Commit Graph

9432 Commits

Author SHA1 Message Date
Krzysztof Kotlarek
7cad69e6ef
UX: File types site setting (#24976)
New file types site setting with buttons allowing to easily add image/video/audio/document extensions to the list.
2023-12-22 11:23:42 +11:00
Krzysztof Kotlarek
025e40354c
FIX: correct typo minmin_trust_to_edit_wiki_post (#24999)
Typo introduced here https://github.com/discourse/discourse/pull/24766#pullrequestreview-1792187422

In addition, use setting instead of hard-coded @user.has_trust_level?(TrustLevel[4])
2023-12-22 08:39:42 +11:00
yvanzo
ed20800986 FIX: Vietnamese language native name
It was wrongly set to the Vietnamese name of the Vietnam country,
instead of the Vietnamese name of the Vietnamese language.

Source: https://www.wikidata.org/wiki/Q9199
2023-12-21 18:03:57 +01:00
Discourse Translator Bot
032bfa3d51
Update translations (#24968) 2023-12-19 22:45:27 +01:00
Martin Brennan
b83d4953da
FIX: Admin problem notification minor issues (#24963)
* Icon was a gift and not exclamation-triangle...these admin problems
  are not usually a gift :P
* Added missing title translation
2023-12-19 18:37:31 +10:00
Alan Guo Xiang Tan
38abc0d922
DEV: Change default of cross_origin_opener_policy_header (#24940)
Why this change?

This is part of our efforts to harden the security of the Discourse
application. Setting the `CROSS_ORIGIN_OPENER_POLICY` header to `same-origin-allow-popups`
by default makes the application safer. We have opted to make this a
hidden site setting because most admins will never have to care about
this setting so we're are opting not to show it. If they do have to
change it, they can still do so by setting the
`DISCOURSE_CROSS_ORIGIN_OPENER_POLICY` env.
2023-12-19 11:46:44 +08:00
Blake Erickson
3380d283c9
FEATURE: Add API scope for /logs route (#24956)
Adds an API scope for accessing Logster's routes. This one is a bit
different than routes from core because it is mounted like

```
mount Logster::Web => "/logs"
```

and doesn't have all the route info a traditional rails app/engine does.
2023-12-18 19:45:04 -07:00
Penar Musaraj
46efe4f96a
FIX: Inconsistent login label (#24949) 2023-12-18 10:58:03 -05:00
Ted Johansson
0edf39409c
DEV: Convert min_trust_level_to_allow_ignore to groups (#24894)
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the min_trust_level_to_allow_ignore  site setting to ignore_allowed_groups.

This PR maintains backwards compatibility until we can update plugins and themes using this.
2023-12-18 13:04:37 +08:00
Ted Johansson
6ab1a19e93
DEV: Convert min_trust_level_to_allow_invite to groups (#24893)
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the min_trust_level_to_allow_invite  site setting to invite_allowed_groups.

Nothing much of note. This is used in one place and there's no fallout.
2023-12-18 12:07:36 +08:00
Martin Brennan
6de00f89c2
FEATURE: Initial admin sidebar navigation (#24789)
This is v0 of admin sidebar navigation, which moves
all of the top-level admin nav from the top of the page
into a sidebar. This is hidden behind a enable_admin_sidebar_navigation
site setting, and is opt-in for now.

This sidebar is dynamically shown whenever the user enters an
admin route in the UI, and is hidden and replaced with either
the:

* Main forum sidebar
* Chat sidebar

Depending on where they navigate to. For now, custom sections
are not supported in the admin sidebar.

This commit removes the experimental admin sidebar generation rake
task but keeps the experimental sidebar UI for now for further
testing; it just uses the real nav as the default now.
2023-12-18 11:48:25 +10:00
Ted Johansson
53d40672a7
DEV: Convert min_trust_level_to_allow_user_card_background to groups (#24891)
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the min_trust_level_to_allow_user_card_background site setting to user_card_background_allowed_groups.

Nothing of note here. This is used in exactly one place, and there's no fallout.
2023-12-14 10:57:58 +08:00
Ted Johansson
48116186af
DEV: Convert tl4_delete_posts_and_topics to groups (#24866)
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the tl4_delete_posts_and_topics  site setting to delete_all_posts_and_topics_allowed_groups.

This one is a bit different from previous ones, as it's a boolean flag, and the default should be no group. Pay special attention to the migration during review.
2023-12-14 09:56:42 +08:00
Blake Erickson
00209f03e6
DEV: Add file_size_restriction site setting type (#24704)
This change will allow admins to configure file sizes in mb instead of
having to convert to kb.

Co-authored-by: Ella <ella.estigoy@gmail.com>
2023-12-13 16:22:48 -07:00
marstall
0513865c3c
FEATURE: Delete backups based on time window (#24296)
* FEATURE: core code, tests for feature to allow backups to removed based on a time window

* FEATURE: getting tests working for time-based backup

* FEATURE: getting tests running

* FEATURE: linting
2023-12-13 13:00:27 -05:00
David Taylor
fadcfd1451
DEV: Add safe_mode=deprecation_errors mode (#24870)
This commit adds an additional toggle to our safe-mode system. When enabled, it will cause all deprecation messages to become exceptions. This gives admins a way to test their themes/plugins against upcoming Discourse changes without needing to use the browser developer tools.
2023-12-13 14:06:59 +00:00
Ted Johansson
294febf3c4
DEV: Convert min_trust_to_flag_posts setting to groups (#24864)
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the min_trust_to_flag_posts site setting to flag_post_allowed_groups.

Note: In the original setting, "posts" is plural. I have changed this to "post" singular in the new setting to match others.
2023-12-13 17:18:42 +08:00
Ted Johansson
36057638ca
DEV: Convert min_trust_to_edit_post to groups (#24840)
We're changing the implementation of trust levels to use groups. Part of this is to have site settings that reference trust levels use groups instead. It converts the min_trust_to_edit_post site setting to edit_post_allowed_groups.

The old implementation will co-exist for a short period while I update any references in plugins and themes.
2023-12-13 13:25:13 +08:00
Krzysztof Kotlarek
702d0620d7
DEV: Convert min_trust_to_create_topic to groups (#24740)
This change converts the min_trust_to_create_topic site setting to
create_topic_allowed_groups.

See: https://meta.discourse.org/t/283408

- Hides the old setting
- Adds the new site setting
- Add a deprecation warning
- Updates to use the new setting
- Adds a migration to fill in the new setting if the old setting was
changed
- Adds an entry to the site_setting.keywords section
- Updates tests to account for the new change
- After a couple of months, we will remove the min_trust_to_create_topicsetting entirely.

Internal ref: /t/117248
2023-12-13 14:50:13 +11:00
Krzysztof Kotlarek
1017820012
DEV: Convert allow_uploaded_avatars to groups (#24810)
This change converts the allow_uploaded_avatars site setting to uploaded_avatars_allowed_groups.

See: https://meta.discourse.org/t/283408

Hides the old setting
Adds the new site setting
Adds a deprecation warning
Updates to use the new setting
Adds a migration to fill in the new setting if the old setting was changed
Adds an entry to the site_setting.keywords section
Updates tests to account for the new change
After a couple of months, we will remove the allow_uploaded_avatars setting entirely.

Internal ref: /t/117248
2023-12-13 10:53:19 +11:00
Angus McLeod
95c61b88dc
Apply embed unlisted setting consistently (#24294)
Applies the embed_unlisted site setting consistently across topic embeds, including those created via the WP Discourse plugin. Relatedly, adds a embed exception to can_create_unlisted_topic? check. Users creating embedded topics are not always staff.
2023-12-12 09:35:26 -05:00
Discourse Translator Bot
7d0562f10e
Update translations (#24848) 2023-12-12 14:23:51 +01:00
Krzysztof Kotlarek
7dd150bc95
DEV: Convert min_trust_to_edit_wiki_post to groups (#24766)
This change converts the min_trust_to_edit_wiki_post site setting to edit_wiki_post_allowed_groups.

See: https://meta.discourse.org/t/283408

Hides the old setting
Adds the new site setting
Add a deprecation warning
Updates to use the new setting
Adds a migration to fill in the new setting if the old setting was changed
Adds an entry to the site_setting.keywords section
Updates tests to account for the new change
After a couple of months, we will remove the email_in_min_trust setting entirely.

Internal ref: /t/117248
2023-12-12 15:20:37 +11:00
Tobias Eigen
653073bb24
update desc of top_page_default_timeframe (#24755)
Update to top_page_default_timeframe description to clarify how the setting works. It adjusts automatically for logged in users depending on their last visit.
2023-12-11 16:44:20 -08:00
David Taylor
598961086c
FIX: Correct and improve autohighlight_all_code setting description (#24828)
We allow HTML in site setting descriptions, so `<code>` was being rendered as HTML instead of text. This commit fixes that, and adds an additional sentence about how to control markdown-authored code blocks.
2023-12-11 18:29:05 +00:00
Neil Lalonde
27144f188c
UX: if no login options are configured, show a message (#24777)
Admins will be instructed to login via /u/admin-login to change their
site settings.
2023-12-08 10:49:54 -05:00
David Taylor
efbe5b7dda
DEV: Catch errors in theme/plugin onPageChange handlers (#24784)
This makes the errors easier for admins to identify/resolve, and also prevents failures from affecting core functionality.
2023-12-08 10:01:37 +00:00
Martin Brennan
d5fe9b4f8c
FEATURE: Add copy link post menu button (#24709)
This commit ports the feature by @chapoi that was
previously a theme component in core.

A new post_menu button, copyLink, is added and used
as the default instead of share.

copyLink, on desktop, will copy the link of the post
to the user's clipboard and show a nice 'lil animation.
On mobile the native share menu will be shown.

If site owners want the old behaviour back, they just
need to change the post_menu site setting to use
the share button instead of copyLink.
2023-12-08 11:45:49 +10:00
Mark VanLandingham
ee05f57e2d
FEATURE: Site setting to display user avatars in user menu (#24514) 2023-12-07 11:30:44 -06:00
Jarek Radosz
694b5f108b
DEV: Fix various rubocop lints (#24749)
These (21 + 3 from previous PRs) are soon to be enabled in rubocop-discourse:

Capybara/VisibilityMatcher
Lint/DeprecatedOpenSSLConstant
Lint/DisjunctiveAssignmentInConstructor
Lint/EmptyConditionalBody
Lint/EmptyEnsure
Lint/LiteralInInterpolation
Lint/NonLocalExitFromIterator
Lint/ParenthesesAsGroupedExpression
Lint/RedundantCopDisableDirective
Lint/RedundantRequireStatement
Lint/RedundantSafeNavigation
Lint/RedundantStringCoercion
Lint/RedundantWithIndex
Lint/RedundantWithObject
Lint/SafeNavigationChain
Lint/SafeNavigationConsistency
Lint/SelfAssignment
Lint/UnreachableCode
Lint/UselessMethodDefinition
Lint/Void

Previous PRs:
Lint/ShadowedArgument
Lint/DuplicateMethods
Lint/BooleanSymbol
RSpec/SpecFilePathSuffix
2023-12-06 23:25:00 +01:00
Ella E
47629db3db
UX: Add a link from admin reports page to meta a topic (#24707)
* UX: Add a link from admin reports page to meta a topic
* DEV: apply prettier
2023-12-05 16:37:44 -07:00
Kris
4ad6c9ce34
FIX: shortcut typo (#24731) 2023-12-05 17:17:04 -05:00
Jordan Vidrine
bdecb23fd4
UX: More adjustments (#24726) 2023-12-05 14:55:08 -06:00
Discourse Translator Bot
cae2b83af8
Update translations (#24716) 2023-12-05 14:39:08 +01:00
Krzysztof Kotlarek
d9ac0c33ff
FIX: update tag description field placeholder (#24644)
Improvements after  https://github.com/discourse/discourse/pull/24561

1. Make placeholder more descriptive
2. Respect new line breaks in description
2023-12-04 09:38:20 +11:00
David Taylor
ecf7a4f0c6
FIX: Ensure app-cdn CORS is not overridden by cors_origin setting (#24661)
We add `Access-Control-Allow-Origin: *` to all asset requests which are requested via a configured CDN. This is particularly important now that we're using browser-native `import()` to load the highlightjs bundle. Unfortunately, user-configurable 'cors_origins' site setting was overriding the wldcard value on CDN assets and causing CORS errors.

This commit updates the logic to give the `*` value precedence, and adds a spec for the situation. It also invalidates the cache of hljs assets (because CDNs will have cached the bad Access-Control-Allow-Origin header).

The rack-cors middleware is also slightly tweaked so that it is always inserted. This makes things easier to test and more consistent.
2023-12-01 12:57:11 +00:00
Gerhard Schlager
ca296c4926
Fix typos (#24656)
@discourse-translator-bot keep_translations
2023-11-30 22:13:28 +01:00
Keegan George
d2b53ccac2
DEV: Port discourse-table-builder theme component to core (#24441) 2023-11-30 10:54:29 -08:00
Martin Brennan
dc8a727b3f
COPY: secure media -> secure uploads (#24643)
Fixing up the last few holdouts
2023-11-30 14:58:55 +10:00
Martin Brennan
c58cd697d2
FIX: Further improvements for plugin list (#24622)
Followup e37fb3042d

* Automatically remove the prefix `Discourse ` from all the plugin titles to avoid repetition
* Remove the :discourse_dev: icon from the author. Consider a "By Discourse" with no labels as official
* We add a `label` metadata to plugin.rb
  * Only plugins made by us in `discourse` and `discourse-org` GitHub organizations will show these in the list
* Make the plugin author font size a little smaller
* Make the commit sha look like a link so it's more obvious it goes to the code

Also I added some validation and truncation for plugin metadata
parsing since currently you can put absolutely anything in there
and it will show on the plugin list.
2023-11-30 10:53:17 +10:00
Discourse Translator Bot
c90772fd3a
Update translations (#24599) 2023-11-29 10:41:27 +01:00
Bianca Nenciu
e85a81f33c
FIX: Make category-drop work with lazy_load_categories (#24187)
The category drop was rerendered after every category async change
because it updated the categories list. This is not necessary and
categories can be referenced indirectly by ID instead.
2023-11-28 17:58:47 +02:00
David Taylor
5783f231f8
DEV: Introduce DISCOURSE_ASSET_URL_SALT (#24596)
This value is included when generating static asset URLs. Updating the value will allow site operators to invalidate all asset urls to recover from configuration issues which may have been cached by CDNs/browsers.
2023-11-28 11:28:40 +00:00
Martin Brennan
3e639e4aa7
FIX: Add higher read & open timeouts for group SMTP emails (#24593)
When sending SMTP for group SMTP functionality, we
are running into timeouts for both read and open
when sending mail occassionally, which can cause issues
like the email only being sent to _some_ of the recipients
or to fail altogether.

The defaults of 5s are too low, so bumping them up to
the defaults of the `net-smtp` gem.
2023-11-28 15:32:59 +10:00
Martin Brennan
eb1a622d38
FIX: Improve group mention copy for small groups (#24558)
If a group is < 5 members, the mention warning doesn't need to
be so harsh. This commit changes the copy for the existing warning
and adds a new one for groups that are >= 5 members.
2023-11-27 10:31:24 +10:00
Krzysztof Kotlarek
dc2a0854b0
UX: add gift emoji styling for new features (#24523)
When admin has unseen new feature, gift emoji is added to a link.

In addition, `/new-features` path was changed to `/whats-new`
2023-11-27 09:32:28 +11:00
Sam
c2fd090d7d
DEV: revert missing license for maxmind changes (#24538)
Reverts
 
 - DEV: maxmind license checking failing tests #24534 
 - UX: Show if MaxMind key is missing on IP lookup #18993

These changes are leading to surprising results, our logs are now filling up with warnings on dev environments 

We need the change to be redone
2023-11-24 11:31:11 +11:00
Sam
85d2b5fa48
DEV: maxmind license checking failing tests (#24534)
This improves the implementation of #18993

1. Error message displayed to user is clearer
2. open_db will also be called, even if license key is blank, as it was previously
3. This in turn means no need to keep stubbing 'maxmind_license_key'
2023-11-24 09:38:46 +11:00
MichaIng
c58a41cb3e
UX: Show on IP lookup if MaxMind key is missing (#18993)
as discussed in https://meta.discourse.org/t/maxminddb-not-found-error/148512/7.
 
shows a warning to the admin if no license for maxmind is found
2023-11-24 08:02:05 +11:00
Blake Erickson
c89edd9e86
DEV: Convert email_in_min_trust to groups (#24515)
This change converts the `email_in_min_trust` site setting to
`email_in_allowed_groups`.

See: https://meta.discourse.org/t/283408

- Hides the old setting
- Adds the new site setting
- Add a deprecation warning
- Updates to use the new setting
- Adds a migration to fill in the new setting if the old setting was
  changed
- Adds an entry to the site_setting.keywords section
- Updates tests to account for the new change

After a couple of months we will remove the
`email_in_min_trust` setting entirely.

