Commit Graph

15285 Commits

Author SHA1 Message Date
Alan Guo Xiang Tan
b35cf7cc0c
DEV: First desktop design interface pass at experimental sidebar take 2. (#16647) 2022-05-05 14:35:08 +08:00
Alan Guo Xiang Tan
aa5d90a554
Revert "DEV: First desktop design interface pass at experimental sidebar (#16590)" (#16646)
This reverts commit 36dcf80aff.
2022-05-05 11:56:24 +08:00
Alan Guo Xiang Tan
36dcf80aff
DEV: First desktop design interface pass at experimental sidebar (#16590)
Co-authored-by: awesomerobot <kris.aubuchon@discourse.org>
2022-05-05 11:19:46 +08:00
Penar Musaraj
749e496a2c
DEV: Minor fixes to json schema editor styling (#16634) 2022-05-05 09:52:58 +08:00
Kris
80d2888222
DEV: add new plugin outlets (#16643) 2022-05-05 09:49:27 +08:00
Isaac Janzen
71a4e9db85
DEV: Use Ember getter and explicitly check for undefined (#16618)
Context -> https://deprecations.emberjs.com/v3.x/#toc_ember-metal-get-with-default
2022-05-04 09:37:42 -05:00
Isaac Janzen
62ed7d4968
DEV: replace depreciated {{hasBlock}} (#16629) 2022-05-04 09:02:19 -05:00
Jarek Radosz
68ccaa3acb
DEV: Fix typos and outdated comments (#16614) 2022-05-04 14:12:18 +08:00
Penar Musaraj
175e6e6061
DEV: Add Ember CLI workspace license checks (#16603)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-05-03 13:06:19 -04:00
Isaac Janzen
96e7c85177
FIX: updated filtered replies when replies exist (#16610) 2022-05-03 11:16:20 -05:00
Jarek Radosz
d58a1e180d
DEV: Update ember-try to 2.0.0 (#16606) 2022-05-03 11:04:16 -04:00
Jarek Radosz
8cb33cee48
DEV: Fix typo in customize-robots-txt (#16599) 2022-05-02 22:54:05 +02:00
Joffrey JAFFEUX
fad94160c7
FIX: uses tippy for popover (#15409)
Note this commit also introduce a new {{d-popover}} component, example usage:

```hbs
{{#d-popover |state|}}
  {{d-button label="foo.things" class="d-popover-trigger"}}

  <div class="d-popover-content">
    Some content
  <div>
{{/d-popover}}
```
2022-05-02 17:10:26 +02:00
Shaun
4885a2535a
UX: Display user.username on user cards (#16539)
If you happen to mention someone with the wrong capitalization for that
person's username (e.g. `@sAm`), that incorrect capitalization would get
displayed on their user card.

This update will fix that by displaying the `user.username` value, which
will have the correct capitalization.

I also added some tests that will ensure `username` and `name` are
displayed on the user card in the correct order based on the
`prioritize_username_in_ux` setting.

This issue was reported here:
https://meta.discourse.org/t/capitalization-does-not-match-when-you-open-user-cards-using-mentions/217166
2022-05-02 09:28:50 -04:00
Andrei Prigorshnev
187922d51c
FEATURE: introduce a sitewide setting for disabling suggesting weekends in time pickers (#16563) 2022-05-02 15:40:23 +04:00
Andrei Prigorshnev
badde13894
UX: improve the list of options on the slow mode modal (#16561) 2022-04-28 17:05:32 +04:00
Vinoth Kannan
1928bb6ac6
FIX: show group in filter only if user can see the members list. (#16580) 2022-04-28 18:27:47 +05:30
Jarek Radosz
bcb22821fb
DEV: Add support for GH Codespaces to ember proxy (#16581) 2022-04-28 14:46:59 +02:00
Alan Guo Xiang Tan
532f9cdb1a
DEV: Partially revert 98c49acad5 (#16578)
Use of glimmer component breaks site not on Ember CLI.
2022-04-28 16:01:58 +08:00
David Taylor
0f7b198ca0
FIX: Ensure values are escaped in select-kit dropdowns (#16576)
The values in Discourse dropdown menus only come from admin-defined strings, not unsanitised end-user input, so this lack of escaping was not exploitable.
2022-04-28 08:52:29 +01:00
Alan Guo Xiang Tan
98c49acad5
DEV: Setup experimental sidebar skeleton (#16575)
* hidden siteSetting to enable experimental sidebar
* user preference to enable experimental sidebar
* `experimental_sidebar_enabled` attribute for current user
* Empty glimmer component for Sidebar
2022-04-28 15:27:06 +08:00
Bianca Nenciu
14b09c9909
UX: Move post date under title in share-modal (#16455)
The old position was less than ideal on mobile.
2022-04-27 16:36:08 +03:00
Andrei Prigorshnev
c9b2374299
DEV: make API of future-date-input more customizable and aligned with the API of time-shortcut-picker (#16502) 2022-04-27 16:41:15 +04:00
Joffrey JAFFEUX
3e23bd4745
FIX: prepare data before creating chart to avoid side effect (#16570)
Before this change, we were using the labels from the original chartData to the chart builder, and we would then apply our collapse function on each dataset which could change the labels and cause a mismatch.

This was very visible when using quarterly periods on consolidated pageviews.
2022-04-27 14:04:09 +02:00
Penar Musaraj
eebce8f80a
FEATURE: Add in:messages search modifier (#16567)
This adds `in:messages` as a synonym for `in:personal` and sets it up as our default nomenclature (`in:personal` will still work).
2022-04-26 16:47:01 -04:00
Kris
8dd3d6cb97
UX: Larger clickable area for mobile topic list (#16473) 2022-04-26 15:01:43 -04:00
Penar Musaraj
07f975848d
FEATURE: Scope search to PMs when in that context (#16528) 2022-04-26 14:43:09 -04:00
Kris
0b9410d96f
DEV: prefix group name when appended as class (#16556) 2022-04-26 08:31:27 -04:00
Joffrey JAFFEUX
c8757c9d1d
FIX: prefers computed over discourseComputed (#16562)
We have currently unexpected behaviors when using @discourseComputed in a native class.
2022-04-26 11:43:41 +02:00
Andrei Prigorshnev
3e0cb8ea47
UX: ask for confirmation when deleting a post using shortcut (#16526) 2022-04-25 17:50:54 -04:00
Kris
4157403308
UX: organize topic admin menu into groups (#16489) 2022-04-25 16:02:41 -04:00
Joffrey JAFFEUX
596469a712
REFACTOR: live-development.js (#16548)
- drop jquery
- replaces setTimeout by later
- removes dead code which is not even working today
2022-04-25 19:34:16 +02:00
David Taylor
32346f4ba5
FIX: Ensure lazy-load-images does not remove entire img.style (#16553)
Other things may have added things to the style attribute (e.g. the `image-aspect-ratio` decorator).

Unfortunately this is difficult to add a test for because `lazy-load-images` leans on the `onload` event. We have no control over image loading in tests, so race conditions would be very likely.
2022-04-25 17:19:25 +01:00
Jarek Radosz
06462631c4
DEV: Fix test hook placement (#16551)
It was incorrectly put inside the pretender block.
2022-04-25 15:07:55 +02:00
Joffrey JAFFEUX
7f55c9c502
REFACTOR: add-archetype-class mixin (#16546) 2022-04-25 13:16:43 +02:00
David Taylor
794d2dabf6
DEV: Ensure ember-cli rake theme:qunit works with CSP enabled (#16541)
- Make proxy pass `x-forward...` headers, so that Rails can set the host/port correctly in the csp
- Make `testem.js` available on a route which is within the app's default CSP
2022-04-22 16:59:45 +01:00
Isaac Janzen
e0d7431292
FIX: Use username for nested quotes (#16523)
There was an edge when a user re-quoted a nested quote that it would return an incorrect `full name` but the correct `username` for the original quote. This PR updates the logic to fall back to using the OP user's username. 

The complexity of the changes required to allow for full names to be displayed on nested quotes far outweighs how rare quoting nested quotes is.
2022-04-22 10:20:24 -05:00
David Taylor
127ba698a7
DEV: Allow running theme-qunit tests via testem (#16540)
This allows `QUNIT_EMBER_CLI=1 bin/rake theme:qunit[...]` to test themes using `testem` with Ember-CLI-generated assets
2022-04-22 15:04:01 +01:00
Jarek Radosz
3010c5fd74
DEV: Fix loadScript() in ember-cli testem env (#16533)
The issue affected plugin-provided scripts.
2022-04-22 12:32:33 +02:00
Jarek Radosz
70b69e318a
DEV: Clean up loadScript() (#16537) 2022-04-22 11:53:39 +02:00
Jarek Radosz
f2f1a4df62
DEV: Don't clean outlet and html caches twice (#16534)
They're already cleared after each test.
2022-04-22 11:17:18 +02:00
Jarek Radosz
dba7a1d8ed
FIX: Show footer on the categories page (#16538)
I removed that code in #16519 but it's still needed to display the footer on `/categories`.
2022-04-22 11:14:16 +02:00
Jarek Radosz
9ffc19ec60
DEV: Don't leave loadScript tests hanging (#16536)
…when anything goes wrong. Let it move on instead of waiting for global test timeout.
2022-04-22 10:34:13 +02:00
Gerhard Schlager
3d62e335f7
FEATURE: Detect emoji from Emoji 14.0 (#16531) 2022-04-22 08:42:15 +02:00
Martin Brennan
3e4621c2cb
FEATURE: Polymorphic bookmarks pt. 2 (lists, search) (#16335)
This pull request follows on from https://github.com/discourse/discourse/pull/16308. This one does the following:

* Changes `BookmarkQuery` to allow for querying more than just Post and Topic bookmarkables
* Introduces a `Bookmark.register_bookmarkable` method which requires a model, serializer, fields and preload includes for searching. These registered `Bookmarkable` types are then used when validating new bookmarks, and also when determining which serializer to use for the bookmark list. The `Post` and `Topic` bookmarkables are registered by default.
* Adds new specific types for Post and Topic bookmark serializers along with preloading of associations in `UserBookmarkList`
* Changes to the user bookmark list template to allow for more generic bookmarkable types alongside the Post and Topic ones which need to display in a particular way

All of these changes are gated behind the `use_polymorphic_bookmarks` site setting, apart from the .hbs changes where I have updated the original `UserBookmarkSerializer` with some stub methods.

