Commit Graph

42335 Commits

Author SHA1 Message Date
Dan Ungureanu
8c24a848e0
FEATURE: Reduce invite key length (#12692)
We used to generate invite keys that were 32-characters long which were
not very friendly and lead to very long links. This commit changes the
generation method to use almost all alphanumeric characters to produce
a 10-character long invite key.

This commit also introduces a rate limit for redeeming invites because
the probability of guessing an invite key has increased.
2021-04-14 19:22:16 +03:00
Bianca Nenciu
21d1ee1065
FIX: Use Nokogiri and Loofah consistently (#12693)
CookedPostProcessor used Loofah to parse the cooked content of a post
and Nokogiri to parse cooked Oneboxes. Even though Loofah is built on
top of Nokogiri, replacing an element from the cooked post (a Nokogiri
node) with a parsed onebox (a Loofah node) produced a strange result
which included XML namespaces. Removing the mix and using Loofah
to parse Oneboxes fixed the problem.
2021-04-14 18:09:55 +03:00
Neil Lalonde
f8562d8d2f
Version bump to v2.6.5 2021-04-14 11:01:26 -04:00
Neil Lalonde
07ca35670a
Version bump to v2.7.0.beta7 (#12696) 2021-04-14 10:54:08 -04:00
David Taylor
9430185493
SECURITY: Improve theme git import (#12694) 2021-04-14 15:32:47 +01:00
David Taylor
a19152f3be
SECURITY: Improve theme git import (#12695) 2021-04-14 15:32:33 +01:00
Robin Ward
0afcf9e12e
DEV: Support Node 15 with Ember CLI (#12679)
* DEV: Support Node 15 with Ember CLI

* FIX: Broken tests that needed to be updated in newer Ember CLI
2021-04-14 10:16:39 -04:00
Dan Ungureanu
528cfea079
FEATURE: Auto-activate users invited by email (#12675)
When invited by email, users will receive an invite URL which contains
a token. If that token is present when the invite is redeemed, their
account will be automatically activated.
2021-04-14 12:15:56 +03:00
Bianca Nenciu
e4e2c7c66f
FIX: Improve anchor links (#12683)
* FIX: Use theme color for anchor icon

* FIX: Do not count anchor links

* FIX: Do not count hashtags links either

* DEV: Add tests for link_count

* FIX: Disable anchors in quotes and preview

* FIX: Try building some anchor slugs for unicode

* DEV: Fix tests
2021-04-14 10:27:07 +03:00
Martin Brennan
eeaecd4fd2
FEATURE: Category setting to allow unlimited first post edits by the owner of the topic (#12690)
This PR adds a new category setting which is a column in the `categories` table, `allow_unlimited_owner_edits_on_first_post`.

What this does is:

* Inside the `can_edit_post?` method of `PostGuardian`, if the current user editing a post is the owner of the post, it is the first post, and the topic's category has `allow_unlimited_owner_edits_on_first_post`, then we bypass the check for `LimitedEdit#edit_time_limit_expired?` on that post.
* Also, similar to wiki topics, in `PostActionNotifier#after_create_post_revision` we send a notification to all users watching a topic when the OP is edited in a topic with the category setting `allow_unlimited_owner_edits_on_first_post` enabled.

This is useful for forums where there is a Marketplace or similar category, where topics are created and then updated indefinitely by the OP rather than the OP making new topics or additional replies. In a way this acts similar to a wiki that only one person can edit.
2021-04-14 15:54:09 +10:00
Sam
d56da72fe9
DEV: remove musl support from Gemfile (#12689)
We do not really support Discourse on Alpine linux / musl based distros.

We depend heavily on libc.

Besides this it looks like rubygems/bundler tends to handle this nuance incorrectly.

Remove it for now.
2021-04-13 20:55:40 -06:00
Martin Brennan
c07a6eeb6d
FIX: Software update prompt fixes and improvements (#12648)
* Fixes the z-index of the prompt so it is behind the quick access panels
* Adds a dismiss `X` button (made sure the click target of this was quite big)
* Change structure of HTML to address template lint issues
* Fix aria-hidden not returning true/false
* Reload current page instead of navigating to / when clicking on the prompt message
2021-04-14 10:26:23 +10:00
Martin Brennan
66d17fdd6b
FIX: Topic user bookmarked column is out of sync after post moves (#12612)
When posts are moved from one topic to another, the `topic_user.bookmarked` column for all users in the new and the old topic needs to be resynced, for example because a user bookmarks post 12 in topic 1, then it is moved to topic 2, the topic_user record for topic 1 should no longer be bookmarked. A background job has been added to sync the column for a specified topic, or for no topic at all, which does it for all topics like the migration.

