Commit Graph

25702 Commits

Author SHA1 Message Date
David Taylor
50f4f43825
DEV: Use double quotes for js-flags (#14693)
Single quotes seem to be raising parse errors in some CI situations. Switching to double quotes seems to fix the problem.
2021-10-27 11:09:30 +11:00
Jarek Radosz
c7768b6d16
FIX: Avoid N+1 query in Site.json_for (#14729) 2021-10-26 22:46:53 +02:00
Jean
31aa071e54
UX: Apply tags during PM creation (#14731) 2021-10-26 16:46:02 -04:00
David Taylor
e073451eae
UX: Make PresenceChannel changes more responsive (#14733)
For very fast-paced things (e.g. replying... indicators), 5s resolution is not great. This commit improves the resolution to 1 update per second.
2021-10-26 21:15:20 +01:00
Robin Ward
d067ee1c5a UX: Never show back button if less than current position 2021-10-26 15:45:55 -04:00
Penar Musaraj
b3f642db65
UX: Don't show anchor icon on touch devices (#14724) 2021-10-26 13:43:20 -04:00
David Taylor
495aa4752c FIX: Correctly avoid concurrent requests in PresenceChannel get
This if statement was intended to prevent concurrent `/presence/get` requests, but it was missing a critical line. Now it should function as intended.
2021-10-26 18:27:07 +01:00
David Taylor
edc1378aed DEV: Raise error when anon subscribes to PresenceChannels on login_required sites
In this situation, messagebus and the server-side Presence endpoints are unavailable, so it's better to quit early in the JS
2021-10-26 18:27:07 +01:00
David Taylor
d43b77b56b DEV: Ensure presence beforeunload event listener is cleaned up
In production, services are singletons. This logic will only affect the test environment
2021-10-26 18:27:07 +01:00
David Taylor
54ca7a9618 FIX: Do not send presence leave beacon if not present in any channels 2021-10-26 18:27:07 +01:00
Bianca Nenciu
0c6f9d7c67
FIX: Show right message when permanently deleting topic (#14717) 2021-10-26 18:31:15 +03:00
Roman Rizzi
be38615afd
FEATURE: Mark omniauth failures as HTML safe. (#14713)
Plugins can add HTML elements to auth error messages.
2021-10-26 09:46:25 -03:00
Dan Ungureanu
f003e31e2f
PERF: Optimize search in private messages query (#14660)
* PERF: Remove JOIN on categories for PM search

JOIN on categories is not needed when searchin in private messages as
PMs are not categorized.

* DEV: Use == for string comparison

* PERF: Optimize query for allowed topic groups

There was a query that checked for all topics a user or their groups
were allowed to see. This used UNION between topic_allowed_users and
topic_allowed_groups which was very inefficient. That was replaced with
a OR condition that checks in either tables more efficiently.
2021-10-26 10:16:38 +03:00
Martin Brennan
f6528afa01
DEV: Add uploadHandler support to composer-upload-uppy mixin (#14692)
This commit adds uploadHandler support to composer uploads using
uppy. The only things we have that are using this are discourse-brightcove and
discourse-video, which both pop modal windows to handle the file upload and
completely leave out all the composer-type flows. This implementation simply
follows the existing one, where if a single file is uploaded and there
is a matching upload handler we take control away from uppy and hand
it off to the upload handler.

Trying to get this kind of thing working within uppy would require a few
changes because they have no way to restrict uploaders to certain file types
and with the way their uploaders are run it doesn't look like it would be easy
to add this either, so I don't think this is worth the work unless at some
point in the future we plan to have more upload handler integrations.

I also fixed an issue with `cleanUpComposerUploadHandler` which is used
in tests to reset the state of `uploadHandlers` in the composer. This
was doing `uploadHandlers = []` to clear that array, but that creates
a brand new array so anything else referencing the original array will
lose that reference. Better to set `uploadHandlers.length = 0` to
clear it. This was breaking the tests I added to see if upload handlers
were working.
2021-10-26 11:22:33 +10:00
Roman Rizzi
436edbb51a
DEV: Only set tap_failed_tests_only to true for CI. (#14710)
It may seem like the command crashed when running tests locally since we get no feedback until it finishes running all the tests.
2021-10-25 16:24:47 -03:00
janzenisaac
dd5b0543c7
FEATURE: Add fullscreen-tables to post (#14709)
Overflown tables will have a "expand table" option added to open x table in a modal
2021-10-25 14:06:28 -05:00
Penar Musaraj
116982fca9
FIX: Correct tracking context for some category routes (#14685)
We were previously showing the "n new or updated topics" alert on
category routes like `/c/category-slug/ID/none` on every new/unread
topic update. This PR looks up the category by ID, which should be more
precise.
2021-10-25 15:05:00 -04:00
Jarek Radosz
facf7d6f56
DEV: Don't leak auth methods between tests (#14708) 2021-10-25 15:25:39 +02:00
David Taylor
9ac6f1d3bb
FIX: Include the Vary:Accept header on all Accept-based responses (#14647)
By default, Rails only includes the Vary:Accept header in responses when the Accept: header is included in the request. This means that proxies/browsers may cache a response to a request with a missing Accept header, and then later serve that cached version for a request which **does** supply the Accept header. This can lead to some very unexpected behavior in browsers.

