discourse.before_fork`
before forking. According to the docs in `mini_racer`, we need to
"Dispose manually of all MiniRacer::Context objects prior to forking".

This commit is motivated by a segmentation fault which we are seeing in
production when killing a daemon process. Backtrace of the core dump
includes traces of `mini_racer` so we think this is the cause. Note that
we are not 100% sure if this will fix the issue.
2024-08-14 12:45:34 +08:00
Krzysztof Kotlarek
e82e255531
FIX: serialize Flags instead of PostActionType (#28362)
### Why?
Before, all flags were static. Therefore, they were stored in class variables and serialized by SiteSerializer. Recently, we added an option for admins to add their own flags or disable existing flags. Therefore, the class variable had to be dropped because it was unsafe for a multisite environment. However, it started causing performance problems. 

### Solution
When a new Flag system is used, instead of using PostActionType, we can serialize Flags and use fragment cache for performance reasons. 

At the same time, we are still supporting deprecated `replace_flags` API call. When it is used, we fall back to the old solution and the admin cannot add custom flags. In a couple of months, we will be able to drop that API function and clean that code properly. However, because it may still be used, redis cache was introduced to improve performance.

To test backward compatibility you can add this code to any plugin
```ruby
  replace_flags do |flag_settings|
    flag_settings.add(
      4,
      :inappropriate,
      topic_type: true,
      notify_type: true,
      auto_action_type: true,
    )
    flag_settings.add(1001, :trolling, topic_type: true, notify_type: true, auto_action_type: true)
  end
```
2024-08-14 12:13:46 +10:00
Discourse Translator Bot
05e120a9f2
Update translations (#28246) 2024-08-13 16:31:24 +02:00
Krzysztof Kotlarek
559c9dfe0a
REVERT: FIX: serialize Flags instead of PostActionType (#28334) 2024-08-13 18:32:11 +10:00
Krzysztof Kotlarek
094052c1ff
FIX: serialize Flags instead of PostActionType (#28259)
### Why?
Before, all flags were static. Therefore, they were stored in class variables and serialized by SiteSerializer. Recently, we added an option for admins to add their own flags or disable existing flags. Therefore, the class variable had to be dropped because it was unsafe for a multisite environment. However, it started causing performance problems. 

### Solution
When a new Flag system is used, instead of using PostActionType, we can serialize Flags and use fragment cache for performance reasons. 

At the same time, we are still supporting deprecated `replace_flags` API call. When it is used, we fall back to the old solution and the admin cannot add custom flags. In a couple of months, we will be able to drop that API function and clean that code properly. However, because it may still be used, redis cache was introduced to improve performance.

To test backward compatibility you can add this code to any plugin
```ruby
  replace_flags do |flag_settings|
    flag_settings.add(
      4,
      :inappropriate,
      topic_type: true,
      notify_type: true,
      auto_action_type: true,
    )
    flag_settings.add(1001, :trolling, topic_type: true, notify_type: true, auto_action_type: true)
  end
```
2024-08-13 11:22:37 +10:00
Jan Cernik
5b78bbd138
DEV: Convert account activation pages to use Ember (#28206) 2024-08-12 18:02:00 -03:00
Jan Cernik
043fc0a117
UX: Small topic map improvements and fixes (#28215) 2024-08-12 15:37:05 -03:00
Osama Sayegh
1d6e54e54c
DEV: Add admins and moderators sections to the redesigned /about page (#28273)
This commit continues on work laid out by 6039b513fe to redesign the /about page. In this commit, we add sections for showing the site admins and moderators.

The lists of admins and moderators display the 10 most recently seen admins/moderators, with a button to display the rest of admins or moderators. Admins or moderators that have not logged in to the site in the last year will not be shown. Clicking on an admin's or moderator's name/avatar will show their user card.
2024-08-12 16:23:44 +03:00
Loïc Guitaut
84823550d4 DEV: Enable Rails 7.1 defaults 2024-08-12 10:41:13 +02:00
Penar Musaraj
7c5e3eacda
FEATURE: "Hot" replacing "Top" as default in the top menu (#28252)
This change only applies to instances that have not modified the
`top_menu` site setting.
2024-08-08 13:57:42 -04:00
Kris
0c0f9e4a0d
UX: smaller modal headings, shorter flag mdoal title (#28278) 2024-08-08 12:18:20 -04:00
Alan Guo Xiang Tan
4c0af24173
DEV: Log a warning message when a MiniScheduler scheduled job is stuck (#28258)
This commit adds a `MiniSchedulerLongRunningJobLogger` class which will
poll every 60 seconds for mini_scheduler jobs which are stuck. When it
detects that a job is stuck, it will log a warning message with the
current backtrace of the thread that is executing the job.

Note that for scheduled jobs which are executed at a frequency of less
than 30 minutes, we will log when the job has been executing for 30
minutes.

For scheduled jobs executed at a frequency of less than 2 hours, we will
log when the job has been executing for a duration greater than its
specified frequency.

For scheduled jobs executed at a frequency greater than 2 hours, we will
log as long as the job has been executing for more than 2 hours.
2024-08-08 12:20:16 +08:00
Penar Musaraj
9d00871a67
UX: Change bookmark menu label from "Custom..." to "More options…" (#28266) 2024-08-07 17:57:18 -04:00
carson chang
854b8b7093
FEATURE: Add option to immediately delete stub topics upon merge (#28228)
Currently to handle stub topics after merging, there are only options to (1) never delete a stub topic and (2) delete a stub topic after X amount of days. This adds the option to immediately delete a stub topic upon merge.

---------

Co-authored-by: Mark VanLandingham <markvanlan@gmail.com>
Co-authored-by: Renato Atilio <renato@discourse.org>
2024-08-07 10:05:40 -03:00
Osama Sayegh
5dbf812d32
DEV: Add site age and site activities section to the redesigned about page (#28214)
This commit continues on work laid out by 6039b513fe to redesign the /about page. In this commit, we add the site age and a section on the right hand side to show site activities/statistics such as topics, posts, sign-ups, likes etc.
2024-08-07 11:11:41 +03:00
Krzysztof Kotlarek
fc2259d1c8
FIX: limit the number of custom flags to 50 (#28221)
Admin can create up to 50 custom flags. It is limited for performance reasons.

