Commit Graph

2091 Commits

Author SHA1 Message Date
Martin Brennan
abf215a0e4 Bump prettier to 1.19.1 and lock dependency (#8350) 2019-11-15 10:07:45 -05:00
Robin Ward
d4b7c028fa REFACTOR: Move upload utilities to their own file 2019-11-14 12:51:08 -05:00
Gerhard Schlager
c83ae9a79f DEV: Add option to login at beginning of smoke tests
This is useful for testing sites which do not have any public topics.
2019-11-14 18:28:15 +01:00
Martin Brennan
e7226a8c84
FEATURE: Allow scoping search to tag (#8345)
* When viewing a tag, the search widget will now show a checkbox to scope the search by tag, which will limit search results to that tag on desktop and mobile
2019-11-14 10:40:26 +10:00
Robin Ward
a4b89f8187 DEV: Remove some extra Discourse.Site uses 2019-11-13 16:00:58 -05:00
Robin Ward
bc2067898e FIX: Missing User objects in Utilities 2019-11-13 15:55:32 -05:00
Robin Ward
f5ed0dc2e6 FIX: Failing tests 2019-11-13 15:34:30 -05:00
Robin Ward
3d0b310368 DEV: Fix some more deprecated Discourse.User and Discourse.Site 2019-11-13 15:34:30 -05:00
Mark VanLandingham
4843414de6 WIP - set Discourse.currentUser 2019-11-13 15:34:30 -05:00
Roman Rizzi
1c179177e7
REFACTOR: Attach resize controls to images from the markdown pipeline (#8314) 2019-11-12 17:32:37 -03:00
Robin Ward
afadf361b3 REFACTOR: idMap should be a private API 2019-11-12 10:53:22 -05:00
Jarek Radosz
5d4b240453
DEV: Provide radix argument to parseInt (#8281)
* DEV: Provide radix 10 argument to parseInt

* DEV: Provide radix 16 argument to parseInt

* DEV: Remove unnecessary parseInt calls

* Fix year formatting

parseInt was used here to convert decimals to ints
2019-11-12 10:47:42 +01:00
Daniel Waterworth
e79cec9fc7 DEV: Remove handling of category top menu items
Support for these kinds of navigation items was dropped in 88f52514, but
the code for handling these menu items was never removed.
2019-11-11 17:36:29 +00:00
Dan Ungureanu
55bdd9e6a2
FIX: Do not skip some emails in user search (#8317)
It used to skip the email addresses containing the plus sign.
2019-11-11 18:42:45 +02:00
Robin Ward
f03edb36be REFACTOR: Remove Discourse.Model 2019-11-08 14:13:35 -05:00
Robin Ward
291572a97a REFACTOR: Remove Discourse.Session constants 2019-11-08 13:46:50 -05:00
Robin Ward
7ac2a55588 REFACTOR: Remove Discourse.Category constants 2019-11-08 13:31:00 -05:00
Robin Ward
7e44065bcb REFACTOR: Migrate Discourse.Post to imports 2019-11-08 13:13:13 -05:00
Robin Ward
932c169d46 REFACTOR: Remove Discourse.NavItem constants 2019-11-08 12:56:13 -05:00
Robin Ward
779ee3558d REFACTOR: Remove Discourse.UserAction from code 2019-11-08 12:52:39 -05:00
Gerhard Schlager
61b1f9c36b FEATURE: Load translation overrides without JS eval 2019-11-05 19:16:38 +01:00
David Taylor
52c5cf33f8
FEATURE: Overhaul of admin API key system (#8284)
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
2019-11-05 14:10:23 +00:00
Joe
8e419a772f
FIX: improve regex used for image sizing controls (#8291) 2019-11-05 18:40:02 +08:00
Robin Ward
90f934a660 REFACTOR: Use a module for Ember.isEmpty 2019-11-01 13:50:15 -04:00
Leo McArdle
5efa95b5f8 FIX: make notification consent banner usable via keyboard and screenreader (#8255)
* update d-button to support btn-link class

