Commit Graph

13659 Commits

Author SHA1 Message Date
Bianca Nenciu
4c748f7f54 SECURITY: Sanitize d-popover attributes (#13958) 2021-08-05 16:40:48 +03:00
Robin Ward
db826335e9
DEV: Add support for class properties in babel (#13189)
This allows us to start using JS classes instead of Ember's classes.
2021-06-09 13:53:43 -04:00
Régis Hanol
98f92d2e23 SECURITY: XSS in bookmarks list (#13311)
We should use `fancy_title` instead of `title` when displaying a topic title to ensure only the allowed html is not escaped.
2021-06-07 16:59:12 +02:00
Sam
5db39cce93
UX: unconditionally focus modals (#13179)
Previously auto focus would only work on modals that include buttons or
inputs.

To avoid a situation where information modals such as keyboard shortcuts
do not get focus, simply focus on the close button as a fallback.
2021-06-04 10:35:12 -04:00
Robin Ward
45dca791b0
UX: Add auto focus to hamburger and user menu dropdowns (#13165) 2021-06-04 10:35:04 -04:00
Sam
22e9acc797
UX: Improve navigation on topic lists for screen readers (#13153)
Previously we had no role set for various topic links, nor did we have any
headers.

This teaches screen readers that topic links in topic lists are to be treated
as H2. We opted for this less radical change cause a change of the element
type would probably result in many broken themes.

Confirmed on NVDA you can very quickly breeze through topic lists now. Minor
edge case is pinned topics which can be a bit annoying due to multiple links.
2021-06-04 10:34:40 -04:00
Sam
d444a8a400
UX: provide a region for various topic actions (#13152)
This makes it much easier to reply to topics / bookmark topics and so on

Previously topic buttons had no region
2021-06-04 10:34:31 -04:00
Robin Ward
16e1ea938c
FIX: Better focus support for modals (#13147) 2021-06-04 10:34:20 -04:00
Sam
873eb405cd
UX: add ARIA region role to posts (#13130)
NVDA does not detect HTML5 articles as regions. This explicitly sets a
region with an aria-label denoting post numbers making it much easier to
know where you are in a topic.

Note role: article which is more semantically correct is not respected by
NVDA d/D shortcut, hence the much more generic "region" role.
2021-06-04 10:34:13 -04:00
Kris
bb59e4ca61
UX: Fix theme upload width, remove class clash, prettier (#13071)
* UX: fix width & theme upload modal class clash

* remove unneeded class

* unprettier hbs

* add back unicode emoji

* add newline
2021-06-04 10:33:49 -04:00
Penar Musaraj
7d06980cc5
SECURITY: Do not allow unauthorized access to category edit UI (#13252) 2021-06-03 14:35:27 -04:00
Penar Musaraj
5f5301d478
FIX: Close hyperlink modal on ESC key (#13166) 2021-06-03 14:35:00 -04:00
Joffrey JAFFEUX
c78f32a9a1
FIX: removes legacy Ember.keys usage causing a crash (#13085)
The crash:

```
Uncaught TypeError: Ember.keys is not a function
```

Repro:

- visit home page
- click new topic
- navigate to your messages by clicking your avatar (top right), then enveloppe icon, and finally the bottom chevron
- click New Message
- click cancel in the composer, it should crash
2021-05-18 12:23:41 +02:00
Bianca Nenciu
c1dfd76658
FIX: Make replace watched words work with wildcard (#13084)
Watched words are always regular expressions, despite watched_words_
_regular_expressions being enabled or not. Internally, wildcard
characters are replaced with a regular expression that matches any non
whitespace character.
2021-05-18 12:09:47 +03:00
Robin Ward
a21700a444
FIX: Previewing themes didn't work in Ember CLI (#13078)
This is two fixes:

1. Ember CLI's proxy did not support 3xx redirects so a redirect was
   failing.

2. We were not passing query parameters to the `bootstrap.json` endpoint
   to correctly handle previewing themes (and other occasional options.)
2021-05-17 14:51:36 -04:00
Roman Rizzi
8801a27cc6
FIX: Automatically load more reviewable items. (#13069)
If you finished reviewing the initially loaded items, and there're more in the queue, load them.

