Commit Graph

26091 Commits

Author SHA1 Message Date
Jarek Radosz
e6670393df
DEV: Refactor logs-notice/global-notice (#15000) 2021-11-18 21:49:58 +01:00
Robin Ward
2c045c6368 FIX: Don't overwrite computed property for loading spinner fix
This fixes an issue CvX found on PR #14666 where a previous fix
overwrote a computed property.

The better fix (as is often the case with Ember) is to remove an
observer and call methods when things change ourselves.
2021-11-18 15:04:11 -05:00
Jordan Vidrine
9ebfcbb867
FIX: Topic list separator fix (#15011) 2021-11-18 13:32:44 -06:00
Dan Ungureanu
6ae065f9cd
Improved create invite modal (#14151)
* FEATURE: Always show advanced invite options

The UI is more simple and more efficient than how it was when the
advanced options toggle was introduced. It does not make sense to keep
it anymore.

* UX: Minor copy edits

* UX: Merge expire invite controls

There were two controls in the create invite modal. One was a static
text that displayed how much time is left until the invite expires. The
other one was a datetime selector that set the time the invite expires.

This commit merges the two controls in a single one: staff users will
continue to see the datetime selector without the static text and
regular users will only see the static text because they cannot set
when the invite expires.

* UX: Remove invite link

It should only be visible after the invite was created.
2021-11-18 20:19:02 +02:00
David Taylor
ed2c3ebd71
PERF: Move preload hints to the <head> (#15008)
We have two JS assets which are included in the `<body>` of responses. We were including the `<link rel='preload'` hint alongside the script tag in the body. Instead, we can move the preload hint to the `<head>` so that the browser discovers it earlier, and can start preloading the assets while the body is loading.
2021-11-18 18:02:16 +00:00
David Taylor
135fdd59ed
PERF: Improve JS app boot speed by optimizing customResolve() (#14990)
Time spent in the 'find module with suffix' portion of our `customResolve` function were adding up to around 100ms-150ms when booting the app. This time is spread over 150+ calls, so it's not immediately obvious in flamegraphs.

This commit implements a (reversed) [Trie](https://en.wikipedia.org/wiki/Trie) which enables fast suffix-based lookups on a list of strings.

In my tests, this requires < 5ms to initialize, and brings the cumulative 'find module with suffix' time down to `< 5ms`. This corresponds to a ~100ms improvement in LCP metrics in my browser.

The only behavior change is to remove support for module filenames which are **not** dasherized. I haven't found any core/theme/plugin modules which are not dasherized in their filenames.
2021-11-18 16:38:00 +00:00
Jarek Radosz
a102673522
DEV: Avoid unnecessary site-settings:main lookups (#15006) 2021-11-18 17:11:59 +01:00
Jarek Radosz
8dc9e0f4bd
DEV: Use class syntax in key-value-store (#15005) 2021-11-18 16:54:47 +01:00
Jarek Radosz
82c72a46d1
DEV: Fix castInteger deprecations (#15004) 2021-11-18 16:52:14 +01:00
Jarek Radosz
4021842628
DEV: Make search an actual service (#14998) 2021-11-18 16:52:03 +01:00
Jarek Radosz
42fff92d9f
DEV: Make store an actual service (#14996)
`store:main` was unofficially deprecated 4 years ago in fbd5f1e411 (diff-b19dd1d6a5c7938fda9ae317136bbbb82339946ab457c9b95af936a47276c3ddR22)
2021-11-18 16:51:20 +01:00
Kris
19627eca4b
DEV: add outlet for extra categories column (#15002) 2021-11-18 09:46:59 -05:00
Vinoth Kannan
fc1c76cfcc
FIX: exclude moderator_action post for reply count in user summary. (#14991)
Previously, incorrect reply counts are displayed in the "top categories" section of the user summary page since we included the `moderator_action` and `small_action` post types.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2021-11-18 13:42:03 +05:30
Alan Guo Xiang Tan
db24c9b94e
FIX: Incorrect title and chevron when filtering by post number. (#14985)
The widget's state did not reflect the state of the controller.
2021-11-18 09:19:00 +08:00
Krzysztof Kotlarek
eb82849ccb
FIX: none and all categories filter (#14999)
parentCategory is passed to drop-category componen: https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/app/templates/components/bread-crumbs.hbs#L11

However, it is not available if it is not explicitly allow listed in selectKitOptions
2021-11-18 10:21:34 +11:00
Martin Brennan
b96c10a903
DEV: Extract shared external upload routes into controller helper (#14984)
This commit refactors the direct external upload routes (get presigned
put, complete external, create/abort/complete multipart) into a
helper which is then included in both BackupController and the
UploadController. This is done so UploadController doesn't need
strange backup logic added to it, and so each controller implementing
this helper can do their own validation/error handling nicely.

This is a follow up to e4350bb966
2021-11-18 09:17:23 +10:00
Osama Sayegh
b86127ad12
FEATURE: Apply rate limits per user instead of IP for trusted users (#14706)
Currently, Discourse rate limits all incoming requests by the IP address they
originate from regardless of the user making the request. This can be
frustrating if there are multiple users using Discourse simultaneously while
sharing the same IP address (e.g. employees in an office).

This commit implements a new feature to make Discourse apply rate limits by
user id rather than IP address for users at or higher than the configured trust
level (1 is the default).

For example, let's say a Discourse instance is configured to allow 200 requests
per minute per IP address, and we have 10 users at trust level 4 using
Discourse simultaneously from the same IP address. Before this feature, the 10
users could only make a total of 200 requests per minute before they got rate
limited. But with the new feature, each user is allowed to make 200 requests
per minute because the rate limits are applied on user id rather than the IP
address.

The minimum trust level for applying user-id-based rate limits can be
configured by the `skip_per_ip_rate_limit_trust_level` global setting. The
default is 1, but it can be changed by either adding the
`DISCOURSE_SKIP_PER_IP_RATE_LIMIT_TRUST_LEVEL` environment variable with the
desired value to your `app.yml`, or changing the setting's value in the
`discourse.conf` file.

Requests made with API keys are still rate limited by IP address and the
relevant global settings that control API keys rate limits.

Before this commit, Discourse's auth cookie (`_t`) was simply a 32 characters
string that Discourse used to lookup the current user from the database and the
cookie contained no additional information about the user. However, we had to
change the cookie content in this commit so we could identify the user from the
cookie without making a database query before the rate limits logic and avoid
introducing a bottleneck on busy sites.

Besides the 32 characters auth token, the cookie now includes the user id,
trust level and the cookie's generation date, and we encrypt/sign the cookie to
prevent tampering.

Internal ticket number: t54739.
2021-11-17 23:27:30 +03:00
Jarek Radosz
9be69b603c
DEV: Make screen-track a regular service (#14983) 2021-11-17 20:56:06 +01:00
Bianca Nenciu
186379adac
FIX: Cache all watched words (#14992)
It used to cache up to 1000 words, but the maximum number of watched
word is 2000.
2021-11-17 18:59:44 +02:00
Jarek Radosz
bf34d3524b
DEV: Fix a userFields computed property override (#14988)
in `preferences/profile` controller

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
2021-11-17 15:02:15 +01:00
Joffrey JAFFEUX
439cd68e0d
DEV: updates popper to 2.10.2 (#14986) 2021-11-17 13:47:55 +01:00
Joffrey JAFFEUX
113ecab7a6
FIX: clear previous errors on second factor form display (#14987) 2021-11-17 13:47:38 +01:00
Krzysztof Kotlarek
9ce29ad013
FIX: register customOptions as select kit filter (#14933)
* FIX: register customOptions as select kit filter

We are allowing plugins to define custom filters which are added to CUSTOM_USER_SEARCH_OPTIONS const. However, we need to have static placeholder for custom filters, so those props will be passed, and we can use it later.