Also includes a migration that we have run in the past to fix bad data.

----

This has been addressed in other places in the past:

https://github.com/discourse/discourse/pull/10211
https://github.com/discourse/discourse/pull/10188
2021-04-14 09:10:53 +10:00
Sam
71475a1a01
DEV: update mini_racer for ARM support (#12682)
New version of mini_racer support M1 and ARM builds of Ruby

This should make developing on Discourse easier

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2021-04-13 13:01:54 -04:00
dependabot[bot]
d87e8683cd
Build(deps): Bump mini_racer from 0.3.1 to 0.4.0 (#12681)
Bumps [mini_racer](https://github.com/discourse/mini_racer) from 0.3.1 to 0.4.0.
- [Release notes](https://github.com/discourse/mini_racer/releases)
- [Changelog](https://github.com/rubyjs/mini_racer/blob/master/CHANGELOG)
- [Commits](https://github.com/discourse/mini_racer/compare/v0.3.1...v0.4.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 12:25:34 -04:00
David Taylor
da6edc117c
FIX: Allow raw-view classes to be resolved from themes/plugins (#12685)
Since cd24eff5d9, theme modules are now prefixed with the theme id. Therefore themes which defined raw-view classes will be broken

This commit updates the `raw` helper to use the resolver for looking up the view class. This automatically takes care of trying theme/plugin paths in addition to core paths.
2021-04-13 15:05:46 +01:00
Discourse Translator Bot
27eff709c4
Update translations (#12684) 2021-04-13 16:02:08 +02:00
dependabot[bot]
2aaceaca36
Build(deps): Bump connection_pool from 2.2.3 to 2.2.4 (#12680)
Bumps [connection_pool](https://github.com/mperham/connection_pool) from 2.2.3 to 2.2.4.
- [Release notes](https://github.com/mperham/connection_pool/releases)
- [Changelog](https://github.com/mperham/connection_pool/blob/master/Changes.md)
- [Commits](https://github.com/mperham/connection_pool/compare/v2.2.3...v2.2.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-13 11:32:26 +02:00
Faizaan Gagan
c45dbe4159
enable eol-last for eslint and ember-template-lint (#12678)
enable eol-last for eslint and ember-template-lint

Fixed a handlful of .hbs files where newlines weren't present
2021-04-12 17:22:00 -07:00
Robin Ward
abe588c2c8
Update caniuse-lite to the latest version (#12677) 2021-04-12 14:06:17 -04:00
Ryan Mulligan
d837ad8386
DEV: user suspension use .present? (#12676)
As suggested by eviltrout in

https://github.com/discourse/discourse/pull/12666
2021-04-12 12:53:40 -04:00
Bianca Nenciu
2081b6e5c9
UX: Improve poll builder UI (#12549)
* Improve poll validation

* Redesign poll builder

* Group all advanced settings under a new section
2021-04-12 19:48:01 +03:00
Jarek Radosz
7d1cef71ff
DEV: Remove ScrollTop mixin (#12673)
It was deprecated (incorrectly! see the import 😅) 5 years ago. No references found anymore in core and all-the-plugins.
2021-04-12 17:52:53 +02:00
Roman Rizzi
958fbfb719
FEATURE: Send an email notification when a post is approved. (#12665)
We now send an email when a queued post is approved, and we create a notification.
2021-04-12 12:08:23 -03:00
Ryan Mulligan
045adb76f2
FIX: only send user suspension emails if email message provided (#12666)
This makes behavior consistent with documentation:

API:

> Will send an email with this message when present

Web UI:

> Optionally, provide more information about the suspension and it will be emailed to the user
2021-04-12 11:03:10 -04:00
David Taylor
65647000a1
DEV: Allow Discourse::Utils.execute_command timeout with env (#12672)
Followup to 5deda5ef3e

The first argument to `Open3.capture3` can be an environment variable hash. In this case, we need to insert the `timeout` command after the env hash.
2021-04-12 13:53:41 +01:00
Osama Sayegh
cd24eff5d9
FEATURE: Introduce theme/component QUnit tests (take 2) (#12661)
This commit allows themes and theme components to have QUnit tests. To add tests to your theme/component, create a top-level directory in your theme and name it `test`, and Discourse will save all the files in that directory (and its sub-directories) as "tests files" in the database. While tests files/directories are not required to be organized in a specific way, we recommend that you follow Discourse core's tests [structure](https://github.com/discourse/discourse/tree/master/app/assets/javascripts/discourse/tests).