Internal ref: /t/115696
2023-11-22 18:03:28 -07:00
Blake Erickson
8a45f84277
DEV: Convert approve_new_topics_unless_trust_level to groups (#24504)
* DEV: Convert approve_new_topics_unless_trust_level to groups

This change converts the `approve_new_topics_unless_trust_level` site
setting to `approve_new_topics_unless_allowed_groups`.

See: https://meta.discourse.org/t/283408

- Hides the old setting
- Adds the new site setting
- Add a deprecation warning
- Updates to use the new setting
- Adds a migration to fill in the new setting if the old setting was
  changed
- Adds an entry to the site_setting.keywords section
- Updates tests to account for the new change

After a couple of months we will remove the
`approve_new_topics_unless_trust_level` setting entirely.

Internal ref: /t/115696

* add missing translation

* Add keyword entry

* Add migration
2023-11-22 10:44:59 -07:00
Blake Erickson
447d9b2105
DEV: Convert approve_unless_trust_level to groups (#24357)
This change converts the `approve_unless_trust_level` site setting to
`approve_unless_allowed_groups`.

See: https://meta.discourse.org/t/283408

- Adds the new site setting
- Adds a deprecation warning
- Updates core to use the new settings.
- Adds a migration to fill in the new setting of the old setting was
  changed
- Adds an entry to the site_setting.keywords section
- Updates many tests to account for the new change

After a couple of months we will remove the `approve_unless_trust_level`
setting entirely.

Internal ref: /t/115696
2023-11-21 11:31:42 -07:00
Discourse Translator Bot
c33a20cff6
Update translations (#24485) 2023-11-21 14:36:16 +01:00
Martin Brennan
e37fb3042d
FEATURE: Admin plugin list redesign (#24363)
* Remove checkmark for official plugins
* Add author for plugin, which is By Discourse for all discourse
  and discourse-org github plugins
* Link to meta topic instead of github repo
* Add experimental flag for plugin metadata and show this as a
  badge on the plugin list if present

---------

Co-authored-by: chapoi <101828855+chapoi@users.noreply.github.com>
2023-11-21 09:37:11 +10:00
Martin Brennan
10b546d8c7
FIX: Make fullscreen code modal occupy as much of the screen as needed (#24403)
This commit makes it so the fullscreen code modal grows
to fit its content, and doesn't show horizontal scrollbars
unless the entire screen is filled by the modal already.

The code syntax highlighting and copy buttons were also
broken in fullscreen because of modal changes over time.
2023-11-21 09:36:42 +10:00
Martin Brennan
146da75fd7
FEATURE: Add setting & preference for search sort default order (#24428)
This commit adds a new `search_default_sort_order` site setting,
set to "relevance" by default, that controls the default sort order
for the full page /search route.

If the user changes the order in the dropdown on that page, we remember
their preference automatically, and it takes precedence over the site
setting as a default from then on. This way people who prefer e.g.
Latest Post as their default can make it so.
2023-11-20 10:43:58 +10:00
Krzysztof Kotlarek
96c5a6c9ca
FEATURE: dedicated admin section for new features (#24292)
New tab in admin panel with list of new features. Presentation was enhanced by screenshot and markdown description.

Related PR https://github.com/discourse-org/discourse-new-features-feeds/pull/23
2023-11-20 09:59:04 +11:00
Alan Guo Xiang Tan
e0ef88abca
DEV: Run QUnit tests for official Discourse themes (#24405)
Why this change?

As the number of themes which the Discourse team supports officially
grows, we want to ensure that changes made to Discourse core do not
break the plugins. As such, we are adding a step to our Github actions
test job to run the QUnit tests for all official themes.

What does this change do?

This change adds a new job to our tests Github actions workflow to run the QUnit
tests for all official plugins. This is achieved with the following
changes:

1. Update `testem.js` to rely on the `THEME_TEST_PAGES` env variable to set the
   `test_page` option when running theme QUnit tests with testem. The
   `test_page` option [allows an array to be specified](https://github.com/testem/testem#multiple-test-pages) such that tests for
   multiple pages can be run at the same time. We are relying on a ENV variable
   because  the `testem` CLI does not support passing a list of pages
   to the `--test_page` option.

2. Support a `/testem-theme-qunit/:testem_id/theme-qunit` Rails route in the development environment. This
   is done because testem prefixes the path with a unique ID to the configured `test_page` URL.
   This is problematic for us because we proxy all testem requests to the
   Rails server and testem's proxy configuration option does not allow us
   to easily rewrite the URL to remove the prefix. Therefore, we configure a proxy in testem to prefix `theme-qunit` requests with
  `/testem-theme-qunit` which can then be easily identified by the Rails server and routed accordingly. 

3. Update `qunit:test` to support a `THEME_IDS` environment variable
   which will allow it to run QUnit tests for multiple themes at the
   same time.

4. Support `bin/rake themes:qunit[ids,"<theme_id>|<theme_id>"]` to run
   the QUnit tests for multiple themes at the same time.

5. Adds a `themes:qunit_all_official` Rake task which runs the QUnit
   tests for all the official themes.
2023-11-17 07:17:32 +08:00
Mark VanLandingham
69464cbbe2
FIX: Add desktop notification translation for watching_category_or_tag (#24276) 2023-11-16 08:34:58 -06:00
David Taylor
e2e720b2b7
UX: Expand enforce_second_factor setting description (#24413) 2023-11-16 13:58:52 +00:00
chapoi
f72899401d
UX: refactor .d-modal to use BEM and improve styling (#23967)
This PR refactors the following:
* leaving all the CSS applied to the old `modal-body` classes in their respective files
* made  new clean styling for `.d-modal` and refactored the template to use the new BEM classes
  * `inner-`, `middle-`, `outer-` container classes are gone and replaced with simplified `wrapper` and `container` classes  
  * use standardised max-sizes with modifiers `-large` and `-max`
  * lighter backdrop,
  * min-width to prevent puny modals
  * other styling changes regarding padding, close button,…
* pulled out all modal overrides into a general `modal-overrides` file + cleanup of outdated CSS
* pulled out login and create account modal styling into their own file, cause it's such a big override 
* removed old general login.scss file for mobile & desktop
* only kept some remainders I don't want to touch in `app/assets/stylesheets/common/base/login.scss`
2023-11-15 10:14:47 +00:00
Penar Musaraj
c6ead3f5c4
FEATURE: Allow users to confirm session with passkeys (#24337)
We ask users to confirm their session if they are making a sensitive
action, such as adding/updating second factors or passkeys. This
commit adds the ability to confirm sessions with passkeys as an option
to the password confirmation.
2023-11-14 11:38:10 -05:00
Discourse Translator Bot
c36ee3bc02
Update translations (#24366) 2023-11-14 14:30:11 +01:00
Penar Musaraj
a814348176
DEV: Rename experimental_passkeys to enable_passkeys (#24349)
Also includes a migration.
2023-11-13 15:04:15 -05:00
Kris
797da5870b
FEATURE: remove category badge style options, set bullet style as default (#24198) 2023-11-13 10:46:15 -05:00
Martin Brennan
ea0b37c1cf
FIX: Hide old min_trust_level_for_here_mention setting (#24342)
Followup to 67ac4c5616
2023-11-13 09:23:56 +10:00
David Taylor
0878dde213
DEV: Modernise highlightjs loading (#24197)
- Remove vendored copy
- Update Rails implementation to look for language definitions in node_modules
- Use webpack-based dynamic import for hljs core
- Use browser-native dynamic import for site-specific language bundle (and fallback to webpack-based dynamic import in tests)
- Simplify markdown implementation to allow all languages into the `lang-{blah}` className
- Now that all languages are passed through, resolve aliases at runtime to avoid the need for the pre-built `highlightjs-aliases` index
2023-11-10 20:39:48 +00:00
David Taylor
ac896755bb
DEV: Simplify ember-cli proxy strategy (#24242)
Previously, the app HTML served by the Ember-CLI proxy was generated based on a 'bootstrap json' payload generated by Rails. This inevitably leads to differences between the Rails HTML and the Ember-CLI HTML.

This commit overhauls our proxying strategy. Now, we totally ignore the ember-cli `index.html` file. Instead, we take the full HTML from Rails and surgically replace script URLs based on a `data-discourse-entrypoint` attribute. This should be faster (only one request to Rails), more robust, and less confusing for developers.
2023-11-10 11:16:06 +00:00
Martin Brennan
731dffdf92
DEV: Align S3 transfer acceleration global settings (#24302)
Followup to fe05fdae24

For consistency with other S3 settings, make the global setting
the same name as the site setting and use SiteSetting.Upload
too so it reads from the correct place.
2023-11-10 09:50:23 +10:00
Martin Brennan
67ac4c5616
DEV: Move min_trust_level_for_here_mention to group setting (#24263)
c.f. https://meta.discourse.org/t/-/283408
2023-11-09 12:07:01 +10:00
Martin Brennan
986fb522be
FEATURE: Add theme-components route for admin (#24264)
This commit adds an /admin/customize/theme-components route,
that opens the theme page with the components tab pre-selected,
so people can navigate to that directly.
2023-11-08 13:42:27 +10:00
Martin Brennan
0ef3836e0a
DEV: Add keywords for shared_drafts_allowed_groups (#24262)
Followup to b90b7ac705
2023-11-08 10:04:47 +10:00
Discourse Translator Bot
5fa46e6995
Update translations (#24177) 2023-11-07 21:31:20 +01:00
Penar Musaraj
a1c1f7ce75
DEV: Standardize session confirmation prompt (#24212)
Switches to using a dialog to confirm a session (i.e. sudo mode for
account changes where we want to be extra sure the current user is who
they say they are) to match what we do with passkeys.
2023-11-07 11:26:10 -05:00
Martin Brennan
b90b7ac705
DEV: Move shared_drafts_min_trust_level to group setting (#24257)
No plugins or themes rely on shared_drafts_min_trust_level so we
can just switch straight over to shared_drafts_allowed_groups

c.f. https://meta.discourse.org/t/changes-coming-to-settings-for-giving-access-to-features-from-trust-levels-to-groups/283408
2023-11-07 14:03:25 +10:00
Martin Brennan
fe05fdae24
DEV: Introduce S3 transfer acceleration for uploads behind hidden setting (#24238)
This commit adds an `enable_s3_transfer_acceleration` site setting,
which is hidden to begin with. We are adding this because in certain
regions, using https://aws.amazon.com/s3/transfer-acceleration/ can
drastically speed up uploads, sometimes as much as 70% in certain
regions depending on the target bucket region. This is important for
us because we have direct S3 multipart uploads enabled everywhere
on our hosting.

To start, we only want this on the uploads bucket, not the backup one.
Also, this will accelerate both uploads **and** downloads, depending
on whether a presigned URL is used for downloading. This is the case
when secure uploads is enabled, not anywhere else at this time. To
enable the S3 acceleration on downloads more generally would be a
more in-depth change, since we currently store S3 Upload record URLs
like this:

```
 url: "//test.s3.dualstack.us-east-2.amazonaws.com/original/2X/6/123456.png"
```

For acceleration, `s3.dualstack` would need to be changed to `s3-accelerate.dualstack`
here.

Note that for this to have any effect, Transfer Acceleration must be enabled
on the S3 bucket used for uploads per https://docs.aws.amazon.com/AmazonS3/latest/userguide/transfer-acceleration-examples.html.
2023-11-07 11:50:40 +10:00
Mark VanLandingham
047cae4b3f
FEATURE: Improve push notification message for watching_category_or_tag notifications (#24228) 2023-11-06 10:13:23 -06:00
David Taylor
c5e6e271a5
DEV: Remove legacy /brotli_asset workaround (#24243)
When Discourse first introduced brotli support, reverse-proxy/CDN support for passing through the accept-encoding header to our NGINX server was very poor. Therefore, a separate `/brotli_assets/...` path was introduced to serve the brotli assets. This worked well, but introduces additional complexity and inconsistencies.

Nowadays, Brotli encoding is well supported, so we don't need the separate paths any more. Requests can be routed to the asset `.js` URLs, and NGINX will serve the brotli/gzip version of the asset automatically.
2023-11-06 15:57:00 +00:00
Michael Brown
f70379d24d FIX: the referenced site setting is named differently
The Great Rename of e0d92322 changed the referenced setting name to
`allowed_inline_onebox_domains`, not `inline_onebox_domain_allowlist`.
2023-11-03 10:25:56 -04:00
David Taylor
67bcef3959
DEV: Show theme/plugin error banner for route loading failures (#24218)
This aims to help admins and developers identify the cause of loading issues on routes.

As with other theme/plugin errors, the UI banner is only shown to administrators. For non-admins, the information is only written to the browser console.
2023-11-02 15:45:02 +00:00
Osama Sayegh
3cadd6769e
FEATURE: Theme settings migrations (#24071)
This commit introduces a new feature that allows theme developers to manage the transformation of theme settings over time. Similar to Rails migrations, the theme settings migration system enables developers to write and execute migrations for theme settings, ensuring a smooth transition when changes are required in the format or structure of setting values.

Example use cases for the theme settings migration system:

1. Renaming a theme setting.

2. Changing the data type of a theme setting (e.g., transforming a string setting containing comma-separated values into a proper list setting).

3. Altering the format of data stored in a theme setting.

All of these use cases and more are now possible while preserving theme setting values for sites that have already modified their theme settings.

Usage:

1. Create a top-level directory called `migrations` in your theme/component, and then within the `migrations` directory create another directory called `settings`.

2. Inside the `migrations/settings` directory, create a JavaScript file using the format `XXXX-some-name.js`, where `XXXX` is a unique 4-digit number, and `some-name` is a descriptor of your choice that describes the migration.

3. Within the JavaScript file, define and export (as the default) a function called `migrate`. This function will receive a `Map` object and must also return a `Map` object (it's acceptable to return the same `Map` object that the function received).

4. The `Map` object received by the `migrate` function will include settings that have been overridden or changed by site administrators. Settings that have never been changed from the default will not be included.

5. The keys and values contained in the `Map` object that the `migrate` function returns will replace all the currently changed settings of the theme.

6. Migrations are executed in numerical order based on the XXXX segment in the migration filenames. For instance, `0001-some-migration.js` will be executed before `0002-another-migration.js`.

Here's a complete example migration script that renames a setting from `setting_with_old_name` to `setting_with_new_name`:

```js
// File name: 0001-rename-setting.js

export default function migrate(settings) {
  if (settings.has("setting_with_old_name")) {
    settings.set("setting_with_new_name", settings.get("setting_with_old_name"));
  }
  return settings;
}
```

Internal topic: t/109980
2023-11-02 08:10:15 +03:00
Krzysztof Kotlarek
1c395e1a01
FIX: reliably reorder link in custom sections (#24188)
Two changes were introduced:
1. Reorder links on sidebar section is removed. Clicking and holding the mouse for 250ms was unintuitive;
2. Fixed bugs when reorder is done in edit modal.
2023-11-02 08:46:45 +11:00
Mark VanLandingham
1d96b0a99a
FIX: Add translation for new push notification (#24203) 2023-11-01 15:45:22 -05:00
Renato Atilio
bdf2a20355
UX: form template simpler "value missing" i18n (#24154) 2023-10-30 17:40:07 -03:00
Martin Brennan
0a4b1b655d
FIX: Alter "Take Action" default behaviour to hide post (#24088)
This commit fixes an issue where clicking the default
"Take Action" option on a flag for a post doesn't always
end up with the post hidden.

This is because the "take_action" score bonus doesn’t take into account
the final score required to hide the post.

Especially with the `hide_post_sensitivity` site setting set to `low`
sensitivity, there is a likelihood the score needed to hide the post
won’t be reached.

Now, the default "Take Action" button has been changed to "Hide Post"
to reflect what is actually happening and the description has been
improved, and if "Take Action" is clicked we _always_ hide the post
regardless of score and sensitivity settings. This way the action reflects
expectations of the user.
2023-10-30 10:24:35 +10:00
Blake Erickson
1a78e8ec1b
FEATURE: Add keywords support for site_settings search (#24146)
* FEATURE: Add keywords support for site_settings search

This change allows for a new `keywords` field that can be added to site
settings in order to help with searching. Keywords are not visible in
the UI, but site settings matching one of the contained keywords will
appear when searching for that keyword.

Keywords can be added for site settings inside of the
`config/locales/server.en.yml` file under the new `keywords` key.

```
site_settings
  example_1: "fancy description"
  example_2: "another description"

  keywords:
    example_1: "capybara"
```

* Add keywords entry for a recently changed site setting and add system specs

* Use page.visit now that we have our own visit
2023-10-27 15:42:57 -06:00
Ted Johansson
f9f9cf0bf4
DEV: Remove unreachable IP address validation message (#24131)
The message: :signup_not_allowed option to the IP address validator does nothing, because the AllowedIpAddressValidator chooses one of either:

- ip_address.blocked or
- ip_address.max_new_accounts_per_registration_ip

internally. This means that the translation for this was also never used.