When the limit is reached "Add button" is disabled and backend is protected by guardian.
2024-08-06 10:50:12 +10:00
Alan Guo Xiang Tan
2492fe7715
FIX: Set sane default for Net::HTTP when processing a request (#28141)
This commit patches `Net::HTTP` to reduce the default timeouts of 60
seconds when we are processing a request. There are certain routes in
Discourse which makes external requests and if the proper timeouts are
not set, we risk having the Unicorn master process force restarting the
Unicorn workers once the `30` seconds timeout is reached. This can
potentially become a vector for DoS attacks and this commit is aimed at
reducing the risk here.
2024-08-06 07:12:42 +08:00
David Taylor
595c43c5e5
DEV: Enable glimmer header by default (#28222)
https://meta.discourse.org/t/316549
2024-08-05 12:08:52 +01:00
Krzysztof Kotlarek
300ef67481
UX: move admin flag form to form-kit (#28187)
Rewrite the admin flag form to use FormKit. This is a draft because waiting for Checkbox improvements.
2024-08-05 11:01:25 +10:00
Sérgio Saquetim
4167862a05
DEV: Catch transformer errors and improve warnings (#28205) 2024-08-02 15:58:13 -03:00
Blake Erickson
6ee6b1f1d1
DEV: Add validation for allowed iframes setting (#28178)
- Adds a validator for the allowed iframes site setting
- Adds a migration to update any values that don't pass the validator

Follow up to: 188cb58daa
2024-08-01 06:51:02 -06:00
Joffrey JAFFEUX
9383143bc6
FIX: system badges can be disabled (#28169)
A previous commit mistakenly assumed system badges couldn't be disabled.
2024-07-31 15:28:59 +02:00
Discourse Translator Bot
1e76fbe207
Update translations (#28146) 2024-07-31 00:14:19 +02:00
Natalie Tay
188cb58daa
SECURITY: Fixes for main (#28137)
* SECURITY: Update default allowed iframes list

Change the default iframe url list to all include 3 slashes.

* SECURITY: limit group tag's name length

Limit the size of a group tag's name to 100 characters.

Internal ref - t/130059

* SECURITY: Improve sanitization of SVGs in Onebox

---------

Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>
Co-authored-by: Régis Hanol <regis@hanol.fr>
Co-authored-by: David Taylor <david@taylorhq.com>
2024-07-30 14:19:01 +08:00
Martin Brennan
2d5f323ca3
DEV: Move config area site setting fetch into new controller (#28136)
Followup 4aea12fdcb

In certain config areas (like About) we want to be able
to fetch specific site settings by name. In this case,
sometimes we need to be able to fetch hidden settings,
in cases where a config area is still experimental.

Splitting out a different endpoint for this purpose
allows us to be stricter with what we return for config
areas without affecting the main site settings UI, revealing
hidden settings before they are ready.
2024-07-30 15:41:28 +10:00
Loïc Guitaut
9c57be6403 DEV: Update Ruby I18n pluralization rules
The current pluralization rules used by the I18n system in Ruby are
obsolete and don’t follow the official rules available at
unicode.org/cldr/charts/45/supplemental/language_plural_rules.html.

Using https://github.com/ruby-i18n/ruby-cldr, new and updated ones have
been generated.
2024-07-29 15:44:52 +02:00
Loïc Guitaut
fbf6bf6243 FIX: Don't escape MF variables in HTML links
We have some MF strings that are outputting HTML tags (typically links)
and their attributes are using single quotes. The problem is that with
the current implementation of MessageFormat, single quotes act as an
escaping mechanism for special characters like `{`. This then prevents
from interpolating some variables in the strings.

This patch addresses that issue by using double quotes instead,
restoring the expected behavior.
2024-07-29 15:30:52 +02:00
Discourse Translator Bot
f5fc49f5db
Update translations (#28115)
* Update translations

* DEV: Spec failed because of translation update

---------

Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
2024-07-29 15:16:40 +02:00
Ted Johansson
3126c50baa
DEV: Update member access wizard step to use toggle group (#28013)
We want to change the design of the "member experience" step of the wizard from using checkbox switches to using radio toggle groups.
2024-07-29 14:07:06 +08:00
Krzysztof Kotlarek
2a9dcade0a
UX: group admin new features by month (#28106)
Display new features grouped by month and show additional information about the version.
2024-07-29 14:20:12 +10:00
David McClure
912950c59b
DEV: improve copy for self wiki groups (#28105) 2024-07-27 22:09:05 -04:00
Osama Sayegh
7cc0f26292
DEV: Migrate about config area to Form Kit (#28021)
Form Kit is our new form library/framework for unifying the way forms look across Discourse. The admin config area for the /about page is a new form that isn't currently used, so it makes sense for it to be one of the first forms to be migrated to Form Kit to test the library.

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2024-07-25 19:07:38 +03:00
David McClure
45f6bc0093
DEV: Add missing comma to warning string (#28081)
@discourse-translator-bot keep_translations
2024-07-25 10:43:31 -04:00
Joffrey JAFFEUX
eec1b39baf
FIX: better copy for one entry (#28082)
If only one badge has not been awarded, the rest of the string doesn’t make sense:

> Due to the large number of unmatched entries, only the first 100 are shown:

As we are going to show only 1 anyways.
2024-07-25 16:12:13 +02:00
Joffrey JAFFEUX
e3f03c74c4
FIX: missing ? in plural translation (#28079) 2024-07-25 16:05:19 +02:00
Jan Cernik
f7d1b9cf67
UX: Allow adding content inline to the topic map (#28053) 2024-07-25 10:46:52 -03:00
Krzysztof Kotlarek
205a2bf0d6
DEV: show admin moderation flags UI (#28071)
The page was hidden behind a feature flag in this PR https://github.com/discourse/discourse/pull/27756

It is now in a shippable state.
2024-07-25 15:24:17 +10:00
Vinoth Kannan
d681decf01
FEATURE: use new site setting for onebox custom user agent. (#28045)
Previously, we couldn't change the user agent name dynamically for onebox requests. In this commit, a new hidden site setting `onebox_user_agent` is created to override the default user agent value specified in the [initializer](c333e9d6e6/config/initializers/100-onebox_options.rb (L15)).