This commit adds the Vary:Accept header for all requests, even if the Accept header is not present in the request. If a format parameter (e.g. `.json` suffix) is included in the path, then the Accept header is still omitted. (The format parameter takes precedence over any Accept: header, so the response is no longer varies based on the Accept header)
2021-10-25 12:53:50 +01:00
Joffrey JAFFEUX
cbd7898d1d
DEV: removes jquery usage from time formatter (#14700) 2021-10-25 11:00:15 +02:00
Joffrey JAFFEUX
c7099342ff
DEV: uses vanilla js for fixture qunit helper (#14703) 2021-10-25 10:59:58 +02:00
Joffrey JAFFEUX
c0300b13e3
DEV: replaces jquery call by vanilla js in uploader tests (#14702) 2021-10-25 10:49:14 +02:00
Joffrey JAFFEUX
cc68eb825b
DEV: drops jquery usage from ajax wizards lib (#14694) 2021-10-25 10:24:53 +02:00
Joffrey JAFFEUX
05dda755ed
DEV: removes jquery usage from linkSeenMentions codepath (#14695) 2021-10-25 10:24:37 +02:00
Bianca Nenciu
261edcebcb
FIX: Allow every tag for watched words (#14684)
If a watched word was restricted to a category, new rules for that
watched word could not be created.
2021-10-25 10:53:42 +03:00
Martin Brennan
2461ed303c
DEV: Move loadLibs to explicit install message in media-optimization-worker (#14707)
Previously, `loadLibs` was called inside the `optimize` function of
the media-optimization-worker, which meant that it could be hit
multiple times causing load errors (as seen in b69c2f7311)

This commit moves that call to a specific message handler (the `install` message)
for the service worker, and refactors the service for the media-optimization-worker
to wait for this installation to complete before continuing with processing
image optimizations.

This way, we know for sure based on promises and worker messages
that the worker is installed and has all required libraries
loaded before we continue on with attempting any processing. The
change made in b69c2f7311 is no
longer needed with this commit.
2021-10-25 13:17:43 +10:00
Joffrey JAFFEUX
76a9ca99a8
DEV: removes jquery usage from onebox (#14683) 2021-10-22 13:15:46 +02:00
Martin Brennan
7290a74aa6
DEV: Add new bookmarks:changed app event (#14674)
This new app event will fire whenever a bookmark is created,
edited, or deleted for a post or topic, and replaces these old
app events which had inconsistent APIs:

* page:bookmark-post-toggled
* topic:bookmark-toggled

When the event is triggered, the arguments are in this order:

1. bookmark - The bookmark record created or changed. Will be null
              if the bookmark was deleted.
2. target   - Object with target (post or topic) and targetId (post ID
              or topic ID)
2021-10-22 09:38:02 +10:00
Martin Brennan
2b40049abb
FIX: Remove superfluous topic allowed users on group invite (#14656)
When inviting a group to a topic, there may be members of
the group already in the topic as topic allowed users. These
can be safely removed from the topic, because they are implicitly
allowed in the topic based on their group membership.

Also, this prevents issues with group SMTP emails, which rely
on the topic_allowed_users of the topic to send to and cc's
for emails, and if there are members of the group as topic_allowed_users
then that complicates things and causes odd behaviour.

We also ensure that the OP of the topic is not removed from
the topic_allowed_users when a group they belong to is added,
as it will make it harder to add them back later.
2021-10-22 08:57:51 +10:00
Jeff Wong
6192189fd2
DEV: allow composer option to skip jumping to a post on save (#14675)
* DEV: allow composer option to skip jumping to a post on save

* DEV: refactor js safe access in jump logic

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-10-21 13:46:04 -07:00
Jarek Radosz
3b90d7de66
FIX: 2N+1 sql in admin /api/keys endpoint (#14679) 2021-10-21 17:00:17 +02:00
Penar Musaraj
db53c6b248
UX: Add special case for user search when in a topic (#14669) 2021-10-21 10:34:50 -04:00
Robin Ward
e15bd194fd UX: Sometimes the footer would show up while refreshing a list route
This happens because the state of `canLoadMore` is not cleared as the
refresh occurs, which is enough to make the page think a footer should
be displayed.

No tests here because it's tricky to test refreshing and none of our
existing acceptance tests seem to.
2021-10-21 09:04:27 -04:00
David Taylor
b57b079ff2
DEV: Update discourse-presence plugin to use new PresenceChannel system (#14519)
This removes all custom controllers and redis/messagebus logic from discourse-presence, and replaces it with core's new PresenceChannel system.