* fix
2021-11-17 17:12:19 +11:00
Bianca Nenciu
cc1b45f58b
FIX: Convert URLs embedded topics to absolute form (#14975)
Sometimes the expanded post contained broken relative URLs because they
were not converted to their absolute form.
2021-11-17 16:39:49 +11:00
Penar Musaraj
2ff7f105d9
UX: launch full page search on second Enter hit (#14978) 2021-11-17 16:35:17 +11:00
Natalie Tay
c61d47e6f4
FEATURE: Show a confirmation modal when "Dismiss all" would dismiss an important notification (#14935)
* Show a confirmation when dismiss all will dismiss an important notification
2021-11-17 09:44:30 +08:00
Martin Brennan
515acb8fc4
FIX: Error when SMTP enabled in PostAlerter with no incoming email (#14981)
When 31035010af
was done it failed to take into account the case where the smtp_enabled
site setting was true, but the topic had no allowed groups / no
incoming email record, which caused errors for topics even with
nothing to do with group SMTP.
2021-11-17 09:24:17 +10:00
Martin Brennan
e7a4742490
FIX: Clean up emoji name which is file name (#14980)
Uppy adds the file name as the "name" parameter in the
payload by default, which means that for things like the
emoji uploader which have a name param used by the controller,
that param will be passed as the file name. We already use
the existing file name if the name param is null, so this
commit just does further cleanup of the name param, removing
the extension if it is a filename so we don't end up with
emoji names like blah_png.
2021-11-17 09:20:44 +10:00
Jarek Radosz
bf33d2cd4b
FIX: Include all categories in sortedCategories (#14979)
Fixes the issue where categories over two levels deep were missing.
2021-11-17 00:12:04 +01:00
Martin Brennan
7e39910de6
DEV: Refactor uppy s3 mulipart mixin to not use self = this (#14960)
We no longer use this pattern, so we can replace with function
binding instead.
2021-11-17 09:03:10 +10:00
Jordan Vidrine
aa31fbe29a
REFACTOR: Continued topic-list tweaks (#14977)
* REFACTOR: Prep for topic-list refactor
2021-11-16 14:44:04 -06:00
Mark VanLandingham
1b752a5dec
DEV: Export add emoji logic in textarea manipulation mixin (#14976) 2021-11-16 13:42:21 -06:00
Jordan Vidrine
19fb97bb13
FIX: Adjust topic list header alert (#14974) 2021-11-16 11:09:07 -06:00
jbrw
e306d84c56
FEATURE: display warning when sharing a topic in a restricted category (#14820)
* FEATURE: display warning when sharing a topic in a restricted category

If a topic belongs to a category that is not readable by everyone, display a text warning of "Only visible to members of groups: [group_a], [group_b]"

* DEV: Adding a new category means we need to bump this value

* DEV: pass category to showModal
2021-11-16 11:49:41 -05:00
Jarek Radosz
b6677fb126
DEV: Use radix 10 in parseInt() (#14973) 2021-11-16 16:36:44 +01:00
Akshay Birajdar
6b5e8be25a Support parsing array in #param_to_integer_list
Co-authored-by: Akshay Birajdar <akshay.birajdar@coupa.com>
2021-11-16 10:27:00 -05:00
Joffrey JAFFEUX
035822d9e0
DEV: sticky avatar was retained during tests (#14969) 2021-11-16 14:33:06 +01:00
Joffrey JAFFEUX
ff7e685a59
DEV: removes jquery usage from discourse-topic (#14964) 2021-11-16 13:17:44 +01:00
Joffrey JAFFEUX
0fbeb2e5a2
DEV: removes jquery usage from links-redirect (#14968) 2021-11-16 13:16:53 +01:00
Joffrey JAFFEUX
f9682f1c69
DEV: removes jquery usage from html-with-links (#14966) 2021-11-16 13:16:43 +01:00
Andrei Prigorshnev
32c6c4f417
DEV: Remove unused action (#14889)
There are no usages in Core and plugins.
2021-11-16 15:49:59 +04:00
Jordan Vidrine
370c729160
FIX: Additional fixes for last-visited on topic list (#14962) 2021-11-16 12:34:29 +01:00
Joffrey JAFFEUX
2167d4d890
FIX: fix regressions introduced in ae16b0a (#14967)
- ensures arrow up/down doesn’t also apply to textarea while autocomplete is opened
- ensures esc is closing autocomplete and also not closing composer while autocomplete is opened
2021-11-16 12:19:14 +01:00
Joffrey JAFFEUX
49f09345c7
FIX: adds missing class for last visit separator (#14965) 2021-11-16 11:40:08 +01:00
Joffrey JAFFEUX
ae16b0a9d4
DEV: reduces jquery usage and memory leaks in composer (#14924)
Removes more than 60 jquery function leaks in one `Acceptance: Composer` run.
2021-11-16 10:27:05 +01:00
Joffrey JAFFEUX
ef881fdedc
DEV: drops jquery/simplify code/removes leaked event (#14947) 2021-11-16 10:26:39 +01:00
Joffrey JAFFEUX
c768c2ab3a
DEV: drops jquery usage in stacked chart (#14946) 2021-11-16 10:26:26 +01:00
Joffrey JAFFEUX
43659a6de2
DEV: jquery removal/listeners/cleanup of permalink form (#14944)
- Removes jquery
- Removes a not unregistered listener and uses component event
- Removes external-url class as it was only valid in one case of the dropdown
- Uses @action
- Tagless
- Other minor changes
2021-11-16 10:25:54 +01:00
Joffrey JAFFEUX
c9a84d8067
DEV: removes unnecessary jquery selector (#14945) 2021-11-16 10:25:34 +01:00
Bianca Nenciu
88523a6d6a
FIX: Redirect to homepage if no posts exist (#14951)
After permanently deleting the first post of a topic the user was
sometimes stuck on the page because of an infinite loop. This problem
happened more often in Firefox.
2021-11-16 11:10:07 +02:00
Loïc Guitaut
c2be7c65e8 FEATURE: Move sticky avatars into core
This patch takes the small component we had for sticky avatars and adds
it into our core code base.

A small refactor has been made to have a `StickyAvatars` dedicated class.
2021-11-16 10:06:25 +01:00
Vinoth Kannan
c47a526371
FIX: exclude topics from muted tag in category featured list. (#14925)
Topics from muted tags were visible in the categories page's featured topics section since we didn't filter it before.
2021-11-16 12:10:50 +05:30
Martin Brennan
f52e1258f7
DEV: mutlipart -> multipart spelling fix (#14963) 2021-11-16 13:58:33 +10:00
Kris
8b5dec4607
UX: mobile topic list fixes follow-up to 0e371d4 (#14959) 2021-11-15 21:07:32 -05:00
Martin Brennan
f61783a218
FIX: Emoji uploader not using data.name on uppy upload (#14958)
When uploading emoji with the new uppy upload mixin, we were
not sending the name of the emoji in the payload, or more
accurately uppy was already using the file name as the name
value and we were not overriding it from data. This commit
changes the behaviour for single files uploaded via the uppy
upload mixin, by merging the file's meta object with this.data
from the parent component.
2021-11-16 11:14:06 +10:00
Martin Brennan
31035010af
FIX: Use correct group out of multiple for SMTP sender (#14957)
When there are multiple groups on a topic, we were selecting
the first from the topic allowed groups to act as the sender
email address when sending group SMTP replies via PostAlerter.
However, this was not ordered, and since there is no created_at
column on TopicAllowedGroup we cannot order this nicely, which
caused just a random group to be used (based on whatever postgres
decided it felt like that morning).

This commit changes the group used for SMTP sending to be the
group using the email_username of the to address of the first
incoming email for the topic, if there are more than one allowed
groups on the topic. Otherwise it just uses the only SMTP enabled
group.
2021-11-16 10:21:49 +10:00
Jarek Radosz
f4d1fe18f8
DEV: Don't use $.isEmptyObject() (#14953) 2021-11-15 23:17:56 +01:00
Martin Brennan
eabe2df8d2
FIX: Drop malformed CC addresses in GroupSmtpEmail job (#14934)
Sometimes, a user may have a malformed email such as
`test@test.com<mailto:test@test.com` their email address,
and as a topic participant will be included as a CC email
when sending a GroupSmtpEmail. This causes the CC parsing to
fail and further down the line in Email::Sender the code
to check the CC addresses expects an array but gets a string
instead because of the parse failure.

