Commit Graph

29067 Commits

Author SHA1 Message Date
Régis Hanol
37609897e8
FEATURE: log manual bounce reset (#20758)
DEV: rename the route "/admin/users/:id/reset_bounce_score" to use dashes instead of underscores
2023-03-21 15:26:26 +01:00
Krzysztof Kotlarek
1859025228
FIX: my links in sidebar section (#20754)
Links like `/my/preferences` were invalid in custom section. The reason is that `/my` links are just redirects from backend, and they are not recognized as valid Ember paths.

https://github.com/discourse/discourse/blob/main/config/routes.rb#L433

Therefore, regex match allowlist was added - similar to backend check:

https://github.com/discourse/discourse/blob/main/app/controllers/users_controller.rb#L471

/safe-mode is same case
2023-03-21 15:58:42 +11:00
Penar Musaraj
ae939f4111
UX: Fix menu panel padding on non-safe-area contexts (#20746)
Followup to 32ad46c. Only picks the `safe-area-inset-bottom` if it is
greater than the default padding value for the element.
2023-03-20 21:46:13 -04:00
Krzysztof Kotlarek
db74e9484b
FEATURE: ability to reorder links in custom sidebar sections (#20626)
Drag and drop to reorder custom sidebar sections
2023-03-21 12:23:28 +11:00
David Taylor
d5c7b9f8df
FIX: Badge granting recursion error (#20750)
Moving the `grantBadge` action out of the actions hash caused it to clash with a method of the same name from the GrantBadgeController mixin. This commit renames the action.
2023-03-20 21:07:21 +00:00
Joffrey JAFFEUX
c37dd63ac3
DEV: fixes linting (#20748)
Followup to 54eaae4326
2023-03-20 20:59:27 +00:00
Dominik Schlipper
54eaae4326
FIX: replace unitless 0 in CSS calc() with '0px' (#20689)
Using the unitless number 0 in CSS calc() functions is recognized as invalid (tested in Chrome 110 & Firefox 111).
In this code, this would disable the style definition for the 'height' property when one of the custom properties is undefined and the fallback '0' is used.
For more insight on this topic. see https://stackoverflow.com/questions/55406001/why-doesnt-css-calc-work-when-using-0-inside-the-equation
2023-03-20 16:06:49 -04:00
Blake Erickson
62e7c72126
DEV: Generate video thumbnails from the File object instead of the DOM (#20696)
In order to avoid built in browser CORS issues and sites that are using
CDNs this change allows us to generate thumbnail images from videos
directly from the File uploaded instead of reading the already uploaded
file via the `video` tag.

Follow-up to: f144c64e13
2023-03-20 13:40:14 -06:00
Penar Musaraj
5b0d300b8a
DEV: Set containing block for Popper dropdowns (#20745)
Popper dropdowns used `position: fixed` or `position: absolute`. But in
tables, we want the content to use auto overflow horizontally, and that
causes the dropdowns to be hidden vertically in some scenarios.

Setting a containing block on the parent container fixes both placement
and overflow issues.
2023-03-20 15:26:20 -04:00
Isaac Janzen
ca4b73d20c
FIX: Support tag query param on /tag/{name} routes (#20742) 2023-03-20 13:51:39 -05:00
Penar Musaraj
f0569db49d
UX: Some very minor WCAG scheme fixes (#20726) 2023-03-20 13:23:10 -04:00
Bianca Nenciu
fa96569ef2
FIX: Do not show user tips over composer (#20708) 2023-03-20 18:17:04 +02:00
David Taylor
4782c34dce
DEV: Move user/group cards from named outlet to component (#20718)
Named outlets are deprecated and will be removed in Ember 4.x.
2023-03-20 14:23:15 +00:00
David Taylor
597316125f
FIX: Avoid double-encoding featured topic title in user card (#20739)
a373bf2a updated the behavior of `replace-emoji` so that the input is treated as unsafe-by-default. `fancy_title` is already escaped, so we need to mark it as html-safe to avoid it being double-escaped.