Following this PR will be several plugin PRs (for assign, chat, encrypt) that will register their own bookmarkable types or otherwise alter the bookmark serializers in their own way, also gated behind `use_polymorphic_bookmarks`.

This commit also removes `BookmarkQuery.preloaded_custom_fields` and the functionality surrounding it. It was added in 0cd502a558 but only used by one plugin (discourse-assign) where it has since been removed, and is now used by no plugins. We don't need it anymore.
2022-04-22 08:23:42 +10:00
Joffrey JAFFEUX
3daa45deaf
FIX: replaces discourseComputed by computed (#16530)
This was causing unexpected behaviors on production builds. And also on firefox on local environnement, however the issues was slightly different.

- production chrome: colors don't load
- dev firefox: colors don't change when selecting a different color set
2022-04-21 21:56:08 +02:00
David Taylor
22a7905f2d
DEV: Allow Ember CLI assets to be used by development Rails app (#16511)
Previously, accessing the Rails app directly in development mode would give you assets from our 'legacy' Ember asset pipeline. The only way to run with Ember CLI assets was to run ember-cli as a proxy. This was quite limiting when working on things which are bypassed when using the ember-cli proxy (e.g. changes to `application.html.erb`). Also, since `ember-auto-import` introduced chunking, visiting `/theme-qunit` under Ember CLI was failing to include all necessary chunks.

This commit teaches Sprockets about our Ember CLI assets so that they can be used in development mode, and are automatically collected up under `/public/assets` during `assets:precompile`. As a bonus, this allows us to remove all the custom manifest modification from `assets:precompile`.

The key changes are:
- Introduce a shared `EmberCli.enabled?` helper
- When ember-cli is enabled, add ember-cli `/dist/assets` as the top-priority Rails asset directory
- Have ember-cli output a `chunks.json` manifest, and teach `preload_script` to read it and append the correct chunks to their associated `afterFile`
- Remove most custom ember-cli logic from the `assets:precompile` step. Instead, rely on Rails to take care of pulling the 'precompiled' assets into the `public/assets` directory. Move the 'renaming' logic to runtime, so it can be used in development mode as well.
- Remove fingerprinting from `ember-cli-build`, and allow Rails to take care of things

Long-term, we may want to replace Sprockets with the lighter-weight Propshaft. The changes made in this commit have been made with that long-term goal in mind.

tldr: when you visit the rails app directly, you'll now be served the current ember-cli assets. To keep these up-to-date make sure either `ember serve`, or `ember build --watch` is running. If you really want to load the old non-ember-cli assets, then you should start the server with `EMBER_CLI_PROD_ASSETS=0`. (the legacy asset pipeline will be removed very soon)
2022-04-21 16:26:34 +01:00
Andrei Prigorshnev
e8f8a7fc91
FIX: showing icons on future-date-input options (#16527) 2022-04-21 18:13:45 +04:00
David Taylor
e5fb884695
FEATURE: Show prompt for required tag groups (#16458) 2022-04-21 13:13:52 +01:00
Andrei Prigorshnev
42bb629817
DEV: use the only source for time shortcut options on all date pickers (#16366) 2022-04-21 15:49:11 +04:00
Andrei Prigorshnev
53e484817e
DEV: drop the unused invite-link-panel component and related unused code (#16435) 2022-04-21 14:32:17 +04:00
Joffrey JAFFEUX
9e2303427c
REFACTOR: admin-customize-colors-show (#16525)
- native class
- drops jquery
- @action
- uses clipboardCopy
- filterBy
2022-04-21 09:50:23 +02:00
Isaac Janzen
196b791365
DEV: Prioritize full name when display_name_on_posts active (#16078)
See: https://meta.discourse.org/t/display-full-name-not-username-when-attributing-quote-or-reply/203533?u=isaacjanzen for context

The initial release [broke quoting](https://meta.discourse.org/t/quoting-broken-when-name-matches-username/217633?u=isaacjanzen) but we now pass the username when 
```
siteSettings.display_name_on_posts && !siteSettings.prioritize_username_in_ux && post.name
```
as well as the full name to guarantee that we are not getting any mismatches when querying for user / avatar.

eg. 
```
[quote="Isaac Janzen, post:3, topic:7, full:true, username:isaac.janzen"]
bing bong
[/quote]
```
2022-04-20 10:07:51 -05:00
Jarek Radosz
5d00f7bc0a
FIX: Show footer at the end of topic list (#16519)
Previously it wouldn't show up after all items were loaded.
2022-04-20 15:53:06 +02:00
Bianca Nenciu
f3ef69e27d
FIX: Add missing translations for medium format (#16517)
Commit 68497bddf2 implemented a function
to format durations in a medium format, similar to how durationTiny did.
The existent translation strings do not cover all cases and this commit
adds the missing translation strings.
2022-04-20 14:49:08 +03:00
Isaac Janzen
900fcb9da0 Add a test for topic timer notice 2022-04-20 15:29:59 +08:00
Joffrey JAFFEUX
e6e0c76c94
DEV: adds an above-user-summary-stats outlet (#16426) 2022-04-20 08:48:01 +02:00
Isaac Janzen
39cb9f105f
Wait to display notice on topic timer (#16509) 2022-04-19 13:41:18 -05:00
Bianca Nenciu
68497bddf2
UX: Add title to read time stats from user page (#16501)
The title attributes were added to explain the difference between "read
time" and "recent read time" stats from user summary page.
2022-04-19 20:48:08 +03:00
Joe
e0c663c20d
UX: Improves select-kit body placement when vertical space is short (#16504)
1. When the select-kit body is rendered, it defaults to being displayed under the triggering select-kit header, unless...

    there isn't enough space between the bottom of the select-kit header and the bottom of the viewport 
    & 
    there's enough space on top of the select-kit header, and in that case, we render it on top.

2. We give it a bit of padding on top, so it never renders below the header on the Z-axis. 

14778ba52e/app/assets/javascripts/select-kit/addon/components/select-kit.js (L877-L884)

3. If there isn't enough space between the bottom of the viewport and the bottom of the select-kit header, and there isn't enough space between its top and the bottom of `d-header`, it renders at the bottom of the select-kit header.

In theory, number 3 above rarely ever happens. However, it can occur in the case of the user preferences page in combination with a large select-kit body (many categories).

The select-kit body then renders below the trigging select-kit header, but it's cut off. Users won't be able to see the entire select-kit body. 

Here's an example 

a719734d92.mp4

This PR adds a "prevent overflow" modifier to Popper. What it does is that it handles the case above.

If there's not enough space below the select-kit header or above it, render the select-kit body below the select-kit header BUT... anchor it to the bottom of the viewport. 

Here's what that looks like

32cd1639bb.mp4

After this fix, even very large select-kit bodies will always be on the screen. 

Please note that this PR has no impact on either number 1 or number 2 above, and those will continue to function as they currently do. 

The only downside here is that the select-kit body might cover the select-kit header if it needs to be anchored at the bottom of the viewport, and it's very large. However, between that and not being able to see all the options, I think it's a fair compromise. There's only so much space in the viewport. 

This PR ignores mobile because we have a different placement strategy. We use `position: absolute`... so, users can scroll the viewport if needed.
2022-04-19 21:13:54 +08:00
Joffrey JAFFEUX
54812992ae
REFACTOR: badge-button (#16500)
- drops jquery
- uses native class syntax
- tagless
- tests
- removes unnecessary alias
2022-04-19 15:01:28 +02:00
Joffrey JAFFEUX
01727da9b0
REFACTOR: admin-user-field-item (#16499)
- drops jquery
- removes a deprecation caused by overriding a computed property (isEditing)
- adds basic tests
- drops observers
- uses @action
- tagless
2022-04-19 13:31:43 +02:00
Martin Brennan
c6c633e041
FIX: Issues with incorrect unread and private message topic tracking state (#16474)
This commit fixes two issues at play. The first was introduced
in f6c852b (or maybe not introduced
but rather revealed). When a user posted a new message in a topic,
they received the unread topic tracking state MessageBus message,
and the Unread (X) indicator was incremented by one, because with the
aforementioned perf commit we "guess" the correct last read post
for the user, because we no longer calculate individual users' read
status there. This meant that every time a user posted in a topic
they tracked, the unread indicator was incremented. To get around
this, we can just exclude the user who created the post from the
target users of the unread state message.

The second issue was related to the private message topic tracking
state, and was somewhat similar. Whenever a user created a new private
message, the New (X) indicator was incremented, and could not be
cleared until the page was refreshed. To solve this, we just don't
update the topic state for the user when the new_topic tracking state
message comes through if the user who created the topic is the
same as the current user.

cf. https://meta.discourse.org/t/bottom-of-topic-shows-there-is-1-unread-remaining-when-there-are-actually-0-unread-topics-remaining/220817
2022-04-19 11:37:01 +10:00
Natalie Tay
34fba417f1
FIX: Show dismiss all modal in user-notifications page (#16491)
Earlier on when https://github.com/discourse/discourse/pull/14935 was implemented, the "Dismiss all" button in /user-notifications was not catered for. Now, it is!
2022-04-18 22:32:39 +08:00
Jordan Vidrine
2f3b518920
DEV: Add index to each helper for access within topic-list-items (#16483) 2022-04-14 14:24:07 -05:00
Penar Musaraj
650adbe423
FIX: Href attribute for post-date link (#16471)
This updates the fix in commit eb70ea4.