* add display attribute to d-button rather than computing on class
2019-10-31 15:36:24 -04:00
David Taylor
7191835989
DEV: Support custom server-side names in rest models (#8265) 2019-10-30 15:25:42 +00:00
Robin Ward
8d34f4bbd9 Revert "Revert Ember.run refactors"
This reverts commit fcb1ca52f9.
2019-10-30 09:48:24 -04:00
Robin Ward
fcb1ca52f9 Revert Ember.run refactors
This reverts commit 5ca60fcb6b.
2019-10-29 17:10:47 -04:00
Robin Ward
249dff85c7 FIX: Use modules for Ember.run.debounce hack in testing 2019-10-29 16:25:37 -04:00
Robin Ward
5ca60fcb6b REFACTOR: Use imports for Ember.run 2019-10-29 15:31:56 -04:00
Mark VanLandingham
c7475ee03b
DEV: Import EmberObject rather than global variable (#8256)
* DEV: Import ember/object rather than Ember.Object globally

* fixed broken object proxy import

* prettier on js

* added @ember/object/proxy to loader

* added unstaged file

* Fixed objet proxy reference is loader

* Linting!
2019-10-29 14:23:50 -05:00
Bianca Nenciu
1531644288
DEV: Add test (#8250)
Follow-up to 2863e7c181.
2019-10-29 12:12:09 +02:00
Sam Saffron
b92e4465f7 DEV: stop depending on hover for image resize icons
We no longer defer render the resize links, so we no longer need all these
hover events to test it.

Corrects broken test.
2019-10-29 16:01:15 +11:00
Neil Lalonde
f686ab988f FIX: close modals on ESC key and clicking outside 2019-10-28 17:23:30 -04:00
David Taylor
071a82efe3 FIX: Correct error when sending PM to email address 2019-10-28 18:32:43 +00:00
Jarek Radosz
5776251cdd
DEV: Remove an obsolete "preferences/about-me" route (#8251)
User's title and bio can be changed on the "preferences/account" page.
2019-10-28 17:29:14 +01:00
Gerhard Schlager
85c08b84a5 DEV: Add a short wait to smoke test to prevent rate limiting 2019-10-24 18:36:27 +02:00
Gerhard Schlager
d4d2cb124c DEV: Make smoke tests more reliable 2019-10-24 17:51:48 +02:00
Gerhard Schlager
decbc9194d DEV: Fix basic auth in smoke test 2019-10-24 17:43:26 +02:00
Robin Ward
6287eccb35 REFACTOR: Remove Ember.Controller in favor of import 2019-10-23 13:06:54 -04:00
David Taylor
cc56f226b8 FIX: Correct mention autocomplete in new topics in unsecured categories
When autocompleting mentions in secure categories, we immediately populate the list with users which have permission to view the category. This logic is applied to unsecured categories as well, but the server returns an empty list of users. This commit teaches the autocomplete to understand empty lists of users without terminating the autocomplete dropdown.
2019-10-21 14:52:54 +01:00
Jarek Radosz
f6ea986aec
DEV: Remove suspend from Admin::UsersController responses (#8206)
`suspend` isn't a User attribute, but was being assigned to the frontend User model as if it was. The model has a computed property that depends on `suspended_till`, so instead of overriding this property, it's better to return relevant attributes.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-10-18 01:49:26 +02:00
David Taylor
943d8e0a97 DEV: Update JS test fixtures
- `site.json` now returns a list of group objects, not a `group_names` array (a6714e25)
- `c/1/show.json` now includes `custom_fields: {}`, even if no fields exist (b8bd0316)
2019-10-15 22:37:15 +01:00
Robin Ward
de3db0e485 FIX: Remove another broken test 2019-10-11 15:52:14 -04:00
Robin Ward
204cd43861 FIX: This emoji test was broken too 2019-10-11 15:41:19 -04:00
Robin Ward
342bbe66dd FIX: Flaky tests
We had acceptance tests that were testing the contents of the post
stream preview, not the contents of the eventual topic itself.

