Commit Graph

56202 Commits

Author SHA1 Message Date
Penar Musaraj
520f71b8f8
FIX: Routing back to homepage from admin sidebar (#29125) 2024-10-08 10:05:08 -04:00
Penar Musaraj
315f8c5ec6
DEV: Add app webview event when triggering login (#29075)
Mobile app can capture event and launch a separate login flow. Should
help resolve issues with passkeys (which aren't available in webviews)
and non-local login methods.
2024-10-08 10:04:48 -04:00
chapoi
d64d0ddd3d
UX: fix overflow on thread index pages (mobile) (#29126) 2024-10-08 15:27:41 +02:00
Joffrey JAFFEUX
268213a93c
FIX: adds post_quote as placeholder (#29083)
The script `send_chat_message` when used with the `post_created_edited` trigger now accepts `{{post_quote}}` as placeholder for the value of `message`.

This is made possible by a new method in `utils`. Usage:

```ruby
  placeholders["foo"] = utils.build_quote(post)
```
2024-10-08 21:55:11 +09:00
Selase Krakani
9825bde811
DEV: Generic bulk chat import support (#28697)
* DEV: WIP generic bulk chat import support

This first iteration implements bulk import for:

* direct_messages
* chat_channels
* user_chat_channel_memberships
* chat_threads
* user_chat_thread_memberships
* chat_messages
* chat_reactions
* chat_mentions

* DEV: Refactor raw placeholder interpolation to support chat messages

This change adds support for chat message placeholder interpolation
and switches to using `Chat::Message.cook` for cooking in the interim
instead of hand-cooking chat messages like we currently do for posts

* DEV: Extend upload references import to support chat message uploads

* DEV: Explicity set chat retention

- Set both channel and dm chats to 0
- Add temporary workaround for testing only chat imports

* DEV: Compute channel and thread membership metadata

Compute and set various user channel/thread membership stats and
remove hardcoded test index seed data

* FIX: Fix chat reactions import

Allow multiple reactions on a message by a user
2024-10-08 11:55:30 +00:00
chapoi
0ba7a7ecab
UX: new sidebar styling (#29119) 2024-10-08 11:28:36 +02:00
David Battersby
a7a9148b1e
DEV: consolidate chat channel notification settings (#29080)
On the chat channel settings page, we want to show a single Send push notifications setting instead of the current Desktop notifications and Mobile push notifications settings.

For existing users, use the Mobile push notifications setting value for the new Send push notifications setting.
2024-10-08 13:13:01 +04:00
Loïc Guitaut
229773e7a8 DEV: Drop OpenStruct for the context object in services
While using `OpenStruct` is nice, it’s generally not a very good idea as
it usually leads to performance problems.

The `OpenStruct` source code even says basically to avoid it.

Since the context object is crucial in our services, this patch replaces
`OpenStruct` with a custom implementation instead.
2024-10-08 10:34:55 +02:00
Ted Johansson
974a3bfc41
DEV: Fix flaky login wizard redirect spec (#29105) 2024-10-08 10:24:20 +08:00
dependabot[bot]
f9e213e69d
Build(deps): Bump jspreadsheet-ce from 4.13.4 to 4.14.0 (#29114)
Bumps [jspreadsheet-ce](https://github.com/jspreadsheet/ce) from 4.13.4 to 4.14.0.
- [Release notes](https://github.com/jspreadsheet/ce/releases)
- [Commits](https://github.com/jspreadsheet/ce/commits)

---
updated-dependencies:
- dependency-name: jspreadsheet-ce
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-08 10:23:37 +08:00
dependabot[bot]
c3c6496110
Build(deps-dev): Bump puppeteer-core from 23.5.0 to 23.5.1 (#29115)
Bumps [puppeteer-core](https://github.com/puppeteer/puppeteer) from 23.5.0 to 23.5.1.
- [Release notes](https://github.com/puppeteer/puppeteer/releases)
- [Changelog](https://github.com/puppeteer/puppeteer/blob/main/release-please-config.json)
- [Commits](https://github.com/puppeteer/puppeteer/compare/puppeteer-core-v23.5.0...puppeteer-core-v23.5.1)

---
updated-dependencies:
- dependency-name: puppeteer-core
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-08 10:23:08 +08:00
Joffrey JAFFEUX
fd15562939
FIX: allows to use open attribute with details (#29116)
Supporting `open` allows to show a `details` block open by default.

Usage:

```
[details open]
my visible content
[/details]
```
2024-10-08 11:13:44 +09:00
Martin Brennan
85774cc214
UX: Automatically collapse admin page header buttons on mobile (#29040)
This commit attempts to improve the mobile experience for
admin page header and subheader by automatically collapsing
all action buttons in these components into a DMenu when viewing
mobile.

This is done by using different "list" wrapper components and a
DMenu trigger and a DropdownMenu on mobile only, and uses has-block
to determine whether to render the DMenu trigger at all.