Co-authored-by: Osama Sayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-04-13 23:09:39 -04:00
Kris
f2468f1093
Revert: UX: Make full topic row clickable on mobile (#16440) (#16472) 2022-04-13 18:35:47 -04:00
Bianca Nenciu
eb70ea4478
FIX: Add href to post-date link element (#16469)
The href was removed in commit 08a1f41582,
but it was useful to quick copy the URL to the post.
2022-04-13 18:41:06 +03:00
Vinoth Kannan
c863244382
FEATURE: add user_suspended attribute in post serialize. (#16413)
This PR will include `suspended` attribute in post serializer to check it in post widget and add a CSS class name.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-04-13 19:58:09 +05:30
Joffrey JAFFEUX
3e0c8d48e9
FIX: prevents error with emoji autocomplete (#16465)
The error would happen when emoji_autocomplete_min_chars site setting is set to anything superior to 0, in this case until we reach the min chars length, emojiSearch would return "skip" and the code was currently expecting an array.
2022-04-13 15:32:24 +02:00
Osama Sayegh
eb5a3cfded
FEATURE: Add 2FA support to the Discourse Connect Provider protocol (#16386)
Discourse has the Discourse Connect Provider protocol that makes it possible to
use a Discourse instance as an identity provider for external sites. As a
natural extension to this protocol, this PR adds a new feature that makes it
possible to use Discourse as a 2FA provider as well as an identity provider.

The rationale for this change is that it's very difficult to implement 2FA
support in a website and if you have multiple websites that need to have 2FA,
it's unrealistic to build and maintain a separate 2FA implementation for each
one. But with this change, you can piggyback on Discourse to take care of all
the 2FA details for you for as many sites as you wish.

To use Discourse as a 2FA provider, you'll need to follow this guide:
https://meta.discourse.org/t/-/32974. It walks you through what you need to
implement on your end/site and how to configure your Discourse instance. Once
you're done, there is only one additional thing you need to do which is to
include `require_2fa=true` in the payload that you send to Discourse.

When Discourse sees `require_2fa=true`, it'll prompt the user to confirm their
2FA using whatever methods they've enabled (TOTP or security keys), and once
they confirm they'll be redirected back to the return URL you've configured and
the payload will contain `confirmed_2fa=true`. If the user has no 2FA methods
enabled however, the payload will not contain `confirmed_2fa`, but it will
contain `no_2fa_methods=true`.

You'll need to be careful to re-run all the security checks and ensure the user
can still access the resource on your site after they return from Discourse.
This is very important because there's nothing that guarantees the user that
will come back from Discourse after they confirm 2FA is the same user that
you've redirected to Discourse.

Internal ticket: t62183.
2022-04-13 15:04:09 +03:00
awesomerobot
a47efcd6ec DEV: user-preference-page class on solo-perference 2022-04-13 09:32:58 +08:00
Penar Musaraj
0bef5af582
DEV: Cleanup body.scrollTop usage (#16445)
All current browser treat the HTML document (not the body element) as
the scrollable document element. Hence in all current browsers,
`document.body.scrollTop` returns 0. This commit removes all usage of
this property, because it is effectively 0.

Co-authored-by: David Taylor <david@taylorhq.com>
2022-04-12 13:23:57 -04:00
Kris
0e88cffaf4
UX: Make full topic row clickable on mobile (#16440) 2022-04-12 09:44:20 -04:00
David Taylor
9c33f6de05
FIX: Ensure allowed_tags and allowed_tag_groups can be removed (#16454) 2022-04-12 11:14:29 +01:00
awesomerobot
be4699fc28 add classes to danger buttons on user admin 2022-04-12 09:09:04 +08:00
Keegan George
0a653179a5
FEATURE: Sortable json-editor items (#16403) 2022-04-11 13:24:14 -04:00
Martin Brennan
cecdef83a8
FIX: Fall back to clipboard.writeText if ClipboardItem not supported (#16419)
Firefox does not support window.ClipboardItem yet (it is behind
a flag (dom.events.asyncClipboard.clipboardItem) as at version 87.)
so we need to fall back to the normal non-async clipboard copy, that
works in every browser except Safari.

This commit also tests the clipboardCopyAsync function by stubbing out
the clipboard on the window.navigator.

This fixes an issue in the discourse-chat plugin, where the
"Quote in Topic" button errored in Firefox.
2022-04-11 13:00:45 +10:00
Alan Guo Xiang Tan
f26d07c1ad DEV: Add pretender endpoint for category visible groups.
This was causing our build to become flaky.
2022-04-11 10:34:18 +08:00
Martin Brennan
6d2441041b
DEV: Minor in-progress-uploads refactor (#16430)
These calls were missed in ac672cfcc6
2022-04-11 11:50:06 +10:00
Penar Musaraj
cd02ea07fc
FIX: Buggy topic scrolling on iOS 12 (#16422) 2022-04-09 09:44:36 -04:00
Alan Guo Xiang Tan
0f7b9878ff SECURITY: Category group permissions leaked to normal users.
After this commit, category group permissions can only be seen by users
that are allowed to manage a category. In the past, we inadvertently
included a category's group permissions settings in `CategoriesController#show`
and `CategoriesController#find_by_slug` endpoints for normal users when
those settings are only a concern to users that can manage a category.
2022-04-08 13:46:20 +08:00
Alan Guo Xiang Tan
499793cbbc DEV: Remove comment that doesn't make any sense. 2022-04-08 09:21:45 +08:00
David Taylor
683b172104 UX: Make header/footer HTML consistent for crawler and noscript
These were originally very similar, but have diverged over time. This makes it very difficult to manage styling.

This commit moves the noscript header and footer into partials so they can be reused in both the crawler view and the `<noscript>` view. It also makes browser-update render the noscript content **instead of** the `<section id='main'>`, rather than adding adding the noscript inside the `<section>`. This provides better parity with the server-rendered crawler view.
2022-04-07 15:27:06 +01:00
David Taylor
e16f8a5ee6 FIX: Ensure legacy browser handling uses full <noscript> content
If the noscript tag contains a lot of data, browsers seem to split it across multiple `text` nodes, so we need to concatenate them.
2022-04-07 15:27:06 +01:00
David Taylor
e22acaa565
DEV: Fix flaky tags-test (#16410)
The test was dependent on a translation string. Under certain seeds, the translation string for `{{category-drop}}`'s `noCategoriesLabel` is broken. This is because the value is calculated the first time a `{{category-drop}}` is rendered during the suite. If that first time happens to be during a test which is messing with `I18n.translations`, then it will cache a broken value. Maybe this should be fixed in a future commit... but for now moving to `data-value` will make the `tags-test` more robust and will stop the flakiness.
2022-04-07 14:39:52 +01:00
Vinoth Kannan
eb628b0747
FIX: hide user notifications tab for moderator users. (#16406)
Moderators don't have access to notifications of other users. So we shouldn't display the notifications tab on other user profiles for them.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-04-07 14:37:37 +05:30
Martin Brennan
41fb4a3ca0
FIX: uppy-image-uploader and uppy-upload mixin minor issues (#16405)
Follow up to ac672cf. Fixes a
small issue with uppy-image-uploader where the Processing label
was shown for the whole upload. Also adds a couple of options to
pick-files-button to allow for it to be used in the uppy-image-uploader.

Also fixes an issue where the uppy-upload mixin was resetting prematurely
when all uploads in progress were complete, but it should have been doing
that on the uppy complete event instead.
2022-04-07 15:36:21 +10:00
Martin Brennan
ac672cfcc6
DEV: Improvements to UppyUploadMixin to use ExtendableUploader (#16383)
This PR brings the `UppyUploadMixin` more into line with the `ComposerUppyUpload` mixin, by extending the `ExtendableUploader` . This also adds better tracking of and events for in progress uploads in the `UppyUploadMixin` for better UI interactions, and also opens up the use of `_useUploadPlugin` for the mixin, so anything implementing `UppyUploadMixin` can add extra uppy preprocessor plugins as needed.

This has been done as part of work on extracting uploads out of the chat composer. In future, we might be able to do the same for `ComposerUppyUpload`, getting rid of that mixin to standardise on `UppyUploadMixin` and have a separate `composer-uploads` component that lives alongside `composer-editor` like what we are doing in https://github.com/discourse/discourse-chat/pull/764
2022-04-07 12:59:06 +10:00
Kris
26b752dc24
DEV: pass user to badge page outlet (#16395) 2022-04-06 22:04:22 -04:00
David Taylor
ef2e4f7ee0
DEV: Improve ember test (testem) output (#16401)
- Repeat failure output at end (similar to rspec)
- When running in GitHub actions, set a workflow error message
2022-04-06 22:57:52 +01:00
Jarek Radosz
8e809149d2
DEV: Fix "overridden" typos (#16399)
There are still some, but those are in actual code that's used outside core, so the change there would need to go through the deprecation cycle. That's a task for another day.
2022-04-06 23:17:20 +02:00
Jarek Radosz
77fed8dfc3
DEV: Update xss.js package (#16398) 2022-04-06 22:49:13 +02:00
Jarek Radosz
06d4445ab0
DEV: Remove deprecated pretty-text functions/file (#16397)
Nothing in all-the* uses those anymore
2022-04-06 22:48:50 +02:00
David Taylor
68c74e9b93
FEATURE: Allow multiple required tag groups for a category (#16381)
Previously we only supported a single 'required tag group' for a category. This commit allows admins to specify multiple required tag groups, each with their own minimum tag count.

