Continue from https://github.com/discourse/discourse/pull/25673.
This commit starts building the inputs pane of schema theme settings. At the moment only string fields are rendered, but more types will be added in future commits.
This commit adds a loading spinner when installing a theme as sometimes
installing a theme can take quite a bit of time this way we have some
indication that things are still working as the theme is being
installed.
Before this commit, we had a yarn package set up in the root directory and also in `app/assets/javascripts`. That meant two `yarn install` calls and two `node_modules` directories. This commit merges them both into the root location, and updates references to node_modules.
A previous attempt can be found at https://github.com/discourse/discourse/pull/21172. This commit re-uses that script to merge the `yarn.lock` files.
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
In safe mode plugins are not loaded, so the plugin admin
routes are not loaded. This was causing errors in the
admin sidebar because we are trying to show links to the plugin
admin routes.
This fixes the issue by just not adding the plugin links if
we are in safe mode.
Also, remove experimental setting and simply use top_menu for feature detection
This means that when people eventually enable the hot top menu, there will
be topics in it
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
I was using adminPlugins instead of adminPlugins.index for the Installed Plugins
link in admin sidebar, which was causing Ember to highlight the main link and a plugin
link at the same time.
We only want to highlight the top level Installed Plugins link if we are on that page,
not if we are on e.g. the chat plugin admin route.
Subcategories were not returned when lazy loaded categories are enabled.
This commit implements the old behavior which displayed only top level
categories when there was no search term, but when there was one, it
searched subcategories too.
This commit also removes the client-side ordering of categories, because
the results are already ordered on the server-side.
Recently, Discourse introduced the concept of wrapper plugin outlets, which enables plugins and theme-components lo replace the wrapped content:
```
<PluginOutlet @name="wrapper-outlet-example" @outletArgs={{hash model=@model}}>
<div>Overridable content</div>
</PluginOutlet>
```
This commit adds automatic outlets that are placed `before` and `after wrapper plugin outlets. Connectors them can leverage these new automatic outlets to mount content at these positions, which greatly enhances the use case of the wrapper outlets.
These new auto outlets can be used in two ways:
- Using the standard folder base structure: the folder name that identifies the outlet in which the connector must be mounted must add the suffixes `__before`or `__after` to the outlet name. For the outlet in the example above, the connector should be placed into the `.../connectors/wrapper-outlet-example__before`or `.../connectors/wrapper-outlet-example__after`folders.
- Using API calls: this commit also introduces two new plugin APIs, `api.renderBeforeWrapperOutlet` and `renderAfterWrapperOutlet`. These new APIs can be used in the same way as `api.renderInOutlet`but will only work for wrapper outlets.
For the outlet above when using these new APIs alongside the gjs file format, one could define a component to be placed before the content of the outlet like:
```
api.renderBeforeWrapperOutlet('wrapper-outlet-example', <template>Hello from before the content</template>);
```
or after:
```
api.renderAfterWrapperOutlet('wrapper-outlet-example', <template>Hello from after the content</template>);
```
The uncategorized category was not rendered correctly and it was also
sometimes displayed twice. This commit is a similar bug fix to commit
76647d3a34 and is a follow up to commit
63a50b12fd.
Why this change?
The previous test setup did not actually act as a regression test
because the test will still pass even when the fix is removed. This
commit uses a rendering test instead to ensure that Ember is tracking
the property change.
Why this change?
We have been getting customisation requests about adding stuff
before/after the sidebar sections so we are adding plugin outlets to
support those requests.
Why this change?
This regressed in b797434376 where
the count property in `ExtraNavItem` needs to be tracked as plugins can
be updating the count property directly.
Add categories to the serialized search results together with the topics
when lazy load categories is enabled. This is necessary in order for the
results to be rendered correctly and display the category information.
We're starting to use this system for non-ember-5 deprecations, so linking to the Ember 5 topic doesn't make sense. Instead, we can include the deprecation ID to help with identifying the issue.
We have separated and combined modes for sidebar panels.
Separated means the panels show only their own sections,
combined means sections from all panels are shown.
