Commit Graph

45596 Commits

Author SHA1 Message Date
Jarek Radosz
fcb4e5a1a1
DEV: Make wizard an ember addon (#17027)
Co-authored-by: David Taylor <david@taylorhq.com>
2022-06-17 14:50:21 +02:00
Jarek Radosz
fddd6fd5e0
DEV: Fix an rspec warning (#17123)
```
WARNING: Using `expect { }.not_to raise_error(SpecificErrorClass)` risks false positives, since literally any other error would cause the expectation to pass, including those raised by Ruby (e.g. `NoMethodError`, `NameError` and `ArgumentError`), meaning the code you are intending to test may not even get reached. Instead consider using `expect { }.not_to raise_error` or `expect { }.to raise_error(DifferentSpecificErrorClass)`. This message can be suppressed by setting: `RSpec::Expectations.configuration.on_potential_false_positives = :nothing`. Called from /var/www/discourse/spec/lib/retrieve_title_spec.rb:155:in `block (3 levels) in <main>'.
```
2022-06-17 13:45:16 +02:00
Jarek Radosz
79d3b25d97
DEV: Fix various frontend warnings (#17122)
3 computed property overrides and a tippy warning
2022-06-17 13:45:05 +02:00
Jarek Radosz
f27f95b2e9
DEV: Don't print uppy warnings in test env (#17121) 2022-06-17 13:44:52 +02:00
David Taylor
e0ff367b49
DEV: Stop logging error response body in FileHelper (#17120)
This doesn't cope well with gzipped, binary, or large responses. Ideally we would teach FinalDestination to safely retrieve and decode some of the response body. But for now, let's remove the broken implementation.
2022-06-17 11:50:30 +01:00
David Taylor
6695d148d6
DEV: Cleanup topic thumbnail enqueuing (#17119)
- Ensure only one job is enqueued when there are no extra sizes requested by themes
- Update and un-skip relevant tests
2022-06-17 11:07:32 +01:00
Loïc Guitaut
1166db12b4
FIX: Make watched words uploads work as intended (#17097)
* FIX: Make watched words uploads work as intended

Currently when we upload a file containing watched words, it will always
add the words to the action that was initially selected: this is the
`block` action by default but if changing manually the action in the URL
to `flag` for example, then this action will be selected and uploaded
watched words will be categorised as `flag` no matter what.

The problem lies with how the component works: it’s an Uppy object where
extra data is defined to provide an action key to the server but when
navigating to another listed action, while this action key is properly
updated on the component itself, the underlying Uppy object has already
been created and doesn’t care about the new value.

This patch solves this by using the `_perFileData` method instead of
`data`: the former is merged just before uploading a file whereas the
latter is used when the Uppy object is created.
2022-06-17 11:07:58 +02:00
dependabot[bot]
97e21b80a0
Build(deps-dev): Bump minitest from 5.15.0 to 5.16.0 (#17103)
Bumps [minitest](https://github.com/seattlerb/minitest) from 5.15.0 to 5.16.0.
- [Release notes](https://github.com/seattlerb/minitest/releases)
- [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc)
- [Commits](https://github.com/seattlerb/minitest/compare/v5.15.0...v5.16.0)

---
updated-dependencies:
- dependency-name: minitest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-17 10:47:06 +02:00
Alan Guo Xiang Tan
f618fdf17f
Revert "DEV: Centralize user updates to a single MessageBus channel. (#17058)" (#17115)
This reverts commit 94c3bbc2d1.

At this current point in time, we do not have enough data on whether
this centralisation is the trade-offs of coupling features into a single
channel.
2022-06-17 12:24:15 +08:00
Penar Musaraj
4c810ca121
FIX: JSON Schema editor layout issue with subarrays (#17112) 2022-06-16 22:33:42 -04:00
Kris
dfba188bd6
UX: remove extra whitespace in github onebox (#17111) 2022-06-17 11:09:45 +10:00
Roman Rizzi
e5691362df
DEV: add smtp_should_reject to the receive_emails api key scope (#17110) 2022-06-16 13:46:56 -03:00
David Taylor
691afa2593
DEV: Handle emoji-picker and d-editor being destroyed simultaneously (#17109) 2022-06-16 17:16:15 +01:00
David Taylor
c00205730e
FIX: Ensure presence endpoints don't break the session (#17108)
Presence endpoints are often called asynchronously at the same time as other request, and never need to modify the session. Skipping ensures that an unneeded cookie rotation doesn't race against another request and cause issues.

