Commit Graph

51161 Commits

Author SHA1 Message Date
Blake Erickson
2427af4c46
DEV: Adjust site setting search limiter (#23589)
DEV: Adjust site setting search limiter

This opens up the site setting search limiter some more so that when
searching for "min length" it will contain
"min_personal_message_post_length" as one of the results, but not open
it up so much so that when searching for "digest",
"pending_users_reminder_delay_minutes" won't show up in the results
because it isn't really related.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-09-14 09:52:25 -06:00
Kris
3340852328
A11Y: avatar upload button should be focusable (#23575) 2023-09-14 09:04:17 -04:00
David Taylor
45adb22abe
DEV: Automatically retry patch-package on failure (#23583)
We are seeing occasional flakes in `patch-package`, possibly caused by https://github.com/ds300/patch-package/issues/484. This wrapper script will retry patch-package three times before giving up. Longer-term we hope to upgrade to a package manager with built-in patch support.
2023-09-14 12:25:06 +01:00
Jarek Radosz
4571197e06
DEV: Convert global-notice to a native class (#23582) 2023-09-14 12:34:30 +02:00
David Taylor
a60d7a2bc7
DEV: Modernize admin-site-text route/controller (#23581)
- Switch to `@tracked` and native getters
- Remove queryParam defaults which are awkward to work with. Instead, add `resolvedBlah` getters
- Add 'no results found' text
- Use standard 'model' key instead of a custom `setupController` method
- Remove use of `route-action`
- Remove `{{action` helper

Default queryParams in ember controllers are tricky to work with, especially when combined with the new router service. Instead, we can handle defaults ourselves
2023-09-14 11:27:09 +01:00
Canapin
040a19d4cf
UX: removes a duplicate modal footer. (#23226) 2023-09-14 10:50:11 +01:00
Jarek Radosz
5df1b1c523
DEV: Upgrade the so-called share-and-invite modal (#23574) 2023-09-14 10:50:50 +02:00
Jarek Radosz
91e456ba30
DEV: Convert emoji-store into a native class (#23572) 2023-09-14 10:32:17 +02:00
Kelv
a4238a3726
DEV: upgrade grant badge modal to glimmer (#23526)
* DEV: upgrade grant badge modal to glimmer
* DEV: add unit tests for grant badge utils
* DEV: replace grant-badge-controller mixin with grant-badge-utils in admin-user-badges controller
* DEV: remove GrantBadgeController mixin
2023-09-14 10:05:29 +08:00
dependabot[bot]
7d4c47195a
Build(deps): Bump faraday from 2.7.10 to 2.7.11 (#23554)
* Build(deps): Bump faraday from 2.7.10 to 2.7.11

Bumps [faraday](https://github.com/lostisland/faraday) from 2.7.10 to 2.7.11.
- [Release notes](https://github.com/lostisland/faraday/releases)
- [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md)
- [Commits](https://github.com/lostisland/faraday/compare/v2.7.10...v2.7.11)

---
updated-dependencies:
- dependency-name: faraday
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* add base64

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-09-14 01:33:44 +02:00
dependabot[bot]
041f522c85
Build(deps-dev): Bump sinon in /app/assets/javascripts (#23578)
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.2.0 to 16.0.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v15.2.0...v16.0.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-14 01:04:14 +02:00
dependabot[bot]
ea7bd236e2
Build(deps-dev): Bump rubocop-discourse from 3.3.0 to 3.4.0 (#23577)
Bumps [rubocop-discourse](https://github.com/discourse/rubocop-discourse) from 3.3.0 to 3.4.0.
- [Commits](https://github.com/discourse/rubocop-discourse/compare/v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: rubocop-discourse
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-14 01:03:34 +02:00
dependabot[bot]
b576c09790
Build(deps): Bump excon from 0.102.0 to 0.103.0 (#23576)
Bumps [excon](https://github.com/excon/excon) from 0.102.0 to 0.103.0.
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.102.0...v0.103.0)

---
updated-dependencies:
- dependency-name: excon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-14 01:03:19 +02:00
Kris
3d3a556933
A11Y: add focus state for advanced search button (#23573) 2023-09-13 17:24:36 -04:00
Jarek Radosz
61f4af2995
DEV: Remove unused userInvitedShow logic (#23569)
share-and-invite modal doesn't seem to use it anymore
2023-09-13 23:07:19 +02:00
Sérgio Saquetim
e03dd76dc6
FEATURE: add outgoing web hooks for Chat messages 2023-09-13 17:31:42 -03:00
Jarek Radosz
6c20d8cc8c
DEV: Convert document-title to a native class (#23570)
Included: removed the `reset` method, used private fields, added explicit service injections
2023-09-13 22:12:33 +02:00
Juan David Martínez Cubillos
355aba50cf
FIX: Return 403 instead of redirect on username routes when hiding profiles (#23545)
* FIX: Return 403 instead of redirect on username routes when hidding profiles

