Commit Graph

11323 Commits

Author SHA1 Message Date
Robin Ward
50fae909d6 Add an appEvent for when a post is created
List for `post:created` and you'll be passed the new post when it is
created.
2019-10-08 10:12:38 -04:00
Dan Ungureanu
fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. (#8014)
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
David Taylor
d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Sam Saffron
7a5daa3079 DEV: lint file
needed a prettier run
2019-10-08 12:15:23 +11:00
Daniel Waterworth
87f0b56191 UI: Scroll to the bottom of the page when the scrollbar hits the end (#8101) 2019-10-08 12:00:58 +11:00
Robin Ward
afe7429e7d Add more analytics events
The ability to track when likes and bookmarks are toggled
2019-10-07 16:39:17 -04:00
Penar Musaraj
1aaddf13a0 UX: remove iPad keyboard user setting from iOS 13
Removes setting for iOS devices that support Visual Viewport API.

On devices where it was previously enabled, it was causing some scrolling drift when invoking the composer.
2019-10-07 14:55:25 -04:00
Robin Ward
5c9acfec1d Add event for when "Reply" is clicked
This is useful by analytics libraries or other code that wants to track
when replies are begun. A new event: `page:compose-reply` is fired with
the topic.
2019-10-07 14:30:31 -04:00
Robin Ward
847f48a9d0 Add an app event for when a topic is fully loaded
If we are interested in page events (say analytics), they are reported
when the route changes, which does not wait for any promises in
`setupController` to finish.

A plugin might want to know when a topic has fully loaded, so this event
is triggered when that happens.
2019-10-07 14:30:31 -04:00
Penar Musaraj
d45866eb5c UX: Fix topic progress placement in iOS app
Fixes placement issues introduced in #45a55a3

Fixes topic progress placement when composer is collapsed with a draft
2019-10-06 16:10:08 -04:00
Kris
be85bc9dac convert ip lookup copy anchor to button 2019-10-04 16:28:36 -04:00
Mark VanLandingham
30087beb72
UX: Input for name when creating a new authenticator (#8153)
* FEATURE: Added input for name when creating a new authenticator in user preferences

* FEATURE: Added placeholders to authenticator inputs

* Ran prettier on second-factor-add-totp.js.es6
2019-10-04 13:46:48 -05:00
Kris
9e9d57d7ee General admin style cleanup 2019-10-04 13:25:54 -04:00
Robin Ward
f5d391a48a
REFACTOR: Move app-events:main to service:app-events (#8152)
AppEvents was always a service object in disguise, so we should move it
to the correct place in the application. Doing this allows other service
objects to inject it easily without container access.

In the future we should also deprecate `this.appEvents` without an
explicit injection too.
2019-10-04 10:06:08 -04:00
Kyle Zhao
75d54e3335 UX: Add "Drafts" to quick access profile tab. (#8155) 2019-10-04 15:48:17 +10:00
Osama Sayegh
e27f332318
PERF: speed up about page render time and limit category mods (#8112)
* PERF: speed up about page render time and limit category mods

* Remove return

* Remove widgets

* Convert admins and mods lists

* Rename component

* Apply Joffrey's patch

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>

* Make limit 100
2019-10-03 21:48:56 +03:00
Jeff Wong
d6b39dc01d REFACTOR: use const rather than var 2019-10-03 11:45:03 -07:00
Joffrey JAFFEUX
aaf15944f8
FIX: errors due to confusion between trustLevel and trust_level (#8149) 2019-10-03 08:52:07 -04:00
Penar Musaraj
45a55a3abf FIX: Correct position of topic progress in iOS when composer is visible
This fix is needed due to what feels like an iOS Safari bug. The CSS rule `margin-bottom: env(safe-area-inset-bottom);` should not apply to the topic progress element when the composer is visible, because the element is not near the bottom of the viewport.
2019-10-02 20:54:11 -04:00
Penar Musaraj
1051a95160 UX: Trigger composer resize when dismissing keyboard in iPad 2019-10-02 20:20:50 -04:00
Sam Saffron
1c3cbbe883 UX: bypass chrome autocomplete when editing admin text fields
Same issue as: 918a0ea3

off is ignored in chrome per: https://bugs.chromium.org/p/chromium/issues/detail?id=587466
2019-10-03 09:01:55 +10:00
Martin Brennan
61868e50cb Check webauthn support when registering security keys (#8146) 2019-10-03 08:26:26 +10:00
Joffrey JAFFEUX
91dd6aacfb
FIX: ensures chart parent element is still present before render (#8145) 2019-10-02 17:54:30 -04:00
Jeff Wong
dbb33f08a9 REFACTOR: clean-up webauthn mobile view 2019-10-02 11:49:36 -07:00
Martin Brennan
9f5ec7154d [FIX] Webauthn security key fixes after real-world usage (#8135)
* Fix broken security key 2FA on mobile login.hbs

* Show nicer error message when a security key already exists

* [COPY] Disable -> Delete for security key editing

* Standardize UI elements in 2FA prefs password confirmation

* Minor fixes to label location for resetPasswordProgress
2019-10-02 11:47:29 -07:00
Penar Musaraj
ea4e9dba8e FIX: Apply Visual Viewport composer height calc in iOS only 2019-10-02 13:37:41 -04:00
Joffrey JAFFEUX
d0390fba3e
UX: displays reads/likes in the same order that post menu buttons (#8140) 2019-10-02 13:00:47 -04:00
Penar Musaraj
ceb29d3eea UX: Full viewport composer layout on iPad
Partially reverts 94ab48c by using Safari hacks on iPad again.

This brings parity in the composer UI between iPhones and iPads

Hides grippie and fullscreen toggle button when the keyboard is visible on iPads
2019-10-02 12:36:11 -04:00
Joffrey JAFFEUX
7f114ef861
DEV: removes dead code (#8130)
This commit also refactors the new code which did make this dead code
2019-10-02 12:15:11 -04:00
Joffrey JAFFEUX
fb66ddf161
DEV: removes dead coded (#8129)
As per sam:

b9ccf4d09c/app/assets/javascripts/discourse.js 1

We used to put (*) topic title for certain cases, something that we totally stopped doing.
2019-10-02 12:13:39 -04:00
Joffrey JAFFEUX
ef610af328
FIX: exception with triggerRefresh and subcat listing (#8131)
Clicking fast on the "top", "unread", or "latest" button  when browsing a parent category page with subcategories and the setting `Show subcategory list above topics in this category` enabled would cause an exception:

```
Uncaught Error: Nothing handled the action 'triggerRefresh'. If you did handle the action, this error can be caused by returning true from an action handler in a controller, causing the action to bubble.
```
2019-10-02 07:51:23 -04:00
Martin Brennan
68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2019-10-01 19:08:41 -07:00
Joffrey JAFFEUX
6e815ba032 DEV: adds discourse:focus-changed app event (#8123) 2019-10-02 10:53:51 +10:00
Joffrey JAFFEUX
bbc250cc35
DEV: ensures relative-ages interval is cleared between tests (#8117) 2019-10-01 22:18:26 +02:00
Joffrey JAFFEUX
a5af98a149
DEV: fixes deprecation due to incorrect appEvent setup on share:url (#8122) 2019-10-01 22:17:38 +02:00
Penar Musaraj
5cf299733a UX: Fix topic progress placement
Keeps element 1em away from the right edge of screen

Takes DiscourseHub app nav position into account on iPad

Uses outerHeight to calculate element height including padding/borders
2019-10-01 13:14:36 -04:00
Jarek Radosz
d407bcab36 FIX: Correctly escape category description text (#8107)
* FIX: Correctly escape category description text

This bug has been introduced in db14e10943.

* Remove unnecessary `html_safe`

`Theme.lookup_field` already returns html-safe strings: 7ad338e3e6/app/models/theme.rb (L237-L242)

* Rename `description` where it's acutally `descriptionText`
2019-10-01 12:04:39 -04:00
Penar Musaraj
94ab48c616 UX: Improve composer layout in iPads
In iOS 13, Apple no longer includes "iPad" in the user agent by default, so we need to adjust our detection.
2019-10-01 08:22:17 -04:00
Sam Saffron
499472b6a0 FIX: change focus when application resumes in android
Per new lifecycle https://developers.google.com/web/updates/2018/07/page-lifecycle-api

On Android and latest Chrome when an app transitions from "frozen" to
active the new "resume" event fires with no accompanying "visibilitychange"
event.