Co-authored-by: Régis Hanol <regis@hanol.fr>
2024-07-24 04:45:30 +05:30
Discourse Translator Bot
5b5d5b4b4a
Update translations (#28041) 2024-07-23 15:23:42 +02:00
锦心
a749387c80
FEATURE: Clean up previously logged information after permanently deleting posts (#28033)
* FEATURE: Clean up previously logged information after permanently deleting posts

When soft deleteing a topic or post, we will log some details in the
staff log, including the raw content of the post. Before this commit, we
will not clear the information in these records. Therefore, after
permanently deleting the post, `UserHistory` still retains copy of the
permanently deleted post. This is an unexpected behaviour and may raise
some potential legal issues.

This commit adds a behavior that when a post is permanently deleted, the
details column of the `UserHistory` associated with the post will be
overwritten to "(permanently deleted)". At the same time, for permanent
deletion, a new `action_id` is introduced to distinguish it from soft
deletion.

Related meta topic: https://meta.discourse.org/t/introduce-a-way-to-also-permanently-delete-the-sensitive-info-from-the-staff-logs/292546
2024-07-23 15:27:11 +08:00
Martin Brennan
fc09236c0c
UX: FormKit error message followup (#28009)
We don't need this extra description, whole number
should be enough
2024-07-23 11:40:20 +10:00
Martin Brennan
0b413e2aa1
FEATURE: Use new topic bulk actions menu for all sites (#28003)
This commit promotes the new topic bulk action
menu introduced in 89883b2f51
to the main method of bulk selecting and performing
actions on topics. The site setting flag gating this
feature is deleted, and the old bulk select code is
deleted as well.

The new modal shows a loading spinner while operations
are taking place, allows selecting the action from a dropdown
instead of having a 2-step modal flow,
and also supports additional options for some operations, e.g.
allowing Close silently.
2024-07-23 11:39:27 +10:00
Jan Cernik
a027ec4663
UX: Merge the simplified topic map (#27964)
Replaces the existing topic map with the experimental-topic-map made by @awesomerobot.

---------

Co-authored-by: awesomerobot <kris.aubuchon@discourse.org>
2024-07-22 19:42:29 -03:00
Osama Sayegh
6039b513fe
DEV: Initial parts for a redesigned /about page (#27996)
This commit introduces the foundation for a new design for the /about page that we're currently working on.  The current version will remain available and still be the default until we finish the new version and are ready to roll out. To opt into the new version right now, add one or more group to the `experimental_redesigned_about_page_groups` site setting and members in those groups will get the new version.

Internal topic: t/128545.
2024-07-23 01:35:18 +03:00
Alan Guo Xiang Tan
5105fce899
DEV: Recover @timestamp in unicorn logs when logstash logger is enabled (#28008)
This is a regression introduced in 28f5550886
2024-07-22 15:21:41 +08:00
Martin Brennan
5ac8888980
UX: Change copy for FormKit "not an integer" error (#28006)
Most people will not know what an integer is,
refer to this as a whole number for the human-readable
error message.
2024-07-22 09:00:18 +02:00
锦心
199f980e6a
FEATURE: Add creator and logging for CustomEmoji (#28004)
* FEATURE: Add logging for CustomEmoji

We didn't provide any logs for CustomEmoji before, nor did we record the
person who added any emoji in the database. As a result, the staff had
no way to trace back who added a certain emoji.

This commit adds a new column `user_id` to `custom_emojis` to record the
creator of an emoji. At the same time, a log is added for staff logs to
record who added or deleted a custom emoji.
2024-07-22 14:44:49 +08:00
Joffrey JAFFEUX
b10b485572
DEV: adds an integer validation rule to form-kit (#27985)
Usage:

```
@validation="integer"
```

This commit also adds a default for rules. By default a rule will now be `ruleName: {}`, this avoids all the boilerplate in validation-parser.js.
2024-07-19 12:39:26 +02:00
Martin Brennan
f5cbc3e3b8
FEATURE: Allow oneboxing private GitHub repo URLs and add private indicator to HTML (#27947)
Followup 560e8aff75

The linked commit allowed oneboxing private GitHub PRs,
issues, commits, and so on, but it didn't actually allow
oneboxing the root repo e.g https://github.com/discourse/discourse-reactions

We didn't have an engine for this, we were relying on OpenGraph
tags on the HTML rendering of the page like we do with other
oneboxes.

To fix this, we needed a new github engine for repos specifically.

Also, this commit adds a `data-github-private-repo` attribute to
PR, issue, and repo onebox HTML so we have an indicator of
whether the repo was private, which can be used for theme components
and so on.
2024-07-19 12:21:45 +10:00
Martin Brennan
48d13cb231
UX: Use a dropdown for SSL mode for group SMTP (#27932)
Our old group SMTP SSL option was a checkbox,
but this was not ideal because there are actually
3 different ways SSL can be used when sending
SMTP:

* None
* SSL/TLS
* STARTTLS

We got around this before with specific overrides
for Gmail, but it's not flexible enough and now people
want to use other providers. It's best to be clear,
though it is a technical detail. We provide a way
to test the SMTP settings before saving them so there
should be little chance of messing this up.

This commit also converts GroupEmailSettings to a glimmer
component.
2024-07-18 10:33:14 +10:00
Martin Brennan
9a0e8fc100
DEV: Hide IMAP site settings (#27948)
We are removing support for IMAP, hiding these site
settings is the first step.

c.f. https://meta.discourse.org/t/imap-support-for-group-inboxes/160588/39
2024-07-18 10:22:09 +10:00
Krzysztof Kotlarek
c975c7fe1b
FEATURE: custom flag can require additional message (#27908)
Allow admin to create custom flag which requires an additional message.

I decided to rename the old `custom_flag` into `require_message` as it is more descriptive.
2024-07-18 10:10:22 +10:00
Discourse Translator Bot
6dd09b0868
Update translations (#27936)
* Update translations

* DEV: Spec failed after recent translation changes

---------

Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
2024-07-17 15:49:33 +02:00
chapoi
2ca06ba236
DEV: form-kit
This PR introduces FormKit, a component-based form library designed to simplify form creation and management. This library provides a single `Form` component, various field components, controls, validation mechanisms, and customization options. Additionally, it includes helpers to facilitate testing and writing specifications for forms.