This became apparent when I introduced a new promise which caused the
tests to finish waiting for work properly. Before that, it was up to the
speed of the execution, very spooky!
2019-10-11 15:33:34 -04:00
Penar Musaraj
3a469a79cf
FEATURE: search topics when adding a link in composer (#8178) 2019-10-11 11:37:44 -04:00
Penar Musaraj
a91ad81ed1 UX: Trigger primary action in modals using Enter
A modal's primary action (blue button in the default theme) can now be invoked
by hitting Enter on the keyboard. This applies to all modals that aren't strict
forms as long as the focus is not on a textarea element.
2019-10-09 13:28:07 -04:00
Rimian Perkins
074ce70c28 FEATURE: Load pretenders in plugins too. (#8173)
* allows plugins to auto load *-pretender files
* Allows hyphens in the name eg: `my-plugin-pretender.js.es6`
2019-10-09 10:23:44 -04:00
Penar Musaraj
30cda1761d
UX: Better composer hyperlink modal (#8160) 2019-10-08 16:19:07 -04:00
Dan Ungureanu
fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. (#8014)
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
David Taylor
d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Robin Ward
f5d391a48a
REFACTOR: Move app-events:main to service:app-events (#8152)
AppEvents was always a service object in disguise, so we should move it
to the correct place in the application. Doing this allows other service
objects to inject it easily without container access.

In the future we should also deprecate `this.appEvents` without an
explicit injection too.
2019-10-04 10:06:08 -04:00
Martin Brennan
68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2019-10-01 19:08:41 -07:00
Joffrey JAFFEUX
0b93f1239b
DEV: attempts to make date-time-input-range test more reliable (#8126) 2019-10-02 02:12:36 +02:00
Joffrey JAFFEUX
b4d42d1151
DEV: removes memory profiling from qunit tests (#8120)
Most of the work on it has been done and it's un-necessary work for now.
2019-10-01 22:17:53 +02:00
Joffrey JAFFEUX
4aefe589de
DEV: rake qunit:test was crashing on macOS due to a flag (#8119)
flag: --disable-software-rasterizer
2019-10-01 20:40:48 +02:00
Kyle Zhao
fb200e3055 FIX: Escape $ in translations before interpolating (#8100)
The dollar sign (`$`) is a special replace pattern, and `$&` inserts the
matched string. Thus dollars signs need to be escaped with the special
pattern `$$`, which inserts a single `$`.
2019-09-16 13:52:49 -04:00
Penar Musaraj
1de5d10f61 DEV: Fix Prettier 2019-09-16 11:36:27 -04:00
Penar Musaraj
6debd72c6c DEV: Add qunit test for emojis in search blurbs
Followup to cf230163
2019-09-16 11:25:55 -04:00
Kyle Zhao
f0f03acb2c FIX: Do not escape fancy_title again. (#8095)
`fancy_title` is already escaped by Rails. Escaping it again would print
the HTML entity as-is, e.g. `"` instead of `"`.

This fixes the issue by introducing a new `escapedContent` attribute on
the `QuickAccessItem` widget.
2019-09-13 10:04:14 -04:00
Jarek Radosz
1dcdcb5c31
FIX: Cast all numerical values in reports (#8087)
* FIX: Cast all numerical values in reports

The backend can return some numerical values in report as strings. That results in unexpected order of values when sorting report tables.

* Create `toNumber()` helper

The `typeof` and `parseFloat` seem to be the fastest path: https://jsperf.com/number-vs-typeof-vs-parsefloat#results
2019-09-12 15:17:34 +02:00
Dan Ungureanu
8b2c272f04
UX: Use medium format for displaying time in post notices. (#8074) 2019-09-11 13:00:53 +03:00
Kyle Zhao
9b10a78d82 FEATURE: Quick access panels in user menu (#8073)
* Extract QuickAccessPanel from UserNotifications.

* FEATURE: Quick access panels in user menu.

This feature adds quick access panels for bookmarks and personal
messages. It allows uses to browse recent items directly in the user
menu, without being redirected to the full pages.

* REFACTOR: Use QuickAccessItem for messages.

Reusing `DefaultNotificationItem` feels nice but it actually requires a
lot of extra work that is not needed for a quick access item.

Also, `DefaultNotificationItem` shows an incorrect tooptip ("unread
private message"), and it is not trivial to remove / override that.

* Use a plain JS object instead.

An Ember object was required when `DefaultNotificationItem` was used.

* Prefix instead suffix `_` for private helpers.

* Set to null instead of deleting object keys.

JavaScript engines can optimize object property access based on the
object’s shape. https://mathiasbynens.be/notes/shapes-ics

* Change trivial try/catch to one-liners.