A new category_required_tag_groups database table replaces the existing columns on the categories table. Data is automatically migrated.
2022-04-06 14:08:06 +01:00
Joffrey JAFFEUX
8f03baaf8e
DEV: optionally removes links/avatars from user-info (#16388)
Usage:

```
{{user-info user=user includeLink=false includeAvatar=false}}
```

This is useful when using user-info in a dropdown list for example.
2022-04-06 14:07:38 +02:00
Martin Brennan
bf3260faea
DEV: Use pick-files-button in composer-editor and clean up (#16375)
A while ago in 27b97e4 the
pick-files-input was added but only used once for data-explorer. This commit uses it
for the composer-editor, and cleans it up to be usable either via uppy
handling the uploads or with this component handling the uploads.

This can then be used in other places in the app and also for plugins.
2022-04-06 12:48:13 +10:00
Jarek Radosz
14778ba52e
DEV: Fix select-kit deprecations (#15080) 2022-04-05 19:01:09 +02:00
Andrei Prigorshnev
8a9c644021
FIX: no need to hide "Later This Week" when showing "Later Today" (#16365) 2022-04-05 16:49:05 +04:00
David Taylor
7edc941843
FIX: Ensure images do not change height when loading is complete (#16368)
Browsers automatically calculate an aspect ratio based on the width/height attributes of an `<img`. HOWEVER that aspect ratio only applies while the image is loading. Once loaded, it'll use the image's actual dimensions. This can cause things to jump around after loading. For example:
 - if a user deliberately inserts false width/height
 - the image fails to load (404)
 - an optimised image is a few pixels different, due to a rounding when resizing

This decorator explicitly sets the `aspect-ratio` property so that things are consistent throughout the lifetime of all `<img` elements.
2022-04-05 13:43:17 +01:00
Dan Ungureanu
7179fbab77
UX: Require a password for invited users (#16291)
Invited users were allowed to accept invites without entering a
password. When this happened, instead of receiving an activation email,
they received a password reset email. Basically, a user could postpone
choosing a password until after registration.

Unfortunately, this led to a confusing user experience and this commit
attempts to fix that by making the client require a password. There is
a single case when users do not need to input a password: when they sign
up using an external authenticator and password field is completely
hidden. In this case, the third party handles the password logic.

Technically, invites can still be redeemed without a password, but that
functionality was kept to preserve backwards compatibility.
2022-04-05 14:57:15 +03:00
Alan Guo Xiang Tan
080164a66e DEV: Use settled ember test helper instead of attempting to rerender. 2022-04-05 18:42:02 +08:00
Jean
e03593d75c
DEV: add composer cancelled event triggers (#16371) 2022-04-04 17:38:30 -04:00
Vinoth Kannan
415c4fa72a
FIX: review queue scrolling is not working after take an action. (#16346)
`reject` method for `Reviewable` model is returning an array. So if we use `this.set` method to update `reviewables` attribute in controller then it replaces the model with an array of objects wrongly. This is now fixed by using the `setObjects` method of the model.
2022-04-04 14:48:06 +05:30
Jarek Radosz
6555f0c11b
DEV: Support qunit_disable_auto_start in ember CLI (#16358)
Required for e.g. `test/run-qunit.js`
2022-04-02 21:15:50 +02:00
CommanderRoot
86a783b3ad
DEV: Replace deprecated String.prototype.substr() (#16233)
String.prototype.substr() is deprecated so we replace it with String.prototype.slice() which works similarily but isn't deprecated.

Signed-off-by: Tobias Speicher <rootcommander@gmail.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-04-01 17:35:17 +02:00
Andrei Prigorshnev
e30f13d850
FIX: stop sorting options in date-pickers on the bookmark modal and the topic-timers modal (#15750) 2022-04-01 16:16:46 +04:00
awesomerobot
98f3349c31 DEV: Safari's window.innerWidth doesn't match CSS 2022-04-01 09:50:08 +08:00
awesomerobot
e54440a035 DEV: pass user to user-summary outlets 2022-04-01 09:49:44 +08:00
Bianca Nenciu
ac612987ef
FIX: Build correct post and topic shareUrl (#16332)
The links returned by post.url and topic.url are relative, but contain
the subdirectory. When getAbsoluteURL is called to construct the
complete share URL, it adds the host and the subdirectory again. As a
result the created URLs contained the subdirectory twice.
2022-04-01 00:02:01 +03:00
OsamaSayegh
ba509a93c2 DEV: Add tests for accessibility changes
Follow-up to the previous 5 commits (aka PR #16328).
2022-03-31 19:01:40 +03:00
OsamaSayegh
db67c478be A11Y: Make user avatars in posts stream untabbable
The user avatar in posts has aria-hidden set to true to reduce
redundancy since the information that the avatar gives to screen readers
is the same information that the username/name of the post gives which
is the author of the post.

However, it's still possible for a screen reader user to reach the
avatar by tabbing through the post and when that happens the avatar is
read as "blank". This isn't ideal so we should set tabindex to -1 on the
avatar to remove it from the default keyboard nav flow.
2022-03-31 19:01:40 +03:00
OsamaSayegh
ca58d80b0c A11Y: Improve accessibility of embedded replies below post
The changes are:

* Add an aria-label for the button that embeds/expand the replies of a
post below it
* Add an aria-label for the button that collapses the embedded replies
* Add an aria-label to describe the embedded replies section when
expanded and an aria-label for each embedded reply
2022-03-31 19:01:40 +03:00
OsamaSayegh
fd26facdf3 A11Y: Improve accessibility of likes/read count post buttons
The improvements are:

* Add an aria-label to the like/read count buttons below posts to
indicate what they mean and do.

* Add aria-pressed to the like/read count buttons to make it clear to screen
readers that these buttons are toggleable.

* Add an aria-label to the list of avatars that's shown when post likes
or readers are expanded so that screen reader users can understand what
the list of avatars means.
2022-03-31 19:01:40 +03:00
OsamaSayegh
acdb64eb7e A11Y: change tabLoc tagName from <a> to <span>
The tabLoc is a hidden element inside the post region that we use to
move the focus close to the post that's visually highlighted (by
changing the background color and then fading it away) when a topic is
opened so that screen readers can start reading from that post rather
than the top of the page.

Some screen readers get confused by the tabLoc element being an `<a>`
element and read out the topic ID and I've found that changing the tag
to `<span>` fixes the problem.
2022-03-31 19:01:40 +03:00
OsamaSayegh
ef66b3fd40 A11Y: Include username in aria-label of post region
I think the author of a post is a critical piece of information that
should be communicated right when the post region is reached.
2022-03-31 19:01:40 +03:00
Osama Sayegh
e7c16bc49a
DEV: Remove grant admin 2FA modal (#16347)
The `grant-admin-second-factor` modal is no longer being used since dd6ec65061.
2022-03-31 19:01:11 +03:00
Penar Musaraj
e5bf704c7b
UX: Add details button to admin bounced/rejected lists (#16343) 2022-03-31 11:14:11 -04:00
Penar Musaraj
e431000b23
FIX: Hide tag count in tag filter when in a category context (#16327) 2022-03-31 12:57:27 +11:00
Penar Musaraj
943083f4df
DEV: Include helper in core for applyLocalDates (#16325) 2022-03-30 20:58:38 -04:00
Joffrey JAFFEUX
57b20393ac
FIX: flips popper when top position is chosen incorrectly (#16333)
More precisely, if popper can't position something at the bottom, it will automatically attempt to position it at the top. However we should ensure it doesn’t consider the space under the d-header as valid space, when header's height is taken into consideration if top space is not enough, we should force bottom, and flip it back.

This logic is not necessary on modals as the d-header is not present.
2022-03-30 20:58:22 -04:00
Kris
8999de6e5b
DEV: add plugin outlets for user badges (#16334) 2022-03-30 19:59:45 -04:00
Osama Sayegh
2e77cc86fc
Revert "A11Y: Make the views column in topics lists tabbable" (#16321)
This partially reverts commit 771dddb711.

This was a mistake; non-interactive element should not be included in tab navigation.
2022-03-30 17:50:28 +03:00
Penar Musaraj
daa581d8f2
REFACTOR: Abstract search link click logging (#16317) 2022-03-30 10:10:39 -04:00
Alan Guo Xiang Tan
d0c2eb3359
DEV: Drop enable_long_polling and long_polling_interval settings (#16323)
Scheduled to drop in 2.9.

Co-authored-by: Loïc Guitaut <loic@discourse.org>
2022-03-30 16:32:40 +08:00
Martin Brennan
b8828d4a2d
FEATURE: Polymorphic bookmarks pt. 1 (CRUD) (#16308)
This commit introduces a new use_polymorphic_bookmarks site setting
that is default false and hidden, that will be used to help continuous
development of polymorphic bookmarks. This setting **should not** be
enabled anywhere in production yet, it is purely for local development.

This commit uses the setting to enable create/update/delete actions
for polymorphic bookmarks on the server and client side. The bookmark
interactions on topics/posts are all usable. Listing, searching,
sending bookmark reminders, and other edge cases will be handled
in subsequent PRs.