This PR removes the ineffectual option and the unused translation. It also moves the translated error messages for blocked and max_new_accounts_per_registration_ip into the correct location so we can pass a symbol to ActiveModel::Errors#add.

There is no actual change in behaviour.
2023-10-27 15:22:38 +08:00
Ted Johansson
66084b3ce8
DEV: Remove deprecated PostsController#all_reply_ids (#24128)
The PostsController#all_reply_ids was deprecated and marked for removal in 3.0. This PR removes the controller action and the route.
2023-10-27 12:40:49 +08:00
Renato Atilio
5bd92dd252
FIX: only clear upload list if multiple not allowed (#24123)
* FIX: only clear upload list if multiple not allowed
2023-10-27 00:12:55 -03:00
Martin Brennan
219b071994
FIX: Revise and reject post breaks on new topics queued (#24109)
Followup to 9762e65758. This
original commit did not take into account the fact that
new topics can end up in the approval queue as a
ReviewableQueuedPost, and so there was a 500 error raised
when accessing `self.topic` when sending a PM to the user.
2023-10-27 13:05:41 +10:00
David Taylor
c124c69833
DEV: Simplify sprockets configuration (#24111)
- Remove the wildcard crawler. This was already excluding almost all file types, but the exclude list was missing '.gjs' which meant those files were unnecessarily being hoisted into the `public/` directory during precompile

- Automatically include all ember-cli-generated assets without needing them to be listed. The main motivation for this change is to allow us to start using async imports via Embroider/Webpack. The filenames for those new async bundles will not be known in advance.

- Skips sprockets fingerprinting on Embroider/Webpack chunk JS files. Their filenames already include a fingerprint, and having sprockets change the filenames will cause problems for the async import feature (where filenames are included deep inside js bundles)

This commit also updates our ember-cli build so that it skips building plugin tests in the production environment. This should provide a slight build speed improvement.
2023-10-26 17:29:53 +01:00
Penar Musaraj
e231ed2153
DEV: Improve error messaging (#24099)
Applies to passkeys, visible in a dev environment when using a non-standard
host. The error modal should only be shown when invoking the passkey
login button.
2023-10-25 13:44:08 -04:00
Martin Brennan
537c0e3014
DEV: Hide anonymous_posting_min_trust_level setting (#24090)
Followup to 9db4eaa870,
I thought deprecating a setting hid it in the UI too,
but this is not the case.
2023-10-25 16:22:32 +10:00
Martin Brennan
9db4eaa870
DEV: Change anonymous_posting_min_trust_level to a group-based setting (#24072)
No plugins or themes rely on anonymous_posting_min_trust_level so we
can just switch straight over to anonymous_posting_allowed_groups

This also adds an AUTO_GROUPS const which can be imported in JS
tests which is analogous to the one defined in group.rb. This can be used
to set the current user's groups where JS tests call for checking these groups
against site settings.

Finally a AtLeastOneGroupValidator validator is added for group_list site
settings which ensures that at least one group is always selected, since if
you want to allow all users to use a feature in this way you can just use
the everyone group.
2023-10-25 11:45:10 +10:00
Discourse Translator Bot
49c6671b60
Update translations (#24078) 2023-10-24 15:53:34 +02:00
Sérgio Saquetim
0cfc42e0e6
FEATURE: Add dark mode option for category backgrounds (#24003)
Adds a new upload field for a dark mode category background that will be used as an alternative when Discourse is using a dark mode theme.
2023-10-20 12:48:06 +00:00
Kris
7b6e32c238
UX: move global option to sidebar modal footer, shorten translation (#24024) 2023-10-19 12:20:03 -04:00
Martin Brennan
9ef3a18ce4
DEV: Add new experimental admin UI route and sidebar (#23952)
This commit adds a new admin UI under the route `/admin-revamp`, which is
only accessible if the user is in a group defined by the new `enable_experimental_admin_ui_groups` site setting. It
also adds a special `admin` sidebar panel that is shown instead of the `main`
forum one when the admin is in this area.

![image](https://github.com/discourse/discourse/assets/920448/fa0f25e1-e178-4d94-aa5f-472fd3efd787)

We also add an "Admin Revamp" sidebar link to the community section, which
will only appear if the user is in the setting group:

![image](https://github.com/discourse/discourse/assets/920448/ec05ca8b-5a54-442b-ba89-6af35695c104)

Within this there are subroutes defined like `/admin-revamp/config/:area`,
these areas could contain any UI imaginable, this is just laying down an
initial idea of the structure and how the sidebar will work. Sidebar links are
currently hardcoded.

Some other changes:

* Changed the `main` and `chat` panels sidebar panel keys to use exported const values for reuse
* Allowed custom sidebar sections to hide their headers with the `hideSectionHeader` option
* Add a `groupSettingArray` setting on `this.siteSettings` in JS, which accepts a group site setting name
  and splits it by `|` then converts the items in the array to integers, similar to the `_map` magic for ruby
  group site settings
* Adds a `hidden` option for sidebar panels which prevents them from showing in separated mode and prevents
  the switch button from being shown

---------

Co-authored-by: Krzysztof Kotlarek <kotlarek.krzysztof@gmail.com>
2023-10-19 14:23:41 +10:00
Penar Musaraj
a125c9e63e
UX: Minor fixes to passkey handling (#23947)
- don't try to guess the name of the manager (too many options)
- improve error message when registration is not allowed
- output error in console when registration fails
- minor fix to rename dialog layout
- hides action buttons in DiscourseHub (because adding passkeys there is not possible)
- adds acceptance test to ensure action buttons are hidden for admins seeing another user's profile
2023-10-18 11:46:51 -04:00
Krzysztof Kotlarek
4773f5d720
FEATURE: predefined simple list for admin setting (#23953)
Some admin settings are multiple list with predefined values. In that case, we should not allow to input any value which later will fail validation.
2023-10-18 00:25:32 +00:00
Bianca Nenciu
2e68ead45b
FEATURE: Use async search for category dropdowns (#23774)
This commit introduces a new endpoint to search categories and uses it
instead of the categories map that is preloaded using SiteSerializer.

This feature is enabled only when the hidden site setting
lazy_load_categories is enabled and should be used only on sites with
many categories.
2023-10-17 19:46:54 +03:00
Blake Erickson
60ae69027c
DEV: Add category style deprecation check warning (#23951)
The category style site setting is being deprecated. This commit will
show a warning on the admin dashboard if a site isn't using the default
category style (bullet).
2023-10-17 10:40:31 -06:00
Bianca Nenciu
c95ffb98ef
DEV: Serialize categories in topic lists (#23597)
At this moment, this feature is under a site setting named
lazy_load_categories.

In the future, categories will no longer be preloaded through site data.
This commit add information about categories in topic list and ensures
that data is used to display topic list items.

Parent categories are serialized too because they are necessary to
render {{category-link}}.
2023-10-17 19:06:01 +03:00
Discourse Translator Bot
5e6c63901f
Update translations (#23955) 2023-10-17 10:57:06 -04:00
Martin Brennan
3cde7f125d
DEV: Remove hashtag autocomplete experimental setting (#23954)
Everything relying on this was removed in
09223e5ae7
2023-10-17 15:05:58 +10:00
Alan Guo Xiang Tan
cbbe3a808b
SECURITY: Add a default limit as to when logs should be truncated
Why this change?

This ensures that malicious requests cannot end up causing the logs to
quickly fill up. The default chosen is sufficient for most legitimate
requests to the Discourse application.

When truncation happens, parsing of logs in supported format like
lograge may break down.
2023-10-16 10:34:38 -04:00
Penar Musaraj
1a70817962
DEV: Add UI for passkeys (3/3) (#23853)
Adds UI elements for registering a passkey and logging in with it. The feature is still in an early stage, interested parties that want to try it can use the `experimental_passkeys` site setting (via Rails console). 

See PR for more details. 
---------

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2023-10-13 12:24:06 -04:00
Martin Brennan
9762e65758
FEATURE: Add Revise... option for queued post reviewable (#23454)
This commit adds a new Revise... action that can be taken
for queued post reviewables. This will open a modal where
the user can select a Reason from a preconfigured list
(or by choosing Other..., a custom reason) and provide feedback
to the user about their post.

The post will be rejected still, but a PM will also be sent to
the user so they have an opportunity to improve their post when
they resubmit it.
2023-10-13 11:28:31 +10:00
Tobias Eigen
460e702887
improve desc of review every post admin setting (#23899)
Adds more information about what the "review every post" admin setting does. All new posts are sent to the review queue so they can be reviewed by moderators, but are still published.
2023-10-12 09:43:14 -07:00
Krzysztof Kotlarek
cb8190d32f
FEATURE: option to automatically delete unused tags (#23864)
Introduced a new site setting that enables the automatic and daily removal of unused tags.
2023-10-11 23:58:56 +00:00
Penar Musaraj
e3e73a3091
DEV: Add routes and controller actions for passkeys (2/3) (#23587)
This is part 2 (of 3) for passkeys support.

This adds a hidden site setting plus routes and controller actions.

1. registering passkeys

Passkeys are registered in a two-step process. First, `create_passkey`
returns details for the browser to create a passkey. This includes
- a challenge
- the relying party ID and Origin
- the user's secure identifier
- the supported algorithms
- the user's existing passkeys (if any)

Then the browser creates a key with this information, and submits it to
the server via `register_passkey`.

2. authenticating passkeys

A similar process happens here as well. First, a challenge is created
and sent to the browser. Then the browser makes a public key credential
and submits it to the server via `passkey_auth_perform`.

3. renaming/deleting passkeys

These routes allow changing the name of a key and deleting it.

4. checking if session is trusted for sensitive actions

Since a passkey is a password replacement, we want to make sure to confirm the user's identity before allowing adding/deleting passkeys. The u/trusted-session GET route returns success if user has confirmed their session (and failed if user hasn't). In the frontend (in the next PR), we're using these routes to show the password confirmation screen. 

The `/u/confirm-session` route allows the user to confirm their session with a password. The latter route's functionality already existed in core, under the 2FA flow, but it has been abstracted into its own here so it can be used independently.


Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2023-10-11 14:36:54 -04:00
Discourse Translator Bot
88f851432b
Update translations (#23873) 2023-10-11 11:18:02 +02:00
David Taylor
f4aeebeb64
UX: Correct description on 'create topic' composer dropdown (#23871)
The 'create topic' entry in the dropdown was incorrectly using the 'reply as new topic' description. This fixes the logic to use a separate locale key for the description.
2023-10-10 13:23:00 +01:00
Tobias Eigen
00b1b88a86
updated description of company_name field (#23818)
If company name field is left blank, no boilerplate TOS or Privacy Notice is provided. Updated the description to make this explicit. For more info, see: https://meta.discourse.org/t/updates-to-new-site-experience-and-the-getting-started-guide/273189#login-page-is-more-welcoming-on-private-sites-3
2023-10-09 15:52:48 -07:00
Krzysztof Kotlarek
c468110929
FEATURE: granular webhooks (#23070)
Before this change, webhooks could be only configured for specific groups like for example, all topic events.

We would like to have more granular control like for example topic_created or topic_destroyed.

Test are failing because plugins changed has to be merged as well:
discourse/discourse-assign#498
discourse/discourse-solved#248
discourse/discourse-topic-voting#159
2023-10-09 03:35:31 +00:00
Alan Guo Xiang Tan
832b3b9e60
FEATURE: Remove support for legacy navigation menu (#23752)
Why this change?

Back in May 17 2023 along with the release of Discourse 3.1, we announced
on meta that the legacy hamburger dropdown navigation menu is
deprecated and will be dropped in Discourse 3.2. This is the link to the announcement
on meta: https://meta.discourse.org/t/removing-the-legacy-hamburger-navigation-menu-option/265274

## What does this change do?

This change removes the `legacy` option from the `navigation_menu` site
setting and migrates existing sites on the `legacy` option to the
`header dropdown` option.

All references to the `legacy` option in code and tests have been
removed as well.
2023-10-09 07:24:10 +08:00
Krzysztof Kotlarek
e94b553e9a
FEATURE: delete multiple inactive themes/components (#23788)
Ability to select multiple inactive themes or components and delete them all together
2023-10-08 21:35:53 +00:00
Penar Musaraj
921f1279b9
DEV: Update webauthn authentication documentation (#23787)
Also adds a `userHandle` check for first factor verification, though this is not yet implemented in Rails controllers and UI.
2023-10-05 15:22:43 -04:00
Renato Atilio
1d70cf455e
FEATURE: support a description attribute on form template fields (#23744)
* FEATURE: support a description attribute on form template fields
2023-10-04 17:51:53 -03:00
Discourse Translator Bot
24feb20abc
Update translations (#23757) 2023-10-04 09:54:20 +02:00
Mark Doerr
54d43c688f
UX: Update 'gtm_container_id' site setting description (#23763)
It should point to GTM nonce documentation, which is our preferred implementation when the CSP is enabled.
2023-10-03 15:19:23 -04:00
Penar Musaraj
0af6c5efdc
DEV: Refactor webauthn to support passkeys (1/3) (#23586)
This is part 1 of 3, split up of PR #23529. This PR refactors the
webauthn code to support passkey authentication/registration.

Passkeys aren't used yet, that is coming in PRs 2 and 3.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2023-10-03 14:59:28 -04:00
Kris
c9db9e9319
A11Y: composer tip close link should be a button (#23731) 2023-10-03 09:09:54 -04:00
KThompson-Lane-Unity
607f700c8c
FEATURE: Add API key scopes for tag_groups (#23634) 2023-10-03 16:20:17 +08:00
Kris
0bb7e9e0b8
A11Y: improve about page profile link markup (#23695) 2023-10-02 13:55:28 -04:00
Kris
5884176174
A11Y: correctly markup /about stat table headers, tweak style (#23733) 2023-10-02 13:55:11 -04:00
Kris
f5d4ddbff5
A11Y: add page title to account activation step (#23736) 2023-10-02 13:54:52 -04:00
Ted Johansson
7019dbcfe1
DEV: Change share quote visibility setting default to 'all' (#23720)
As pointed out on Meta, having this default to all (anonymous- and logged in users) is probably more sensible than just anonymous.
2023-09-30 11:41:50 +02:00
Ted Johansson
fd2912f944
FIX: Remove reference to removed site setting from num_users_to_silence_new_user setting (#23718)
The num_users_to_silence_new_user setting is referencing num_spam_flags_to_silence_new_user, which has been superceded twice.

This change updates the description to reflect that it now operates on the new "sensitivity score" system.
2023-09-30 11:28:04 +02:00
Arpit Jalan
b39f823fd3
FEATURE: add custom date range filter for admin dashboard reports (#23702)
* FEATURE: add custom date range filter for admin dashboard reports

* Improvements per David's review
2023-09-29 14:44:17 +05:30
Kris
34cc87db40
A11Y: UI emoji are decorative, use alt="" (#23690) 2023-09-28 13:30:19 -04:00
Kris
a523f17ed7
A11Y: aria-label for mobile topic list avatar (#23693) 2023-09-28 13:29:56 -04:00
Matt Marjanović
619d43ea47
FEATURE: Add prompt=none functionality to SSO Provider protocol (#22393)
This commit adds support for an optional `prompt` parameter in the
payload of the /session/sso_provider endpoint.  If an SSO Consumer
adds a `prompt=none` parameter to the encoded/signed `sso` payload,
then Discourse will avoid trying to login a not-logged-in user:

 * If the user is already logged in, Discourse will immediately
   redirect back to the Consumer with the user's credentials in a
   signed payload, as usual.

 * If the user is not logged in, Discourse will immediately redirect
   back to the Consumer with a signed payload bearing the parameter
   `failed=true`.

This allows the SSO Consumer to simply test whether or not a user is
logged in, without forcing the user to try to log in.  This is useful
when the SSO Consumer allows both anonymous and authenticated access.
(E.g., users that are already logged-in to Discourse can be seamlessly
logged-in to the Consumer site, and anonymous users can remain
anonymous until they explicitly ask to log in.)

This feature is similar to the `prompt=none` functionality in an
OpenID Connect Authentication Request; see
https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest
2023-09-28 12:53:28 +01:00
Gerhard Schlager
da313ba49b
FEATURE: Add webhooks for user suspend and unsuspend (#23684) 2023-09-28 10:51:05 +02:00
Sam
a2da2e02e7
FEATURE: improve error message when double liking (#23698)
If a user somehow is looking at an old version of the page and attempts
to like a post they already like. Display a more reasonable error message.

Previously we would display:

> You are not permitted to view the requested resource.

New error message is:

> Oops! You already performed this action. Can you try refreshing the page?