* Return the promise in case needs to be waited on.

* Refactor showAll to a link with href

* Store `emptyStatePlaceholderItemText` in state.

* Store items in Session singleton instead.

We can drop `staleItems` (and `findStaleItems`) altogether. Because
`(old) items === staleItems` when switching back to a quick access
panel.

* Add `limit` parameter to the `user_actions` API.

* Explicitly import Session instead.
2019-09-09 11:03:57 -04:00
Penar Musaraj
4d6eacac5c FIX: close user card after clicking Message button
This was primarily an issue on mobile, where after clicking the "Messsage" button in the user card, the composer would load behind the user card overlay.
2019-08-30 13:40:12 -04:00
David Taylor
f2331ef07f
DEV: Stop serializing user_auth_token_logs (#8043)
These are no longer used in the user interface
2019-08-27 13:07:03 +01:00
Joffrey JAFFEUX
08e7211d7d
DEV: attempts to fix an heisentest in date-time-input-range (#8017) 2019-08-19 12:39:30 +02:00
Joffrey JAFFEUX
936d4ce17a
FEATURE: favorites emojis will also show in composer autocomplete (#8011) 2019-08-16 11:47:03 +02:00
Vinoth Kannan
88359b0f16
FEATURE: add support for group members visibility level (#8004)
There are 5 visibility levels (similar to group visibility)

public (default)
logged-in users
members only
staff
owners

Admins & group owners always have visibility to group members.
2019-08-14 19:00:04 +05:30
Bianca Nenciu
ba396a5384
DEV: Use ResultSet with staff action logs. (#7661) 2019-08-13 20:55:05 +03:00
Bianca Nenciu
37e7998a82
FEATURE: Send notification when member was accepted to group. (#7614) 2019-08-06 13:29:46 +03:00
Sam Saffron
f780920759 FEATURE: mention in secure category to prioritize groups
This feature allows @ mentions to prioritize showing members of a group who
have explicit permission to a category.

This makes it far easier to @ mention group member when composing topics in
categories where only the group has access.

For example:

If Sam, Jane an Joan have access to bugs category.

Then `@` will auto complete to (jane,joan,sam) ordered on last seen at

This feature works on new topics and existing topics. There is an explicit
exclusion of trust level 0,1,2 groups cause they get too big.
2019-08-06 17:57:56 +10:00
David Taylor
06e757245f FEATURE: Add a test facility to the watched words admin interface 2019-08-02 15:29:12 +01:00
David Taylor
39e0442de9 FIX: Various watched words improvements
- Client-side censoring fixed for non-chrome browsers. (Regular expression rewritten to avoid lookback)
- Regex generation is now done on the server, to reduce repeated logic, and make it easier to extend in plugins
- Censor tests are moved to ruby, to ensure everything works end-to-end
- If "watched words regular expressions" is enabled, warn the admin when the generated regex is invalid
2019-08-02 15:29:12 +01:00
Robin Ward
f57fdee2f6 FIX: Modal onClose was being called repeatedly
This happened because the modal controller was not clearing the `name`
attribute, which is used for looking up the controller to call `onClose`
on.

Every page navigation would call the method over and over, breaking
state in odd ways.
2019-08-01 15:42:43 -04:00
David Taylor
d4acd35466
FEATURE: Sync unread state live to topic lists (#7933) 2019-07-29 10:28:42 +01:00
Guo Xiang Tan
49d9557337 Revert commit that was pushed by mistake.
This reverts commit c7516c42e9.
2019-07-29 11:04:38 +08:00
Guo Xiang Tan
c7516c42e9 Revert "FIX: reverts #18e2816 (#7940)"
This reverts commit c7b146cbdf.
2019-07-29 09:18:53 +08:00
David Taylor
85cdf213e1 FIX: Hide live-loaded posts from ignored users 2019-07-27 14:00:34 +01:00
David Taylor
4f1382a54a FIX: Hide live-loaded posts from ignored users 2019-07-25 12:01:29 +01:00
Joffrey JAFFEUX
460d431621
DEV: uses ember-cli recommended chrome flags (#7939) 2019-07-25 11:38:05 +02:00
Joffrey JAFFEUX
c7b146cbdf
FIX: reverts #18e2816 (#7940) 2019-07-25 11:14:23 +02:00
Joffrey JAFFEUX
c1d2fb115c
DEV: prevents staff computed property to be overridden (#7931) 2019-07-24 22:01:08 +02:00
Osama Sayegh
5fc5a7f5ae FEATURE: Add search operator to see all direct messages from a user (#7913)
* FEATURE: Add search operator to see all direct messages from a user