Comprehensive UI tests will be added in the final PR -- we already
have them for regular bookmarks, so it will just be a matter of
changing them to be for polymorphic bookmarks.
2022-03-30 12:43:11 +10:00
Osama Sayegh
a782f04676
FIX: Close user/group card on esc key press (#16306)
`keyUp` is only invoked if the component's root element (or one of its descendants) has focus which isn't great for keyboard users because if they open a user card and want to close it, they have to tab through to the user card and only then will the Esc key actually close the card. This commit adds a `keyup` event listener on the `document` for the Esc key so that the user card is closed (if it's open) no matter where the focus is.
2022-03-29 21:29:22 +03:00
Penar Musaraj
1210cfe60e
UX: Indicate that "Show replies" button does not work for deleted posts (#16304) 2022-03-29 11:58:50 -04:00
Martin Brennan
045be237a0
DEV: Fix failing share topic tests (#16309)
Since 3fd7b31a2a some tests
were failing with this error:

> Error: Unhandled request in test environment: /c/feature/find_by_slug.json
> (GET) at http://localhost:7357/assets/test-helpers.js

This commit fixes the issue by adding the missing pretender. Also
noticed while fixing this that the parameter for the translation
was incorrect -- it was `group` instead of `groupNames`, so that
is fixed here too, along with moving the onShow functions into
@afterRender decorated private functions. There is no need for the
appevent listeners.
2022-03-29 15:11:44 +08:00
Kris
ad89bd5ac1
DEV: New plugin outlets for user and user-card (#16307) 2022-03-29 09:09:13 +08:00
Jordan Vidrine
2b974d4992
DEV: Add additional outlet to user-card next to message button (#16300) 2022-03-28 11:56:43 -05:00
Bianca Nenciu
3fd7b31a2a
FIX: Show restricted groups warning when necessary (#16236)
It was displayed for the "everyone" group too, but that was not
necessary.
2022-03-28 19:38:29 +03:00
David Taylor
c219740274
DEV: Add polyfill for String.prototype.replaceAll (#16301) 2022-03-28 17:18:56 +01:00
David Taylor
720e1ca9e7
FEATURE: Support upload:// urls in img tags (#16277)
Previously, our `upload://` protocol urls were only supported in markdown image tags. This meant that our PullHotlinkedImages job was forced to convert `<img` tags to markdown. Depending on the exact syntax, this can actually cause the image to break.

This commit adds support for `upload://` inside regular HTML `<img` tags. In a future commit, we'll be able to use this to make our PullHotlinkedImages job much more robust.

Context at https://meta.discourse.org/t/152801
2022-03-28 16:46:47 +01:00
Alan Guo Xiang Tan
fc40a572bb
DEV: Register question_answer_user_commented notification type. (#16297)
The notification type is used by https://github.com/discourse/discourse-question-answer
2022-03-28 16:03:19 +08:00
Martin Brennan
94207e27d1
DEV: Remove underscore versions of TextareaTextManipulation functions (#16285)
Since 6a5ef27, we made public
versions of some TextareaTextManipulation methods. This commit removes
the old underscore versions of these methods:

_focusTextArea
_insertBlock
_insertText
_getSelected
_selectText
_replaceText
_applySurround
_addText
_extractTable
_isInside
2022-03-28 13:23:50 +10:00
Mark VanLandingham
96719cbf4f
DEV: Rename param passed to updateNotificationLevel (#16289) 2022-03-25 11:20:24 -05:00
Mark VanLandingham
a3563336db
FIX: Bug setting notification level to muted/ignored on user page (#16268) 2022-03-25 10:51:45 -05:00
Andrei Prigorshnev
5423d46442
UX: cleaner messages for empty state on the user activity topics page (#16267) 2022-03-25 00:20:55 +04:00
Dan Ungureanu
03ad88f2c2
FIX: Add errors field if group update confirmation (#16260)
* FIX: Redirect if Discourse-Xhr-Redirect is present

`handleRedirect` was passed an wrong argument type (a string) instead of
a jqXHR object and missed the fields checked in condition, thus always
evaluating to `false`.

* FIX: Add `errors` field if group update confirmation

An explicit confirmation about the effect of the group update is
required if the default notification level changes. Previously, if the
confirmation was missing the API endpoint failed silently returning
a 200 response code and a `user_count` field. This change ensures that
a proper error code is returned (422), a descriptive error message and
the additional information in the `user_count` field.

This commit also refactors the API endpoint to use the
`Discourse-Xhr-Redirect` header to redirect the user if the group is
no longer visible.
2022-03-24 14:50:44 +02:00
OsamaSayegh
771dddb711 A11Y: Make the views column in topics lists tabbable 2022-03-24 13:42:24 +03:00
OsamaSayegh
bc54b0055c A11Y: Improve topic entrance modal
Clicking the Replies cell of a topic in a topics list shows a little
modal with 2 buttons that take you to the first and last posts of the
topic. This modal is currently completely inaccessible to
keyboard/screen reader users because it can't be reached using the
keyboard.

This commit improves the modal so that it traps focus when it's shown
and makes it possible to close the modal using the esc key.
2022-03-24 13:42:24 +03:00
OsamaSayegh
0d4fad67db A11Y: Add aria-labels to topics list column headers
Topics lists like /latest are ordered by last activity date by default,
but the order can be changed (and reversed) to something else such as
replies count and views count by clicking on the corresponding column
header in the topics list. These column headers are tabbable, but screen
readers announce them as, using the replies column as example, `Replies
toggle button`. This doesn't communicate very well that this the button
changes the order, so this commit adds `aria-label`s to all column
headers to make it clear that they change order. The current copy for
the `aria-label` is `Sort by replies`.
2022-03-24 13:42:24 +03:00
OsamaSayegh
0d6bb64c0f A11Y: Add aria-label to the Replies cell in topics list
When tabbing through a topics list like /latest, /unread, /new etc. the
Replies column is announced as `<replies count> button` by screen
readers and it's not clear that number means the topic has that number
of replies. This commit adds an `aria-label` so the Replies column to
make it clear what that number means. The current copy of the
`aria-label` is "This topic has <replies count> replies".
2022-03-24 13:42:24 +03:00
Osama Sayegh
8dd6cb14ee
FIX: Don't attempt to focus .title in topic-list-item if it doesn't exist (#16274)
Follow-up to 97e7bb1ce4

Themes/plugins may override the default `topic-list-item` and remove the `.main-link` or `.title` elements from the template. We shouldn't attempt to focus them if they don't exist.
2022-03-24 08:33:17 +03:00
Martin Brennan
817035b557
DEV: Add useUploadPlaceholders to composer-upload-uppy (#16272)
This option is being added because some composer derivatives
like the chat composer use ComposerUploadUppy, but do not
need the placeholder text for uploads to be inserted/replaced.
This way those components can set useUploadPlaceholders to
false to avoid it.
2022-03-24 14:50:18 +10:00
Martin Brennan
1341baaeba
DEV: Use composerEventPrefix for paste in textarea-text-manipulation (#16262)
In the commit d678ba1103 we added
gif parsing support on paste, but we also slightly changed the
isComposer check there, along with a change in chat this caused
isComposer to be true (which is correct), however the event we fire
is composer:insert-text which the chat composer does not pick up.

Instead, we should use composerEventPrefix if it is present to
fire the insert-text event, and if it is not present (e.g. for
some custom composer that someone has implemented) fall back to
the default. There is a companion commit for chat to handle this
change there.
2022-03-24 09:49:56 +10:00
Penar Musaraj
99a6f32554
DEV: Add registerCustomLastUnreadUrlCallbackto plugin API (#16222) 2022-03-23 13:34:17 -04:00
Joffrey JAFFEUX
4a39850aac
FIX: closing the picker shouldn't propagate the pointer event (#16266) 2022-03-23 16:42:53 +01:00
Penar Musaraj
147ffadcf3
DEV: Update Uppy to 2.1.6 (#16227) 2022-03-23 09:28:55 -04:00
Jarek Radosz
7fcf4dcd4b
FIX: Allow @ember/test import in embercli prod builds (#16264)
This matches the behavior of legacy discourse-loader and the regular Ember resolver.
2022-03-23 14:28:09 +01:00
Osama Sayegh
97e7bb1ce4
FIX: Don't listen for focus/blur events if the topic-list opts out of last visited focus (#16263)
Follow-up to eb237e634a.

Some `{{topic-list}}` instances, like the one for suggested topics, opt out of focusing the row of the last visited topic in the list, but we currently still add listeners for focus/blur events even if when the topic-list instance opts out. This commit adds a check so that we only register focus/blur listeners if the topic-list opts in for last visited topic focus.
2022-03-23 15:30:11 +03:00
Osama Sayegh
eb237e634a
A11Y: Focus last viewed topic in topic lists (take 3) (#16257)
Another attempt at fixing https://meta.discourse.org/t/discourse-with-a-screen-reader/178105/88?u=osama. Previous PR (reverted): #16240.

The problems with the previous PR were:

1. As you scrolled down a topics list, the first topic of every new batch of topics would receive focus and the indicator would show up.
2. Similar to 1, clicking the `See X new or updated topics` notice would also focus a random topic from the new topics that were just loaded.
3. Topics in the suggested topics list received focus too
4. Our custom focus indicator appeared on mobile, but it shouldn't.

This commit should have none of these problems.
2022-03-23 13:03:56 +03:00
Osama Sayegh
97519a3ea5
Revert "A11Y: Focus last viewed topic in topic lists (#16240)" (#16255)
This reverts commit 5d77f485cb.

There are some edge cases that we need to handle better. Reverting this
commit because we're going to do a beta release later today.
2022-03-22 20:09:12 +03:00
Mark VanLandingham
f0e87aa35f
DEV: appEvent to close user card (#16253) 2022-03-22 12:00:44 -05:00
Osama Sayegh
5d77f485cb
A11Y: Focus last viewed topic in topic lists (#16240)
Meta topic: https://meta.discourse.org/t/discourse-with-a-screen-reader/178105/88?u=osama

This is another attempt to fix the same problem that https://github.com/discourse/discourse/pull/15300 was meant to fix, but it had to be reverted because the `focus()` call caused the topic title to have an outline on certain browsers. This commit does mostly the same thing as the previous one, but the difference is that the native focus indicator outline is replaced with a custom indicator that only appear on the left side of the topic rather than all sides. See https://github.com/discourse/discourse/pull/16240#issuecomment-1075212093 for screenshots.
2022-03-22 19:26:38 +03:00
David Taylor
daacb3b038 FIX: Ensure all/none subcategory filters work correctly with tags
This is done by defining a `/all` route for use when a category's default filter is 'none'. This was defined for regular category routes in 3e7f7fdd, but not for tag routes.