This means that often background tabs may be stuck thinking that discourse
has no focus when, indeed, it has.

This leads to cases where no posts are marked read anymore.
2019-10-01 12:00:07 +10:00
Kris
5cfbe19eef UX: Change composer's edit reason link to an icon 2019-09-30 20:58:31 -04:00
Penar Musaraj
444d123f0d UX: Use Visual Viewport API for iOS composer height
This applies to iPhones running iOS 13+.
Previous technique remains in place for iOS 12 and below.

Note that this does not apply to iPads on iOS 13 due to Apple no longer
identifying iPads in the user agent string.
2019-09-30 13:56:40 -04:00
Kris
756104432e UX: add class to distinguish specific moderator categories on about page 2019-09-27 09:34:56 -04:00
Régis Hanol
72e38b291f FIX: proper jumpToPost with whispers/small-actions
findPostIdForPostNumber does not take into account whispers and small actions posts
so the jump might end up on the wrong post.
2019-09-18 18:32:40 +02:00
David Taylor
479fdaaea1
DEV: Allow specifying button class in reviewable action definitions (#8093)
This avoids the need for using `@extend` in SCSS, which can be problematic in plugins

For context, see https://review.discourse.org/t/fix-make-compatible-with-debundled-plugin-css-assets-feature/5297/7
2019-09-18 11:28:59 +01:00
Régis Hanol
bb127b8140 FIX: preview up to 'max_oneboxes_per_post' oneboxes
We were counting all the oneboxes in the DOM instead of just the ones in the preview.

Also refactored the logic to count up to 'max_oneboxes_per_post` instead of down to 0.
That also ensured we don't load 11 oneboxes when the setting is limiting to 10.
2019-09-17 23:25:15 +02:00
Arpit Jalan
4a11e7ee56 fix the build. 2019-09-17 13:00:41 +05:30
Arpit Jalan
671ffc4e06 FIX: do not allow posting of category topic template without any changes 2019-09-17 12:32:46 +05:30
Kyle Zhao
fb200e3055 FIX: Escape $ in translations before interpolating (#8100)
The dollar sign (`$`) is a special replace pattern, and `$&` inserts the
matched string. Thus dollars signs need to be escaped with the special
pattern `$$`, which inserts a single `$`.
2019-09-16 13:52:49 -04:00
Dan Ungureanu
520d54d85f
FIX: Open drafts for PMs from Activity > Drafts screen.
Draft.get sometimes returns only the sequence number.
2019-09-16 16:24:42 +03:00
David Taylor
39f7e98b60
FIX: Ensure page is reloaded correctly when a hash is present (#8096)
To demonstrate the issue:
- Visit https://meta.discourse.org/#somethingHere while logged in
- Click "log out"
- You will be logged out, but the page will not be reloaded

Setting `window.location.pathname = "/"` will not reload the page if there is a hash present. Using `window.location = "/"` gives us the desired behavior.
2019-09-16 13:27:12 +01:00
David Taylor
b0211772cb FIX: Explicitly specify the format when loading /associate/{{token}}
In IE11, the browser returns the cached HTML response, rather than the JSON formatted response. A better solution may be to add a `Vary: Accept` header to all of our HTML responses, but this commit should solve the immediate issue.
2019-09-13 17:22:57 +01:00
Kyle Zhao
f0f03acb2c FIX: Do not escape fancy_title again. (#8095)
`fancy_title` is already escaped by Rails. Escaping it again would print
the HTML entity as-is, e.g. `&quot;` instead of `"`.

This fixes the issue by introducing a new `escapedContent` attribute on
the `QuickAccessItem` widget.
2019-09-13 10:04:14 -04:00
Penar Musaraj
6bbda8eae9 FIX: Do not show latest count in tabs on tag lists 2019-09-12 22:42:48 -04:00
hawm
7129637279 FEATURE: Make share button support custom javascript (#8090)
* FEATURE: Make share button support custom javascript

* clean code

* formatting

* formatting
2019-09-12 11:19:43 -04:00
Jarek Radosz
1dcdcb5c31
FIX: Cast all numerical values in reports (#8087)
* FIX: Cast all numerical values in reports

The backend can return some numerical values in report as strings. That results in unexpected order of values when sorting report tables.

* Create `toNumber()` helper

The `typeof` and `parseFloat` seem to be the fastest path: https://jsperf.com/number-vs-typeof-vs-parsefloat#results
2019-09-12 15:17:34 +02:00
Kris
f4f566a301 Adding above-user-profile plugin outlet 2019-09-11 22:22:00 -04:00
Rishabh
d93586c63f FEATURE: Whitelist the allowfullscreen iframe attribute (#8086)
Adding this to core allows showing the fullscreen button on external iframe videos like Vimeo.
https://meta.discourse.org/t/full-screen-videos-plugin/90869 will not be needed anymore.
2019-09-11 16:49:54 +02:00
Leo McArdle
9ba4a67766 pass model to above-user-preferences outlet (#8084) 2019-09-11 10:24:22 -04:00
Dan Ungureanu
8b2c272f04
UX: Use medium format for displaying time in post notices. (#8074) 2019-09-11 13:00:53 +03:00
Penar Musaraj
7252c14a16 FIX: Switch to full screen external login for Safari
This is a temporary solution, currently popup auth fails in Safari.
2019-09-11 00:18:37 -04:00
Neil Lalonde
f0586ece32 FIX: errors in qunit tests when version check info is missing 2019-09-10 16:38:23 -04:00
Neil Lalonde
509e61e272 UX: Show installed version with SHA instead of number of commits
Removes the "+ 437" string at the end of "v2.4.0.beta2 + 437",
and adds a link to the exact commit on github underneath.
2019-09-10 14:59:51 -04:00
Penar Musaraj
cf23016360 FIX: Display emojis in search result blurbs 2019-09-10 11:11:15 -04:00
Kyle Zhao
9b10a78d82 FEATURE: Quick access panels in user menu (#8073)
* Extract QuickAccessPanel from UserNotifications.

* FEATURE: Quick access panels in user menu.

This feature adds quick access panels for bookmarks and personal
messages. It allows uses to browse recent items directly in the user
menu, without being redirected to the full pages.

* REFACTOR: Use QuickAccessItem for messages.

Reusing `DefaultNotificationItem` feels nice but it actually requires a
lot of extra work that is not needed for a quick access item.

Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread
private message"), and it is not trivial to remove / override that.

* Use a plain JS object instead.

An Ember object was required when `DefaultNotificationItem` was used.

* Prefix instead suffix `_` for private helpers.

* Set to null instead of deleting object keys.

JavaScript engines can optimize object property access based on the
object’s shape. https://mathiasbynens.be/notes/shapes-ics

* Change trivial try/catch to one-liners.

* Return the promise in case needs to be waited on.

* Refactor showAll to a link with href

* Store `emptyStatePlaceholderItemText` in state.

* Store items in Session singleton instead.

We can drop `staleItems` (and `findStaleItems`) altogether. Because
`(old) items === staleItems` when switching back to a quick access
panel.

* Add `limit` parameter to the `user_actions` API.

* Explicitly import Session instead.
2019-09-09 11:03:57 -04:00
Nick Quaranto
530356f465 Use Discourse.getURL for /clicks/track so clicks can be tracked on relative URLs (#8079) 2019-09-09 17:41:37 +10:00
Roman Rizzi
7d5f3c1338 UX/PERF: Update readers count when a post from another user is read. Don't fetch the post data again just to update the count. (#8078) 2019-09-09 11:29:15 +10:00
Robin Ward
3e3f6b1b62 Revert "FIX: Auth popup handling for Safari same-site cookie quirks"
This reverts commit 310a8ac242.

