Commit Graph

1406 Commits

Author SHA1 Message Date
Kelv
685dc4b9b9
FIX: font awesome remapping migration should not drop unmapped names from svg_icon_subset (#30058)
* FIX: font awesome remapping migration should not drop unmapped names
2024-12-03 18:30:08 +08:00
Gary Pendergast
2513339955
FEATURE: Show when a badge has been granted for a post (#29696)
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2024-12-03 13:43:27 +11:00
Kelv
87f1d507f5
DEV: add db migration to remap icon names to fontawesome 6 (#29958)
* DEV: add irreversible db migration to remap icon names to fontawesome 6
2024-12-02 12:41:43 +08:00
Ted Johansson
f4d0a77d5f
DEV: Add "delete user" options to illegal flag review (#29956)
We already add the "delete user" and "delete and block user" options to the drop-down for potential spam, but we should do this for potentially illegal posts as well.

This is entirely based on the implementation for the potential spam one, including caching the status on the reviewable record.

Also note that just as for potential spam, the user must be "deletable" for the option to appear.

I also took the liberty to move the options in the drop-down to what I think is a more intuitive place. (Between delete post and suspend/silence user.)
2024-11-27 17:23:57 +08:00
Jan Cernik
93443adf22
DEV: Remove the experimental_ prefix for fullpage login (#29546) 2024-11-26 11:08:27 -03:00
Blake Erickson
1841e72571
DEV: Make sure chat migration is in plugin directory (#29867)
This migration is for chat so it needs to live in the chat plugin
directory.

Follow up to: 23a7f00524
2024-11-20 14:50:15 -07:00
Blake Erickson
23a7f00524
DEV: Re-apply chat index migration (#29859)
Commit c2a733a95a was applied to an
existing migration that possibly had already run. Due to this some
discourse instances might not have the correct index.

This change removes the original migration and creates a new one so that
it will actually be applied.

This is the missing index that some sites might not have:
```
Missing Index | CREATE INDEX
index_chat_messages_on_chat_channel_id_and_id ON public.chat_messages
USING btree (chat_channel_id, id) WHERE (deleted_at IS NOT NULL)
```
2024-11-20 12:59:07 -07:00
Angus McLeod
ec7de0fd68
Require permitted scopes when registering a client (#29718) 2024-11-19 15:28:04 -05:00
OsamaSayegh
a28ab171ec DEV: Add index to users.ip_address 2024-11-15 11:17:07 -05:00
Jan Cernik
234133bd3b
UX: Split hide_profile_and_presence user option (#29632)
It splits the hide_profile_and_presence user option and the default_hide_profile_and_presence site setting for more granular control. It keeps the option to hide the profile under /u/username/preferences/interface and adds the presence toggle in the quick user menu.

Co-authored-by: Régis Hanol <regis@hanol.fr>
2024-11-12 22:22:58 -03:00
Mark VanLandingham
9b8af0ea9f
DEV: Create permanent version of moved_posts table from PostMover class (#29664)
This is a very simple change, which creates a permanent table in the DB, rather than generating a temporary table when moving posts. This change is about capturing data and any usage will appear in a follow-up.

I did include a new column created_new_topic in the new table, so that it can be easily audited without having to compare destination topic created_at with moved_post records.
2024-11-12 14:35:20 -06:00
Roman Rizzi
d97d48ead1
FIX: Ensure normalized_email gets anonymized (#29719) 2024-11-12 14:36:17 -03:00
Angus McLeod
cb4b8146a3
Add dedicated user_api_key_clients table to allow for 1:many use cases (#28119) 2024-11-08 12:05:03 -05:00
Alan Guo Xiang Tan
57f4176b57
DEV: Bump rubocop_discourse (#29608) 2024-11-06 06:27:49 +08:00
Bianca Nenciu
723dc1fa55
Dev fix some types (#29547)
The primary key is usually a bigint column, but the foreign key columns
are usually of integer type. This can lead to issues when joining these
columns due to mismatched types and different value ranges.

This was using a temporary plugin / test API to make tests pass. After
more careful consideration, we concluded that it is safe to alter the
tables directly.
2024-11-01 19:19:25 +02:00
Osama Sayegh
397d41008e
FIX: Account for sidebars with no primary links when adding invite link (#29535)
Some checks are pending
Licenses / run (push) Waiting to run
Linting / run (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (annotations, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (backend, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (backend, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (frontend, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (frontend, themes) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, chat) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, themes) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Chrome) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Firefox ESR) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Firefox Evergreen) (push) Waiting to run
Meta topic: https://meta.discourse.org/t/stumped-about-launcher-rebuild-app-error-process-pid-2096/333876?u=osama.

