Commit Graph

35541 Commits

Author SHA1 Message Date
Mark VanLandingham
44612f900e
FIX: Remove 'staff_only' results option for non-staff (#8565) 2019-12-17 13:43:15 -08:00
Mark VanLandingham
e916bd7ea0
FIX: Fix choose-topic component to search by url (#8574) 2019-12-17 13:01:52 -08:00
Mark VanLandingham
d37dc14c57
REVERT: Remove feature topic on profile button from topic view (#8573) 2019-12-17 12:41:49 -08:00
Kris
62ebfbbb67 UX: Minor adjustment to give the PM recipient input more flexibility. 2019-12-17 14:56:57 -05:00
Joffrey JAFFEUX
007652ece5
DEV: allows this.get in widgets (#8571) 2019-12-17 18:39:51 +01:00
Blake Erickson
1c7305c0f1 DEV: Remove buffered rendering from topic-status
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: 006e5904be in this
series.

This commit affects the icons next to the topic title that indicate if
it is closed, unlisted, pinned, etc. It is just a refactor and should
not change any functionality.

Originally I was going to continue to use the existing
topic-status-icons arrayProxy helper but this would require using
observers, so I opted instead to use computed properties and have a bit
larger hbs template.
2019-12-17 10:35:05 -07:00
Kris
ff1be40980 UX: Increase combo-box tap area for mobile 2019-12-17 11:43:11 -05:00
Dan Ungureanu
d9e7611910
FIX: Avoid String.matchAll for IE11 support 2019-12-17 18:09:29 +02:00
Penar Musaraj
ea05a68df7
FIX: Use updated_at date to denote expired invites (#8521) 2019-12-17 10:13:49 -05:00
David Taylor
8106d94c05 SECURITY: Correct permission check when revoking user API keys 2019-12-17 10:56:16 +00:00
Joffrey JAFFEUX
81b4de39ee
FIX: prevents crash in discourse_tagging with empty term (#8548) 2019-12-17 10:55:06 +01:00
Martin Brennan
6ab12ed96b
FIX: If a prettified slug is a number, return defaultt (#8554)
Meta thread: https://meta.discourse.org/t/sending-a-pm-with-the-following-title-causes-an-error/135654/3

We had an issue where if someone sent a PM with crazy
characters that are stripped and we end up with only
a number, the topic redirect errored because the slug was
a number. so instead we return the default as well if
the slug is a number after prettification
2019-12-17 10:34:20 +10:00
Martin Brennan
beb91e7eff
FIX: require: false for rotp gem (#8540)
The ROTP gem is only used in a very small amount of places in the app, we don't need to globally require it.

Also set the Addressable gem to not have a specific version range, as it has not been a problem yet.

Some slight refactoring of UserSecondFactor here too to use SecondFactorManager to avoid code repetition
2019-12-17 10:33:51 +10:00
Krzysztof Kotlarek
84ede5867c
FIX: category id in filterCategory (#8555)
Small regression was created here: https://github.com/discourse/discourse/commit/374534f00ee#diff-4af46675500edc092f9224ca5835a7ddR106

After that change `listFilter` is including `categoryId` like `c/cat/subcat/6/l/latest` instead of `c/cat/subcat/l/latest`

Therefore, `trackIncoming` function in topic-tracking-state couldn't properly filter new messages
2019-12-17 08:33:38 +11:00
dependabot-preview[bot]
998bbdc40f Bump fspath from 3.1.0 to 3.1.2 (#8564)
Bumps [fspath](https://github.com/toy/fspath) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/toy/fspath/releases)
- [Commits](https://github.com/toy/fspath/compare/v3.1.0...v3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 12:19:31 -08:00
Penar Musaraj
776840c810 FIX: Ensure currentUser exists before getting ID
Otherwise this would trigger a JS error for anonymous users.
2019-12-16 14:53:43 -05:00
Robin Ward
480e2ec523 FIX: If we run db:migrate on its own, it should load the environment 2019-12-16 14:46:33 -05:00
Robin Ward
ce78eff888 FIX: Migration paths were being forgotten
According to the [Rails
Source](https://github.com/rails/rails/blob/master/activerecord/lib/active_record/railties/databases.rake#L20)
the `ActiveRecord::Migrator.migrations_paths` are overwritten with the
value of `ActiveRecord::Tasks::DatabaseTasks.migrations_paths` every
time the config is loaded.