It seems this breaks google authentication. My suspicion is opening
the URL twice invalidates the CSRF after the first access.
2019-09-06 15:46:48 -04:00
Gerhard Schlager
631315624d FIX: Topics with muted tag didn't show up when filtering by category and tag
It also removes the redundant `filter` parameter. Previously URLs looked like this:

```
http://example.com/tags/c/some-category/muted-tag/l/latest.json?filter=tags/c/some-category/muted-tag/l/latest
```

But it looks like the `filter` parameter was only used to find out if topics with a muted tag should be removed or not. But the same thing can be accomplished by using the first tag ID. The following URL looks a lot cleaner.

```
http://example.com/tags/c/some-category/muted-tag/l/latest.json
```
2019-09-06 20:38:03 +02:00
Vinoth Kannan
f0f6b715ce fix the typo
c1769b0ec5
2019-09-06 01:33:23 +05:30
Vinoth Kannan
c1769b0ec5 DEV: improve the code readability.
82c5a1d20f
2019-09-06 01:27:29 +05:30
romanrizzi
f9ee6e923a UX: Hide the read indicator if read count is zero 2019-09-04 16:55:39 -03:00
Jeff Wong
c20d26a500 FEATURE: add before-topic-progress plugin outlet 2019-09-04 09:31:06 -07:00
Robin Ward
bde0ef865f
FEATURE: Adds a pop up that shows a more detailed score for reviewables (#8035)
If you click a (?) icon beside the reviewable status a pop up will
appear with expanded informatio that explains how the reviewable got its
score, and how it compares to system thresholds.
2019-09-04 09:56:25 -06:00
Mark VanLandingham
d819b55038 FEATURE: support data-explorer outlet in group navigation (#8063) 2019-09-04 16:15:10 +10:00
Penar Musaraj
21e5772aa5 FIX: Mobile Safari composer improvements (#8069)
- prevents keyboard from being invoked when textarea is disabled

- avoids scrolling up when switching focus from title to textarea on new topic creation
2019-09-04 16:04:07 +10:00
Vinoth Kannan
82c5a1d20f FIX: Make 'group membership requests' feature compatible with visibility level option 'logged_on_users'. 2019-09-04 03:22:55 +05:30
Penar Musaraj
c468abe9d0 FIX: Adjust composer size for iPhone Xs Max and Xʀ 2019-09-03 12:47:00 -04:00
Penar Musaraj
4d6eacac5c FIX: close user card after clicking Message button
This was primarily an issue on mobile, where after clicking the "Messsage" button in the user card, the composer would load behind the user card overlay.
2019-08-30 13:40:12 -04:00
David Taylor
310a8ac242 FIX: Auth popup handling for Safari same-site cookie quirks
When opening authentication popup, start with an on-site URL. Opening "about:blank", and then POSTing the form does not send same-site=Lax cookies. Opening the popup to a page on the site domain, and then POSTing the form, works successfully.
2019-08-30 17:55:18 +01:00
David Taylor
3c6176b844 FIX: Allow accessing nested objects within theme settings
This is required to access keys within the new theme_uploads object
2019-08-30 12:27:02 +01:00
Sam Saffron
3e855e33ae FIX: notifications not updating correctly from background tab
We refactored some code to avoid app event leak in tests at c462c2f2

Unfortunately this broke all background notifications in title and they
were broken for the past multiple months.
2019-08-30 15:51:20 +10:00
romanrizzi
13af02b70f FIX: Include read indicator when the publish_group_state is enabled 2019-08-29 12:47:55 -03:00
Roman Rizzi
ebb389ef8a
UX: Read indicator improvements. (#8049)
* The read indicator now shows up when no member has read the last post of the topic (written by a non-member)
* The read indicator works on mobile and receives live updates from message bus
* The icon we display in the topic list was changed
* Added a title to the indicator to indicate its purpose when hovering over it
2019-08-29 12:03:43 -03:00
David Taylor
98fbc019a3
FIX: Ensure live-reloading of theme CSS works first time (#8052)
The client-side theme-selector would always apply the first in a series of file change notifications. This has been fixed, so it now applies the most recent notification.

Duplicate notifications were being sent because
- The remote_theme autosave was causing every change notification to be doubled
- Color scheme change notifications were being sent every time a theme was uploaded, even if the colors were unchanged

These duplicate notifications have been fixed, and a spec added to ensure it does not regress in future
2019-08-29 15:47:08 +01:00
Régis Hanol
56be4bb8f0 FIX: don't search for tags when editing topic title 2019-08-28 21:25:49 +02:00
Gerhard Schlager
a40e9d9cb5 UX: Remove unused strings about desktop notifications 2019-08-28 16:00:50 +02:00
David Taylor
ca9ef58318 FIX: Allow dashboard to load even when git version cannot be found 2019-08-28 12:37:42 +01:00
Joe
d14851e552 UX: better alignment for tags in the header (#8047)
* Removes unused styles

This commit only removes unnecessary / duplicate styles. It does not cause any visual changes.

* adds class to `<h1>` tag in header topic info.

This is much better to target than `h1`

* removes unused styles

* header title margin adjustment

* minor header-title margin adjustments

* One more header-title margin adjustment
2019-08-28 18:18:27 +10:00
Kyle Zhao
698e97125e REFACTOR: User menu profile link for extensibility (#8039)
This minor refactor extracts `UserMenuLinks#profileLink` &
`UserMenuLinks#linkHtml` to allow plugins / themes to control the
profile link definition, and more importantly, how it is rendered.
2019-08-28 16:34:51 +10:00
Roman Rizzi
7c741fa0d6
FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025)
* Revert "Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)""

This reverts commit 36425eb9f0.

* Fix: Show who read only if the attribute is enabled

* PERF: Precalculate the last post  readed by a group member

* Use book-reader icon instear of far-eye

* FIX: update topic groups correctly

* DEV: Tidy up read indicator update on write
2019-08-27 09:09:00 -03:00
Osama Sayegh
2305a6fffe
DEV: don't define _super when modifying widgets unless the property is a function (#8042) 2019-08-27 13:34:16 +03:00
David Taylor
734a06dd21 FIX: When using a custom authenticator URL, send request using GET 2019-08-27 10:28:17 +01:00
Penar Musaraj
a3cd73ef27 FIX: Don't display PWA banner when using native app 2019-08-26 15:55:26 -04:00
Sam Saffron
b93460cb59 UX: workaround chrome autocomplete bug in search
This works around issue mentioned in 918a0ea3
2019-08-26 10:27:43 +10:00
Joffrey JAFFEUX
171618e7d6 FIX: allows mini-tag-chooser to fetch tags in background (#8033)
This is useful when changing the category in the composer for example. When opening mini-tag-chooser after, tags will be correctly updated for the selected category.
2019-08-23 06:45:29 -06:00
Joffrey JAFFEUX
e94f67e2da
prettier (#8031) 2019-08-22 15:27:45 +02:00
Régis Hanol
1e4f0ac216 FIX: infinite loop when mentioning in IE11 2019-08-22 14:47:25 +02:00
Joffrey JAFFEUX
74931eedfd
DEV: prevents deprecation of overriding computed property (#8030)
https://deprecations.emberjs.com/v3.x/#toc_computed-property-override
2019-08-22 12:31:18 +02:00
Joffrey JAFFEUX
78eb05e4ea
DEV: bumping for customHref nav item API (#8029) 2019-08-22 12:25:02 +02:00
Sam Saffron
741d5bf541 DEV: improvement to stripping quote logic
Followup one afc7830b we needed handling for nested quotes
2019-08-22 12:09:32 +10:00
Sam Saffron
afc7830be5 PERF: faster length calculation of composer body
Every time we type a letter the composer issues a reply length check.

This is due to the interconnecting components, the title one depends on the
body which means that this decision making is passed along each time, even
if the title does not need it strictly.

Anyway...

This optimisation has 3 parts:

1. If the composer string is super long (10000 chars) we will bypass, quote
stripping and space squashing.

2. Quote stripping is now done much more efficiently, we strip them all in
one go

3. Space squashing eg: `hello    world` to `hello world` is done in an
efficient loop to avoid needing to generate superflous strings that need
GC
2019-08-22 11:56:38 +10:00
Daniel Waterworth
d59746cdc1 SECURITY: Don't send CSRF token in query string
The token is already present in the headers thanks to the csrf-token
initializer.
2019-08-21 13:16:38 +01:00
Rafael dos Santos Silva
72c2818655 FIX: Limit PWA install banner to Android for now 2019-08-20 14:47:17 -03:00
romanrizzi
36425eb9f0 Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)"
This reverts commit 5dda5c2f7c.
2019-08-20 13:29:22 -03:00
Roman Rizzi
5dda5c2f7c
FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)
* Reenable: "FEATURE: Publish read state on group messages. (#7989)"

This reverts commit 67f5cc1ce8.

