Commit Graph

6469 Commits

Author SHA1 Message Date
Vinoth Kannan
167d85c21f FIX: post & topic destroyed hooks not triggering with tag filter 2019-03-06 22:52:54 +05:30
Gerhard Schlager
4000978452 FIX: Failed to save email template with pluralized subject 2019-03-06 16:51:04 +01:00
Tim Lange
3ff0800e50 FIX: Fixed custom emoji circumventing "max emojis in topic title" set… (#7116) 2019-03-06 12:49:17 +01:00
Tarek Khalil
0a9a11094d
FEATURE: Save ignored usernames in user preferences (#7117)
* FEATURE: Save ignored usernames in user preferences
2019-03-06 11:21:58 +00:00
Tarek Khalil
f7c4d8c8f9
FIX: WebhookPostSerializer spec failure 2019-03-06 09:48:20 +00:00
Arpit Jalan
05ebb52ec4
FEATURE: defer flags when deleting child replies (#7111) 2019-03-06 14:32:25 +05:30
Sam
b2187301fd FEATURE: allow users to easily track/watch/mute topics via email
If you reply to an email with the word "mute" a topic will be muted
If you reply to an email with the word "track" a topic will be tracked
If you reply to an email with the word "watch" a topic will be watched

These ninja command can help advanced mailing list ex-users, saves a trip
to the website
2019-03-06 18:38:49 +11:00
Sam
8d7c10f7f2 FIX: allow moderators to create categories setting broken
Mods require visibility to everyone group cause category dialogs need to
know about this.

If the site setting `allow moderators to create categories` will not function
without this

Note there is no security expansion of rights here, the group is technically
empty anyway and it always looks exactly the same on all discourse instances
2019-03-06 17:44:18 +11:00
Tarek Khalil
dedd5e0e60
FIX: WebhookUserSerializer spec failure 2019-03-05 18:01:25 +00:00
Tim Lange
83f4c4a3f2 FIX: Fixed editing whispers bumps topic (#7106) 2019-03-05 18:02:20 +01:00
Tarek Khalil
7b78a1a2cd
FIX: anonymous user filtering bug in PostView (#7089)
* FIX: anonymous user filtering bug in PostView
2019-03-04 14:29:05 +00:00
Joffrey JAFFEUX
703c724cf3
REFACTOR: Migrate InstagramAuthenticator to use ManagedAuthenticator (#7081) 2019-03-04 14:54:28 +01:00
Arpit Jalan
ad5f5b931d DEV: deprecate blank files for static modal pages 2019-03-04 15:05:33 +05:30
Joffrey JAFFEUX
dc4001370c
FEATURE: displays groups in menu search (#7090) 2019-03-04 10:30:09 +01:00
Maja Komel
fea5d4f3ec FIX: any subcategory permissions are valid if everyone has access to parent category (#7097) 2019-03-04 14:49:26 +11:00
Arpit Jalan
01e2180548 FIX: /signup and /password-reset direct links were broken 2019-03-04 09:02:22 +05:30
Joffrey JAFFEUX
1cd64f68f1
FIX: staff/admin shouldn’t be able to create uncategorized topics (#7077) 2019-02-28 15:51:13 +01:00
Arpit Jalan
c02956e29c
FIX: when posts are moved to a message then small action post should not be publicly visible (#7085)
This fix is inspired from what we do in discourse-assigned plugin.
https://github.com/discourse/discourse-assign/blob/master/lib/topic_assigner.rb#L184
https://github.com/discourse/discourse-assign/blob/master/assets/javascripts/discourse-assign/initializers/extend-for-assigns.js.es6#L125-L133
2019-02-28 19:49:26 +05:30
David Taylor
b907924c93 FIX: ManagedAuthenticator should automatically update last_used time 2019-02-27 15:29:26 +00:00
Tarek Khalil
986cc8a0fb FEATURE: Introduce Ignore user (#7072) 2019-02-27 14:49:07 +01:00
Dan Ungureanu
f68a7a16a4 FIX: Use field name to name files in theme export. (#7009) 2019-02-27 10:45:22 +01:00
Maja Komel
6f427589b2 FIX: make it possible to use backup code everywhere where 2FA required (#7010) 2019-02-27 10:37:33 +01:00
Régis Hanol
326d892f5e Aadd 'secondary_emails' field in users export
FIX: escape_comma wasn't working in CSV exports
FIX: group_names field wasn't properly serialized
2019-02-27 10:12:20 +01:00
Davide Porrovecchio
75aaae5d5c FEATURE: Allow wildcard in allowed_user_api_auth_redirects setting (#6779) 2019-02-26 17:03:20 +01:00
David Taylor
a8ffc02d06 PERF: Reduce N+1s on theme admin page 2019-02-26 14:22:02 +00:00
Joffrey JAFFEUX
7ccb0b882f
FIX: ensures topic’s category allows topics tags (#7060) 2019-02-26 11:21:55 +01:00
Maja Komel
3d9981ac5c FIX: strip invalid byte sequences 2019-02-26 10:09:51 +01:00
Robin Ward
45db98dd3e FIX: Heisentest - Stored uploads don't always start with 1X
This is a common pattern we see in tests. The `id` of the upload
is used to create the URL and we assume the `id` will always be
in a certain range which depends on the database.
2019-02-25 15:21:33 -05:00
Penar Musaraj
9bf11a7c02
FEATURE: Add localized timezone names (#7004)
Uses github.com/discourse/moment-timezone-names-translations to translate timezone names.
Plugins can also provide their own timezone name translations.
2019-02-25 14:40:02 -05:00
Gerhard Schlager
dc961fecb9 FIX: Outgoing emails were not disabled after restoring backup 2019-02-25 16:07:24 +01:00
Joffrey JAFFEUX
900e187627
DEV: removing blank files (#7057) 2019-02-25 09:52:44 +01:00
Sam
4fb9ca3bc9 DEV: correct heisentest, run report at consistent time
`Time.zone.now` can be any time, make this report run on a consistent time
bucket every run instead of changing it each run.
2019-02-25 14:17:52 +11:00
Sam
0a357299b7 FEATURE: add f and t search shortcuts for first post / title
Previously with had `in:title` and `in:first` search shortcuts for
searching in first post or title only. They are a bit of handful to type.

This add 2 shortcuts (t and f) for searching titles of first posts.

This commit also cleans up all advanced filters, they were not properly
regex terminated allowing for weird clauses like `in:firstinator` acting
the same as `in:first`
2019-02-25 10:55:24 +11:00
Jeff Wong
8be7878656 FEATURE: add ability to clear previously set mobile_view with mobile_view=auto 2019-02-22 10:44:49 -08:00
Vinoth Kannan
d1bad881ea
FEATURE: Allow moderators to change topic timestamps (#7053) 2019-02-22 14:33:52 +05:30
Sam
667d3a3fd6 PERF: include content-length header for CDN
Attempt to force NGINX to include content length when doing X-SendFile
This does not seem to be required when bypassing NGINX.

Without this header some CDNs may have issues caching
2019-02-22 11:21:07 +11:00
Sam
31d41f532e PERF: do not include suggested topics when loading new posts
When a new post is triggered via message bus post stream will attempt to load
it, previously the `/topic/TOPIC_ID/posts.json` would unconditionally include
suggested topics, this caused excessive load on the server.

