Commit Graph

45430 Commits

Author SHA1 Message Date
Alan Guo Xiang Tan
946f8a65fd
FEATURE: Display new/unread count for tracked categories in exp sidebar (#17046) 2022-06-09 13:43:17 +08:00
Alan Guo Xiang Tan
cd8c97debc
FEATURE: Add section links to categories section to exp sidebar (#17035)
This commit adds a section link to the categories section for each
category that is tracked by the user in the experimental sidebar.
2022-06-09 11:14:01 +08:00
Alan Guo Xiang Tan
03f674070a
DEV: Remove flaky acceptance test (#17045)
The test was un-skipped in 6f25f17360 but
has since been flaky again. Removing the test completely as it has
resulted in more pain for us than the value the test provides.
2022-06-09 09:56:05 +08:00
Bianca Nenciu
9db8f00b3d
FEATURE: Create upload_references table (#16146)
This table holds associations between uploads and other models. This can be used to prevent removing uploads that are still in use.

* DEV: Create upload_references
* DEV: Use UploadReference instead of PostUpload
* DEV: Use UploadReference for SiteSetting
* DEV: Use UploadReference for Badge
* DEV: Use UploadReference for Category
* DEV: Use UploadReference for CustomEmoji
* DEV: Use UploadReference for Group
* DEV: Use UploadReference for ThemeField
* DEV: Use UploadReference for ThemeSetting
* DEV: Use UploadReference for User
* DEV: Use UploadReference for UserAvatar
* DEV: Use UploadReference for UserExport
* DEV: Use UploadReference for UserProfile
* DEV: Add method to extract uploads from raw text
* DEV: Use UploadReference for Draft
* DEV: Use UploadReference for ReviewableQueuedPost
* DEV: Use UploadReference for UserProfile's bio_raw
* DEV: Do not copy user uploads to upload references
* DEV: Copy post uploads again after deploy
* DEV: Use created_at and updated_at from uploads table
* FIX: Check if upload site setting is empty
* DEV: Copy user uploads to upload references
* DEV: Make upload extraction less strict
2022-06-09 09:24:30 +10:00
tshenry
7fc11327b7
COPY: Use main instead of master for theme installation modal (#17044)
GitHub now uses main as the default branch so it makes sense to update the placeholder in the theme installation modal to use main instead of master.
2022-06-08 11:32:54 -07:00
Penar Musaraj
fd2dbdccdc
A11Y: Keyboard access for /u table headings (#17041) 2022-06-08 13:54:31 -04:00
Blake Erickson
852a2f1727
DEV: Add spec for not_staged user scope (#17042)
Making sure to test this new scope.

Follow up to: 27d7b0c6de

as well as: 3941bad075
2022-06-08 10:43:21 -06:00
Loïc Guitaut
03732049ed DEV: Use nested form for FreedomPatches module
It seems that not using the nested form for the `FreedomPatches`
namespace is breaking stuff in some dev env.
2022-06-08 15:10:26 +02:00
David Taylor
c65c23b48d
DEV: Fix openapi definition logo URL (#17038)
See 887e4087d5
2022-06-08 13:10:20 +01:00
Loïc Guitaut
fff3ff11c0 FIX: Make disabling TLS in mail possible again
Following the Rails 7 upgrade, the `DISCOURSE_SMTP_ENABLE_START_TLS`
setting doesn’t work anymore. This is because Rails upgraded the
`net-smtp` gem to the 0.3.1 version which enables `starttls` by default.
The `mail` gem doesn’t support this new behavior yet and doesn’t know
how to disable TLS. This should be fixed in an upcoming release.

Meanwhile applying this patch allows us to get back the previous
behavior which is expected by many.
2022-06-08 14:04:05 +02:00
dependabot[bot]
284db78055
Build(deps): Bump jwt from 2.4.0 to 2.4.1 (#17032)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.4.0...v2.4.1)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-08 13:39:11 +02:00
Arpit Jalan
4bc2d54685
DEV: include time_left information in rate limiting error messages (#17037) 2022-06-08 14:30:41 +05:30
dependabot[bot]
55d7aa0190
Build(deps): Bump faraday-multipart from 1.0.3 to 1.0.4 (#17033) 2022-06-08 10:17:15 +02:00
Mayfield
99b0578b4c
FIX: escape youtube title when constructing onebox preview html (#16999) 2022-06-08 13:42:37 +08:00
Alan Guo Xiang Tan
82ac698d4f
FIX: Missing tracked sub category topics from tracked topic list (#17034)
Follow-up to 7ae647d092
2022-06-08 10:45:59 +08:00
Blake Erickson
3941bad075
DEV: Remove this chained user scope (#17029)
This reverts one of the changes introduced just now in:

27d7b0c6de

I don't think we need this `activated_not_suspended_not_staged` scope
because we can just compose it ourselves via method chaining like
`User.activated.not_suspended.not_staged`.
2022-06-07 15:21:42 -06:00
Blake Erickson
27d7b0c6de
DEV: Add new user scopes (#17026)
Adds two new user scopes:

- `not_staged`
- `activated_not_suspended_not_staged`

This will allow us to easily grab activated users that are not suspended
or staged.