All functionality should be retained. This implementation should scale much better to large numbers of users, reduce the number of HTTP requests made by clients, and reduce the volume of messages on the MessageBus.

For more information on PresenceChannel, see 31db8352
2021-10-21 12:42:46 +01:00
Joffrey JAFFEUX
80ec6f09d3
DEV: removes unnecessary caret position code (#14665)
We don't support any browser needing this for very long: https://caniuse.com/?search=selectionStart

I'm keeping some protection so It doesn’t crash but ultimately `element.selectionStart` should be enough.

Im not removing this in the commit, but the `caret_position.js` file seems barely used.
2021-10-21 10:06:31 +02:00
Alan Guo Xiang Tan
a9d6b23802
DEV: Remove code that is no longer valid. (#14657)
The vote post action type was removed in 96aca6d7e6

Follow-up to 96aca6d7e6.
2021-10-21 10:47:22 +08:00
Martin Brennan
0f03884375
DEV: Refactor bookmark modal code (#14654)
We had code to open the bookmark modal in two places -- the bookmark
list and also from within a topic. This caused the two code paths to
drift, as in the bookmark list we were not passing in the forTopic or
autoDeletePreferences data into the modal, and we were also not refreshing
the bookmark list when the bookmark was deleted from within the modal.

This commit moves the modal opening code into an importable
function from the controllers/bookmark module, and all callers
have to do is pass it an instance of Bookmark and also options
for what to do for the following:

* onAfterSave
* onAfterDelete
* onCloseWithoutSaving
2021-10-21 09:02:35 +10:00
David Taylor
010309d108
SECURITY: Improve validation of SNS subscription confirm (#14671)
An upstream validation bug in the aws-sdk-sns library could enable RCE under certain circumstances. This commit updates the upstream gem, and adds additional validation to provide defense-in-depth.
2021-10-20 22:20:52 +01:00
Osama Sayegh
8fb823c30f
FIX: Make the verbose_auth_token_logging setting off by default (#14664)
The `generate`, `rotate` and `suspicious`  auth token logs are now always logged regardless of the `verbose_auth_token_logging` setting because we rely no these to detect suspicious logins.
2021-10-20 17:20:39 +03:00
Penar Musaraj
1f8939c0f1
FIX: Show search context only in topic routes (#14650) 2021-10-20 09:48:26 -04:00
Penar Musaraj
3e86ec3e4e
FIX: Broken quick search on iPadOS (#14663)
This also reverts back to selecting the search input text when reopening
the search panel.
2021-10-20 09:31:53 -04:00
Joffrey JAFFEUX
c2d4638ee1
DEV: drops jquery usage from wizard-canvas (#14662) 2021-10-20 14:42:06 +02:00
Joffrey JAFFEUX
adb302f801
DEV: drops jquery usage un admin-report-chart (#14661) 2021-10-20 14:28:49 +02:00
Arpit Jalan
1b8feae0bc
FIX: reset sso email and payload when user navigates away (#14658) 2021-10-20 17:21:32 +05:30
Joffrey JAFFEUX
d18e3a45b9
FIX: none row doesn’t have a value, use class to target it (#14659) 2021-10-20 13:07:58 +02:00
Alan Guo Xiang Tan
e74e3fa043
FIX: Topic timeline not updating in megatopics. (#14645)
Before this fix, jumping to posts using the topic timeline scrollbar
will not update the counts since the topic scrollarea is not rerendered.

Follow-up to db337b10ee
2021-10-20 11:42:22 +08:00
Martin Brennan
ecee9d000b
FEATURE: Allow recovery of deleted small action posts (#14643)
Previously when clicking the Delete button for small action posts
there was no way to recover this post if the action was accidental.
Now if canRecover is true on the post, which it is just after it
is deleted and the post is fetched from the server again, we show
an undo button which calls the recover endpoint for the post.

We also now disallow the editing of the post if it is deleted, and
show the proper deleted red CSS on the small action post when deleted.
2021-10-20 08:13:27 +10:00
Penar Musaraj
a1daf9fe53
FIX: Do not query backend when searching "in this topic" (#14649) 2021-10-19 13:01:42 -04:00
Andrei Prigorshnev
b9164d22ee
FEATURE: add a hidden setting that enables using email as a source for username suggestions (#14623)
This is a follow-up to https://github.com/discourse/discourse/pull/14541. This adds a hidden setting for restoring the old behavior for those users who rely on it. We'll likely deprecate this setting at some point in the future.
2021-10-19 14:37:39 +04:00
Joffrey JAFFEUX
a5eba43a65
FIX: only replaces double quotes and uses unicode (#14644)
`’` is actually not converted and doesn’t need to be normalised to `'`
2021-10-19 11:01:46 +02:00