1. **Form Component**:
   - The main component that encapsulates form logic and structure.
   - Yields various utilities like `Field`, `Submit`, `Alert`, etc.

   **Example Usage**:
   ```gjs
   import Form from "discourse/form";

   <template>
     <Form as |form|>
       <form.Field
         @name="username"
         @title="Username"
         @validation="required"
         as |field|
       >
         <field.Input />
       </form.Field>

       <form.Field @name="age" @title="Age" as |field|>
         <field.Input @type="number" />
       </form.Field>

       <form.Submit />
     </Form>
   </template>
   ```

2. **Validation**:
   - Built-in validation rules such as `required`, `number`, `length`, and `url`.
   - Custom validation callbacks for more complex validation logic.

   **Example Usage**:
   ```javascript
   validateUsername(name, value, data, { addError }) {
     if (data.bar / 2 === value) {
       addError(name, "That's not how maths work.");
     }
   }
   ```

   ```hbs
   <form.Field @name="username" @validate={{this.validateUsername}} />
   ```

3. **Customization**:
   - Plugin outlets for extending form functionality.
   - Styling capabilities through propagated attributes.
   - Custom controls with properties provided by `form` and `field`.

   **Example Usage**:
   ```hbs
   <Form class="my-form" as |form|>
     <form.Field class="my-field" as |field|>
       <MyCustomControl id={{field.id}} @onChange={{field.set}} />
     </form.Field>
   </Form>
   ```

4. **Helpers for Testing**:
   - Test assertions for form and field validation.

   **Example usage**:
   ```javascript
   assert.form().hasErrors("the form shows errors");
   assert.form().field("foo").hasValue("bar", "user has set the value");
   ```

   - Helper for interacting with he form

   **Example usage**:
   ```javascript
   await formKit().field("foo").fillIn("bar");
   ```

5. **Page Object for System Specs**:
   - Page objects for interacting with forms in system specs.
   - Methods for submitting forms, checking alerts, and interacting with fields.

   **Example Usage**:
   ```ruby
   form = PageObjects::Components::FormKit.new(".my-form")
   form.submit
   expect(form).to have_an_alert("message")
   ```

   **Field Interactions**:
   ```ruby
   field = form.field("foo")
   expect(field).to have_value("bar")
   field.fill_in("bar")
   ```


6. **Collections handling**:
   - A specific component to handle array of objects

   **Example Usage**:
   ```gjs
    <Form @data={{hash foo=(array (hash bar=1) (hash bar=2))}} as |form|>
      <form.Collection @name="foo" as |collection|>
        <collection.Field @name="bar" @title="Bar" as |field|>
          <field.Input />
        </collection.Field>
      </form.Collection>
    </Form>
   ```
2024-07-17 11:59:35 +02:00
锦心
600f2854c7
FEATURE: Log topic slow mode changes (#27934)
Previously, we did not log any topic slow mode changes. This allowed
some malicious (or just careless) TL4 users to delete slow modes created
by moderators at will. Administrators could not see who changed the slow
mode unless they had SQL knowledge and used Data Explorer.

This commit enables logging who turns slow mode on, off, or changes it.

Related meta topic: https://meta.discourse.org/t/why-is-there-no-record-of-who-added-or-removed-slow-mode/316354
2024-07-16 17:08:09 +08:00
锦心
3bc459e178
FIX: Add plural definitions for Hungarian (#27933)
Hungarian actually has a plural form (See: https://meta.discourse.org/t/issue-with-pluralized-count-translation-override/316019/8)

In a past commit we introduced an external JS library to describe the
plural form of the language. (301713ef96)
But this JS library actually has a slightly different pluralization
definition than what we use in the backend (plurals.rb). ruby-i18n
incorrectly assumes that Hungarian does not have plural forms.
This resulted in singular text being used on the front end for
Hungarian, but admins were unable to find and edit the singular text in
customization.

This commit adds a singular definition for Hungarian to the backend,
compatible with the  "make-plural/cardinals" library, thus fixing the
above issue.
2024-07-16 15:17:18 +08:00
Martin Brennan
00608a19c6
FIX: Show the SMTP authentication error for group UI (#27914)
Originally in 964da21817
we hid the SMTPAuthenticationError message except in
very specific cases. However this message often contains
helpful information from the mail provider, for example
here is a response from Office365:

> 535 5.7.139 Authentication unsuccessful, user is locked by your
organization's security defaults policy. Contact your administrator.

So, we will show the error message in the modal UI instead
of supressing it with a generic message to be more helpful.
2024-07-16 09:14:17 +10:00
Krzysztof Kotlarek
25485bddee
FIX: refresh flags cache after update (#27909)
`after_commit` should be used before refreshing processes to be sure that the database is already updated.

Also, MessageBus is used instead of events as MessageBus works correctly with many processes;
2024-07-15 19:45:25 +10:00
Ted Johansson
cf5174da69
FIX: Fix broken out of date themes admin notice (#27916)
The OutOfDateThemes problem check is using an old method of setting the message, by overriding #message. It should instead use #translation_keys. (By chance I noticed the same thing applies to UnreachableThemes.
2024-07-15 16:12:44 +08:00
Martin Brennan
97e2b353f6
FEATURE: Allow for multiple GitHub onebox tokens (#27887)
Followup 560e8aff75

GitHub auth tokens cannot be made with permissions to
access multiple organisations. This is quite limiting.
This commit changes the site setting to be a "secret list"
type, which allows for a key/value mapping where the value
is treated like a password in the UI.

Now when a GitHub URL is requested for oneboxing, the
org name from the URL is used to determine which token
to use for the request.

