Commit Graph

36883 Commits

Author SHA1 Message Date
dependabot-preview[bot]
54a80e0dc0 Build(deps): Bump rack-mini-profiler from 1.1.4 to 1.1.5 (#8800)
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v1.1.4...v1.1.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-28 11:21:57 -05:00
dependabot-preview[bot]
22a089dfa2 Build(deps): Bump excon from 0.71.1 to 0.72.0 (#8797)
Bumps [excon](https://github.com/excon/excon) from 0.71.1 to 0.72.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.71.1...v0.72.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-28 11:20:54 -05:00
Bianca Nenciu
07222af7ab
FEATURE: Add 'groups' option to polls (#8469)
This options can be used to restrict polls to certain groups.
2020-01-28 14:30:04 +02:00
David Taylor
a9d0d55817 FEATURE: Add message to log when admins are automatically deactivated 2020-01-28 12:16:24 +00:00
David Taylor
25fd2b544a
PERF: Use a separate route for user cards, and split user serializer (#8789)
Adds a new route `/u/{username}/card.json`, which has a reduced number of fields. This change is behind a hidden site setting, so we can test compatibility before rolling out.
2020-01-28 11:55:46 +00:00
David Taylor
c344f43211 UX: Admins should only see their own PMs when searching in:all
Admins are technically allowed to access all PMs, but it can be confusing to include them all in search. Follow-up to e0605029dc
2020-01-28 11:26:42 +00:00
David Taylor
885a3ca42c DEV: Bump omniauth-facebook from 5.0.0 to 6.0.0
5.0.0 uses Facebook graph API v2.11, which is deprecated from 28th Jan 2020
6.0.0 uses Facebook graph API v3.0, which is supported until July 2020
2020-01-28 10:57:56 +00:00
Dan Ungureanu
5060811464
FIX: Export all category names in user archives (#8790) 2020-01-28 12:52:07 +02:00
Dan Ungureanu
6e8a1ac09a
DEV: Add test for categories_breadcrumb (#8791) 2020-01-28 12:50:27 +02:00
adam j hartz
e0605029dc FEATURE: allow searching public topics and personal messages simultaneously (#8784)
The new search modifier `in:all` can be used to include both public and personal messages in the same search.

Co-authored-by: adam j hartz <hz@mit.edu>
2020-01-28 10:11:33 +00:00
Sam Saffron
58d6ee36ee FIX: apply like based badge based off grant date
Previously we would use the date the post was updated at as the grant date
this caused confusion.