Follow up to 19672faba6.

The migration that adds the invite link to the sidebar determines the position of the link by looking up the max position that a primary link has and inserts the invite link at the max position plus 1. This approach works fine for most sites, however, sites that have deleted all primary links from the sidebar will fail because the max position will be `nil` which blows up the migration.

This commit addresses this edge case by falling back to looking up the min position of secondary links,    or to zero if there're also no secondary links, and then inserts the invite link at the min position minus 1.
2024-11-01 10:31:21 +03:00
Osama Sayegh
19672faba6
FEATURE: Add invite link to the sidebar (#29448)
Some checks are pending
Licenses / run (push) Waiting to run
Linting / run (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, themes) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (annotations, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (backend, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (backend, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (frontend, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (frontend, themes) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, chat) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, core) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Chrome) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Firefox ESR) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Firefox Evergreen) (push) Waiting to run
This commit adds a new "Invite" link to the sidebar for all users who can invite to the site. Clicking the link opens the invite modal without changing the current route the user is on. Admins can customize the new link or remove it entirely if they wish by editing the sidebar section.

Internal topic: t/129752.
2024-10-30 05:31:14 +03:00
Osama Sayegh
2ffe413b0b
FEATURE: Enable the new /about page for everyone (#29390)
This commit removes the feature flag for the new /about page, enabling it for all sites, and removes the code for old the /about page.

Internal topic: t/140413.
2024-10-29 18:40:11 +03:00
Martin Brennan
27bdfb6437
FEATURE: Add user preference to disable smart lists (#29434)
Some checks are pending
Licenses / run (push) Waiting to run
Linting / run (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (annotations, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (backend, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (backend, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (frontend, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (frontend, themes) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, chat) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, core) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, plugins) (push) Waiting to run
Tests / ${{ matrix.target }} ${{ matrix.build_type }} (system, themes) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Chrome) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Firefox ESR) (push) Waiting to run
Tests / core frontend (${{ matrix.browser }}) (Firefox Evergreen) (push) Waiting to run
Followup 30fdd7738e

Adds a new site setting and corresponding user preference
to disable smart lists. By default they are enabled, because
this is a better experience for most users. A small number of
users would prefer to not have this enabled.

Smart lists automatically append new items to each
list started in the composer when enter is pressed. If
enter is pressed on an empty list item, it is cleared.

This setting will be removed when the new composer is complete.
2024-10-28 14:18:15 +10:00
Kelv
a89767913d
resolve Rails/ReversibleMigrationMethodDefinition errors (#29412) 2024-10-25 15:13:06 +08:00
Guhyoun Nam
82ad7f9d17
DEV: Delete plugin specific webhook event types (#29374)
Background
When creating webhooks on a site without the Discourse Category Experts plugin installed, the category_experts_unapproved_event and category_experts_approved_event webhook events are getting automatically added to webhooks without a way to disable them.

The category_experts_unapproved_event and category_experts_approved_event webhook events are associated with the Discourse Category Experts plugin so I am moving these webhook events into the Category Experts plugin.

Changes
This PR deletes Category Experts plugin specific webhook event types added into core.
2024-10-24 11:02:58 -05:00
Ted Johansson
63ed1b5bd7
DEV: Remove NULLS NOT DISTINCT from problem check trackers (#29327)
We added NULLS NOT DISTINCT to a unique index on problem_check_trackers.

This option is only available in PG15+. It does not in itself break PG13, but restoring a PG15+ backup to PG13 currently errors out. It seems this is an operation that's more common than we first thought.

This commit fixes that by removing the NULLS NOT DISTINCT.

We already have another, backwards-compatible approach to do the same thing in place, so this shouldn't change existing behaviour.
2024-10-22 10:47:24 +08:00
Ted Johansson
93625ef07c
FIX: Make problem check tracker unique constraint work on PG13 (#29272)
In #29169 we added a NULLS NOT DISTINCT option to the unique index on problem_check_trackers. This is to enforce uniqueness even when the target is NULL. (Postgres considers all NULLs to be distinct by default.)

However, this only works in PG15. In PG13 it does nothing.