Triggering this error condition is very tricky, you need to stop the
message bus. A possible reason for it could be bad network connectivity.
2023-09-28 16:53:48 +10:00
Kris
1ad60b791c
FIX: copy codeblocks needs client: true (#23686) 2023-09-27 11:03:20 -04:00
Discourse Translator Bot
287d0ec842
Update translations (#23627) 2023-09-27 11:03:00 +02:00
Krzysztof Kotlarek
81f3f56deb
FIX: enable copy code block by default (#23662)
Copy button on code blocks should be enabled by default and this setting should be hidden.
2023-09-27 10:24:19 +10:00
Kris
bbb4e19612
UX: improve history modal layout (#23675) 2023-09-26 17:50:09 -04:00
David Taylor
110fdf0189
DEV: Remove dependence on dartsass-sprockets (#23665)
Discourse has a custom stylesheet pipeline which compiles things 'just in time'. The only place we were still running sass files through sprockets was for the `/tests` route in development mode. This use can be removed by compiling the relevant stylesheets through ember-cli instead (which we were already doing for testem runs)

This work was prompted by the incompatibility of dartsass-sprockets with the latest sass-embedded release (https://github.com/tablecheck/dartsass-sprockets/issues/13)
2023-09-26 16:25:07 +01:00
Kris
cbf8d85e6b
UX: improve activity column title data (#23614) 2023-09-25 15:53:16 -04:00
Renato Atilio
1cc2c8fcb6
UX: unhide experimental_form_templates (#23615)
* UX: unhide experimental_form_templates

* UX: add description to experimental_form_templates setting
2023-09-25 13:38:06 -03:00
Renato Atilio
d93c2cb3d2
FEATURE: site settings to revoke api keys older than a number of days (#23595)
* FEATURE: site settings to revoke api keys older than a number of days
2023-09-15 16:31:29 -03:00
David Taylor
a60d7a2bc7
DEV: Modernize admin-site-text route/controller (#23581)
- Switch to `@tracked` and native getters
- Remove queryParam defaults which are awkward to work with. Instead, add `resolvedBlah` getters
- Add 'no results found' text
- Use standard 'model' key instead of a custom `setupController` method
- Remove use of `route-action`
- Remove `{{action` helper

Default queryParams in ember controllers are tricky to work with, especially when combined with the new router service. Instead, we can handle defaults ourselves
2023-09-14 11:27:09 +01:00
Sam
267e8ebaa6
FIX: min_personal_message_post_length not applying to first post (#23531)
* FIX: min_personal_message_post_length not applying to first post

Due to the way PostCreator is wired, we were not applying min_personal_message_post_length
to the first post.

This meant that admins could not configure it so PMs have different
limits.

The code was already pretending that this works, but had no reliable way
of figuring out if we were dealing with a private message
2023-09-13 15:43:54 +10:00
Bianca Nenciu
6f782d8e45
SECURITY: Add limits for themes and theme assets
This commit adds limits to themes and theme components on the:

- file size of about.json and .discourse-compatibility
- file size of theme assets
- number of files in a theme
2023-09-12 15:31:31 -03:00
Gerhard Schlager
e3a2446874
SECURITY: Limit number of drafts per user and length of draft_key
The hidden site setting max_drafts_per_user defaults to 10_000 drafts per user.
The longest key should be "topic_<MAX_BIG_INT>" which is 25 characters.
2023-09-12 15:31:26 -03:00
OsamaSayegh
c1b5faa5fd
SECURITY: Limit name field length of TOTP authenticators and security keys 2023-09-12 15:31:17 -03:00
Blake Erickson
9ac5e09179
DEV: Show separate error message for backup uploads (#23480)
Due to server upload limits backups may receive a 413 error so we need
to display a different error message than the default one we have set
for attachments.
2023-09-12 09:58:29 -06:00
Discourse Translator Bot
93de8c8daa
Update translations (#23538) 2023-09-12 15:27:48 +02:00
Renato Atilio
abae6ecadc
UX: remove unsupported features from form template help text (#23482) 2023-09-08 15:39:27 -03:00
Michael Brown
30528eac5c FIX: add missing translation key
This is used when browsing/filtering on all categories and new results appear.
2023-09-06 13:40:45 -04:00
Discourse Translator Bot
9ef5cefe26
Update translations (#23433) 2023-09-06 12:23:34 +02:00
Meghna
48951bb35e
UX: show only one username on multiple likes notification (#23385)
To adjust for small width screen and multiple locales only show one
username on multiple likes notification.
2023-09-06 15:30:56 +05:30
Ted Johansson
ede73f923f
DEV: Change fast typer trust level setting to enum type (#23429)
We have one site setting, `auto_silence_fast_typers_max_trust_level`, which expects a trust level. However, the type is set to integer, which makes it very hard for a layman to enter the correct thing.

This PR changes the type of the site setting to the `TrustLevelSetting` enum.

The use of these are interchangeable in the back-end, since `SiteSetting.auto_silence_fast_typers_max_trust_level` still returns the integer value with the enum.
2023-09-06 17:35:11 +08:00
Martin Brennan
c532f6eb3d
FEATURE: Secure uploads in PMs only (#23398)
This adds a new secure_uploads_pm_only site setting. When secure_uploads
is true with this setting, only uploads created in PMs will be marked
secure; no uploads in secure categories will be marked as secure, and
the login_required site setting has no bearing on upload security
either.

This is meant to be a stopgap solution to prevent secure uploads
in a single place (private messages) for sensitive admin data exports.
Ideally we would want a more comprehensive way of saying that certain
upload types get secured which is a hybrid/mixed mode secure uploads,
but for now this will do the trick.
2023-09-06 09:39:09 +10:00
Discourse Translator Bot
2768f3a968
Update translations (#23408) 2023-09-05 15:42:34 +02:00
Loïc Guitaut
7d0d0e48bc DEV: Add missing keyboard shortcut on cheatsheet
PR #23387 introduced a new keyboard shortcut to archive private
messages, but the new shortcut wasn’t added to the keyboard shortcuts
cheatsheet.
2023-09-05 11:59:38 +02:00
Sam
98dfc9df3f
DEV: relative_url_root is used for subfolder installs add comment (#23403)
The word subfolder is used commonly to describe subdirectory installs
2023-09-05 17:06:31 +10:00
Ted Johansson
d1253bc3af
DEV: Include context question for chat reviewables (#23332)
Chat review queue flags were missing the context message above the actions.

This is probably because the (reasonably complex) logic was somewhat hard-coded to posts. After some investigation I concluded we can reuse this logic with some small amendments.
2023-09-05 10:11:39 +08:00
David Taylor
3c63db9123
FIX: Update asset precompile list following c7dce90f (#23393)
`test-helpers.js` no longer exists. We need `tests.js` instead.
2023-09-04 23:06:43 +01:00
Alan Guo Xiang Tan
5724b7bccd
DEV: Add hidden cross_origin_opener_policy_header site setting (#23346)
Why this change?

As part of our ongoing efforts to security harden the Discourse
application, we are adding the `cross_origin_opener_policy_header` site setting
which allows the `Cross-Origin-Opener-Policy` response header to be set on requests
that preloads the Discourse application. In more technical terms, only
GET requests that are not json or xhr will have the response header set.

The `cross_origin_opener_policy_header` site setting is hidden for now
for testing purposes and will either be released as a public site
setting or be remove if we decide to be opinionated and ship a default
for the `Cross-Origin-Opener-Policy` response header.
2023-08-31 08:50:06 -04:00
Martin Brennan
253d4a154c
FIX: Confusing vague upload error (#23347)
When an upload fails and we don't have a specific error, we
show a generic one. But it's a little too generic -- it doesn't
even include the file name.

This commit shows the file name so you at least know which of your
uploads failed.
2023-08-31 18:02:00 +10:00
Vinoth Kannan
5a810fd6cc
UX: display warning message when uploads are not included in backup. (#23253)
Also, this PR will introduce a new checkbox in the modal window to manage whether the uploads should be included in the backup or not.
2023-08-31 10:21:07 +05:30
Martin Brennan
8ef569cda4
UX: Remove Plugin Settings tab (#23345)
This tab doesn't really provide anything useful, and can be quite
confusing in some cases. Each plugin is already listed below, and
you can navigate to their settings from there. We want to move away
from the catch-all Plugins category for site settings. Core plugins are
not shown in this list as at 97a812f022.
2023-08-31 12:11:39 +10:00
Blake Erickson
da389d7844
DEV: Remove unused site settings (#23326)
According to the output of this rake task:

`LOAD_PLUGINS=0 bin/rails "site_settings:find_dead"`

which searches for unused site settings, these settings:

```
rate_limit_new_user_create_topic
enable_system_avatars
check_for_new_features
allow_user_api_keys
```

are unused.
2023-08-29 17:42:32 -06:00
Renato Atilio
58b49bce41
FEATURE: support to initial values for form templates through /new-topic (#23313)
* FEATURE: adds support for initial values through /new-topic to form templates
2023-08-29 18:41:33 -03:00
Discourse Translator Bot
9db047a76c
Update translations (#23309) 2023-08-29 15:50:52 +02:00
Sam
997c839626
FEATURE: display count of topics being dismissed in dialog (#23288)
Previous to this change it was unclear if all new would be dismissed or just
some of them

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2023-08-28 11:46:38 +02:00
Ted Johansson
4b52269827
DEV: Move option to delete user under reviewable reject menu (#23257)
Follow-up to #23199 in which we moved the "delete user" options under the relevant action menu for flagged post. This change does the same, but to queued posts.
2023-08-27 10:05:05 +08:00
Penar Musaraj
fdc2080bd8
DEV: Use ellipsis instead of three dots (#23193)
Also adds a note for translators for the `type_to_filter` string.

@discourse-translator-bot keep_translations_and_approvals
2023-08-24 10:10:41 -04:00
Discourse Translator Bot
81d0b8838c
Update translations (#23181) 2023-08-23 09:29:38 +02:00
Blake Erickson
c3a4ce79cb
DEV: Add CSP to setting descriptions (#23172)
In an effort to aid in the searchability of Content-Security-Policy related
site settings this commit is appending "CSP" to several
`content_security_policy_` site setting descriptions.
2023-08-21 13:58:41 -06:00
Juan David Martínez Cubillos
477a5dd371
FEATURE: Digest suppression by tags (#23089)
* FEATURE: Digest suppression by tags

* fixed stree issues

* fixed code so untagged topics are not suppressed when suppressing certain tags
2023-08-18 14:28:20 -05:00
Osama Sayegh
09d3709ec9
FEATURE: New topics vs replies toggle for the new new view (#22920)
This PR adds a new toggle to switch the (new) /new list between showing topics with new replies (a.k.a unread topics), new topics, or everything mixed together.
2023-08-18 12:44:04 +08:00
Discourse Translator Bot
23222aa2d4
Update translations (#23099) 2023-08-15 21:24:57 +02:00
Régis Hanol
13b74f8a12
Fixed group_email_credentials_warning description (#23037) 2023-08-09 16:35:20 +02:00
Régis Hanol
b5fcb486d0
Improve 'no_log_search_queries' description (#23036) 2023-08-09 16:35:06 +02:00
Régis Hanol
feed6018fe
Improve 'hidden_bidi_character' description (#23035) 2023-08-09 16:34:39 +02:00
Régis Hanol
c8760db309
Better site setting description (#23033)
For slow_down_crawler_user_agent_must_be_at_least_3_characters
2023-08-09 16:34:23 +02:00
Discourse Translator Bot
5b6493ff4b
Update translations (#23013) 2023-08-08 15:42:28 +02:00
Keegan George
282e43d806
DEV: Pluralize support for form template error strings (#22983) 2023-08-04 14:26:27 -07:00
Rishabh
eebe3210bb
UX: Add tooltip about multiple emails to admin.groups.incoming_email field (#22926)
* UX: Add tooltip about multiple emails to admin.groups.incoming_email field
* prettier (linting)
2023-08-02 14:25:37 +05:30
Alan Guo Xiang Tan
773b22e8d0
DEV: Seperate concerns of tracking GC stat from MethodProfiler (#22921)
Why this change?

This is a follow up to e8f7b62752.
Tracking of GC stats didn't really belong in the `MethodProfiler` class
so we want to extract that concern into its own class.

As part of this PR, the `track_gc_stat_per_request` site setting has
also been renamed to `instrument_gc_stat_per_request`.
2023-08-02 10:46:37 +08:00
Alan Guo Xiang Tan
e8f7b62752
DEV: Add site setting to allow collection of GC stats during requests (#22898)
What does this change do?

This change adds a hidden `track_gc_stat_per_request` site setting which
when enabled will track the time spent in GC, major GC count and minor
GC count during a request.

Why is this change needed?

We have plans to tune our GC in production but without any
instrumentation, we will not be able to know if our tuning is effective
or not. This commit takes the first step at instrumenting some basic GC
stats in core during a request which can then be consumed by the discourse-prometheus plugin.
2023-08-02 09:16:32 +08:00
Daniel Waterworth
50d527b80c
DEV: Remove db_timeout setting (#22912)
It doesn't actually do anything.
2023-08-01 14:17:43 -05:00
Discourse Translator Bot
d5f4b8e02c
Update translations (#22904) 2023-08-01 16:05:44 +02:00
Gerhard Schlager
ad0b8aed51
FIX: Use category hashtag instead of link in discourse_welcome_topic.body (#22875)
Linking to the #feedback category can break if the category gets renamed or a different site locale is used. By using the correct hashtag (at the time of seeding) this issues can be avoided.
2023-08-01 13:53:23 +02:00
Roman Rizzi
e7fb4be23e
UX: Topic recommendations tweaks. (#22880)
This PR updates how we display related and suggested topics on mobile and desktop. It adds a new `PluginOutlet` specifically designed for adding new topic lists, which automatically work if following the same conventions as the ones inside `<MoreTopics />`.

While we display lists side by side on desktop, we only display one in mobile. You can switch to another one by clicking on the nav pills, and we'll automatically save your preference for next time.
2023-07-31 18:33:21 -03:00
Bianca Nenciu
a68752df25
UX: Move Admin Guide link to URL (#22789)
Co-authored-by: David Taylor <david@taylorhq.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-07-31 15:30:27 +01:00
David Taylor
d0cbbbe773
UX: Clarify 'disable tag/category edit notifications' site settings (#22874)
Toggling these settings will prevent 'published' topics (e.g. from shared drafts) from creating notifications for people watching the relevant category/tag.
2023-07-31 13:36:13 +01:00
Gerhard Schlager
1af33fdb71 REFACTOR: Use pluralized string for js.badges.awarded 2023-07-31 13:28:42 +02:00
OsamaSayegh
0976c8fad6
SECURITY: Don't reuse CSP nonce between anonymous requests 2023-07-28 12:53:44 +01:00
marstall
80f5018924
FEATURE: JSON editor for theme settings (#21647)
provide the ability to edit theme settings in the json editor, and also copy them as a text file so they can be pasted into another instance.

Reference: /t/65023
2023-07-27 13:48:59 -04:00
Penar Musaraj
f2048eeb4c
UX: Minor change to compact tag chooser (#22796)
Followup to f5e8e73.

This switches the placeholder label to the existing string "optional
tags" and only shows it if there are no items picked.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2023-07-26 11:43:46 -04:00
Jordan Vidrine
3f29a2ab90
FIX: Remove unnecessary ellipsis (#22806) 2023-07-26 07:54:07 -05:00
Jarek Radosz
d06431ba9b
DEV: Fix random typos (#22804)
A fresh batch of stashed changes :P
2023-07-26 12:45:35 +02:00
Discourse Translator Bot
ad9ad55870
Update translations (#22664) 2023-07-25 17:57:48 +02:00
Penar Musaraj
f5e8e737ad
UX: Compact option for multi-selects (#22239)
Adds an alternative to the default multi select item, better suited for quickly adding/removing tags.
2023-07-25 11:00:02 -04:00
Emmett Ling
978d52841a
FEATURE: Implement SiteSetting to Allow Anonymous Likes (#22131)
Allow anonymous users (logged-in, but set to anonymous posting) to like posts

---------

Co-authored-by: Emmett Ling <eling@zendesk.com>
Co-authored-by: Nat <natalie.tay@discourse.org>
2023-07-21 21:21:07 +08:00
Isaac Janzen
37942cb8bb
DEV: Convert admin-incoming-email modal to component-based API (#22701)
- Convert `admin-incoming-email` modal to component-based API
- Testing that the modal was working in local development was extremely challenging due to the need for `rejected` and `bounced` emails. Something that is not easy to stub in a local dev environment. To make this process more smooth for future developers I have added a new rake task:

```
desc "Creates sample email logs"
task "email_logs:populate" => ["db:load_config"] do |_, args|
  DiscourseDev::EmailLog.populate!
end
```

That will generate fully functional email logs in development to be toyed with.

<img width="787" alt="Screenshot 2023-07-20 at 3 27 04 PM" src="https://github.com/discourse/discourse/assets/50783505/47b3fe34-cd7e-49a5-8fe6-768c0fbd1aa2">
2023-07-20 16:31:20 -05:00
Roman Rizzi
238d71bcad
FEATURE: Regenerate outdated summaries. (#22718)
Users unable to generate new summaries won't be able to regenerate them. They'll only see the warning saying it's outdated.
2023-07-20 15:25:46 -03:00
Krzysztof Kotlarek
3355298f9f
FEATURE: ability to position switch panel buttons (#22707)
SiteSetting which allow to position switch panels buttons at the top or the bottom of the Sidebar.
2023-07-20 12:52:46 +10:00
Ted Johansson
341acacba8
DEV: Add endpoint for dismissing outdated translations (#22509)
Recently we started giving admins a notice in the advice panel when their translations have become outdated due to changes in core. However, we didn't include any additional information.

