Commit Graph

53080 Commits

Author SHA1 Message Date
Discourse Translator Bot
716e3a4dd5
Update translations (#25767) 2024-02-20 09:42:19 -05:00
Jarek Radosz
62e36145c5
UX: Tweak play button css (#25754)
* Remove unnecessary properties
* Use rem unit
* Add a drop shadow
* Make the "box shadow" slightly more subtle
* Use --d-border-radius
* Don't scale the "box shadow" on hover
* Scale down the on-hover size
* Make the button slightly larger
* Respect prefers-reduced-motion
* Use white rather than --secondary-or-primary
* Don't animate on-hover on mobile
2024-02-20 12:13:20 +01:00
David Battersby
5054fe7730
DEV: skip test for chat link with missing param (#25766) 2024-02-20 18:49:30 +08:00
Osama Sayegh
866193e8f3
FEATURE: Back button for schema theme settings (#25743)
Continue from https://github.com/discourse/discourse/pull/25673.

This commit adds a back button to the navigation tree of the schema.
2024-02-20 13:43:18 +03:00
David Battersby
a460dbcb37
FEATURE: Create a link to start a new chat (#25722)
This feature adds the functionality to start a new chat directly from the URL using query params.

The format is: /chat/new-message?recipients=buford,jona

The initial version of this feature allows for the following:

- Open an existing direct message channel with a single user
- Create a new direct message channel with a single user (and auto redirect)
- Create or open a channel with multiple users (and auto redirect)
- Redirects to chat home if the recipients param is missing
2024-02-20 18:08:57 +08:00
Joffrey JAFFEUX
d8d756cd2f
DEV: chat streaming (#25736)
This commit introduces the possibility to stream messages. To allow plugins to use streaming this commit also ships a `ChatSDK` library to allow to interact with few parts of discourse chat.

```ruby
ChatSDK::Message.create_with_stream(raw: "test") do |helper|
  5.times do |i|
    is_streaming = helper.stream(raw: "more #{i}")
    next if !is_streaming
    sleep 2
  end
end
```

This commit also introduces all the frontend parts:
- messages can now be marked as streaming
- when streaming their content will be updated when a new content is appended
- a special UI will be showing (a blinking indicator)
- a cancel button allows the user to stop the streaming, when cancelled `helper.stream(...)` will return `false`, and the plugin can decide exit early
2024-02-20 09:49:19 +01:00
Sam
b057f1b2b4
FEATURE: add a .topic attribute to transformedPost (#25757)
During extensibility when we add post menu buttons we very much want access
to the topic.

The transformer does not include a `topic` attribute due to historical reasons.

Given we are going to move away from transforming long term and need to give
plugins access to topic when they are adding buttons, just add the extra
property
2024-02-20 13:44:43 +11:00
Martin Brennan
86183fea37
FIX: Admin nav active link in dark mode (#25759)
Followup e4b6142d6a,
the link was still black in dark mode.
2024-02-20 11:25:35 +10:00
Martin Brennan
0b3180c86f
DEV: Add SecureUploadEndpointHelpers for controllers (#25758)
This commit moves some code out of UploadController#show_secure
so it can be reused in other controllers if a secure upload
needs to have permission checks run.
2024-02-20 11:19:22 +10:00
Alan Guo Xiang Tan
bf3c4b634a
DEV: Support validations options for string and numeral types (#25719)
Why this change?

This commit updates `ThemeSettingsObjectValidator` to validate a
property's value against the validations listed in the schema.

For string types, `min_length`, `max_length` and `url` are supported.
For integer and float types, `min` and `max` are supported.
2024-02-20 09:17:27 +08:00
Martin Brennan
3894ee6cb6
DEV: Add post_action_users_list modifier for PostActionUsersController (#25740)
This commit adds another plugin modifier related to post
actions, similar to ae24e04a5e.

This will be used to exclude users who liked _and_ reacted to
the post, since now in discourse-reactions we make a Like when
a user reacts too. This will affect the display of the post footer.
2024-02-20 09:48:09 +10:00
Jarek Radosz
09b1db8c3c
Revert "Build(deps): Bump @uppy/drop-target from 2.0.1 to 2.0.3 in /app/assets/javascripts (#25747)" (#25756)
This reverts commit 9e4e085666.
2024-02-20 09:31:09 +10:00
dependabot[bot]
f1740de62e
Build(deps): Bump terser from 5.27.1 to 5.27.2 in /app/assets/javascripts (#25748)
* Build(deps): Bump terser in /app/assets/javascripts

Bumps [terser](https://github.com/terser/terser) from 5.27.1 to 5.27.2.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.27.1...v5.27.2)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 23:14:15 +01:00
dependabot[bot]
385401d75c
Build(deps-dev): Bump webpack from 5.90.2 to 5.90.3 in /app/assets/javascripts (#25746)
* Build(deps-dev): Bump webpack in /app/assets/javascripts

