Commit Graph

47675 Commits

Author SHA1 Message Date
Ted Johansson
06db264f24
FIX: Gracefully handle DNS issued from SSRF lookup when inline oneboxing (#19631)
There is an issue where chat message processing breaks due to
unhandles `SocketError` exceptions originating in the SSRF check,
specifically in `FinalDestination::Resolver`.

This change gives `FinalDestination::SSRFDetector` a new error class
to wrap the `SocketError` in, and haves the `RetrieveTitle` class
handle that error gracefully.
2022-12-28 10:30:20 +08:00
Ted Johansson
462e14e279
DEV: Enable concurrent system tests (#19632)
Currently the `turbo:spec` task will fail when encountering system
tests as Capypara tries to use the same port for each process.

This simple change uses the same strategy as for databases, by just
incrementing the port number by `TEST_ENV_NUMBER` for each process.
2022-12-28 10:06:50 +08:00
Alan Guo Xiang Tan
070eac16a8
PERF: Optimize the performance of TopicLink.topic_map query (#19630)
Instead of relying on the `ILIKE` operator to filter out image links, we
can instead rely on the `TopicLink#extension` column which allows us to
more efficiently filter out image links.

This optimization mainly affects topics that are link heavy which is
common in topics with alot of replies. When profiling a production
instance for a topic with 10K replies and 2.5K `topic_links`, this
optimization reduces the query time from ~18ms to around ~4ms.
2022-12-28 08:10:36 +08:00
Joffrey JAFFEUX
aad63d92d2
FIX: removes missed chat_channels legacy paths (#19634)
- chat-channel-by-name is no longer supported
- chat_channels_controller doesn’t exist anymore
2022-12-27 20:56:26 +01:00
Rafael dos Santos Silva
7b53973bd8
DEV: Use WebPush fork for OpenSSL 3 compat (#19627)
* DEV: Use WebPush fork for OpenSSL 3 compat

* add some context on gemfile changes
2022-12-27 15:28:13 -03:00
Vinoth Kannan
598233456d
FEATURE: Warn admins about private group name's exposure to anonymous users. (#19557)
Group names will be used as CSS classes in some components while rendering the public HTML output. It will happen when a group is set as the default primary for users. Or when a group has either a flair icon or flair upload. So we should warn the admins when they restrict the group's visibility level.

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2022-12-27 13:17:13 +05:30
Alan Guo Xiang Tan
1fd0e82da7
PERF: Fix N+1 queries problem on topic view page (#19629)
`User#flair_group` was not preloaded leading to the N+1 queries problem
when multiple users have flair groups.
2022-12-27 09:05:37 +08:00
Tobias Eigen
982adb1c65
UX: Improve copy for contact email and url description (#19621)
The admin settings for contact email and contact url did not explicitly indicate that they are visible to anons on /about page, and that when present the contact url replaces the contact email address. This change makes it so.
2022-12-27 05:53:28 +08:00
Jarek Radosz
60402f2b34
DEV: Label and ignore all default gems (#19617)
`licensed` fails to find gem's license if it's a default gem (see: https://stdgems.org) and the version you're requiring comes with the ruby version you're using.

A ruby upgrade or any change to Gemfile could trigger `licensed` failures, so it's better to ignore all default gems we're using.
2022-12-24 11:59:08 +01:00
Joffrey JAFFEUX
df11457d56
FIX: correctly allows admin to visit a user chat's preferences page (#19619) 2022-12-23 21:18:09 +01:00
Joffrey JAFFEUX
03d32f26bb
FIX: correctly handles navigating to a message (#19614)
Recent changes surfaced the various issues with this codepath:
- we were not correctly reseting `messageLookup` leading to us trying to scroll to a non existing message in the view
- we were calling markAsRead which would scroll to the bottom, even if we had a target message
- we were not debouncing fetchMessages, which could cause multiple reload of the messages when loading it with a targetMessageId: first fetch from last read and then immediately fetch from targetMessageId
- other naming inconsistencies
- not handling drawer