This commit adds a default dummy string value __NULL__ to target. Since it's a string, PG13 will be able to correctly identify duplicate records.
2024-10-21 10:45:09 +08:00
Sam
c08c40dc23
FEATURE: theme_modifiers can depend on theme settings (plus serialize_post_user_badges) (#29227)
Theme modifiers can now be defined as theme settings, this allows for
site operators to override behavior of theme modifiers.

New syntax is:

```
{
    ...
   "modifiers": {
      "modifier_name": {
         "type": "setting",
         "value": "setting_name"
      }
   }
}
```

This also introduces a new theme modifier for serialize_post_user_badges. Name of badge must match the name of the badge in the badges table. The client-side is updated to load this new data from the post-stream serializer.

Co-authored-by: David Taylor <david@taylorhq.com>
2024-10-17 15:16:16 +01:00
Alan Guo Xiang Tan
322a3be2db
DEV: Remove logical OR assignment of constants (#29201)
Constants should always be only assigned once. The logical OR assignment
of a constant is a relic of the past before we used zeitwerk for
autoloading and had bugs where a file could be loaded twice resulting in
constant redefinition warnings.
2024-10-16 10:09:07 +08:00
Ted Johansson
45c9316d7d
DEV: Fix problem check tracker unique index not respecting NULLs (#29169)
By default, when checking uniqueness on a tuple for the purposes of enforcing a unique index, PostgreSQL considers NULLs to be distinct values. Because of this we could incorrectly have multiple entries with { identifier: "rails_env", target: nil } created due to race conditions. This would then cause errors at runtime.
2024-10-14 13:55:35 +08:00
Kelv
32e261ef73
DEV: Migrate user passwords data to UserPassword table (#28746)
* Add migrations to ensure password hash is synced across users & user_passwords

* Persist password-related data in user_passwords instead of users

* Merge User#expire_old_email_tokens with User#expire_tokens_if_password_changed

* Add post deploy migration to mark password-related columns from users table as read-only

* Refactored UserPassword#confirm_password? and changes required to accommodate hashing the password after validations
2024-10-10 09:23:06 +08:00
Alan Guo Xiang Tan
02380af75c
PERF: Update migration to drop index concurrently. (#28955)
This avoids locking the index's table
2024-09-18 10:20:24 +08:00
Alan Guo Xiang Tan
97143efc52
PERF: Drop user_search_similar_results site setting (#28874)
In 14cf8eacf1, we added the
`user_search_similar_results` site setting which when enabled will use
trigram matching for similarity search in `UserSearch`. However, we
noted that adding the `index_users_on_username_lower_trgm` index is
causing the PG planner to not use the `index_users_on_username_lower`
index when the `=` operator is used against the `username_lower` column.

Based on the PG mailing list discussion where support for the `=`
operator in gist_trgm_ops was being considered, it stated that "I also have checked that btree_gist is preferred over pg_trgm gist
index for equality search." This is however quite different from reality
on our own PG clusters where the btree index is not preferred leading to
significantly slower queries when the `=` operator is used.

Since the pg_trgm gist index is only used for queries when the `user_search_similar_results` site setting
is enabled, we decided to drop the feature instead as it is hidden and
disabled by default. As such, we can consider it experiemental and drop
it without deprecation.

PG mailing list discussiong: https://www.postgresql.org/message-id/CAPpHfducQ0U8noyb2L3VChsyBMsc5V2Ej2whmEuxmAgHa2jVXg%40mail.gmail.com
2024-09-13 09:04:02 +08:00
Joffrey JAFFEUX
ad90b9cfd1
DEV: Increases external avatar url limit (#28893)
We recently increased it to 1500 but that was not enough: 113e6fd274
2024-09-13 01:08:01 +02:00
Keegan George
f2059bf15f
FIX: Form template limit validation (#28791) 2024-09-10 08:11:44 -07:00
Sérgio Saquetim
7c3ad27de6
DEV: Remove the old header widgets code (#28390)
Remove the header widget code.

More info can be found in https://meta.discourse.org/t/upcoming-header-changes-preparing-themes-and-plugins/296544
2024-09-04 14:50:53 -03:00
Osama Sayegh
280adda09c
FEATURE: Support designating multiple groups as mods on category (#28655)
Currently, categories support designating only 1 group as a moderation group on the category. This commit removes the one group limitation and makes it possible to designate multiple groups as mods on a category.