Bumps [webpack](https://github.com/webpack/webpack) from 5.90.2 to 5.90.3.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.90.2...v5.90.3)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 23:13:34 +01:00
dependabot[bot]
9e4e085666
Build(deps): Bump @uppy/drop-target from 2.0.1 to 2.0.3 in /app/assets/javascripts (#25747)
* Build(deps): Bump @uppy/drop-target in /app/assets/javascripts

Bumps [@uppy/drop-target](https://github.com/transloadit/uppy) from 2.0.1 to 2.0.3.
- [Release notes](https://github.com/transloadit/uppy/releases)
- [Changelog](https://github.com/transloadit/uppy/blob/main/CHANGELOG.md)
- [Commits](https://github.com/transloadit/uppy/compare/@uppy/drop-target@2.0.1...@uppy/drop-target@2.0.3)

---
updated-dependencies:
- dependency-name: "@uppy/drop-target"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 23:13:12 +01:00
dependabot[bot]
445dcad4d3
Build(deps-dev): Bump selenium-webdriver from 4.17.0 to 4.18.0 (#25751)
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.17.0 to 4.18.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Changelog](https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES)
- [Commits](https://github.com/SeleniumHQ/selenium/compare/selenium-4.17.0...selenium-4.18.0)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 23:11:39 +01:00
dependabot[bot]
cb5485736e
Build(deps): Bump logster from 2.18.0 to 2.18.1 (#25750)
Bumps [logster](https://github.com/discourse/logster) from 2.18.0 to 2.18.1.
- [Changelog](https://github.com/discourse/logster/blob/main/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/compare/v2.18.0...v2.18.1)

---
updated-dependencies:
- dependency-name: logster
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 23:11:17 +01:00
dependabot[bot]
0796cc2b21
Build(deps-dev): Bump webmock from 3.20.0 to 3.21.0 (#25749)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.20.0 to 3.21.0.
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.20.0...v3.21.0)

---
updated-dependencies:
- dependency-name: webmock
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 23:11:02 +01:00
Krzysztof Kotlarek
b215aac317
DEV: remove unused isInAnyGroups function (#25741)
Recently we changed the code to check permission in the backend. Example PR https://github.com/discourse/discourse/pull/25735

After those changes, `isInAnyGroups` and `userInAnyGroups` functions are not used anymore.
2024-02-20 09:08:46 +11:00
Blake Erickson
5ebe91a9a4
FIX: Set the video background to be black (#25744)
If you upload a portrait video or just a video that doesn't fit in the
normal video dimensions we want it to have a black background instead of
trying to render parts of the placeholder image as the video background.

This change removes the placeholder image for the video background when
the play button is clicked and replaces it with an all black background.
2024-02-19 12:46:45 -07:00
Jan Cernik
a03b9f1602
FIX: Correct category name for auto_join_users_info in chat (#25739) 2024-02-19 06:51:11 -03:00
Alan Guo Xiang Tan
a64f558f32
DEV: Add property value validation to ThemeSettingsObjectValidator (#25718)
Why this change?

This change adds property value validation to `ThemeSettingsObjectValidator`
for the following types: "string", "integer", "float", "boolean", "enum". Note
that this class is not being used anywhere yet and is still in
development.
2024-02-19 13:19:35 +08:00
Alan Guo Xiang Tan
bdd91b3928
PERF: Stop running bootsnap in development mode on all environments (#25737)
Why this change?

For some reason, we were setting up bootsnap manually even though the
official documentation suggests requiring `bootsnap/setup` which will
setup bootsnap using the default configuration. Because we were calling
`Bootsnap.setup` manually, we did not set the `development_mode` option
which defaults to `true`. Hence, we were running bootsnap in development
mode even in the production environment which I suppose is not ideal.

What does this change do?

Instead of calling `Bootsnap.setup` manually, we can just use `require
'bootsnap/setup' instead.`
2024-02-19 11:33:52 +08:00
Krzysztof Kotlarek
fc9648578b
DEV: Make more group-based settings client: false (#25735)
Affects the following settings:

delete_all_posts_and_topics_allowed_groups
experimental_new_new_view_groups
enable_experimental_admin_ui_groups
custom_summarization_allowed_groups
pm_tags_allowed_for_groups
chat_allowed_groups
direct_message_enabled_groups
chat_message_flag_allowed_groups