This commit also adds tests for classic scenarios related to this use case.
2022-12-23 19:48:14 +01:00
Jan Cernik
d633467c60
FIX: Whisper tooltip shows the allowed groups (#19509) 2022-12-23 15:42:46 -03:00
Jarek Radosz
6f4cf81401
DEV: Update bundler licensed config (#19607)
1. Add `cgi` (ruby terms)
2. Move `strscan`, ~~`ruby2_keywords`, and `openssl`~~ to "reviewed" section (update: two of those are postponed, need to debug stuff in our docker image)
3. Sort
2022-12-23 14:04:03 +01:00
Osama Sayegh
d8b39810d2
DEV: Stop leaking state in dashboard controller specs (#19608)
A few specs in `dashboard_controller_spec.rb` set some state in redis but don't clean it up afterwards which causes other specs to fail when they're ran after `dashboard_controller_spec.rb`.

Related commit: 18467d4.
2022-12-23 15:41:30 +03:00
Jarek Radosz
953b823c5a
DEV: Deprecate controllerFor test helper (#19606)
After all the test changes it was only used in a single place in core 🤷

(also updated the recommendation in `assert.not` deprecation message)
2022-12-23 11:33:42 +01:00
Joffrey JAFFEUX
64dcd44c94
FIX: more reliable archive channel spec (#19605) 2022-12-23 10:25:51 +01:00
Martin Brennan
29638f0639
DEV: Add upload system specs for chat (#19604) 2022-12-23 08:41:10 +01:00
Joffrey JAFFEUX
f17aed973e
FIX: ensures recovering network doesn't create unread mentions (#19597) 2022-12-23 07:38:45 +01:00
Gerhard Schlager
5926386d4f
FIX: Workaround a bug in the R2 gem (#19602) 2022-12-23 12:07:07 +08:00
Alan Guo Xiang Tan
1d926e88a9
FIX: Admin can't see user sidebar preferences of other users (#19570) 2022-12-23 11:45:29 +08:00
Krzysztof Kotlarek
9f927cf999
DEV: permission type for private category fabricator (#19601)
Allow to specify permission type for category fabricator to test `:readonly`, `:create_post` and `:full` rights.
2022-12-23 11:18:29 +08:00
Osama Sayegh
18467d4067
DEV: Fix new features notification flakey specs (#19596) 2022-12-23 11:17:42 +08:00
Alan Guo Xiang Tan
c2a733a95a
DEV: Make recent creation of chat index idempotent (#19603) 2022-12-23 10:23:57 +08:00
Joffrey JAFFEUX
f1e808153c
FIX: flakey spec due to autocomplete (#19598)
The autocomplete could show and hide the invite link causing the test to fail. Clicking the composer input forces the autocomplete disappear.
2022-12-23 10:35:02 +10:00
Joffrey JAFFEUX
2c295f76fe
FIX: increment wait to prevent a specific flakey spec (#19599)
I could repro the same failure by doing: `page.driver.browser.network_conditions = { offline: false, latency: 3000, throughput: 0 }`

Wait shouldn't be needed as we wait for selector, but I couldn't find a better solution on this case for now.
2022-12-23 10:34:25 +10:00
Martin Brennan
86cafc7237
FIX: Autocomplete fadeout arrow key chat fix (#19600)
Autocomplete with fadeout was not scrolling on arrow
key press in chat, since the input is treated slightly
differently. We just need to find the fadeout div sooner.

