Commit Graph

2307 Commits

Author SHA1 Message Date
Régis Hanol
425643bbd8
FIX: staff only mode blocks admin password resets (#29289)
When staff only mode is enabled - Discourse.enable_readonly_mode(Discourse::STAFF_WRITES_ONLY_MODE_KEY)

Staff members couldn't reset their password via the "forgot password" link.

This fixes it.

Internal ref. t/133990
2024-10-21 09:29:37 +02:00
Régis Hanol
1a66556f1a
DEV: make the build less flaky (#29288)
We only care that there are other results, not that there are a specific amount.
2024-10-18 20:07:55 +02:00
Régis Hanol
97ba39e60f
FIX: bump the number of svg icons we return to first 500 (#29286)
instead of the first 200 which would "hide" some icons from the list when picking an icon for a badge or a sidebar link.

Internal ref - t/119652
2024-10-18 19:22:13 +02:00
David Battersby
16acba6cf8
DEV: serialize image upload thumbnail (#29276)
Since we recently blocked accidental serialization of AR models, we are getting a 500 error in some cases with thumbnails. We can fix this by serializing the thumbnail, previously we just returned a raw OptimizedImage object.

Thumbnails are now attached to the serializer in core, therefore we no longer need to use add_to_serializer within the chat plugin to use thumbnails within chat message uploads.
2024-10-18 12:55:14 +04:00
Ted Johansson
f8360f9665
FIX: Don't error out on nested topic show id param (#29274)
We're expecting the ID param to be something that neatly coerces into an ID. If we receive something like a nested parameter, this will blow up. (We already handle the case of arrays.)

This commit raises an InvalidParameters exception in the case of a nested ID.
2024-10-18 14:37:52 +08:00
Ted Johansson
9dafbe47dc
FIX: Don't error out on nested categories index page param (#29273)
We're expecting the page param to be something that neatly coerces into an integer. If we receive something like a nested parameter, this will blow up. (I'm sure there are other examples as well.)

This commit falls back to a page value of 1 if the coercion fails.
2024-10-18 14:37:39 +08:00
Sam
c08c40dc23
FEATURE: theme_modifiers can depend on theme settings (plus serialize_post_user_badges) (#29227)
Theme modifiers can now be defined as theme settings, this allows for
site operators to override behavior of theme modifiers.

New syntax is:

```
{
    ...
   "modifiers": {
      "modifier_name": {
         "type": "setting",
         "value": "setting_name"
      }
   }
}
```

This also introduces a new theme modifier for serialize_post_user_badges. Name of badge must match the name of the badge in the badges table. The client-side is updated to load this new data from the post-stream serializer.

Co-authored-by: David Taylor <david@taylorhq.com>
2024-10-17 15:16:16 +01:00
Natalie Tay
ede06ffd43
FIX: Allow user to log in another account using the same device (client_id) (#29121)
Allow user to log in another account using the same device (client_id)
2024-10-14 12:39:20 +08:00
Kelv
32e261ef73
DEV: Migrate user passwords data to UserPassword table (#28746)
* Add migrations to ensure password hash is synced across users & user_passwords

* Persist password-related data in user_passwords instead of users

* Merge User#expire_old_email_tokens with User#expire_tokens_if_password_changed

* Add post deploy migration to mark password-related columns from users table as read-only

* Refactored UserPassword#confirm_password? and changes required to accommodate hashing the password after validations
2024-10-10 09:23:06 +08:00
Alan Guo Xiang Tan
ed6c9d1545
DEV: Call Discourse.redis.flushdb after the end of each test (#29117)
There have been too many flaky tests as a result of leaking state in
Redis so it is easier to resolve them by ensuring we flush Redis'
database.

Locally on my machine, calling `Discourse.redis.flushdb` takes around
0.1ms which means this change will have very little impact on test
runtimes.
2024-10-09 07:19:31 +08:00
OsamaSayegh
d7164d57ec
SECURITY: Block registrations for encoded emails that are invalid 2024-10-07 11:48:52 +08:00
Régis Hanol
34d04e7507
SECURITY: add pagination to post replies
When a post has some replies, and the user click on the button to show them, we would load ALL the replies. This could lead to DoS if there were a very large number of replies.

This adds support for pagination to these post replies.