* Only show message if related messages >= 5

* Make "all messages" the hyperlink

* Review
2019-07-22 10:55:49 -04:00
Roman Rizzi
eb26bee046
DEV: group_list site settings should store IDs instead of group names (#7860)
* DEV: group_list site settings should store IDs instead of group names

* Ship site setting to know when we should migrate group_list settings

* Migrate existing group_list site settings

* Bump migration timestamp and don't set null when migrating is not possible.
2019-07-19 15:17:58 -03:00
Robin Ward
8dd3cbfcb9
FEATURE: Allow choice of category when making a PM public (#7907)
* FEATURE: Allow choice of category when making a PM public

Previously it would default to uncategorized, which was not ideal on
some forums. This gives the staff member more choice about what they'd
like to do.

* Make the optional category more explicit

* Joffrey's feedback
2019-07-19 11:52:50 -04:00
Bianca Nenciu
9f500a4ff4
FIX: Show same username or name for post notices. (#7862) 2019-07-19 11:05:48 +03:00
Joffrey JAFFEUX
95ad4f9077
FEATURE: new date/time components (#7898) 2019-07-18 17:29:41 +02:00
Penar Musaraj
a571efba35
FIX: Rename deprecated icons, allow custom icons in badges
- adds a migration renaming FA4 icon names in badges
- allows all icons to be used in badges (previously was limited to icons prefixed with fa-)
- renames remaining FA 4.7 icons equivalents
2019-07-16 11:13:44 -04:00
Vinoth Kannan
839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
Guo Xiang Tan
3663ef6394 Fix the build.
Follow up to 4b0cf7f6dd.
2019-07-15 16:42:58 +08:00
Guo Xiang Tan
cbb4af124b Fix the build.
Follow up to 4b0cf7f6dd.
2019-07-15 16:38:54 +08:00
Guo Xiang Tan
477bacb3ae SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:58:52 +08:00
Guo Xiang Tan
4b0cf7f6dd SECURITY: XSS when displaying watched words in admin panel.
The XSS here is only possible if CSP is disabled. Low impact since CSP
is enabled by default in SiteSettings.
2019-07-15 10:55:50 +08:00
Bianca Nenciu
c4d1833588 FIX: Do not show bootbox if post has no replies. (#7866)
When we delete a post that has replies, we show a modal asking if the user wants to delete the post, the post and its direct replies or the post and all its replies.

If replies are deleted before a post, that modal would ask the user if they want to delete the post and 0 replies.

That commit ensure we skip the modal and directly delete the post in this case.
2019-07-12 11:42:57 +02:00
Vinoth Kannan
1bb258ab49 DEV: use upload short-url in html to markdown conversion if 'base62-sha1' data attr available. 2019-07-05 10:06:41 +05:30
Penar Musaraj
c78634284c UI: when in a different topic context, allow dismissing draft without destroying it
This changes the label and behaviour of the "No, keep" button in the confirmation modal when user cancels a draft while on a different topic. The new button label is "No, save draft", and when clicked, the composer will be dismissed without destroying the draft.
2019-07-04 11:45:57 -04:00
Joffrey JAFFEUX
a60ec00f7a
fix tests (#7853) 2019-07-03 16:32:27 +02:00
Joffrey JAFFEUX
d521959768
DEV: simpler report page test (#7851) 2019-07-03 16:08:48 +02:00
Joffrey JAFFEUX
f9f1df7611
DEV: prevents reports key to be time dependant when testing (#7850) 2019-07-03 15:43:01 +02:00
Bianca Nenciu
bfdf740a05 FIX: Show 'Export' button for all tabular reports. (#7838) 2019-07-03 14:47:36 +02:00
Joffrey JAFFEUX
1c6bb8748b
fix tests (#7849) 2019-07-03 13:45:03 +02:00
Osama Sayegh
3d64532273 FEATURE: allow disabling theme components (#7812)
This allows you to temporarily disable components without having to remove them from a theme. 