Instead, we can just check if the CC addresses are valid
and drop them if they are not in the GroupSmtpEmail job.
2021-11-16 08:15:11 +10:00
Jordan Vidrine
0e371d4c6d
SYNTAX: Use classes instead of html element targeting (#14890)
* SYNTAX: Use classes instead of html element targeting
2021-11-15 14:49:45 -06:00
David Taylor
389a3ce389
DEV: Add basic theme support to the mini_profiler badge (#14952) 2021-11-15 18:39:11 +00:00
Robin Ward
5c43b8a572 DEV: Retry installation of ember exam
Let's try installing it by including it in dependencies AND dev
dependencies so it works in every environment.
2021-11-15 10:30:56 -05:00
Jarek Radosz
2bd2d0d474
FIX: A screen-track/appEvents regression in #14929 (#14943) 2021-11-15 15:04:49 +01:00
Jarek Radosz
67e38e81f7
DEV: Remove unnecessary test setup calls (#14940)
`setURLContainer()` and `setDefaultOwner()` are already called in an application initializer at the beginning of each test.
2021-11-15 13:46:09 +01:00
Jarek Radosz
985d079e47
DEV: Clean up sniff-capabilities (#14938)
Drop jQuery, remove unused caps (`canPasteImages` and `highRes`), enable `canVibrate` for Firefox (per the old comment), and other minor changes.
2021-11-15 13:41:55 +01:00
Arpit Jalan
8c4896f660
FIX: composer education message for group mentions were broken (#14937)
Composer education message for group mentions were broken because the
count parameter is a string instead of a number.
2021-11-15 17:12:06 +05:30
Jarek Radosz
fc3a6e57e3
DEV: Drop support for removing all appEvent listeners (#14936)
Also removes "appEventsCache". (and reduces the reported test memory usage by ~33%)

There's no longer any need to remove appEvent listeners in application-instance initializers' `teardown`, as app instances are recreated before each test (in both legacy and ember cli envs)
2021-11-15 12:31:05 +01:00
Jarek Radosz
f0d963faad
DEV: Use @bind instead of repeated .bind(this) (#14931)
Fixes some cases where event listeners weren't correctly removed. Also fixes a dependency tracking bug in user-private-messages
2021-11-15 10:07:53 +01:00
Martin Brennan
08e625c446
FIX: Use previous chunk to check if local backup chunk upload complete (#14896)
Uppy and Resumable slice up their chunks differently, which causes a difference
in this algorithm. Let's take a 131.6MB file (137951695 bytes) with a 5MB (5242880 bytes)
chunk size. For resumable, there are 26 chunks, and uppy there are 27. This is
controlled by forceChunkSize in resumable which is false by default. The final
chunk size is 6879695 (chunk size + remainder) whereas in uppy it is 1636815 (just remainder).

This means that the current condition of uploaded_file_size + current_chunk_size >= total_size
is hit twice by uppy, because it uses a more correct number of chunks. This
can be solved for both uppy and resumable by checking the _previous_ chunk
number * chunk_size as the uploaded_file_size.

An example of what is happening before that change, using the current
chunk number to calculate uploaded_file_size.

chunk 26: resumable: uploaded_file_size (26 * 5242880) + current_chunk_size (6879695) = 143194575 >= total_size (137951695) ? YES
chunk 26: uppy: uploaded_file_size (26 * 5242880) + current_chunk_size (5242880) = 141557760 >= total_size (137951695) ? YES
chunk 27: uppy: uploaded_file_size (27 * 5242880) + current_chunk_size (1636815) = 143194575 >= total_size (137951695) ? YES

An example of what this looks like after the change, using the previous
chunk number to calculate uploaded_file_size:

chunk 26: resumable: uploaded_file_size (25 * 5242880) + current_chunk_size (6879695) = 137951695 >= total_size (137951695) ? YES
chunk 26: uppy: uploaded_file_size (25 * 5242880) + current_chunk_size (5242880) = 136314880 >= total_size (137951695) ? NO
chunk 27: uppy: uploaded_file_size (26 * 5242880) + current_chunk_size (1636815) = 137951695 >= total_size (137951695) ? YES
2021-11-15 15:08:21 +10:00
Jarek Radosz
9c9ad22626
DEV: Fix qunit/assert-args (#14932)
Just a couple of invalid assertions.
2021-11-15 04:30:42 +01:00
Jarek Radosz
b1c72282c9
DEV: Delete an old appEvents.off call (#14930)
There's no `composer:resize` anymore.
2021-11-15 02:38:10 +01:00
Jarek Radosz
a817ee9f7c
DEV: Update caniuse-lite (#14926)
The repeated notices in the console were tiring…

```
Browserslist: caniuse-lite is outdated. Please run:
npx browserslist@latest --update-db

Why you should do it regularly:
https://github.com/browserslist/browserslist#browsers-data-updating
```
2021-11-15 01:18:11 +01:00
Jarek Radosz
047432735e
DEV: Don't create AppEvents instance in Eyeline (#14928)
Use `Evented` from `@ember/object/evented` instead.
2021-11-15 00:44:07 +01:00
Jarek Radosz
25251d4d00
DEV: Don't set appEvents on app, group injections (#14929) 2021-11-15 00:42:49 +01:00
Jarek Radosz
9711caf7ea
DEV: Fix a computed property overwrite (#14927)
There's a `category` computed property that already does what this piece of code did.
2021-11-15 00:39:20 +01:00
Vinoth Kannan
2b848213f7
FIX: set null to group if groupAttrs param is not available. (#14795)
Because of this bug "all groups" option in the group selector dropdown was not selectable on the user directory page.
2021-11-14 19:53:50 +05:30
Jarek Radosz
4f14e012a7
DEV: Replace $.extend with Object.assign (#14921) 2021-11-14 10:59:22 +01:00
Jarek Radosz
4938381b78
DEV: Fix a computed-property.override warning (#14922)
Regressed in #14307
2021-11-14 10:59:05 +01:00
Jarek Radosz
827b6c99ae
DEV: Fix a call-after-destroy issue (#14923)
Intersection observer callback can be called after the component gets destroyed:

```
Assertion Failed: calling set on destroyed object: <@ember/component:ember6019>.docked = false
    at assert (ember:37774:17)
    at _set2 (ember:17304:46)
    at Class.set (ember:29529:29)
    at Class._intersectionHandler (discourse/app/components/topic-progress:135:16)
    at Backburner._run (ember:56389:25)
    at Backburner._join (ember:56365:21)
    at Backburner.join (ember:56082:19)
    at join (ember:42874:28)
    at IntersectionObserver.eval (ember:42978:19)
```
2021-11-14 10:58:37 +01:00
Jarek Radosz
140ef0ebe7
DEV: Increase Chrome memory limit (#14918)
"Fixes" the build
2021-11-13 15:32:16 +01:00
Jarek Radosz
043e0dcad7
DEV: Don't try to load admin locales in tests (#14917)
It always fails with:

```
Failed to load resource: the server responded with a status of 403 (Forbidden), url: http://localhost:60099/extra-locales/admin?v=[…]
```
2021-11-13 15:31:55 +01:00
Jarek Radosz
f414d5eace
DEV: Use method definition syntax consistently (#14915) 2021-11-13 14:01:55 +01:00
Jarek Radosz
bdd2c888b0
DEV: Avoid using globals (#14909) 2021-11-13 13:10:13 +01:00
Jarek Radosz
cb3cb96149
DEV: Fix Chrome flags (#14914)
```
Error: illegal value for flag --max_semi_space_size
```
2021-11-13 12:37:07 +01:00
Jarek Radosz
7ea2bf52cc
DEV: Fix hljs.highlightBlock deprecation (#14908) 2021-11-12 20:20:47 +01:00
Jarek Radosz
9ca93f57cc
DEV: Remove jQuery global usage where possible (#14905) 2021-11-12 19:23:20 +01:00
Jarek Radosz
97aa56bdc3
FIX: Prevent PreloadStore from calling the finder when value is falsy (#14899) 2021-11-12 17:45:06 +01:00
Joffrey JAFFEUX
79f49dfb7a
DEV: reduces jquery usage in composer-editor (#14903) 2021-11-12 16:40:10 +01:00
Daniel Waterworth
4724f3cbf7
DEV: Remove deprecated method (#14902) 2021-11-12 09:07:44 -06:00
Daniel Waterworth
e7c0bbb9c0
DEV: Let's always give a drop_from param to deprecate (#14901)
So that we know when deprecations can be removed in the future.
2021-11-12 08:52:59 -06:00
Bianca Nenciu
32a174d883
FIX: Use Map instead of Object for caching (#14887)
Objects have default properties, such as "constructor" that can cause
issues when using similar texts as keys.
2021-11-12 15:18:07 +02:00
Joffrey JAFFEUX
904d509cce
FIX: ensures minimum tags logic is correct and shared (#14723)
Also fixes a bug where select-kit was not updating noneItem in multi-selects.
2021-11-12 14:04:48 +01:00
Joffrey JAFFEUX
362c47ce6a
DEV: adds a new topic footer dropdown api (#14747)
This api allows to add a dropdown at the bottom of a topic, note that this API is mobile only for now.