Internal topic: t/124648.
2024-09-04 04:38:46 +03:00
Natalie Tay
cc873977ec
DEV: Ensure unique notification level per tag user (#28638)
TagUser.rb is used to set user notification levels for a tag, we don't have a unique index on the notification level itself. This means that there might be some weird case where a user may have multiple of the same notification level on a tag.

This PR adds a migration which de-duplicates this based on defaults, where we keep the earliest record in the event there is multiple notification level per-user-per-tag.
2024-09-03 15:43:02 +08:00
Kelv
a455567f9e
DEV: make UserPassword 1:1 to User (#28528)
* add data migration to keep only unexpired or most recently expired user password
* refactor to 1:1 relationship between User and UserPassword
* add migration to remove redundant indexes on user passwords
2024-09-03 11:09:33 +08:00
Alan Guo Xiang Tan
4a6fc45429
DEV: Migrate User#seen_notification_id to bigint (#28572)
`Notification#id` was migrated to `bigint` in 799a45a291
2024-08-27 14:32:55 +03:00
Bianca Nenciu
b11d901e12
DEV: Migrate user_badges#notification_id to bigint (#28546)
The `notifications.id` has been migrated to bigint in previous commit
799a45a291. This commit migrates one of
the related columns, `user_badges.notification_id`, to `bigint`.
2024-08-27 11:46:48 +08:00
Bianca Nenciu
ec8ba5a0b9
DEV: Migrate shelved_notifications#notification_id to bigint (#28549)
DEV: Migrate shelved_notifications#notification_id to bigint

The `notifications.id` has been migrated to `bigint` in previous commit
799a45a291.
2024-08-27 10:56:00 +08:00
Alan Guo Xiang Tan
6832c7b7e7
DEV: Fix bigint notifications id migration to deal with public schema (#28538)
Follow up to 799a45a291
2024-08-26 10:25:13 +08:00
Bianca Nenciu
799a45a291
DEV: Migrate notifications#id to bigint (#28444)
The `notifications.id` column is the most probable column to run out of
values. This is because it is an `int` column that has only 2147483647
values and many notifications are generated on a regular basis in an
active community. This commit migrates the column to `bigint`.

These migrations do not use `ALTER TABLE ... COLUMN ... TYPE` in order
to avoid the `ACCESS EXCLUSIVE` lock on the entire table. Instead, they
create a new `bigint` column, copy the values to the new column and
then sets the new column as primary key.

Related columns (see `user_badges`, `shelved_notifications`) will
be migrated in a follow-up commit.
2024-08-26 09:35:12 +08:00
carson chang
854b8b7093
FEATURE: Add option to immediately delete stub topics upon merge (#28228)
Currently to handle stub topics after merging, there are only options to (1) never delete a stub topic and (2) delete a stub topic after X amount of days. This adds the option to immediately delete a stub topic upon merge.

---------

Co-authored-by: Mark VanLandingham <markvanlan@gmail.com>
Co-authored-by: Renato Atilio <renato@discourse.org>
2024-08-07 10:05:40 -03:00
Blake Erickson
6ee6b1f1d1
DEV: Add validation for allowed iframes setting (#28178)
- Adds a validator for the allowed iframes site setting
- Adds a migration to update any values that don't pass the validator

Follow up to: 188cb58daa
2024-08-01 06:51:02 -06:00
Gabriel Grubba
633a19fcc0
FIX: Remove chat default channel setting (#28170)
* FIX: Remove chat default channel being applied to mobile chat and drawer

* DEV: removing chat_default_channel_id setting

* DEV: add migration to remove chat default channel id

* DEV: remove default_channel_validator and tests
2024-07-31 14:12:10 -03:00
Gabriel Grubba
a3d61ba1c4
DEV: rename chat preferred mobile index to chat preferred index (#27953)
* DEV: rename chat preferred mobile index to chat preferred index

* UX: change routing to be consistent with mobile

* DEV: change migration file to use script

* UX: show footer only if more than one option is available

* UX: Remove desktopView only checks for chat

* DEV: Remove unused imports

* UX: Update chat footer checks and Add rerouting to chat drawer

* UX: Add margin to chat row in desktop and update chat drawer logic

* UX: Change chat in desktop to use flexbox

* UX: Add drawer actions to chat navbar

* DEV: Update page object with new chat css classes

removed `.open-browse-page-btn` usage in 7bd65006d7

* DEV: rename `browse/open` in chat url to `channels`

* UX: Adjust css for when in threads mode

* DEV: change css class name in no_sidebar_spec.rb

* DEV: rename tests to be more descriptive with the action they are testing

update chat template to not rely on `:has`

* DEV: update test and add method to chat page object

* DEV: update no_sidebar_spec for chat changes

* DEV: remove tests from navigation_spec that no longer apply

* DEV: revert typo in test

* DEV: change url path for mobile chat in test specs

* DEV: Add check for when is desktop in rerouting

* UX: Removed footer from desktop.