Writing theme tests should be identical to writing plugins or core tests; all the `import` statements and APIs that you see in core (or plugins) to define/setup tests should just work in themes.

You do need a working Discourse install to run theme tests, and you have 2 ways to run theme tests:

* In the browser at the `/qunit` route. `/qunit` will run tests of all active themes/components as well as core and plugins. The `/qunit` now accepts a `theme_name` or `theme_url` params that you can use to run tests of a specific theme/component like so: `/qunit?theme_name=<your_theme_name>`.

* In the command line using the `themes:qunit` rake task. This take is meant to run tests of a single theme/component so you need to provide it with a theme name or URL like so: `bundle exec rake themes:qunit[name=<theme_name>]` or `bundle exec rake themes:qunit[url=<theme_url>]`.

There are some refactors to how Discourse processes JavaScript that comes with themes/components, and these refactors may break your JS customizations; see https://meta.discourse.org/t/upcoming-core-changes-that-may-break-some-themes-components-april-12/186252?u=osama for details on how you can check if your themes/components are affected and what you need to do to fix them.

This commit also improves theme error handling in Discourse. We will now be able to catch errors that occur when theme initializers are run and prevent them from breaking the site and other themes/components.
2021-04-12 15:02:58 +03:00
Sam
5b99cb9275
FIX: automatically timeout long running image magick commands (#12670)
Previously certain images may lead to convert / identify to run for unreasonable
amounts of time

This adds a maximum amount of time these commands can run prior to forcing
them to stop
2021-04-12 14:04:37 +03:00
Joffrey JAFFEUX
18777d9108
DEV: implements some of ember-truth-helpers (#12667)
The implemented helpers, are helper which might be in Ember core in the future:

- and
- or
- not
- eq
- not-eq
- lt
- lte
- gt
- gte

They follow the implementation of ember-truth-helpers: https://github.com/jmurphyau/ember-truth-helpers

Note 1: Ember rfcs are still debating going with {{not-eq}} or {{neq}}, should be easy to support in the future whatever is finally chosen.

Note 2: this commit also moves it to its own addon, and removes the {{not}} test, to simplify further updates.
2021-04-12 11:40:00 +02:00
Joffrey JAFFEUX
094c9e5ea3
DEV: uses onebox 2.2.12 (#12671) 2021-04-12 11:34:05 +02:00
Joffrey JAFFEUX
2dc8bfd1ba
UI: adds styling for new github PR body details/summary (#12669)
https://github.com/discourse/onebox/pull/466
2021-04-12 10:45:16 +02:00
David Taylor
35e1e009fa
FIX: Allow restoring non-subfolder backup to subfolder site (#12537)
`GlobalSetting.relative_url_root` comes from the destination site. We
can't be sure whether it was the same on the original site. It's safer
to use a wildcard here, so we can backup/restore sites with different
relative_url_root values.
2021-04-12 14:00:52 +10:00
Penar Musaraj
abb0a4bae2
DEV: Add SCSS helper to replace asset-uri and image-uri (#12664) 2021-04-12 13:57:39 +10:00
Sam
5deda5ef3e
FIX: automatically timeout long running image magick commands (#12670)
Previously certain images may lead to convert / identify to run for unreasonable
amounts of time

This adds a maximum amount of time these commands can run prior to forcing
them to stop
2021-04-12 13:55:54 +10:00
Joffrey JAFFEUX
b6337b72f1
FEATURE: adds last day to about page stats (#12663)
* FEATURE: adds last day to about page stats

* make it clear it's last 24 hours

* applies same copy fix to days
2021-04-12 12:50:33 +10:00
wilson29thid
d5b30b9b7b
FEATURE: Add user_confirmed_email to user event webhook (#12539) 2021-04-12 12:48:42 +10:00
Sam
5b342ae505
FIX: remove superfluous spaces from CJK blurbs (#12629)
Previously we used the raw data indexed to generate blurbs even for cases
when Chinese/Korean/Japanese text was used.