This commit also corrects the route name TagsShowNoneCategory*Route -> TagsShowCategoryNone*Route, which fixes an error when setting subcategories=none while filtering by tags.
2022-03-22 15:26:00 +00:00
David Taylor
6acd2c58a9
DEV: Drop padStart and padEnd polyfills (#16249)
These methods have been natively supported in all our target browsers for many years. We're now feature-detecting `String.prototype.replaceAll`, which is a much more recent addition. If a browser has `replaceAll`, it'll have `padStart` and `padEnd`
2022-03-22 11:46:13 +00:00
David Taylor
cf6deb439a
FIX: Add replaceAll to browser-detect (#16248)
We're using replaceAll in a few places. If it's not supported, we should fall back to the basic-html view.
2022-03-22 11:45:03 +00:00
Robin Ward
d025405130
FIX: When using Ember CLI, plugin admin code was not being loaded in tests (#16239) 2022-03-21 15:46:41 -04:00
David Taylor
f7b5ff39cf
DEV: Refactor tag-show route (#16217)
Previously we were loading almost all the data in an afterModel hook, storing it temporarily in route properties, and then passing it to the controller in `setupController`.

This does not follow Ember best-practices, and causes a number of unexpected behaviours. For example, Ember only calls `setupController` **when the model value changes**. Since `model()` was only returning the tag, that meant that category changes and `additionalTag` changes wouldn't always trigger a `setupController` call, and things would get into a very weird state. This is visible when using the 'loading-slider' component because the category navigation dropdown gets 'stuck' when switching categories.

This commit moves all the data-fetching into `model()`. To make things cleaner, it also:
- removes most uses of route-level variables
- introduces async/await in the model() function
- removes some unneeded `get()` usage
- re-uses DiscoverySortableController for queryParam default handling
- Removes override of `renderTemplate()` so that queryParams are correctly passed through to the controller
- Removes some `transitionToRoute` hacks which were working around the queryParams issue
- Switches to `@action`
2022-03-21 12:20:51 +00:00
Martin Brennan
0832cad803
DEV: Add clipboardCopyAsync API to utilities (#16232)
In certain cases (like chat quoting) we need to be able
to call the API with an async AJAX call before copying
the results to the clipboard. The only way to reliably
do this is by handing off the AJAX promise to a ClipboardItem.

This commit introduces a new clipboardCopyAsync function
to handle this, which will stand alongside the existing
clipboardCopy function which can be used when no AJAX
request is necessary.
2022-03-21 13:34:01 +10:00
Jarek Radosz
4e9a96b8c4
DEV: Update fireworm package (#16226) 2022-03-19 14:43:18 +01:00
Jarek Radosz
508370e433
DEV: Add missing service injections (#16223) 2022-03-18 18:38:56 +01:00
David Taylor
13b4b0d3c4
DEV: Refactor d-section to function correctly with loading-slider (#16216)
When using the loading-slider, the component instance is re-used across different pages and so the didInsertElement/willDestroyElement hooks are not fired during page transitions. Instead, we can lean on `didReceiveAttrs`.

Similar fix to 87b98e2862

Note that the `scrollTop` feature is still problematic under the loading slider. That will need to be addressed in a future commit.
2022-03-18 11:47:23 +00:00
Rafael dos Santos Silva
d678ba1103
FEATURE: Allow users to paste animated gifs into composer (#16204)
If a user copies a gif from a website into their clipboard and then
tries to paste it into the Discourse composer, we would only paste a
static single frame of the original gif. This happens because the
browser doesn't store the original image in the clipboard, but two
entries:

1. image/png with the frame of the copy moment
2. text/html with the markup of the gif img element

This commit adds an heuristic that detects this and makes us pick the
clipboard content of text/html instead of the image/png when this
happens.

From there our existing HTML paste logic handles and converts the HTML
img tag into markdown, preserving even the alt text.

See https://meta.discourse.org/t/-/218720 for context.
2022-03-17 10:47:54 -03:00
Rafael dos Santos Silva
100a84d345
DEV: Reserve assigned notification type (#16207)
* DEV: Reserve assigned notification type

* update constants
2022-03-16 17:08:10 -03:00
Jarek Radosz
d10f95bfad
FIX: Ember test imports, again (#16203)
We use that import also outside of tests…
2022-03-16 17:12:15 +01:00
Jarek Radosz
ecfbd45607
FIX: Ember test entries in discourse-loader (#16201)
Those aren't available in the production build.
(+ Move to test-shims)
2022-03-16 16:06:34 +01:00
Bianca Nenciu
44c8f4940e
FIX: Show bookmark options by default when editing (#16189)
These changes also update user bookmark preferences on the client side
immediately in case user creates more than a bookmark during the same
session.
2022-03-16 16:41:24 +02:00
Mark VanLandingham
a0f4c7fe88
FIX: remove racing requests for admin users (#15936) 2022-03-16 08:47:48 -05:00
Jarek Radosz
704606e731
DEV: Support registerWaiter import in legacy env (#16195)
Throw in `unregisterWaiter` too
2022-03-16 14:32:38 +01:00
Bianca Nenciu
08a1f41582
FEATURE: Replace share-popup with share-topic (#16108)
share-topic modal is used everywhere expect when clicking on the top
right corner of the post. This changes standardize on share-topic modal
and add the missing features from share-popup.
2022-03-15 21:27:18 +02:00
Penar Musaraj
d19b5fe80b
DEV: Stop live-reloading locally on SCSS changes (#16193)
The `testem.scss` include triggers a live reload locally. We need these
styles when running `ember test --server`, so this loads that stylesheet
only in that scenario.
2022-03-15 16:46:12 +01:00
Penar Musaraj
593f3e5dd8
UX: Styling changes to global banner (#16191) 2022-03-15 16:19:55 +01:00
Ella E
bfe9ba3039
UX: Hide group avatar flair block if it's empty 2022-03-14 11:42:37 -06:00
David Taylor
349a4acc9f
DEV: Use Ember CLI for docker.rake CI testing (#16182) 2022-03-14 17:32:03 +00:00
Jarek Radosz
172d030a45
DEV: Check if show-modal container is viable (#16170) 2022-03-14 15:14:42 +01:00
Jarek Radosz
fa7d34f593
DEV: Make decorator method names debug-friendly (#16181)
Example

Before: `_decorate_5`
After: `_decorate_5_chat_transcript_datetime`
2022-03-14 15:12:54 +01:00
Penar Musaraj
0400d10907
FIX: J/K post stream navigation inconsistencies (#16171) 2022-03-14 15:09:19 +01:00
David Taylor
839639326c
DEV: Install the @ember/jquery package to remove warning (#16165)
Eventually we want to remove JQuery, but that's a long way off. Installing this package will stop ember-cli printing the deprecation warning on every boot

```
DEPRECATION: The integration of jQuery into Ember has been deprecated and will be removed with Ember 4.0. You can either opt-out of using jQuery, or install the `@ember/jquery` addon to provide the jQuery integration. Please consult the deprecation guide for further details: https://emberjs.com/deprecations/v3.x#toc_jquery-apis
```
2022-03-14 10:25:52 +00:00
Penar Musaraj
3a817d2377
FIX: Buggy jump-to-post on Firefox (#16153) 2022-03-10 20:39:39 +01:00
Jarek Radosz
99b2cfe26e
DEV: Disallow Ember global usage (#16147)
…and sprinkle `// eslint-disable-next-line no-undef` throughout the code where is unavoidable for now
2022-03-09 17:54:07 +01:00
Jarek Radosz
2ba602708a
DEV: A manual test waiter might not be needed (#16142) 2022-03-09 15:38:10 +01:00
Jarek Radosz
fbef828ab2
DEV: Remove "empty" template code (#16140)
Its only use seems to have been removed back in 2016 in a9ed15e11a.
2022-03-09 13:57:39 +01:00
Martin Brennan
ca93e5e68b
FIX: Allow admins to change user ignore list (#16129)
Previously, if an admin user tried to add/remove
users to another user's ignored list, it would
be added to their own ignore list because the
controller used current_user. Now for admins only
a source_user_id parameter can be passed through,
which will be used to ignore the target user for
that source user.
2022-03-09 14:51:30 +10:00
David Taylor
3ad9c2cdb6
FEATURE: Add mobile support for subcategories-with-featured-topics (#16118)
Follow-up to eb2e3b510d
2022-03-08 22:06:27 +00:00
Bianca Nenciu
6d422a8033
FEATURE: Highlight expired bookmark reminders (#15317)
The user can select what happens with a bookamrk after it expires. New
option allow bookmark's reminder to be kept even after it has expired.
After a bookmark's reminder notification is created, the reminder date
will be highlighted in red until the user resets the reminder date.
User can do that using the new Clear Reminder button from the dropdown.
2022-03-08 19:44:18 +02:00
Bianca Nenciu
f5422f91aa
FEATURE: Add link to original image in lightbox (#15640)
Adds a link to the original image next to the download link. It can be
used to view full resolution image in the browser.
2022-03-08 19:39:46 +02:00
Bianca Nenciu
4fe99e39c3
FEATURE: Add new site setting list type with name and values (#16045)
These changes include a bug fix because allow_any attribute of site
settings was completely ignored before.
2022-03-08 13:18:43 +02:00
Jarek Radosz
c528de3288
DEV: Make settled() work in the legacy env (#16122)
(and await for `focusComposer`)
2022-03-07 20:00:09 +01:00
Joffrey JAFFEUX
36e7163d16
FIX: prevents self-reference to discoveryTopics from discoveryTopics (#16114) 2022-03-07 09:27:19 +01:00
Martin Brennan
7af01d88d2
FIX: Better 0 file size detection and logging (#16116)
When creating files with create-multipart, if the file
size was somehow zero we were showing a very unhelpful
error message to the user. Now we show a nicer message,
and proactively don't call the API if we know the file
size is 0 bytes in JS, along with extra console logging
to help with debugging.
2022-03-07 12:39:33 +10:00
Jarek Radosz
3db4b3bc5e
DEV: Drop lodash (#16110) 2022-03-06 18:15:25 +01:00
Jarek Radosz
d5be02dac5
DEV: Bump eslint-config-discourse (#16109) 2022-03-06 18:15:15 +01:00
Jarek Radosz
b9c90d6a06
DEV: Use Map() to store emoji groups (#16065) 2022-03-05 18:58:49 +01:00
Jarek Radosz
3918e5b74a
DEV: Actually focus stuff in tests (#16102)
PSA: `focus("selector")` does not focus elements. It "makes a request to bring the window to the front."
2022-03-05 17:20:22 +01:00
David Taylor
eb2e3b510d
FEATURE: Introduce 'Subcategories with featured topics' view (#16083)
This categories view is designed for sites which make heavy use of subcategories, and use top-level categories mainly for grouping
2022-03-04 21:11:59 +00:00
Jarek Radosz
94ea1afc43
DEV: Allow @discourseComputed in native classes (#16097)
(also fixes `writeable` -> `writable` typo)
2022-03-04 17:04:40 +01:00
Joffrey JAFFEUX
dfc19c62f8
DEV: drops jquery for scroll-top mixin (#16099) 2022-03-04 12:45:23 +01:00
Osama Sayegh
8c71878ff5
UX: Add description to the 2FA page when adding new admins (#16098)
This PR adds an extra description to the 2FA page when granting a user admin access. It also introduces a general system for adding customized descriptions that can be used by future actions.