Also included in the commit:
- various doc fixes
- adding tests for both buttons and dropdowns APIs
- uses thrown instead of @ember/error to ensure execution is halted when incorrect parameters are given
2021-11-12 10:21:34 +01:00
Martin Brennan
2371da9f25
Revert "Add support for Ember Exam" (#14895)
This reverts commit d1dec23a93.

It was causing issues with internal builds.
2021-11-12 10:31:57 +10:00
Robin Ward
d1dec23a93 Add support for Ember Exam
This allows us to partition and load balance tests, if we like.
2021-11-11 16:15:50 -05:00
Jarek Radosz
61d14a7694
DEV: Fix 3N+1 query in /admin/customize/themes (#14876) 2021-11-11 18:11:23 +01:00
Roman Rizzi
a3814b1e56
FIX: Display top posts from private categories if the user has access. (#14878)
Users viewing the top topics from the categories page should see those belonging to a private category if they have access to it.
2021-11-11 13:35:03 -03:00
Alan Guo Xiang Tan
095255c8ec
FIX: Topic queryParams are removed from history state when scrolling. (#14881)
* Also fixed a bug where the queryParams are not removed when toggling
  between filters.
2021-11-11 16:10:00 +08:00
Martin Brennan
729043633e
DEV: Add missing IDs to uppy upload components (#14880) 2021-11-11 15:38:39 +10:00
Martin Brennan
e4350bb966
FEATURE: Direct S3 multipart uploads for backups (#14736)
This PR introduces a new `enable_experimental_backup_uploads` site setting (default false and hidden), which when enabled alongside `enable_direct_s3_uploads` will allow for direct S3 multipart uploads of backup .tar.gz files.

To make multipart external uploads work with both the S3BackupStore and the S3Store, I've had to move several methods out of S3Store and into S3Helper, including:

* presigned_url
* create_multipart
* abort_multipart
* complete_multipart
* presign_multipart_part
* list_multipart_parts

Then, S3Store and S3BackupStore either delegate directly to S3Helper or have their own special methods to call S3Helper for these methods. FileStore.temporary_upload_path has also removed its dependence on upload_path, and can now be used interchangeably between the stores. A similar change was made in the frontend as well, moving the multipart related JS code out of ComposerUppyUpload and into a mixin of its own, so it can also be used by UppyUploadMixin.

Some changes to ExternalUploadManager had to be made here as well. The backup direct uploads do not need an Upload record made for them in the database, so they can be moved to their final S3 resting place when completing the multipart upload.

This changeset is not perfect; it introduces some special cases in UploadController to handle backups that was previously in BackupController, because UploadController is where the multipart routes are located. A subsequent pull request will pull these routes into a module or some other sharing pattern, along with hooks, so the backup controller and the upload controller (and any future controllers that may need them) can include these routes in a nicer way.
2021-11-11 08:25:31 +10:00
Rafael dos Santos Silva
d4e35f50c2
PERF: Update like count in visible posts without an extra GET per like (#14869)
PERF: Update like count in visible posts without an extra GET per like

Currently when a user is reading a topic and some post in it receive a
like from another user, the Ember app will be notified via MessageBus
and issue a GET to `/posts/{id}` to get the new like count. This worked
fine for us until today, but it can easily create a self-inflicted DDoS
when a topic with a large number of visitors gets a large number of
likes, since we will issue `visitors * likes` GET requests requests.

This patch optimizes this flow, by sending the new like count down in
the MessageBus notification, removing any need for the extra request.

It shouldn't cause any drift on the count because we send down the full
count instead of the difference too.

Possible follow-ups could include handling like removal.
2021-11-10 13:22:26 -03:00
Bianca Nenciu
3791fbd919
FEATURE: Add read-only scope to API keys (#14856)
This commit adds a global read-only scope that can be used to create
new API keys.
2021-11-10 17:48:00 +02:00
Martin Brennan
23b7b42acd
DEV: Bump eslint-config-discourse (#14868)
Changes for 4f7aba06c0

Also fixes all of the object-shorthand violations in our JS code.
2021-11-10 09:31:41 +10:00
jbrw
a8c63ddb54
FIX: Call _clearFlash() when displaying a modal (#14848)
`d-modal-body.js` was setting the text of a `modal-alert` element to `""`, but not removing any classes on that element. Changing this to call `_clearFlash()` ensures that a variety of styling classes are also removed from the element, which prevents empty alert elements being included on any subsequent modals that are displayed.

Several other controllers have also been modified to change the class of the error from `alert-error` to `error. The `alert-` is unnecessary, as it is added by `_flash(msg)` within `d-modal-body.js`.
2021-11-09 17:51:50 -05:00
Martin Brennan
6a68bd4825
DEV: Limit list multipart parts to 1 (#14853)
We are only using list_multipart_parts right now in the
uploads controller for multipart uploads to check if the
upload exists; thus we don't need up to 1000 parts.

Also adding a note for future explorers that list_multipart_parts
only gets 1000 parts max, and adding params for max parts
and starting parts.
2021-11-10 08:01:28 +10:00
Kris
a87216f1f3
A11Y: set modal widths with EMs; improves scaling (#14863) 2021-11-09 14:56:05 -05:00
Penar Musaraj
3becc55833
FIX: Disable scroll events while on full screen (#14864) 2021-11-09 14:29:05 -05:00
Penar Musaraj
ce91bf0775
Revert "FIX: Composer height issue in Safari on iOS 15 (#14282)" (#14847)
This reverts commit 0dab1634b0.
2021-11-09 13:10:07 -05:00
Kris
cb997be513
UX: fix share/notify modal styles (#14861) 2021-11-09 12:44:01 -05:00
David Taylor
5ac10e2e79
DEV: Update DiscourseConnect nonce errors to be more descriptive (#14858) 2021-11-09 17:39:05 +00:00
Robin Ward
769d53ff09 FIX: In Ember CLI some plugin tests were referring to the wrong container 2021-11-09 12:06:05 -05:00
Jordan Vidrine
520a0cfa2b
"A11Y: Add prefers reduced motion" (#14859) 2021-11-09 10:24:31 -06:00
Bianca Nenciu
b203e316ac
FEATURE: Add pagination to API keys page (#14777) 2021-11-09 12:18:23 +02:00
Bianca Nenciu
42f65b4c48
FIX: Show perma-delete in menu without refresh (#14740)
It needed a page refresh because the post was not updated on the client
side.
2021-11-09 11:50:45 +02:00
Natalie Tay
911f9b180a
FIX: Remove xlink:href to favour href due to deprecation (#14854)
Based on docs here https://developer.mozilla.org/en-US/docs/Web/SVG/Element/use#attributes,
the xlink:href attribute is deprecated and we should probably move away from it soon.
2021-11-09 17:49:37 +08:00
Vinoth Kannan
d549022afb
FIX: use correct attribute method to get post id from dataset. (#14845)
Because of this bug, the post details were not included in the PMs which are initiated from the user cards in posts.
This reverts commit e3e0d025ea.
2021-11-09 12:24:50 +05:30
Natalie Tay
0b495e9ad4
FEATURE: Allow users to edit alt text from the image preview in the editor (#14480) 2021-11-09 14:34:09 +08:00
Jarek Radosz
34c955b5ec
DEV: Skip a test instead of commenting it out (#14836)
Fixes `qunit/no-commented-tests`
2021-11-08 21:13:58 +01:00
Penar Musaraj
e90f506bf8
FIX: Keep topic context when redirecting to full search (#14846) 2021-11-08 15:07:02 -05:00
Bianca Nenciu
7fb693c8f6
FIX: Generate valid heading ids (#14840) 2021-11-08 20:44:46 +02:00
Penar Musaraj
9ddb3a9ca6
FIX: Restore animation for like action on mobile (#14844)
Regressed in 89a2cec7be
2021-11-08 13:21:16 -05:00
Penar Musaraj
e0ced68eec
FIX: Persist notifications in OS X (#14843)
We were previously triggering the close event, which in OSX meant that
notifications would disappear from Notification Center.
2021-11-08 13:04:43 -05:00
Jarek Radosz
d162229758
DEV: Replace equal() with strictEqual() (#14827) 2021-11-08 10:26:28 +01:00
Krzysztof Kotlarek
8b93da9fe0
FIX: rename action_code_href to action_code_path (#14834)
Small actions should use path instead of absolute url. getURL function is necessary to insert a potential subfolder prefix.
2021-11-08 14:32:17 +11:00
Jarek Radosz
e6245bd603
DEV: Remove hints of jshint (#14828) 2021-11-08 09:12:37 +08:00
Joe
641f49748d
Revert "prevent auto-scroll when focus is set inside header panels" (#14829)
This reverts commit f444e3e3f7.
2021-11-08 09:11:26 +08:00
Martin Brennan
9a72a0945f
FIX: Ensure CORS rules exist for S3 using rake task (#14802)
This commit introduces a new s3:ensure_cors_rules rake task
that is run as a prerequisite to s3:upload_assets. This rake
task calls out to the S3CorsRulesets class to ensure that
the 3 relevant sets of CORS rules are applied, depending on
site settings:

* assets
* direct S3 backups
* direct S3 uploads

This works for both Global S3 settings and Database S3 settings
(the latter set directly via SiteSetting).

