github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 16:41:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
39,210 Commits 190 Branches 500 Tags 938 MiB
40d5739a80
Commit Graph

23287 Commits

Author SHA1 Message Date
Martin Brennan
40d5739a80
DEV: Review fixes for bookmark-list (#10642) 
Make removeBookmark return a promise and do not use setProperties for no reason.

More context at https://review.discourse.org/t/fix-add-bookmark-list-component-10451/14450/3
 2020-09-10 15:01:53 +10:00
Guo Xiang Tan
521782fc9c
FIX: Search checkboxes incorrectly being checked on similar prefix. 
Incorrect search filters like `in:personalasd` will end up checking the
checkbox for `in:personal` because the regexp used was only doing prefix
matching.
 2020-09-10 11:49:52 +08:00
Martin Brennan
7f2f87bf59
DEV: Review fixes (#10641) 
See comments in https://review.discourse.org/t/dev-imap-log-to-database-10435/14337/6 for context.
 2020-09-10 13:41:46 +10:00
Martin Brennan
dede942007
FEATURE: Allow email image embed with secure media (#10563) 
This PR introduces a few important changes to secure media redaction in emails. First of all, two new site settings have been introduced:

* `secure_media_allow_embed_images_in_emails`: If enabled we will embed secure images in emails instead of redacting them.
* `secure_media_max_email_embed_image_size_kb`: The cap to the size of the secure image we will embed, defaulting to 1mb, so the email does not become too big. Max is 10mb. Works in tandem with `email_total_attachment_size_limit_kb`.

`Email::Sender` will now attach images to the email based on these settings. The sender will also call `inline_secure_images` in `Email::Styles` after secure media is redacted and attachments are added to replace redaction messages with attached images. I went with attachment and `cid` URLs because base64 image support is _still_ flaky in email clients.

All redaction of secure media is now handled in `Email::Styles` and calls out to `PrettyText.strip_secure_media` to do the actual stripping and replacing with placeholders. `app/mailers/group_smtp_mailer.rb` and `app/mailers/user_notifications.rb` no longer do any stripping because they are earlier in the pipeline than `Email::Styles`.

Finally the redaction notice has been restyled and includes a link to the media that the user can click, which will show it to them if they have the necessary permissions.

![image](https://user-images.githubusercontent.com/920448/92341012-b9a2c380-f0ff-11ea-860e-b376b4528357.png)
 2020-09-10 09:50:16 +10:00
Ahmed Gagan
097f06b4fa
DEV: Add plugin api for adding to search-advanced-options dropdowns (#10606) 2020-09-09 15:17:39 +01:00
Joffrey JAFFEUX
38c934e1e1
UX: prevents auto capitalize/correct in the emoji picker (#10636) 2020-09-09 15:43:18 +02:00
Guo Xiang Tan
4994b0ed34
PERF: Remove an unncessary query when check for dark mode. 2020-09-09 15:18:52 +08:00
Guo Xiang Tan
fb7bbae3f4
PERF: Memoize calls to ApplicationHelper#scheme_id. 
The same query was executed 4 times per full page load.
 2020-09-09 15:15:15 +08:00
Guo Xiang Tan
9b75d95fc6 PERF: Keep track of first unread PM and first unread group PM for user. 
This optimization helps to filter away topics so that the joins on
related tables when querying for unread messages is not expensive.
 2020-09-09 14:05:41 +08:00
Robin Ward
4dd07843c6 FIX: We have changed the way __widget_helpers are resolved 2020-09-08 12:10:59 -04:00
Joffrey JAFFEUX
8413d27cf2
FIX: handles different cases of canInvite/canRemove states in PM (#10607) 2020-09-08 16:35:59 +02:00
dependabot[bot]
d21119ee4f Build(deps): Bump lodash in /app/assets/javascripts/pretty-text 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-08 10:25:45 -04:00
dependabot[bot]
00e2339e82 Build(deps): Bump lodash in /app/assets/javascripts/discourse-common 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.20.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.20)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-09-08 10:25:31 -04:00
Joffrey JAFFEUX
02495510e8
FIX: workaround constructor name not available after transpilation (#10623) 
This is only reproducible en production build. In this case, constructor.name could be any value like "i" for example.
 2020-09-08 10:14:41 +02:00
Guo Xiang Tan
b0f22f2523
SECURITY: Remove indication that a group exists if user can't see it. 
Minor security fix but we should not leak any hints that a group exists
even if a user does not have access to the group.
 2020-09-08 10:53:48 +08:00
Guo Xiang Tan
5ed84d9885
SECURITY: Don't allow moderators to list PMs of all groups. 
* Also return 404 when a user is trying to list PMs of a group that
cannot be accessed by the user.
 2020-09-08 10:37:00 +08:00
Joffrey JAFFEUX
0b8e7d88fe
FIX: wraps popper call in afterRender and uses createPopper (#10621) 
Before this fix, popper was sometimes not applied.
 2020-09-07 13:33:52 +02:00
dependabot[bot]
27751ca69f
Build(deps): Bump websocket-extensions (#10617) 
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:02:38 +02:00
dependabot[bot]
b191ea4f59
Build(deps): Bump websocket-extensions (#10615) 
Bumps [websocket-extensions](https://github.com/faye/websocket-extensions-node) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/faye/websocket-extensions-node/releases)
- [Changelog](https://github.com/faye/websocket-extensions-node/blob/master/CHANGELOG.md)
- [Commits](https://github.com/faye/websocket-extensions-node/compare/0.1.3...0.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:02:27 +02:00
dependabot[bot]
2cb0f013cc
Build(deps): Bump elliptic in /app/assets/javascripts/pretty-text (#10611) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:02:09 +02:00
dependabot[bot]
6bff8636e2
Build(deps): Bump elliptic in /app/assets/javascripts/discourse-common (#10612) 
Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.2 to 6.5.3.
- [Release notes](https://github.com/indutny/elliptic/releases)
- [Commits](https://github.com/indutny/elliptic/compare/v6.5.2...v6.5.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:01:37 +02:00
dependabot[bot]
9b187b7e11
Build(deps): Bump http-proxy in /app/assets/javascripts/discourse-common (#10613) 
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:00:25 +02:00
dependabot[bot]
c119c07fa4
Build(deps): Bump http-proxy in /app/assets/javascripts/pretty-text (#10614) 
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 12:00:10 +02:00
awesomerobot
13c9d7e704 UX: Add missing labels to mobile composer buttons 2020-09-04 22:18:29 -04:00
Robin Ward
da918ac43e FIX: Allow us to call script_asset_url in controllers 
Without this patch fingerprinting was not applied in production.
 2020-09-04 15:23:01 -04:00
Robin Ward
0f9a58e06f FEATURE: Add stylesheets to bootstrap.json endpoint 
This allows API consumers (such as Ember CLI) to dynamically get a list
of styles to embed.
 2020-09-04 14:12:49 -04:00
Joffrey JAFFEUX
c5b8a47901
FIX: ensures we don't attempt to concat an empty list (#10600) 2020-09-04 19:08:07 +02:00
Bianca Nenciu
d4471e0316
FIX: Preload bold fonts in wizard 
The bold fonts are used in previews for topic title.
 2020-09-04 19:23:46 +03:00
Joffrey JAFFEUX
ed05839dfc
FIX: prevents error when opening a composer from a tag page (#10596) 2020-09-04 15:47:22 +02:00
Bianca Nenciu
58b97ace23
DEV: Use a special import to declare font faces (#10583) 
Update discourse-fonts to v0.0.3.