This change brings presence in line with message-bus's behaviour.
2022-06-16 14:38:43 +01:00
David Taylor
a4fc88ce68
FIX: Ensure emoji is inserted in the correct location (#17107)
In the specific case where you start typing an emoji, then open the full emoji picker, the chosen emoji would be inserted in the wrong place. This was an unintentional side effect of the changes in 75d9c16156

This commit updates the `emojiSelected` logic to avoid mutating the 'selected' object, and also adds a test for this specific behaviour.
2022-06-16 12:16:53 +01:00
Arpit Jalan
c39cebc161
PERF: remove server plugin outlet for post (#17105) 2022-06-16 17:21:24 +10:00
Alan Guo Xiang Tan
c625dc0adc
FEATURE: Add messages section links to experimental sidebar. (#17096) 2022-06-16 13:33:40 +08:00
Gerhard Schlager
888f50543d
DEV: Fix javascript:update rake task (#17098)
* The `javascript:update` rake task failed because recent versions of chart.js use a lowercase filename (`chart.min.js` instead of `Chart.min.js`)

* Changed `loadScript()` to use lowercase keys to lookup scripts

* `svg-arrow.css` seems to have changed slightly (linebreak at the end of file)
2022-06-15 19:49:04 +02:00
Isaac Janzen
a7034c5a14
DEV: Update create-account test to be more clear (#17102) 2022-06-15 12:47:47 -05:00
Isaac Janzen
bc0a37b642
DEV: @bind create-account actions (#17100)
DEV: @bind create-account actions

Context: https://github.com/discourse/discourse/pull/16983#discussion_r894721403
2022-06-15 12:36:04 -05:00
David Taylor
275849771f
DEV: Emit a 'change' event when PresenceChannel info changes (#17088)
e.g.

```
presenceChannel = this.presence.getChannel('/blah');
presenceChannel.subscribe();
presenceChannel.on('change', (channel) => console.log(channel.users));
```

This commit also does some refactoring to remove the use of an unnecessary EmberObject and dynamic `defineProperty` call
2022-06-15 16:13:44 +01:00
Jarek Radosz
f723b4c322
FIX: Handle sites with more than 1 JSON-LD element (#17095)
A followup to #17007
2022-06-15 02:55:55 +02:00
Martin Brennan
4d3c1ceb44
FEATURE: Log the SMTP response in EmailLog (#17056)
When sending emails with delivery_method_options -> return_response
set to true, the SMTP sending code inside Mail will return the SMTP
response when calling deliver! for mail within the app. This commit
ensures that Email::Sender captures this response if it is returned
and stores it against the EmailLog created for the sent email.

A follow up PR will make this visible within the admin email UI.
2022-06-15 10:28:30 +10:00
Krzysztof Kotlarek
63df2b4550
FIX: whisper available when reply to topic (#17054)
When a user is answering a whisper comment, they cannot change from whisper to regular answer.

However, user can click reply to topic. We keep `postSnapshot` so user can change mind and switch back to reply to post. In that case, a toggle whisper button should appear.

To make it happen, I am ensuring to display a toggle whisper button when user is replying to topic - `postLink` attribute is missing.
2022-06-15 09:59:57 +10:00
Jarek Radosz
39f45c701c
DEV: Mark inline styles as safe (#17093)
Fixes many Ember deprecation warnings like:

```
WARNING: Binding style attributes may introduce cross-site scripting vulnerabilities; please ensure that values being bound are properly escaped. For more information, including how to disable this warning, see https://emberjs.com/deprecations/v1.x/#toc_binding-style-attributes. Style affected: "border-color: #33B0B0; --category-color: #33B0B0;"
```
2022-06-15 01:31:21 +02:00
Daniel Waterworth
d7886e4d18
FIX: Allow all subdomains of localhost in development (#17089)
domains can contain numbers.