This turns off client: true for these group-based settings,
because there is no guarantee that the current user gets all
their group memberships serialized to the client. Better to check
server-side first.
2024-02-19 13:25:59 +11:00
dependabot[bot]
1905d434ff
Build(deps): Bump sass-embedded from 1.70.0 to 1.71.0 (#25731)
Bumps [sass-embedded](https://github.com/sass-contrib/sass-embedded-host-ruby) from 1.70.0 to 1.71.0.
- [Commits](https://github.com/sass-contrib/sass-embedded-host-ruby/compare/v1.70.0...v1.71.0)

---
updated-dependencies:
- dependency-name: sass-embedded
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 10:25:35 +08:00
dependabot[bot]
8b3d9869aa
Build(deps): Bump jwt from 2.7.1 to 2.8.0 (#25733)
Bumps [jwt](https://github.com/jwt/ruby-jwt) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/jwt/ruby-jwt/releases)
- [Changelog](https://github.com/jwt/ruby-jwt/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jwt/ruby-jwt/compare/v2.7.1...v2.8.0)

---
updated-dependencies:
- dependency-name: jwt
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 10:25:23 +08:00
dependabot[bot]
4462635dff
Build(deps-dev): Bump sass from 1.70.0 to 1.71.0 in /app/assets/javascripts (#25729)
* Build(deps-dev): Bump sass in /app/assets/javascripts

Bumps [sass](https://github.com/sass/dart-sass) from 1.70.0 to 1.71.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.70.0...1.71.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 09:13:04 +08:00
dependabot[bot]
700045b449
Build(deps-dev): Bump qunit from 2.20.0 to 2.20.1 in /app/assets/javascripts (#25730)
* Build(deps-dev): Bump qunit in /app/assets/javascripts

Bumps [qunit](https://github.com/qunitjs/qunit) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/qunitjs/qunit/releases)
- [Changelog](https://github.com/qunitjs/qunit/blob/main/History.md)
- [Commits](https://github.com/qunitjs/qunit/compare/2.20.0...2.20.1)

---
updated-dependencies:
- dependency-name: qunit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-19 09:12:42 +08:00
dependabot[bot]
0d97f4a69b
Build(deps-dev): Bump parallel_tests from 4.5.0 to 4.5.1 (#25732)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 4.5.0 to 4.5.1.
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: parallel_tests
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-19 09:12:25 +08:00
Martin Brennan
a57280cb17
DEV: Change min_trust_level_to_allow_profile_background to trust level setting (#25721)
New setting name is profile_background_allowed_groups

c.f. https://meta.discourse.org/t/changes-coming-to-settings-for-giving-access-to-features-from-trust-levels-to-groups/283408
2024-02-19 10:47:47 +10:00
Sam
9372404a31
FIX: full post jump not working (#25734)
Full post jump "SHIFT+K/J" not working if related topics are displayed

Amended logic so we unconditionally use full post jump on topic pages by
checking for .post-stream
2024-02-19 09:16:46 +11:00
Ella E
e4b6142d6a
UX: Tweaks on the admin sidebar (#25717) 2024-02-16 14:28:25 -07:00
Blake Erickson
ffac012bbc
FIX: Add a boarder around the video placeholder play button (#25727)
The video placeholder play button is white, so on a video placeholder
that is also white it is very hard to see where the play button is, so
this change adds a dark grey transparent background to the play button
so that it stands out. This is similar to how we have done the
play/pause button on animated gifs.
2024-02-16 13:48:57 -07:00
Penar Musaraj
e497f6bf9b
UX: Allow resetting password when confirming session (#25708)
This is particularly useful in scenarios where 2FA is enforced and users have forgotten their password.
2024-02-16 12:18:07 -05:00
David Taylor
1c58395bca
DEV: Disable service worker caching by default (#25723)
Followup to c4559ae575
2024-02-16 15:03:05 +00:00
chapoi
5b9eac00b9
UX: better card alignment (#25720) 2024-02-16 16:00:55 +01:00
Bianca Nenciu
a24d110258
FIX: Preload parent categories for sidebar (#25726)
When "lazy load categories" is enabled, only the categories present in
the sidebar are preloaded. This is insufficient because the parent
categories are necessary too for the sidebar to be rendered properly.
2024-02-16 16:39:18 +02:00
David Taylor
330cb837da
FIX: Remove strict-dynamic-specific logic from CSP extensions (#25725)
This data is cached, so we don't want to include any site-specific-logic in there. Let's just keep the old URL-collecting behaviour, and let it be stripped out by `CSP::Builder` at runtime.
2024-02-16 13:24:50 +00:00
David Taylor
1672a24490
DEV: Memoize CSP nonce placeholder on response (#25724)
That way, the same value is used even if the helper is called in the context of different controllers

Followup to c8a1b49ddd
2024-02-16 12:15:55 +00:00
David Taylor
b1f74ab59e
FEATURE: Add experimental option for strict-dynamic CSP (#25664)
The strict-dynamic CSP directive is supported in all our target browsers, and makes for a much simpler configuration. Instead of allowlisting paths, we use a per-request nonce to authorize `<script>` tags, and then those scripts are allowed to load additional scripts (or add additional inline scripts) without restriction.