Also, when fast-tracking the pending items updates, use the reviewable_count returned by the perform result. Calling "result.reviewable_count" returns undefines.
2021-05-14 15:06:34 -03:00
Robin Ward
32d6d8308c
FIX: Allow file-change events soon after reloading (#13065)
This patch remembers the last id for the `file-change` event and uses it
to initialize the client side watcher. This should help fix the issue
where styles are not reloaded client side if the browser refreshed.
2021-05-14 12:36:53 -04:00
Dan Ungureanu
034a0493e3
FIX: Delete unconfirmed emails first if available (#13046)
Users can end up with the same email both as secondary and unconfirmed.
When they tried to delete the unconfirmed ones, the secondary one was
deleted.
2021-05-13 16:14:00 +10:00
Jarek Radosz
582ec198d8
DEV: Update ember-cli across all in-repo addons (#13048)
…to match the version used in the app.
2021-05-12 21:49:55 +02:00
Robin Ward
3d7abad949
FIX: We should include resumable.js in the admin bundle (#13049)
Normally we'd use `ember-auto-import` for this, but it's not run on
our admin tree due to the quirky way we load it conditionally.
Instead we'll append it at the bottom like our Rails app does.
2021-05-12 13:44:24 -04:00
Jarek Radosz
f08f6118f2
FIX: Make truth-helpers work in Ember CLI (#13044)
The addon wasn't included at all 😃
2021-05-12 17:52:36 +02:00
Jarek Radosz
b24270845f
DEV: Update chart.js from 2.9.3 to 2.9.4 (#13026)
Release notes: https://github.com/chartjs/Chart.js/releases/tag/v2.9.4
2021-05-12 17:28:16 +02:00
zacholas
e8d0c122e3
added a plugin outlet for above the discovery list controls (#13042) 2021-05-12 11:21:32 -04:00
Penar Musaraj
b0d66b4b2f
FIX: Support pausing inline animated images (#13033) 2021-05-12 09:49:04 -04:00
Dan Ungureanu
60be1556fc
FIX: Various invite system fixes (#13003)
* FIX: Ensure the same email cannot be invited twice

When creating a new invite with a duplicated email, the old invite will
be updated and returned. When updating an invite with a duplicated email
address, an error will be returned.

* FIX: not Ember helper does not exist

* FIX: Sync can_invite_to_forum? and can_invite_to?

The two methods should perform the same basic set of checks, such as
check must_approve_users site setting.

Ideally, one of the methods would call the other one or be merged and
that will happen in the future.

* FIX: Show invite to group if user is group owner
2021-05-12 13:06:39 +03:00
Rafael dos Santos Silva
63ca9e0650
DEV: Add cleanup methods for composer extension hooks that tests can use (#13034) 2021-05-11 17:29:24 -03:00
Rafael dos Santos Silva
2f60309b13
FEATURE: New API hook to allow for client side upload transforms (#12990) 2021-05-11 12:20:28 -03:00
Penar Musaraj
e8f6e00dc9
DEV: Show warning in admin UI for core SCSS color vars (#12984)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-05-11 09:01:06 -04:00
Andrei Prigorshnev
0a4cb65020
DEV: Fix some deprecation warnings in tests
- Import `exists()` instead of using the global function (#13010)
2021-05-11 14:04:33 +04:00
Osama Sayegh
9ec5f39764
DEV: Clear NavItem.customNavItemHrefs between tests (#13025)
Identical callbacks can pile up during tests and cause all sort of weird problems that are difficult to debug. This commit clears registered callbacks after each test.
2021-05-11 12:54:37 +03:00
Jarek Radosz
a7a2887df0
DEV: Remove unnecessary yarn.lock files (#13001)
All in-repo ember addons share the same yarn.lock in the yarn workspace: `/app/assets/javascripts/yarn.lock`
2021-05-11 11:15:07 +02:00
Blake Erickson
37812b8e35
Revert "DEV: Drop old IE11 intersection-observer references" (#13017)
This reverts commit 7360a0f70f.

iOS still wants this sometimes. Probably best to revert for now and we can
always remove this again later.