* Updated raised error to better reflect the problem to the user

* implemented suggested changes
2023-09-13 14:33:47 -05:00
Isaac Janzen
3d6b812220
DEV: Move relevant glimmer search menu logic to service (#23483)
This will allow initializing the glimmer search menu without having to pass args directly from header.js widget, to help themes and plugins with search customizations

---------

Co-authored-by: Mark VanLandingham <markvanlan@gmail.com>
2023-09-13 14:32:12 -05:00
Jarek Radosz
6b218636ab
DEV: Convert ConditionalLoadingSpinner to gjs (#23565) 2023-09-13 20:12:38 +02:00
tshenry
c163634ff9
DEV: Bump theme compiler version for max svg sprite size change (#23567)
This should have been included in f6326d0
2023-09-13 10:02:08 -07:00
David Taylor
38c8fc6136
FIX: discourse-local-dates mobile layout following 8a577984 (#23564)
The html/class structure has slightly changed, so these selectors were no longer working as intended
2023-09-13 16:24:28 +01:00
David Taylor
e0daacf3ef
DEV: Drop /theme-qunit from smoke test (#23562)
We will soon be dropping support for `/theme-qunit` in production, so this will start failing if we don't remove it. Plus, we now have system specs which verify the end-to-end functionality of the Theme QUnit system.

This was the last thing which was using the legacy `run-qunit` script, so that can also be dropped.
2023-09-13 16:14:27 +01:00
Joffrey JAFFEUX
ef0a049b87
FIX: scope animated-images-pause to topic-post (#23561)
This was causing issues on chat which is not properly supporting this for now.
2023-09-13 16:20:06 +02:00
David Taylor
8a57798419
DEV: Update discourse-local-dates to new Modal API (#23560) 2023-09-13 15:00:38 +01:00
Vinoth Kannan
e4849445ce
UX: hide warning if all users mentioned via group are already invited. (#23557)
Previously, a "`some_not_allowed`" warning message was appeared in composer even when all the users mentioned via group are already invited to the private message directly or via other groups.
2023-09-13 19:21:44 +05:30
David Battersby
7f7e7fe516
Revert "FEATURE: Add chat message notifications for personal chats (#23307)" (#23559)
This reverts commit 0a1a07fff8.
2023-09-13 19:33:22 +08:00
David Battersby
0a1a07fff8
FEATURE: Add chat message notifications for personal chats (#23307)
This feature adds notifications for chat messages that are sent within personal chats (1:1 and personal group chats).

To prevent notification spam we make use of consolidated notifications to combine updated message information in a meaningful way that allows the receiver to quickly jump into the chat to see what they missed.

This update respects muted channels, muted and blocked users. It will only create a new notification when the user has not muted the channel and the notified user is not muting or ignoring the message sender.
2023-09-13 17:15:11 +08:00
David Battersby
6e2b484f12
FIX: prevent lightbox images from double escaping titles (#23458)
This change fixes an issue where lightbox images are showing escaped text in the link title and lightbox image description area.
2023-09-13 14:33:08 +08:00
Sam
267e8ebaa6
FIX: min_personal_message_post_length not applying to first post (#23531)
* FIX: min_personal_message_post_length not applying to first post

Due to the way PostCreator is wired, we were not applying min_personal_message_post_length
to the first post.

This meant that admins could not configure it so PMs have different
limits.

The code was already pretending that this works, but had no reliable way
of figuring out if we were dealing with a private message
2023-09-13 15:43:54 +10:00
Penar Musaraj
f6326d03f0
DEV: Bump max theme sprite size to 1MB (#23556)
There is one repo with very large sprites, and it's causing missing
icons on some instances.
2023-09-13 15:00:26 +10:00
Alan Guo Xiang Tan
038de393ed
DEV: Raise an error in test env when I18n interpolate argument is missing (#23527)
Why this change?

We have been bitten by bugs where tests are not catching missing
interpolate argument in our client side code because the JavaScript
tests are also using `I18n.translate` to assert that the right message
is shown. Before this change, `I18n.interpolate` will just replace the
missing interpolation argument in the final translation with some
placeholder. As a result, we ended up comparing a broken translation
with another broken translation in the test environment.

Why does this change do?