(Follow-up to dd6ec65061)
2022-03-04 06:43:06 +03:00
Rafael dos Santos Silva
967946378a
FIX: iOS do not have working push notifications yet (#15888)
Stop Discourse from prompting for push notification on latest iOS beta
where the navigators exposes a broken Push object.

We had some feature detection functions that where outside our
pre-initializer that it dedicated for this stuff. All feature detection
now lives on sniff-capabilities file.

Also removed some old browser detection from the push notifications
code, and simplified the function signature because of it.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-03-03 16:19:46 -03:00
David Taylor
a7db0ce985
UX: Differentiate 'emails disabled' notice for 'yes' and 'non-staff' (#16096) 2022-03-03 15:49:20 +00:00
Kris
2d79275481
DEV: add class name to custom footer html (#16089) 2022-03-02 21:17:43 -05:00
Kris
fe4aeb22e2
DEV: remove wrap from discovery-list-container-top (#16090) 2022-03-02 21:17:28 -05:00
Jeff Wong
91cbd28fa4
FIX: calculate docking - include offset of main (#16079)
Include a calculation of offset in main - this allows docking
to be calculated (again) using global offsets, in case there is a
custom header outside of Discourse that pushes forum content down.
2022-03-02 17:36:24 -08:00
Alan Guo Xiang Tan
d52aa6a51b
DEV: Refactor model/post-stream to support any filter. (#16081)
The current implementation ties the filter query params tightly to the
`summary` attribute on the post stream model making it hard to support
other filters.
2022-03-03 08:50:47 +08:00
Dan Ungureanu
e3b4998efc
DEV: Remove notify user topic from share modal (#16085)
This feature was rarely used, could be used for spamming users and was
impossible to add a context to why the user was notified of a topic. A
simple private messages that includes the link and personalized message
can be used instead.
2022-03-03 09:27:45 +11:00
Krzysztof Kotlarek
ea3a58d051
FIX: indirectly muted categories for topic-tracking-state (#16067)
Topics belonging to indirectly muted categories should be excluded from topic-tracking-state report.
2022-03-02 15:02:09 +11:00
Mark VanLandingham
c33cf3c5e6
DEV: API to add keyboard shortcuts to help modal (#16075) 2022-03-01 14:37:26 -06:00
David Taylor
fd8388776e
DEV: Correctly detect plugin JS with .br.js extension (#16073) 2022-03-01 11:55:17 +00:00
David Taylor
bf6173509c
DEV: Ensure source-identifier works during theme qunit (#16072) 2022-03-01 11:14:23 +00:00
Martin Brennan
9e7e34fc24
FIX: Minor indentation fix for fullscreen code (#16071) 2022-03-01 09:20:49 +10:00
Martin Brennan
ff96d541e9
FEATURE: Add fullscreen button for code blocks (#16044)
This commit extends the original copy-codeblocks initializer,
renaming it to codeblock-buttons, and adding another button
to make the code block fullscreen in a modal window. The fullscreen
code is then run through highlight.js.

This commit also moves much of the code out of the initializer
and into a reusable CodeblockButtons class, so it can also be used
in the fullscreen code modal for the copy + paste button.

The fullscreen button will not be shown if there is no scroll overflow
in the code block, nor will it be shown on mobile. This commit also
changes the fullscreen table button to not show on mobile.

This will make long lines of code much easier to read and interact
with. This is gated behind the same `show_copy_button_on_codeblocks`
site setting.
2022-03-01 08:37:24 +10:00
Jarek Radosz
7c4be7f649
UX: Remove loading spinner from emoji picker (#16064)
Emoji picker doesn't load external data, so this didn't provide much value to users (and just delayed displaying the list by 50ms+)
2022-02-28 15:37:31 +01:00
Jarek Radosz
1a5c6f7632
FIX: Setting emoji filter from initial autocomplete (#16063)
…has regressed at some point
2022-02-28 15:01:26 +01:00
Vinoth Kannan
37b6fa7a1b
DEV: refactor JS files to not use self = this in code. (#15095)
We no longer use this pattern. Instead, we can use javascript arrow functions.
2022-02-28 16:57:32 +05:30
Joffrey JAFFEUX
ca7f0ce461
DEV: uses vanilla js to fetch csrf token instead of jquery (#16069) 2022-02-28 11:25:45 +01:00
Jarek Radosz
6f6406ea03
DEV: Fix random typos (#16066) 2022-02-28 10:20:58 +08:00
Martin Brennan
cfe4ff8d56
FIX: Make sure html_raw is hoisted in custom markdown cook function (#16050)
When returning the customRenderFn from within buildCustomMarkdownCookFunction
for custom markdown engines (such as the one used by the [chat] transcripts)
we were not hoisting/unhoisting the `html_raw` tokens created by the
transcript, which meant that opts.discourse.hoisted could end up in
a state where it was null, and which caused errors and general unpleasantness.

Instead, we can just call the `cook` function that is already exported
from discourse-markdown-it, that takes care of what we did previously
plus the hoisting.

There is a companion chat commit that adds tests for this, there are
no custom markdown engine usages in core to test with.
2022-02-28 07:54:55 +10:00
Jarek Radosz
d432e402a2
DEV: Update sinon (#16056) 2022-02-26 13:50:19 +01:00
Jarek Radosz
b05fddaa7c
DEV: Clean up the decorators file (#16058) 2022-02-26 02:33:25 +01:00
Krzysztof Kotlarek
3e5fb90ce6
FIX: new indirectly muted category (#16043)
When a new category is created and the parent category is muted or indirectly muted, the new category should be indirectly muted as well.
2022-02-25 13:08:22 +11:00
Jeff Wong
d1bdb6c65d
FEATURE: upload an avatar option for uploading avatars with selectable avatars (#15878)
* FEATURE: upload an avatar option for uploading avatars with selectable avatars

Allow staff or users at or above a trust level to upload avatars even when the site
has selectable avatars enabled.

Everyone can still pick from the list of avatars. The option to upload is shown
below the selectable avatar list.

refactored boolean site setting into an enum with the following values:

disabled: No selectable avatars enabled (default)
everyone: Show selectable avatars, and allow everyone to upload custom avatars
tl1: Show selectable avatars, but require tl1+ and staff to upload custom avatars
tl2: Show selectable avatars, but require tl2+ and staff to upload custom avatars
tl3: Show selectable avatars, but require tl3+ and staff to upload custom avatars
tl4: Show selectable avatars, but require tl4 and staff to upload custom avatars
staff: Show selectable avatars, but only allow staff to upload custom avatars
no_one: Show selectable avatars. No users can upload custom avatars

Co-authored-by: Régis Hanol <regis@hanol.fr>
2022-02-24 12:57:39 -08:00
Roman Rizzi
00bb5f3a9d
FIX: Use the category's text-only description in the category-chooser (#15735)
The category description is derived from a topic's cooked text and contains HTML elements. When we display it inside the category chooser in places like the composer, we don't want these elements to alter the component in any way.

Context: https://meta.discourse.org/t/some-html-tags-not-stripped-from-category-description/215017
2022-02-24 12:14:24 -03:00
Bianca Nenciu
e0b683f98e
FEATURE: Automatically select share URL (#16025)
The URL will be selected for easy copying immediately after the share
popup shows up.
2022-02-24 12:21:20 +11:00
Kris
582091a698
DEV: allow min_posts to be automatically passed (#16042) 2022-02-23 20:06:17 -05:00
Bianca Nenciu
82a9109ae3
FEATURE: Show topic visited state on search page (#15994)
The visited state used user's history instead of the data from the
server.
2022-02-23 21:24:26 +02:00
Jarek Radosz
44824bfa3d
DEV: Don't check this.element in @afterRender (#16033)
This would allow to use the decorator in tag-less components and in controllers.
2022-02-23 11:35:20 +01:00
Osama Sayegh
586d572e05
FIX: Don't advance draft sequence when editing topic title (#16002)
This commit handles the edge case where a draft is lost with no warnings if the user edits the title (or category/tags) of a topic while they're replying.to the same topic. Repro steps are as follows:

1. Start replying to a topic and type enough to get a draft saved.
2. Scroll up to the topic title and click the pencil icon next to the topic title, change the title, category and/or tags, and then save the changes.
3. Reload the page and you'll see that the draft is gone.