New pattern defaults to exclude suggested and related topics from this API
unless people explicitly ask for suggested.
2019-02-22 10:37:18 +11:00
Joffrey JAFFEUX
c5e952839a
FIX: prevents other tests from leaking modified theme color (#7051) 2019-02-21 15:12:20 +01:00
Guo Xiang Tan
72d14a11ab DEV: Properly flush DistributedMemoizer in spec.
- $redis.flushall may hide state leak from other tests.
2019-02-21 15:17:37 +08:00
Guo Xiang Tan
58b0e945bd
UX: Lightbox support for image uploader. (#7034) 2019-02-21 10:13:37 +08:00
Régis Hanol
664e90bd17 FIX: ensure local images use local CDN when uploads are stored on S3
When the S3 store was enabled, we were only applying the S3 CDN.
So all images stored locally, like the emojis, were never put on the local CDN.

Fixed a bunch of CookedPostProcessor test by adding a call to 'optimize_urls'
in order to get final URLs.

I also removed the unnecessary PrettyText.add_s3_cdn method since this is already
handled in the CookedPostProcessor.
2019-02-20 19:24:38 +01:00
Gerhard Schlager
66901f67f6 UX: Moderator post wasn't completely translatable 2019-02-20 16:37:47 +01:00
Sam
33269c4172 FEATURE: do no search for groups unless a term is specified
Do not allow `/u/search/users.json` to list any group matches unless a
specific `term` is specified in the API call.

Adding groups should always be done when an actual search term exists,
blank search is only supported for users within a topic
2019-02-20 17:28:22 +11:00
Dan Ungureanu
10dad7d013 FIX: Use CDN for optimized loading images. (#7006)
We missed a few spots in the cooked post processor where images where not loaded using CDN, causing
uneeded load and requests against the server
2019-02-20 13:55:08 +11:00
Sam
1f4ace4f56 FEATURE: autocomplete usernames early in topic based on participation
Following this change when a user hits `@` and is replying to a topic they
will see usernames of people who were last seen and participated in the topic

This is somewhat experimental, we may tweak this, or make it optional.

Also, a regression in a423a938 where hitting TAB would eat a post you were writing:

Eg this would eat a post:

``` text
@hello, testing 123 <tab>
```
2019-02-20 13:34:43 +11:00
Guo Xiang Tan
4d31b425e3 DEV: Validity of distributed mutex configurable once per instance.
Follow up to 4f9e5e19c8.
2019-02-20 09:29:45 +08:00
Guo Xiang Tan
f2efa0da66
DEV: Allow validity of lock to be customizable for DistributedMutex. (#7025)
- Allows a user to override the default lock validity of 60 seconds.
- Also clean up test which was leaking a redis key
2019-02-20 09:23:42 +08:00
Gerhard Schlager
5d75bd4831 FIX: Don't try to rename group when username is taken
FIX: Always rename groups with the default locale instead of using the user's locale
2019-02-19 22:31:03 +01:00
Robin Ward
34b2157b8c FIX: Slow test (deadlock)
It was getting caught in a `DistributedMutex` deadlock (twice!), which
meant this test was taking 120s to run.

I'm not sure why queue jobs was turned off here, because when I turn it
on the test passes and takes <2s instead.
2019-02-19 12:31:23 -05:00
Vinoth Kannan
563b953224 DEV: Add 'backfill_etags_' to the method name since it also backfilling the etags 2019-02-19 21:54:35 +05:30
David Taylor
7878e5007a
FIX: Refactor to prevent themes affecting core stylesheets (#7029)
If a theme setting contained invalid SCSS, it would cause an error 500 on the site, with no way to recover. This commit stops loading theme settings in the core stylesheets, and instead only loads the color scheme variables. This change also makes `common/foundation/variables.scss` available to themes without an explicit import.
2019-02-19 15:55:59 +00:00
Gerhard Schlager
4799cf2811 FIX: moment_js locale files provided by plugins were ignored 2019-02-19 15:28:47 +01:00
Vinoth Kannan
bf2059baf5 SPEC: check enqueued jobs size instead of using mocks 2019-02-19 13:14:06 +05:30
Vinoth Kannan
f2c3415548 FIX: Should not generate payload until active webhooks are exist 2019-02-19 12:23:42 +05:30
Guo Xiang Tan
bf21ebaecc DEV: Allow custom value when pausing sidekiq to aid in debugging.
Sometimes, it is useful to know what caused Sidekiq to be paused.
2019-02-19 10:55:53 +08:00
Guo Xiang Tan
86a2172bda DEV: Fix heisentest.
Unpause sidekiq before clearning up all threads.
2019-02-19 08:21:51 +08:00
Arpit Jalan
a960cbd97f fix the build ❤️ 2019-02-18 10:00:17 +05:30
Arpit Jalan
7cb194f2db Add more specs for word watcher service. 2019-02-18 09:55:16 +05:30
David Taylor
f04471e422 REFACTOR: Proxy letter avatars in rails instead of nginx
Co-authored-by: Sam Saffron <sam.saffron@gmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>

This gives more control over the request. In particular we can easily
lookup DNS dynamically, instead of only upon NGINX startup.
Previously, NGINX was looking up IP for the letter avatar service and
caching the CDN IP address, this caused issues if CDN changed IP, in
which letter avatars would be broken till a container restarted.

NGINX config has been updated to add caching. This change will require
a container rebuild.

The proxy will now function in development environments, so the patch
for `letter_avatar_proxy` has been removed.
2019-02-18 08:46:56 +11:00
Arpit Jalan
99c6db21e6
FEATURE: allow blocking emojis (#7011)
https://meta.discourse.org/t/blocking-emojis-wont-work/105853
2019-02-15 20:55:48 +05:30
Sam
f8b70f4ca3 FIX: unable to create new categories
Previous attempt at 70adb940 missed the critical "everyone" group from
staff, leading to a case where staff was no longer able to create categories
2019-02-15 10:24:29 +11:00
Vinoth Kannan
0472bd4adc FIX: Remove 'backfill_etags' keyword argument from 'uploads:missing' rake task
And etags backfilling code is optimized
2019-02-15 00:34:35 +05:30
Bianca Nenciu
e2b8fbee12 DEV: Improve test. 2019-02-14 17:53:26 +02:00
Bianca Nenciu
7003ea96be FIX: Fix failing test. 2019-02-14 16:56:06 +02:00
Bianca Nenciu
70adb94008 SECURITY: Do not leak private group names. (#7008) 2019-02-14 15:35:58 +01:00
Vinoth Kannan
b5fbd7385f FIX: run the rake task only for uploads created before a day from inventory date 2019-02-14 17:53:08 +05:30
Vinoth Kannan
f7d03b2406 Stop the automatic creation of inventory 'gz' file in fixtures 2019-02-14 14:25:45 +05:30
Sam
f52378ca5f Make rubocop happy
oops I forgot a newline
2019-02-14 18:06:06 +11:00
Sam
ebd4140492 FIX: logspam due to 404s on CSS files
We had a missing formats: string on our render partial that caused logs to
spam when CSS files got 404s.