As it is, only one rule can be applied, which is generally
the assets rule as it is called first. This commit changes
the ensure_cors! method to be able to apply new rules as
well as the existing ones.

This commit also slightly changes the existing rules to cover
direct S3 uploads via uppy, especially multipart, which requires
some more headers.
2021-11-08 09:16:38 +10:00
Martin Brennan
18dc2c5040
FEATURE: Use uppy for tags uploader (#14821)
No other caveats or fixes.
2021-11-08 08:18:09 +10:00
Krzysztof Kotlarek
fe8087e523
FEATURE: small action post accepts href (#14816)
Optionally add href to small action.
It can be used by discourse-assign to link to correct post from translation
2021-11-08 08:24:44 +11:00
Joe
f444e3e3f7 prevent auto-scroll when focus is set inside header panels 2021-11-05 12:09:31 -04:00
Martin Brennan
8586088b87
FIX: Stop saving bookmark on modal press ESC (#14823)
Since db7be947df the functionality
to not save a bookmark when pressing ESC on the modal has been
broken, because a new initiatedByESC event was introduced there
in d-modal instead of clicking on the modal close button. This
commit fixes the issue by adding an initiatedByESC property
to onClose inside application.js, and checking for that OR
initiatedByCloseButton in the bookmark modal.
2021-11-05 13:43:19 +10:00
Martin Brennan
1dddbf3d47
FEATURE: Use uppy for watched word uploader (#14817)
This commit, while changing the watched word uploader to use
uppy, also fixes a minor bug with the UppyUploadMixin where
the file input's value was not cleared after reset, which
prevented subsequent file uploads. The composer mixin already
has this fix.
2021-11-05 09:23:28 +10:00
jbrw
6360d3d4e7
FIX: ensure required_tag_group_name is null if no value present (#14796)
* FIX: ensure required_tag_group_name is null if no value present

If the array was present but empty `required_tag_group_name` would be set to undefined, which would then be removed from the payload of the remote request.

Addming the length check ensures the value is set to null, which is sent as an empty value (which the backend sees, and can remove it and persist the change on the Category object).
2021-11-04 17:26:21 -04:00
Penar Musaraj
9b30103628
UX: Layout fixes for admin permalinks page (#14819) 2021-11-04 14:15:55 -04:00
Penar Musaraj
89a2cec7be
REFACTOR: Use CSS animations for likes (#14809) 2021-11-04 09:13:34 -04:00
Martin Brennan
ccd259e2b5
FEATURE: Move avatar uploader to uppy (#14815)
Simple change, no further caveats for this one.
2021-11-04 14:40:20 +10:00
Martin Brennan
fac9185421
FEATURE: Move emoji uploader to use uppy (#14814)
This commit changes the emoji uploader to use the UppyUploadMixin,
and makes some minor changes to the emoji uploader (tightening the
copy for drag and drop and adding a percentage for the upload).

Since no other uppy upload mixin components have needed to upload
multiple files so far, this necessitated adding a tracker for the
in progress uploads so we know when to reset the uploader once all
uploads are complete.

At the moment, the emoji uploader cannot be used for direct S3 uploads
because the admin emoji controller creates other records and does other
magic with the emojis. At some point we need to factor this kind of thing
into the ExternalUploadManager.transform! action to complete external
uploads.
2021-11-04 11:31:58 +10:00
Mark VanLandingham
d9f02b635d
DEV: Allow tag to be passed in payload to PushNotificationPusher (#14810) 2021-11-03 14:18:48 -05:00
Mark VanLandingham
67265a5045
DEV: Plugin instance method for push_notification_filters (#14787) 2021-11-03 12:21:33 -05:00
Joe
046138314e fix test 2021-11-03 11:41:13 -04:00
Joe
cc6b6b5b77 fix test 2021-11-03 11:41:13 -04:00
Joe
6252e166a9 Add tests 2021-11-03 11:41:13 -04:00
Joe
c0cbfcc548 Add lazy loading to post avatars 2021-11-03 11:41:13 -04:00
Joe
a3fe52dff3 Add lazy loading to topic list avatars 2021-11-03 11:41:13 -04:00
Vinoth Kannan
53b7220638
FIX: exclude suppressed category topics in digest even if unmuted. (#14793)
Previously, suppressed category topics are included in the digest emails if the user visited that topic before and the `TopicUser` record is created with any notification level except 'muted'.
2021-11-03 12:47:09 +05:30
Ryan Lerch
1fffe941bf
remove some hardcoded 'localhost's from dev environment (#14801)
Trying to use a local test hostname other than localhost
(e.g. discourse.test )for discourse development was difficult due
the fact that localhost was hardcoded in a few places. This patch
uses existing environment variables to allow a developer to use a
different domain when developing.

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2021-11-03 11:26:44 +08:00
Jean
734ba90afe
UX: remove tags chooser on PMs for non-staff users (#14800) 2021-11-02 21:44:11 -04:00
jbrw
aec125b617
FIX: Display Instagram Oneboxes in an iframe (#14789)
We are no longer able to display the image returned by Instagram directly within a Discourse site (either in the composer, or within a cooked post within a topic), so:

- Display an image placeholder in the composer preview
- A cooked post should use an iframe to display the Instagram 'embed' content
2021-11-02 14:34:51 -04:00
Jean
8d73730c44
FEATURE: Add setting to disable notifications for topic tags edits (#14794) 2021-11-02 13:53:21 -04:00
Penar Musaraj
51233ae349
UX: Fix several issues with topic progress refactor (#14790) 2021-11-02 13:45:40 -04:00
Penar Musaraj
80c6f6a48b
FIX: Use mouse down event when cancelling search (#14788) 2021-11-02 09:26:06 -04:00
Arpit Jalan
aeaf27b7dc
FIX: insert commas even when field value is null (#14791) 2021-11-02 14:59:24 +05:30
Penar Musaraj
7dcecef4c3
FIX: Prevent duplicate search requests to backend (#14786)
When sending a full search request to backend (i.e. when hitting Enter),
the debouncer needs to be cancelled, otherwise it will get invoked and
trigger a second search request to the backend.
2021-11-01 13:48:42 -04:00
Penar Musaraj
116b93595a
UX: Fix bar-style category dropdown (#14785) 2021-11-01 11:17:41 -04:00
Martin Brennan
dcf3733c13
FIX: Deleting a for_topic bookmark caused JS error (#14781)
When deleting a for_topic bookmark, we were calling
bookmark.attachedTo() for the bookmarks:changed event,
but the bookmark was not always a Bookmark model instance,
so sometimes that call would error. Now we make sure that
the bookmarks in the topic.bookmarks JS array are all
bookmark model instances, and added a test to cover this
deleting for_topic bookmark case as well.
2021-11-01 13:31:17 +10:00
Jarek Radosz
a7322aca77
DEV: Remove unnecessary controllerFor in tests (#14779) 2021-10-30 23:36:37 +02:00
Kris
cd8822cb50
UX: better accommodate PM composer with tags (#14778) 2021-10-29 16:26:37 -04:00
Penar Musaraj
f6a3c22a89
DEV: Allow replacing share icons separately (#14774) 2021-10-29 13:35:27 -04:00
Robin Ward
e3e0d025ea FIX: Include topic details when PMing
We used to do this and at some point regressed when we lost a reference
to the `post` object. This restores the old behaviour.
2021-10-29 12:42:27 -04:00
jbrw
cfc62dbace
FIX: allowed_theme_ids should not be persisted in GlobalSettings (#14756)
* FIX: allowed_theme_ids should not be persisted in GlobalSettings

It was observed that the memoized value of `GlobalSetting.allowed_theme_ids` would be persisted across requests, which could lead to unpredictable/undesired behaviours in a multisite environment.