Just in case anyone used the old site setting already,
there is a migration to create a `default` entry
with that token in the new list setting, and for
a period of time we will consider that token valid to
use for all GitHub oneboxes as well.
2024-07-15 13:07:36 +10:00
Krzysztof Kotlarek
9e4e591d60
Revert "FEATURE: custom flag can require additional message (#27706)" (#27906)
This reverts commit c0bcd979e3.
2024-07-15 09:45:57 +10:00
Krzysztof Kotlarek
c0bcd979e3
FEATURE: custom flag can require additional message (#27706)
Allow admin to create custom flag which requires an additional message.

I decided to rename the old `custom_flag` into `require_message` as it is more descriptive.
2024-07-15 08:48:01 +10:00
Amanda Alves Branquinho
7f0e6e9592
FIX: Allow error handling for formats besides JSON (#27811)
* Allow error handling for formats besides JSON

* Add a test and sets the default format as JSON
2024-07-11 11:59:00 -03:00
Keegan George
3978db0811
DEV: Add missing Chinese simplified to names.yml (#27847) 2024-07-11 07:54:45 -07:00
moin-Jana
c36fc86a2e
DEV: Correctly pluralize string (#27850) 2024-07-11 14:39:40 +02:00
Kris
5b73322c41
A11Y: improve topic entrance aria-label, title (#27842)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-07-10 14:15:14 -04:00
Kris
0e3ed7ea2a
A11Y: improve topic list table markup for screenreaders (#27808)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-07-10 13:14:36 -04:00
Loïc Guitaut
ab99f31760 DEV: Fix the I18n integrity spec
Before Rails 7.1, the `config.i18n.raise_on_missing_translations` option
was raising only in controllers and views, now it’s anywhere in the app.
It means it raises each time `#description` is called for a setting that
is missing a proper description (and we have a ton of them). Most of the
time it’s fine, as those are usually settings that aren’t shown to the
user.

We can’t just let the code blow up every time there’s a setting with a
missing description, that’s why it’s currently returning an empty
string when the translation is missing.

However, this silently broke our I18n integrity spec that was relying on
the old “Translation missing” message to detect missing translations.

This patch addresses this issue by checking the description isn’t an
empty string. It caught a missing translation by the way.
2024-07-10 11:39:13 +02:00
Régis Hanol
758b9dd0ba
FEATURE: email attachments in a details (#27804)
This change how we present attachments from incoming emails to now be "hidden" in a "[details]" so they don't "hang" at the end of the post.

This is especially useful when using Discourse as a support tool where email is the main communication channel. For various reasons, images are often duplicated by email user agents, and hiding them behind the details block help keep the conversation focused on the isssue at hand.

Internal ref t/122333
2024-07-10 09:59:27 +02:00
Martin Brennan
560e8aff75
FEATURE: Allow oneboxing private GitHub URLs (#27705)
This commit adds the ability to onebox private GitHub
commits, pull requests, issues, blobs, and actions using
a new `github_onebox_access_token` site setting. The token
must be set up in correctly to have access to the repos needed.

To do this successfully with the Oneboxer, we need to skip
redirects on the github.com host, otherwise we get a 404
on the URL before it is translated into a GitHub API URL
and has the appropriate headers added.
2024-07-10 09:39:31 +10:00
Discourse Translator Bot
dd67375de7
Update translations (#27790) 2024-07-09 23:12:03 +02:00
Martin Brennan
7a7bdc9be5
FEATURE: Use group based setting for unsafe-none COOP (#27783)
Followup 3ff7ce78e7

Basing this setting on referrer was too brittle --
the referrer header can easily be ommitted or changed.
Instead, for the small amount of use cases that this
site setting serves, we can use a group-based setting
instead, changing it to `cross_origin_opener_unsafe_none_groups`
instead.
2024-07-09 11:25:49 -05:00
Martin Brennan
e58cf24fcc
FEATURE: Topic view stats report (#27760)
Adds a report to show the top 100 most viewed topics in a date range,
combining logged in and anonymous views. Can be filtered by category.

This is a followup to 527f02e99f
and d1191b7f5f. We are also going to
be able to see this data in a new topic map, but this admin report
helps to see an overview across the forum for a date range.
2024-07-09 15:39:10 +10:00
Alan Guo Xiang Tan
86e5f46175
DEV: Add hidden s3_inventory_bucket_region site setting (#27786)
This commit adds a hidden `s3_inventory_bucket_region` site setting to
specify the region of the `s3_inventory_bucket` when the `S3Inventory`
class initializes an instance of the `S3Helper`. By default, the
`S3Helper` class uses the value of the `s3_region` site setting but the
region of the `s3_inventory_bucket` is not always the same as the
`s3_region` configured.
2024-07-09 12:03:43 +08:00
Alan Guo Xiang Tan
c0ac15575f
DEV: Drop logging_provider site setting (#27785)
This site setting has always been experimental and hidden since it was
added 7 years ago. Drop it to simplify the way we enable logging in a
logstash friendly way.
2024-07-09 10:00:44 +08:00
Alan Guo Xiang Tan
3aaece3235
DEV: Unsubscribe from ActionView log events when lograge is enabled. (#27763)
This commit updates the `101-lograge` initializer to unsubscribe from
log events logged by `ActionView::LogSubscriber`. This is what the `lograge`
gem has been doing but its implementation is not compatible with Rails
7.1 and we started getting noise in our logs when lograge is enabled.
2024-07-09 09:25:46 +08:00
Guhyoun Nam
784c04ea81
FEATURE: Add Mechanism to redeliver all failed webhook events (#27609)
Background:
In order to redrive failed webhook events, an operator has to go through and click on each. This PR is adding a mechanism to retry all failed events to help resolve issues quickly once the underlying failure has been resolved.

