Commit Graph

51517 Commits

Author SHA1 Message Date
David Taylor
5c38e55dc9
DEV: Only run omniauth strategies for enabled authenticators (#24094)
Previously, we would build the stack of omniauth authenticators once on boot. That meant that all strategies had to be included, even if they were disabled. We then used the `before_request_phase` to ensure disabled strategies could not be used. This works well, but it means that omniauth is often doing unnecessary work running logic in disabled strategies.

This commit refactors things so that we build the stack of strategies on each request. That means we only need to include the enabled strategies in the stack - disabled strategies are totally ignored. Building the stack on-demand like this does add some overhead to auth requests, but on the majority of sites that will be significantly outweighed by the fact we're now skipping logic for disabled authenticators.

As well as the slight performance improvement, this new approach means that:

- Broken (i.e. exception-raising) strategies cannot cause issues on a site if they're disabled

- `other_phase` of disabled strategies will never appear in the backtrace of other authentication errors
2023-10-25 13:52:33 +01:00
Joffrey JAFFEUX
0e37ceeeb9
FIX: improves reliability of post-text-selection bar (#24093)
The main change made is to use `pointerdown` and `touchstart` for detecting click outside in `FloatKit`, the problem of using `click` is that it will trigger on `mouseup` which is not working well with `FloatKit` shown using `mousedown` (when we change selection with the `mousedown` for example) as the release will be interpreted as a click outside and close the menu. To solve this issue the previous code in `post-text-selection` was going through various hacks for detecting state of mouse which are not always very reliable.

The second fix is to exit earlier when selection didn't change.

This has been tested on chrome/firefox and safari (mobile) and seems to work reliably.

<!-- NOTE: All pull requests should have tests (rspec in Ruby, qunit in JavaScript). If your code does not include test coverage, please include an explanation of why it was omitted. -->
2023-10-25 14:34:53 +02:00
Jan Cernik
3f5a00e20f
FEATURE: Add onebox support for chat threads (#23580)
With this commit we now support onboxes of:
- channel
- channel message
- thread
- thread message
2023-10-25 14:30:39 +02:00
David Taylor
a546dcb0cc
DEV: Split chat system tests into separate GitHub actions job (#24096)
The 'plugins system' job is currently our longest-running job. Therefore, splitting it up will reduce the overall workflow runtime.
2023-10-25 12:58:36 +01:00
David Taylor
c3c557c2df
FIX: Correct import path in styleguide (#24092)
Followup to 605ec0ad9f
2023-10-25 12:13:38 +01:00
Jarek Radosz
125ab9f31d
UX: Update user field styling in the create-account modal (#24091)
1. Removes accidental bold from `text` and `multiselect` labels/placeholders
2. Adds the animated label/placeholder combo to `multiselect`
3. Makes the `multiselect` placeholder lighter to match other fields
4. Makes the `dropdown` values darker to match other fields
5. Removes the extra 5px spacing before `confirmation` fields
2023-10-25 13:03:20 +02:00
David Taylor
605ec0ad9f
DEV: Update styleguide to use real i18n helper implementation (#24080) 2023-10-25 10:15:19 +01:00
Godfrey Chan
895036bd7a
DEV: remove @ember/jquery in favor of just jquery (#24034)
`@ember/jquery` was necessary to automate the `app.import()` but
that is no longer necessary with `ember-auto-import`. A secondary
thing it does is bringing back the `this.$` feature, but with a
deprecation. It is my understanding that the deprecation has long
be fully absorbed into both core and plugins so we shouldn't need
this package anymore.
2023-10-25 10:14:50 +01:00
dependabot[bot]
a113f48ba3
Build(deps-dev): Bump minio_runner from 0.1.1 to 0.1.2 (#24086)
Bumps [minio_runner](https://rubygemspec.org/gems/minio_runner) from 0.1.1 to 0.1.2.