This also tidies up the badges sql file which was using outdated patterns
for multi line strings.
2020-01-28 12:17:55 +11:00
dependabot-preview[bot]
4d3254b37c Build(deps): Bump rubyzip from 2.0.0 to 2.1.0 (#8785)
Bumps [rubyzip](https://github.com/rubyzip/rubyzip) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/rubyzip/rubyzip/releases)
- [Changelog](https://github.com/rubyzip/rubyzip/blob/master/Changelog.md)
- [Commits](https://github.com/rubyzip/rubyzip/compare/v2.0.0...v2.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-27 15:55:55 -05:00
Mark VanLandingham
9fa2016d2a
DEV: Plugin outlet for admin backup view (#8793) 2020-01-27 12:31:08 -06:00
Vinoth Kannan
602f965070 FIX: undefined method 'title' for nil:NilClass in PostAlerter#create_notification 2020-01-27 23:54:11 +05:30
David Taylor
fe0d912b97
FIX: getURL on a subfolder site should ignore prefix in middle of URL (#8794) 2020-01-27 17:51:46 +00:00
dependabot-preview[bot]
bb816302f6 Build(deps-dev): Bump byebug from 11.1.0 to 11.1.1 (#8788)
Bumps [byebug](https://github.com/deivid-rodriguez/byebug) from 11.1.0 to 11.1.1.
- [Release notes](https://github.com/deivid-rodriguez/byebug/releases)
- [Changelog](https://github.com/deivid-rodriguez/byebug/blob/master/CHANGELOG.md)
- [Commits](https://github.com/deivid-rodriguez/byebug/compare/v11.1.0...v11.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-27 11:06:17 -05:00
dependabot-preview[bot]
869fbad2a4 Build(deps): Bump aws-partitions from 1.267.0 to 1.269.0 (#8786)
Bumps [aws-partitions](https://github.com/aws/aws-sdk-ruby) from 1.267.0 to 1.269.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-partitions/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-27 11:06:05 -05:00
Mark VanLandingham
20e3c0f386
FIX: Post reviser picking up edits for hidden posts (#8792) 2020-01-27 10:05:48 -06:00
Gerhard Schlager
ea11ad4d99 DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
Rafael dos Santos Silva
ce83fd93bb FEATURE: Use Contact Picker API for invites 2020-01-27 11:07:28 -03:00
Jarek Radosz
8a82ceb3bc
FIX: Improve downsize_uploads (#8409)
With this change the script:
* Actually removes original large-sized images
* Doesn't save processed files if their size has increased
* Prevents inconsistent state
2020-01-27 03:31:11 +01:00
Jarek Radosz
63a4aa65ff
DEV: Ignore ls errors when clearing FileStore cache (#8780)
A race condition issue is possible when multiple thread/processes are calling this method.
`ls` prints out to stderr "cannot access '...': No such file or directory" if any of the files it's currently trying to list are being removed by the `xargs rm -rf` in an another process. That doesn't affect the result, but it did raise an error before this change.

Tested on a production instance where the original issue was observed.

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2020-01-27 02:59:54 +01:00
Jarek Radosz
b843aa7b05
FIX: Adjust the broken image placeholder border (#8781)
* DEV: Remove `.large-image` selector

This selector is no longer used in core and there's no reference to it in any of `all-the-plugins`.

* FIX: Adjust the broken image placeholder border
2020-01-27 02:39:05 +01:00
Gerhard Schlager
7c30986b5e FIX: Failed to notify user after restoring backup 2020-01-25 22:07:41 +01:00
Roman Rizzi
b231be8865 FIX: Ensure sourcemap's source is correct. Uses the full assets path this time. (#8774)
Cherry-picked from 8eb2147f1f
2020-01-24 15:54:21 -03:00
Robin Ward
5c3f994c80 DEV: For now, re-enable unsafe-eval in development mode
This allows us to use `sourceURL` which otherwise does not work. In the
future we hope to have proper source maps in development mode and
disable this again.
2020-01-24 13:18:51 -05:00
dependabot-preview[bot]
b0f2f1cfb6 Build(deps-dev): Bump ruby-prof from 1.1.0 to 1.2.0 (#8778)
Bumps [ruby-prof](https://github.com/ruby-prof/ruby-prof) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/ruby-prof/ruby-prof/releases)
- [Changelog](https://github.com/ruby-prof/ruby-prof/blob/master/CHANGES)
- [Commits](https://github.com/ruby-prof/ruby-prof/compare/1.1.0...1.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-24 12:55:08 -05:00
David Taylor
a8cf687894
DEV: Add zendesk plugin to official plugins list (#8779) 2020-01-24 12:53:21 +00:00
Arpit Jalan
5eb2efe64a Revert Faraday to version 0.17.3 2020-01-24 12:08:56 +05:30
Vinoth Kannan
b6765aac4b FIX: add 'noindex' header to rss feed responses. 2020-01-24 09:30:27 +05:30
Martin Brennan
45b37a8bd1
FIX: Resolve pull hotlinked image and broken link issues for secure media URLs (#8777)
When pull_hotlinked_images tried to run on posts with secure media (which had already been downloaded from external sources) we were getting a 404 when trying to download the image because the secure endpoint doesn't allow anon downloads.

Also, we were getting into an infinite loop of pull_hotlinked_images because the job didn't consider the secure media URLs as "downloaded" already so it kept trying to download them over and over.