Follow-up-to: 00e756e358
2022-06-14 14:54:49 -05:00
Jarek Radosz
348b6e848f
FIX: NavItem and Composer prop overriding was broken (#17092) 2022-06-14 21:16:33 +02:00
Discourse Translator Bot
e0364cf228
Update translations (#17087) 2022-06-14 16:57:33 +02:00
Gerhard Schlager
96e87af605
FIX: Rake tasks related to uploads were broken (#17085) 2022-06-14 11:05:03 +02:00
Alan Guo Xiang Tan
4a240f6c90
DEV: First pass at messages section experimental sidebar (#17084) 2022-06-14 15:56:20 +08:00
Alan Guo Xiang Tan
e7e23e8d9c
FIX: Remove tags from experimental sidebar on notification level changed (#17083)
As part of this commit, a bug where updating a tag's notification level on the server side does not update the state of the user's tag notification levels on the client side is fixed too.
2022-06-14 15:39:56 +08:00
dependabot[bot]
47034d9ca0
Build(deps): Bump zeitwerk from 2.5.4 to 2.6.0 (#17080)
Bumps [zeitwerk](https://github.com/fxn/zeitwerk) from 2.5.4 to 2.6.0.
- [Release notes](https://github.com/fxn/zeitwerk/releases)
- [Changelog](https://github.com/fxn/zeitwerk/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fxn/zeitwerk/compare/v2.5.4...v2.6.0)

---
updated-dependencies:
- dependency-name: zeitwerk
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-14 13:49:03 +08:00
Sam
4a1937adff
FEATURE: Change auto tracking to require 5 minutes vs 4 (#17081)
Per @codinghorror, we prefer to change this setting to 5 minutes to avoid
tracking topic automatically except for extremely exceptional situations.
2022-06-14 13:48:19 +08:00
Alan Guo Xiang Tan
0ae7b43018
PERF: Remove total for time to first response report. (#17082)
The query is very inefficient without any constraints on large sites and
the average of all time to first response since the beginning of time is
not useful as well.
2022-06-14 13:27:48 +10:00
Blake Erickson
f313276966
Version bump to v2.9.0.beta5 (#17077) 2022-06-13 15:27:06 -06:00
Blake Erickson
ae6a907943
SECURITY: banner-info (#17071) 2022-06-13 11:10:21 -06:00
David Taylor
6650218e3d
FIX: Ensure that extract_upload_ids works with all short URLs (#17070)
We do not zero-pad our base62 short URLs, so there is no guarantee that the length is 27. Instead, let's greedily match all consecutive base62 characters and look for a matching upload.

This reverts bd32656157 and 36f5d5eada.
2022-06-13 17:01:27 +01:00
sansnumero
f0c6dd5682
Add support for JSON LD in Onebox (#17007)
* FIX: Fix a bug that is accessing the values in a hash wrongly and write tests

I decided to write tests in order to be confident in my refactor that's in the next commit.
Meanwhile I have discovered a potential bug. The `title_attr` key was accessed as a string,
but all the keys are actually symbols so it was never evaluated to be true.

irb(main):025:0> d = {key: 'value'}
=> {:key=>"value"}
irb(main):026:0> d['key']
=> nil
irb(main):027:0> d[:key]
=> "value"

* DEV: Extract methods for readability

I will be adding a new method following the conventions in place for adding a new normalizer. And this will make the readability of the `raw` block even more difficult; so I am extracting self contained private methods beforehand.

* FEATURE: Parse JSON-LD and introduce Movie object

JSON LD data is very easily transferable to Ruby objects because they contain types. If these types are mapped to Ruby objects, it is also better to make all the parsed data very explicit and easily extendable.

JSON-LD has many more standardized item types, with a full list here: https://schema.org/docs/full.html
However in order to decrease the scope, I only adapted the movie type.

* DEV: Change inheritance between normalizers

Normalizers are not supposed to have an inheritance relationships amongst each other. They are all normalizers, but all normalizing separate protocols. This is why I chose to extract a parent class and relieve Open Graph off that responsibility. Removing the parent class altogether could also a possibility, but I am keeping the scope limited to having a more accurate representation of the normalizers while making it easier to add a new one.