This change moves that logic out of GlobalSettings so that the returned theme IDs are correct for the current site.

Uses get_set_cache, which ultimately uses DistributedCache, which will take care of multisite issues for us.
2021-10-29 11:46:52 -04:00
Penar Musaraj
724f1ee9d1
UX: Fix short post width on mobile (#14771) 2021-10-29 11:39:19 -04:00
Penar Musaraj
488511479e
UX: Show quick search hint more consistently (#14769) 2021-10-29 11:08:31 -04:00
Bianca Nenciu
1c3c0f04d9
FEATURE: Pull hotlinked images in user bios (#14726) 2021-10-29 17:58:05 +03:00
Bianca Nenciu
19ef6995a8
FIX: Do not replace words in hashtags and mentions (#14760)
Watched words were replaced inside mentions and hashtags when watched
word regular expressions were enabled.
2021-10-29 17:53:09 +03:00
Bianca Nenciu
cb0958fcea
FIX: Hide links to muted topics and in categories list (#14761)
* FIX: Hide links to muted topics

* FIX: Hide muted topics in categories list on mobile
2021-10-29 17:52:23 +03:00
Penar Musaraj
095421a1e1
REFACTOR: Use IntersectionObserver to calculate topic progress position (#14698) 2021-10-29 09:23:15 -04:00
Jarek Radosz
19c9b892dc
DEV: Instantiate relation early to save a query (#14766)
Previously it would do `SELECT 1 AS one` and then `SELECT "color_scheme_colors".*`. Now it only does the latter.
2021-10-29 03:03:22 +02:00
Jarek Radosz
85d0ddb9eb
FIX: Avoid another N+1 query in Site.json_for (#14763)
A follow-up to #14729, this time for logged-in users and/or non-login-required sites.
2021-10-28 20:28:31 +02:00
Vinoth Kannan
deee715a2c
FIX: update flair group of all members if primary group setting changed. (#14762)
Previously, if we enable the `primary_group` setting on a group then the `flair_group_id` of its' members are not affected.
2021-10-28 22:56:44 +05:30
Vinoth Kannan
c62242c6b3
FIX: should not receive topic invites from ignored users. (#14746)
Previously, ignored users can send notifications by inviting the ignorer to topics or PMs.
2021-10-28 21:03:00 +05:30
Bianca Nenciu
148ee1d162
FIX: Do not perform link lookup for replaced links (#14742)
A link that was added because a watched word was replaced could create
a notice if the same link was present before.
2021-10-28 13:27:31 +03:00
Joffrey JAFFEUX
9e19b22f64
DEV: prevents Firefox ESR tests to crash on ||= (#14758)
A follow up PR should investigate why `proposal-logical-assignment-operators` is not getting used here (test file?) but this should be enough to get things running.
2021-10-28 10:55:22 +02:00
Dan Ungureanu
ba3078e098
PERF: Use different column for better query plan (#14748)
Using topics.id provides a better query plan than posts.topic_id which
speeds up search by almost 50%.
2021-10-28 11:30:30 +03:00
Martin Brennan
b659e94a8e
DEV: Delete vacate_legacy_prefix_backups code (#14735)
Introduced in 3037617327, we no
longer need this code, as all of the backups have been
migrated.
2021-10-28 07:53:21 +10:00
Jean
92f4cdd330
FEATURE: bypass topic bump when disable_category_edit_notifications is enabled (#14754) 2021-10-27 17:05:10 -04:00
David Taylor
9fa5077805 DEV: Remove unneeded qunit-helper override
This was leaking on every test... and also doesn't seem to be required. The `examineDockHeader` doesn't exist any more in core, so this was a no-op.
2021-10-27 18:34:04 +01:00
David Taylor
8bb911e038 DEV: Teardown appEvent listener in edit-notification-clicks-tracker 2021-10-27 18:34:04 +01:00
David Taylor
8af0674b68 DEV: teardown event listeners in click-interceptor 2021-10-27 18:34:04 +01:00
David Taylor
cc18a5439c DEV: Ensure core initializers with .reopen are only called once 2021-10-27 18:34:04 +01:00
David Taylor
0bec323204 DEV: Teardown leaky page:changed appEvents between tests 2021-10-27 18:34:04 +01:00
Penar Musaraj
d2ddb82022
UX: Remove animation in admin theme list (#14743) 2021-10-27 13:09:34 -04:00
Roman Rizzi
df3eb93973
DEV: Sanitize HTML admin inputs (#14681)
* DEV: Sanitize HTML admin inputs

This PR adds on-save HTML sanitization for:

Client site settings
translation overrides
badges descriptions
user fields descriptions

I used Rails's SafeListSanitizer, which [accepts the following HTML tags and attributes](018cf54073/lib/rails/html/sanitizer.rb (L108))

* Make sure that the sanitization logic doesn't corrupt settings with special characters
2021-10-27 11:33:07 -03:00
Joffrey JAFFEUX
184ccf4490
DEV: nullify cachedCookFunction to prevent retains (#14737) 2021-10-27 16:29:36 +02:00
David Taylor
79ad0860a2
FIX: Cleanup PresenceChannel instances when composer closed (#14741)
I was previously relying on `this.isDestroying` returning `true` during `willDestroyElement`. This was an incorrect assumption.

This commit refactors the logic into an explicit `cleanup` function, and also adds some cleanup for empty keys in the `subscribedProxy` array
2021-10-27 15:17:10 +01:00
Kris
103de1f20d
UX: Change login tabindex, follow-up to 6aa6275 (#14734) 2021-10-27 09:15:49 -04:00
Joffrey JAFFEUX
4272eb7ffc
FIX: prevents a circular json error in tests (#14738)
The flow goes from:

- getting current user object
- creating a POJO using some of the current user keys
- passing this POJO around, which end up being used in message bus
- the processing fn associated ens up doing User.create on this object will both create a User object, but also inject store in it, store is holding a reference to currentUser Object and...

BOOM, we have an object holding a reference to the same object, which JSON.stringify used in prepareBody of pretender doesn't like.
2021-10-27 14:01:41 +01:00
Andrei Prigorshnev
7f79727090
DEV: rename refresh action to avoid regressions in the future (#14721) 2021-10-27 14:53:04 +04:00
Andrei Prigorshnev
19d95c64af
DEV: simplify username suggester (#14531)
This PR doesn't change any behavior, but just removes code that wasn't in use. This is a pretty dangerous place to change, since it gets called during user's registration. At the same time the refactoring is very straightforward, it's clear that this code wasn't doing any work (it still needs to be double-checked during review though). Also, the test coverage of UserNameSuggester is good.
2021-10-27 14:41:24 +04:00
Dan Ungureanu
69f0f48dc0
DEV: Fix rubocop issues (#14715) 2021-10-27 11:39:28 +03:00
Kris
6aa6275f3f
UX: change tabindex on login to skip email login link (#14732) 2021-10-26 20:46:53 -04:00
David Taylor
50f4f43825
DEV: Use double quotes for js-flags (#14693)
Single quotes seem to be raising parse errors in some CI situations. Switching to double quotes seems to fix the problem.
2021-10-27 11:09:30 +11:00
Jarek Radosz
c7768b6d16
FIX: Avoid N+1 query in Site.json_for (#14729) 2021-10-26 22:46:53 +02:00
Jean
31aa071e54
UX: Apply tags during PM creation (#14731) 2021-10-26 16:46:02 -04:00
David Taylor
e073451eae
UX: Make PresenceChannel changes more responsive (#14733)
For very fast-paced things (e.g. replying... indicators), 5s resolution is not great. This commit improves the resolution to 1 update per second.
2021-10-26 21:15:20 +01:00
Robin Ward
d067ee1c5a UX: Never show back button if less than current position 2021-10-26 15:45:55 -04:00
Penar Musaraj
b3f642db65
UX: Don't show anchor icon on touch devices (#14724) 2021-10-26 13:43:20 -04:00
David Taylor
495aa4752c FIX: Correctly avoid concurrent requests in PresenceChannel get
This if statement was intended to prevent concurrent `/presence/get` requests, but it was missing a critical line. Now it should function as intended.
2021-10-26 18:27:07 +01:00
David Taylor
edc1378aed DEV: Raise error when anon subscribes to PresenceChannels on login_required sites
In this situation, messagebus and the server-side Presence endpoints are unavailable, so it's better to quit early in the JS
2021-10-26 18:27:07 +01:00
David Taylor
d43b77b56b DEV: Ensure presence beforeunload event listener is cleaned up
In production, services are singletons. This logic will only affect the test environment
2021-10-26 18:27:07 +01:00
David Taylor
54ca7a9618 FIX: Do not send presence leave beacon if not present in any channels 2021-10-26 18:27:07 +01:00
Bianca Nenciu
0c6f9d7c67
FIX: Show right message when permanently deleting topic (#14717) 2021-10-26 18:31:15 +03:00
Roman Rizzi
be38615afd
FEATURE: Mark omniauth failures as HTML safe. (#14713)
Plugins can add HTML elements to auth error messages.
2021-10-26 09:46:25 -03:00
Dan Ungureanu
f003e31e2f
PERF: Optimize search in private messages query (#14660)
* PERF: Remove JOIN on categories for PM search

JOIN on categories is not needed when searchin in private messages as
PMs are not categorized.