In this PR I have also refactored secure-media-upload URL checks and mutations into single source of truth in Upload, adding a SECURE_MEDIA_ROUTE constant to check URLs against too.
2020-01-24 11:59:30 +10:00
Vinoth Kannan
e4b8121650 Fix the build.
Make prettier happy.
2020-01-24 04:39:07 +05:30
Vinoth Kannan
26186ee6af FIX: topics sorting in tag pages is broken. 2020-01-24 04:26:14 +05:30
Krzysztof Kotlarek
8cc09fc668
Revert "FIX: Redis fallback handler refactoring (#8771)" (#8776)
This reverts commit 4f677854d3.
2020-01-24 09:20:17 +11:00
Roman Rizzi
8eb2147f1f
FIX: Ensure sourcemap's source is correct. Uses the full assets path this time. (#8774) 2020-01-23 14:44:00 -03:00
Roman Rizzi
9eb622985a
FEATURE: Replace existing badge owners when using the bulk award feature (#8770)
* FEATURE: Replace existing badge owners when using the bulk award feature

* Use ActiveRecord to sanitize title update query, Change replace checkbox text

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-01-23 14:14:58 -03:00
Roman Rizzi
db5373a87c
UX: Invalid CSV error message now includes information about the malformed line (#8773)
* UX: Invalid CSV error message now includes information about the malformed line

* Update config/locales/server.en.ym and use line_number instead of lineno

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-01-23 14:04:06 -03:00
Régis Hanol
821e920711 DEV: fix deprecation warnings in specs
Also fixed a typo in a string key "max_pm_recepients" -> "max_pm_recipients"
2020-01-23 16:37:48 +01:00
dependabot-preview[bot]
0b3de60bee Build(deps): Bump faraday from 0.17.1 to 1.0.0 (#8646)
Bumps [faraday](https://github.com/lostisland/faraday) from 0.17.1 to 1.0.0.
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/master/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 16:19:40 +01:00
dependabot-preview[bot]
9fea89a017 Build(deps-dev): Bump webmock from 3.7.6 to 3.8.0 (#8728)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.7.6 to 3.8.0.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.7.6...v3.8.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 16:19:28 +01:00
dependabot-preview[bot]
e309db9b58 Build(deps-dev): Bump parallel_tests from 2.30.0 to 2.30.1 (#8717)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 2.30.0 to 2.30.1.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Commits](https://github.com/grosser/parallel_tests/compare/v2.30.0...v2.30.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 16:19:14 +01:00
Arpit Jalan
feff8b7425 Revert "FIX: lower case URLs before comparing for embedding comments"
This reverts commit 6ea040dd5f.
2020-01-23 20:36:05 +05:30
dependabot-preview[bot]
004d9ef3b7 Build(deps): Bump raindrops from 0.19.0 to 0.19.1 (#8680)
Bumps [raindrops](https://yhbt.net/raindrops/) from 0.19.0 to 0.19.1.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 15:47:01 +01:00
dependabot-preview[bot]
523bebbfeb Build(deps): Bump kgio from 2.11.2 to 2.11.3 (#8679)
Bumps [kgio](https://yhbt.net/kgio/) from 2.11.2 to 2.11.3.

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-01-23 15:46:50 +01:00
Dan Ungureanu
6279d0e8b5 UX: Use '-' as default category slug (#8607)
This replaces the default slug from 'ID-category' to '-'.
2020-01-23 15:44:29 +01:00
Krzysztof Kotlarek
4f677854d3
FIX: Redis fallback handler refactoring (#8771)
* DEV: Add a fake Mutex that for concurrency testing with Fibers

* DEV: Support running in sleep order in concurrency tests

* FIX: A separate FallbackHandler should be used for each redis pair

This commit refactors the FallbackHandler and Connector:

 * There were two different ways to determine whether the redis master
   was up. There is now one way and it is the responsibility of the
   new RedisStatus class.