The admin sidebar only shows its own panels, so it must set
the mode to separated; however when we navigate to chat or
home we must revert to the initial mode setttings.
When hiding/showing the sidebar, as is the case on mobile
and using the toggle in the top left on desktop, we delete
and recreate the ember component on the page. This causes
the `sections` for each sidebar panel to get re-evaluated
every time.
For the admin sidebar, this means that we were constantly
re-adding the plugin links to the sidebar, causing duplication.
This can be fixed by just adding @cached to the getter for
sections.
The Digital Services Act requires a checkbox for any user who's flagging a post as illegal to confirm that they are flagging in good faith. This PR adds that.
During extensibility when we add post menu buttons we very much want access
to the topic.
The transformer does not include a `topic` attribute due to historical reasons.
Given we are going to move away from transforming long term and need to give
plugins access to topic when they are adding buttons, just add the extra
property
Recently we changed the code to check permission in the backend. Example PR https://github.com/discourse/discourse/pull/25735
After those changes, `isInAnyGroups` and `userInAnyGroups` functions are not used anymore.
If you upload a portrait video or just a video that doesn't fit in the
normal video dimensions we want it to have a black background instead of
trying to render parts of the placeholder image as the video background.
This change removes the placeholder image for the video background when
the play button is clicked and replaces it with an all black background.
Affects the following settings:
delete_all_posts_and_topics_allowed_groups
experimental_new_new_view_groups
enable_experimental_admin_ui_groups
custom_summarization_allowed_groups
pm_tags_allowed_for_groups
chat_allowed_groups
direct_message_enabled_groups
chat_message_flag_allowed_groups
This turns off client: true for these group-based settings,
because there is no guarantee that the current user gets all
their group memberships serialized to the client. Better to check
server-side first.
Full post jump "SHIFT+K/J" not working if related topics are displayed
Amended logic so we unconditionally use full post jump on topic pages by
checking for .post-stream
The strict-dynamic CSP directive is supported in all our target browsers, and makes for a much simpler configuration. Instead of allowlisting paths, we use a per-request nonce to authorize `<script>` tags, and then those scripts are allowed to load additional scripts (or add additional inline scripts) without restriction.
This becomes especially useful when admins want to add external scripts like Google Tag Manager, or advertising scripts, which then go on to load a ton of other scripts.
All script tags introduced via themes will automatically have the nonce attribute applied, so it should be zero-effort for theme developers. Plugins *may* need some changes if they are inserting their own script tags.
This commit introduces a strict-dynamic-based CSP behind an experimental `content_security_policy_strict_dynamic` site setting.
This commit is the first of a series of commits that will allow themes to define complex settings types by declaring a schema of the setting structure that Discourse core will use to build a UI for the setting automatically. We implement the navigation logic and support for multiple levels of nesting in this commit and we'll continue building this new system gradually in future commits.
Internal topic: t/116870.
* FEATURE: shift+j and shift+k will scroll entire posts
When scrolling through topics with very long posts we would like to use
`shift+j` and `shift+k` to quickly move between posts.
This allows users to bypass the scroll within post behavior when zooming
through topics with keyboard shortcuts
This overloads the behavior of shift+k and j which can be used to scroll
through sections (new/latest/etc...)
* remove useless tests
These tests are testing nothing, no point carrying them around
I attempted to add a test for related topics, as they are untested. This was a massive challenge as related topics are only rendered after
- a user has stopped typing
- there is a timeout after typing
Between system tests, acceptance tests, and stubbing requests, this was difficult. So here is the pr san test.
When we launched the new illegal flag type, there were a few problems with the translations:
The translation for the message in the e-mail was missing and in the review queue, the message read: "Is this it's illegal?"
In this PR the missing translation key has been added. For the review queue there was a coupling of the name rendering to whether the flag is of "custom" type, but this is also used for deciding whether we render the textbox for additional details. I think these two things should not be coupled together. For now I have instead hard-coded the existing "custom" types when formatting the name. We can potentially improve this later.
This commit was created with a combination of the ember-native-class-codemod and manual cleanup.