Due to magic discourse_public_exceptions.rb was actually returning the
correct 404 cause it switched format when rendering the error.
2019-02-14 17:58:16 +11:00
Maja Komel
39522659a6 FIX: validate parent category/subcategories permissions
See: https://meta.discourse.org/t/subcategories-do-not-inherit-permissions-from-parent-category/17174/23 for more details

This ensures users with access to child category can always at least see parent
2019-02-14 16:38:52 +11:00
Arpit Jalan
b651605d6e FIX: tags added while editing a pending approval topic do not show up (#6959) 2019-02-14 15:42:40 +11:00
Sam
74d2d4f658 FEATURE: add APIS for unpausing all sites
This adjusts 53d592ad by @tgxworld

- Adds Sidekiq.upause_all! to unpause all sites
- Adds Sidekiq.paused_dbs to list dbs that are currently paused
- Handles some edge cases where unpause thread could extend expiry on
sites that were unpaused from a different process
- Ensures tests always terminates background thread used for pause
keepalive
2019-02-14 13:34:20 +11:00
Guo Xiang Tan
53d592ad3b FIX: Add multisite support to Sidekiq::Pausable. (#6960)
Having a global Sidekiq pause switch is problematic because a site in
the cluster can pause Sidekiq for the entire cluster.
2019-02-14 12:22:40 +11:00
Vinoth Kannan
484bd82278 FIX: Add onceoff job to remove double quotes from s3 etags 2019-02-14 05:19:41 +05:30
Vinoth Kannan
7b5931013a Update rake task to backfill etags from s3 inventory 2019-02-14 05:18:06 +05:30
Vinoth Kannan
1045bbc35b FIX: S3 inventory data can be splitted into multiple csv files 2019-02-14 03:41:52 +05:30
Sam
641b079c78 FIX: add support for missing verbs in user api key
Previously "write" scope was missing put and delete verbs which should be
allowed.

Also closes: #6982
2019-02-13 15:49:43 +11:00
Penar Musaraj
5cef5b34ef DEV: Yarn-manage moment and moment-timezone libraries 2019-02-12 13:57:52 -05:00
Robin Ward
c23411cc69 FIX: Heisentest - suspicious logins report was not ordered by date
The specs needed an order even though none was supplied.
2019-02-12 13:17:29 -05:00
David Taylor
91f0468f4e FIX: Allow unbaked theme fields to be destroyed
The after_commit hook was attempting to re-bake theme_fields after they were destroyed, which caused an exception to be thrown
2019-02-12 16:14:43 +00:00
Dan Ungureanu
90ce448675 PERF: Cache build_not_found_page 2019-02-12 21:20:33 +11:00
Robin Ward
12d061a45b Remove stubbing of auto_close_threshold_reached? 2019-02-11 15:41:03 -05:00
David Taylor
705c898c21
FEATURE: Calculate CSP based on active themes (#6976) 2019-02-11 12:32:04 +00:00
Arpit Jalan
dcd7b92532 FIX: some posters were not getting added to topic_allowed_users when moving posts to a new PM
If a user posted twice in a topic then subsequent posters were not getting added as topic_allowed_users.
2019-02-11 17:05:21 +05:30
Penar Musaraj
c50db76f5d FIX: do not treat TIFF, BMP, WEBP as images
Treating TIFF and BMP as images cause us to add them to IMG tags, this is very inconsistent across browsers.

You can still upload these files they will simply not be displayed in IMG tags.
2019-02-11 16:28:43 +11:00
Gerhard Schlager
84a10f8212 Fix failing spec
The Report class created its own BackupStore without a stubbed S3 client
2019-02-08 21:38:10 +01:00
Robin Ward
b75a3e391a Use skip not pending 2019-02-08 13:48:29 -05:00
Robin Ward
c719658f9f human? helper method on a user
This is cleaner than hard coding `id > 0` in ruby code.
2019-02-08 13:34:54 -05:00
Robin Ward
fb18c57372 For now, make spec pending since it is broken. 2019-02-08 12:46:19 -05:00
Robin Ward
72b5ab0454 Don't wrap exceptions in test mode unless specifically requested.
This helps debugging reports with invalid SQL, which would otherwise
return no results instead of a useful error message while running
tests.
2019-02-08 11:26:26 -05:00
Robin Ward
bc3efab816 FIX: When disagreeing with a flag that silenced a user, unsilence them
Previously it would unhide their post but leave them silenced.

This fix also cleans up some of the helper classes to make it easier
to pass extra data to the silencing code (for example, a link to the
post that caused the user to be silenced.)

This patch also refactors the auto_silence specs to avoid using
stubs.
2019-02-08 08:50:50 -05:00
David Taylor
95b5c5898e FIX: Prevent duplicate params for raw template theme handlebars helpers 2019-02-08 12:54:00 +00:00
Vinoth Kannan
cc496de10e FIX: Remove double quotes from etag value in API response
https://github.com/aws/aws-sdk-ruby/issues/1134
2019-02-08 14:31:19 +05:30
Penar Musaraj
2a007bafa2 FEAT: Allow image resize by width or height
`|150x` resizes to 150px wide + auto-height. `x150` resizes to 150px tall and auto-width.

Resize value can be from 1 to 999 (incl. for percentages).
2019-02-07 15:04:39 -05:00
Régis Hanol
c256121833 FIX: add support for style element in SVGs 2019-02-07 12:09:06 +01:00
Arpit Jalan
ab2c2ea605
FIX: validate Invite email against EmailValidator.email_regex (#6975) 2019-02-06 22:38:06 +05:30
David Taylor
f3cfce4a93
FEATURE: Calculate sprite-sheet based on currently active themes (#6973)
Previously there was only one sprite sheet, which always included icons from all themes even if they were disabled
2019-02-06 15:51:23 +00:00
Vinoth Kannan
ba9cc83d4c FIX: Destination prefix in S3 inventory configuration is incorrect 2019-02-06 20:51:28 +05:30
Arpit Jalan
381793243e FIX: include error message if the "accept invite" process fails 2019-02-06 19:20:25 +05:30
Vinoth Kannan
ff12c4b2d4 FIX: Bucket name is missing in S3 inventory data path 2019-02-06 19:16:08 +05:30
Vinoth Kannan
e7821a63e7 FIX: Users should able check the emails for self 2019-02-05 23:31:19 +05:30
David Taylor
a3b47c1dd1 FEATURE: Allow string theme settings to display with multiple lines
To use, add `textarea: true` to the theme settings.yml. For example:

```
my_setting:
  default: "some string"
  textarea: true
```
2019-02-05 14:14:53 +00:00
David Taylor
7b7bc3db39 FIX: Rescue and display import errors when updating theme via git 2019-02-05 13:49:16 +00:00
Bianca Nenciu
4f3ee86bbd FIX: in:title should work irrespective of the order. (#6968) 2019-02-05 10:54:52 +01:00
Penar Musaraj
edcdbe1946 DEV: Restore textarea type for site settings
Currenty, no settings in core use this, but textareas will be useful in theme settings and plugins.
2019-02-04 15:41:58 -05:00
Robin Ward
e5a81aeb6e REFACTOR: Remove stubbed methods in tests 2019-02-04 15:06:00 -05:00
Robin Ward
e75b240390 FIX: Some brittle tests with hardcoded ids
If we're going to use hardcoded ids, we should make sure the records are
not saved, or that the ID will not come up during normal use.
2019-02-01 11:44:37 -05:00
Vinoth Kannan
b4f713ca52
FEATURE: Use amazon s3 inventory to manage upload stats (#6867) 2019-02-01 10:10:48 +05:30
Guo Xiang Tan
a1b4d9b061 DEV: Fix specs using deprecated site settings. 2019-02-01 12:31:03 +08:00
Sam
a84aaf197a DEV: correct heisentest testing for avatars
If for some reason we created andupload with id 1 in the test then the
test would fail. This can happen if this is the absolute first test to
run on the db.