This PR adds more information about the outdated translation inside the site text edit page, together with an option to dismiss the warning.
2023-07-19 23:06:13 +08:00
Roman Rizzi
3820fae041
UX: Disclose AI model used and add animation to placeholder (#22670)
* UX: Disclose AI model used and add animation to placeholder

* Move text into hbs template

DTooltip (weirdly) attaches to a sibling element, so we need something else to be rendered inside the RenderGlimmer wrapper div

---------

Co-authored-by: David Taylor <david@taylorhq.com>
2023-07-19 12:03:36 -03:00
Krzysztof Kotlarek
20ec7ac174
FEATURE: new API to add panels to sidebar (#22534)
Define new concept of panels in sidebar. Panels are wrappers around sidebar sections. In the future, it allows creating full focus mode by switching between panels.

A new API method called addSidebarPanel was added. Default main panel is already registered and by default all API sections are mounted to main.
2023-07-19 11:31:45 +10:00
Alan Guo Xiang Tan
003918d33f
DEV: Update copy for legacy navigation menu warning (#22656)
Follow-up to b719688887
2023-07-18 10:13:05 +08:00
Alan Guo Xiang Tan
3da6759860
FEATURE: Add admin dashboard warning for legacy navigation menu (#22655)
Why this change?

The `legacy` navigation menu option for the `navigation_menu` site
setting will be removed shortly after the release of Discourse 3.1 in
the first beta release of Discourse 3.2. Therefore, we're adding an
admin dashboard warning to give sites on the `legacy` navigation menu a
heads up.
2023-07-18 09:41:38 +08:00
Roman Rizzi
77e5153350
UX: Point that topic summaries are generated by an AI (#22646) 2023-07-17 17:24:41 -03:00
Rafael dos Santos Silva
3bde7ae433
FEATURE: Allow custom summaries for TL3 by default (#22641) 2023-07-17 11:46:27 -03:00
Roman Rizzi
dc547e39aa
FEATURE: Let users collapse the topic inline summary (#22604) 2023-07-13 18:21:50 -03:00
Mark Doerr
ac6f2f0d96
DEV: Update /locales/server.en.yml text for max_consecutive_replies. (#22603) 2023-07-13 13:05:13 -07:00
Joe
82c03127df
FEATURE: New Discourse Lightbox using Glimmer (#19798)
Introduces new lightbox as a step to migrate away from Magnific Popup.

Please see https://meta.discourse.org/t/migrating-away-from-magnific-popup/251505 for more details

Co-authored-by: Nat <natalie.tay@discourse.org>
Co-authored-by: David Battersby <info@davidbattersby.com>
2023-07-13 15:06:17 +08:00
Roman Rizzi
61aeb2da90
FEATURE: Inline topic summary. Cached version accessible to everyone. (#22551)
* FEATURE:  Inline topic summary. Cached version accessible to everyone.

Anons and non-members of the `custom_summarization_allowed_groups_map` groups can see cached summaries for any accessible topic. After the first 12 hours and if the posts to summarize have changed, allowed users clicking on the button will automatically re-generate it.

* Ensure chat summaries work and prevent model hallucinations when there are no messages.
2023-07-12 11:21:51 -03:00
liushuyu
8e63244e72
DEV: allow using CDN URL for all s3 uploads (#20755)
This adds an option to allow non-image s3 files to be downloaded through CDN URL.

Addresses the issues in:

* meta.discourse.org/t/s3-cdn-url-not-being-used-on-non-image-uploads/175332
* meta.discourse.org/t/s3-uploads-using-cdn-for-pdfs/213218
2023-07-12 12:06:49 +08:00
Blake Erickson
52b003d915
SECURITY: limit amount of links in custom sidebar section (#22543)
Custom sidebar section can have maximum of 50 links

Co-authored-by: Krzysztof Kotlarek <kotlarek.krzysztof@gmail.com>
2023-07-11 15:25:01 -06:00
Bianca Nenciu
bdb9ee8507
UX: Improve user tips (#22518)
- Add an icon to the bootstrap user tip to draw attention
- Remove the second "don't show user tip" button from every user tip
2023-07-11 18:22:40 +03:00
Discourse Translator Bot
3d231de12a
Update translations (#22537) 2023-07-11 16:20:52 +02:00
Selase Krakani
69e0c23f41
FIX: Conditionally hide Add Alternate Email button based on site setting (#22525)
Hide button in UI if `max_allowed_secondary_emails` site setting is 0.
2023-07-11 12:17:40 +00:00
Alan Guo Xiang Tan
ab053ac669
UX: Remove section heading for community section (#22405)
Why is this change being made?

We've decided that the previous "community" section should look more
like a primary section that holds the most important navigation links
for the site and the word "community" doesn't quite fit that
description. Therefore, we've made the decision to drop the
section heading for the community section. 

As part of removing the section heading, the following changes are made
as well:

1. Button to customize the section has been moved to the "footer" of the
   "More..." section when `navigation_menu` site setting is set to `sidebar`. 
   When `navigation_menu` is set to `header dropdown`, a button to customize 
   the section is shown inline.

2. The section will no longer be collapsable.

3. The title of the section is no longer customisable as it is no longer
   displayed. As a technical note, we have not dropped any previous
   customisations of the section's title previously in case we have to
   bring back the header in the future.

4. The new topic button that was previously present in the header has
   been removed alongside the header. Admins can add a custom section
   link to the `/new-topic` route if there would like to make it easier for
   users to create a new topic in the sidebar.
2023-07-11 09:40:37 +08:00
Bianca Nenciu
0b16fc8172
FEATURE: Show tooltip for bootstrap mode (#22257)
Improve user tips UX and make them smoother.
2023-07-10 20:42:09 +03:00
Kris
26d19fc1bd
UX: indicate main sidebar section is always public (#22492) 2023-07-10 11:44:40 -04:00
Ted Johansson
9915236e42
FEATURE: Warn about outdated translation overrides in admin dashboard (#22384)
This PR adds a feature to help admins stay up-to-date with their translations. We already have protections preventing admins from problems when they update their overrides. This change adds some protection in the other direction (where translations change in core due to an upgrade) by creating a notice for admins when defaults have changed.

Terms:

- In the case where Discourse core changes the default translation, the translation override is considered "outdated".
- In the case above where interpolation keys were changed from the ones the override is using, it is considered "invalid".
- If none of the above applies, the override is considered "up to date".

How does it work?

There are a few pieces that makes this work:

- When an admin creates or updates a translation override, we store the original translation at the time of write. (This is used to detect changes later on.)
- There is a background job that runs once every day and checks for outdated and invalid overrides, and marks them as such.
- When there are any outdated or invalid overrides, a notice is shown in admin dashboard with a link to the text customization page.

Known limitations

The link from the dashboard links to the default locale text customization page. Given there might be invalid overrides in multiple languages, I'm not sure what we could do here. Consideration for future improvement.
2023-07-10 10:06:40 +08:00
Guhyoun Nam
b70bd4366b
FEATURE: Separated 'trusted users can edit others' setting for trust level 3 & 4 (#21493) 2023-07-07 10:48:14 -05:00
Osama Sayegh
d2d6d727de
FEATURE: Add default site settings to control the defaults of navigation menu preferences (#22485)
Follow-up to b27e12445d

This commit adds 2 new site settings `default_sidebar_link_to_filtered_list` and `default_sidebar_show_count_of_new_items` to control the default values for the navigation menu preferences that were added in the linked commit (`sidebar_link_to_filtered_list` and `sidebar_show_count_of_new_items` respectively).
2023-07-07 04:52:10 +03:00
Matt Bauman
7ffe0997d7
UX: Clarify "disable tags/category notification" settings (#21619)
Slightly improved wordings here that — to my understanding — are more accurate and no longer just parrot the setting id.
2023-07-07 07:13:22 +08:00
David Taylor
f92ed88c52
FEATURE: Enable loading slider by default (#22439)
Followup to d51baa3bb3

Also includes: Force full rerender of post-stream widget when switching topics. This ensures that plugin/theme decorators are re-run when we switch between topics with the loading slider enabled.
2023-07-06 17:02:59 +01:00
Jarek Radosz
e72153dd1a
DEV: Remove unused raw-email code (#22364)
This code seems unused, since ~2016?
2023-07-05 18:13:30 +02:00
David Taylor
d51baa3bb3
FEATURE: Introduce 'loading slider' for page navigations (#22042)
This brings the functionality from https://github.com/discourse/discourse-loading-slider into Discourse core. Default behaviour remains the same - the new slider mode can be enabled using the new 'page_loading_indicator' site setting.
2023-07-05 14:59:24 +01:00
Alan Guo Xiang Tan
96b20077d9
DEV: Ignore requests to /favicon.ico requests in test env (#22431)
This is not a valid route and is causing routing errors to be raised in
the test env adding noise to the logs. We'll just "handle" the route in
the test env.
2023-07-05 12:11:15 +08:00
Discourse Translator Bot
9ee1972a2c
Update translations (#22412) 2023-07-04 18:14:46 +02:00
Krzysztof Kotlarek
134dcdd63a
FEATURE: allow user to override watched_precedence_over_muted setting (#22340)
Recently, site setting watched_precedence_over_muted was introduced - https://github.com/discourse/discourse/pull/22252

In this PR, we are allowing users to override it. The option is only displayed when the user has watched categories and muted tags, or vice versa.
2023-07-04 15:08:29 +10:00
Alan Guo Xiang Tan
82d6420e31
PERF: Paginate loading of tags in edit nav menu tags modal (#22380)
What is the problem?

Before this change, we were relying on the  `/tags` endpoint which 
returned all the tags that are visible to a give user on the site leading to potential performance problems. 
The attribute keys of the response also changes based on the `tags_listed_by_group` site setting. 

What is the fix?

This commit fixes the problems listed above by creating a dedicate `#list` action in the
`TagsController` to handle the listing of the tags in the edit
navigation menu tags modal. This is because the `TagsController#index`
action was created specifically for the `/tags` route and the response
body does not really map well to what we need. The `TagsController#list`
action added here is also much safer since the response is paginated and
we avoid loading a whole bunch of tags upfront.
2023-07-04 11:36:39 +08:00
Keegan George
c0707897ef
DEV: Make max length of template and name admin configurable (#22332) 2023-06-28 12:49:19 -07:00
Ted Johansson
6fc62586a2
FEATURE: Show available interpolation keys when overriding translations (#22220)
This is the first of a number of PRs aimed at helping admins manage their translation overrides. It simply adds a list of available interpolation keys below the input field when editing an override.

It also includes custom interpolation key.
2023-06-28 19:03:04 +08:00
Alan Guo Xiang Tan
aef7c2fe8f
UX: Use modals to edit categories and tags that appear in sidebar (#22295)
Why this change?

We are currently not fully satisfied with the current way to edit the
categories and tags that appears in the sidebar where the user is
redirected to the tracking preferences tab in the user's profile causing
the user to lose context of the current page. In addition, the dropdown
to select categories or tags limits the amount of information we can
display.

Since editing or adding a custom categories section is already using a
modal, we have decided to switch editing the categories and tags that
appear in the sidebar to use a modal as well.

This commit removes the `new_edit_sidebar_categories_tags_interface_groups` site setting and
make the modals the default for all users.
2023-06-28 07:20:31 +08:00
Discourse Translator Bot
a909dffe8f
Update translations (#22300) 2023-06-27 16:39:27 +02:00
Krzysztof Kotlarek
9cf981f1f1
FEATURE: new watched_precedence_over_muted setting (#22252)
New setting which allow admin to define behavior when topic is in watched category and muted topic and vice versa.

If watched_precedence_over_muted setting is true, that topic is still visible in list of topics and notification is created.

If watched_precedence_over_muted setting is false, that topic is not still visible in list of topics and notification is skipped as well.
2023-06-27 14:49:34 +10:00
Alessio Cosenza
56718504ac
FEATURE: Add hooks for email poller plugins (#21384)
While we are unable to support OAUTH2 with pop3 (due to upstream dependency ruby/net-pop#16), we are adding the support for mail pollers plugin. Doing so, it would be possible to write a plugin which then uses other ways (microsoft graph sdk for example) to poll emails from a mailbox.

The idea is that a plugin would define a class which inherits from Email::Poller and defines a poll_mailbox static method which returns an array of strings. Then the plugin could call register_mail_poller(<class_name>) to have it registered. All the configuration (oauth2 tokens, email, etc) could be managed by sitesettings defined in the plugin.
2023-06-26 13:16:03 +08:00
Alan Guo Xiang Tan
6e3f3dff86
DEV: Refactor edit tags/categories modal to reduce duplication (#22240)
Why this change?

There was alot of duplication between the edit navigation menu tags/categories modal which
was making it hard to introduce new changes as the work had to be
duplicated into multiple places.

This commit mainly extracts the duplicated code into common components
such that it is easier to make styling changes across both modals.
2023-06-23 08:28:55 +08:00
Osama Sayegh
b27e12445d
FEATURE: Split navigation preference for count and behavior of sidebar links (#22203)
This PR splits up the preference that controls the count vs dot and destination of sidebar links, which is really hard to understand, into 2 simpler checkboxes:

The new preferences/checkboxes are off by default, but there are database migrations to switch the old preference to the new ones so that existing users don't have to update their preferences to keep their preferred behavior of sidebar links when this changed is rolled out.

Internal topic: t/103529.
2023-06-22 19:04:13 +03:00
Blake Erickson
30ce8df7c8
DEV: Cleanup several unused routes (#22229)
This commit removes these these routes that do not have a corresponding
controller action:

```
admin/groups#show
admin/groups#show
post_actions#users
post_actions#defer_flags
list#categories_feed
```
2023-06-21 12:17:44 -06:00
Alan Guo Xiang Tan
547b520261
FEATURE: Add deslect all and reset to defaults btn edit nav menu modal (#22218)
What does this change do?

This change adds the deselect all and reset to defaults buttons to the
edit navigation menu tags modal. The deselect all button when
clicked deselects all the selected tags in the modal. If the user
saves with no tags selected, the user's tags section in the
navigation menu will be set to the site's top tags.

The reset to defaults button is only shown when the
`default_navigation_menu_tags` site setting has been configured.
When clicked, the user's tags section in the navigation menu is
automatically set to the tags defined by the
`default_navigation_menu_tags` site setting.
2023-06-21 12:45:48 +08:00
Alan Guo Xiang Tan
609562be3e
FEATURE: Add input filter for editing tags in navigation menu modal (#22216)
What does this change do?

This commit adds an input filter to filter through the tag checkboxes in the
modal to edit tags that are shown in the user's navigation menu. The
filtering is a simple matching of the given filter term against the
names of the tags.
2023-06-21 10:59:56 +08:00
Alan Guo Xiang Tan
08d8bd9f43
FEATURE: Add modal for editing tags in navigation menu (#22214)
What does this change do?

This change is a first pass for adding a modal used to edit tags that appears in
the navigation menu. As the feature is being worked on in phases, it is
currently hidden behind the `new_edit_sidebar_categories_tags_interface_groups` site setting.

The following features will be worked on in future commits:

1. Input filter to filter through the tgas
2. Button to reset tag selection to default navigation menu tags site
   settings
3. Button to deselect all current selection
2023-06-21 09:09:56 +08:00
Keegan George
75e711284a
DEV: Add custom error messages to form template forms (#22169) 2023-06-20 13:45:58 -07:00
Discourse Translator Bot
a4594b925b
Update translations (#22204) 2023-06-20 17:27:36 +02:00
Alan Guo Xiang Tan
289d2a5540
DEV: Deselect all and reset to defaults btns to edit categories modal (#22143)
What does this change do?

This change adds the deselect all and reset to defaults buttons to the
edit navigation menu categories modal. The deselect all button when
click deselects all the selected categories in the modal. If the user
saves with no categories selected, the user's categories section in the
navigation menu will be set to the site's top categories.

The reset to defaults button is only shown when the
`default_navigation_menu_categories` site setting has been configured.
When clicked, the user's categories section in the navigation menu is
automatically set to the categories defined by the
`default_navigation_menu_categories` site setting.
2023-06-20 08:17:53 +08:00
Penar Musaraj
f89b5680cb
FEATURE: Enable image grid by default (#22160) 2023-06-19 13:24:52 -04:00
Jarek Radosz
9984accfa5
DEV: Remove renderTemplate from 2fa preferences, email preferences, and new-category (#22156) 2023-06-16 16:50:45 +02:00
Isaac Janzen
a2b038ffe7
DEV: Upgrade search-menu to glimmer (#20482)
# Top level view
This PR is the first version of converting the search menu and its logic from (deprecated) widgets to glimmer components. The changes are hidden behind a group based feature flag. This will give us the ability to test the new implementation in a production setting before fully committing to the new search menu.