This caused superfluous spaces to show up in excerpts.
2021-04-12 12:46:42 +10:00
Vinoth Kannan
5e93730375
DEV: bump discourse_dev gem version to 0.0.9 (#12660) 2021-04-09 23:06:33 +05:30
Penar Musaraj
43d09dbabe
DEV: Skip looking for svgo, gifsicle binaries (#12655) 2021-04-09 08:52:06 -04:00
Penar Musaraj
e77b9dfd45
DEV: Use Terser for JS minification/compression if available (#12656) 2021-04-09 08:51:49 -04:00
dependabot[bot]
b7dad91f2f
Build(deps-dev): Bump parallel_tests from 3.6.0 to 3.7.0 (#12657)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.6.0...v3.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-09 12:03:19 +02:00
Martin Brennan
1ba5ccd8af
FIX: When user has already hit bookmark limit, do not error for clear_reminder! or other updates (#12658)
We introduced a cap on the number of bookmarks the user can add in be145ccf2f. However this has caused unintended side effects; when the `jobs/scheduled/bookmark_reminder_notifications.rb` runs we get this error for users who already had more bookmarks than the limit:

> Job exception: Validation failed: Sorry, you have too many bookmarks, visit #{url}/my/activity/bookmarks to remove some.

This is because the `clear_reminder!` call was triggering a bookmark validation, which raised an error because the user already had to many, holding up other reminders.

This PR also adds `max_bookmarks_per_user` hidden site setting (default 2000). This replaces the BOOKMARK_LIMIT const so we can raise it for certain sites.
2021-04-09 13:06:35 +10:00
Roman Rizzi
8339b8f412
FEATURE: Make the tag_groups#search endpoint public. (#12643)
The method uses the "TagGroup#visible" method to respect the tag group visibility settings.
2021-04-08 14:23:13 -03:00
Vinoth Kannan
26d7eedf4c
FEATURE: trigger webhook when a user added/removed in a group. (#12653)
Whenever a group is added or removed from a group a webhook event will get triggered if it's active.
2021-04-08 21:16:34 +05:30
David Taylor
38e7fe2770
FIX: Ensure group flair upload is present when deciding type (#12650)
Previously, if the upload_id was present, but the upload was missing, the entire site would give a server error.

We have no foreign keys on this relation, so we have to be able to cope with the situation where the upload_id is present, but the actual upload has been deleted.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-04-08 15:54:09 +01:00
Penar Musaraj
eb7ff576e5
FEATURE: Use SVG icons for some oneboxes (#12654) 2021-04-08 09:58:12 -04:00
Joffrey JAFFEUX
081ada090c
UX: shows a hint when there are more tags than displayed (#12649) 2021-04-08 15:51:31 +02:00
Robin Ward
7e2b7bdd78
DEV: Adds new plugin API support to always show the topic map (#12642)
You can enable this by using the `includePostAttributes` API call with
the value of `topicMap`. This will always show the topic map at the top
of a topic regardless of how many posts there are.
2021-04-08 08:19:25 -04:00
Joffrey JAFFEUX
6081f8e5e9
UX: always display remove emoji btn from emoji-value-list (#12652)
Although if emoji is not editable it should be disabled.
2021-04-08 13:34:26 +02:00
Joffrey JAFFEUX
e463f5ce08
DEV: introduces {{not}} helper (#12651)
Code is coming from https://github.com/jmurphyau/ember-truth-helpers, for now I only ported {{not}} which would have tons of use cases in our code base.

We might want to use more helpers in the future, also Ember should have this kind of helpers natively in the future:

- https://github.com/cibernox/rfcs/blob/add-logical-operators-to-templates/text/0000-add-logical-operators.md
- https://github.com/cibernox/rfcs/blob/add-equality-operators-to-templates/text/0000-add-equality-operators.md
- https://github.com/cibernox/rfcs/blob/add-numeric-comparison-operators-to-templates/text/0561-add-numeric-comparison-operators.md
2021-04-08 13:25:16 +02:00