Internal ref t/129773

FIX: Duplicated parent posts

DEV: Query refactor
2024-10-07 11:48:48 +08:00
Bianca Nenciu
e081cc14fb
SECURITY: Use different anon cache keys for XHR requests
XHR requests are handled differently by the application and the
responses do not have any preloaded data so the cache key needs to
differntiate between those requests.
2024-10-07 11:48:45 +08:00
David Taylor
69d2373f77
DEV: Resolve stat registration flaky tests (#29084) 2024-10-04 13:49:22 +01:00
Linca
a1e5796ba1
FEAT: Allow admin delete user's associated accounts (#29018)
This commit introduces a feature that allows an admin to delete a user's
associated account. After deletion, a log will be recorded in staff
actions.

ref=t/136675
2024-09-27 20:08:05 +08:00
Kris
a914d3230b
DEV: remap all core icons for fontawesome 6 upgrade (#28715)
Followup to 7d8974d02f

Co-authored-by: David Taylor <david@taylorhq.com>
2024-09-13 16:50:52 +01:00
Bianca Nenciu
38592dc48e
PERF: Preload user options when status is enabled (#28827)
The user option 'hide_profile_and_presence' is necessary to figure out
if the user status has to be displayed or not. In order to avoid N+1s
generated by `include_status?` method, both `user_status` and
`user_option` relations have to be included.
2024-09-11 10:39:14 +03:00
Keegan George
f2059bf15f
FIX: Form template limit validation (#28791) 2024-09-10 08:11:44 -07:00
Martin Brennan
14b436923c
FEATURE: Switch to new methods of pageview measurement and reporting (#28729)
### UI changes

All of the UI changes described are gated behind the `use_legacy_pageviews`
site setting.

This commit changes the admin dashboard pageviews report to
use the "Consolidated Pageviews with Browser Detection" report
introduced in 2f2da72747 with
the following changes:

* The report name is changed to "Site traffic"
* The pageview count on the dashboard is counting only using the new method
* The old "Consolidated Pageviews" report is renamed as "Consolidated Legacy Pageviews"
* By default "known crawlers" and "other" sources of pageviews are hidden on the report

When `use_legacy_pageviews` is `true`, we do not show or allow running
the "Site traffic" report for admins. When `use_legacy_pageviews` is `false`,
we do not show or allow running the following legacy reports:

* consolidated_page_views
* consolidated_page_views_browser_detection
* page_view_anon_reqs
* page_view_logged_in_reqs

### Historical data changes

Also part of this change is that, since we introduced our new "Consolidated
Pageviews with Browser Detection" report, some admins are confused at either:

* The lack of data before a certain date , which didn’t exist before
  we started collecting it
* Comparing this and the current "Consolidated Pageviews" report data,
  which rolls up "Other Pageviews" into "Anonymous Browser" and so it
  appears inaccurate

All pageview data in the new report before the date where the _first_
anon or logged in browser pageview was recorded is now hidden.
2024-09-10 09:51:49 +10:00
David Taylor
7d8974d02f
UX: Upgrade to fontawesome 6.6.0 (#28778)
This upgrade is designed to be fully backwards-compatible. Any icon names which have changed will be automatically remapped to the new name. For now, this will happen silently. In future, once core & official themes/plugins have been updated, we will start raising deprecation errors to help theme/plugin authors update their code.

Extracted from https://github.com/discourse/discourse/pull/28715

Announcement at https://meta.discourse.org/t/were-upgrading-our-icons-to-font-awesome-6/325349

Co-authored-by: awesomerobot <kris.aubuchon@discourse.org>
2024-09-09 14:40:56 +01:00
Linca
aab2987438
FEATURE: Log tag group changes in staff action log (#28787)
* FEATURE: Log tag group changes in staff action log

This commit records every change (add, change, delete) to a tag group in
the staff action log.

It uses a modal that was originally called ThemeChangeModal to display
changes, allowing staffs to see the specific changes clearly. The modal
is renamed to StaffActionLogChangeModal in this PR.

ref: https://meta.discourse.org/t/-/325011/14

Co-authored-by: Keegan George <kgeorge13@gmail.com>
2024-09-09 10:50:48 +08:00
Osama Sayegh
280adda09c
FEATURE: Support designating multiple groups as mods on category (#28655)
Currently, categories support designating only 1 group as a moderation group on the category. This commit removes the one group limitation and makes it possible to designate multiple groups as mods on a category.

Internal topic: t/124648.
2024-09-04 04:38:46 +03:00
Penar Musaraj
8c19104866
FIX: Passkey login when Discourse used as SSO provider (#28672)
Co-authored-by: Osama Sayegh <asooomaasoooma90@gmail.com>
2024-09-03 11:46:23 -04:00
Krzysztof Kotlarek
7577231ba2
DEV: the ability to define setting areas (#28570)
A new setting attribute is used to define the areas (separated by `|`).