* FIX: Read indicator only appears when the group setting is enabled
2019-08-20 11:57:25 -03:00
romanrizzi
67f5cc1ce8 Revert "FEATURE: Publish read state on group messages. (#7989)"
This reverts commit 1630dae2db.
2019-08-20 10:24:34 -03:00
Roman Rizzi
1630dae2db
FEATURE: Publish read state on group messages. (#7989)
* Enable or disable read state based on group attribute

* When read state needs to be published, the minimum unread count is calculated in the topic query. This way, we can know if someone reads the last post

* The option can be enabled/disabled from the UI

* The read indicator will live-updated using message bus

* Show read indicator on every post

* The read indicator now shows read count and can be expanded to see user avatars

* Read count gets updated everytime someone reads a message

* Simplify topic-list read indicator logic

* Unsubscribe from message bus on willDestroyElement, removed unnecesarry values from post-menu, and added a comment to explain where does minimum_unread_count comes from
2019-08-20 09:46:57 -03:00
Sam Saffron
8db38de9d7 SECURITY: add rate limiting to anon JS error reporting
This adds a 1 minute rate limit to all JS error reporting per IP. Previously
we would only use the global rate limit.

This also introduces DISCOURSE_ENABLE_JS_ERROR_REPORTING, if it is set to
false then no JS error reporting will be allowed on the site.
2019-08-20 11:29:11 +10:00
Rafael dos Santos Silva
0a5b332b8c
FEATURE: Incorporate PWA install prompt into Discourse UI (#8013)
* FEATURE: Incorporate PWA install prompt into Discourse UI

This is mainly done so Discourse forums stop nagging people to install
on the very first visits to a website.

We will prevent the native install "mini-info" bar from ever appearing,
capture the event that pops with it, and delay it until the user meets
our criteria, which currently is trust_level 1.

If the event happens and the user meets our criteria we show a Discourse
alert banner proposing the install to the user. Dismissal of the banner
is recorded so the user ins't bothered anymore on the same device.


Co-Authored-By: Gerhard Schlager <mail@gerhard-schlager.at>
Co-Authored-By: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-08-19 14:09:21 -03:00
Joffrey JAFFEUX
6f70138f4a
DEV: injects router in customHref/customFilter of addNavigationBarItem (#8018) 2019-08-19 18:33:12 +02:00
Dan Ungureanu
0b1146add4
UX: Hide "Create Tag" option if user cannot create tag. (#7723) 2019-08-19 11:40:56 +03:00
Joffrey JAFFEUX
1a731dcff1
FIX: prevents mobile nav to create an error when unregistering click events (#8016)
This what happening when clickin on "All groups", as it was trying to get element of a destroying component.
2019-08-19 09:33:54 +02:00
Joffrey JAFFEUX
897cdfb596 FIX: uses simpler pattern for custom href on extra nav items (#8015)
THe main advantage of this solution is that it will be called on each rerendered whereas the other is not once href has been set.

Example API:
```
      api.addNavigationBarItem({
        name: "foo",
        displayName: "Foo",
        customHref: function(category, args) {
          const router = api.container.lookup("service:router");
          const queryParams = { bar: "1" };
          return router.urlFor(router.currentRouteName, category, {
            queryParams
          });
        }
      });
```
2019-08-19 16:27:16 +10:00
Blake Erickson
2fd654a4ae Ran prettier to fix build
Not sure why lefthook didn't pick this up before on my previous commit,
but manually running prettier found this.

Followup to: 893d30fb92
2019-08-16 13:03:01 -06:00
Blake Erickson
893d30fb92 REVERT: External auth when redeeming invites
Reverting this commit:

87a0a6664e

because I'm extracting all of this logic into a plugin instead.
2019-08-16 12:44:14 -06:00
Dan Ungureanu
df6630f868
FIX: J/K navigation resets current selection when scrolling fast.
Sometimes, when keeping J or K pressed and scrolling fast, the current
selection would go out of the viewport for a few moments and the
algorithm would try selecting the "best" element that is in viewport.

This bug is reproducible only on certain machines. For example, Linux
machines seem to be passing key events faster to the browser.
2019-08-16 17:28:25 +03:00
Joffrey JAFFEUX
936d4ce17a
FEATURE: favorites emojis will also show in composer autocomplete (#8011) 2019-08-16 11:47:03 +02:00
tshenry
82e07cb0f4 UX: Consistent placement of category-title-before plugin outlet (#8010) 2019-08-16 09:04:50 +10:00
Joffrey JAFFEUX
00b91de5e8 DEV: allows customHref for extra nav items (#8012)
* DEV: allowes customHref for extra nav item

* linting

* uses value not key
2019-08-15 12:26:21 -06:00
Robin Ward
23367e79ea
FEATURE: Embed topics list on remote sites via Javascript API. (#8008)
This adds support for a `<d-topics-list>` tag you can embed in your site
that will be rendered as a list of discourse topics. Any attributes on
the tag will be passed as filters. For example:

`<d-topics-list discourse-url="URL" category="1234">` will filter to category 1234.

To use this feature, enable the `embed topics list` site setting. Then
on the site you want to embed, include the following javascript:

`<script
src="http://URL/javascripts/embed-topics.js"></script>`

Where `URL` is your discourse forum's URL.

Then include the `<d-topics-list discourse-url="URL">` tag in your HTML document and it will
be replaced with the list of topics.
2019-08-15 13:41:06 -04:00
Joffrey JAFFEUX
a5542768ea
FIX: attempts to use params from addDiscoveryQueryParam (#8007)
This commit will for example allow this:

```
api.addDiscoveryQueryParam("my_param", { persist: true });
```

If you page is forum.foo.bar/?my_param=1, when clicking on an "unread" link for example this query string will be kept.
2019-08-14 19:56:02 +02:00
Vinoth Kannan
88359b0f16
FEATURE: add support for group members visibility level (#8004)
There are 5 visibility levels (similar to group visibility)

public (default)
logged-in users
members only
staff
owners

Admins & group owners always have visibility to group members.
2019-08-14 19:00:04 +05:30
David Taylor
92f2202e4a SECURITY: Restrict message-bus access on login_required sites 2019-08-14 09:43:12 +01:00
Bianca Nenciu
ba396a5384
DEV: Use ResultSet with staff action logs. (#7661) 2019-08-13 20:55:05 +03:00
Sam Saffron
1358339bf9 lint file
$window no longer used in panStart followup on 7877383e
2019-08-13 11:13:59 +10:00
Jeff Wong
7877383e62
FIX: RIP swipe-in menus on Android (#7997)
In later versions of android, swipe-in from the sides on android triggers
forward/back functionality. We can no longer trigger menu swipes on android

https://www.androidcentral.com/android-q-getting-rid-back-button-side-swipe-gesture
2019-08-12 17:30:18 -07:00
Kyle Zhao
ca7f1dabbf REFACTOR: user-menu-links widget for extensibility (#7996) 2019-08-12 14:01:59 -04:00
David Taylor
d348368ab6
FEATURE: Allow themes to override color transformation variables (#7987)
Theme developers can now add any of the transformed color variables to their color scheme in about.json. For example

```
  "color_schemes": {
    "Light": {
      "primary": "333333",
      "secondary": "ffffff",
      "primary-low": "ff0000"
    }
  },
```

would override the primary-low variable when compiling SCSS for the color scheme. The primary-low variable will also be visible in administrator color palette UI.
2019-08-12 11:02:38 +01:00
Joffrey JAFFEUX
731f61a818
UX: modifies admin email template to have more space for the form (#7993) 2019-08-12 10:27:25 +02:00
Jeff Wong
4cd0cd2f8e FIX: Blank second factor gets default name 2019-08-11 22:13:33 -07:00
Blake Erickson
d7c73ded14 Ran prettier to clean up some formatting
Follow up to:

https://review.discourse.org/t/feature-external-auth-when-redeeming-invites/5152?u=blake
2019-08-11 19:00:52 -06:00
Blake Erickson
87a0a6664e FEATURE: External auth when redeeming invites
This feature (when enabled) will allow for invite_only sites to require
external authentication before they can redeem an invite.

- Created hidden site setting to toggle this
- Enables sending invites with local logins disabled
- OAuth button added to invite form
- Requires OAuth email address to match invite email address
- Prevents redeeming invite if OAuth authentication fails
2019-08-11 12:20:02 -06:00
Joffrey JAFFEUX
3503758599
FIX: polyfills String.prototype.repeat for IE (#7994) 2019-08-10 20:39:04 +02:00
Gerhard Schlager
e4f14ca3d7 FIX: Disallow user self-delete when user posted in PMs
All posts created by the user are counted unless they are deleted,
belong to a PM sent between a non-human user and the user or belong
to a PM created by the user which doesn't have any other recipients.