Follow up to 64a7a2aac2
2022-12-23 10:31:30 +10:00
Martin Brennan
85b14a0359
DEV: Move chat transcript tests into system specs (#19434)
We are all in on system specs, so this commit moves all the chat quoting acceptance tests (some of which have been skipped for a while) into system specs.
2022-12-23 10:04:41 +10:00
Martin Brennan
641a1a6b44
FIX: Allow for nested chat transcripts (#19572)
The way our markdown raw_html hoisting worked, we only
supported one level of hoisting the HTML content. However
when nesting [chat] transcript BBCode we need to allow
for multiple levels of it. This commit changes opts.discourse.hoisted
to be more constant, and the GUID keys that have the hoisted
content are only deleted by unhoistForCooked rather than
the cook function itself, which prematurely deletes them
when they are needed further down the line.
2022-12-23 09:56:30 +10:00
Martin Brennan
788bcb7736
DEV: Fix hashtag system spec flakys (#19574)
Honestly seems like it's being in some weird loop for
discourse/hashtag_autocomplete_spec.rb for this:

```ruby
  within topic_page.post_by_number(2) do
      cooked_hashtags = page.all(".hashtag-cooked", count: 2)

      expect(cooked_hashtags[0]["outerHTML"]).to eq(<<~HTML.chomp)
      <a class=\"hashtag-cooked\" href=\"#{category.url}\" data-type=\"category\" data-slug=\"cool-cat\"><svg class=\"fa d-icon d-icon-folder svg-icon svg-node\"><use href=\"#folder\"></use></svg><span>Cool Category</span></a>
      HTML
      expect(cooked_hashtags[1]["outerHTML"]).to eq(<<~HTML.chomp)
      <a class=\"hashtag-cooked\" href=\"#{tag.url}\" data-type=\"tag\" data-slug=\"cooltag\"><svg class=\"fa d-icon d-icon-tag svg-icon svg-node\"><use href=\"#tag\"></use></svg><span>cooltag</span></a>
      HTML
    end
```

I see this many times in the full logs with `SELENIUM_VERBOSE_DRIVER_LOGS=1`:

```
COMMAND FindElements {
   "using": "css selector",
   "value": "#post_2"
}

Followed by:

COMMAND FindChildElements {
   "id": "26dfe542-659b-46cc-ac8c-a6c2d9cbdf0a",
   "using": "css selector",
   "value": ".hashtag-cooked"
}
```

Over and over and over, there are 58 such occurrences. I am beginning to
think `within` is just poison that should be avoided.
2022-12-23 09:23:29 +10:00
Rafael dos Santos Silva
e430f22936
FIX: Ensure we have a patched version of CGI gem (#19588)
* FIX: Ensure we have a patched version of CGI gem

Per https://github.com/ruby/cgi/pull/29 the current shipped version of
the CGI gem doesn't allow for leading dots in domain names, which breaks
setting cookies like `.example.com`.

* Update Gemfile

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-12-22 19:52:20 -03:00
Joffrey JAFFEUX
46b51ade83
DEV: more reliable send message helper (#19594) 2022-12-22 23:23:54 +01:00
dependabot[bot]
6ea6b385e0
Build(deps): Bump rubocop from 1.41.0 to 1.41.1 (#19590)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.41.0 to 1.41.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.41.0...v1.41.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 22:33:57 +01:00
Alan Guo Xiang Tan
a7f30cfcf7
PERF: Fix N+1 queries on /categories route (#19585)
Featured topics are eventually serialized by `ListableTopicSerializer`
which calls `Topic#image_url` which requires us to preload
`Topic#topic_thumbnails`.
2022-12-23 04:29:49 +08:00
Alan Guo Xiang Tan
a8ee56ebee
PERF: Remove unnecessary query from TopicQuery.remove_muted_tags (#19586)
When `default_tags_muted` site settings has not been set, there is no
need to execute the query.
2022-12-23 04:29:17 +08:00
chapoi
b756866334
UX: switch webkit to pseudoelement for fadeout (#19587) 2022-12-22 21:23:58 +01:00
Ella E
3c0a4b37d0
UX: Setup wizard copy changes and vertically stack logo fields (#19583)
* copy changes to setup wizard step title
* make logo upload stacking; tweaks on medium size screen view
2022-12-22 10:15:09 -07:00
David Taylor
84bc4bf3d5
DEV: Do not print verbose console.debug messages in system specs (#19581)
Verbose messages are not shown by default in the chrome dev console. This commit applies the same behavior to system specs.