# What has changed
The majority of the logic from the widget implementation has been updated to fit within the context of a glimmer component, but it has not fundamentally changed. Instead of having a single widget - [search-menu.js](https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/app/widgets/search-menu.js) - that built the bulk of the search menu logic, we split the logic into (20+) bite size components. This greatly increases the readability and makes extending a component in the search menu much more straightforward.

That being said, certain pieces needed to be rewritten from scratch as they did not translate from widget -> glimmer, or there was a general code upgraded needed. There are a few of these changes worth noting:

### Search Service
**Search Term** -> In the widget implementation we had a overly complex way of managing the current search term. We tracked the search term across multiple different states (`term`, `opts.term`, `searchData.term`) causing headaches. This PR introduces a single source of truth: 
```js
this.search.activeGlobalSearchTerm
```
This tracked value is available anywhere the `search` service is injected. In the case the search term should be needs to be updated you can call 
```js
this.search.activeGlobalSearchTerm = "foo"
```
 
**event listeners** -> In the widget implementation we defined event listeners **only** on the search input to handle things such as 
- keyboard navigation / shortcuts
- closing the search menu
- performing a search with "enter"

Having this in one place caused a lot of bloat in our logic as we had to handle multiple different cases in one location. Do _x_ if it is this element, but do _y_ if it is another. This PR updates the event listeners to be attached to individual components, allowing for a more fine tuned set of actions per element. To not duplicate logic across multiple components, we have condensed shared logic to actions on the search service to be reused. For example - `this.search.handleArrowUpOrDown` - to handle keyboard navigation.

### Search Context
We have unique logic based on the current search context (topic / tag / category / user / etc). This context is set within a models route file. We have updated the search service with a tracked value `searchContext` that can be utilized and updated from any component where the search service is injected.

```js
# before
this.searchService.set("searchContext", user.searchContext);

# after
this.searchService.searchContext = user.searchContext;
```

# Views
<img width="434" alt="Screenshot 2023-06-15 at 11 01 01 AM" src="https://github.com/discourse/discourse/assets/50783505/ef57e8e6-4e7b-4ba0-a770-8f2ed6310569">

<img width="418" alt="Screenshot 2023-06-15 at 11 04 11 AM" src="https://github.com/discourse/discourse/assets/50783505/2c1e0b38-d12c-4339-a1d5-04f0c1932b08">

<img width="413" alt="Screenshot 2023-06-15 at 11 04 34 AM" src="https://github.com/discourse/discourse/assets/50783505/b871d164-88cb-405e-9b78-d326a6f63686">

<img width="419" alt="Screenshot 2023-06-15 at 11 07 51 AM" src="https://github.com/discourse/discourse/assets/50783505/c7309a19-f541-47f4-94ef-10fa65658d8c">

<img width="424" alt="Screenshot 2023-06-15 at 11 04 48 AM" src="https://github.com/discourse/discourse/assets/50783505/f3dba06e-b029-431c-b3d0-36727b9e6dce">

<img width="415" alt="Screenshot 2023-06-15 at 11 08 57 AM" src="https://github.com/discourse/discourse/assets/50783505/ad4e7250-040c-4d06-bf06-99652f4c7b7c">
2023-06-16 09:24:07 -05:00
Martin Brennan
3802d0de9d
DEV: Further refine development reload for plugin files (#22141)
Followup f3afc8bf85 to better
exclude all spec files including PageObject files.
2023-06-16 16:15:15 +08:00
Alan Guo Xiang Tan
9fad71809c
UX: Improve defaults shown for categories and tags section in sidebar (#22062)
Why is this change required?

When a site is newly setup and a user has just been created, the
categories and tags sections are hidden from the user. This happens
because the admin has not configured the `default_navigation_menu_categories` or
`default_navigation_menu_tags` site settings. When the categories and tags
sections are hidden from the user, the sidebar looks extremely bare and
does not create a good experience.

What is being change?

In this commit, we're changing the logic such that the site's top
categories and tags are displayed if the user does not have any
categories/tags configured in each respective section. The only
regression introduced in this change is that the categories and tags
section can no longer be hidden as a result. However, we have plans to
address this in the future by allowing sidebar sections to be configured
to be hidden by each individual user.
2023-06-16 09:06:01 +08:00
Martin Brennan
f3afc8bf85
DEV: Do not auto reload on plugin spec file changes (#22127)
There is no need to reload the rails server if plugin spec
files change, since they are not autoloaded but they are also
not loaded into the app.
2023-06-15 16:34:30 +10:00
Krzysztof Kotlarek
959c50001d
FIX: rename everything link to topics (#22076)
Rename everything link in community sidebar section to topics, which is
a bit more descriptive.
2023-06-15 11:36:38 +10:00
Krzysztof Kotlarek
2effcaa0f9
FIX: Update sidebar to be navigation menu (#22101)
Communities can use sidebar or header dropdown, therefore navigation menu is a better name settings in 2 places:

- Old user sidebar preferences;
- Site setting about default tags and categories.
2023-06-15 09:31:28 +10:00
Blake Erickson
be7d82d2b0
DEV: Clean up unused routes (#22118)
This cleans up our routes.rb file so that it only has routes that map to
existing controller actions.

Some routes were just old and their corresponding controller methods
were deleted without cleaning up the route for it. Other routes were
just accidentally created using the `resources` helper and never mapped
to actual controller methods.
2023-06-14 16:18:32 -06:00
Juan David Martínez Cubillos
8b39125985
FEATURE: Implement max_tags_per_email_subject (#22050)
* FEATURE: Implement max_tags_per_email_subject

* made it so only max_tags_per_email_subject is responsible for tags in emails when the feature is enabled

* added locales for implemented siteSettings

* reworded locale for enable_max_tags_per_email_subject

* added min value for max_tags_per_email_subject

* Implemented suggested changes to spec description
2023-06-14 12:22:14 -05:00
Roman Rizzi
8938ecabc2
FEATURE: Custom content summarization strategies. (#21813)
* FEATURE: Content custom summarization strategies.

This PR establishes a pattern for plugins to register alternative ways of summarizing content by extending a class that defines an interface.

Core controls which strategy we'll use and who has access to it through the `summarization_strategy` and `custom_summarization_allowed_groups`. It also defines the UI for summarizing topics.

Other plugins can access this summarization mechanism and implement their features, removing cross-plugin customizations, as it currently happens between chat and the discourse-ai plugin.

* Group membership validation and rate limiting

* Work with objects instead of classes

* Port summarization feature from discourse-ai to chat

* Rename available summaries to 'Top Replies' and 'Summary'
2023-06-13 14:21:46 -03:00
Blake Erickson
367b3be035
DEV: Cleanup unused group and post routes (#22067)
Cleaning up these routes because they aren't being used
and they don't have a corresponding controller method.

- `POST  /groups(.:format) groups#create`
- `DELETE /groups/:id(.:format) groups#destroy`
- `POST  /g(.:format) groups#create`
- `DELETE /g/:id(.:format) groups#destroy`
- `GET /posts(.:format) posts#index`
- `GET /posts/new(.:format) posts#new`
- `GET /posts/:id/edit(.:format) posts#edit`
2023-06-13 08:57:57 -06:00
Penar Musaraj
3c490b2db8
UX: Better alignment for experimental grids (#22066)
Improves the layout of most grids in posts, by using `object-fit: cover` for most images. This allows images to better fill up the space, without changing their aspect ratio.
2023-06-13 09:25:46 -04:00
Discourse Translator Bot
3da29a06fd
Update translations (#22081) 2023-06-13 15:18:44 +02:00
Loïc Guitaut
5257c80064 DEV: Set limits on custom fields
This patch sets some limits on custom fields:
- an entity can’t have more than 100 custom fields defined on it
- a custom field can’t hold a value greater than 10,000,000 characters

The current implementation of custom fields is relatively complex and
does an upsert in SQL at some point, thus preventing to simply add an
`ActiveRecord` validation on the custom field model without having to
rewrite a part of the existing logic.
That’s one of the reasons this patch is implementing validations in the
`HasCustomField` module adding them to the model including the module.
2023-06-13 11:47:21 +02:00
David Taylor
9c926ce645
PERF: Improve workbox loading strategy (#22019)
Previously workbox JS was vendored into our git repository, and would be loaded from the `public/javascripts` directory with a 1 day cache lifetime. The main aim of this commit is to add 'cachebuster' to the workbox URL so that the cache lifetime can be increased.

- Remove vendored copies of workbox.
- Use ember-cli/broccoli to collect workbox files from node_modules into assets/workbox-{digest}
- Add assets to sprockets manifest so that they're collected from the ember-cli output directory (and uploaded to s3 when configured)

Some of the sprockets-related changes in this commit are not ideal, but we hope to remove sprockets in the not-too-distant future.
2023-06-09 11:14:11 +01:00
Keegan George
39efa4c32a
DEV: Create posts from form templates (#21980) 2023-06-08 12:49:18 -07:00
Bianca Nenciu
4973f0ccde
UX: Remove 'Create Topics' notice (#21958)
We are looking at simplifying the new admin/user experience and the
many notices bring unnecessary complexity.
2023-06-08 22:30:26 +03:00
Bianca Nenciu
ab260e70be
FEATURE: Add Mailpace webhook (#21981)
Adds Mailpace (formerly known as ohmystmp) webhook

Co-authored-by: ruq <hosch@mailbox.org>
2023-06-08 20:06:20 +03:00
Kris
d246938265
UX: show tooltip for global nav section icon (#21974) 2023-06-08 12:57:44 -04:00
Alan Guo Xiang Tan
853bce2abc
UX: Allow users to filter categories in edit sidebar categories modal (#21996)
What does this change do?

This change is a continuation of
2191b879c6 and adds an input filter to the
edit sidebar categories modal which the user can use to filter through
the list of categories by the category's name.

Note that if a child category is being shown, all of its ancestors will
be shown even if the names of the ancestors do not match the given
filter. This is to ensure that we continue to display the hierarchy of a
child category even if the parent category does not match the filter.
2023-06-08 12:54:51 +08:00
Juan David Martínez Cubillos
5fdd3bd28a
DEV: Implement staff logs for user columns edits (#21774)
* DEV: Implement staff logs for user columns edits

* deleted extra space in staff logger detail string, deleted string when no changes are made, added basic test coverage for EditDirectoryColumnsController

* fixed change made to #self.staff_actions un UserHistory

* implemented a method that builds the details, previous_values and new_values in a dynamic way

* removed details of changes

* refactored small merge
2023-06-07 17:19:58 -05:00
Bianca Nenciu
5fc1586abf
PERF: Cache ToS and Privacy Policy paths (#21860)
Checking if the topic exists happened often and that can cause
performance issues.
2023-06-07 21:31:20 +03:00
Penar Musaraj
987ec602ec
FEATURE: image grid in posts (experimental) (#21513)
Adds a new `[grid]` tag that can arrange images (or other media) into a grid in posts. 

The grid defaults to a 3-column with a few exceptions:

- if there are only 2 or 4 items, it defaults to a 2-column grid (because it generally looks better)
- on mobile, it defaults to a 2-column grid
- if there is only one item, the grid has no effect
2023-06-07 14:15:57 -04:00
Alan Guo Xiang Tan
fc296b9a81
UX: First pass at edit categories navigation modal for sidebar (#21963)
What this change?

We are currently not fully satisfied with the current way to edit the
categories and tags that appears in the sidebar where the user is
redirected to the tracking preferences tab in the user's profile causing
the user to lose context of the current page. In addition, the dropdown
to select categories or tags limits the amount of information we can
display.

Since editing or adding a custom categories section is already using a
modal, we have decided to switch editing the categories and tags that
appear in the sidebar to use a modal as well.

This commit ships a first pass of the edit categories modal such that we
can keep the commit small and reviewable. The incomplete nature of the
feature is also reflected in the fact that the feature is hidden behind
a new `new_edit_sidebar_categories_tags_interface_groups` site setting.
2023-06-07 12:09:30 +08:00
Martin Brennan
44446afe58
FEATURE: Use new hashtag autocomplete system on all sites (#21788)
Followup to:

* 7c97548159
* 0b3cf83e3c
* eae47d82e2

This commit enables the no-longer-experimental hashtag autocomplete changes
for all sites. It is now at a point where it is ready to be promoted
to the only way, and following this commit all old hashtag code
will be deleted

c.f. https://meta.discourse.org/t/hashtags-are-getting-a-makeover/248866
2023-06-07 11:11:39 +10:00
Krzysztof Kotlarek
af74cf5c77
FEATURE: new dismiss button for combined new and unread view (#21817)
Display modal for combined new and unread view with options:
- [x] Dismiss new topics
- [x] Dismiss new posts
- [ ] Stop tracking these topics so they stop appearing in my new list
2023-06-07 10:06:57 +10:00
Joshua Rosenfeld
81645a3082
UX: Improve /print rate limit description (#21959)
Previous copy was unclear if setting the site setting to 0 would disable the feature or disable the rate limit.
2023-06-06 16:57:37 -04:00
Bianca Nenciu
8e8f733c94
UX: Remove title and description block if blank (#21861)
If the description is empty then it does not make sense to keep the
quote block that contains just the title.
2023-06-06 22:13:28 +03:00
Discourse Translator Bot
9661a8c214
Update translations (#21950) 2023-06-06 15:36:51 +02:00
Matt Palmer
a98d2a8086
FEATURE: allow S3 ACLs to be disabled (#21769)
AWS recommends running buckets without ACLs, and to use resource policies to manage access control instead.
This is not a bad idea, because S3 ACLs are whack, and while resource policies are also whack, they're a more constrained form of whack.
Further, some compliance regimes get antsy if you don't go with the vendor's recommended settings, and arguing that you need to enable ACLs on a bucket just to store images in there is more hassle than it's worth.
The new site setting (s3_use_acls) cannot be disabled when secure
uploads is enabled -- the latter relies on private ACLs for security
at this point in time. We may want to reexamine this in future.
2023-06-06 15:47:40 +10:00
Alan Guo Xiang Tan
6642958706
UX: Correct educate message when there are no new topics (#21943)
Why does this change do?

This commit updates the educate message displayed when there are no new
topics on the `/new` route when the experimental new new view site setting is enabled.

The commit also fixes a couple of bugs:

1. Correct default auto track minutes used in the copy for unread
   topics from the 4 minutes to 5 minutes.

2. Correct link to user's preference in copy to go to tracking tab
   instead of notifications tab.
2023-06-06 12:22:12 +08:00
Mark VanLandingham
3bfc6805ce
FEATURE: Offline indicator (#21369) 2023-06-05 11:08:04 -05:00
Blake Erickson
704a792f18
FEATURE: Add API Scope for latest posts (#21913)
Adds api scopes for

- `/posts.json`
- `/posts.rss`
- `/private-posts.json`
- `/private-posts.rss`
2023-06-05 09:04:34 -06:00
Alan Guo Xiang Tan
2032d3c2fb
PERF: Preload user information when visiting user messages routes (#21929)
What is the problem?

The user messages routes are currently routed by the server to
`UserActionsController#private_messages`. However, the method is
essentially a no-op and does not do any preloading. As a result, when we
load the user private messages routes, the client ends up having to
issue another request to the server to get more information about the
user profile currently being viewed. This extra request is triggered by
the `user` model's `findDetails` method that is called from the `user`
route in the `afterModel` hook.

What is the solution?

The `user` model's `findDetails` method actually checks the preload
store to see if the `user_${username}` key is present in the store and
if it is, it will use the preloaded data instead of triggering another
request. Since the user private messages routes are nested under the
user route on the client side, we have to rely on the
`UsersController#show` controller action on the server side for the user private
messages route as the `UsersController#show` controller action preloads
the required user information for the client side.
2023-06-05 19:24:22 +08:00
chapoi
9616a08fa6
UX: Add show more btn to reviewable item (#21579) 2023-06-01 11:55:27 -07:00
锦心
96a2893284
FEATURE: Allow expanding hidden posts for groups in SiteSetting.can_see_hidden_post (#21853)
Allow expanding hidden posts for groups in SiteSetting.can_see_hidden_post
2023-06-01 11:32:05 +08:00
Sam
c2332d7505
FEATURE: reduce avatar sizes to 6 from 20 (#21319)
* FEATURE: reduce avatar sizes to 6 from 20

This PR introduces 3 changes:

1. SiteSetting.avatar_sizes, now does what is says on the tin.
previously it would introduce a large number of extra sizes, to allow for
various DPIs. Instead we now trust the admin with the size list.

2. When `avatar_sizes` changes, we ensure consistency and remove resized
avatars that are not longer allowed per site setting. This happens on the
12 hourly job and limited out of the box to 20k cleanups per cycle, given
this may reach out to AWS 20k times to remove things.

3.Our default avatar sizes are now "24|48|72|96|144|288" these sizes were
very specifically picked to limit amount of bluriness introduced by webkit.
Our avatars are already blurry due to 1px border, so this corrects old blur.