Fix sets the upload to a legitimate which in turn means the last upload
will not be upload id 1 and stops using id hard coding for the testing.
2019-02-01 13:27:06 +11:00
Robin Ward
720e896e17 FIX: PostActionCreator was not checking the guardian properly
It also exposed a bug in the EmailReceiver spec, where a test had a user
liking their own post and was not failing.
2019-01-31 14:48:42 -05:00
Gerhard Schlager
ec7f418a22 REFACTOR: Simplify finding the opengraph image
* removes deprecation warnings for "logo url"
* adds the "large icon" as fallback before the "apple touch icon"
2019-01-31 20:46:15 +01:00
David Taylor
886ba9dff9 DEV: Correct spec for theme export change 2019-01-31 17:52:03 +00:00
David Taylor
43f3bf71ba FIX: Imported themes should set their color scheme automatically 2019-01-31 17:45:11 +00:00
Régis Hanol
1021a42b22 FIX: new mailgun webhooks 2019-01-31 17:52:33 +01:00
Arpit Jalan
f83533e1cb FIX: use absolute url for /images/example.png links
FEATURE: fallback to logo_url as last resort for opengraph image url
2019-01-31 10:20:15 +05:30
David Taylor
d8bd3c32ca
DEV: Allow theme CLI to specify which theme to synchronize (#6963)
Currently the theme is matched by name, which can be fragile when there are many themes with the same name. This functionality will be used by the next version of theme CLI.
2019-01-30 14:17:04 +00:00
Gerhard Schlager
1e98929501 FIX: Email domain whitelist prevented user anonymizing
FIX: Secondary email addresses were not deleted during anonymizing
2019-01-30 15:14:36 +01:00
Guo Xiang Tan
60c1cd9f81 FIX: Return 400 when username params is invalid. 2019-01-30 16:06:55 +08:00
Penar Musaraj
421d47da1e FIX: user and group mentions in subfolder installs 2019-01-29 21:54:29 -05:00
Robin Ward
6f656f6e7d FIX: Better error handling if a file cannot be sent
If for some reason `Discourse.store.path_for` returns `nil`, the
forum would throw an error rather than returning 404.

Why would it be `nil`? One cause could be changing the type of
file store and having the `url` field no longer be relative.
2019-01-29 16:47:25 -05:00
Régis Hanol
51fdf7a11d FIX: don't duplicate attachments 2019-01-28 18:40:52 +01:00
David Taylor
fb5c94246c DEV: Remove underscore from learn_more key in theme export
Follow up from 033cd4f3
2019-01-28 16:00:33 +00:00
David Taylor
033cd4f31d DEV: Include "_learn_more" key in theme about.json
This does not serve any technical purpose. It is there to provide a signpost for any user/developer that wants to know what to do with a theme archive.
2019-01-28 11:34:11 +00:00
David Taylor
99e0820c0b UX: Do not prepend discourse to theme filename if it's already there 2019-01-28 11:29:29 +00:00
David Taylor
aca0b32fda
FEATURE: Allow overriding text size from a different device (#6955)
This brings the feature in line with the theme selection system
2019-01-28 11:19:50 +00:00
Robin Ward
0f73026c21 FIX: Heisentest
These tests were failing for the same reason as:
bee68bba2e

Fix was the same.
2019-01-25 15:25:48 -05:00
Régis Hanol
db76e5a368 FIX: properly handle attachments in received emails
This regressed in 1ac3e547 when we added support for eml attachments.
2019-01-25 19:13:34 +01:00
David Taylor
2e48c43546 FIX: Fix safe mode regression
Follow up from a48731e
2019-01-25 17:00:30 +00:00
Robin Ward
78ddc82952 FIX: Respect min_flags_staff_visibility for new flags too
There was a situation where if:

* There were new flags to review that met the visibility threshold

AND

* There were old flags that *didn't* meet the threshold

THEN

a pending flags notification would be sent out. This fixes that case.
Staff should not be notified of flags if they do not meet the threshold
and are old.
2019-01-25 11:27:43 -05:00
David Taylor
d338e54f59
FEATURE: Allow setting font size per-device using a cookie (#6947) 2019-01-25 15:06:06 +00:00
David Taylor
a48731e359
FEATURE: Support additional metadata in theme about.json (#6944)
New `about.json` fields (all optional):
 - `authors`: An arbitrary string describing the theme authors
 - `theme_version`: An arbitrary string describing the theme version
 - `minimum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.
 - `maximum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.

A localized description for a theme can be provided in the language files under the `theme_metadata.description` key

The admin UI has been re-arranged to display this new information, and give more prominence to the remote theme options.
2019-01-25 14:19:01 +00:00
Vinoth Kannan
2d6aa2aea2 FEATURE: Add recipient avatars in PM topic list even if they not yet replied 2019-01-25 19:41:49 +05:30
Blake Erickson
de47b35b2d FIX: user_id handling on remove user from group
Under some conditions it was possible to pass in a user_id as an
integer, but we would try and parse it as a comma delimited string
resulting in an error. This has been fixed so that we are no longer
mapping the user_id param to user_ids.
2019-01-24 17:40:48 -07:00
Gerhard Schlager
0947fa2bad Fix specs
Follow-up to 7e9da812ea
2019-01-24 22:54:03 +01:00
Gerhard Schlager
45b056b615 FIX: Do not show backups stored in subfolder of bucket 2019-01-24 22:28:03 +01:00
Gerhard Schlager
7e9da812ea DEV: Multisite tests didn't fail anymore
The change in 9ba8bfb1aa swallowed all exceptions (even syntax errors) which made them appear to pass even if they failed.
2019-01-24 22:28:00 +01:00
Robin Ward
96b2585a91 REFACTOR: Remove unncessary stubs from pending flags reminder
They seem to be calculated fine by the application, and stubbing
makes the tests more brittle and prone to regression.
2019-01-24 13:45:58 -05:00
Arpit Jalan
fabeba788d
FIX: allow sending PMs to staff via flag even when PMs are disabled (#6938)
* FIX: allow sending PMs to staff via flag even when PMs are disabled
FIX: allow sending PMs to staff via flag even if the user trust level is insufficient

