Commit Graph

40079 Commits

Author SHA1 Message Date
David Taylor
17fcdd60c1
FIX: Avoid clock skew issues when logging in with Google (#11442)
All the data we need for the `info` and `credentials` auth hash
are obtained via the user info API, not the JWT. Using and verifying
the JWT can fail due to clock skew, so let's skip it completely.

PR opened to fix the upstream issue at https://github.com/zquestz/omniauth-google-oauth2/pull/392
2020-12-09 09:09:31 +00:00
David Taylor
942888a10c
FEATURE: Increase maximum watched word length from 50 to 100 chars (#11437)
This is useful for more complex regex watched words

https://meta.discourse.org/t/166249
2020-12-09 17:45:34 +11:00
Rafael dos Santos Silva
e50676caff
FEATURE: Support for GitHub Codespaces development (#11440)
This has a basic config to use the new Codespaces feature in GitHub.

If you have access to the feature all you need to do is:

1. Visit https://github.com/discourse/discourse
2. Click on Code > Open with Codespaces > New codespace
3. Wait it to prepare the environment
4. Click on File > Run > Run without Debug or press
   <kbd>CTRL</kbd>+<kbd>F5</kbd>
5. When prompted click on the green pop-up on the lower left to open the
   running Discourse app in a new tab
2020-12-08 21:35:15 -03:00
jbrw
4c118e4d7a
FIX: Allow for cateogry edit routes of unknown depth (#11426)
* FIX: Allow for cateogry edit routes of unknown depth

* DEV: remove unused files
2020-12-08 16:50:26 -05:00
Kane York
59ef48c0b9
FIX: Remove custom 'error' action on build-category-route/discovery (#11425)
The root cause of the issue was that the route was overriding the 'error' action from the correctly implemented handler in routes/application.js.

Remove the custom handler, and the duplicated template logic for displaying the errorHtml.

Fixes: e16b3da04a
2020-12-08 11:58:36 -08:00
tshenry
a446e0fde1
FEATURE: Link to text customization when editing system badges (#11345)
Being that system badges ship with every instance of Discourse, we've opted to define the name, description, and long description in our locales files to promote translation into other languages. When an admin visited the overview page of a system badge in their admin panel, they were met with disabled inputs for these text properties. The problem is that we failed to educate the admin that the text needs to be managed via the site text customization settings. 

This change adds a small "Customize Text" link under theses inputs that takes the admin to the specific site text customization where they can make desired changes.
2020-12-08 11:55:49 -08:00
Penar Musaraj
3e1b84963d
DEV: Remove duplicate (and deprecated) SK option (#11435) 2020-12-08 13:21:02 -05:00
Mark VanLandingham
9f786306bd
FIX: Actually error when topic timer time is in the past (#11434) 2020-12-08 11:13:45 -06:00
Joffrey JAFFEUX
b824af02d4
FIX: removes extra slashes from URL (#11433)
This is similar to a fix used in ember core: https://github.com/emberjs/ember.js/blob/master/packages/@ember/-internals/routing/lib/location/history_location.ts#L140

It will prevent a URL with a double slash to hang and end up in a 404.
2020-12-08 17:47:43 +01:00
Discourse Translator Bot
7a079b9e3b
Update translations (#11429) 2020-12-08 16:51:49 +01:00
Bianca Nenciu
9df2bce538
FIX: Generate correct prev and next topics page URL (#11431)
It did not work well for category + tags pages.
2020-12-08 17:34:28 +02:00
Arpit Jalan
f62ea77666
Revert "DEV: no need to iterate through each tag for rendering" (#11432)
This reverts commit a19a3adf9e.

Need to look into failing tests.
2020-12-08 20:35:46 +05:30
Arpit Jalan
a19a3adf9e
DEV: no need to iterate through each tag for rendering (#11428)
This commit allows discourse-assign plugin to show assigned user next
to tags.
2020-12-08 18:41:26 +05:30
Sam Saffron
1cf057fb1c DEV: lint file
We enforce ordering of imports in our linter, missed this on a merge
2020-12-08 09:16:28 +08:00
Joffrey JAFFEUX
daefa3d25a
UX: makes sk components full width on users admin page (#11413) 2020-12-08 11:18:02 +11:00
Frank Gambino
b3332d0296
FIX: Correct casing of whitelisted SVG elements (#11094)
* FIX: Casing of whitelisted SVG element "clipPath"
* FIX: Casing of whitelisted SVG element `textPath`
2020-12-08 11:16:41 +11:00
Jarek Radosz
6b464d1b8d
FIX: Restore dismissing the first notification (#10433)
* FIX: Restore dismissing the first notification

Reverts the temporary fix (8e4fea897e) and restores the feature introduced in e638d43f0a.