This change heavily reduces storage required by forums which simplifies
site moves and more.

Co-authored-by: David Taylor <david@taylorhq.com>
2023-06-01 10:00:01 +10:00
Vinoth Kannan
d4bfd441ba
FEATURE: display PM participant group names in the topics list. (#21677)
After this change, we can view all participant group names on the topic list page.

Co-authored-by: Régis Hanol <regis@hanol.fr>
2023-05-31 19:32:06 +05:30
Loïc Guitaut
7610553c82 DEV: Make multisite freedom patch compatible with Rails 7.1+ 2023-05-31 14:29:14 +02:00
Jarek Radosz
5f1e182956
DEV: Remove deprecated posts/:username/flagged (#21846) 2023-05-31 13:00:35 +02:00
Discourse Translator Bot
4e99ef3952
Update translations (#21827) 2023-05-31 09:15:16 +02:00
Bianca Nenciu
c3d51e9c0a
FIX: Show Privacy Policy or ToS when they exist (#21771)
Privacy Policy and Terms of Service topics are no longer created by
default for communities that have not set a company name. For this
reason, some URLs were pointing to 404 page.
2023-05-30 17:38:14 +03:00
Keegan George
c74c90bae5
DEV: Show form templates in the composer (#21190) 2023-05-29 14:47:18 -07:00
chapoi
5bf2dca24a
UX: add support for flagged chat message in reviewqueue (#21802)
* UX: add support for flagged chat message in reviewqueue

* correctly init a chat message object

---------

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2023-05-29 10:02:02 +02:00
Krzysztof Kotlarek
9f78ff5572
FEATURE: modal for admins to edit Community section (#21668)
Allow admins to edit Community section. This includes drag and drop reorder, change names, delete and reset to default.

Visual improvements introduced in edit community section modal are available in edit custom section form as well. For example:
- drag and drop links to change their position;
- smaller icon picker.
2023-05-29 15:20:23 +10:00
Renato Atilio
c539f749f1
FEATURE: support for chronologically merging posts into existing topic (#21374)
When a user chooses to move a topic/message to an existing topic/message, they can now opt to merge the posts chronologically (using a checkbox in the UI).
2023-05-25 14:38:34 -04:00
Alan Guo Xiang Tan
5cfe323445
PERF: Strict loading for SidebarSection queries (#21717)
What is this change required?

I noticed that actions in `SidebarSectionsController` resulted in
lots of N+1 queries problem and I wanted a solution to
prevent such problems without having to write N+1 queries tests. I have
also used strict loading for `SidebarSection` queries in performance
sensitive spots.

Note that in this commit, I have also set `config.active_record.action_on_strict_loading_violation = :log`
for the production environment so that we have more visibility of
potential N+1 queries problem in the logs. In development and test
environment, we're sticking with the default of raising an error.
2023-05-25 09:10:32 +08:00
Bianca Nenciu
61a0ae3755
FEATURE: Create legal topics for set company name (#21620)
Legal topics, such as the Terms of Service and Privacy Policy topics
do not make sense if the entity creating the community is not a company.
These topics will be created and updated only when the company name is
present and deleted when it is not.
2023-05-24 23:05:36 +03:00
Rafael dos Santos Silva
baa5389a23
FEATURE: Add support for AVIF images (#21680) 2023-05-24 16:13:36 -03:00
Discourse Translator Bot
0d7a742bb9
Update translations (#21702) 2023-05-23 21:23:44 +02:00
Martin Brennan
54db01d156
DEV: Delete old personal message settings (#21381)
Followup to e62e93f

Both enable_personal_messages and min_trust_to_send_messages
have been deprecated for a long time now, they can be deleted.
2023-05-23 09:58:58 +02:00
Krzysztof Kotlarek
7ead8de232
DEV: endpoint to reset community community-section (#21664)
In upcoming PRs, admins will be able to edit the Community section. We need an endpoint which allows resetting it to the default state.
2023-05-23 09:53:32 +10:00
Mark VanLandingham
96e3c5e102
DEV: Add hidden site setting to control search page size (#21640) 2023-05-18 15:30:08 -05:00
Bianca Nenciu
5654aedd75
UX: Remove welcome topic admin tip and tweak copy (#21593)
The welcome topic user tip was for admins only, but in general, user
tips should be used for guiding new users through the features that
Discourse offers. For this reason, we decided to remove the user tip.

This commit also includes a few more copy tweaks to the welcome topic.
2023-05-18 16:38:04 +03:00
Keegan George
082821c754
DEV: Remove legacy user menu (#21308) 2023-05-17 09:16:42 -07:00
Discourse Translator Bot
791630f08b
Update translations (#21583) 2023-05-16 19:40:01 +02:00
Sam
e63e193a0a
FEATURE: Fuzzy search in site settings and raise limit to 100 matches (#21572)
We have been struggling lately finding site settings due to 30 setting limit

This was introduced for performance reasons a while back but is no longer as
needed given that ember is faster.

Additionally searching is hard, so allow people to use fuzzy search against
setting name.
2023-05-16 18:23:05 +10:00
Sérgio Saquetim
21ec70b509
FIX: Miscellaneous tagging errors (#21490)
* FIX: Displaying the wrong number of minimum tags in the composer

When the minimum number of tags set for the category is larger than the minimum number of tags
set in the category tag-groups, the composer was displaying the wrong value.

This commit fixes the value displayed in the composer to show the max value between the required
for the category and the tag-groups set for the category.

This bug was reported on Meta in https://meta.discourse.org/t/tags-from-multiple-tag-groups-required-only-suggest-select-at-least-one-tag/263817

* FIX: Limiting tags in categories not working as expected

When a category was restricted to a tag group A, which was set to only allow
one tag from the group per topic, selecting a tag belonging only to A returned
other tags from A that also belonged to other group/s (if any).

Example:

Tag group A: alpha, beta, gamma, epsilon, delta
Tag group B: alpha, beta, gamma

Both tag groups set to only allow one tag from the group per topic.

If Category 1 was set to only allow tags from the tag group A, and the first tag
selected was epsilon, then, because they also belonged to tag group B, the tags
alpha, beta, and gamma were still returned as valid options when they should not be.

This commit ensures that once a tag from a tag group that restricts its tags to
one per topic is selected, no other tag from this group is returned.

This bug was reported on Meta in https://meta.discourse.org/t/limiting-tags-to-categories-not-working-as-expected/263143.

* FIX: Moving topics does not prompt to add required tag for new category

When a topic moved from a category to another, the tag requirements
of the new category were not being checked.

This allowed a topic to be created and moved to a category:

- that limited the tags to a tag group, with the topic containing tags
not allowed.
- that required N tags from a tag group, with the topic not containing
the required tags.

This bug was reported on Meta in https://meta.discourse.org/t/moving-tagged-topics-does-not-prompt-to-add-required-tag-for-new-category/264138.

* FIX: Editing topics with tag groups from parents allows incorrect tagging

When there was a combination between parent tags defined in a tag group
set to allow only one tag from the group per topic, and other tag groups
relying on this restriction to combine the children tag types with the
parent tag, editing a topic could allow the user to insert an invalid
combination of these tags.

Example:

Automakers tag group: landhover, toyota
  - group set to limit one tag from the group per topic

Toyota models group: land-cruiser, hilux, corolla

Landhover models group: evoque, defender, discovery

If a topic was initially set up with the tags toyota, land-cruiser it was
possible to edit it by removing the tag toyota and adding the tag landhover
and other landhover model tags like evoque for example.

In this case, the topic would end up with the tags toyota, land-cruiser,
landhover, evoque because Discourse will automatically insert the
missing parent tag toyota when it detects the tag land-cruiser.

This combination of tags would violate the restriction specified in
the Automakers tag group resulting in an invalid combination of tags.

This commit enforces that the "one tag from the group per topic"
restriction is verified before updating the topic tags and also
make sure the verification checks the compatibility of parent tags that
would be automatically inserted.

After the changes, the user will receive an error similar to:
The tags land-cruiser, landhover cannot be used simultaneously.
Please include only one of them.
2023-05-15 17:19:41 -03:00
Bianca Nenciu
78022e7a5f
FEATURE: Show user cards for inactive users (#21387)
It used to return 404 which made the user card render and then quickly disappear.
2023-05-15 21:45:26 +03:00
Tobias Eigen
3e1915383d
COPY: Remove "powered by discourse.org" from welcome topic (#21532)
* Remove "powered by discourse.org" from the welcome topic

* Fix link to user's preferences
2023-05-15 18:38:33 +03:00
chapoi
dc2223b8be
UX: better copy for generic error msg (#21554)
* UX: better copy for generic error msg
2023-05-15 16:26:43 +02:00
Dan Dascalescu
23a146a7c6
DEV: Minor typo fix - "backround" in server.en.yml (#21535)
@discourse-translator-bot keep_translations_and_approvals
2023-05-15 10:56:51 +02:00
chapoi
34f16f0ee8
UX: update copy of badges granted to others (#21548)
* UX: update copy of badges granted to others

* add plural

Co-authored-by: Martin Brennan <martin@discourse.org>
2023-05-15 10:21:20 +02:00
Bianca Nenciu
b32cdb0880
FIX: Refresh site when enable_user_tips changes (#21489)
Without refresh, no user tip will be shown and Site.user_tips is not
properly populated either.
2023-05-12 18:44:41 +03:00
Bianca Nenciu
b73a9a1faa
UX: Various improvements to welcome topic CTA (#21010)
- Update welcome topic copy
- Edit the welcome topic automatically when the title or description changes
- Remove “Create your Welcome Topic” banner/CTA
- Add "edit welcome topic" user tip
2023-05-12 17:09:40 +03:00
Jarek Radosz
ce5430adc1
DEV: Rework static controllers/routes (#19466)
The issues fixed:

1. Previously all static pages (e.g. login-required landing page, /tos, /privacy, forgot-password) were wrapped in the faq-read-tracking component
2. All these pages shared one controller with methods that were relevant to one route
3. There were two route-generating functions: `static-route-builder` and `build-static-route` 🤣 
4. They were using the deprecated `renderTemplate()` API
5. A slight misuse of Ember API (`controllerFor()`)
6. Small mark-faq-read related bugs
2023-05-11 19:02:11 +02:00
Tobias Eigen
dee8c759eb
simplify email_in description (#21476)
this includes info not relevant on our hosting and also does not mention it works with groups. see https://meta.discourse.org/t/when-an-existing-staged-user-joins-my-site-filled-in-user-custom-fields-data-isnt-saved/254926/9?u=tobiaseigen
2023-05-10 17:36:47 -07:00
Juan David Martínez Cubillos
83d2f9ef78
FEATURE: Default to subcategory when parent category does not allow posting (#21228)
added site toggle functionality through site settings

added tests to implemented feature

Introduced suggested correction

renamed find_new_topic method and deleted click_new_topic_button method
2023-05-10 12:34:39 -05:00
David Battersby
a19027afae
FIX: show 404 on new category page for moderators when Site Setting disabled (#21448)
Currently the /new-category url can be accessed by moderators, regardless of whether the Site Setting for moderators_manage_categories_and_groups is true or false.

On top of this, non authorized users can also access this page but shows errors (no 404 loaded).

Since the 404 redirect happens within Ember, we need to allow the site setting value to be accessed within JS. 

After this change all non admin users will see a 404 for this route, the exception being moderators if the moderators_manage_categories_and_groups setting has a value of true.

/t/73360
2023-05-10 14:26:49 +08:00
Discourse Translator Bot
a010c3495b
Update translations (#21455) 2023-05-10 00:48:10 +02:00
Bianca Nenciu
899eb96798
FEATURE: Enable user tips by default (#21341) 2023-05-08 20:33:08 +03:00
Krzysztof Kotlarek
709fa24558
DEV: move sidebar community section to database (#21166)
* DEV: move sidebar community section to database

Before, community section was hard-coded. In the future, we are planning to allow admins to edit it. Therefore, it has to be moved to database to `custom_sections` table.

Few steps and simplifications has to be made:
- custom section was hidden behind `enable_custom_sidebar_sections` feature flag. It has to be deleted so all forums, see community section;
- migration to add `section_type` column to sidebar section to show it is a special type;
- migration to add `segment` column to sidebar links to determine if link should be displayed in primary section or in more section;
- simplify more section to have one level only (secondary section links are merged);
- ensure that links like `everything` are correctly tracking state;
- make user an anonymous links position consistence. For example, from now on `faq` link for user and anonymous is visible in more tab;
- delete old community-section template.
2023-05-04 12:14:09 +10:00
Bianca Nenciu
cc18a99105
FEATURE: Add new notification for admin problems (#21287)
Add new notification for admin problems to replace old PM-based flow.
2023-05-03 19:35:22 +03:00
Alan Guo Xiang Tan
f47a4e61ad
DEV: Unhide experimental_topics_filter site settings (#21354) 2023-05-03 14:08:46 +08:00
Discourse Translator Bot
6bbf9a0bcc
Update translations (#21334) 2023-05-02 17:39:33 +02:00
Krzysztof Kotlarek
a8e28060d1
FIX: rename notify_about_flags_after to notify_about_reviewable_item_after (#21320)
Change name and description for SiteSetting to make it easier to understand.
2023-05-02 08:08:22 +10:00
Mark VanLandingham
86385bc9cf
REVERT: "FEATURE: Offline indicator controlled by message-bus connectivity (#21324)" (#21327)
This reverts commit b1da670898.
2023-05-01 15:27:02 -05:00
Mark VanLandingham
b1da670898
FEATURE: Offline indicator controlled by message-bus connectivity (#21324) 2023-05-01 12:41:30 -05:00
Mark VanLandingham
36d388b57f
Revert "FEATURE: Reimplement offline indicator (#21285)" (#21296)
This reverts commit de1066abcd.
2023-04-28 06:59:10 -05:00
Mark VanLandingham
de1066abcd
FEATURE: Reimplement offline indicator (#21285) 2023-04-28 06:32:35 -05:00
Natalie Tay
eb0836e133
UX: Add a warning that updating min_trust_level_for_user_api_key will disable users from using DiscourseHub (#21291) 2023-04-28 14:29:13 +08:00
Mark VanLandingham
3527fbcd8e
Revert "FEATURE: Service to track message bus connectivity + offline indicator(#21259)" (#21282)
This reverts commit 6bba514b64.
2023-04-27 12:55:41 -05:00
Mark VanLandingham
6bba514b64
FEATURE: Service to track message bus connectivity + offline indicator(#21259) 2023-04-27 11:04:56 -05:00
Selase Krakani
37cc056c1b
FIX: Ensure group-filtered group user event webhooks fire (#21254)
Group user event webhooks filtered by group fail silently
because the `group_ids` job arg wasn't being passed into the job.

This change add's `group_ids` to the `EmitWebHookEvent` jobs queued for
`user_added_to_group` and `user_removed_from_group` events.
2023-04-26 22:38:28 +00:00
Blake Erickson
67a8c13197
DEV: Create a site setting for video thumbnails (#21266)
Creating a way to disable the auto generation of video thumbnails.
2023-04-26 14:18:59 -06:00
Discourse Translator Bot
76176eda9d
Update translations (#21145) 2023-04-25 17:23:21 +02:00
Selase Krakani
cdf1589a85
FEATURE: Add support for user badge revocation webhook events (#21204)
Currently, only user badge grants emit webhook events. This change
extends the `user_badge` webhook to emit user badge revocation events.

A new `user_badge_revoked` event has been introduced instead of relying
on the existing `user_badge_removed` event. `user_badge_removed` emitted
just the `badge_id` and `user_id` which aren't helpful for generating a
meaningful webhook payload for revoked(deleted) user badges.

The new event emits  the user badge object.
2023-04-24 20:36:40 +00:00
Tobias Eigen
953ddbae79
bootstrap mode change can take 24 hours (#21191) 2023-04-21 08:07:37 -07:00
Ted Johansson
e002a24eca
FEATURE: Add new don't feed the trolls feature (#21001)
Responding to negative behaviour tends to solicit more of the same. Common wisdom states: "don't feed the trolls".

This change codifies that advice by introducing a new nudge when hitting the reply button on a flagged post. It will be shown if either the current user, or two other users (configurable via a site setting) have flagged the post.
2023-04-20 15:49:35 +08:00
Kris
4eb7d2d79b
UX: improve layout and styles for solo preferences (#21094) 2023-04-19 09:41:02 -04:00
Ted Johansson
437b73e322
SECURITY: Ensure site setting being updated is a configurable site setting (#21131) 2023-04-18 14:32:18 +08:00
Arpit Jalan
8405ae7733
FEATURE: add a setting to allowlist DiscourseConnect return path domains (#21110)
* FEATURE: add a setting to allowlist DiscourseConnect return path domains

This commit adds a site setting to allowlist DiscourseConnect return
path domains. The setting needs supports exact domain or wildcard
character (*) to allow for any domain as return path.