* Update lib/topic_creator.rb

Co-Authored-By: techAPJ <arpit@techapj.com>
2019-01-24 16:56:59 +05:30
David Taylor
afd449089f
FEATURE: Import and export themes in a .tar.gz format (#6916) 2019-01-23 14:40:21 +00:00
Vinoth Kannan
70b56c8332 FIX: 'anon' css class is missing for anonymous users 2019-01-23 10:13:36 +05:30
Robin Ward
f32de88dfc FIX: Don't notify of pending flags if min_flags_staff_visibility not met 2019-01-22 11:01:18 -05:00
Guo Xiang Tan
2fe9617dc1 Fix rubocop. 2019-01-22 18:37:55 +08:00
Guo Xiang Tan
d32900292d FIX: Don't update User#last_seen_at when PG is in readonly take 3. 2019-01-22 18:07:48 +08:00
Guo Xiang Tan
4dee7ed6d9 DEV: Fix randomlly failing spec. 2019-01-22 15:19:31 +08:00
Guo Xiang Tan
f6f2c38183 FIX: Fallback Redis by checking status on master instead of slave. 2019-01-22 12:38:12 +08:00
Guo Xiang Tan
b0adffdef5 FIX: Clear anon cache when clearing recently readonly. 2019-01-22 09:53:04 +08:00
Jeff Wong
3359b3baca FEATURE: Do not autoclose topics due to user flagging that are authored by staff 2019-01-21 15:50:53 -08:00
Gerhard Schlager
a123aafdad Fix random build error
Follow-up to b95165b838
2019-01-21 22:00:45 +01:00
Vinoth Kannan
0cf8f10158 SPEC: Use I18n translation instead of using raw text 2019-01-21 20:21:09 +05:30
Joffrey JAFFEUX
b95165b838
FEATURE: adds a new chart report to track pageviews (#6913) 2019-01-21 15:17:04 +01:00
Guo Xiang Tan
426907cb88 FIX: Incorrect subscription in PostgreSQLFallbackHandler. 2019-01-21 17:39:31 +08:00
Vinoth Kannan
c5dd4bf5dc fix the build
Use whitespace after code block start for single word languages
2019-01-21 15:04:18 +05:30
Guo Xiang Tan
3c6a8a2bb1 Partially revert 4466fcf1bc. 2019-01-21 15:41:01 +08:00
Vinoth Kannan
9cf4013073 Add raw post content in "flagged post removed by staff" PM 2019-01-21 12:27:23 +05:30
Guo Xiang Tan
4466fcf1bc FIX: Don't update User#last_seen_at when PG is readonly take 2. 2019-01-21 13:49:08 +08:00
Guo Xiang Tan
c732ae9ca9 FIX: Don't update User#last_seen_at when PG is in readonly. 2019-01-21 13:29:29 +08:00
Gerhard Schlager
f8ded9cec9 FIX: Changing owner of small action post failed
Small action posts for invites (CC from email) have a blank raw and revising of posts with blank raw didn't work anymore.
2019-01-19 13:38:45 +01:00
David Taylor
59028035df FIX: Update about/license URLs when updating theme from remote source 2019-01-18 17:46:57 +00:00
Joffrey JAFFEUX
95f9a369a5
FIX: ensures visits reports are correcttly differencing mobile/all (#6905) 2019-01-18 17:24:18 +01:00
David Taylor
0b6be2cebc FIX: Correct deprecated theme settings in handlebars templates
Was overriding the incorrect `themeSetting.blah` syntax, instead of `themeSettings.blah`
2019-01-18 15:39:50 +00:00
Bianca Nenciu
b9b5527c63 DEV: Remove Job stub. 2019-01-18 17:35:45 +02:00
Gerhard Schlager
457e6c7b37 FIX: Mods weren't able to see emails in admin user list 2019-01-18 15:37:30 +01:00
David Taylor
f774f08d5f DEV: Remove theme_var fields from import spec 2019-01-18 12:27:25 +00:00
David Taylor
f40c97c367 Remove support for theme_var and theme_color_var fields
These are remnants of the old 'customization' system, and have been superseded by theme settings
2019-01-18 12:04:23 +00:00
Gerhard Schlager
197e3fd722 FIX: Keep original subject in emails to staged users
Renaming a topic shouldn't be visibile to staged users when the topic was created via email.
2019-01-18 11:07:54 +01:00
Gerhard Schlager
15d1e981c8 DEV: Improve specs
* notifications were created for the wrong user
* notifications didn't have a correct data attribute
2019-01-18 11:07:53 +01:00
Guo Xiang Tan
f89a32e759 FIX: Text logo does not show up on non ember pages. 2019-01-18 15:11:42 +08:00
Sam
a7628c1d74 FIX: use ordered_posts for last post check, not the posts relation
The `posts` relation on `Topic` is not ordered. Using `Topic.posts.first`
is basically the same as asking for a random post, it will depend on DB
order. This breaks on Topic merge and split for example.

Additionally, a huge problem with that is that it forces active record down
a slow path. `Topic.posts.first` is extremely slow on giant topics, since
it has no default ordering it appears AR materializes the entire set prior
to doing `first`.

This commit also illustrates the importance of testing, initially I only
fixed the second instance of the problem in `post_validator.rb` but testing
revealed that the problem was repeated at the top of the file.

Longer term we should consider a larger change of default ordering the posts
relations so people do not fall down this trap anymore.
2019-01-18 13:18:40 +11:00
Vinoth Kannan
2818afb267 FIX: Do not hide posts automatically when flagged by staff user 2019-01-18 01:33:55 +05:30
David Taylor
24b59afe2a FIX: Wrap theme javascript inside IIFE to prevent using global namespace 2019-01-17 14:44:10 +00:00
David Taylor
def6b2fca1 DEV: Correct theme setting specs 2019-01-17 12:39:34 +00:00
David Taylor
880311dd4d
FEATURE: Support for localized themes (#6848)
- Themes can supply translation files in a format like `/locales/{locale}.yml`. These files should be valid YAML, with a single top level key equal to the locale being defined. For now these can only be defined using the `discourse_theme` CLI, importing a `.tar.gz`, or from a GIT repository.

- Fallback is handled on a global level (if the locale is not defined in the theme), as well as on individual keys (if some keys are missing from the selected interface language).

- Administrators can override individual keys on a per-theme basis in the /admin/customize/themes user interface.

- Theme developers should access defined translations using the new theme prefix variables:
  JavaScript: `I18n.t(themePrefix("my_translation_key"))`
  Handlebars: `{{theme-i18n "my_translation_key"}}` or `{{i18n (theme-prefix "my_translation_key")}}`

- To design for backwards compatibility, theme developers can check for the presence of the `themePrefix` variable in JavaScript

- As part of this, the old `{{themeSetting.setting_name}}` syntax is deprecated in favour of `{{theme-setting "setting_name"}}`
2019-01-17 11:46:11 +00:00
Guo Xiang Tan
aa2cc4ab31 FIX: Liked notification consolidation has to account for user like frequency setting. 2019-01-17 14:33:23 +08:00
Sam
384135845b FEATURE: introduce ultra_low priority queue
This commit introduces an ultra low priority queue for post rebakes. This
way rebakes can never interfere with regular sidekiq processing for cases
where we perform a large scale rebake.

Additionally it allows Post.rebake_old to be run with rate_limiter: false
to avoid triggering the limiter when rebaking. This is handy for cases
where you want to just force the full rebake and not wait for it to trickle
2019-01-17 14:53:19 +11:00
Guo Xiang Tan
b4c2d49b0c DEV: Consolidate and remove duplicated liked notifications tests. 2019-01-17 11:14:17 +08:00
Bianca Nenciu
7d84648d11 FEATURE: Remove full quotes only from new posts. (#6862) 2019-01-17 13:24:32 +11:00
Sam
1022d69101 DEV: lint spec file
We were defining a lot of unused vars, this made my linter upset so
I prefixed them with _
2019-01-17 12:41:28 +11:00
Sam
d5ecf8e8c2 FIX: properly clean out post and user actions on destroy user
This corrects 2 issues:

First is a regression with d7c08e21 for some reason dependent :delete_all
respects default scopes where-as dependent :destroy bypasses it.

Secondly, we were keeping orphan user actions around on user destroy, this
ensures we remove all the user actions not only ones that originated by
the user.

So for example: if I like a post of user A we create a user action saying I
did that, but once user A is deleted we were not removing the action leading
to an orphan action in the database.
2019-01-17 12:40:30 +11:00
Robin Ward
bee68bba2e FIX: Heisentest
We use the `id` of the upload to calculate a `depth` partition in the
filename. This test would fail if your database had a higher seed
because the depth it was looking for was hard coded to 1.