See this PR feedback:

https://github.com/discourse/discourse-chat/pull/913#discussion_r890692266
2022-06-07 12:58:58 -06:00
Isaac Janzen
de1153286d
DEV: Remove reply_as_new_topic from PM composer actions (#17023) 2022-06-07 11:06:42 -05:00
Penar Musaraj
86ab82f057
UX: Remove limit for emoji search in composer (#17014) 2022-06-07 12:00:52 -04:00
Penar Musaraj
4be67ef9a7
UX: Larger images in mobile emoji picker (#17013) 2022-06-07 12:00:09 -04:00
David Taylor
5238f6788c
FEATURE: Allow hotlinked media to be blocked (#16940)
This commit introduces a new site setting: `block_hotlinked_media`. When enabled, all attempts to hotlink media (images, videos, and audio) will fail, and be replaced with a linked placeholder. Exceptions to the rule can be added via `block_hotlinked_media_exceptions`.

`download_remote_image_to_local` can be used alongside this feature. In that case, hotlinked images will be blocked immediately when the post is created, but will then be replaced with the downloaded version a few seconds later.

This implementation is purely server-side, and does not impact the composer preview.

Technically, there are two stages to this feature:

1. `PrettyText.sanitize_hotlinked_media` is called during `PrettyText.cook`, and whenever new images are introduced by Onebox. It will iterate over all src/srcset attributes in the post HTML and check if they're allowed. If not, the attributes will be removed and replaced with a `data-blocked-hotlinked-src(set)` attribute

2. In the `CookedPostProcessor`, we iterate over all `data-blocked-hotlinked-src(set)` attributes and check whether we have a downloaded version of the media. If yes, we update the src to use the downloaded version. If not, the entire media element is replaced with a placeholder. The placeholder is labelled 'external media', and is a link to the offsite media.
2022-06-07 15:23:04 +01:00
Jarek Radosz
1a5dbbf430
FIX: Correctly handle invalid auth cookies (#16995)
Previously it would blow up on invalid utf byte sequences. This was a source of spec flakiness.
2022-06-07 13:00:25 +02:00
Joe
98671445a7
UX: hide select-kits when the parent element is outside the viewport
If the select-kit header is not in the viewport (scrolled out of view), popper adds a data-popper-reference-hidden attribute.

This PR adds the recommended styles to "hide" the select-kit body when that happens. See

https://popper.js.org/docs/v2/modifiers/hide/
2022-06-07 16:57:10 +08:00
Alan Guo Xiang Tan
7da074d591
DEV: Implement "My Posts" section link for experimental sidebar (#17008) 2022-06-07 10:52:54 +08:00
dependabot[bot]
a258630790
Build(deps): Bump jwt from 2.3.0 to 2.4.0 (#17020)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.3.0...v2.4.0)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 00:29:44 +02:00
dependabot[bot]
bbf5eab547
Build(deps): Bump rubocop from 1.30.0 to 1.30.1 (#17019)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.30.0 to 1.30.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.30.0...v1.30.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-07 00:22:21 +02:00
Daniel Waterworth
00e756e358
DEV: Allow all subdomains of localhost in development (#17018)
By default in rails, it looks like only one level deep is allowed.
2022-06-06 16:02:51 -05:00
Isaac Janzen
49415de3fa
DEV: Remove reply_as_private_message from composer (#16979)
* Remove 'New Message' option from composer dropdown
* Update Acceptance Tests
2022-06-06 15:10:34 -05:00
Daniel Waterworth
d7bc395182
FIX: Seed multisite dbs after migrating in development (#17017)
Dumping the schema cache reset the current_db and we only need to do
this once.
2022-06-06 14:43:43 -05:00
Blake Erickson
35e17ce115
FIX: Email Send post has already been taken error (#16992)
* FIX: Email Send post has already been taken error

Adding a failing test first before coming up with a good solution.

Related: 357011eb3b

The above commit changed

```
PostReplyKey.find_or_create_by_safe!
```

to

```
PostReplyKey.create_or_find_by!
```

But I don't think it is working as a 1-1 replacement because of the
`Validation failed: Post has already been taken` error we are receiving
with this change. Also we need to make sure we don't re-introduce any
concurrency issues.

Reported: https://meta.discourse.org/t/224706/13

* Remove rails unique constraint and rely on db index

I believe this is what is causing `create_or_find_by!` to fail. Because
we have a unique constraint in the db I think we can remove this rails
unique constraint?