This happens because we only allow 1 draft per topic per user and when you edit the title of a topic that you're replying to, from the server perspective it'll look like as if you've submitted your reply so it will advance the draft sequence for the topic and delete the draft.

The fix in this commit makes `PostRevisor` skip advancing the draft sequence when a topic's title is edited using the pencil button next to the title.

Internal ticket: t60854.

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2022-02-23 10:39:54 +03:00
Osama Sayegh
799e27d15d
FIX: Respect text direction inside quotes (#16004)
Meta topic: https://meta.discourse.org/t/rtl-direction-is-broken-in-quotes/217639?u=osama.

Posts in Discourse are by default always rendered in the same direction as the rest of site, for example if the site is RTL, a post in that site is always rendered RTL even if it's made of an LTR language entirely. However, this behavior can be changed by enabling the `support mixed text direction` site setting which makes our posts rendering engine consider each "paragraph" in the post and apply an appropriate direction (using the `dir` attribute) on it based on its content/language.

I put paragraph in quotes because technically we only loop through the immediate children of the HTML element that contains the post cooked HTML and do this direction check on them. Most of the time the immediate children are actually paragraphs, but not always. The direction of an element is determined by checking its `textContent` property against a regular expression that checks all characters are RTL characters and based on the regular expression result the `dir` attribute is set on the element.

This technique doesn't work so well on quotes because they may contain multiple paragraphs which may be in different languages/directions. For example: if a site's language is Arabic (RTL language) and the `support mixed text direction` setting is enabled, regular paragraphs outside quotes are rendered as expected with the right direction depending on the paragraph's language. However, paragraphs within a quote are all (incorrectly) rendered in a single direction, LTR or RTL, regardless of whether they're of different languages/directions or not.

The reason for this is that when we're determining the direction for the quote, it's considered as one element and the direction is set on the whole quote. But for complex quotes that contain mixed paragraphs, we need to be more surgical and apply direction on individual paragraphs/elements within the quote.

This commit adds special handling for quotes to ensure that:

* the quote top bar (the avatar plus the chevron and arrow) always match the site direction
* each immediate paragraph (`<p>` elements) under `<blockquote>` in the quote gets a direction based on its content.

For before/after screenshots, see PR #16004.
2022-02-23 10:26:45 +03:00
Martin Brennan
599a72768c
DEV: Add force_quote_link option to PrettyText (#16034)
This option will make it so the [quote] bbcode will always
include the HTML link to the quoted post, even if a topic_id
is not provided in the PrettyText#cook options. This is so
[quote] bbcode can be used in other places, like chat messages,
that always need the link and do not have an "off-topic" ID
to use.
2022-02-23 16:13:46 +10:00
David Taylor
3712c958fa
PERF: Only subscribe to /new when logged in (#16028)
The 'new' tab doesn't exist for anonymous users. Every 'new' topic also publishes a message on the `/latest` channel, so the blue banner at the top of the topic-list will still be functional
2022-02-22 19:35:59 +00:00
Ayke Halder
e4d10a1f5f
DEV: cleanup is-loading state of d-button component (#16012)
* DEV: remove duplicate code in button component template

* DEV: refactor is-loading state of d-button component

Before this change on initialisation `forceDisabled` is set `false` and then might change to `undefined` - depending on the use of the button component. This change ensures a boolean value for `forceDisabled`.

The added test works with and without the new change. The test is added as it represents the default use case for most buttons.
2022-02-22 12:40:47 -05:00
David Taylor
f6c852bf8e
PERF: Use a shared message for replies to tracked topics (#16022)
Previously we were publishing one messagebus message per user which was 'tracking' a topic. On large sites, this can easily be 1000+ messages. The important information in the message is common between all users, so we can manage with a single message on a shared channel, which will be much more efficient.

For user-specific values (notification_level and last_read_post_number), the JS app can infer values which are 'good enough'. Correct values will be loaded as soon as a topic-list containing the topic is visited.
2022-02-22 15:27:46 +00:00
Ayke Halder
e392fc56fa
DEV: refactor components to use discourse-computed decorator without reference to this (#16011)
Most computed properties are already implemented this way. These changes make the missing ones also use it.
2022-02-22 13:45:38 +01:00
Dan Ungureanu
685d186351
FIX: Show invite button if users can be invited (#16014)
This used to be shown regardless new users could be invited to the
forum.
2022-02-21 23:57:17 +02:00
Bianca Nenciu
90c3695ab0
FEATURE: Rename Reset Read bulk action to Defer (#15972)
It is enabled only if defer is enabled in user options too and if the
button shows up in the topic's footer.
2022-02-21 22:45:01 +02:00
Bianca Nenciu
ae1d2d957f
FEATURE: Replace share post popup with share modal (#15875)
This uniformizes the topic share modal and the post link popup. It also
introduces a new feature which can notify the user of a post.
2022-02-21 22:14:28 +02:00
Bianca Nenciu
953d36b788
FIX: Allow none category if default is none (#15995)
Even if the site setting's default value is none by default, it did not
allow admins to select it again after it was changed.
2022-02-21 18:15:55 +02:00
David Taylor
8e86d8a5dd
DEV: Enable the use of Glimmer components (#15999)
This will only work under Ember CLI, and a small hack is required to make the Resolver work in development mode. In future, when we move to a more recent version of the Ember Resolver, this hack will not be required.
2022-02-21 09:44:48 +00:00
David Taylor
87b98e2862
FIX: Ensure category/tag classes are added and removed correctly (#16003)
The use of a `/g` regex was causing some surprising, seemingly random, behavior. (https://stackoverflow.com/a/1520853/5913559)

There was also a known issue which would cause inconsistent class behavior when running the 'loading slider' theme component.

This commit takes the opportunity to refactor the component to remove the use of observers and remove the regex-based class parsing.
2022-02-21 09:42:39 +00:00
Kris
cd616900e5
FEATURE: allow moderators to bulk change ownership (#15997) 2022-02-18 14:28:27 -05:00
Vinoth Kannan
b9d943220d
UX: display post count badge even when user has only two posts. (#15990)
Previously, it only displayed the badge when a user has 3 or more posts.
2022-02-18 09:03:32 +05:30
Martin Brennan
6a5ef27eaa
DEV: Move text area surround code out of d-editor (#15950)
This commit moves _getMultilineContents and _applySurround into
TextareaTextManipulation, so other text area components using
that mixin can benefit from them (such as the chat composer).

It also creates a public function wrapper for many TextareaTextManipulation
functions that should not have underscore prefixes because they are
used outside the file. Will make follow-up PRs for each plugin/theme using
those functions then a final follow-up core PR to fix these up.
2022-02-18 08:56:37 +10:00
Vinoth Kannan
45c404a6c7
FIX: update can_see_members attribute after leaving a group. (#15982)
After leaving a group, it is trying to reload its member list. Previously, when the members_visibility_level attribute has a value of 2 or higher, it displayed an error popup since the can_see_members attribute was not updated.
2022-02-17 23:07:59 +05:30
Penar Musaraj
9249e98697
UX: Change styling of admin bulk invite button (#15981) 2022-02-17 17:10:08 +01:00
Osama Sayegh
dd6ec65061
FEATURE: Centralized 2FA page (#15377)
2FA support in Discourse was added and grown gradually over the years: we first
added support for TOTP for logins, then we implemented backup codes, and last
but not least, security keys. 2FA usage was initially limited to logging in,
but it has been expanded and we now require 2FA for risky actions such as
adding a new admin to the site.

As a result of this gradual growth of the 2FA system, technical debt has
accumulated to the point where it has become difficult to require 2FA for more
actions. We now have 5 different 2FA UI implementations and each one has to
support all 3 2FA methods (TOTP, backup codes, and security keys) which makes
it difficult to maintain a consistent UX for these different implementations.
Moreover, there is a lot of repeated logic in the server-side code behind these
5 UI implementations which hinders maintainability even more.

This commit is the first step towards repaying the technical debt: it builds a
system that centralizes as much as possible of the 2FA server-side logic and
UI. The 2 main components of this system are:

1. A dedicated page for 2FA with support for all 3 methods.
2. A reusable server-side class that centralizes the 2FA logic (the
`SecondFactor::AuthManager` class).

From a top-level view, the 2FA flow in this new system looks like this:

1. User initiates an action that requires 2FA;

2. Server is aware that 2FA is required for this action, so it redirects the
user to the 2FA page if the user has a 2FA method, otherwise the action is
performed.

3. User submits the 2FA form on the page;

4. Server validates the 2FA and if it's successful, the action is performed and
the user is redirected to the previous page.

A more technically-detailed explanation/documentation of the new system is
available as a comment at the top of the `lib/second_factor/auth_manager.rb`
file. Please note that the details are not set in stone and will likely change
in the future, so please don't use the system in your plugins yet.

Since this is a new system that needs to be tested, we've decided to migrate
only the 2FA for adding a new admin to the new system at this time (in this
commit). Our plan is to gradually migrate the remaining 2FA implementations to
the new system.

For screenshots of the 2FA page, see PR #15377 on GitHub.
2022-02-17 12:12:59 +03:00
Krzysztof Kotlarek
a7d43cf1ec
FEATURE: mute subcategory when parent category is muted (#15966)
When parent category or grandparent category is muted, then category should be muted as well.

Still, it can be overridden by setting individual subcategory notification level.

CategoryUser record is not created, mute for subcategories is purely virtual.
2022-02-17 00:42:02 +01:00
Dan Ungureanu
effbd6d3e4
FEATURE: Show error if invite to topic is invalid (#15959)
This can happen if the topic to which a user is invited is in a private
category and the user was not invited to one of the groups that can see
that specific category.

This used to be a warning and this commit makes it an error.
2022-02-16 18:35:02 +02:00