The main motivation here is to hide the version info which Ember prints every time the application boots.

```text
http://localhost:31337/assets/vendor.js 47142:16 "DEBUG: -------------------------------"
http://localhost:31337/assets/vendor.js 47142:16 "DEBUG: Ember  : 3.28.11"
http://localhost:31337/assets/vendor.js 47142:16 "DEBUG: jQuery : 3.6.0"
http://localhost:31337/assets/vendor.js 47142:16 "DEBUG: -------------------------------"
```
2022-12-22 16:47:33 +00:00
David Taylor
b1b53da71d
DEV: Improve performance of system test sign_in helper (#19579)
Previously, calling `sign_in` would cause the browser to be redirected to `/`, and would cause the Ember app to boot. We would then call `visit()`, causing the app to boot for a second time.

This commit adds a `redirect=false` option to the `/session/username/become` route. This avoids the unnecessary boot of the app, and leads to significantly faster system spec run times.

In local testing, this takes the full system-spec suite for chat from ~6min to ~4min.
2022-12-22 16:03:27 +00:00
Joffrey JAFFEUX
b11e7fb901
DEV: mute audio in system specs (#19578) 2022-12-22 15:03:03 +01:00
Joffrey JAFFEUX
daff62e3cb
FIX: re-enables using_session tests (#19564) 2022-12-22 14:40:36 +01:00
Jarek Radosz
dc3473fe06
DEV: Modernize chat's component tests (#19577)
1. `test()` and `render()` instead of `componentTest()`
2. Angle brackets
3. `strictEqual()`/`true()`/`false()` assertions

This removes all remaining uses of `componentTest` from core
2022-12-22 14:35:18 +01:00
Penar Musaraj
8546c2084a
DEV: Load SVG sprites during system spec runs (#19497)
Co-authored-by: David Taylor <david@taylorhq.com>
2022-12-22 08:13:43 -05:00
Jarek Radosz
263cd02a27
DEV: Get rid of all discourseModule uses (#19576)
QUnit's `module` and `setupTest` is the way
2022-12-22 13:13:28 +01:00
Joffrey JAFFEUX
d54f347883
FIX: prevents playing chat sound when in DnD (#19575)
I couldn't figure a sane way to test this, I'm open to suggestions.
2022-12-22 11:19:54 +01:00
Andrei Prigorshnev
c0b21bf9cf
FIX: styles of user status on mentions (#19563)
Reported in https://meta.discourse.org/t/users-mentions-wrongly-show-their-status-with-the-emoji/249534.

The problem was that we had styles for user status on mentions in the calendar plugin. So it looked fine on sites with Discourse Calendar but not on sites without it.
2022-12-22 14:15:52 +04:00
dependabot[bot]
c933dbfc2c
Build(deps): Bump @ember/test-helpers in /app/assets/javascripts (#19566)
Bumps [@ember/test-helpers](https://github.com/emberjs/ember-test-helpers) from 2.9.1 to 2.9.3.
- [Release notes](https://github.com/emberjs/ember-test-helpers/releases)
- [Changelog](https://github.com/emberjs/ember-test-helpers/blob/v2.9.3/CHANGELOG.md)
- [Commits](https://github.com/emberjs/ember-test-helpers/compare/v2.9.1...v2.9.3)

---
updated-dependencies:
- dependency-name: "@ember/test-helpers"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 10:38:01 +01:00
Martin Brennan
64a7a2aac2
FIX: Autocomplete arrow scroll for mention (#19571)
Follow up to 8820e9418a,
only the hashtag autocomplete has a fadeout scroll, so
we still need to scroll on the original div in some
cases (e.g. mentions)
2022-12-22 17:01:51 +10:00
Joffrey JAFFEUX
bef1966ca5
FIX: prevents creating a null User object (#19569)
Following the removal of user in current_user_membership we were now doing: `User.create(null)`.

I don't think it has any impact but this is just wasteful and could lead to issues if used.
2022-12-22 12:39:53 +10:00
Alan Guo Xiang Tan
954b39f5ec
FIX: Sidebar preferences link shown when navigation menu is legacy (#19568) 2022-12-22 07:58:06 +08:00
Joffrey JAFFEUX
f6174587ef
FIX: triggers update last read when message is not staged (#19565) 2022-12-21 22:55:34 +01:00