* Add more specs to clarify what is allowed in site setting

* Update setting description to explain what is allowed
2023-04-17 22:53:50 +05:30
David Battersby
967010e545
FEATURE: Add an emoji deny list site setting (#20929)
This feature will allow sites to define which emoji are not allowed. Emoji in this list should be excluded from the set we show in the core emoji picker used in the composer for posts when emoji are enabled. And they should not be allowed to be chosen to be added to messages or as reactions in chat.

This feature prevents denied emoji from appearing in the following scenarios:
- topic title and page title
- private messages (topic title and body)
- inserting emojis into a chat
- reacting to chat messages
- using the emoji picker (composer, user status etc)
- using search within emoji picker

It also takes into account the various ways that emojis can be accessed, such as:
- emoji autocomplete suggestions
- emoji favourites (auto populates when adding to emoji deny list for example)
- emoji inline translations
- emoji skintones (ie. for certain hand gestures)
2023-04-13 15:38:54 +08:00
David Battersby
7d34ba38a2
FIX: all staff_counters should be pluralized strings (#21048)
Make all staff_counters pluralized strings
2023-04-12 17:13:37 +08:00
David Taylor
121d5c6c6a
UX: Enable new notifications menu by default (#21060)
https://meta.discourse.org/t/260358
2023-04-12 09:45:29 +01:00
Discourse Translator Bot
9a562f54d7
Update translations (#21055) 2023-04-11 15:45:03 +02:00
David Taylor
ba5b035f6e
FEATURE: Increase pbkdf2 iterations to 600k (#20981)
Existing passwords will continue to work. Hashes will be regenerates on a user's next login.
2023-04-11 11:56:20 +01:00
David Battersby
569b923fb6
FIX: staff_counters should be pluralized strings (#21039)
Small change to format the staff counter template to apply the correct pluralization for flagged posts/topics.
2023-04-10 17:00:31 +08:00
Sérgio Saquetim
a245b1d3c1
DEV: Make setting top_page_default_timeframe available in the client app (#21015) 2023-04-06 22:31:09 -03:00
Mark VanLandingham
65f35e1ef2
FEATURE: SiteSetting for creation of small action on tag change (#20812)
This adds a SiteSetting, which when enabled, creates a small_action post for tag/category changes to the topic. It uses `topic.add_moderator_post, and passes raw text in, to describe the change.
2023-04-05 13:31:31 -05:00
Discourse Translator Bot
171e8b679d
Update translations (#20861) 2023-04-05 09:12:48 +02:00
Bianca Nenciu
9ff105973f
FEATURE: Allow invite only and Discourse connect (#20961)
Invite only and Discourse connect could not be enabled at the same time
because of some legacy reason. This is a follow up commit to ce04db8,
355d51a and 40f6ceb.
2023-04-04 19:52:11 +03:00
Mark VanLandingham
73325c6c35
FEATURE: SiteSetting to default user path to different routes (#20962) 2023-04-04 11:48:48 -05:00
David Taylor
2386ad12f2
Update default ga_version to v4 and add warning message for v3 (#20936)
Sites which are already using ga3 will stay on that version, and will be shown a warning in the admin panel until they update.

https://meta.discourse.org/t/upgrade-to-google-analytics-4-before-july-2023/260498
2023-04-04 13:14:20 +01:00
David Taylor
e014635a12
DEV: Update minimum Ruby version 3.2 (#20955)
We are now using features like Regex.timeout, which are only supported in Ruby 3.2
2023-04-04 10:04:59 +01:00
Kris
6142c50915
UX: more generic draft abandon message (#20898) 2023-04-03 12:10:23 -04:00
David Taylor
d37ecd4764
PERF: Set default global regex timeout to 2 seconds (#20933)
Followup to a0140f6f75
2023-04-03 10:43:28 +01:00
David McClure
9fbe476262
UX: Update guidance for target DAU/MAU (#20908)
This goal may vary for different types of communities, but 20% is a more reasonable target as a default for the ratio of daily active users / monthly active users (DAU/MAU).
2023-03-30 21:27:37 -04:00
Natalie Tay
068a36d354
UX: Improve error message when a topic cannot be moved due to category restrictions (#20900) 2023-03-31 02:18:57 +08:00
Jordan Vidrine
86f5abfa18
UX: Add description to apple touch setting (#20875) 2023-03-29 08:22:48 -05:00
Ella E
0b05fa71ca
UX: Improve login required page (#20847)
* UX: improve static login page

* DEV: separate welcome header to its own translation line

* Define waving_hand_url helper

* Remove redundant copy

* Update translations for welcome_message

* DEV: remove unused imported getURL

---------

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2023-03-28 07:09:44 -05:00
Krzysztof Kotlarek
4047073292
FIX: display validation under custom sidebar fields (#20772)
Before, incorrectly filled fields were marked with red border. Now, additional information under the field is displayed to notify the user what is incorrect.

/t/93696
2023-03-27 13:03:16 +11:00
Bianca Nenciu
142d2ab65e
FEATURE: Move bootstrap mode indicator to header (#20663)
The information about bootstrap mode has been moved from the notice to
the README topic for admins.
2023-03-24 15:59:03 +02:00
Sam
d87e78616d
FEATURE: allow site owners to disable impersonation (#20783)
Site owners can now disable impersonation using the global setting
`allow_impersonation` (Eg: DISCOURSE_ALLOW_IMPERSONATION: false)

see:

https://meta.discourse.org/t/thoughts-about-impersonate-user/258795
2023-03-23 15:16:05 +11:00
Régis Hanol
41ed4cac91
FIX: missing translation for 'reset_bounce_score' staff action log (#20780) 2023-03-22 23:18:46 +01:00
David Taylor
a0140f6f75
DEV: Introduce regex_timeout_seconds global setting (#20774)
This is introduced as `nil` by default. We intend to set a sensible default once we have performed some real-world testing.
2023-03-22 12:01:35 +00:00
Discourse Translator Bot
6406d8e4cb
Update translations (#20760) 2023-03-22 12:13:36 +01:00
Kris
5d03ddfbc8
UX: clarify descriptions for watched words, style (#20678) 2023-03-21 10:40:26 -04:00
Régis Hanol
37609897e8
FEATURE: log manual bounce reset (#20758)
DEV: rename the route "/admin/users/:id/reset_bounce_score" to use dashes instead of underscores
2023-03-21 15:26:26 +01:00
Krzysztof Kotlarek
db74e9484b
FEATURE: ability to reorder links in custom sidebar sections (#20626)
Drag and drop to reorder custom sidebar sections
2023-03-21 12:23:28 +11:00
TheJammiestDodger
272c31023d
UX: Change JPEG to JPG for search consistency (#20698) 2023-03-16 14:53:29 +00:00
David Taylor
150a6601c0
DEV: Check Zeitwerk eager loading in GitHub CI (#20699)
In production, `eager_load=true`. This sometimes leads to boot errors which are not present in dev/test environments. Running `zeitwerk:check` in CI will help us to pick up on any errors early.

This commit also introduces a `DISCOURSE_ZEITWERK_EAGER_LOAD` environment variable to make it easier to toggle the behaviour when developing locally.
2023-03-16 14:22:16 +00:00
David Taylor
5d46a16ca5
DEV: Cleanup unrelated comment from development.rb (#20697)
This comment has nothing to do with the `eager_load` configuration. It must be left over from some historical refactoring. Removing to avoid confusion.
2023-03-16 11:23:34 +00:00
Discourse Translator Bot
4cf065c480
Update translations (#20671) 2023-03-14 15:04:54 +01:00
David Taylor
d12f1878c9
UX: Improve safe-mode copy (#20670)
Safe-mode only applies to client-side customizations - let's make that clearer
2023-03-14 13:00:52 +00:00
Joshua Rosenfeld
5172749638
UX: improves site setting description for discourse_connect_url (#20642)
Site Setting does not expect a trailing slash, and will throw an error when attempting to save such a URL.
2023-03-10 13:44:56 -05:00
Ted Johansson
87ec058b8b
FEATURE: Configurable auto-bump cooldown (#20507)
Currently the auto-bump cooldown is hard-coded to 24 hours.

This change makes the highlighted 24 hours part configurable (defaulting to 24 hours), and the rest of the process remains the same.

This uses the new CategorySetting model associated with Category. We decided to add this because we want to move away from custom fields due to the lack of type casting and validations, but we want to keep the loading of these optional as they are not needed for almost all of the flows.

Category settings will be back-filled to all categories as part of this change, and creating a new category will now also create a category setting.
2023-03-10 13:45:01 +08:00
chapoi
dd07e0dbd0
FIX: review q issues (#20558)
* DEV: specify type of flag in status

* FIX: passing missing parameter

* DEV: pass type for reviewable score table

* UX: add missing queued-topic styling

* UX: fix img overflow

* UX: add styling for queued user

* UX: fix user flag color

* UX: prevent overflow

* UX: add copy for filters

* FIX: fix typo in css for akismet flagging

* UX: copy change for flag something else

* UX: prevent overflow

* Fixing reviewable-status css classes

* Changes based on no longer using humanType

* Need to use type rather than humanType for reviewable-status

* FIX: linting

---------

Co-authored-by: Martin Brennan <martin@discourse.org>
2023-03-09 16:02:13 +01:00
Roman Rizzi
910bf74c2e
FIX: Display a proper error when user already exists and email addresses are hidden. (#20585)
Follow-up to #16703. Returning an empty response leads to a bad UX since the user
has no feedback about what happened.
2023-03-08 12:38:58 -03:00
Kris
c659540475
FEATURE: tooltip for disabled new topic button (#20561) 2023-03-08 09:14:53 -05:00
Martin Brennan
6feb436303
DEV: Change external upload rate limit maximums to settings (#20577)
Way back when this was introduced way back in b96c10a903
I didn't have any frame of reference for what these max rate
limit numbers should be, so 10 seemed like a reasonable limit
until a real world case where this did not make sense came
along.

The time has come.

Moving these into site settings, which are hidden since in most
cases there is no need to change these.
2023-03-08 15:27:17 +10:00
Discourse Translator Bot
1f88354c5e
Update translations (#20559) 2023-03-07 14:58:31 +01:00
Krzysztof Kotlarek
a16ea24461
FEATURE: allow external links in custom sidebar sections (#20503)
Originally, only Discourse site links were available. After feedback, it was decided to extend this feature to external URLs.

/t/93491
2023-03-07 11:47:18 +11:00
Keegan George
15cf62411a
DEV: Add /theme-qunit to skipped mini profiler paths (#20551) 2023-03-06 14:56:27 -08:00
David Taylor
62dc37ac35
DEV: Improve mini_profiler skipped paths (#20544)
- Remove no-longer-used `commits-widget` and `site_customizations` paths
- Add `/presence/`
- Move from regex to strings. The unanchored regexes were causing unexpected behaviour (e.g. if a topic had the word `assets` in its slug, it would be skipped). When passed strings, mini-profiler uses `String#starts_with?` for comparison
- Add `Discourse.base_path` to ensure proper functionality in subfolder environments
2023-03-06 11:39:15 +00:00
David Taylor
41f933ce89
PERF: Skip metadata routes for mini_profiler (#20543)
Mini-profiler causes routes to become uncacheable. When using mini_profiler in production, the lack of cache on these routes can have a noticeable impact on performance/rate-limiting.
2023-03-06 11:08:32 +00:00
Alan Guo Xiang Tan
e3977f84a3
FIX: Incorrect topic tracking state count when a new category is created (#20506)
What is the problem?

We have a hidden site setting `show_category_definitions_in_topic_lists`
which is set to false by default. What this means is that category
definition topics are not shown in the topic list by default. Only the
category definition topic for the category being viewed will be shown.
However, we have a bug where we would show that a category has new
topics when a new child category along with its category definition
topic is created even though the topic list does not list the child
category's category definition topic.

What is the fix here?

This commit fixes the problem by shipping down an additional
`is_category_topic` attribute in `TopicTrackingStateItemSerializer` when
the `show_category_definitions_in_topic_lists` site setting has been set
to false. With the new attribute, we can then exclude counting child
categories' category definition topics when counting new and unread
counts for a category.
2023-03-06 10:13:10 +08:00
Alan Guo Xiang Tan
66c50547b4
DEV: Experimental /filter route to filter through topics (#20494)
This commit introduces an experimental `/filter` route which allows a
user to input a query string to filter through topics.

Internal Ref: /t/92833
2023-03-03 09:46:21 +08:00
Kris
fac78413c8
REFACTOR: user directories without <table>, second attempt (#20515) 2023-03-02 15:10:19 -05:00
Kris
654ba44723
Revert "REFACTOR: user directories without <table> (#20316)" (#20513)
This reverts commit e206bd8907.
2023-03-02 12:52:02 -05:00
chapoi
e52bbc1230
UX/DEV: Review queue redesign fixes (#20239)
* UX: add type tag and design update

* UX: clarify status copy in reviewQ

* DEV: switch to selectKit

* UX: color approve/reject buttons in RQ

* DEV: regroup actions

* UX: add type tag and design update

* UX: clarify status copy in reviewQ

* Join questions for flagged post with "or" with new I18n function
* Move ReviewableScores component out of context
* Add CSS classes to reviewable-item based on human type

* UX: add table header for scoring

* UX: don't display % score

* UX: prefix modifier class with dash

* UX: reviewQ flag table styling

* UX: consistent use of ignore icon

* DEV: only show context question on pending status

* UX: only show table headers on pending status

* DEV: reviewQ regroup actions for hidden posts

* UX: reviewQ > approve/reject buttons

* UX: reviewQ add fadeout

* UX: reviewQ styling

* DEV: move scores back into component

* UX: reviewQ mobile styling

* UX: score table on mobile

* UX: reviewQ > move meta info outside table

* UX: reviewQ > score layout fixes

* DEV: readd `agree_and_keep` and fix the spec tests.

* Fix the spec tests

* fix the quint test

* DEV: readd deleting replies

* UX: reviewQ copy tweaks

* DEV: readd test for ignore + delete replies

* Remove old

* FIX: Add perform_ignore back in for backwards compat

* DEV: add an action alias `ignore` for `ignore_and_do_nothing`.

---------

Co-authored-by: Martin Brennan <martin@discourse.org>
Co-authored-by: Vinoth Kannan <svkn.87@gmail.com>
2023-03-02 16:40:53 +01:00
Kris
e206bd8907
REFACTOR: user directories without <table> (#20316) 2023-03-02 09:20:38 -05:00
David Taylor
cb4a22b34f
Hide allowed_user_api_push_urls site setting from admin UI (#20508)
This setting is only intended for configuration by hosting providers
2023-03-02 09:49:47 +00:00
Osama Sayegh
82a84241ca
UX: Switch My Posts link in sidebar to My Drafts when drafts are present (#20491) 2023-03-02 06:29:18 +08:00
Keegan George
bb0ef4c7b4
DEV: Show active categories in form templates customize table (#20498) 2023-03-01 12:37:14 -08:00
Keegan George
666b4a7e6b
DEV: Define form template field inputs (#20430) 2023-03-01 11:07:13 -08:00
Benno Fünfstück
24188beaaf
FEATURE: log to STDOUT using Rails 5 env var (#18880)
Rails introduced a environment variables RAILS_LOG_TO_STDOUT in the
template for new projects here: https://github.com/rails/rails/pull/23734

This commit adds the same code to the discourse production environment,
making it easy to configure logging to stdout in production for
environments which already support log collection via stdout.
2023-03-01 07:06:14 +08:00
Discourse Translator Bot
5138caf525
Update translations (#20478) 2023-02-28 14:48:22 +01:00
Bianca Nenciu
ccb345bd88
FEATURE: Update topic/comment embedding parameters (#20181)
This commit implements many changes to topic and comments embedding. It
deprecates the class_name field from EmbeddableHost and suggests using
the className parameter. discourse_username parameter has been
deprecated and it will fetch it from embedded site from the author or
discourse-username meta.

See the updated code sample from Admin > Customize > Embedding page.

* FEATURE: Add className parameter for Discourse embed

* DEV: Hide class_name from EmbeddableHost

* DEV: Deprecate class_name field of EmbeddableHost

* FEATURE: Use either author or discourse-username meta tag

* DEV: Deprecate discourse_username parameter

* DEV: Improve embed code sample
2023-02-28 14:31:59 +02:00
Osama Sayegh
a509441148
DEV: Include unread topics in New topic lists and link to it in sidebar (#20432)
This commit introduces a few experimental changes to the New topics list and "Everything" link in the sidebar:

1. Make the New topics list include unread topics
2. Make the Everything section in the sidebar link to the New topics list (`/new`)
3. Remove "unread" or "new" text next to the count and keep the count
4. The count is a sum of new and unread topics counts

All of these of changes are behind an off-by-default feature flag. I've not written extensive tests for these changes because they're highly experimental.

Internal topic: t/77234.
2023-02-27 15:11:01 +03:00
Keegan George
6108eee31d
DEV: Apply form template to categories (#20337) 2023-02-23 11:18:14 -08:00