There is no need to html-safe the result of replace-emoji - it's already done as part of the helper.
2023-03-20 12:47:53 +00:00
dependabot[bot]
80367b827a
Build(deps): Bump deepmerge in /app/assets/javascripts (#20732)
Bumps [deepmerge](https://github.com/TehShrike/deepmerge) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/TehShrike/deepmerge/releases)
- [Changelog](https://github.com/TehShrike/deepmerge/blob/master/changelog.md)
- [Commits](https://github.com/TehShrike/deepmerge/compare/v4.3.0...v4.3.1)

---
updated-dependencies:
- dependency-name: deepmerge
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-20 13:02:44 +01:00
dependabot[bot]
4ecd7204de
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#20680)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.21.2 to 7.21.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.3/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-20 12:32:48 +01:00
David Taylor
faf2a8ada2
FIX: Error for admin-panel incoming email logs (#20738)
Followup to 64557c4076
2023-03-20 10:49:01 +00:00
Martin Brennan
2f6987a241
DEV: Minor refactor for bookmark polymorphic changes (#20733)
Followup to 184ce647ea,
this just implements Bianca's suggestion on the original
PR and catches the NameError, which was not necessary
before as we were not actually resolving any class from
bookmarkable_type.
2023-03-20 10:19:28 +01:00
Sam
4a3c13a37b
FIX: search index failing on certain posts (#20736)
During search indexing we "stuff" the index with additional keywords for
entities that look like domain names.

This allows searches for `cnn` to find URLs for `www.cnn.com`

The search stuffing attempted to keep indexes aligned at the correct positions
by remapping the indexed terms. However under certain edge cases a single
word can stem into 2 different lexemes. If this happened we had an off by
one which caused the entire indexing to fail.

We work around this edge case (and carry incorrect index positions) for cases
like this. It is unlikely to impact search quality at all given index position
makes almost no difference in the search algorithm.
2023-03-20 15:43:08 +11:00
Joffrey JAFFEUX
184ce647ea
FIX: correctly infer polymorphic class from bookmarkable type (#20719)
Prior to this change `registered_bookmarkable` would return `nil` as  `type` in `Bookmark.registered_bookmarkable_from_type(type)` would be `ChatMessage` and we registered a `Chat::Message` class.

This commit will now properly rely on each model `polymorphic_class_for(name)` to help us infer the proper type from a a `bookmarkable_type`.

Tests have also been added to ensure that creating/destroying chat message bookmarks is working correctly.

---

Longer explanation

Currently when you save a bookmark in the database, it's associated to another object through a polymorphic relationship, which will is represented by two columns: `bookmarkable_id` and `bookmarkable_type`. The `bookmarkable_id` contains the id of the relationship (a post ID for example) and the `bookmarkable_type` contains the type of the object as a string by default, (`"Post"` for example).

Chat plugin just started namespacing objects, as a result a model named `ChatMessage` is now named `Chat::Message`, to avoid complex and risky migrations we rely on methods provided by rails to alter the `bookmarkable_type` when we save it: we want to still save it as `"ChatMessage"` and not `"Chat::Message"`. And, to retrieve the correct model when we load the bookmark from the database: we want `"ChatMessage"` to load the `Chat::Message` model and not the `ChatMessage`model which doesn't exist anymore.

On top of this the bookmark codepath is allowing plugins to register types and will check against these types, so we alter this code path to be able to do a similar ChatMessage <-> Chat::Message dance and allow to check the type is valid. In the specific case of this commit, we were retrieving a `"ChatMessage"` bookmarkable_type from the DB and looking for it in the registered bookmarkable types which contain `Chat::Message` and not `ChatMessage`.
2023-03-17 17:20:24 +01:00
TheJammiestDodger
f57ba758ce
UX: Update Install Popular items and links (#20688)
* UX: Update 'Install Popular' items and links

* Update popular-themes.js

* Update popular-themes.js

* Update popular-themes.js

* Lint

---------

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-03-17 16:05:36 +00:00
Joffrey JAFFEUX
12a18d4d55
DEV: properly namespace chat (#20690)
This commit main goal was to comply with Zeitwerk and properly rely on autoloading. To achieve this, most resources have been namespaced under the `Chat` module.