* DEV: Use == for string comparison

* PERF: Optimize query for allowed topic groups

There was a query that checked for all topics a user or their groups
were allowed to see. This used UNION between topic_allowed_users and
topic_allowed_groups which was very inefficient. That was replaced with
a OR condition that checks in either tables more efficiently.
2021-10-26 10:16:38 +03:00
Martin Brennan
f6528afa01
DEV: Add uploadHandler support to composer-upload-uppy mixin (#14692)
This commit adds uploadHandler support to composer uploads using
uppy. The only things we have that are using this are discourse-brightcove and
discourse-video, which both pop modal windows to handle the file upload and
completely leave out all the composer-type flows. This implementation simply
follows the existing one, where if a single file is uploaded and there
is a matching upload handler we take control away from uppy and hand
it off to the upload handler.

Trying to get this kind of thing working within uppy would require a few
changes because they have no way to restrict uploaders to certain file types
and with the way their uploaders are run it doesn't look like it would be easy
to add this either, so I don't think this is worth the work unless at some
point in the future we plan to have more upload handler integrations.

I also fixed an issue with `cleanUpComposerUploadHandler` which is used
in tests to reset the state of `uploadHandlers` in the composer. This
was doing `uploadHandlers = []` to clear that array, but that creates
a brand new array so anything else referencing the original array will
lose that reference. Better to set `uploadHandlers.length = 0` to
clear it. This was breaking the tests I added to see if upload handlers
were working.
2021-10-26 11:22:33 +10:00
Roman Rizzi
436edbb51a
DEV: Only set tap_failed_tests_only to true for CI. (#14710)
It may seem like the command crashed when running tests locally since we get no feedback until it finishes running all the tests.
2021-10-25 16:24:47 -03:00
janzenisaac
dd5b0543c7
FEATURE: Add fullscreen-tables to post (#14709)
Overflown tables will have a "expand table" option added to open x table in a modal
2021-10-25 14:06:28 -05:00
Penar Musaraj
116982fca9
FIX: Correct tracking context for some category routes (#14685)
We were previously showing the "n new or updated topics" alert on
category routes like `/c/category-slug/ID/none` on every new/unread
topic update. This PR looks up the category by ID, which should be more
precise.
2021-10-25 15:05:00 -04:00
Jarek Radosz
facf7d6f56
DEV: Don't leak auth methods between tests (#14708) 2021-10-25 15:25:39 +02:00
David Taylor
9ac6f1d3bb
FIX: Include the Vary:Accept header on all Accept-based responses (#14647)
By default, Rails only includes the Vary:Accept header in responses when the Accept: header is included in the request. This means that proxies/browsers may cache a response to a request with a missing Accept header, and then later serve that cached version for a request which **does** supply the Accept header. This can lead to some very unexpected behavior in browsers.

This commit adds the Vary:Accept header for all requests, even if the Accept header is not present in the request. If a format parameter (e.g. `.json` suffix) is included in the path, then the Accept header is still omitted. (The format parameter takes precedence over any Accept: header, so the response is no longer varies based on the Accept header)
2021-10-25 12:53:50 +01:00
Joffrey JAFFEUX
cbd7898d1d
DEV: removes jquery usage from time formatter (#14700) 2021-10-25 11:00:15 +02:00
Joffrey JAFFEUX
c7099342ff
DEV: uses vanilla js for fixture qunit helper (#14703) 2021-10-25 10:59:58 +02:00
Joffrey JAFFEUX
c0300b13e3
DEV: replaces jquery call by vanilla js in uploader tests (#14702) 2021-10-25 10:49:14 +02:00
Joffrey JAFFEUX
cc68eb825b
DEV: drops jquery usage from ajax wizards lib (#14694) 2021-10-25 10:24:53 +02:00
Joffrey JAFFEUX
05dda755ed
DEV: removes jquery usage from linkSeenMentions codepath (#14695) 2021-10-25 10:24:37 +02:00
Bianca Nenciu
261edcebcb
FIX: Allow every tag for watched words (#14684)
If a watched word was restricted to a category, new rules for that
watched word could not be created.
2021-10-25 10:53:42 +03:00
Martin Brennan
2461ed303c
DEV: Move loadLibs to explicit install message in media-optimization-worker (#14707)
Previously, `loadLibs` was called inside the `optimize` function of
the media-optimization-worker, which meant that it could be hit
multiple times causing load errors (as seen in b69c2f7311)

This commit moves that call to a specific message handler (the `install` message)
for the service worker, and refactors the service for the media-optimization-worker
to wait for this installation to complete before continuing with processing
image optimizations.

This way, we know for sure based on promises and worker messages
that the worker is installed and has all required libraries
loaded before we continue on with attempting any processing. The
change made in b69c2f7311 is no
longer needed with this commit.
2021-10-25 13:17:43 +10:00
Joffrey JAFFEUX
76a9ca99a8
DEV: removes jquery usage from onebox (#14683) 2021-10-22 13:15:46 +02:00
Martin Brennan
7290a74aa6
DEV: Add new bookmarks:changed app event (#14674)
This new app event will fire whenever a bookmark is created,
edited, or deleted for a post or topic, and replaces these old
app events which had inconsistent APIs:

* page:bookmark-post-toggled
* topic:bookmark-toggled

When the event is triggered, the arguments are in this order:

1. bookmark - The bookmark record created or changed. Will be null
              if the bookmark was deleted.
2. target   - Object with target (post or topic) and targetId (post ID
              or topic ID)
2021-10-22 09:38:02 +10:00
Martin Brennan
2b40049abb
FIX: Remove superfluous topic allowed users on group invite (#14656)
When inviting a group to a topic, there may be members of
the group already in the topic as topic allowed users. These
can be safely removed from the topic, because they are implicitly
allowed in the topic based on their group membership.

Also, this prevents issues with group SMTP emails, which rely
on the topic_allowed_users of the topic to send to and cc's
for emails, and if there are members of the group as topic_allowed_users
then that complicates things and causes odd behaviour.

We also ensure that the OP of the topic is not removed from
the topic_allowed_users when a group they belong to is added,
as it will make it harder to add them back later.
2021-10-22 08:57:51 +10:00
Jeff Wong
6192189fd2
DEV: allow composer option to skip jumping to a post on save (#14675)
* DEV: allow composer option to skip jumping to a post on save

* DEV: refactor js safe access in jump logic

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-10-21 13:46:04 -07:00
Jarek Radosz
3b90d7de66
FIX: 2N+1 sql in admin /api/keys endpoint (#14679) 2021-10-21 17:00:17 +02:00
Penar Musaraj
db53c6b248
UX: Add special case for user search when in a topic (#14669) 2021-10-21 10:34:50 -04:00
Robin Ward
e15bd194fd UX: Sometimes the footer would show up while refreshing a list route
This happens because the state of `canLoadMore` is not cleared as the
refresh occurs, which is enough to make the page think a footer should
be displayed.

No tests here because it's tricky to test refreshing and none of our
existing acceptance tests seem to.
2021-10-21 09:04:27 -04:00
David Taylor
b57b079ff2
DEV: Update discourse-presence plugin to use new PresenceChannel system (#14519)
This removes all custom controllers and redis/messagebus logic from discourse-presence, and replaces it with core's new PresenceChannel system.

All functionality should be retained. This implementation should scale much better to large numbers of users, reduce the number of HTTP requests made by clients, and reduce the volume of messages on the MessageBus.