* clean up spec wording
2022-06-06 13:13:26 -06:00
Jarek Radosz
79f5a7750c
DEV: Remove unused wizard code (#17016)
`theme-preview` component and `colorsId`/`fontId` usage.
2022-06-06 21:01:47 +02:00
Jarek Radosz
54e42b124a
FIX: Restore automatic style preview in wizard (#17015)
Updating the homepage/style preview regressed in #16994.
2022-06-06 21:01:34 +02:00
Joe
5109ea0cf1
UX: don't tether popper to the viewport if reference is out of the viewport (#17012)
followup to 

https://github.com/discourse/discourse/pull/16504

Internal

`/t/64811`

public

`/t/228953`
2022-06-06 22:20:29 +08:00
Penar Musaraj
370df7ccb4
DEV: Dejquerify marking FAQ as read (#17001) 2022-06-06 08:27:10 -04:00
Penar Musaraj
210d9c2b8f
DEV: De-jQuerify is-element-in-viewport (#17000) 2022-06-06 08:26:49 -04:00
Jarek Radosz
43346ddaa6
DEV: Remove the scheduled ember plugins workflow (#17011)
It hasn't worked once in 9 months 😉 and ember cli plugin tests are now a part of the main workflow (since 8a69de7964)
2022-06-06 12:57:17 +02:00
Alan Guo Xiang Tan
ae1dd05db2
DEV: Fix broken spec due to 213bcde080 (#17009) 2022-06-06 16:37:08 +08:00
M.K. Safi
213bcde080
Correct type for locked (#16997) 2022-06-06 15:23:40 +08:00
Jarek Radosz
0a2eb7e2f4
DEV: Add choices only to relevant wizard fields (#16993) 2022-06-06 15:22:44 +08:00
dependabot[bot]
eb40173121
Build(deps): Bump openssl-signature_algorithm from 1.1.1 to 1.2.1 (#17002)
Bumps [openssl-signature_algorithm](https://github.com/cedarcode/openssl-signature_algorithm) from 1.1.1 to 1.2.1.
- [Release notes](https://github.com/cedarcode/openssl-signature_algorithm/releases)
- [Changelog](https://github.com/cedarcode/openssl-signature_algorithm/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cedarcode/openssl-signature_algorithm/compare/v1.1.1...v1.2.1)

---
updated-dependencies:
- dependency-name: openssl-signature_algorithm
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 15:17:47 +08:00
dependabot[bot]
0df36f0076
Build(deps): Bump multipart-post from 2.1.1 to 2.2.0 (#17003)
Bumps [multipart-post](https://github.com/socketry/multipart-post) from 2.1.1 to 2.2.0.
- [Release notes](https://github.com/socketry/multipart-post/releases)
- [Changelog](https://github.com/socketry/multipart-post/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketry/multipart-post/compare/v2.1.1...v2.2.0)

---
updated-dependencies:
- dependency-name: multipart-post
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 15:17:18 +08:00
dependabot[bot]
32d4fc4b06
Build(deps): Bump oj from 3.13.13 to 3.13.14 (#17005)
Bumps [oj](https://github.com/ohler55/oj) from 3.13.13 to 3.13.14.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.13...v3.13.14)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 15:16:33 +08:00
Alan Guo Xiang Tan
9f08a3b160
FIX: DiscourseConnect login did not auto approve based on email domain (#17006)
This commit resolves a bug where users are not auto approved based on
`SiteSetting.auto_approve_email_domains` when
`SiteSetting.must_approve_users` has been enabled.
2022-06-06 15:16:01 +08:00
Joffrey JAFFEUX
42683d4874
FIX: ensures composer is not pre-filled with none/all tags (#16998) 2022-06-05 16:58:38 +02:00
Jarek Radosz
8a58ce6578
DEV: Use @action decorator in wizard (#16996) 2022-06-04 19:19:49 +02:00
Jarek Radosz
f4b9d4e285
FIX: Don't throw errors on wizard dropdowns (#16994) 2022-06-04 18:04:00 +02:00
Joffrey JAFFEUX
17227e9e53
DEV: under specific conditions (like tests) presenceState can be null (#16990) 2022-06-03 20:59:30 +02:00
Isaac Janzen
f8d2da2fa0
DEV: Remove jquery from invite-panel (#16989) 2022-06-03 11:30:44 -05:00
Alan Guo Xiang Tan
3b3f60218e
DEV: Display new/unread count for tracked link in sidebar (#16957) 2022-06-03 15:48:35 +08:00
Alan Guo Xiang Tan
0fa0094531
FIX: Approves user when redeeming an invite for invites only sites (#16984)
When a site has `SiteSetting.invite_only` enabled, we create a
`ReviewableUser`record when activating a user if the user is not
approved. Therefore, we need to approve the user when redeeming an
invite.

There are some uncertainties surrounding why a `ReviewableRecord` is
created for a user in an invites only site but this commit does not seek
to address that.

Follow-up to 7c4e2d33fa
2022-06-03 11:43:52 +08:00