This becomes especially useful when admins want to add external scripts like Google Tag Manager, or advertising scripts, which then go on to load a ton of other scripts.

All script tags introduced via themes will automatically have the nonce attribute applied, so it should be zero-effort for theme developers. Plugins *may* need some changes if they are inserting their own script tags.

This commit introduces a strict-dynamic-based CSP behind an experimental `content_security_policy_strict_dynamic` site setting.
2024-02-16 11:16:54 +00:00
Osama Sayegh
9329a5395a
FEATURE: Groundwork for schema theme settings UI (#25673)
This commit is the first of a series of commits that will allow themes to define complex settings types by declaring a schema of the setting structure that Discourse core will use to build a UI for the setting automatically. We implement the navigation logic and support for multiple levels of nesting in this commit and we'll continue building this new system gradually in future commits.

Internal topic: t/116870.
2024-02-16 09:31:49 +03:00
Martin Brennan
5935148bd8
FIX: Respect homepage prefs on admin sidebar Back to Forum link (#25642) 2024-02-16 14:31:42 +10:00
Martin Brennan
3094f32ff5
FIX: is_my_own? check for users who are anonymously doing actions (#25716)
Followup to 978d52841a

It's complicated...we have multiple "anonymous" user concepts
in core, and even two classes called the exact same thing --
AnonymousUser.

The first case is Guardian::AnonymousUser, which is used for
people who are browsing the forum without being authenticated.

The second case is the model AnonymousUser, which is used when
a user is liking or posting anonymously via allow_anonymous_likes
or allow_anonymous_posting site settings.

We will untangle this naming nightmare later on...but for the
time being, only authenticated users who are pretending to be
anonymous should be able to like posts if allow_anonymous_likes
is on.
2024-02-16 14:28:12 +10:00
Alan Guo Xiang Tan
ad900ef9dd
Revert "DEV: Debug AR connection pool queue on CI (#25687)" (#25714)
This reverts commit 796af077c5.

We have not seen checkout timeout errors since c30aeafd9d
2024-02-16 10:11:46 +08:00
Alan Guo Xiang Tan
64b4e0d08d
DEV: First pass of ThemeSettingsObjectValidator (#25624)
Why this change?

This is a first pass at adding an objects validator which main's job is
to validate an object against a defined schema which we will support. In
this pass, we are simply validating that properties that has been marked
as required are present in the object.
2024-02-16 09:35:16 +08:00
Martin Brennan
ae24e04a5e
DEV: Add a plugin modifier for user_action_stream_builder (#25691)
Reactions needs this to be able to filter out likes received
actions, where there is also an associated reaction, since
now most reactions also count as a like.
2024-02-16 10:24:39 +10:00
Alan Guo Xiang Tan
cc9480b24a
PERF: Use -ping option to ImageMagick identify command (#25713)
Why this change?

This adds the `-ping` option to the spots we missed in
cfdb461e9a.
2024-02-16 07:39:49 +08:00
Alan Guo Xiang Tan
d119ec617e
DEV: Disable BlockRequestsMiddleware before every test (#25712)
Why this change?

This is a follow up to c30aeafd9d. The
commit was calling `BlockRequestsMiddleware.allow_requests!` only before
`type: :system` tests but non system type tests could be running as well
and needs the `BlockRequestsMiddleware.allow_requests!` middleware to be
disabled too.
2024-02-16 07:01:36 +08:00
Sam
9e5e5d4078
FEATURE: shift+j and shift+k will scroll entire posts (#25684)
* FEATURE: shift+j and shift+k will scroll entire posts

When scrolling through topics with very long posts we would like to use
`shift+j` and `shift+k` to quickly move between posts.

This allows users to bypass the scroll within post behavior when zooming
through topics with keyboard shortcuts

This overloads the behavior of shift+k and j which can be used to scroll
through sections (new/latest/etc...)

* remove useless tests

These tests are testing nothing, no point carrying them around
2024-02-16 08:50:29 +11:00
dependabot[bot]
ef59fcea68
Build(deps): Bump terser from 5.27.0 to 5.27.1 in /app/assets/javascripts (#25711)
* Build(deps): Bump terser in /app/assets/javascripts

Bumps [terser](https://github.com/terser/terser) from 5.27.0 to 5.27.1.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.27.0...v5.27.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update lockfiles for ember version flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: discoursebuild <build@discourse.org>
2024-02-15 22:34:05 +01:00