For more information on PresenceChannel, see 31db8352
2021-10-21 12:42:46 +01:00
Joffrey JAFFEUX
80ec6f09d3
DEV: removes unnecessary caret position code (#14665)
We don't support any browser needing this for very long: https://caniuse.com/?search=selectionStart

I'm keeping some protection so It doesn’t crash but ultimately `element.selectionStart` should be enough.

Im not removing this in the commit, but the `caret_position.js` file seems barely used.
2021-10-21 10:06:31 +02:00
Alan Guo Xiang Tan
a9d6b23802
DEV: Remove code that is no longer valid. (#14657)
The vote post action type was removed in 96aca6d7e6

Follow-up to 96aca6d7e6.
2021-10-21 10:47:22 +08:00
Martin Brennan
0f03884375
DEV: Refactor bookmark modal code (#14654)
We had code to open the bookmark modal in two places -- the bookmark
list and also from within a topic. This caused the two code paths to
drift, as in the bookmark list we were not passing in the forTopic or
autoDeletePreferences data into the modal, and we were also not refreshing
the bookmark list when the bookmark was deleted from within the modal.

This commit moves the modal opening code into an importable
function from the controllers/bookmark module, and all callers
have to do is pass it an instance of Bookmark and also options
for what to do for the following:

* onAfterSave
* onAfterDelete
* onCloseWithoutSaving
2021-10-21 09:02:35 +10:00
David Taylor
010309d108
SECURITY: Improve validation of SNS subscription confirm (#14671)
An upstream validation bug in the aws-sdk-sns library could enable RCE under certain circumstances. This commit updates the upstream gem, and adds additional validation to provide defense-in-depth.
2021-10-20 22:20:52 +01:00
Osama Sayegh
8fb823c30f
FIX: Make the verbose_auth_token_logging setting off by default (#14664)
The `generate`, `rotate` and `suspicious`  auth token logs are now always logged regardless of the `verbose_auth_token_logging` setting because we rely no these to detect suspicious logins.
2021-10-20 17:20:39 +03:00
Penar Musaraj
1f8939c0f1
FIX: Show search context only in topic routes (#14650) 2021-10-20 09:48:26 -04:00
Penar Musaraj
3e86ec3e4e
FIX: Broken quick search on iPadOS (#14663)
This also reverts back to selecting the search input text when reopening
the search panel.
2021-10-20 09:31:53 -04:00
Joffrey JAFFEUX
c2d4638ee1
DEV: drops jquery usage from wizard-canvas (#14662) 2021-10-20 14:42:06 +02:00
Joffrey JAFFEUX
adb302f801
DEV: drops jquery usage un admin-report-chart (#14661) 2021-10-20 14:28:49 +02:00
Arpit Jalan
1b8feae0bc
FIX: reset sso email and payload when user navigates away (#14658) 2021-10-20 17:21:32 +05:30
Joffrey JAFFEUX
d18e3a45b9
FIX: none row doesn’t have a value, use class to target it (#14659) 2021-10-20 13:07:58 +02:00
Alan Guo Xiang Tan
e74e3fa043
FIX: Topic timeline not updating in megatopics. (#14645)
Before this fix, jumping to posts using the topic timeline scrollbar
will not update the counts since the topic scrollarea is not rerendered.

Follow-up to db337b10ee
2021-10-20 11:42:22 +08:00
Martin Brennan
ecee9d000b
FEATURE: Allow recovery of deleted small action posts (#14643)
Previously when clicking the Delete button for small action posts
there was no way to recover this post if the action was accidental.
Now if canRecover is true on the post, which it is just after it
is deleted and the post is fetched from the server again, we show
an undo button which calls the recover endpoint for the post.

We also now disallow the editing of the post if it is deleted, and
show the proper deleted red CSS on the small action post when deleted.
2021-10-20 08:13:27 +10:00
Penar Musaraj
a1daf9fe53
FIX: Do not query backend when searching "in this topic" (#14649) 2021-10-19 13:01:42 -04:00
Andrei Prigorshnev
b9164d22ee
FEATURE: add a hidden setting that enables using email as a source for username suggestions (#14623)
This is a follow-up to https://github.com/discourse/discourse/pull/14541. This adds a hidden setting for restoring the old behavior for those users who rely on it. We'll likely deprecate this setting at some point in the future.
2021-10-19 14:37:39 +04:00
Joffrey JAFFEUX
a5eba43a65
FIX: only replaces double quotes and uses unicode (#14644)
`’` is actually not converted and doesn’t need to be normalised to `'`
2021-10-19 11:01:46 +02:00
Martin Brennan
d3678f6930
FIX: Do not show recipient user in email participants list (#14642)
This commit removes the recipient's username from the
respond to / participants list that is shown at the bottom
of user notification emails. For example if the recipient's
username was jsmith, and there were participants ljones and
bmiller, we currently show this:

> "reply to this email to respond to jsmith, ljones, bmiller"

or

> "Participants: jsmith, ljones, bmiller"

However this is a bit redundant, as you are not replying to
yourself here if you are the recipient user. So we omit the
recipient user's username from this list, which is only used
in the text of the email and not elsewhere.
2021-10-19 15:26:22 +10:00
Martin Brennan
2364626ded
FEATURE: Change all core to use uppy-image-uploader (#14428)
Instead of using image-uploader, which relies on the old
UploadMixin, we can now use the uppy-image-uploader which
uses the new UppyUploadMixin which is stable enough and
supports both regular XHR uploads and direct S3 uploads,
controlled by a site setting (default to XHR).

At some point it may make sense to rename uppy-image-uploader
back to image-uploader, once we have gone through plugins
etc. and given a bit of deprecation time period.

This commit also fixes `for_private_message`, `for_site_setting`,
and `pasted` flags not being sent via uppy uploads onto the
UploadCreator, both via regular XHR uploads and also through
external/multipart uploads.

The uploaders changed are:

* site setting images
* badge images
* category logo
* category background
* group flair
* profile background
* profile card background
2021-10-19 13:25:42 +10:00
Martin Brennan
1d131fcaff
FIX: Clarify None Needed option when editing bookmarks (#14633)
This commit makes the following change to the Edit Bookmark
modal window for clarity:

* If the user is editing an existing bookmark without a reminder set,
hide the "none needed" option. This will draw more attention to the
delete button.
* If the user is editing an existing bookmark with a reminder set for the
future, change the "none needed" option to say "remove reminder, keep bookmark"

To do this, I needed to provide an option to override the labels
for time shortcuts in certain cases, so I could keep the NONE shortcut
but have the different wording.
2021-10-19 10:32:20 +10:00
Penar Musaraj
560216b6a1
UX: Adjust quick search input width (#14640)
Ensures input takes up all available space (without contents overlapping icons).
2021-10-18 17:01:08 -07:00
Penar Musaraj
919a9a902a
FIX: Hide full screen toggle button when textarea is disabled (#14638) 2021-10-18 16:00:22 -04:00
Penar Musaraj
073e5ccd83
UX: Better topic search experience (#14625) 2021-10-18 13:17:27 -04:00
Penar Musaraj
7a4a1744a2
UX: Show fewer toolbar icons in mobile composer (#14621) 2021-10-18 10:16:10 -04:00
Jarek Radosz
70634198a4
UX: Display full-page user search in a grid (#14636)
Two reasons for this change:
1. Better utilization of the screen space (i.e. displaying more than 5 entries on a 13" display)
2. Making user link elements smaller fixes user-card positioning (it no longer displays far to the right, away from the user name/avatar)
2021-10-18 15:36:30 +02:00
Jean
6275658e3d
FEATURE: Add setting to disable notifications for topic category edits (#14632) 2021-10-18 09:04:01 -04:00
Alan Guo Xiang Tan
fb5a062b1f
DEV: Remove TopicView#first_post_id. (#14631)
The method was only used for mega topics but it was redundant as the
first post can be determined from using the condition where
`Post#post_number` equal to one.
2021-10-18 14:47:47 +08:00
Martin Brennan
ca7fd77a94
DEV: Bump uppy module versions for retryable prepareUploadParts (#14629)
This commit bumps the following uppy modules:

* @uppy/aws-s3
* @uppy/aws-s3-multipart
* @uppy/core
* @uppy/drop-target
* @uppy/xhr-upload

This is done so we can use the new functionality for retrying
failed prepareUploadParts calls, introduced in
e435f4a917.

I also needed to make some changes to composer-upload-uppy to
support this retrying, while at the same time being able to
throw a bootbox with the error message if the number of retries
are exceeded.
2021-10-18 15:28:27 +10:00