In addition, endpoint `/admin/config/site_settings.json` accepts new `filter_area` data.
2024-09-03 09:25:45 +10:00
David Battersby
997fbc9757
FEATURE: Add ability to watch chat threads (#28639)
This change introduces a new thread notification level allowing users to get notified when someone replies to the thread.

Users who watch a thread will get a green notification on the chat icon and a user notification (blue). User notifications are consolidated based on thread id to prevent cluttering the original users notification area.

---------

Co-authored-by: Régis Hanol <regis@hanol.fr>
2024-09-02 16:45:55 +04:00
Ted Johansson
bfad9a7170
DEV: Gracefully handle an array of IDs passed to Topics#show (#28631)
We're seeing a lot of log noise coming from unhandled exceptions stemming from requests to TopicsController#show where id is passed in as an array.

In the implementation of the method, we assume that if id is present it will be a string. This is because one of the routes to this action uses :id as a URL fragment, and so must be a string. However, there are other routes that go to this endpoint as well. Some of them don't have this URL fragment, so you can pass an arbitrary id query parameter.

Instead of a downstream unhandled exception, we raise a Discourse::InvalidParameters upfront.
2024-08-29 14:22:42 +08:00
Penar Musaraj
ee3b175373
DEV: Ignore invalid tag parameter in TagsController (#28557)
This had no effect in the app, but it was resulting in errors in the logs.
2024-08-27 12:06:54 -04:00
Jan Cernik
437d7a0ad1
FIX: Endless loading post history (#28425) 2024-08-27 09:33:13 -03:00
Osama Sayegh
5eea7244c7
FIX: Add users to user directory on account activation (#28505)
Follow-up to e3ae57ea7a

The previous commit added an `after_create` callback that triggers a refresh for the user directory whenever a `User` record is created. Theoretically, this approach should work, however, there's a gotcha in practice, because during a real user registration, when the `User` record is created in the database, it's not marked as active until the user verifies their email address and the user directory excludes inactive users, so the initial directory refresh triggered by the `after_create` callback becomes pointless.

To make a new user appear in the user directory immediately after sign up, we need to trigger a refresh via an `after_save` callback when they verify their email address and become active.
2024-08-26 18:01:24 +03:00
Martin Brennan
a16faa27cd
FEATURE: Allow showing site text search in selected locale (#28453)
When searching for site texts for admin using the english
version of the text, previously we would show the english
version in the results _even if_ there was another locale
translated version available when a locale was selected
from the dropdown.

This commit adds a "Only show results in selected locale"
checkbox option which will instead make it so the results
shown are in the target locale, making it easier for translators
to tell when there is actually translations vs. missing tranlsations.
2024-08-26 11:25:36 +10:00
Alan Guo Xiang Tan
21bb28df91
PERF: Ensure suggested topics is only loaded on last page of topic view (#28507)
This commit improves `TopicsController#show` to not load suggested and
related topics unless it is the last page of the topic's view.
Previously, we avoided loading suggested and related topics by the use
of conditionals in the `TopicViewSerializer` to avoid calling
`TopicView#suggested_topics` and `TopicView#related_topics`. However,
this pattern is not reliable as the methods can still be called from
other spots in the code base. Instead, we ensure that
`TopicView#include_suggested` and `TopicView#include_related` is set
correctly on the instance of `TopicView` which ensures that for the
given instance, `TopicView#suggested_topics` and
`TopicView#related_topics` will be a noop.
2024-08-23 16:10:50 +08:00
Osama Sayegh
67cde14a61
DEV: Use Service::Base for suspend and silence actions (#28459)
This commit moves the business logic in the `Admin::UsersController#suspend` and `Admin::UsersController#silence` actions to dedicated service classes. There's no functional changes in this commit.

Internal topic: t/130014.
2024-08-22 14:38:56 +03:00
Osama Sayegh
35b748e7f4
FIX: Don't show silence button on staff users and display similar users (#28423)
This commit fixes a bug where the silence button is incorrectly displayed on the admin page of a staff user. It's not actually possible to silence a staff user because the backend correctly prevents it, but the frontend isn't checking if the button should be displayed.

Another small bug that this commit fixes is the similar users list not showing up inside the silence/suspend modals due to also a bug in the frontend.

I've also changed the way similar users are loaded so that they're not returned by the `admin/users#show` endpoint anymore and moved them into a new endpoint that the penalize modals (suspend and silence) can call directly to retrieve the list of users. This is done because the similar users list is never shown on the admin user page (`/admin/users/:user_id/:username`); they're only needed when the suspend or silence modals are opened.