This caused a bug for Discourse development where if you ran:

`rake db:drop db:create db:migrate` in one line, you would not get our
post migrations, as those had a custom value for `migrations_paths`.

The fix is to use `ActiveRecord::Tasks::DatabaseTasks.migrations_paths`
to set up all our custom paths. Everything seems to work as expected.
2019-12-16 14:13:47 -05:00
dependabot-preview[bot]
5acecfcb91 Bump in_threads from 1.5.1 to 1.5.3 (#8556)
Bumps [in_threads](https://github.com/toy/in_threads) from 1.5.1 to 1.5.3.
- [Release notes](https://github.com/toy/in_threads/releases)
- [Changelog](https://github.com/toy/in_threads/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/in_threads/compare/v1.5.1...v1.5.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:57:22 -08:00
dependabot-preview[bot]
82828d5145 Bump progress from 3.5.0 to 3.5.2 (#8560)
Bumps [progress](https://github.com/toy/progress) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/toy/progress/releases)
- [Changelog](https://github.com/toy/progress/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/progress/compare/v3.5.0...v3.5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:45:33 -08:00
dependabot-preview[bot]
aee3c6b96b Bump json from 2.2.0 to 2.3.0 (#8563)
Bumps [json](https://github.com/flori/json) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.2.0...v2.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:35:08 -08:00
dependabot-preview[bot]
e328700ae5 Bump aws-sdk-core from 3.85.0 to 3.86.0 (#8558)
Bumps [aws-sdk-core](https://github.com/aws/aws-sdk-ruby) from 3.85.0 to 3.86.0.
- [Release notes](https://github.com/aws/aws-sdk-ruby/releases)
- [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-core/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-ruby/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 10:09:38 -08:00
dependabot-preview[bot]
22f1aa0c58 Bump jquery-rails from 4.3.3 to 4.3.5 (#8557)
Bumps [jquery-rails](https://github.com/rails/jquery-rails) from 4.3.3 to 4.3.5.
- [Release notes](https://github.com/rails/jquery-rails/releases)
- [Changelog](https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/jquery-rails/compare/v4.3.3...v4.3.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 09:44:56 -08:00
dependabot-preview[bot]
db82ed86c4 Bump thor from 0.20.3 to 1.0.0 (#8550) 2019-12-16 09:23:47 -08:00
dependabot-preview[bot]
6b3308d614 Bump excon from 0.70.0 to 0.71.0 (#8551)
Bumps [excon](https://github.com/excon/excon) from 0.70.0 to 0.71.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.70.0...v0.71.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-12-16 08:53:42 -08:00
Mark VanLandingham
8c4ffaea1b
FEATURE: Modal for profile featured topic & admin wrench refactor (#8545) 2019-12-16 08:41:34 -08:00
David Taylor
7b6bafc651 Revert "DEV: Bind to ipv6 loopback address in addition to ipv4 (#8544)"
This reverts commit 1002bf62e5.
2019-12-16 15:51:04 +00:00
Joffrey JAFFEUX
aa73df768a
DEV: improves error message when sso param is not passed (#8549)
SingleSignOnProvider is expecting a sso param later in the chain. If sso param is not found it will cause a 500 with the following exception: `NoMethodError (undefined method `unpack1' for nil:NilClass)` as `set_return_sso_url` is attempting to decode it: https://github.com/discourse/discourse/blob/master/lib/single_sign_on_provider.rb#L19
2019-12-16 12:33:24 +01:00
David Taylor
1002bf62e5
DEV: Bind to ipv6 loopback address in addition to ipv4 (#8544) 2019-12-16 11:01:02 +00:00
Martin Brennan
b6b05d3b48
Add bookmark-clock icon (#8553)
Adds a custom bookmark-clock icon to discourse-additional.svg for use with the new bookmarks with reminder functionality.