See: https://meta.discourse.org/t/189799/11?u=blake
2021-05-10 17:47:09 -06:00
Jeff Wong
d61573fb1b
FIX: ember-cli proxy subfolder fix (#12996)
* FIX: ember-cli proxy subfolder fix

* REFACTOR: put rootURL setup in environment, update baseURL logic for subfolder

Correctly have ember understand and parse relative_url_root and use it in
the dev server
2021-05-10 10:02:33 -07:00
Penar Musaraj
81616fbdc4
DEV: Fix flaky d-editor test (#13005) 2021-05-10 13:00:18 -04:00
Martin Brennan
aaa034786a
FIX: Remove auto-route from topic-link (#12999)
This was needed to fix a bookmark back button issue but it
broke category topic links, causing a full reload. Now it appears
something has changed in core and this is no longer necessary for
the bookmark back button to work, so I am removing it again.
2021-05-10 11:09:55 +10:00
Kris
f002c58a30
DEV: Buttons were missing btn-default classes (#12991) 2021-05-08 11:45:18 -04:00
Robin Ward
225c0d2d96
FIX: Core templates should never overwrite theme/plugins (#12988)
This happened in Ember CLI due to a different script load order.
2021-05-07 14:41:06 -04:00
Jarek Radosz
efe055c273
DEV: Fix tags/show template lint errors (#12982)
Uncovered in #12981
2021-05-07 16:53:42 +02:00
Robin Ward
b7d6cc5b1c
FIX: crypto.randomUUID is only available in newer node releases (#12983)
Also, we should properly surface the error instead of saying it was
`bootstrap.json`
2021-05-07 09:59:45 -04:00
Sam
972347bc98
DEV: show profiler badge for first request (#12978)
In development using ember cli we were missing timings for the first req
2021-05-07 08:49:47 -04:00
Bianca Nenciu
ecc3c404a0
FIX: Cache missing inline oneboxes (#12953)
* FIX: Cache missing inline oneboxes

Some inline oneboxes were not cached when the server did not return an
answer for an URL and the queried URL and the absolute URL were
different.

For example, if user typed www.example.com, the client asked the server
for http://www.example.com and if the server returned an empty response,
then the client would keep requesting an inline onebox everytime the
composer changed.

In other words, the key used for reading (the absolute URL) and the one
used for writing (the URL as typed by the user) were not the same when
the server returned an empty response.

* DEV: Check cache before making request

There is another cache check in PrettyText, but that is not enough if
multiple requests are pending. This problem was made obvious in tests,
but can happen for users with slow connections.
2021-05-06 19:08:04 +03:00
Robin Ward
1bc6fdd41d
Add Mini Profiler support to Ember CLI (#12970) 2021-05-06 11:54:17 -04:00
Penar Musaraj
82ecd9fdd5
DEV: tiny refactor in watched words (#12969) 2021-05-06 11:37:05 -04:00
Penar Musaraj
b61d4663ec
FIX: Prevent infinite loop when replacing watched words (#12967) 2021-05-06 11:06:25 -04:00
Dan Ungureanu
17efce9023
FEATURE: Allow sending a message with invite (#12892)
* FEATURE: Allow sending a message with invite

It used to be a staff-only feature and this commit makes it available
to everyone who can invite.

* FIX: Inviting to topic uses another email template

This used to be the case, but the extra parameter was lost when we
switched to the new modal.
2021-05-06 10:16:42 +03:00
Penar Musaraj
aec52ce043
UX: Admin watched words UI tweaks (#12956) 2021-05-06 12:40:07 +10:00
Martin Brennan
72648dd576
FIX: Base topic details message on current category and tag tracking state (#12937)
The user may have changed their category or tag tracking settings since a topic was tracked/watched based on those settings in the past. In that case we need to alter the reason message we show them otherwise it is very confusing for the end user to be told they are tracking a topic because of a category, when they are no longer tracking that category.

For example: "You will see a count of new replies because you are tracking this category." becomes: "You will see a count of new replies because you were tracking this category in the past."

To do this, it was necessary to add tag and category tracking info to current user serializer. I improved the serializer code so it only does 3 SQL queries instead of 9 to get the tracking information for tags and categories for the current user.
2021-05-06 09:14:07 +10:00
Robin Ward
c792c2b5fe
FIX: {{ace-editor}} was buggy in Ember CLI release (#12952) 2021-05-05 13:45:52 -04:00
Roman Rizzi
c8f34db648
FIX: Use the no-sandbox flag when running Ember CLI tests. (#12951)
Without this flag we get "Error: Browser exited unexpectedly" when trying to run tests.
2021-05-05 14:02:26 -03:00
Blake Erickson
1b02dce594
DEV: Drop old IE11 intersection-observer references (#12942)
It's been awhile since we have supported IE11 so it should be safe to remove
IntersectionObserver now.

From a TODO task in this repo:
> drop when we eventually drop IE11

Announcement of when we removed IE11 support:

https://meta.discourse.org/t/137984/40?u=blake
2021-05-04 17:54:54 -06:00