Made `hasThreads` and `hasDirectMessages` methods in chat-drawer public

* UX: remove sidebar on desktop full page if dm list is empty

* DEV: Address review comments

* DEV: Adjust reroute logic for chat browse

remove unused code

* UX: Adjust rerouting to go to browse.open

* UX: Change rerouting to be more consistent

Add chat_default_channel_id routing

* UX: Update rerouting configuration for chat routes

* DEV: Update tests with the new chat behavior

* DEV: revert changes made in tests and bring back toggle for drawer

* DEV: revert classes in page objects

* DEV: Add tests to new chat navigation behavior

remove unused stylesheets
revert deleted lines in tests
update concat class logic in chat dm template

* DEV: update css on test
2024-07-30 10:25:22 -03:00
Natalie Tay
188cb58daa
SECURITY: Fixes for main (#28137)
* SECURITY: Update default allowed iframes list

Change the default iframe url list to all include 3 slashes.

* SECURITY: limit group tag's name length

Limit the size of a group tag's name to 100 characters.

Internal ref - t/130059

* SECURITY: Improve sanitization of SVGs in Onebox

---------

Co-authored-by: Blake Erickson <o.blakeerickson@gmail.com>
Co-authored-by: Régis Hanol <regis@hanol.fr>
Co-authored-by: David Taylor <david@taylorhq.com>
2024-07-30 14:19:01 +08:00
Natalie Tay
7a1e3accff
DEV: Promote historic post_deploy migrations (#28127)
This commit promotes all post_deploy migrations which existed in Discourse v3.2.0 (timestamp <= 20240112043325)
2024-07-30 00:49:21 +08:00
Krzysztof Kotlarek
205a2bf0d6
DEV: show admin moderation flags UI (#28071)
The page was hidden behind a feature flag in this PR https://github.com/discourse/discourse/pull/27756

It is now in a shippable state.
2024-07-25 15:24:17 +10:00
Krzysztof Kotlarek
b64d01bc10
FIX: store information about the login method in the database. (#28054)
Previously in these 2 PRs, we introduced a new site setting `SiteSetting.enforce_second_factor_on_external_auth`.

https://github.com/discourse/discourse/pull/27547
https://github.com/discourse/discourse/pull/27674

When disabled, it should enforce 2FA for local login with username and password and skip the requirement when authenticating with oauth2.

We stored information about the login method in a secure session but it is not reliable. Therefore, information about the login method is moved to the database.
2024-07-24 17:19:58 +10:00
锦心
a749387c80
FEATURE: Clean up previously logged information after permanently deleting posts (#28033)
* FEATURE: Clean up previously logged information after permanently deleting posts

When soft deleteing a topic or post, we will log some details in the
staff log, including the raw content of the post. Before this commit, we
will not clear the information in these records. Therefore, after
permanently deleting the post, `UserHistory` still retains copy of the
permanently deleted post. This is an unexpected behaviour and may raise
some potential legal issues.

This commit adds a behavior that when a post is permanently deleted, the
details column of the `UserHistory` associated with the post will be
overwritten to "(permanently deleted)". At the same time, for permanent
deletion, a new `action_id` is introduced to distinguish it from soft
deletion.

Related meta topic: https://meta.discourse.org/t/introduce-a-way-to-also-permanently-delete-the-sensitive-info-from-the-staff-logs/292546
2024-07-23 15:27:11 +08:00
锦心
199f980e6a
FEATURE: Add creator and logging for CustomEmoji (#28004)
* FEATURE: Add logging for CustomEmoji

We didn't provide any logs for CustomEmoji before, nor did we record the
person who added any emoji in the database. As a result, the staff had
no way to trace back who added a certain emoji.

This commit adds a new column `user_id` to `custom_emojis` to record the
creator of an emoji. At the same time, a log is added for staff logs to
record who added or deleted a custom emoji.
2024-07-22 14:44:49 +08:00