Also add some code to correctly refresh the post-stream icon for bookmark to show the clock after save.
2019-12-16 12:37:34 +10:00
Gerhard Schlager
e7402b3feb DEV: Allow unsafe-eval in development mode
It's needed because of this: 5f1e346e16/lib/source_url.rb (L18-L24)
2019-12-14 22:36:50 +01:00
Régis Hanol
5f1e346e16 DEV: lint file 2019-12-13 22:37:19 +01:00
Régis Hanol
1309262569 UX: pluralize "likes/read this"
When expending the number of likes/reads, the text wasn't handling
proper pluralization that might be useful in locales that requires it.
2019-12-13 22:18:28 +01:00
Robin Ward
bc97d39688 FIX: Allow IE script to load with a CDN
A proper fix would involve it being precompiled like other assets, but
due to the conditional nature of the resource this is more complicated.

For now this is better than IE being broken.
2019-12-13 15:50:46 -05:00
Penar Musaraj
028d21c01e DEV: Update deprecated icon names 2019-12-13 15:23:31 -05:00
Joffrey JAFFEUX
df78a22b79
DEV: shows prettier version on CI run 2019-12-13 20:33:55 +01:00
Kris
216b59d3a4 UX: Improve alignment of social login/signup buttons in Firefox 2019-12-13 14:24:59 -05:00
Kris
b76ae9e0f5 REFACTOR: Convert main button styles into a central mixin 2019-12-13 14:09:48 -05:00
Robin Ward
a04a631674 Changed CONFLICT to SQL for multiline strings
This is more consistent with the rest of our codebase.
2019-12-13 11:51:40 -05:00
Kris
3816107560 UX: Z-index of image lightbox needs to be higher than modal z-index 2019-12-13 09:38:38 -05:00
Krzysztof Kotlarek
d8360b4c82 SECURITY: vulnerability in WildcardUrlChecker 2019-12-13 09:29:09 -05:00
David Taylor
f47909a2b6 DEV: Check for pending migrations before running rspec suite
This should catch a few scenarios which can waste a lot of time in development
 - Forgetting to run migrations
 - Missing plugin migrations
 - Missing post_deploy migrations
2019-12-13 12:50:18 +00:00
Gerhard Schlager
c068804a0a Fixing the specs. Take 2. 2019-12-13 13:05:17 +01:00
Gerhard Schlager
2e8c23f0d0 Fix spec 2019-12-13 12:40:52 +01:00
Gerhard Schlager
f62215046f FEATURE: Completely remove unsafe-eval from CSP
Plugins can add it via API if they need to use `eval`:
```
extend_content_security_policy(script_src: [:unsafe_eval])
```

See https://meta.discourse.org/t/104243
2019-12-13 12:38:32 +01:00
Daniel Waterworth
1fb7a6297c DEV: Add unambiguous routes for tags
The trouble with having:

/tags/:tag_id/...

and:

/tags/intersection/*tag_ids

for example, is: what happens if you want a tag called intersection?

Under this new scheme. Routes referring to a single tag are unambiguous
because they are prefixed with:

/tag/:tag_id

Routes referring to the collection of tags still start with:

/tags/

This commit just adds the new routes. It doesn't remove the old ones or
cause the new ones to be used.
2019-12-13 11:24:59 +00:00
OsamaSayegh
dc3c4bdd00 DEV: Bump Logster version to 2.5.1
This version has minor follow-up fixes and changes to the pattern
grouping feature that was introduced yesterday. See Logster changelog
for details: https://github.com/discourse/logster/blob/master/CHANGELOG.md
2019-12-13 09:51:19 +00:00
Rishabh
387daaf7b8 UX: Improve copy on Move to Topic and Move to Message modals
Also clarify that messages can be searched for by url, id and not just title.
2019-12-13 14:13:13 +05:30
Hector Bustillos
42758379b9 FEATURE: Adds a message when the passwords doesn't match in rake admin:create (#8543) 2019-12-13 11:40:33 +11:00
Blake Erickson
006e5904be DEV: Remove buffered rendering from navigation-item
This is another refactoring in the multi-step process to remove all uses
of our custom Render Buffer.

Previous commit: ea6326c860 in this
series.

This commit affects the top menu buttons. It is just a refactor and
should not change any functionality.
2019-12-12 15:52:33 -07:00