This feature is very handy when doing quick fix engineering.
2019-07-03 18:18:11 +10:00
Joffrey JAFFEUX
39e3162323
DEV: skip click-track to attempt to reduce timeouts in tests (#7836) 2019-07-02 10:08:28 +02:00
Ralph Rooding
4ba35472e6 Don't check for second factor when switching to anonymous account (#7803) 2019-06-27 15:01:26 -07:00
Joffrey JAFFEUX
a61147d838
FEATURE: displays tags in search menu results when enabled (#7819) 2019-06-27 19:26:14 +02:00
Gerhard Schlager
5b91182985 DEV: Respond with error 400 to uploads requested via XHR
follow-up to 13f38055
2019-06-27 11:30:05 +02:00
Gerhard Schlager
fe870a1e54 DEV: Respond with error 400 to uploads requested via XHR
follow-up to 13f38055
2019-06-27 11:15:35 +02:00
Joffrey JAFFEUX
df9b295510
DEV: skip load-script to prevent timeouts (#7817) 2019-06-27 10:57:40 +02:00
Joffrey JAFFEUX
5b9a3f8acd
DEV: attempts to make load-script more reliable (#7816)
We don't check on script anymore, but we still check on window.ace making very unlikely to regress.
2019-06-27 10:19:55 +02:00
Jeff Wong
79d657203d fix tests 2019-06-26 17:44:23 -07:00
Jeff Wong
88ef5e55fe
FEATURE: add ability to have multiple totp factors (#7626)
Adds a second factor landing page that centralizes a user's second factor configuration.

This contains both TOTP and Backup, and also allows multiple TOTP tokens to be registered and organized by a name. Access to this page is authenticated via password, and cached for 30 minutes via a secure session.
2019-06-26 16:58:06 -07:00
Joffrey JAFFEUX
c63268467e
DEV: prettier 1.18.2 (#7810) 2019-06-26 17:09:52 +02:00
Penar Musaraj
76307611dc
UX: new inline button to remove a topic timer (#7790) 2019-06-26 11:08:53 -04:00
Gerhard Schlager
9c8aa0a906 SECURITY: XSS in routes
Co-authored-by: Guo Xiang Tan <tgx_world@hotmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2019-06-26 16:45:33 +02:00
Gerhard Schlager
13f38055ac SECURITY: XSS in routes
Co-authored-by: Guo Xiang Tan <tgx_world@hotmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2019-06-26 16:34:15 +02:00
Joffrey JAFFEUX
f2d5cde24c FIX: category-chooser search should be scoped to category (#7794) 2019-06-24 11:31:41 +02:00
Joffrey JAFFEUX
cea3a027f3
FIX: category-chooser search should be scoped to category (#7794) 2019-06-24 10:45:30 +02:00
Joffrey JAFFEUX
59e84e8e05
DEV: skip tests instead of commenting them (#7774) 2019-06-17 10:24:20 +02:00
Robin Ward
035e63c81f FIX: Allow the clear callbacks to execute in acceptance tests 2019-06-14 13:29:13 -04:00
Robin Ward
a8793d0d9a REFACTOR: Test Memory Usage Fixes (#7769)
* Calling `Discourse.reset()` creates a new container
We should run our de-initializers only after acceptance tests,
since initializers are not run outside of acceptance tests anyway,
and the container at this point can be passed properly to the
`teardown()` method.

* Remove `Discourse.reset` from tests
This would cause a new container to be created which leaks many objects.