Internal topic: t/130014.
2024-08-20 15:27:29 +03:00
Guhyoun Nam
9c1812e071
FEATURE: add system_user_max_attachment_size_kb site setting (#28351)
* System user attachment size WIP

* spec check

* controller update

* add max to system_user_max_attachment_size_kb

* DEV: update to use static method for `max_attachment_size_for_user`

add test to use large image.
add check for failure.

* DEV: update `system_user_max_attachment_size_kb` default value to 0

remove unecessary test.
update tests to reflect the new default value of `system_user_max_attachment_size_kb`

* DEV: update maximum_file_size to check when is an attachment made by a system user

Add tests for when `system_user_max_attachment_size_kb` is over and under the limit
Add test for checking interaction with `max_attachment_size_kb`

* DEV: move `max_attachment_size_for_user` to private methods

* DEV: turn `max_attachment_size_for_user` into a static method

* DEV: typo in test case

* DEV: move max_attachment_size_for_user to private class method

* Revert "DEV: move max_attachment_size_for_user to private class method"

This reverts commit 5d5ae0b715.

---------

Co-authored-by: Gabriel Grubba <gabriel@discourse.org>
2024-08-16 11:03:39 -03:00
Martin Brennan
3e5976f843
FEATURE: Always show full page "New Features" to admins (#28383)
We used to show New Features in a tab on the dashboard,
but this could get pushed down the page especially on
our hosting. In 043117ca13
we made a separate What's New page, so this commit removes
the dashboard tab and changes the admin notification to
send the admin to /admin/whats-new instead of the dashboard
tab.
2024-08-16 09:12:24 +10:00
Krzysztof Kotlarek
e82e255531
FIX: serialize Flags instead of PostActionType (#28362)
### Why?
Before, all flags were static. Therefore, they were stored in class variables and serialized by SiteSerializer. Recently, we added an option for admins to add their own flags or disable existing flags. Therefore, the class variable had to be dropped because it was unsafe for a multisite environment. However, it started causing performance problems. 

### Solution
When a new Flag system is used, instead of using PostActionType, we can serialize Flags and use fragment cache for performance reasons. 

At the same time, we are still supporting deprecated `replace_flags` API call. When it is used, we fall back to the old solution and the admin cannot add custom flags. In a couple of months, we will be able to drop that API function and clean that code properly. However, because it may still be used, redis cache was introduced to improve performance.

To test backward compatibility you can add this code to any plugin
```ruby
  replace_flags do |flag_settings|
    flag_settings.add(
      4,
      :inappropriate,
      topic_type: true,
      notify_type: true,
      auto_action_type: true,
    )
    flag_settings.add(1001, :trolling, topic_type: true, notify_type: true, auto_action_type: true)
  end
```
2024-08-14 12:13:46 +10:00
Krzysztof Kotlarek
559c9dfe0a
REVERT: FIX: serialize Flags instead of PostActionType (#28334) 2024-08-13 18:32:11 +10:00
Krzysztof Kotlarek
094052c1ff
FIX: serialize Flags instead of PostActionType (#28259)
### Why?
Before, all flags were static. Therefore, they were stored in class variables and serialized by SiteSerializer. Recently, we added an option for admins to add their own flags or disable existing flags. Therefore, the class variable had to be dropped because it was unsafe for a multisite environment. However, it started causing performance problems. 

### Solution
When a new Flag system is used, instead of using PostActionType, we can serialize Flags and use fragment cache for performance reasons. 

At the same time, we are still supporting deprecated `replace_flags` API call. When it is used, we fall back to the old solution and the admin cannot add custom flags. In a couple of months, we will be able to drop that API function and clean that code properly. However, because it may still be used, redis cache was introduced to improve performance.

To test backward compatibility you can add this code to any plugin
```ruby
  replace_flags do |flag_settings|
    flag_settings.add(
      4,
      :inappropriate,
      topic_type: true,
      notify_type: true,
      auto_action_type: true,
    )
    flag_settings.add(1001, :trolling, topic_type: true, notify_type: true, auto_action_type: true)
  end
```
2024-08-13 11:22:37 +10:00
Régis Hanol
d10fd36319
FEATURE: participating users statistics (#28322)
Adds a new statistics (hidden from the UI, but available via the API) that tracks daily participating users.