- Given all models are now namespaced with `Chat::` and would change the stored types in DB when using polymorphism or STI (single table inheritance), this commit uses various Rails methods to ensure proper class is loaded and the stored name in DB is unchanged, eg: `Chat::Message` model will be stored as `"ChatMessage"`, and `"ChatMessage"` will correctly load `Chat::Message` model.
- Jobs are now using constants only, eg: `Jobs::Chat::Foo` and should only be enqueued this way

Notes:
- This commit also used this opportunity to limit the number of registered css files in plugin.rb
- `discourse_dev` support has been removed within this commit and will be reintroduced later

<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in JavaScript). If your code does not include test coverage, please include an explanation of why it was omitted. -->
2023-03-17 14:24:38 +01:00
David Taylor
74349e17c9
DEV: Migrate remaining admin classes to native syntax (#20717)
This commit was generated using the ember-native-class-codemod along with a handful of manual updates
2023-03-17 12:25:05 +00:00
David Taylor
1161c980f2
DEV: Resolve and unsilence ember.built-in-components deprecation (#20716)
- Install `@ember/legacy-built-in-components` and update our import statements to use it
- Remove our custom attributeBinding extensions of `TextField` and `TextArea`. Modern ember 'angle bracket syntax' allows us to apply html attributes to a component's element without needing attributeBindings
2023-03-17 11:55:29 +00:00
David Taylor
5e5024d3e7
DEV: Resolve and unsilence ember-global deprecation (#20702)
One of the problems here was coming from the ember-jquery addon. This commit skips the problematic shim from the addon and re-implements in Discourse. This hack will only be required short-term - we'll be totally dropping the ember-jquery integration as part of our upgrade to Ember 4.x.

Removing this shim means we can also remove our `discourse-ensure-deprecation-order` dummy addon which was ensuring that the ember-jquery-triggered deprecation was covered by ember-cli-deprecation-workflow.
2023-03-17 11:22:12 +00:00
David Taylor
64557c4076
DEV: Update admin models to native class syntax (#20704)
This commit was generated using the ember-native-class-codemod along with a handful of manual updates
2023-03-17 10:18:42 +00:00
David Taylor
303f97ce89
PERF: Use native postgres upsert for ApplicationRequest (#20706)
Using `create_or_find_by!`, followed by `update_all!` requires two or three queries (two when the row doesn't already exist, three when it does). Instead, we can use postgres's native `INSERT ... ON CONFLICT ... DO UPDATE SET` feature to do the logic in a single atomic call.
2023-03-17 09:35:29 +00:00
Penar Musaraj
32ad46c551
UX: Adjust menu panels on iOS (#20703) 2023-03-16 19:23:15 -04:00
Blake Erickson
a373bf2a01 SECURITY: XSS on chat excerpts
Non-markdown tags weren't being escaped in chat excerpts. This could be
triggered by editing a chat message containing a tag (self XSS), or by
replying to a chat message with a tag (XSS).

Co-authored-by: Jan Cernik <jancernik12@gmail.com>
2023-03-16 15:27:09 -06:00
Blake Erickson
d89b537d8f SECURITY: Fix XSS in full name composer reply
We are using htmlSafe when rendering the name field so we need to escape
any html being passed in.
2023-03-16 15:27:09 -06:00
Penar Musaraj
c213cc7211
DEV: Fix tag route fixture param (#20693)
This tag route is /tag/important/l/latest.json so the tag name should also be important.
2023-03-16 11:27:04 -04:00
Loïc Guitaut
0bd64788d2 SECURITY: Rate limit the creation of backups 2023-03-16 16:09:22 +01:00
David Taylor
9d1423b5aa
DEV: Drop impossible conditional from admin-logs-staff-action-logs (#20687)
`Object.keys(filters)` will never return 0
2023-03-16 12:27:27 +00:00
David Taylor
c190994046
DEV: Update admin modal controllers to native class syntax (#20685)
This commit was generated using the ember-native-class-codemod along with a handful of manual updates
2023-03-15 17:39:33 +00:00
dependabot[bot]
62bbdd25ab
Build(deps): Bump @babel/core in /app/assets/javascripts (#20681)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.21.0 to 7.21.3.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.21.3/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-15 14:29:16 +01:00
dependabot[bot]
2ea6675671
Build(deps): Bump sass from 1.59.2 to 1.59.3 in /app/assets/javascripts (#20682)
Bumps [sass](https://github.com/sass/dart-sass) from 1.59.2 to 1.59.3.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.59.2...1.59.3)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-15 14:27:17 +01:00
David Taylor
e700f0af93
DEV: Update admin routes to native class syntax (#20686) 2023-03-15 13:17:51 +00:00
David Taylor
be354e7950
DEV: Update admin controllers to native class syntax (#20674)
This commit was generated using the ember-native-class-codemod along with a handful of manual updates
2023-03-15 09:42:12 +00:00
Daniel Waterworth
84f590ab83
DEV: Store theme sprites in the DB (#20501)
Let's avoid fetching sprites from the CDN during page rendering.
2023-03-14 13:11:45 -05:00
Isaac Janzen
dfd6d6b999
FIX: Latest post created_at on topic-timeline not updating (#20665)
# Context
https://meta.discourse.org/t/timeline-timestamp-not-updating/256447/1

During the upgrade of the topic-timeline to glimmer the "latest post" timestamp was not updating on the timeline in relation to the relative age of the post. It was only updating on a hard refresh.