* `updateCurrentUser` is more accurate than `replaceCurrentUser`
2019-06-14 14:54:20 +02:00
Guo Xiang Tan
7bb94e8716 DEV: Increase wait duration between smoke test further during edit.
Otherwise, the app detects that we're replying too quickly.
2019-06-14 12:21:54 +08:00
Sam Saffron
62f4284865 DEV: 302 status is normal in smoke test
Login can redirect there are potentially other cases
2019-06-14 14:21:07 +10:00
Guo Xiang Tan
5b55252e10 DEV: Add more wait between edit so we don't end up replying too quickly. 2019-06-13 09:14:17 +08:00
Joffrey JAFFEUX
19ca2d4772
DEV: reset widget clean callback between tests (#7761) 2019-06-12 17:49:02 +02:00
Robin Ward
9daba50d48 FIX: Unsubscribe seemed to be missing some events (#7762)
This forces an unsubscribe from all events.
2019-06-12 17:48:01 +02:00
Maja Komel
621b6493f7 DEV: test badge titles presence on badge page
follow-up on 2863e7c
2019-06-12 15:04:21 +02:00
David Taylor
f60451a89d DEV: Fix linting error 2019-06-12 00:19:52 +01:00
Joffrey JAFFEUX
23f457b87d
DEV: disables d-editor emoji test to attempt to fix timeouts (#7755) 2019-06-12 00:30:11 +02:00
Joffrey JAFFEUX
5da91fa8f8
DEV: disable emoji-picker test to attempt to fix timeouts (#7754) 2019-06-12 00:11:21 +02:00
Joffrey JAFFEUX
1feaacaecb
DEV: skip emoji picker opening test to attempt to fix timeouts (#7753) 2019-06-11 23:54:20 +02:00
Joffrey JAFFEUX
58057484fe
DEV: skip ace-editor to attempt to avoid timeouts (#7752) 2019-06-11 23:38:43 +02:00
Joffrey JAFFEUX
cb08d3cc26
DEV: adds module debugging to js tests (#7751) 2019-06-11 23:14:42 +02:00
Robin Ward
3d7c26c15e FIX: Memory Leaks w/ Container (#7750)
Gives instance initializers the ability to add a `teardown` method that
will be called between tests to clean up after themselves.
2019-06-11 18:41:27 +02:00
Joffrey JAFFEUX
dc15486f0a Revert "DEV: resets csrf ajax prefilter only if present (#7747)"
This reverts commit 6612218a4e.
2019-06-11 13:34:25 +02:00
David Taylor
000a35b219 FIX: Do not live-load posts from ignored users 2019-06-11 12:07:14 +01:00
Joffrey JAFFEUX
6612218a4e
DEV: resets csrf ajax prefilter only if present (#7747) 2019-06-11 12:50:20 +02:00
Joffrey JAFFEUX
ebf77f74b7 Revert "DEV: prevents csrf token to leak state between tests (#7746)"
This reverts commit b29d63a52d.
2019-06-11 12:19:49 +02:00
Joffrey JAFFEUX
b29d63a52d
DEV: prevents csrf token to leak state between tests (#7746) 2019-06-11 11:54:23 +02:00
Joffrey JAFFEUX
4deb0f6d59
DEV: prevents post-cooked decorators to leak between tests (#7744) 2019-06-11 10:02:10 +02:00
Guo Xiang Tan
e5cace9185 FIX: File size text should not be part of link. 2019-06-11 15:21:06 +08:00
Guo Xiang Tan
d20ea38f02 Fix the build.
Follow up to bd538f7437.
2019-06-11 10:05:57 +08:00
Guo Xiang Tan
06d974d55c FEATURE: Add base62 sha1 to cooked data attribute
* FEATURE: Add base62 sha1 to data attribute in `Post#cooked`.

* FIX: Use `Upload#short_url` when quoting an image.
2019-06-11 11:15:45 +10:00
Guo Xiang Tan
bd538f7437 FIX: Composer preview not caching inline onebox. 2019-06-11 09:14:53 +08:00
Joffrey JAFFEUX
fce34aa799
DEV: prevents Pretender Object to leak between tests (#7726) 2019-06-07 11:27:54 +02:00
Gerhard Schlager
d1228f47bb FIX: Handle missing plural keys on client 2019-06-07 10:24:17 +02:00
Joffrey JAFFEUX
c573fa780b
DEV: prevents asyncTestDiscourse/controllerFor/fixture to leak (#7717) 2019-06-06 13:10:41 +02:00
Joffrey JAFFEUX
60c073ae59
typos (#7716) 2019-06-06 13:00:23 +02:00
Joffrey JAFFEUX
6d02dd6d8c
DEV: attempts to remove message bus callbacks between tests (#7715) 2019-06-06 12:59:02 +02:00
Joffrey JAFFEUX
c462c2f271
FIX: prevents appEvents to leak (#7714) 2019-06-06 12:33:52 +02:00