It also makes the guardian prevent self-deletes when SSO is enabled.
2019-08-10 12:30:16 +02:00
David Taylor
922c40f87c UX: Clear username when opening ignore duration modal 2019-08-08 16:31:34 +01:00
David Taylor
3b8c468832 SECURITY: Require POST with CSRF token for OmniAuth request phase 2019-08-08 11:58:00 +01:00
Joffrey JAFFEUX
5d72561f4f
FIX: allows replacement of digits and symbols emojis (#7978) 2019-08-07 11:38:58 +02:00
Sam Saffron
3c44e54c3f DEV: followup on secure category mention
Follows up on #f7809207

- Priority mention support only available for groups with less than 500 members
- Proper use attribute on model
2019-08-07 10:31:25 +10:00
Roman Rizzi
44ad8ee39b
FIX: Use unescaped title as combo-box id (#7979) 2019-08-06 16:27:01 -03:00
Bianca Nenciu
37e7998a82
FEATURE: Send notification when member was accepted to group. (#7614) 2019-08-06 13:29:46 +03:00
Sam Saffron
f780920759 FEATURE: mention in secure category to prioritize groups
This feature allows @ mentions to prioritize showing members of a group who
have explicit permission to a category.

This makes it far easier to @ mention group member when composing topics in
categories where only the group has access.

For example:

If Sam, Jane an Joan have access to bugs category.

Then `@` will auto complete to (jane,joan,sam) ordered on last seen at

This feature works on new topics and existing topics. There is an explicit
exclusion of trust level 0,1,2 groups cause they get too big.
2019-08-06 17:57:56 +10:00
Joffrey JAFFEUX
d8dfa87f24
UX: improves dates on reports export UI (#7971)
- show it's UTC
- allows future
- shows date in more human readable format
2019-08-06 08:41:21 +02:00
Joffrey JAFFEUX
8390f230b8
FIX: allows copy pasting file in composer with chrome (#7969) 2019-08-06 08:41:04 +02:00
Rafael dos Santos Silva
6dfb2165ae FIX: Syntax error in b1f5949 2019-08-05 16:07:49 -03:00
Rafael dos Santos Silva
b1f5949868 FIX: Make the workbox path compatible with multisite
Closes
https://meta.discourse.org/t/full-url-in-assets-erb-file-multisite-issues/124393?u=falco
2019-08-05 15:00:41 -03:00
David Taylor
e6831afea1
FIX: Composer preview on IE11 (#7970)
Add the Array.from polyfill for IE11. This is required to support the transpiled ES6 spread syntex generated by babel: https://babeljs.io/docs/en/caveats/
2019-08-05 14:21:58 +01:00
Gerhard Schlager
2c08d43539 UX: Use shorter weekday labels in date picker 2019-08-05 14:12:27 +02:00
Faizaan Gagan
387016ea9b fixed a small typo in the function's doc comment (#7965) 2019-08-05 12:24:49 +10:00
Kyle Zhao
1bb5266437 FIX: Rename deprecated "refresh" icon to "sync" (#7966) 2019-08-05 12:21:51 +10:00
Rafael dos Santos Silva
272b38a573
FIX: Better detection of Apple browsers (#7961)
Introduces isIpadOS to our capabilities sniffer, which is currently
compatible with latest iPad beta OS. Older iPad versions will match our
isIOS detection.

Using this new feature, fixes the service worker being blocked in Google
Chrome, Firefox and other browsers while running on Mac OS, where they
work just fine. This enables Desktop PWA install in Mac OS.
2019-08-02 12:43:25 -03:00
David Taylor
06e757245f FEATURE: Add a test facility to the watched words admin interface 2019-08-02 15:29:12 +01:00
David Taylor
39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Robin Ward
f57fdee2f6 FIX: Modal onClose was being called repeatedly
This happened because the modal controller was not clearing the `name`
attribute, which is used for looking up the controller to call `onClose`
on.

Every page navigation would call the method over and over, breaking
state in odd ways.
2019-08-01 15:42:43 -04:00
Joe
8531056ad5
UX: style fixes for admin digest email preview page (#7959)
* code formatting: Nothing changed in this commit except code formatting

* adds classes to digest refresh button

* adds margins to digest refresh button

* removes line break tags and uses CSS margins instead
2019-08-01 14:37:42 +08:00
David Taylor
d1434b6600 DEV: Remove unused imports 2019-07-31 16:21:02 +01:00
David Taylor
49bce0ccdb DEV: Remove unused action from user preferences controller
This is no longer used following d8ff94ecaa
2019-07-31 16:15:23 +01:00
David Taylor
a49b7bb84a FIX: Prevent user-notifications-dropdown from causing unintended changes
It was setting the `onClose` property of the singleton modal controller, which would then persist until the next full page reload
2019-07-31 15:38:47 +01:00
Osama Sayegh
13e74151a9
FEATURE: list category moderators on the about page (#7916)
https://meta.discourse.org/t/category-group-review-moderation/116478?u=osama
2019-07-31 16:46:58 +03:00
Neil Lalonde
9656a21fdb
FEATURE: customization of html emails (#7934)
This feature adds the ability to customize the HTML part of all emails using a custom HTML template and optionally some CSS to style it. The CSS will be parsed and converted into inline styles because CSS is poorly supported by email clients. When writing the custom HTML and CSS, be aware of what email clients support. Keep customizations very simple.

Customizations can be added and edited in Admin > Customize > Email Style.

Since the summary email is already heavily styled, there is a setting to disable custom styles for summary emails called "apply custom styles to digest" found in Admin > Settings > Email.

As part of this work, RTL locales are now rendered correctly for all emails.
2019-07-30 15:05:08 -04:00
tshenry
7ebb3503a3 UX: Make profile views consistent with other elements (#7956)
* UX: Make profile views consistent with other elements

* Spaces not tabs
2019-07-30 09:23:37 -04:00
Osama Sayegh
70bd8e2dad
UX: Show a warning when admin clicks save without adding group when changing category permissions (#7947)
* UX: Show a warning when admin clicks save without adding group when changing category permissions

* Use div rather than pseudo element

* Don't pass controller to component

* Use observer instead of a delay

* Refactor

* Rename to validator

* validator is much better than saveValidator
2019-07-29 21:53:31 +03:00
David Taylor
d4acd35466
FEATURE: Sync unread state live to topic lists (#7933) 2019-07-29 10:28:42 +01:00
Guo Xiang Tan
49d9557337 Revert commit that was pushed by mistake.
This reverts commit c7516c42e9.
2019-07-29 11:04:38 +08:00
Guo Xiang Tan
c7516c42e9 Revert "FIX: reverts #18e2816 (#7940)"
This reverts commit c7b146cbdf.
2019-07-29 09:18:53 +08:00
David Taylor
3324747afe UX: Improve account association when account description is missing 2019-07-27 16:37:21 +01:00
Rafael dos Santos Silva
1922d4bf78 PERF: Add more constraint on the Cache Storage usage
Only restricting cache per age wasn't enough for instances with lots of
multimedia usage and high number of posts.