 * A background thread would be created whenever `verify_master` was
   called unless the thread already existed. The thread would
   periodically check the status of the redis master. However, checking
   that a thread is `alive?` is an ineffective way of determining
   whether it will continue to check the redis master in the future
   since the thread may be in the process of winding down.

   Now, this thread is created when the recorded master status goes from
   up to down. Since this thread runs the only part of the code that is
   able to bring the recorded status up again, we ensure that only one
   thread is probing the redis master at a time and that there is always
   a thread probing redis master when it is recorded as being down.

 * Each time the status of the redis master was checked periodically, it
   would spawn a new thread and immediately join on it. I assume this
   happened to isolate the check from the current execution, but since
   the join rethrows exceptions in the parent thread, this was not
   effective.

 * The logic for falling back was spread over the FallbackHandler and
   the Connector. The connector is now a dumb object that delegates
   responsibility for determining the status of redis to the
   FallbackHandler.

 * Previously, failing to connect to a master redis instance when it was
   not recorded as down would raise an exception. Now, this exception is
   passed to `Discourse.warn_exception` and the connection is made to
   the slave.

This commit introduces the FallbackHandlers singleton:

 * It is responsible for holding the set of FallbackHandlers.

 * It adds callbacks to the fallback handlers for when a redis master
   comes up or goes down. Main redis and message bus redis may exist on
   different or the same redis hosts and so these callbacks may all
   exist on the same FallbackHandler or on separate ones.

These objects are tested using fake concurrency provided by the
Concurrency module:

 * An `around(:each)` hook is used to cause each test to run inside a
   Scenario so that the test body, mocking cleanup and `after(:each)`
   callbacks are run in a different Fiber.

 * Therefore, holting the execution of the Execution abruptly (so that
   the fibers aren't run to completion), prevents the mocking cleaning
   and `after(:each)` callbacks from running. I have tried to prevent
   this by recovering from all exceptions during an Execution.

* FIX: Create frozen copies of passed in config where possible

* FIX: extract start_reset method and remove method used by tests

Co-authored-by: Daniel Waterworth <me@danielwaterworth.com>
2020-01-23 13:39:29 +11:00
Martin Brennan
1b3b0708c0
FEATURE: Update upload security status on post move, topic conversion, category change (#8731)
Add TopicUploadSecurityManager to handle post moves. When a post moves around or a topic changes between categories and public/private message status the uploads connected to posts in the topic need to have their secure status updated, depending on the security context the topic now lives in.
2020-01-23 12:01:10 +10:00
Blake Erickson
e85f4f6cc8 DEV: Add a test for ensure only edited badge titles updates a users
title

Adding a test to make sure we don't regress here in the future.

Follow up to: 8a89b7e108
2020-01-22 16:42:45 -07:00
Martin Brennan
65481858c2
FEATURE: Use upload:// short URL for videos and audio in composer (#8760)
For consistency this PR introduces using custom markdown and short upload:// URLs for video and audio uploads, rather than just treating them as links and relying on the oneboxer. The markdown syntax for videos is ![file text|video](upload://123456.mp4) and for audio it is ![file text|audio](upload://123456.mp3).

This is achieved in discourse-markdown-it by modifying the rules for images in mardown-it via md.renderer.rules.image. We return HTML instead of the token when we encounter audio or video after | and the preview renders that HTML. Also when uploading an audio or video file we insert the relevant markdown into the composer.
2020-01-23 09:41:39 +10:00
Martin Brennan
4646a38ae6
FIX: Use presigned URL to avoid 403 when pulling hotlinked images for secure media (#8764)
When we were pulling hotlinked images for oneboxes in the CookedPostProcessor, we were using the direct S3 URL, which returned a 403 error and thus did not set widths and heights of the images. We now cook the URL first based on whether the upload is secure before handing off to FastImage.
2020-01-23 09:31:46 +10:00