This change introduces the `I18n.testing` property which when set to
`true` will cause `I18n.translate` to throw an error when an interpolate
argument is missing. With this commit, we also set `I18n.testing = true`
when running qunit acceptance test.
2023-09-13 10:53:48 +08:00
dependabot[bot]
7ab94d0ec6
Build(deps-dev): Bump test-prof from 1.2.2 to 1.2.3 (#23555)
Bumps [test-prof](https://github.com/test-prof/test-prof) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/test-prof/test-prof/releases)
- [Changelog](https://github.com/test-prof/test-prof/blob/master/CHANGELOG.md)
- [Commits](https://github.com/test-prof/test-prof/compare/v1.2.2...v1.2.3)

---
updated-dependencies:
- dependency-name: test-prof
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-13 07:40:33 +08:00
Roman Rizzi
75e8a6bf90
Bump version to v3.2.0.beta2-dev 2023-09-12 15:41:11 -03:00
Roman Rizzi
a9cc379121
Bump version to v3.2.0.beta1 2023-09-12 15:41:11 -03:00
Bianca Nenciu
6f782d8e45
SECURITY: Add limits for themes and theme assets
This commit adds limits to themes and theme components on the:

- file size of about.json and .discourse-compatibility
- file size of theme assets
- number of files in a theme
2023-09-12 15:31:31 -03:00
Daniel Waterworth
290306a932
SECURITY: Reduce maximum size of SVG sprite cache to prevent DoS
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2023-09-12 15:31:28 -03:00
Gerhard Schlager
e3a2446874
SECURITY: Limit number of drafts per user and length of draft_key
The hidden site setting max_drafts_per_user defaults to 10_000 drafts per user.
The longest key should be "topic_<MAX_BIG_INT>" which is 25 characters.
2023-09-12 15:31:26 -03:00
OsamaSayegh
c1b5faa5fd
SECURITY: Limit name field length of TOTP authenticators and security keys 2023-09-12 15:31:17 -03:00
Joffrey JAFFEUX
85fddf58bc
Revert "DEV: FloatKit (#23541)" (#23549)
This reverts commits

0623ac684a
408e71e437
a32fa3b947

User tips were running into some issues.
2023-09-12 13:55:12 -04:00
Joffrey JAFFEUX
408e71e437
FIX: tooltips can be over the header (#23548)
As a result they need a high z-index
2023-09-12 19:17:35 +02:00
David Taylor
8b51a89919
DEV: Do not squash commits in version_bump:stage_security_fixes (#23547)
Sometimes fixes will deliberately keep commits separate, and we don't want to undo that
2023-09-12 18:00:42 +01:00
Joffrey JAFFEUX
a32fa3b947
FIX: cancel post toolbar on click outside (#23546)
On `mousedown` if the click is outside a cooked element cancel the `mousedown`/`mouseup` sequence and only rely on the `selectionchange` event.

This change ensures a click on avatar for example will work, even if user is doing a rather slow click (meaning: the mousedown has been hold for more than 100ms).
2023-09-12 18:49:06 +02:00
Blake Erickson
9ac5e09179
DEV: Show separate error message for backup uploads (#23480)
Due to server upload limits backups may receive a 413 error so we need
to display a different error message than the default one we have set
for attachments.
2023-09-12 09:58:29 -06:00
David Taylor
c3061d580c
DEV: Remove decorateCookedElement id parameters (#23544)
These are no longer required per https://github.com/discourse/discourse/pull/23543
2023-09-12 16:32:04 +01:00
David Taylor
e0d8dae0b3
DEV: Improve api.decorateCookedElement implementation (#23543)
Previously, calling `decorateCookedElement` would re-open a number of components and introduce new event listeners. This kind of thing cannot be undone, and so we were forced to introduce the unique 'id' parameter. If a given decorator id had already been applied, we would skip re-applying it. This helped, but it was still problematic because all tests would be using the callback which was registered in the first test. If its closure had any references to the ApplicationInstance, then those references would be destroyed and useless in future tests.

This commit switches strategy to use `appEvents` instead of `klass.reopen`. This is a much more obvious system and, since appEvent registrations are reset for every ApplicationInstance, we can drop the requirement for unique ids on `decorateCookedElement` calls. The callback used will always be the one registered against the current ApplicationInstance.

This commit also updates our `wrapWithErrorHandler` implementation so that it throws errors in tests. This ensures that errors are not silently swallowed in CI.
2023-09-12 16:21:15 +01:00
Renato Atilio
40ae6432f3
UX: remove unsupported filterable attr from form template sample (#23535) 2023-09-12 12:20:55 -03:00
Renato Atilio
fd32ba2e13
UX: wider code lines so background takes the whole width (#23536) 2023-09-12 12:17:27 -03:00
Joffrey JAFFEUX
0623ac684a
DEV: FloatKit (#23541)
Second iteration of https://github.com/discourse/discourse/pull/23312 with a fix for embroider not resolving an export file using .gjs extension.