MaxEntries is also more effective on cleanup, and purgeOnQuotaError
advertise that Discourse cache can be purged if necessary.

https://developers.google.com/web/tools/workbox/guides/storage-quota
2019-07-27 11:52:21 -03:00
Penar Musaraj
042f7184f1 DEV: Display FA 4.7 deprecation notice in all environments
FA 4.7 icon mapping will be removed soon.
2019-07-26 15:25:20 -04:00
Joffrey JAFFEUX
fe7f0982af
DEV: attemps to limit Discourse.User.current() usage (#7943) 2019-07-26 11:20:11 +02:00
David Taylor
4f1382a54a FIX: Hide live-loaded posts from ignored users 2019-07-25 12:01:29 +01:00
Joffrey JAFFEUX
0c7df55686
DEV: uses router.currentRouteName instead of application (#7942)
https://deprecations.emberjs.com/v3.x/#toc_application-controller-router-properties
2019-07-25 12:50:30 +02:00
Joffrey JAFFEUX
1dde6a5355
DEV: prevents post.siteSettings computed property to be overridden (#7941)
This happens when loading a post from a json object and is a behavior which will be impossble in future Ember updates.
2019-07-25 11:54:23 +02:00
Joffrey JAFFEUX
c7b146cbdf
FIX: reverts #18e2816 (#7940) 2019-07-25 11:14:23 +02:00
Joffrey JAFFEUX
c1d2fb115c
DEV: prevents staff computed property to be overridden (#7931) 2019-07-24 22:01:08 +02:00
Kris
2ab022494a UX: Add expanded/collapsed class to post-controls (#7932) 2019-07-24 10:08:59 -04:00
Joffrey JAFFEUX
1d38bf7e2c
DEV: removes deprecated property() usage from topic-footer-button api (#7930) 2019-07-24 13:55:18 +02:00
Joffrey JAFFEUX
e83dcfdb7b
DEV: ensures application.hbs is using router currentPath (#7929) 2019-07-24 13:33:59 +02:00
Joffrey JAFFEUX
e444ce7ccd
REFACTOR: this.$() deprecation (#7928) 2019-07-24 13:17:36 +02:00
David Taylor
0a6cae654b SECURITY: Add confirmation screen when connecting associated accounts 2019-07-24 10:28:15 +01:00
Kris
3fdc10337d follow up fix to 7d27b8b 2019-07-23 11:37:34 -04:00
Kris
7d27b8bb8c add class for extra post buttons 2019-07-23 11:32:04 -04:00
Joffrey JAFFEUX
8a9ce7336d
FIX: removes uncategorized context if not allowed in composer (#7922) 2019-07-23 17:05:49 +02:00
Saurabh Patel
4bc5ccf7e4 BUG: send featuredLink as featured_link to backend to update correct … (#7915)
* BUG: send featuredLink as featured_link to backend to update correct value
https://meta.discourse.org/t/editing-a-topic-link-does-not-change-its-featured-link/123007

* review fix
2019-07-23 09:49:04 -04:00
Osama Sayegh
5fc5a7f5ae FEATURE: Add search operator to see all direct messages from a user (#7913)
* FEATURE: Add search operator to see all direct messages from a user

* Only show message if related messages >= 5

* Make "all messages" the hyperlink

* Review
2019-07-22 10:55:49 -04:00
Osama Sayegh
f14c6d81f4
FEATURE: Watched words improvements (#7899)
This commit contains 3 features:

- FEATURE: Allow downloading watched words
This introduces a button that allows admins to download watched words per action in a `.txt` file.

- FEATURE: Allow clearing watched words in bulk
This adds a "Clear All" button that clears all deleted words per action (e.g. block, flag etc.)

- FEATURE: List all blocked words contained in the post when it's blocked
When a post is rejected because it contains one or more blocked words, the error message now lists all the blocked words contained in the post.

-------

This also changes the format of the file for importing watched words from `.csv` to `.txt` so it becomes inconsistent with the extension of the file when watched words are exported.
2019-07-22 14:59:56 +03:00
Joffrey JAFFEUX
67650328b4
FIX: allows to specify camelCased attributes in wrap component (#7919) 2019-07-22 09:24:27 +02:00
Roman Rizzi
eb26bee046
DEV: group_list site settings should store IDs instead of group names (#7860)
* DEV: group_list site settings should store IDs instead of group names

* Ship site setting to know when we should migrate group_list settings

* Migrate existing group_list site settings

* Bump migration timestamp and don't set null when migrating is not possible.
2019-07-19 15:17:58 -03:00
Robin Ward
e47e0af123
FEATURE: Allow viewing of raw emails for reviewable queued posts (#7910)
If a post arrives via email but must be reviewed, we now show an
icon that can be clicked to view the raw contents of the email.

This is useful if Discourse's email parser is acting odd and the user
reviewing the post wants to know what the original contents were before
approving/rejecting the post.
2019-07-19 11:56:14 -04:00
Robin Ward
8dd3cbfcb9
FEATURE: Allow choice of category when making a PM public (#7907)
* FEATURE: Allow choice of category when making a PM public

Previously it would default to uncategorized, which was not ideal on
some forums. This gives the staff member more choice about what they'd
like to do.

* Make the optional category more explicit

* Joffrey's feedback
2019-07-19 11:52:50 -04:00
Kris
9075789783 IE11 fix for b73bd7f 2019-07-19 11:46:20 -04:00
Bianca Nenciu
9ba2c7cd8b
FIX: Set a minimum reading time per post. (#7842)
Topics containing only images could generate a reading time of zero minutes.
2019-07-19 18:15:38 +03:00
Kris
5a3a6824c4 UX: Refactor avatar upload modal for better mobile spacing 2019-07-19 10:39:38 -04:00
Bianca Nenciu
9f500a4ff4
FIX: Show same username or name for post notices. (#7862) 2019-07-19 11:05:48 +03:00
Joffrey JAFFEUX
533f5172d7
fix tests (#7912) 2019-07-18 23:15:36 +02:00
Joffrey JAFFEUX
8dfd0e0374 DEV: uses private API for currentPath (#7911)
* DEV: uses with private API for currentPath

router.currentRouteName as a slightly different API and application.currentPath is deprecated

* another fix
2019-07-18 17:00:39 -04:00
Joffrey JAFFEUX
9cdc059a99
fix tests (#7908) 2019-07-18 19:48:12 +02:00
Joffrey JAFFEUX
f9c7d5a4bd DEV: removes application.currentPath deprecation (#7905)
See https://deprecations.emberjs.com/v3.x#toc_application-controller-router-properties for more context
2019-07-18 13:29:37 -04:00
Joffrey JAFFEUX
617c74bc79 DEV: remove .property() deprecations (#7906)
More context at https://deprecations.emberjs.com/v3.x#toc_function-prototype-extensions-property
2019-07-18 13:28:23 -04:00
Robin Ward
5e50a24d3a
Fix typo
It's jump-to not jumpt-to
2019-07-18 12:44:35 -04:00
Joffrey JAFFEUX
cb84133855
FIX: bugs preventing to close delete account modal with button (#7904) 2019-07-18 18:16:29 +02:00
Joffrey JAFFEUX
95ad4f9077
FEATURE: new date/time components (#7898) 2019-07-18 17:29:41 +02:00
Neil Lalonde
194a2b612f FIX: string that can't be translated in watched words UI 2019-07-18 11:07:02 -04:00
Roman Rizzi
f5c707c97a
FEATURE: Gz to zip for exports (#7889)
* Revert "Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)""

This reverts commit f89bd55576.

* Replace .tar.zip with .zip
2019-07-18 09:34:48 -03:00
Joe
c1b58613a2
UX: adds <a> tag with href category box titles (#7901)
This Ensures that category titles in category-boxes can be opened in a new tab.
2019-07-18 19:25:39 +08:00
Arpit Jalan
d4d81515d2 Fix the build. 2019-07-17 12:03:45 +05:30
Arpit Jalan
e4d743910d FIX: respect logout_redirect setting on 'Log out all' 2019-07-17 11:58:04 +05:30
Rafael dos Santos Silva
2a0cd066a7 FIX: Remove all service workers from Apple devices *again*
There is a bug that when Safari starts up, and reloads the tabs from
the previous session **and** there is a service worker registered for
the scope of the document, all cookies marked as `SameSite=Lax` won't be
sent in the request.

This puts Discourse in a **very** broken state, where:

- You appear as a anon user
- Subsequent xhr requests will come with logged in data
- Refreshing doesn't log you in (cookies are still not sent)
- Clicking on the address bar and hitting enter, will log you in (as it
will finally send those damn `SameSite=Lax` cookies.

Looks a lot like a corner case missed by the fix at
https://trac.webkit.org/changeset/241918/webkit
2019-07-16 19:30:38 -03:00
Penar Musaraj
a571efba35
FIX: Rename deprecated icons, allow custom icons in badges
- adds a migration renaming FA4 icon names in badges
- allows all icons to be used in badges (previously was limited to icons prefixed with fa-)
- renames remaining FA 4.7 icons equivalents
2019-07-16 11:13:44 -04:00
Joffrey JAFFEUX
b3eb67976d
DEV: Upgrades to Ember 3.10 (#7871)
Co-Authored-By: majakomel <maja.komel@gmail.com>
2019-07-16 12:45:15 +02:00
David Taylor
e2fa5704e9 UX: Remove duplicate copy in two-factor preferences 2019-07-16 10:57:11 +01:00
romanrizzi
12e71f1fb2 UX: Swap ignore and mute sections to move the 'Save changes' button to the bottom 2019-07-15 17:30:01 -03:00
Rafael dos Santos Silva
b505d1d700 DEV: Force workboxjs debug to false on dev env too 2019-07-15 16:07:49 -03:00
Osama Sayegh
6515ff19e5
FEATURE: Allow customization of robots.txt (#7884)
* FEATURE: Allow customization of robots.txt

This allows admins to customize/override the content of the robots.txt
file at /admin/customize/robots. That page is not linked to anywhere in
the UI -- admins have to manually type the URL to access that page.