What is the change?:
Previously, we had to redeliver each webhook event. This merge is adding a 'Redeliver Failed' button next to the webhook event filter to redeliver all failed events. If there is no failed webhook events to redeliver, 'Redeliver Failed' gets disabled. If you click it, a window pops up to confirm the operator. Failed webhook events will be added to the queue and webhook event list will show the redelivering progress. Every minute, a job will be ran to go through 20 events to redeliver. Every hour, a job will cleanup the redelivering events which have been stored more than 8 hours.
2024-07-08 15:43:16 -05:00
Alan Guo Xiang Tan
28f5550886
DEV: Redo DiscourseLogstashLogger to not rely on logstash-logger (#27759)
This reverts commit 92d7d24d0f.
2024-07-08 14:03:11 +08:00
Martin Brennan
df6f950200
DEV: Hide admin Moderation Flags UI behind feature flag for now (#27756)
Adds experimental_flags_admin_page_enabled_groups (default "")
to remove the Moderation Flags link from the admin sidebar for now,
there are still a few bugfixes that need to be done before we
are comfortable with turning this on more widely. This is
a _temporary_ flag, we will be removing this once the feature
is more stable.
2024-07-08 11:09:30 +10:00
Alan Guo Xiang Tan
5ca2c8b8ac
DEV: Remove noise from Rails::Rack::Logger after Rails 7.1 upgrade (#27731)
This commit monkey patches `Rails::Rack::Logger` to not log reqeust
information like `Started GET "/service-worker.js" for 127.0.0.1 at 2024-07-05 15:28:12 +0800`
when lograge is enabled. This was previously excluded by a monkey patch
in the `lograge` gem but that monkey patch has since broke and the gem
is unmaintained.
2024-07-08 08:42:58 +08:00
Sérgio Saquetim
b36cbc7d21
DEV: Untangle the admin sidebar from the sidebar code (#27640) 2024-07-05 13:11:15 -03:00
Alan Guo Xiang Tan
92d7d24d0f
Revert "DEV: Redo DiscourseLogstashLogger to not rely on logstash-logger (#27663)" (#27733)
This reverts commit 8e10878e1a.

Something is broken on a friday so reverting first before I pick this up
again next Monday.
2024-07-05 17:26:58 +08:00
Alan Guo Xiang Tan
8e10878e1a
DEV: Redo DiscourseLogstashLogger to not rely on logstash-logger (#27663)
This commit rewrites `DiscourseLogstashLogger` to not be an instance
of `LogstashLogger`. The reason we don't want it to be an instance of
`LogstashLogger` is because we want the new logger to be chained to
Logster's logger which can then pass down useful information like the
request's env and error backtraces which Logster has already gathered.

Note that this commit does not bother to maintain backwards
compatibility and drops the `LOGSTASH_URI` and `UNICORN_LOGSTASH_URI`
ENV variables which were previously used to configure the destination in
which `logstash-logger` would send the logs to. Instead, we introduce
the `ENABLE_LOGSTASH_LOGGER` ENV variable to replace both ENV and remove
the need for the log paths to be specified. Note that the previous
feature was considered experimental as stated in d888d3c54c
and the new feature should be considered experimental as well. The code
may be moved into a plugin in the future.
2024-07-05 09:41:52 +08:00
Jan Cernik
0d608ceff8
UX: Registration design and validation improvements (#27666) 2024-07-04 09:17:07 -03:00
Robert
e3b6be15b8
FEATURE: Add Instant Run-off Voting to Poll Plugin (Part 1: migrate existing plugin to Glimmer only) (#27204)
The "migration to Glimmer" has been broken out here from #27155 to make the review process less onerous and reduce change risk: 

* DEV: migrates most of the widget code to Glimmer in prep for IRV additions
* NB This already incorporates significant amounts of review and feedback from the prior PR.
* NB because there was significant additional feedback relating to older Poll code that I've improved with feedback, there are some additional changes here that are general improvements to the plugin and not specific to IRV nor Glimmer!
* There should be no trace of IRV code here.

Once this is finalised and merged we can continue to progress with #27155.
2024-07-04 13:34:48 +02:00
Loïc Guitaut
8d249457e8 DEV: Upgrade Rails to version 7.1
---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-07-04 10:58:21 +02:00
Arpit Jalan
947249719a
FEATURE: add option to delete user associated account on password reset (#27696) 2024-07-04 06:58:00 +05:30
Martin Brennan
527f02e99f
FEATURE: Only count topic views for explicit/deferred tracked views (#27533)
Followup 2f2da72747

This commit moves topic view tracking from happening
every time a Topic is requested, which is susceptible
to inflating numbers of views from web crawlers, to
our request tracker middleware.

In this new location, topic views are only tracked when
the following headers are sent:

* HTTP_DISCOURSE_TRACK_VIEW - This is sent on every page navigation when
  clicking around the ember app. We count these as browser page views
  because we know it comes from the AJAX call in our app. The topic ID
  is extracted from HTTP_DISCOURSE_TRACK_VIEW_TOPIC_ID
* HTTP_DISCOURSE_DEFERRED_TRACK_VIEW - Sent when MessageBus initializes
  after first loading the page to count the initial page load view. The
  topic ID is extracted from HTTP_DISCOURSE_DEFERRED_TRACK_VIEW.

This will bring topic views more in line with the change we
made to page views in the referenced commit and result in
more realistic topic view counts.
2024-07-03 10:38:49 +10:00
Krzysztof Kotlarek
c3fadc7330
FEATURE: created edit and delete flags (#27484)
Allow admins to create edit and delete flags.
2024-07-03 08:45:37 +10:00
Keegan George
ea58140032
DEV: Remove summarization code (#27373) 2024-07-02 08:51:47 -07:00
Discourse Translator Bot
052550c6e0
Update translations (#27680) 2024-07-02 16:42:56 +02:00
Martin Brennan
ffc99253fa
DEV: Resolve TODO comments for martin-brennan
I am changing many of these to notes or resolving them as is,
most of these I have not actively worked on in years so someone
else can work on them when we get to these areas again.
2024-07-01 15:32:30 +10:00
Martin Brennan
56f34e2d2b
DEV: Unhide enable_direct_s3_uploads setting (#27659)
This has been around for a long time now and was mentioned
in https://meta.discourse.org/t/a-new-era-for-file-uploads-in-discourse/210469,
there is no need to hide it, self-hosters are free to enable
this.
2024-07-01 13:56:00 +10:00
Osama Sayegh
4c1c25027d
DEV: Wiring for the admin about config page (#27492)
This commit continues work laid out by ffec8163b0 for the admin config page for the /about page. The last commit set up the user interface, and this one sets up all the wiring needed to make the input fields and save buttons actually work.