This also removes the `PluginOutlet` in `AdminPluginConfigPage`, it
was too inflexible for this `DropdownMenu` case, and since the `:actions`
were always rendering we couldn't rely on `has-block`. A new plugin API,
`registerPluginHeaderActionComponent`, has been introduced instead to
replace it.
2024-10-08 08:28:32 +10:00
Krzysztof Kotlarek
4ea3d69979
FIX: flaky flags system spec (#29039)
Because of unreliability, the spec was temporarily disabled. However, it is ensuring that the custom flags system is working correctly. Therefore it would be great to enable it again.

I made a few fixes to try to mitigate this situation:
- Reduced amount of Redis calls;
- When deleting, ensure that the modal is closed before checking the result;
- Moved duplicated name tests to a separate block;
- Increased wait time to 3 times the default because I noticed that sometimes it gets stuck for a moment. Most of the time it is fast, but sometimes when I run tests in a loop 50 times I see slowness.
2024-10-08 08:38:42 +11:00
Jarek Radosz
48c908c04d
DEV: Fix ember/no-arrow-function-computed-properties lint (#29110) 2024-10-07 19:51:08 +02:00
Jarek Radosz
1ba8b6b22a
DEV: Refactor UnreadIndicator (#28969)
Moves related code from topic-cell to the component. Also fixes a couple autotracking cases in topic-cell.
2024-10-07 19:50:37 +02:00
Bianca Nenciu
50cb7b897e
FIX: Use full column name to prevent ambiguous query (#29111)
This can happen when other plugins, for example discourse-rainbow, are
installed and add columns with same names.
2024-10-07 19:33:07 +03:00
Jarek Radosz
d3793f7aea
DEV: Clean up watched-words controller/component (#29106)
1. rename watched-word-test to watched-word-testing (to fix ember/no-test-import-export lint)
2. convert it to gjs
3. minor tweaks to admin-watched-words-action (async/await, string interpolation, chaining operator, for-of loop)
4. drop action helper usage
2024-10-07 18:28:18 +02:00
Jarek Radosz
b614b72852
DEV: Fix an event reference in widget hooks (#29108)
(and drop an unused eslint setting)
2024-10-07 18:26:39 +02:00
Jarek Radosz
d6961c9a35
DEV: Fix ember/no-incorrect-computed-macros lint (#29107) 2024-10-07 18:26:07 +02:00
Isaac Janzen
84d260613a
DEV: Add search-menu results plugin outlets (#29112) 2024-10-07 10:56:56 -05:00
Jarek Radosz
607134545b
DEV: Use the i18n helper in wizard (#29109) 2024-10-07 16:29:53 +02:00
Alan Guo Xiang Tan
4d1e66418c
DEV: Skip plugin:pull_compatible_all when running against main branch (#29081)
Plugins are expected to always be compatible against the main `branch`
so we can skip the `plugin:pull_compatible_all rake task.
2024-10-07 14:30:03 +08:00
dependabot[bot]
26db4c7534
Build(deps): Bump msgpack from 1.7.2 to 1.7.3 (#29091)
Bumps [msgpack](https://github.com/msgpack/msgpack-ruby) from 1.7.2 to 1.7.3.
- [Changelog](https://github.com/msgpack/msgpack-ruby/blob/master/ChangeLog)
- [Commits](https://github.com/msgpack/msgpack-ruby/compare/v1.7.2...v1.7.3)

---
updated-dependencies:
- dependency-name: msgpack
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-07 14:20:32 +08:00
Alan Guo Xiang Tan
dc3c94961c
DEV: Fix flaky chat system tests (#29104)
`PageObjects::Pages::ChatThread#has_no_loading_skeleton?` was broken
because `.chat-thread__messages` is no longer a valid class.
2024-10-07 14:20:19 +08:00
Ted Johansson
ec7703e622
FIX: Only render admin notice dismiss button for admins (#29103)
Dismissing admin notices is an admin-only action. This is enforced on the back-end both by a routing constraint and a policy in the relevant service.

However, we still unconditionally display the "Dismiss" button to anyone with access to the admin dashboard. When clicked, it results in a 404 modal (due to the routing constraint.)

With this change we only render the dismiss button for admins.
2024-10-07 13:14:01 +08:00
chapoi
8d1867688f
UX: add padding bottom to chat index list (#29096) 2024-10-07 07:09:27 +02:00
Ted Johansson
7ecb258b83
FIX: Support idempotent admin notice dismissal (#29099)
If you have the admin dashboard open, and one of the admin notices listed has already been dismissed (e.g. in another tab, or by another admin) we would show an ugly "FAILED" modal.

This change makes the admin dismiss endpoint idempotent. If the admin notice is already destroyed, then respond with 200. This will also correctly remove it from the list in the front-end.
2024-10-07 12:29:33 +08:00
Alan Guo Xiang Tan
4ba8d3b76b
Bump version to v3.4.0.beta3-dev 2024-10-07 12:14:10 +08:00
Alan Guo Xiang Tan
9cfe725b37
Bump version to v3.4.0.beta2 2024-10-07 12:14:09 +08:00
Penar Musaraj
92ac6be82a
SECURITY: prevent topic list filtering by hidden tags for unathorized users
This fixes an issue where unathorized users were able to filter topics
by tags that are hidden from them.
2024-10-07 11:48:55 +08:00
OsamaSayegh
d7164d57ec
SECURITY: Block registrations for encoded emails that are invalid 2024-10-07 11:48:52 +08:00
Régis Hanol
34d04e7507
SECURITY: add pagination to post replies
When a post has some replies, and the user click on the button to show them, we would load ALL the replies. This could lead to DoS if there were a very large number of replies.