* use Ember.computed.not

* Jeff feedback

* Feedback

* Remove unused import
2019-07-15 20:47:44 +03:00
Penar Musaraj
90e0f1b378 UX: rearrange controls in edit modals
Allows users to see the controls even after scrolling contents of edit modal.
2019-07-15 13:44:44 -04:00
Rafael dos Santos Silva
1221d34284
FEATURE: Make Discourse work offline with WorkboxJS (#7870) 2019-07-15 13:05:55 -03:00
Vinoth Kannan
839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
Guo Xiang Tan
4b0cf7f6dd SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:55:50 +08:00
Bianca Nenciu
c4d1833588 FIX: Do not show bootbox if post has no replies. (#7866)
When we delete a post that has replies, we show a modal asking if the user wants to delete the post, the post and its direct replies or the post and all its replies.

If replies are deleted before a post, that modal would ask the user if they want to delete the post and 0 replies.

That commit ensure we skip the modal and directly delete the post in this case.
2019-07-12 11:42:57 +02:00
Gerhard Schlager
4a095b286b Follow-up for 9a11a8b3 to fix qunit tests 2019-07-11 23:56:22 +02:00
Gerhard Schlager
9a11a8b33b FEATURE: Site setting for typographic quotation marks
Adds locale defaults for German and French
2019-07-11 23:19:28 +02:00
Arpit Jalan
e0562a8172 UX: update placeholder for Tags Groups 2019-07-11 12:34:11 +05:30
Kris
aa7181820c UX: Add title attribute and aria-label to PM icon link 2019-07-10 23:05:57 -04:00
Kris
bdaf07adcf Hide empty anchor tag from screen readers 2019-07-10 22:39:25 -04:00
Kris
1983f0d06e Don't load PM icon in title unless topic is a PM 2019-07-10 22:38:32 -04:00
Kris
b848bd4ddc True should be a string to display properly in aria-haspopup 2019-07-10 22:02:21 -04:00
Joffrey JAFFEUX
bd35a8f334
FIX: ensures spinner is showing on tags/show when loading more (#7876)
Context: https://meta.discourse.org/t/issue-while-scrolling-down-after-selecting-a-tag-on-the-home-page/122542
2019-07-10 21:37:31 +02:00
Joffrey JAFFEUX
142344e45d
FIX: ensures routing with hash doesn't stuck history (#7872)
* FIX: ensures routin with hash doesnt stuck history

Original issue: https://meta.discourse.org/t/hash-anchor-in-url-prevents-further-url-updates/122068/4

Basically when the path has a hash, state would be null, and nothing would happen.

* Update app/assets/javascripts/discourse/lib/discourse-location.js.es6

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-10 20:43:03 +02:00
romanrizzi
f89bd55576 Revert "FEATURE: admin/user exports are compressed using the zip format (#7784)"
This reverts commit 8b2580e20f.
2019-07-10 11:38:51 -03:00
Dan Ungureanu
90fcdad3cd UX: Discard selected post if it is not in viewport. (#7869)
This way, users can combine keyboard shortcuts with mouse scrolling.
2019-07-10 10:22:09 -04:00
Roman Rizzi
8b2580e20f
FEATURE: admin/user exports are compressed using the zip format (#7784)
* FEATURE: admin/user exports are compressed using the zip format

* Update translations. Theme exporter now exports .zip file. Theme importer supports .zip and .gz files

* Fix controller test, updated locale and skip saving the csv export to disk
2019-07-10 11:13:03 -03:00
Robin Ward
629bb8adf2 SECURITY: XSS with title selector on preferences page
Note this is very low severity as the group needs to be created with a
default title that contains HTML, and group creation is restricted to
staff members right now.
2019-07-09 15:49:24 -04:00
Dan Ungureanu
9f5cfa192e
FEATURE: Allow Markdown in post notices. (#7864) 2019-07-09 14:42:02 +03:00
Penar Musaraj
f4dc6de9f1 FIX: Clear theme editor content on switching tabs
Issue happens when sending a null value to ACE Editor.
Fixed by sending an empty string to ACE instead of null.
2019-07-08 20:06:56 -04:00
Penar Musaraj
7b0517895e FEATURE: Add "Group owners" to posting options for groups
Context: https://meta.discourse.org/t/121589

This new setting option lets group owners message/mention large groups
without granting that privilege to all members.
2019-07-08 17:14:11 -04:00
Penar Musaraj
b690fc3d98
FEATURE: Add new group visibility option for "logged on users" (#7814)
Groups can now be marked as visible to "logged on users". All automatic groups (except `everyone`) are now visible to "logged on users", previously they were marked as public but suppressed in the group page for non-staff.
2019-07-08 15:09:50 -04:00
Robin Ward
de6edf9e4e FIX: Back button would go to previous topic instead of list
See related topic:
https://meta.discourse.org/t/back-button-history-not-properly-working/122183

The issue here is the transition was not completing properly which meant
if you backed out of a topic quickly and entered a new one, hitting back
in the second topic would sometimes take you to the previous one instead
of back to the topic list.
2019-07-05 15:53:14 -04:00
Arpit Jalan
bd084b2147 FIX: do not show invite button if local logins are disabled 2019-07-05 15:16:20 +05:30
Joffrey JAFFEUX
f140c4d499
FIX: ensures routing to / with query string works (#7859) 2019-07-05 09:40:19 +02:00
Vinoth Kannan
1bb258ab49 DEV: use upload short-url in html to markdown conversion if 'base62-sha1' data attr available. 2019-07-05 10:06:41 +05:30
Penar Musaraj
c78634284c UI: when in a different topic context, allow dismissing draft without destroying it
This changes the label and behaviour of the "No, keep" button in the confirmation modal when user cancels a draft while on a different topic. The new button label is "No, save draft", and when clicked, the composer will be dismissed without destroying the draft.
2019-07-04 11:45:57 -04:00
Mario Santos
c5625b70f1 FIX: Prevent emoji-picker from not showing (#7856)
If an external plugin inserts an element with class "emoji-picker", something probable if they extend EmojiPicker, it could cause troubles as css is added depending on the emoji-picker height. Just by adding a class of a parent <div> as could be d-editor, we prevent this from happening.
2019-07-04 11:46:21 +02:00
Gerhard Schlager
a5e80079d6 FEATURE: Add Belarusian language 2019-07-04 11:37:37 +02:00
Joffrey JAFFEUX
71bf9ec1b2
FEATURE: opt-in guidance on topics for users without access (#7852)
Co-Authored-By: majakomel <maja.komel@gmail.com>
Co-Authored-By: Robin Ward <robin.ward@gmail.com>
2019-07-04 10:12:39 +02:00
David Taylor
5fdf228db6
FIX: Respect the full_screen_login parameter from plugin auth providers (#7855)
This behavior was regressed in 427979e7e5
2019-07-04 09:06:29 +01:00
Bianca Nenciu
459932f4e2 FIX: Use title attribute for notification items. (#7840) 2019-07-03 10:48:13 -04:00
romanrizzi
9ca1bbe900 Revert "FIX: remove misplaced save button"
This reverts commit 4f468ef210.
2019-07-03 10:56:08 -03:00
Joffrey JAFFEUX
f9f1df7611
DEV: prevents reports key to be time dependant when testing (#7850) 2019-07-03 15:43:01 +02:00
romanrizzi
4f468ef210 FIX: remove misplaced save button 2019-07-03 10:39:01 -03:00
Bianca Nenciu
bfdf740a05 FIX: Show 'Export' button for all tabular reports. (#7838) 2019-07-03 14:47:36 +02:00
Osama Sayegh
3d64532273 FEATURE: allow disabling theme components (#7812)
This allows you to temporarily disable components without having to remove them from a theme. 