Internal topic: t/128544.
2024-07-01 05:40:37 +03:00
Discourse Translator Bot
423f92490c Update translations 2024-06-28 16:10:06 +02:00
Gabriel Grubba
8d28038666
FEATURE: Add WebHookEventsDailyAggregate report page (#27573)
* FEATURE: Add WebHookEventsDailyAggregate

Add WebHookEventsDailyAggregate model to store daily aggregates of web hook events.
Add AggregateWebHooksEvents job to aggregate web hook events daily.
Add spec for WebHookEventsDailyAggregate model.

* DEV: Update annotations for web_hook_events_daily_aggregate.rb

* DEV: Update app/jobs/scheduled/aggregate_web_hooks_events.rb

Co-authored-by: Martin Brennan <martin@discourse.org>

* DEV: Address review feedback

Solves:
- https://github.com/discourse/discourse/pull/27542#discussion_r1646961101
- https://github.com/discourse/discourse/pull/27542#discussion_r1646958890
- https://github.com/discourse/discourse/pull/27542#discussion_r1646976808
- https://github.com/discourse/discourse/pull/27542#discussion_r1646979846
- https://github.com/discourse/discourse/pull/27542#discussion_r1646981036

* A11Y: Add translation to retain_web_hook_events_aggregate_days key

* FEATURE: Purge old web hook events daily aggregate

Solves: https://github.com/discourse/discourse/pull/27542#discussion_r1646961101

* DEV:  Update tests for web_hook_events_daily_aggregate

Update WebHookEventsDailyAggregate to not use save! at the end
Solves: https://github.com/discourse/discourse/pull/27542#discussion_r1646984601

* PERF: Change job query to use WebHook table instead of WebHookEvent table

* DEV: Update tests to use `fab!`

* DEV: Address code review feedback.

Add idempotency to job
Add has_many to WebHook

* FEATURE: Add WebHookEventsDailyAggregate report page

Add locales for the new report page
Reorder imports in the report.rb

* DEV: Remove logger line

* FEATURE: Add `auto_insert_none_item` option to `report-filters` components

---------

Co-authored-by: Martin Brennan <martin@discourse.org>
2024-06-27 10:26:42 -03:00
Loïc Guitaut
f58b844f45
Revert "DEV: Upgrade Rails to version 7.1" (#27625)
This reverts commit ce00f83173.
2024-06-26 18:55:05 +02:00
Kris
e505a5a1d5
UX: improve categories page subcategory layout (#27612) 2024-06-25 17:37:35 -04:00
Gabriel Grubba
f3a89620a1
FEATURE: Add WebHookEventsDailyAggregate (#27542)
* FEATURE: Add WebHookEventsDailyAggregate

Add WebHookEventsDailyAggregate model to store daily aggregates of web hook events.
Add AggregateWebHooksEvents job to aggregate web hook events daily.
Add spec for WebHookEventsDailyAggregate model.

* DEV: Update annotations for web_hook_events_daily_aggregate.rb

* DEV: Update app/jobs/scheduled/aggregate_web_hooks_events.rb

Co-authored-by: Martin Brennan <martin@discourse.org>

* DEV: Address review feedback

Solves:
- https://github.com/discourse/discourse/pull/27542#discussion_r1646961101
- https://github.com/discourse/discourse/pull/27542#discussion_r1646958890
- https://github.com/discourse/discourse/pull/27542#discussion_r1646976808
- https://github.com/discourse/discourse/pull/27542#discussion_r1646979846
- https://github.com/discourse/discourse/pull/27542#discussion_r1646981036

* A11Y: Add translation to retain_web_hook_events_aggregate_days key

* FEATURE: Purge old web hook events daily aggregate

Solves: https://github.com/discourse/discourse/pull/27542#discussion_r1646961101

* DEV:  Update tests for web_hook_events_daily_aggregate

Update WebHookEventsDailyAggregate to not use save! at the end
Solves: https://github.com/discourse/discourse/pull/27542#discussion_r1646984601

* PERF: Change job query to use WebHook table instead of WebHookEvent table

* DEV: Update tests to use `fab!`

* DEV: Address code review feedback.

Add idempotency to job
Add has_many to WebHook

* DEV: add test case for job and change job query

* DEV: Change AggregateWebHooksEvents job test name

---------

Co-authored-by: Martin Brennan <martin@discourse.org>
2024-06-25 13:56:47 -03:00
Discourse Translator Bot
7d4ff77a14
Update translations (#27604) 2024-06-25 15:40:08 +02:00
Ted Johansson
d63f1826fe
FEATURE: User fields required for existing users - Part 2 (#27172)
We want to allow admins to make new required fields apply to existing users. In order for this to work we need to have a way to make those users fill up the fields on their next page load. This is very similar to how adding a 2FA requirement post-fact works. Users will be redirected to a page where they can fill up the remaining required fields, and until they do that they won't be able to do anything else.
2024-06-25 19:32:18 +08:00
Ella E
aa8773e659
UX: Use 'moderators' instead of 'staff' (#27572) 2024-06-24 19:21:08 -06:00
Kris
e5c0cfcd27
UX: remove default use of quaternary color, update nav pill styles (#27502) 2024-06-24 09:54:34 -04:00
Renato Atilio
55da8a7701
FEATURE: add Untranslated filter to admin text customization (#27555)
Adds a checkbox to filter untranslated text strings in the admin UI, behind a hidden and default `false` site setting `admin_allow_filter_untranslated_text`.
2024-06-24 06:24:06 -03:00
Loïc Guitaut
ce00f83173 DEV: Upgrade Rails to version 7.1
---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-06-24 11:16:14 +02:00
Loïc Guitaut
160011793a Revert "DEV: Upgrade Rails to version 7.1 (#27539)"
This reverts commit ca4af53be8.
2024-06-21 11:20:40 +02:00
Kelv
60d5170587
DEV: add validation on content_security_policy_script_src site setting (#27564)
* DEV: add validation on content_security_policy_script_src site setting
2024-06-21 17:00:22 +08:00
Loïc Guitaut
ca4af53be8 DEV: Upgrade Rails to version 7.1 (#27539)
* DEV: Upgrade Rails to 7.1

* FIX: Remove references to `Rails.logger.chained`

`Rails.logger.chained` was provided by Logster before Rails 7.1
introduced their broadcast logger. Now all the loggers are added to
`Rails.logger.broadcasts`.