This adds support for pagination to these post replies.

Internal ref t/129773

FIX: Duplicated parent posts

DEV: Query refactor
2024-10-07 11:48:48 +08:00
Bianca Nenciu
e081cc14fb
SECURITY: Use different anon cache keys for XHR requests
XHR requests are handled differently by the application and the
responses do not have any preloaded data so the cache key needs to
differntiate between those requests.
2024-10-07 11:48:45 +08:00
Jan Cernik
1da97de7f0
SECURITY: Correctly parse URLs in chat excerpts 2024-10-07 11:48:41 +08:00
dependabot[bot]
07f6952beb
Build(deps-dev): Bump rswag-specs from 2.14.0 to 2.15.0 (#29093)
Bumps [rswag-specs](https://github.com/rswag/rswag) from 2.14.0 to 2.15.0.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.14.0...2.15.0)

---
updated-dependencies:
- dependency-name: rswag-specs
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-07 10:08:23 +08:00
Jeff Wong
7d441e3782
FIX: skips caching a generated secret key base token if skip_redis is true. (#29029)
Allows for `SKIP_DB_AND_REDIS` env var to be used without a secret key setup in
global setting env.
2024-10-06 06:46:58 -07:00
Jeff Wong
91ac382d83
DEV: update compile steps (#29031)
Remove emoji.clear cache calls as data.js.es6.erb hasn't existed in a while.
Emoji data is now compiled separately via javascript rake tasks.

Skip db and redis precompilation when no db is present
2024-10-05 09:50:33 +10:00
Kris
e75571c401
A11Y: add aria-label to user profile link in topic list (#29088) 2024-10-04 16:02:12 -04:00
Penar Musaraj
d959bfdc61
UX: Improve bottom padding to chat index on mobile (#29086)
Minor adjustment to #29082
2024-10-04 11:33:38 -04:00
David Taylor
7a46baa31c
DEV: Update helper.renderGlimmer example to gjs (#28962) 2024-10-04 16:04:08 +01:00
Loïc Guitaut
8eff922ace DEV: Output failing MF keys when compilation fails
Currently, when the MessageFormat compiler fails on some translations,
we just have the raw output from the compiler in the logs and that’s not
always very helpful.

Now, when there is an error, we iterate over the translation keys and
try to compile them one by one. When we detect one that is failing, it’s
added to a list that is now outputted in the logs. That way, it’s easier
to know which keys are not properly translated, and the problems can be
addressed quicker.
2024-10-04 23:38:27 +09:00
David Taylor
69d2373f77
DEV: Resolve stat registration flaky tests (#29084) 2024-10-04 13:49:22 +01:00
chapoi
c13ca6eb19
UX: chat index mini refactor (#29082) 2024-10-04 08:10:36 -04:00
dependabot[bot]
514c543cd4
Build(deps-dev): Bump lint-to-the-future-eslint from 2.1.2 to 2.1.3 (#29078)
Bumps [lint-to-the-future-eslint](https://github.com/mansona/lint-to-the-future-eslint) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/mansona/lint-to-the-future-eslint/releases)
- [Changelog](https://github.com/mansona/lint-to-the-future-eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mansona/lint-to-the-future-eslint/commits)

---
updated-dependencies:
- dependency-name: lint-to-the-future-eslint
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 01:12:22 +02:00
dependabot[bot]
8132bb9f50
Build(deps-dev): Bump lint-to-the-future from 2.1.0 to 2.2.0 (#29077)
Bumps [lint-to-the-future](https://github.com/mansona/lint-to-the-future) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/mansona/lint-to-the-future/releases)
- [Changelog](https://github.com/mansona/lint-to-the-future/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mansona/lint-to-the-future/commits)

---
updated-dependencies:
- dependency-name: lint-to-the-future
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 01:12:09 +02:00
dependabot[bot]
0d9e0fd23e
Build(deps): Bump jwt from 2.8.2 to 2.9.3 (#29076)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.8.2 to 2.9.3.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.8.2...v2.9.3)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-04 01:04:31 +02:00
Penar Musaraj
0cc231f61c
DEV: Do not include passkey metadata needlessly (#29074)
Only current user should see passkey metadata.
2024-10-03 15:44:21 -04:00
dependabot[bot]
0078f0973e
Build(deps): Bump webrick from 1.8.1 to 1.8.2 (#29000)
Bumps [webrick](https://github.com/ruby/webrick) from 1.8.1 to 1.8.2.
- [Release notes](https://github.com/ruby/webrick/releases)
- [Commits](https://github.com/ruby/webrick/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: webrick
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-03 19:43:51 +02:00
Natalie Tay
d984646c97
DEV: Update warning when deleting associated accounts (#29053) 2024-10-03 19:50:29 +08:00