The solution was to not save the records (which is faster anyway) and
specify the `id` of the upload to make the hash deterministic.
2019-01-16 15:01:50 -05:00
Guo Xiang Tan
f06b773d25 FIX: Don't show liked consolidated notification when frequency is never. 2019-01-16 17:08:59 +08:00
Guo Xiang Tan
e7b49c42c4 FIX: Allow liked notifications consolidation to be disabled. 2019-01-16 16:17:04 +08:00
Guo Xiang Tan
27e2b6575b FIX: Liked notifications should not be consolidated across multiple users. 2019-01-16 15:01:13 +08:00
Guo Xiang Tan
ebe65577ed
FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00
Guo Xiang Tan
51b19e945c DEV: Stablize the multisite tests.
SiteSettingExtension triggers message bus which re-establishes a
DB connection in `SiteSettingExtension#process_message`. That happens
concurrently and a test that requires a connection to the db will
fail when the reconnection is happening.
2019-01-16 10:29:36 +08:00
Vinoth Kannan
59e5af466b FIX: call method only if it exists
discourse-objects creating empty Discourse object in window. It fails the _registerPluginCode method call since it is not exist.
2019-01-15 15:55:32 +05:30
Guo Xiang Tan
ec58c33e9e DEV: Improve postgresql fallover and multisite tests. 2019-01-15 12:52:45 +08:00
David Taylor
1ebd3dbbd0
FEATURE: Allow the base font size to be changed on a per-user basis (#6859) 2019-01-14 13:21:46 +00:00
Arpit Jalan
a121d40771
FIX: do not show PM topics when moving posts to an existing public topic (#6876) 2019-01-14 15:00:45 +05:30
Guo Xiang Tan
78748f1501 DEV: Refactor tests for notification when liking a post.
Tests were covering the same code path so I'm consolidating it.
2019-01-14 11:43:09 +08:00
Arpit Jalan
83af32c472 DEV: more accurate spec for UserSummarySerializer 2019-01-14 07:26:10 +05:30
Arpit Jalan
5e9a7e41e9 DEV: improve UserSummarySerializer spec 2019-01-14 07:19:37 +05:30
Guo Xiang Tan
e453539e1e DEV: Refactor test to assert for the actual output.
Also, generatnig the same json multiple times.
2019-01-12 08:00:22 +08:00
Arpit Jalan
5e0f9eadb8
FIX: show user avatar on User summary page (#6872) 2019-01-11 23:39:06 +05:30
Robin Ward
dbe42068a2 REFACTOR: Move option to return emails into the serializer
This makes more sense than having the guardian take an accessor.
The logic belongs in the Serializer, where the JSON is calculated.

Also removed some of the DRYness in the spec. It's fewer lines
and made it easier to test the option on the serializer.
2019-01-11 11:17:23 -05:00
Vinoth Kannan
f94c0283b2
FIX: Use correct version when generating file path for optimized image (#6871) 2019-01-11 18:35:38 +05:30
Guo Xiang Tan
2956c52e57 FIX: Show title as home logo if title has been set and logo is blank.
https://meta.discourse.org/t/default-text-logo-not-working/103936
2019-01-11 15:46:58 +08:00
Saurabh Patel
99856478d6 FIX: use discourse route_for function to check url route
it takes care if there is a relative url root
2019-01-11 14:58:45 +08:00
Guo Xiang Tan
d10694150e Revert "FIX: Partial reply key search in email sent logs."
This reverts commit e9b2018bc8.
2019-01-10 10:05:56 +08:00
Saurabh Patel
b63b399799 DEV: remove uploaded_meta_id column from category (#6725)
* DEV: remove uploaded_meta_id column from category

* remove uploaded_meta part
2019-01-10 09:37:21 +08:00
Guo Xiang Tan
e9b2018bc8 FIX: Partial reply key search in email sent logs.
Follow up to c85b9c6ed3
2019-01-10 09:25:14 +08:00
Sam
35b59cfa78 SECURITY: escape title HTML for inline onebox 2019-01-10 12:02:05 +11:00
Penar Musaraj
e11c6ffa89 FEATURE: allow extending CSP base-uri and object-src
Plus, ensure :none is stripped, it cannot be combined with other sources
2019-01-09 15:34:14 -05:00
Robin Ward
9ba8bfb1aa FIX: Multisite DB was leaving old data in test mode
This commit introduces a new helper to enable transactional fixtures
when testing multisite. This would show up as tests that passed the
first time then failed the second time due to stale data being leftover.
2019-01-09 15:20:37 -05:00
Kyle Zhao
dec8e5879a FEATURE: set CSP base-uri and object-src to none (#6863) 2019-01-09 15:04:50 -05:00
Guo Xiang Tan
4ddd8fad20 DEV: Raise error with stats. 2019-01-09 10:54:02 +08:00
Rafael dos Santos Silva
f73fe36772 FEATURE: PWA compatibility checks in the Dashboard (#6850) 2019-01-09 08:46:11 +08:00
Sam
824c3420e9 DEV: make Jobs.enqueue tests less fragile
Previously we depended on non Sidekiq specific mocking which is not the
official way of testing Sidekiq, this made these tests very fragile

New testing is more robust and complete
2019-01-09 09:51:11 +11:00
Sam
e08a3f719c FEATURE: push post rebake regular task to low priority queue
This allows us to run regular rebakes without starving the normal queue.

It additionally adds the ability to specify queue with `Jobs.enqueue` so
we can specifically queue a job with lower priority using the `queue` arg.
2019-01-09 08:57:20 +11:00
Rishabh
733a60e888 FIX: Remove trailing whitespace to fix build 2019-01-08 17:37:43 +05:30
Vinoth Kannan
8f602be2fe FEATURE: keep the topic in closed status until the community flags are handled 2019-01-08 16:13:10 +05:30
Sam
f947e3c6cc FIX: always serve new avatar for previous version
Previously we killed caching on old avatars cause we kept serving blank
this meant we would front many more avatar requests after a version change

This change ensures all old avatars do not cause a flood of requests on the
server
2019-01-08 19:51:33 +11:00
Guo Xiang Tan
ec27db78be FIX: Set unique post key for a user outside of transaction.
Previously, the Redis key was set within the transaction and the key
isn't deleted if the transaction is not successful.

Note that this isn't tested because we don't have a repro of what can
raise an error within the transaction.

https://meta.discourse.org/t/body-is-too-similar-to-what-you-previously-posted-even-when-previous-post-didnt-go-through/105436
2019-01-08 15:22:22 +08:00
Arpit Jalan
05c015d252 DEV: add a spec for "accept invite" log_on_user behaviour 2019-01-08 12:41:21 +05:30
Arpit Jalan
e0bc82657b FIX: better accept invite flow when user is invited via a link 2019-01-07 14:22:08 +05:30
Robin Ward
5eaf3cb104 Adjusts the minimum_flag_threshold for TL3/TL4 actions
Before this patch, a high trust level user could flag something
and have an action be taken, as well as skipping the flag queue.

Now, if a TL3/TL4 cause an action, the flag will skip the minimum
visibility check and allow staff to review it.
2019-01-04 13:16:44 -05:00
Gerhard Schlager
c0a8bb9a91 FEATURE: Include "via <site_name>" in email From header 2019-01-04 17:06:19 +01:00
Régis Hanol
88e861e895 FIX: prevent error when badge has already been awarded 2019-01-04 15:17:54 +01:00
David Taylor
5bf16d7d10 FEATURE: Topic timer for bumping a topic in the future 2019-01-04 13:08:04 +00:00
Vinoth Kannan
75dbb98cca FEATURE: Add S3 etag value to uploads table (#6795) 2019-01-04 14:16:22 +08:00
cfitz
19d7545318 FEATURE: Make auth_redirect param options on user_api_keys
This is a possible solution for https://meta.discourse.org/t/user-api-keys-specification/48536/19
This allows for user-api-key requests to not require a redirect url.
Instead, the encypted payload will just be displayed after creation  ( which can be copied
pasted into an env for a CLI, for example  )

Also: Show instructions when creating user-api-key w/out redirect

This adds a view to show instructions when requesting a user-api-key
without a redirect. It adds a erb template and json format.
Also adds a i18n user_api_key.instructions for server.en.yml
2019-01-04 14:46:18 +11:00
Guo Xiang Tan
5f0f7f909d FIX: Incorrect CDN URL for site setting uploads when s3 is enabled. 2019-01-04 07:52:13 +08:00
Sam
70269c7c97 FEATURE: tighter limits on per cluster post rebakes
We have the periodical job that regularly will rebake old posts. This is
used to trickle in update to cooked markdown. The problem is that each rebake
can issue multiple background jobs (post process and pull hotlinked images)

Previously we had no per-cluster limit so cluster running 100s of sites could
flood the sidekiq queue with rebake related jobs.