# Fix
Use the `age-with-tooltip` helper to update the created_at date automatically as time passes.

# Additional
Add the ability to pass params to `age-with-tooltip` so that we can include options like `addAgo` and `defaultFormat`
2023-03-14 11:08:23 -05:00
Kris
22a7818399
FIX: update LoadMore selector for user tables (#20676) 2023-03-14 11:10:51 -04:00
Penar Musaraj
a208ed0925
UX: Improve menu panel height fallback for older browsers (#20673)
Tested with Chrome <100, Firefox <100 and Samsung Internet 20, using
percentage-based height here works better for these browsers.

This was especially a problem for the Samsung Internet browser, because
it previously was hiding the "Dismiss" button on the user profile menu.
2023-03-14 10:41:38 -04:00
David Taylor
b5721b7b4f
FIX: default_list_filter = none navigation and preloading (#20641)
When a category has default_list_filter=none, there were a number of issues which this commit resolves:

1. When using the breadcrumbs to navigate a `default_list_filter=none` category, adding a tag filter would not apply the no-subcategories filter, but the subcategories dropdown would still say 'none'. This commit adjusts `getCategoryAndTagUrl` so that `/none` is added to the URL

2. When landing on `/tags/c/{slug}/{id}/{tag}`, for a default_list_filter=none category, it would include subcategories. This commit introduces a client-side redirect to match the behavior of `/c/{slug}/{id}`

3. When directly navigating to `/c/{slug}/{id}`, it was correctly redirecting to `/c/{slug}/{id}/none`, BUT it was still using the preloaded data for the old route. This has been happening since e7a84948. Prior to that, the preloaded data was discarded and a new JSON request was made to the server. This commit restores that discarding behavior. In future we may want to look into making this more efficient.

System specs are introduced to provide end-end testing of this functionality
2023-03-14 10:46:05 +00:00
Loïc Guitaut
8a8f2758d5 DEV: Refactor Jobs::UserEmail a little 2023-03-14 09:23:06 +01:00
Isaac Janzen
ab442058c0
FIX: Broken topic-timeline summarize topic button (#20661)
# Context
During the octane upgrade of the Topic Timeline the `summarize-topic` button was neglected, leaving it in a broken state. 

# Fix
Update the button to replicate the original functionality


<img width="351" alt="Screenshot 2023-03-13 at 12 41 25 PM" src="https://user-images.githubusercontent.com/50783505/224785657-fc8124fe-f1d9-4cc8-917b-9cd859517da3.png">

_updated timeline with summarize button_
2023-03-13 13:12:33 -05:00
Andrei Prigorshnev
72726830b5
FIX: anonymous users cannot load topics with mentions with a user status that has an end date (#20660)
Steps to reproduce:
1. Create a post with a mention of a user that has user status with an end date
2. Try to load the topic with that post as an anonymous user

You'll see a topic with blank content.
2023-03-13 19:57:09 +04:00
David Taylor
f91af69ec4
FIX: Avatar upload error (#20658)
Followup to 4f9afabf87
2023-03-13 10:59:42 +00:00
dependabot[bot]
59e5485408
Build(deps): Bump sass from 1.58.3 to 1.59.2 in /app/assets/javascripts (#20656)
Bumps [sass](https://github.com/sass/dart-sass) from 1.58.3 to 1.59.2.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.58.3...1.59.2)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-13 11:01:41 +01:00
dependabot[bot]
05e713d098
Build(deps): Bump node-fetch from 3.3.0 to 3.3.1 in /app/assets/javascripts (#20655)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-13 08:45:43 +08:00
dependabot[bot]
b5bb41493a
Build(deps): Bump eslint from 8.35.0 to 8.36.0 in /app/assets/javascripts (#20652)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-13 08:45:24 +08:00