* Lint changes

* Bring back the Oembed OpenGraph inheritance

There is one test that caught that this inheritance was necessary. I still think modelling wise this inheritance shouldn't exist, but this can be tackled separately.

* Return empty hash if the json received is invalid

Before this change if there was a parsing error with JSON it would throw an exception. The goal of this commit is to rescue that exception and then log a warning. I chose to use Discourse's logger wrapper `warn_exception` to have the backtrace and not just used Rails logger. I considered raising an `InvalidParameters` error however if the JSON here is invalid it should not block showing of the Onebox, so logging is enough.

* Prep to support more JSONLD schema types with case

* Extract mustache template object created from JSONLD
2022-06-13 17:32:34 +02:00
Wolftallemo
be556ef17b
FIX: Skip CSRF token check on webhook routes (#16982)
The `WebhookController` inherits directly from `ActionController::Base`. Since Rails 5.2, forgery protection has been enabled by default. When we applied those new defaults in 0403a8633b, it took effect on this controller and broke integrations.

This commit explicitly disables CSRF protection on these webhook routes, and updates the specs so they'll catch this kind of regression in future.
2022-06-13 15:36:45 +01:00
Jarek Radosz
77632d2d36
DEV: Explicitly allow NavItem customization (#17061)
Allow overriding NavItem's title and displayName. Fixes multiple instances of `computed-property.override` warnings in plugins.
2022-06-13 12:46:04 +02:00
Jarek Radosz
8d0c2cd4f8
DEV: Allow disabling composer submit (#17062)
…without overriding the computed property. Will fix warnings in discourse-perspective-api plugin.
2022-06-13 12:45:47 +02:00
Alan Guo Xiang Tan
e9a77e7f19
FEATURE: Add new/unread counts to tags section links exp sidebar (#17057) 2022-06-13 14:54:01 +08:00
Alan Guo Xiang Tan
95fa4c5d52
DEV: Ensure topic-tracking-state state change callbacks are cleaned up (#17069) 2022-06-13 14:53:02 +08:00
Alan Guo Xiang Tan
94c3bbc2d1
DEV: Centralize user updates to a single MessageBus channel. (#17058)
Introduces an interface to publish user updates on the server side and
helps to reduce the growing number of subscriptions on the client side.
2022-06-13 14:27:43 +08:00
Alan Guo Xiang Tan
bd32656157
DEV: Skip flaky test. (#17068) 2022-06-13 13:48:08 +08:00
Alan Guo Xiang Tan
36f5d5eada
DEV: Skip flaky spec. (#17067) 2022-06-13 13:10:00 +08:00
dependabot[bot]
65929ed128
Build(deps): Bump multipart-post from 2.2.2 to 2.2.3 (#17066)
Bumps [multipart-post](https://github.com/socketry/multipart-post) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/socketry/multipart-post/releases)
- [Changelog](https://github.com/socketry/multipart-post/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketry/multipart-post/compare/v2.2.2...v2.2.3)

---
updated-dependencies:
- dependency-name: multipart-post
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 11:26:25 +08:00
dependabot[bot]
357ef528de
Build(deps): Bump diffy from 3.4.0 to 3.4.1 (#17065)
Bumps [diffy](https://github.com/samg/diffy) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/samg/diffy/releases)
- [Changelog](https://github.com/samg/diffy/blob/main/CHANGELOG)
- [Commits](https://github.com/samg/diffy/commits)

---
updated-dependencies:
- dependency-name: diffy
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 11:15:29 +08:00
dependabot[bot]
69e5da448e
Build(deps): Bump rails-html-sanitizer from 1.4.2 to 1.4.3 (#17064)
Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.4.2 to 1.4.3.
- [Release notes](https://github.com/rails/rails-html-sanitizer/releases)
- [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.4.2...v1.4.3)

---
updated-dependencies:
- dependency-name: rails-html-sanitizer
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-13 11:15:14 +08:00
Jarek Radosz
e245839c3c
DEV: Remove old deprecations (#14906) 2022-06-12 21:28:20 +02:00