---

This PR introduces three new concepts to Discourse codebase through an addon called "FloatKit":

- menu
- tooltip
- toast


## Tooltips
### Component

Simple cases can be express with an API similar to DButton:

```hbs
<DTooltip 
  @label={{i18n "foo.bar"}}
  @icon="check"
  @content="Something"
/>
```

More complex cases can use blocks:

```hbs
<DTooltip>
  <:trigger>
   {{d-icon "check"}}
   <span>{{i18n "foo.bar"}}</span>
  </:trigger>
  <:content>
   Something
  </:content>
</DTooltip>
```

### Service

You can manually show a tooltip using the `tooltip` service:

```javascript
const tooltipInstance = await this.tooltip.show(
  document.querySelector(".my-span"),
  options
)

// and later manual close or destroy it
tooltipInstance.close();
tooltipInstance.destroy();

// you can also just close any open tooltip through the service
this.tooltip.close();
```

The service also allows you to register event listeners on a trigger, it removes the need for you to manage open/close of a tooltip started through the service:

```javascript
const tooltipInstance = this.tooltip.register(
  document.querySelector(".my-span"),
  options
)

// when done you can destroy the instance to remove the listeners
tooltipInstance.destroy();
```

Note that the service also allows you to use a custom component as content which will receive `@data` and `@close` as args:

```javascript
const tooltipInstance = await this.tooltip.show(
  document.querySelector(".my-span"),
  { 
    component: MyComponent,
    data: { foo: 1 }
  }
)
```

## Menus

Menus are very similar to tooltips and provide the same kind of APIs:

### Component

```hbs
<DMenu @icon="plus" @label={{i18n "foo.bar"}}>
  <ul>
    <li>Foo</li>
    <li>Bat</li>
    <li>Baz</li>
  </ul>
</DMenu>
```

They also support blocks:

```hbs
<DMenu>
  <:trigger>
    {{d-icon "plus"}}
    <span>{{i18n "foo.bar"}}</span>
  </:trigger>
  <:content>
    <ul>
      <li>Foo</li>
      <li>Bat</li>
      <li>Baz</li>
    </ul>
  </:content>
</DMenu>
```

### Service

You can manually show a menu using the `menu` service:

```javascript
const menuInstance = await this.menu.show(
  document.querySelector(".my-span"),
  options
)

// and later manual close or destroy it
menuInstance.close();
menuInstance.destroy();

// you can also just close any open tooltip through the service
this.menu.close();
```

The service also allows you to register event listeners on a trigger, it removes the need for you to manage open/close of a tooltip started through the service:

```javascript
const menuInstance = this.menu.register(
   document.querySelector(".my-span"),
   options
)

// when done you can destroy the instance to remove the listeners
menuInstance.destroy();
```

Note that the service also allows you to use a custom component as content which will receive `@data` and `@close` as args:

```javascript
const menuInstance = await this.menu.show(
  document.querySelector(".my-span"),
  { 
    component: MyComponent,
    data: { foo: 1 }
  }
)
```


## Toasts

Interacting with toasts is made only through the `toasts` service.

A default component is provided (DDefaultToast) and can be used through dedicated service methods:

- this.toasts.success({ ... });
- this.toasts.warning({ ... });
- this.toasts.info({ ... });
- this.toasts.error({ ... });
- this.toasts.default({ ... });

```javascript
this.toasts.success({
  data: {
    title: "Foo",
    message: "Bar",
    actions: [
      {
        label: "Ok",
        class: "btn-primary",
        action: (componentArgs) => {
          // eslint-disable-next-line no-alert
          alert("Closing toast:" + componentArgs.data.title);
          componentArgs.close();
        },
      }
    ]
  },
});
```

You can also provide your own component:

```javascript
this.toasts.show(MyComponent, {
  autoClose: false,
  class: "foo",
  data: { baz: 1 },
})
```

Co-authored-by: Martin Brennan <mjrbrennan@gmail.com>
Co-authored-by: Isaac Janzen <50783505+janzenisaac@users.noreply.github.com>
Co-authored-by: David Taylor <david@taylorhq.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-09-12 15:50:26 +02:00
Joffrey JAFFEUX
b8cc1072cc
Revert "DEV: FloatKit (#23312)" (#23540)
This reverts commit abcdd8d367.
2023-09-12 15:37:16 +02:00