New system introduces a hard limit of 300 rebakes per 15 minutes across a
cluster to ensure the sidekiq job is not dominated by this.

We also reduced `rebake_old_posts_count` to 80, which is a safer default.
2019-01-04 09:24:46 +11:00
Vinoth Kannan
385829d7be FEATURE: Display error message when category restriction is applied for tags 2019-01-04 00:29:13 +05:30
Gerhard Schlager
b089ac1537 FIX: Posting without bump raised an error for TL4 2019-01-03 14:14:02 +01:00
Arpit Jalan
d1597683f3 Revert "FIX: trim trailing slash from topic links"
This reverts commit 993f847a2c.

There is an edge case where the link click redirect fails when the URL has trailing slash. Need to figure out a better fix for this.
2019-01-03 17:29:22 +05:30
Guo Xiang Tan
c666ef556d Fix the build.
Ref 570877da3c
2019-01-03 15:34:39 +08:00
Arpit Jalan
993f847a2c FIX: trim trailing slash from topic links 2019-01-03 12:38:36 +05:30
Sam
570877da3c FEATURE: store thumbnail algorithm version in optimized image table
Previously we had no idea what algorithm generated thumbnails, this starts tracking the version.

We also bumped up the version to force all optimized images to be generated. This is important cause we recently introduced pngquant which results in much smaller images.
2019-01-03 17:07:30 +11:00
Arpit Jalan
bea7a8a4d1 FIX: show accurate error message based on invite token validity 2019-01-03 07:46:05 +05:30
Neil Lalonde
3236f2668f add note to specs about ImageMagick 7 requirement 2019-01-02 12:03:57 -05:00
Gerhard Schlager
8cb5ed3a7c DEV: Fix random build error 2019-01-02 17:27:08 +01:00
Gerhard Schlager
c30996129f FEATURE: Allow TL4 users to reset bump date 2019-01-02 16:57:05 +01:00
Guo Xiang Tan
38ded77e16 FIX: Make test less fragile. 2019-01-02 16:33:50 +08:00
Sam
766e67ce57 FEATURE: introduce lossy color optimization on resized pngs
This feature ensures optimized images run via pngquant, this results extreme amounts of savings for resized images. Effectively the only impact is that the color palette on small resized images is reduced to 256.

To ensure safety we only apply this optimisation to images smaller than 500k.

This commit also makes a bunch of image specs less fragile.
2019-01-02 17:20:02 +11:00
Guo Xiang Tan
2feeba0f1c DEV: Remove duplicated assertion. 2019-01-02 05:07:58 +08:00
Jeff Atwood
96aca20fd7 add image optim version note to relevant tests 2019-01-01 01:25:00 -08:00
Arpit Jalan
70fdc10365
FEATURE: move posts to new/existing PM (#6802) 2018-12-31 17:17:22 +05:30
Joffrey JAFFEUX
f1269fa807
FEATURE: Add Top Uploads report (#6825)
Co-Authored-By: I am very Pro-Grammer. <khalilovcmded@users.noreply.github.com>
2018-12-28 20:48:54 +01:00
Vinoth Kannan
2b006c0429 FEATURE: Invalidate broken images cache on Rebuild HTML action 2018-12-26 23:22:07 +05:30
Régis Hanol
5381096bfd PERF: new 'migrate_to_s3' rake task 2018-12-26 17:34:49 +01:00
Sam Saffron
303a535dba PERF: automatic upload size calculation not persisted
Previously if upload had missing width and height we would calculate
on first use BUT we (me) forgot to save this to the database

This was particularly bad on home page cause category images (when old)
miss dimensions.
2018-12-26 17:19:29 +02:00
Joffrey JAFFEUX
f637286db5
UX: improves flags-status report (#6773)
- link to post
- cover more post action types
2018-12-26 10:29:33 +01:00
Sam Saffron
69aa8f18c2 FEATURE: allow for custom excerpt BBCODE
This allows fidelity in controlling excerpt (text that shows up when you pin a topic or link to it externally):

```
I am some text

[excerpt]
This is some **custom** markdown that should be the excerpt
[/excerpt]

More text
```

Previous solution relied on DIVs, unfortunately DIVs do not play well,
by design with mixing markdown unless you have a preceding newline eg:

```
<div class='hello'>

this will be treated properly as markdown

</div>
```

This extra newline is not desirable.

I am also considering adding

```
[div class=excerpt]
[/div]
```

This would offer lots of flexibility to themes and plugins that do not want the extra annoying newline.
2018-12-25 17:02:28 +02:00
Guo Xiang Tan
2cbb513c98 FIX: Don't use Redis#keys in production.
As per the documentation for KEYS

```
Warning: consider KEYS as a command that should only be used in production environments with extreme care. It may ruin performance when it is executed against large databases. This command is intended for debugging and special operations, such as changing your keyspace layout.
```

Instead SCAN

```
Since these commands allow for incremental iteration, returning only a small number of elements per call, they can be used in production without the downside of commands like KEYS or SMEMBERS that may block the server for a long time (even several seconds) when called against big collections of keys or elements.
```
2018-12-25 15:12:59 +02:00
Kyle Zhao
61dcd7c52c FIX: validate YAML before save to avoid race condition 2018-12-25 15:08:17 +02:00
Arpit Jalan
1e2b81991f fix the build 2018-12-25 10:27:51 +05:30
Vinoth Kannan
a16bb32865 FIX: Do not raise error if most liked user is deleted 2018-12-25 01:04:55 +05:30
David Taylor
7feabd9e49 PERF: Eradicate N+1 queries from the theme admin page 2018-12-21 11:03:58 +02:00
Vinoth Kannan
2909e7fbdf FIX: Subfolder path is missing in category permalinks after slug update 2018-12-21 09:29:54 +05:30
Vinoth Kannan
e7e4074856 FIX: raises an error if q param is empty in search page 2018-12-20 21:43:14 +05:30
Guo Xiang Tan
b64d760bb3 DEV: Improve tests to assert that the right HTML is generated. 2018-12-20 07:14:32 +08:00
Maja Komel
0ce5f05b2a FIX: hide emails on admin user list for moderators (#6781) 2018-12-19 10:24:57 +01:00
Maja Komel
2fcbbead45 FIX: move sso provider into its own class so it doesn't interfere with sso client (#6767) 2018-12-19 10:22:10 +01:00
Bianca Nenciu
2eefe6d5d6 FIX: Use CDN for logos and icons. (#6698) 2018-12-19 10:20:48 +01:00
Arpit Jalan
1ab91f0474 FIX: preserve github fragment URL 2018-12-19 12:34:47 +05:30
Rishabh
cae5ba7356 FIX: Ensure that multisite s3 uploads are tombstoned correctly (#6769)
* FIX: Ensure that multisite uploads are tombstoned into the correct paths

* Move multisite specs to spec/multisite/s3_store_spec.rb
2018-12-19 13:32:32 +08:00
Neil Lalonde
6774b64aef FEATURE: add /conduct as an alias for /guidelines 2018-12-18 16:40:24 -05:00
Vinoth Kannan
9c6f77f9da DEV: Remove the unique_searches column from select query 2018-12-19 02:45:48 +05:30
Robin Ward
6080e3a2c0 FIX: Broken spec 2018-12-18 14:55:09 -05:00
Robin Ward
662cfc416b FEATURE: Show a blurry preview when lazy loading images
This generates a 10x10 PNG thumbnail for each lightboxed image.
If Image Lazy Loading is enabled (IntersectionObserver API) then
we'll load the low res version when offscreen. As the image scrolls
in we'll swap it for the high res version.