Some code in our initializers was still using `chained` instead of
`broadcasts`.

* DEV: Make parameters optional to all FakeLogger methods

* FIX: Set `override_level` on Logster loggers (#27519)

A followup to f595d599dd

* FIX: Don’t duplicate Rack response

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-06-21 09:44:06 +02:00
Penar Musaraj
33de5abb6e
DEV: Extract theme resolution to a helper (#27426)
This ensures that the theme id is resolved as early as possible in the
request cycle. This is necessary for the custom homepage to skip
preloading the wrong data.
2024-06-20 11:33:46 -04:00
Loïc Guitaut
982c005979 Revert "DEV: Upgrade Rails to version 7.1 (#27539)"
This reverts commit 2301dddcff.
2024-06-20 11:43:35 +02:00
Loïc Guitaut
2301dddcff
DEV: Upgrade Rails to version 7.1 (#27539)
* DEV: Upgrade Rails to 7.1

* FIX: Remove references to `Rails.logger.chained`

`Rails.logger.chained` was provided by Logster before Rails 7.1
introduced their broadcast logger. Now all the loggers are added to
`Rails.logger.broadcasts`.

Some code in our initializers was still using `chained` instead of
`broadcasts`.

* DEV: Make parameters optional to all FakeLogger methods

* FIX: Set `override_level` on Logster loggers (#27519)

A followup to f595d599dd

* FIX: Don’t duplicate Rack response

---------

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2024-06-20 10:33:01 +02:00
Rafael dos Santos Silva
b2a9676f0b
FEATURE: Support Spotify Onebox (#27540) 2024-06-19 13:27:27 -03:00
Martin Brennan
83361b2fc5
FEATURE: Introduce site settings which require confirmation (#27315)
Many site settings can be distructive or have huge side-effects
for a site that the admin may not be aware of when changing it.

This commit introduces a `requires_confirmation` attribute that
can be added to any site setting. When it is true, a confirmation
dialog will open if that setting is changed in the admin UI,
optionally with a custom message that is defined in client.en.yml.

If the admin does not confirm, we reset the setting to its previous
clean value and do not save the new value.
2024-06-19 16:01:24 +10:00
Ted Johansson
3ff7ce78e7
FEATURE: Add hidden site setting to list 'unsafe-none' COOP referrers (#27510)
Some tooling may rely on an unsafe-none cross origin opener policy to work. This change adds a hidden site setting that can be used to list referrers where we add this header instead of the default one configured in cross_origin_opener_policy_header.
2024-06-19 11:11:35 +08:00
Krzysztof Kotlarek
cc4c199680
FEATURE: optional 2FA enforcement (#27506)
A new admin setting called `enforce_second_factor_on_external_auth`. It allows users to authenticate using external providers even when 2FA is forced with `enforce_second_factor` site setting.
2024-06-19 09:32:30 +10:00
Jarek Radosz
5cb84f8dcf
DEV: Revert rails 7.1 upgrade (#27522)
* Revert "FIX: Set `override_level` on Logster loggers (#27519)"

This reverts commit c1b0488c54.

* Revert "DEV: Make parameters optional to all FakeLogger methods"

This reverts commit 3318dad7b4.

* Revert "FIX: Remove references to `Rails.logger.chained`"

This reverts commit f595d599dd.

* Revert "DEV: Upgrade Rails to 7.1"

This reverts commit 081b00391e.
2024-06-18 23:48:30 +02:00
Jarek Radosz
c1b0488c54
FIX: Set override_level on Logster loggers (#27519)
A followup to f595d599dd
2024-06-18 21:53:51 +02:00
Tobias Eigen
6ac7d02a8f
Update server.en.yml (#27490)
made explicit in description that ` default_sidebar_switch_panel_position` admin setting is about the position of the button on the sidebar for switching to chat.
2024-06-18 14:58:03 -04:00
Loïc Guitaut
f595d599dd FIX: Remove references to Rails.logger.chained
`Rails.logger.chained` was provided by Logster before Rails 7.1
introduced their broadcast logger. Now all the loggers are added to
`Rails.logger.broadcasts`.

Some code in our initializers was still using `chained` instead of
`broadcasts`.
2024-06-18 17:46:40 +02:00
Loïc Guitaut
081b00391e DEV: Upgrade Rails to 7.1 2024-06-18 15:58:05 +02:00
Discourse Translator Bot
69c99a82dd
Update translations (#27511) 2024-06-18 15:39:31 +02:00
Kelv
2393234be5
DEV: remove legacy CSP implementation to make strict-dynamic only accepted behaviour (#27486)
* DEV: remove legacy CSP implementation that allowed for non-strict-dynamic behaviour
2024-06-18 16:40:53 +08:00
Daniel Waterworth
63e8c79e2f
FIX: Make edit categories sidebar modal work more intuitively (#27111)
* Load search results in displayed order so that when more categories are loaded on scroll, they appear at the end,
 * Limit the number of subcategories that are shown per category and display 'show more' links,
2024-06-14 11:37:32 -05:00
Osama Sayegh
4aea12fdcb
DEV: Allow fetching specific site settings and introduce a service for updating site settings (#27481)
This commit adds ability to fetch a subset of site settings from the `/admin/site_settings` endpoint so that it can be used in all places where the client app needs access to a subset of the site settings.

Additionally, this commit also introduces a new service class called `UpdateSiteSetting` that encapsulates all the logic that surrounds updating a site setting so that it can be used to update site setting(s) anywhere in the backend. This service comes in handy with, for example, the controller for the flags admin config area which may need to update some site settings related to flags.

Internal topic: t/130713.
2024-06-14 13:07:27 +03:00
Kris
e92323c81e
UX: replace "all subcategories" with "remove filter", reorder tag dropdown (#27473) 2024-06-13 17:10:25 -04:00
Jan Cernik
d7ece61252
UX: Rename FAQ to Guidelines (#27451) 2024-06-13 12:09:53 -03:00
Kelv
3ae2e039c3
DEV: remove composer.modal_cancel translation key (#27445) 2024-06-13 16:44:36 +08:00