A user is considered as "participating" if they have

- Reacted to a post
- Replied to a topic
- Created a new topic
- Created a new PM
- Sent a chat message
- Reacted to a chat message

Internal ref - t/131013
2024-08-12 23:47:13 +02:00
Jan Cernik
5b78bbd138
DEV: Convert account activation pages to use Ember (#28206) 2024-08-12 18:02:00 -03:00
Loïc Guitaut
bf3d8a0a94 FIX: Don’t log an error when rendering a 404
Currently, in the list controller, when encountering an unsafe redirect
error, a 404 is rendered. The problem is that it’s done in a way that it
also logs a fatal error (because a `Discourse::NotFound` exception was
raised inside a `rescue_from` block).

This patch addresses that issue by simply rendering a 404 without
raising any error.
2024-08-08 09:21:27 +02:00
Loïc Guitaut
e494bafed3 FIX: Unescape URI properly when redirecting to a category
Currently, when a badly named category slug is provided, it can lead to
an infinite redirect.

This patch addresses the issue by properly unescaping `request.fullpath`
so the path is successfully rewritten and the redirect happens as
expected.
2024-08-07 15:53:21 +02:00
Alan Guo Xiang Tan
2492fe7715
FIX: Set sane default for Net::HTTP when processing a request (#28141)
This commit patches `Net::HTTP` to reduce the default timeouts of 60
seconds when we are processing a request. There are certain routes in
Discourse which makes external requests and if the proper timeouts are
not set, we risk having the Unicorn master process force restarting the
Unicorn workers once the `30` seconds timeout is reached. This can
potentially become a vector for DoS attacks and this commit is aimed at
reducing the risk here.
2024-08-06 07:12:42 +08:00
Martin Brennan
77081de027
FIX: Badge image uploader (#28188)
In the formkit conversion in 2ca06ba236
we missed setting a type for the UppyImageUploader for badges. Also,
we were not passing down the `image_url` as form data, so when we used
`data.image` for that field the badge was not updating in the UI after
page loads and the image URL was not loading for preview.

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2024-08-01 15:36:17 +02:00
Alan Guo Xiang Tan
f3ac2c9b5c
DEV: Fix flaky test (#28163)
Before this commit, running `rspec --seed 22953 --format documentation spec/requests/admin/site_texts_controller_spec.rb:191 spec/lib/freedom_patches/translate_accelerator_spec.rb:109` will fail.

Setting `I18n.config.available_locales` is equivalent to hard coding the
locales for the entire process. It should not be set so that `I18n` will
fallback to `backend.locales`.
2024-07-31 14:06:26 +08:00
Ted Johansson
a32390f5dc
FIX: Don't count draft views towards topic view stats (#28162)
When creating a shared draft, we're recording topic view stats on the draft and then pass those on when the draft is published, conflating the actual view count.

This fixes that by not registering topic views if the topic is a shared draft.
2024-07-31 11:10:50 +08:00
Martin Brennan
2d5f323ca3
DEV: Move config area site setting fetch into new controller (#28136)
Followup 4aea12fdcb

In certain config areas (like About) we want to be able
to fetch specific site settings by name. In this case,
sometimes we need to be able to fetch hidden settings,
in cases where a config area is still experimental.

Splitting out a different endpoint for this purpose
allows us to be stricter with what we return for config
areas without affecting the main site settings UI, revealing
hidden settings before they are ready.
2024-07-30 15:41:28 +10:00
Osama Sayegh
e9aa2c96e1
FIX: Add new/missing email templates to the email templates editor (#28075)
We have a dedicated admin page (`/admin/customize/email_templates`) that lets admins customize all emails that Discourse sends to users. The way this page works is that it lists all translations strings that are used for emails, and the list of translation strings is currently hardcoded and hasn't been updated in years. We've had a number of new emails that Discourse sends, so we should add those templates to the list to let admins easily customize those templates.

Meta topic: https://meta.discourse.org/t/3-2-x-still-ignores-some-custom-email-templates/308203.
2024-07-30 00:27:41 +03:00
Martin Brennan
3838514d4e
DEV: Defer topic view spec (#28052)
Followup e954eb234e

Adds a test for the defer_track_view method on topic controller
to check that the early returns (nexts) work correctly
without errors.
2024-07-25 15:24:46 +10:00
Krzysztof Kotlarek
b64d01bc10
FIX: store information about the login method in the database. (#28054)
Previously in these 2 PRs, we introduced a new site setting `SiteSetting.enforce_second_factor_on_external_auth`.

https://github.com/discourse/discourse/pull/27547
https://github.com/discourse/discourse/pull/27674

When disabled, it should enforce 2FA for local login with username and password and skip the requirement when authenticating with oauth2.

We stored information about the login method in a secure session but it is not reliable. Therefore, information about the login method is moved to the database.
2024-07-24 17:19:58 +10:00