The issue that was the reason for the revert (https://meta.discourse.org/t/logins-redirects-to-missing-notifications-page/149718) was a combination of two bugs:

1. Fixed in this commit - the click listener was accidentally registered also for logged-out users. This meant that the first click on a page always trigger an AJAX call to the notifications endpoint (`/notifications?recent=true&limit=5`), which returned a 403 error. Now, this code is run only when the user is logged in.

2. A still unknown bug that I could not reproduce, which was somehow setting the login redirect cookie to the URL of that previously failed AJAX request.
2020-12-08 11:11:35 +11:00
David Taylor
c69bb5d5be
DEV: Always enqueue sidekiq jobs after database transaction commit (#11293)
When jobs are enqueued inside a transaction, it's possible that they will be executed before the necessary data is available in the database. This commit ensures all jobs are enqueued in an ActiveRecord after_commit hook.

One potential downside here is if the job fails to enqueue, the transaction will no longer be aborted. However, the chance of that happening is reasonably low, and the impact is significantly lower than the current issue where jobs are scheduled before their data is ready.
2020-12-08 11:05:01 +11:00
David Taylor
ed91385c18
DEV: Update DB.after_commit to be compatible with 'real' transactions (#11294)
Previously it matched the behavior of standard ActiveRecord after_commit callbacks. They do not work well within `joinable: false` nested transactions. Now `DB.after_commit` callbacks will only be run when the outermost transaction has been committed.

Tests always run inside transactions, so this also introduces some logic to run callbacks once the test-wrapping transaction is reached.
2020-12-08 11:03:31 +11:00
Robin Ward
76b04afca3
FIX: Local dates showed incorrect timezones with extra whitespace (#11408)
You might wonder why this matters. It turns out in some locales like
French, we replace quotation marks with « and » -- this should likely
not happen before BBCode is parsed but that is not the case for this
plugin. The plugin has code to handle this situation, but it means extra
spaces are inserted around the time zone which breaks it.

This fix allows us to supply extra whitespace and will show the correct
time zone.
2020-12-08 10:57:18 +11:00
Bianca Nenciu
812d047c60
FIX: Follow open in new tab site setting for bio links (#11418) 2020-12-08 10:56:14 +11:00
Joe
5ab6ef9765
FEATURE: Adds back button to theme editor (#11416) 2020-12-08 10:54:44 +11:00
dependabot[bot]
70741766cb
DEV: Bump listen from 3.3.1 to 3.3.3 (#11379)
Bumps [listen](https://github.com/guard/listen) from 3.3.1 to 3.3.3.
- [Release notes](https://github.com/guard/listen/releases)
- [Commits](https://github.com/guard/listen/compare/v3.3.1...v3.3.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:53:46 +11:00
dependabot[bot]
b67c7f35d9
DEV: Bump puma from 5.0.4 to 5.1.0 (#11380)
Bumps [puma](https://github.com/puma/puma) from 5.0.4 to 5.1.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.4...v5.1.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:53:18 +11:00
Kris
3ef60686ed
UX: When requiring user fields at signup, also mark default fields as required (#11356) 2020-12-07 18:26:31 -05:00
dependabot[bot]
95355eb27b
DEV: Bump mini_scheduler from 0.12.3 to 0.13.0 (#11381)
Bumps [mini_scheduler](https://github.com/discourse/mini_scheduler) from 0.12.3 to 0.13.0.
- [Release notes](https://github.com/discourse/mini_scheduler/releases)
- [Changelog](https://github.com/discourse/mini_scheduler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/mini_scheduler/compare/v0.12.3...v0.13.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:11:57 +11:00
dependabot[bot]
c6e6f34d83
DEV: Bump rubocop from 1.5.1 to 1.5.2 (#11414)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.5.1...v1.5.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:11:31 +11:00
dependabot[bot]
ff0f2009d9
DEV: Bump excon from 0.78.0 to 0.78.1 (#11415)
Bumps [excon](https://github.com/excon/excon) from 0.78.0 to 0.78.1.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.78.0...v0.78.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:10:15 +11:00
dependabot[bot]
06b2442914
Build(deps): Bump onebox from 2.1.8 to 2.1.9 (#11423)
Bumps [onebox](https://github.com/discourse/onebox) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/discourse/onebox/releases)
- [Changelog](https://github.com/discourse/onebox/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/onebox/compare/v2.1.8...v2.1.9)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-08 10:09:36 +11:00
Kris
0302de058c
UX: Fix invite checkbox width issue (#11371) 2020-12-07 18:08:04 -05:00
Kane York
e16b3da04a
FIX: Stop category 404s from breaking the router (#11424)
The propagated promise failure from model() caused the router to reject future route transitions, even though it correctly routed to the last-resort 404 page.