---
updated-dependencies:
- dependency-name: minio_runner
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-25 10:38:59 +02:00
Martin Brennan
537c0e3014
DEV: Hide anonymous_posting_min_trust_level setting (#24090)
Followup to 9db4eaa870,
I thought deprecating a setting hid it in the UI too,
but this is not the case.
2023-10-25 16:22:32 +10:00
Martin Brennan
24e087e2ba
FIX: Typo in migration (#24089)
Should be DB.exec not just exec, silly typo fix for
9db4eaa870
2023-10-25 12:54:25 +10:00
Martin Brennan
3090b4801b
FIX: Add checkbox-label CSS class to flag modal labels (#24087)
Avoids a similar bolding issue to 88ae4c7b5c
2023-10-25 11:49:07 +10:00
Martin Brennan
9db4eaa870
DEV: Change anonymous_posting_min_trust_level to a group-based setting (#24072)
No plugins or themes rely on anonymous_posting_min_trust_level so we
can just switch straight over to anonymous_posting_allowed_groups

This also adds an AUTO_GROUPS const which can be imported in JS
tests which is analogous to the one defined in group.rb. This can be used
to set the current user's groups where JS tests call for checking these groups
against site settings.

Finally a AtLeastOneGroupValidator validator is added for group_list site
settings which ensures that at least one group is always selected, since if
you want to allow all users to use a feature in this way you can just use
the everyone group.
2023-10-25 11:45:10 +10:00
Martin Brennan
5e395d4382
FIX: Add support for OffscreenCanvas in media optimization worker (#24074)
Back in c31772879b we introduced
SiteSetting.composer_ios_media_optimisation_image_enabled and
disabled media optimization on safari iOS because of performance
issues when rendering to canvas, and OffscreenCanvas support
was not yet available.

Safari now supports OffscreenCanvas, so now we can give this
another go, and also use OffscreenCanvas everywhere it is supported.
2023-10-25 09:28:09 +10:00
Martin Brennan
88ae4c7b5c
FIX: Add checkbox-label class to site setting checkboxes (#24075)
Followup to e2d9117378, which
made these labels bold because they were missing the correct
class.
2023-10-25 09:14:27 +10:00
Kris
63a0700d45
DEV: add above-category-heading outlet (#24083) 2023-10-24 15:47:29 -04:00
Jarek Radosz
2f1acbb12d
DEV: Convert user-field to gjs (#24082) 2023-10-24 20:28:47 +02:00
Neil Lalonde
8eda55e639
DEV: add a remove_step method to Wizard (#24063)
Using Wizard.exclude_steps applies to all sites in a multisite cluster.
In order to exclude steps for individual sites at run-time, a new
instance method `remove_step` is being added.
2023-10-24 13:22:55 -04:00
Joffrey JAFFEUX
5fec841c19
FIX: ensures users can open channel invites (#24067)
We were incorrectly generating URLs with message id even when it was not provided, resulting in a route ending with "undefined", which was causing an error.

This commit also uses this opportunity to:
- move `invite_users` into a proper controller inside the API namespace
- refactors the code into a service: `Chat::InviteUsersToChannel`
2023-10-24 18:51:33 +02:00
Jarek Radosz
930dc38500
DEV: Convert nav-item to gjs (#24076) 2023-10-24 17:55:09 +02:00
Jarek Radosz
9a497d9e22
DEV: Move toggleAnonymous out of app route (#24077) 2023-10-24 17:54:56 +02:00
Discourse Translator Bot
49c6671b60
Update translations (#24078) 2023-10-24 15:53:34 +02:00
Kelv
44c84413fb
DEV: upgrade reject reason reviewable modal to glimmer component (#24073)
* DEV: add system test for rejecting user from review page
* DEV: upgrade reject-reason-reviewable modal to glimmer & DModal
2023-10-24 17:44:43 +08:00
Martin Brennan
d5e8bd790b
DEV: Re-enable minio specs by pre-installing minio binary before test run (#24050)
This fixes a similar issue to 8b3eca0 where an Errno::ETXTBSY error was raised because the minio_runner gem was trying to install the binary across multiple processes in rspec. If we just make sure the latest version is installed before the tests run, this shouldn't happen, since MinioRunner.start will not do any further attempts at installation if the latest version is installed.
2023-10-24 12:43:14 +10:00
dependabot[bot]
9e4a72945c
Build(deps-dev): Bump the types group (#24068)
Bumps the types group in /app/assets/javascripts with 1 update: [@types/jquery](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jquery).

- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jquery)

---
updated-dependencies:
- dependency-name: "@types/jquery"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: types
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-23 23:29:40 +02:00
Blake Erickson
07360a96aa
DEV: Remove core plugins from plugin metadata file (#24070)
* DEV: Remove core plugins from plugin metadata file

* Add new plugin names
2023-10-23 15:26:59 -06:00
David Taylor
35290660bf
DEV: Cleanup autoimport-related config from ember-cli-build (#24006)
Running addonPostprocessTree manually was causing ember-auto-import's postprocess hook to run and generate extra unnecessary chunks. The only reason called addonPostprocessTree directly was to allow the terser plugin to run on the extra public trees. We can do the terser postprocessing manually instead.

This commit is approximately the inverse of e1d27400f5.

This commit also removes ember-auto-import as dependencies of admin/wizard/discourse-plugins because they are not 'real' ember addons, and so it isn't serving any useful purpose. (see also https://github.com/discourse/discourse/pull/23974)
2023-10-23 22:26:39 +01:00
Blake Erickson
99e4087ade
Fix spoiler-alert imports (#24066) 2023-10-23 15:14:58 -06:00
Jarek Radosz
b3caa90f6e
DEV: Check for mobile upload button presence (#24059)
If rendering would break before `_bindMobileUploadButton` - this would fail too, obscuring the original issue.
2023-10-23 23:14:17 +02:00
Gerhard Schlager
ebeb07f6c3
DEV: Fix translator-bot configuration for footnote plugin (#24065)
The footnote plugin doesn't have client translations.
2023-10-23 23:10:17 +02:00
Blake Erickson
2633674b6f
FIX: Update path for spoiler-alert plugin (#24064)
Spoiler-alert plugin is now part of core
2023-10-23 15:04:54 -06:00
Blake Erickson
89580ee379
FEATURE: Bundle discourse-spoiler-alert plugin into core (#24030)
* FEATURE: Bundle discourse-spoiler-alert plugin into core

Formerly https://github.com/discourse/discourse-spoiler-alert

* DEV: Switch to new addComposerToolbarPopupMenuOption plugin API

`api.addToolbarPopupMenuOptionsCallback` has been deprecated in 913fd3a7b3

This commit was just added to the plugin, so adding it here.

49f86ba72e
2023-10-23 13:50:43 -06:00
Blake Erickson
b0e0b657b4
FEATURE: Bundle discourse-footnote plugin into core (#23995)
Formerly https://github.com/discourse/discourse-footnote
2023-10-23 13:48:56 -06:00
Joffrey JAFFEUX
043b4a4187
FIX: replaces data-tooltip usage by <DTooltip /> (#24062)
As much as possible I would like us to avoid having to go the with a global event listener on click/mouseover. For now I have removed all cases of `data-tooltip`, if we clearly identify a use case of a global event listener we might reconsider this.

The following changes are also included:
- by default tooltips won't attempt to focus first focusable element anymore
- tooltip will now use `cursor: pointer` by default
- a new service has been introduced: `InternalTooltip` which is responsible to track the current instance displayed by a `<DTooltip />`. Portal elements when replaced are not properly cleaned and I couldn't figure out a way to have a proper hook to ensure the previous `DTooltipInstance` is properly set as not expanded; this problem was very visible when using a tooltip as interactive and hovering another tooltip, which would replace the interactive tooltip as not closed.
2023-10-23 21:09:02 +02:00
chapoi
e2d9117378
UX: change to input field + label styling (#24060) 2023-10-23 17:36:36 +02:00
Penar Musaraj
b6dc929141
UX: Add conditional UI for passkeys (#24041)
This allows users to see their passkeys recommended by the browser as they type their username.

There's a small refactor here, to make sure the same action is used by both the conditional UI and the passkey login button. The webauthn API only supports one auth attempt at a time, so in this PR we need to add a service singleton to manage the navigator.credentials.get promise so that it can be cancelled and reused as the user picks the conditional UI (i.e. the username login input) or the dedicated passkey login button.
2023-10-23 11:21:05 -04:00
Blake Erickson
8d640acf86
DEV: Show a loading spinner on video placeholders (#24039)
This commit adds a loading spinner that appears immediately after
clicking the play button on a video placeholder and will go away once
the "onCanPlay" event fires for the video.