Follow-up to 7b7357147e.
 2020-09-04 16:25:50 +03:00
Joffrey JAFFEUX
52672b9eab
DEV: apply new coding standards (#10592) 2020-09-04 13:42:47 +02:00
awesomerobot
e4ebc303bb FEATURE: Add below-static plugin outlet 2020-09-03 22:58:58 -04:00
Vinoth Kannan
ea423b471a FIX: make crawler linkback list compatible with google schema guidelines. 2020-09-04 04:35:32 +05:30
Robin Ward
8c0f18794e FEATURE: Deprecate lodash so we can remove it. 
It's currently 240k of Javascript we don't need anymore. It's been
replaced by ES6 and a couple helper functions.
 2020-09-03 10:03:33 -04:00
Robin Ward
3a46e44ed8 Rename merge to deepMerge so it's more clear what it's doing 2020-09-03 10:03:33 -04:00
Robin Ward
f365d4639a REFACTOR: Remove _.isEqual 2020-09-03 10:03:33 -04:00
Robin Ward
c4079780be REFACTOR: Remove _.merge 2020-09-03 10:03:33 -04:00
Robin Ward
720cd57fb5 FIX: Convert jQuery array to JS array 2020-09-03 10:03:33 -04:00
Robin Ward
5e5d5b4f35 REFACTOR: Remove _.last 2020-09-03 10:03:33 -04:00
Robin Ward
0da953b40e REFACTOR: Remove _.compact 2020-09-03 10:03:33 -04:00
Robin Ward
c2cfa62000 REFACTOR: Remove _.intersection 2020-09-03 10:03:33 -04:00
Robin Ward
0b098566ff REFACTOR: Remove _.union 2020-09-03 10:03:33 -04:00
Robin Ward
e60d06d880 REFACTOR: Remove _.isString 2020-09-03 10:03:33 -04:00
Robin Ward
b4444070b3 REFACTOR: Remove _.groupBy 2020-09-03 10:03:33 -04:00
Robin Ward
1265a5f7c0 REFACTOR: Remove _.max 2020-09-03 10:03:33 -04:00
Robin Ward
d06deb0c4f REFACTOR: Remove _.chain 2020-09-03 10:03:33 -04:00
Robin Ward
71ddcefffa REFACTOR: Remove _.filter 2020-09-03 10:03:33 -04:00
Robin Ward
87b3caf927 REFACTOR: Remove _.reject 2020-09-03 10:03:33 -04:00
Robin Ward
2a4dfa83b0 REFACTOR: Remove _.omit 2020-09-03 10:03:33 -04:00
Robin Ward
17bca14c4b REFACTOR: Remove _.sortBy 2020-09-03 10:03:33 -04:00