This feature is very handy when doing quick fix engineering.
2019-07-03 18:18:11 +10:00
Joffrey JAFFEUX
ecf0215ee7
DEV: resets page tracking state between tests (#7847) 2019-07-03 10:08:05 +02:00
Joffrey JAFFEUX
0733ed3a2b
FIX: ensures /t/TOPIC_ID/POST_NUMBER is correctly routing (#7841) 2019-07-03 09:23:23 +02:00
Penar Musaraj
6e3e0685fb DEV: add useBlockMode option for toolbar button text selection
Allows buttons to switch selection to block mode if needed.
2019-07-02 18:02:40 -04:00
Rafael dos Santos Silva
c422520b4a FEATURE: Add CSS classes to associated accounts rows 2019-07-02 16:56:15 -03:00
Joffrey JAFFEUX
72441e2c7c
FIX: page starts at 1 (#7844) 2019-07-02 17:26:23 +02:00
romanrizzi
8404921b91 FIX: Remove misplaced outlet 2019-07-02 11:26:40 -03:00
Arpit Jalan
ccb3ba509d
FIX: creating new badge is failing on empty SQL query (#7837) 2019-07-02 15:12:53 +05:30
Penar Musaraj
fca2f0f212 FIX: Only show remove timer button to users with permission to do so 2019-07-01 22:17:02 -04:00
Osama Sayegh
f1c67729de Different fix (#7815) 2019-07-02 11:53:16 +10:00
Sam Saffron
4dcc5f16f1 FEATURE: when under extreme load disable search
The global setting disable_search_queue_threshold
(DISCOURSE_DISABLE_SEARCH_QUEUE_THRESHOLD) which default to 1 second was
added.

This protection ensures that when the application is unable to keep up with
requests it will simply turn off search till it is not backed up.

To disable this protection set this to 0.
2019-07-02 11:22:01 +10:00
Arpit Jalan
f56d86a852 FIX: use normal title instead of fancy title for prefilled composer 2019-07-01 17:55:24 +05:30
Joffrey JAFFEUX
7b52a110b8
DEV: removes DOMTokenList polyfill (#7831)
Creates more issues than it solves especially on IOS, I dont trust it anymore. Will reconsider if this is an issue in the future.
2019-07-01 14:08:38 +02:00
Arpit Jalan
997250586c FEATURE: prefill title for direct messages from topic
https://meta.discourse.org/t/default-re-title-title-for-direct-messages-from-topic/121413
2019-07-01 17:14:08 +05:30
Joffrey JAFFEUX
af58049eeb
UX: puts tags and categories on same line in search-menu-results (#7830) 2019-07-01 13:11:43 +02:00
Joffrey JAFFEUX
384f5cea05
FIX: ensures static pages are using absolute path (#7828) 2019-07-01 11:25:45 +02:00
Joffrey JAFFEUX
11ae5c78db
FEATURE: adds infite scroll on admin users list page (#7821) 2019-07-01 11:00:06 +02:00
Bianca Nenciu
4f97f85178 DEV: Fix lint. (#7824) 2019-06-28 20:24:09 +02:00
Joffrey JAFFEUX
5bab4f8007
UX: gives each info its own line in search-menu-results (#7825) 2019-06-28 11:14:38 +02:00
Joffrey JAFFEUX
61438c825a
fix prettier (#7823) 2019-06-28 09:36:38 +02:00
Bianca Nenciu
b2eb0f4ad6 FEATURE: Export any type of report supporting table mode. (#7662) 2019-06-28 08:50:31 +02:00
Kris
82f2af8a0d UX: Move link to show tracked topics, simplify translation 2019-06-27 21:36:24 -04:00
Ralph Rooding
4ba35472e6 Don't check for second factor when switching to anonymous account (#7803) 2019-06-27 15:01:26 -07:00
Joffrey JAFFEUX
a61147d838
FEATURE: displays tags in search menu results when enabled (#7819) 2019-06-27 19:26:14 +02:00
Robin Ward
ed936bcb01 FIX: Fix a navigation bug
To reproduce:

1. Visit a url in a new tab such as `/latest?order=views`

2. Click a topic link

3. Click the back button

Before this patch, you would not be sent back to the latest list.

Now, I am somewhat hesitant to delete code like this, but the [original
commit](b2b7f4d905)
explains a situation that I cannot reproduce with the code missing.

I cannot seem to keep the filters as sticky even if I try. At the very
least this is better to commit right now than the currently known broken
situation.
2019-06-27 09:06:10 -04:00
Sam Saffron
5bc5c02af6 FIX: mark topics in sub categories as unread when dismissing parent
Previously we would only dismiss the parent category and leave the
child categories unread
2019-06-27 13:26:48 +10:00
Jeff Wong
88ef5e55fe
FEATURE: add ability to have multiple totp factors (#7626)
Adds a second factor landing page that centralizes a user's second factor configuration.

This contains both TOTP and Backup, and also allows multiple TOTP tokens to be registered and organized by a name. Access to this page is authenticated via password, and cached for 30 minutes via a secure session.
2019-06-26 16:58:06 -07:00
Joffrey JAFFEUX
c63268467e
DEV: prettier 1.18.2 (#7810) 2019-06-26 17:09:52 +02:00
Penar Musaraj
76307611dc
UX: new inline button to remove a topic timer (#7790) 2019-06-26 11:08:53 -04:00
Gerhard Schlager
13f38055ac SECURITY: XSS in routes
Co-authored-by: Guo Xiang Tan <tgx_world@hotmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2019-06-26 16:34:15 +02:00
Joffrey JAFFEUX
56b76f31dc
fix prettier linting (#7809) 2019-06-26 15:26:02 +02:00
Daniel Waterworth
65a6e2c860 Change Widget#attach signature
Take a fallback option instead of a list of names
2019-06-26 09:01:25 -04:00
Daniel Waterworth
37b8f5d989 Use dasherize instead of replace 2019-06-26 09:01:25 -04:00
Daniel Waterworth
d025e188e8 Make the linter happy 2019-06-26 09:01:25 -04:00
Daniel Waterworth
70e27641eb Pass data to description to prevent duplication 2019-06-26 09:01:25 -04:00
Daniel Waterworth
8c349101c5 Pass data to text method to prevent duplication 2019-06-26 09:01:25 -04:00
Daniel Waterworth
86d5208b31 Pass data to url method to avoid duplication 2019-06-26 09:01:25 -04:00
Daniel Waterworth
ac6f7b3625 Remove notificationType argument from text 2019-06-26 09:01:25 -04:00
Daniel Waterworth
a3254b8446 Pull invitee accepted notification behaviour into its own class 2019-06-26 09:01:25 -04:00
Daniel Waterworth
7c52ba1431 Pull liked consolidated notification behaviour into its own class 2019-06-26 09:01:25 -04:00
Daniel Waterworth
42143a874e Pull custom notification behaviour into its own class 2019-06-26 09:01:25 -04:00
Daniel Waterworth
305562bf66 Pull title logic into its own method 2019-06-26 09:01:25 -04:00
Daniel Waterworth
d83147d137 Rename "title" variable to more apt "description" 2019-06-26 09:01:25 -04:00
Daniel Waterworth
02deaa4bc6 Pull icon choosing into its own method 2019-06-26 09:01:25 -04:00
Daniel Waterworth
36d7abed0b Pull group message summary behaviour into its own class 2019-06-26 09:01:25 -04:00
Daniel Waterworth
396e13aaa7 Pull liked notification behaviour in its own class 2019-06-26 09:01:25 -04:00
Daniel Waterworth
bd062fcbef Export DefaultNotificationItem 2019-06-26 09:01:25 -04:00
Daniel Waterworth
04a75b1cb3 Change the way notification items are created
Look for the specialised version first, before falling back to the
default. This allows the behaviour to be customised based on the type of
notification.
2019-06-26 09:01:25 -04:00
Daniel Waterworth
cdf0cd3ecd createWidgetFrom creates a new widget with an arbitrary base class 2019-06-26 09:01:25 -04:00
Daniel Waterworth
01a7fd4225 Make attach optionally take a list of widget names to try 2019-06-26 09:01:25 -04:00
Daniel Waterworth
41129f933d Rename notification-item to default-notification-item 2019-06-26 09:01:25 -04:00
Daniel Waterworth
7e70db3fb7 s/notName/notificationName/g 2019-06-26 09:01:25 -04:00