This prevents a completely empty (no play button) placeholder from
appearing for some amount of time while the video is loading enough to
start playing.
2023-10-23 09:01:20 -06:00
Penar Musaraj
f9eec939e5
UX: Fixes for mobile "create account" modal (#24043)
- Don't include login buttons on mobile
- Fix padding/spacing
2023-10-23 10:48:46 -04:00
Penar Musaraj
0934cc6ece
DEV: Fix Ember inspector error on anonymous user (#24042) 2023-10-23 09:24:05 -04:00
Joffrey JAFFEUX
552cf56afe
DEV: toasts improvements (#24046)
- more subtle animation when showing a toast
- resumes auto close when removing the mouse from the toast
- correctly follows reduced motion
- uses output with role status as element: https://web.dev/articles/building/a-toast-component
- shows toasts inside a section element
- prevents toast to all have the same width
- fixes a bug on mobile where we would limit the width and the close button wouldn't show correctly aligned

I would prefer to have tests for this, but the conjunction of css/animations and our helper changing `discourseLater` to 0 in tests is making it quite challenging for a rather low value. We have system specs using  toasts ensuring they show when they should.
2023-10-23 15:23:10 +02:00
dependabot[bot]
2dc9c1b478
Build(deps-dev): Bump sinon in /app/assets/javascripts (#24052)
Bumps [sinon](https://github.com/sinonjs/sinon) from 16.1.3 to 17.0.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v16.1.3...v17.0.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-23 12:31:18 +02:00
Jarek Radosz
c84fe69e10
DEV: Use @discourse/lint-configs (#24038) 2023-10-23 12:08:35 +02:00
Gerhard Schlager
be07fdaefa
DEV: Upgrade pg gem to 1.5.4 (#23932)
We stopped upgrading due to deprecation notices in Rails. See https://github.com/discourse/discourse/pull/21271#issuecomment-1524348726

pg 1.5.3 and Rails 7.0.5 should have fixed the issue. See https://github.com/rails/rails/issues/48046#issuecomment-1527743307 and https://github.com/rails/rails/pull/48048#issuecomment-1564046629
2023-10-23 11:57:28 +02:00
David Battersby
f1e22dfebd
FEATURE: add grace period for chat edits (#23800)
This change allows users to edit their chat messages based on the criteria added to Site Settings.

If the grace period conditions are met then there will be no (edited) text applied to the message.

The following site settings are added to chat:

chat editing grace period (seconds since message created)
chat editing grace period max diff for low trust levels (number of characters changed)
chat editing grace period max diff for high trust levels (number of characters changed)
2023-10-23 16:40:30 +08:00
Kelv
6121869900
FIX: display and link to correct grant_by users for granted badges (#24021)
* FIX: display and link to correct grant_by users for granted badges in admin

* DEV: add system test for admin user badge granted by behaviour
2023-10-23 14:46:10 +08:00
Jeff Wong
a2000a3559
FIX: missing quote (#24049) 2023-10-22 19:23:55 -07:00
Jeff Wong
441a330f1e
DEV: refactor rake asset precompile tasks (#24045)
* DEV: refactor rake asset precompile tasks

add a separate ember build task that does not depend on rails env
allowing us to compile assets without db+redis connections

rename EMBER_CLI_COMPILE_DONE to SKIP_EMBER_CLI_COMPILE
better semantics in build steps
2023-10-22 18:55:09 -07:00
Alan Guo Xiang Tan
8c07bbe084
FIX: Disable filter when loading tags in edit nav menu tags modal (#23789)
Why this change?

When we're in the midst of loading more tags, the filter dropdown
is still enabled and may result in us firing off multiple requests to
the server to load more tags. This makes the loading hard to reason
about in the tests environment and has led to flaky tests.

What does this change do?

This changes disables the filter dropdown when more tags are being
loading.
2023-10-23 08:35:40 +08:00
Alan Guo Xiang Tan
f2a90afa4c
DEV: Introduce Theme#get_setting (#24032)
Why this change?

Currently, we do not have a method to easily retrieve a theme setting's
value on the server side. Such a method can be useful in the test
environment where we need to retrieve the theme's setting and use its
value in assertions.

What does this change do?

This change introduces the `Theme#get_setting` instance method.
2023-10-23 07:41:40 +08:00
David Taylor
c06b308895
DEV: Support RUN_SYSTEM_TESTS and SINGLE_PLUGIN in docker test task (#24040)
Previously, RUN_SYSTEM_TESTS would run system tests of all plugins. This commit makes it respect the SINGLE_PLUGIN env if it's set.
2023-10-23 07:41:21 +08:00