We use a WeakMap to track the old image attributes. It's much less
memory than storing them as `data-*` attributes and swapping them
back and forth all the time.
2018-12-19 01:57:30 +08:00
Rishabh
c279792130 FIX: Allow sending test e-mails to any email address when disable_email is set to non-staff (#6792) 2018-12-18 16:12:05 +01:00
Bianca Nenciu
825ae86857 FEATURE: Remove full quote only if first paragraph. (#6793) 2018-12-18 15:46:20 +01:00
Vinoth Kannan
a313b01148 DEV: raise error if search term length is less than required 2018-12-18 20:06:59 +05:30
Vinoth Kannan
341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column (#6791) 2018-12-18 19:13:46 +05:30
Gerhard Schlager
577af81e76 FIX: Font tag resulted in wrong email trimming 2018-12-18 11:40:54 +01:00
Gerhard Schlager
37461a6398 FIX: Weird mixture of line breaks resulted in wrong email trimming 2018-12-18 11:40:54 +01:00
Maja Komel
98d09c90ac Current user serializer groups (ef7f84b follow-up) 2018-12-18 09:05:45 +01:00
Guo Xiang Tan
5c2e194d01 SECURITY: Users can pick non-avatar uploads.
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:38:25 +08:00
Guo Xiang Tan
899caf35ba Revert "SECURITY: User could non-avatar uploads."
This reverts commit 89581fa301.
2018-12-18 13:37:31 +08:00
Guo Xiang Tan
89581fa301 SECURITY: User could non-avatar uploads.
https://meta.discourse.org/t/bug-report-idor-on-avatar-pick-function-discussions-udacity-com/103564
2018-12-18 13:35:33 +08:00
Guo Xiang Tan
d7660dfe40 FIX: Enabling readonly mode should clear anon cache as well. 2018-12-18 11:56:25 +08:00
Vinoth Kannan
efcea148eb DEV: Use destroy! method to raise error if any (#0d3c1cde) 2018-12-18 03:05:43 +05:30
Gerhard Schlager
2bdbca3801 DEV: Remove unnecessary to_not raise_error from specs
Follow-up to 01cdbd3a13
2018-12-17 16:10:10 +01:00
Bianca Nenciu
1023003eba FIX: Strip remote url before import. (#6762) 2018-12-17 15:27:49 +01:00
Gerhard Schlager
01cdbd3a13 FEATURE: Prohibit S3 bucket reusage
This validation makes sure that the s3_upload_bucket and the
s3_backup_bucket have different values. The backup bucket is
allowed to be a subfolder of the upload bucket. The other way
around is forbidden because the backup system searches by
prefix and would return all files stored within the backup
bucket and its subfolders.
2018-12-17 11:35:28 +01:00
Gerhard Schlager
1a8ca68ea3 FEATURE: Improve backup stats on admin dashboard
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
Guo Xiang Tan
c0aae16f6b FIX: Clear anon cache when disabling readonly mode.
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
Guo Xiang Tan
e9ea0102a5 FIX: Consistency about our response for invalid user id in Admin::UsersController. 2018-12-15 08:01:35 +08:00
Neil Lalonde
ef0e84e3d9 FIX: clear the site_contact_username setting if the user's staff privileges are revoked 2018-12-14 16:52:44 -05:00
Vinoth Kannan
0d3c1cde90 FIX: Use find_by_id method to prevent record not found exception 2018-12-15 03:19:45 +05:30
David Taylor
1960236822
FIX: Suspicious login detection (#6772) 2018-12-14 16:30:34 +00:00
David Taylor
9f3e2a9e34
FIX: Only serialize group membership domains for administrators (#6771) 2018-12-14 15:47:00 +00:00
Kyle Zhao
b0c2e9bb05
minor changes to default script-src (#6770)
- add report-sample to force require a sample of the violating code
- do not whitelist GA/GTM's entire domain
2018-12-14 08:17:31 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel
9f89aadd33 FIX: delete all posts in batches without hijack (#6747) 2018-12-14 11:04:18 +01:00
Maja Komel
73c776d881 Update wizard updater spec (dbbadb5c follow-up) 2018-12-13 11:20:01 +01:00
Sam
59c56bd20f DEV: anonymizing should not delete uploads
We have another job for upload deletion cause uploads may be shared
2018-12-13 16:43:48 +11:00
Sam
7ee9a6a7ec SECURITY: do not delete avatars uploads when deleting accounts
We rely on the clean up uploads job to do this safely
2018-12-13 16:26:07 +11:00
Sam
94b8ba4f8f FIX: remove slow platform detection from server side
Historically due to https://meta.discourse.org/t/why-is-discourse-so-slow-on-android/8823
we decreased page sizes of both home page and topic page on android by half.

This was done on the server side and as a side effect and caused page sizes on android
to mismatch between Android and non Android.

Unfortunately about a year ago googlebot started pretending it is Android,
this cause Google to start indexing pages as what android would see. So
it saw double the amount of pages in the index as what exists on desktop.
This in turn caused double the amount of indexing work and a large amount
of broken links on long topics.

This fix removes all special behavior which is no longer needed due to
other performance work in Discourse including raw handlebars on home page
and virtual dom on topic pages.

I tested we do not need this on Blu Advance 5.0 it has 1.3 GHZ mediatec mt6580
This phone retails for around $50 USD.

If we decide long term that we want any hacks like this we will shift them
to the client side. It can just hold data in memory without rendering.
2018-12-13 13:57:05 +11:00
Neil Lalonde
3b76f19668 FIX: invalidating inactive admin emails should mark them as not active 2018-12-12 17:07:49 -05:00
Neil Lalonde
a1db15fead FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-12 15:32:38 -05:00
Bianca Nenciu
7cac04e1a8 * FEATURE: Adds site setting to let quotes on direct replies.
* DEV: Added test.
* FIX: Do not bump topic when removing full quotes.
2018-12-12 15:42:53 +01:00
Maja Komel
dbbadb5c35 FEATURE: add short_site_description setting to be included in title tag on homepage 2018-12-12 11:46:58 +01:00
David Taylor
0f734e2ae2 FIX: Return authenticated=true when reconnecting
This prevents a registration popup on the client
2018-12-11 17:40:02 +00:00
Gerhard Schlager
688755baf2 DEV: Improve specs and handle invalid email token
Follow-up to 7977b09025
2018-12-11 18:04:10 +01:00
David Taylor
c7c56af397
FEATURE: Allow connecting associated accounts when two-factor is enabled (#6754)
Previously the 'reconnect' process was a bit magic - IF you were already logged into discourse, and followed the auth flow, your account would be reconnected and you would be 'logged in again'.

Now, we explicitly check for a reconnect=true parameter when the flow is started, store it in the session, and then only follow the reconnect logic if that variable is present. Setting this parameter also skips the 'logged in again' step, which means reconnect now works with 2fa enabled.
2018-12-11 13:19:00 +00:00
David Taylor
3fedb2ad20 DEV: Style and performance improvements
Follow-up from 9db8291
2018-12-11 09:58:20 +00:00
Sam
671469bcc7 FIX: URLs containing two # would fail to work
Some URLs in browsers are non compliant and contain twos `#` this commit adds
special handling for this edge case by auto encoding any fragments containing `#`
2018-12-11 18:03:13 +11:00
Gerhard Schlager
7977b09025 FEATURE: Activate users invited via email when invite is redeemed
Do not send an activation email to users invited via email. They
already confirmed their email address by clicking the invite link.
Users invited via link will need to confirm their email address before
they can login.
2018-12-11 00:09:53 +01:00