User-status-related functionality was previously encapsulated in its own `User.reopen` call, which is essentially an 'inline mixin'. This commit refactors it into a utility class, with an instance accessible on `User#statusManager`
`create topic allowed groups` site setting controls permission to create a new topic.
If a user cannot create a topic, a reply as a new topic button should not be visible as well.
This commit includes several changes to make hashtags work when "lazy
load categories" is enabled. The previous hashtag implementation use the
category colors CSS variables, but these are not defined when the site
setting is enabled because categories are no longer preloaded.
This commit implements two fundamental changes:
1. load colors together with the other hashtag information
2. load cooked hashtag data asynchronously
The first change is implemented by adding "colors" to the HashtagItem
model. It is a list because two colors are returned for subcategories:
the color of the parent category and subcategory.
The second change is implemented on the server-side in a new route
/hashtags/by-ids and on the client side by loading previously unseen
hashtags, generating the CSS on the fly and injecting it into the page.
There have been minimal changes outside of these two fundamental ones,
but a refactoring will be coming soon to reuse as much of the code
and maybe favor use of `style` rather than injecting CSS into the page,
which can lead to page rerenders and indefinite grow of the styles.
When we show the links to installed plugins in the admin
sidebar (for plugins that have custom admin routes) we were
previously only doing this if you opened /admin, not if you
navigated there from the main forum. We should just always
preload this data if the user is admin.
This commit also changes `admin_sidebar_enabled_groups` to
not be sent to the client as part of ongoing efforts to
not check groups on the client, since not all a user's groups
may be serialized.
Affects the following settings:
* whispers_allowed_groups
* anonymous_posting_allowed_groups
* personal_message_enabled_groups
* shared_drafts_allowed_groups
* here_mention_allowed_groups
* uploaded_avatars_allowed_groups
* ignore_allowed_groups
This turns off `client: true` for these group-based settings,
because there is no guarantee that the current user gets all
their group memberships serialized to the client. Better to check
server-side first.
When enabled, the workbox caching logic in the service worker will be replaced with a very simple offline error page. We plan to use this as an experiment to see how it affects performance and stability of Discourse.
This commit also updates a handful of simple adapters which overrode the jsonMode or primaryKey options. These updates are necessary because class fields cannot be overwritten via `EmberObject`'s `.extend()` syntax. These options do not appear to be widely used by themes/plugins.
Some versions of Firefox will throw a TypeError when calling
PublicKeyCredential.isConditionalMediationAvailable() because the
method does not exist. That would previously lead to a "Sorry, an error
has occurred." modal when trying to login.
This commit fixes the issue by properly checking if the method exists.
Since it only affects older Firefox versions, no tests are added.
1. Don't show visited line for hot filter, it is in random order
2. Don't count likes on non regular posts (eg: whispers / small actions)
3. Don't count participants in non regular posts
Checking group permissions on the client does not work,
since not all groups are serialized to the client all
the time. We can check `uploaded_avatars_allowed_groups`
on the server side and serialize to the current user
instead.
Since https://github.com/discourse/discourse/pull/25501 this behavior was broken. This PR attempts to fix it by being more fine grain.
Also note that this PR is moving `footer-nav-ipad` and `footer-nav-visible` to the `html` element and not the `body`. It makes more sense as we are already adding most of other global state class like `keyboard-visible` to the `html` element.
Tested on:
- chrome desktop
- safari ios - iphone
- PWA ios - iphone
- PWA ios - ipad
- DiscourseHub iphone
This change removes the regex we used previously, which only allowed ASCII characters in fast-edit. Now multi-language content can be used with fast-edit.
It also removes the string replacement we relied on in the past to catch various forms of punctuation marks, as this no longer appears necessary (possibly since this component was updated to use Glimmer).
These routes were previously rendered using Rails, and had a fairly fragile 2fa implementation in vanilla-js. This commit refactors the routes to be handled in the Ember app, removes the custom vanilla-js bundles, and leans on our centralized 2fa implementation. It also introduces a set of system specs for the behavior.