Co-authored-by: Jeff Wong <awole20@gmail.com>
2020-12-07 14:22:39 -08:00
Krzysztof Kotlarek
d5ba854c91
FIX: hide user id when hide_email_address_taken (#11417)
We should always hide user_id in response when `hide_email_address_taken` setting is enabled. Currently, it can be used to determine if the email was used or not.
2020-12-08 08:25:35 +11:00
Penar Musaraj
28feb7c2ff
DEV: Add header colors to styleguide (#11421) 2020-12-07 14:50:45 -05:00
Penar Musaraj
dd9ec827e5
FIX: Adjust reviewable menu placement on mobile (#11420)
Shows the actions dropdown above the triggering button to avoid some
options from displaying below mobile navigation in DiscourseHub.
2020-12-07 13:39:18 -05:00
dependabot[bot]
62cf30bec1
Build(deps): Bump rails_failover from 0.6.2 to 0.6.3 (#11419)
Bumps rails_failover from 0.6.2 to 0.6.3.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-12-07 17:29:01 +00:00
Penar Musaraj
490e1cfbbb
DEV: Use tag renderer in tags filter dropdown (#11378)
A small change that would allow components to extend the tag
display in the filter dropdown, like they can in other contexts.

Was requested in the tag icons component, see
https://meta.discourse.org/t/tag-icons-component/109757/60?u=pmusaraj

The PR also standardises tag styling in select-kit dropdowns.
2020-12-07 12:10:21 -05:00
John Losito
dcd7defb14
DEV: Check github actions weekly with dependabot (#11411) 2020-12-07 18:56:50 +03:00
David Taylor
8b33e2f73d
FIX: Include locale in cache key for not_found_topics (#11406)
This ensures that users are only served cached content in their own language. This commit also refactors to make use of the `Discourse.cache` framework rather than direct redis access
2020-12-07 12:24:18 +00:00
Bianca Nenciu
154c8c3fef
FIX: Use CDN for custom emojis (#11401) 2020-12-07 13:36:08 +02:00
Bianca Nenciu
ed52577e1c
FIX: Group#flair_url must be a real URL (#11400)
It used to be a short URL, but that did not work with the lightbox
in {{image-uploader}}.
2020-12-07 13:35:41 +02:00
Bianca Nenciu
da74b3e14b
FEATURE: Add after-topic-list-body plugin-outlet (#11410) 2020-12-07 13:33:24 +02:00
Joffrey JAFFEUX
54519a2976
FIX: do not replace smiling_face by slight_smile (#11412) 2020-12-06 18:28:39 +01:00
jbrw
161e92be61
DEV: update onebox gem (#11409) 2020-12-04 15:07:32 -05:00
Roman Rizzi
4aeb3ef8e0
FIX: Trigger an event when a post is bookmarked. (#11407)
When we renamed BookmarkWithReminder to Bookmark in ca539fd, the bookmark event trigger was removed with the old code, and we forgot to add it again.
2020-12-04 15:09:20 -03:00
Roman Rizzi
4d9686c494
FEATURE: Reviewed by filter. (#11405)
New reviewable filter to only display reviewables handled by a specific user.
2020-12-04 14:09:05 -03:00
David Taylor
477538bf2d
DEV: setproctitle on demon processes (#11402)
This makes it easier to identify processes in `ps` output
2020-12-04 09:41:17 +00:00
Gerhard Schlager
1960fc5333
FIX: Stop using duplicate composer button ID (#11404)
"quote" is used by the button added in `composer-editor`.
bbe5d8d5cf/app/assets/javascripts/discourse/app/components/composer-editor.js (L875-L882)
2020-12-04 00:05:43 +01:00
jbrw
da9b837da0
DEV: More robust processing of URLs (#11361)
* DEV: More robust processing of URLs

The previous `UrlHelper.encode_component(CGI.unescapeHTML(UrlHelper.unencode(uri))` method would naively process URLs, which could result in a badly formed response.

`Addressable::URI.normalized_encode(uri)` appears to deal with these edge-cases in a more robust way.

* DEV: onebox should use UrlHelper

* DEV: fix spec

* DEV: Escape output when rendering local links
2020-12-03 17:16:01 -05:00
Krzysztof Kotlarek
e4d51e5b0a
FIX: correct link in the notification about moved post (#11399)
Notification is created by a job. If the job is evaluated before changes are committed to a database, a notification will have an incorrect URL.

Therefore, the job should be lodged in enqueue_jobs method which is triggered after the transaction:

```ruby
Topic.transaction do
  move_posts_to topic
end
add_allowed_users(participants) if participants.present? && @move_to_pm
enqueue_jobs(topic)
```

I improved a little bit specs to ensure that the destination topic_id is set. However, that tests are passing even without code improvements. I couldn't find an easy way to "delay" database transaction.

Meta: https://meta.discourse.org/t/bug-with-notifications-for-moved-posts/168937
2020-12-04 08:43:42 +11:00
Gerhard Schlager
bcbe2de646
DEV: Make it easier to customize omniauth login complete handler in plugins (#11403)
It also removes the unused `provider` variable and stops Discourse from redirecting to /login after a login.
2020-12-03 22:27:55 +01:00