Commit Graph

251 Commits

Author SHA1 Message Date
Dan Ungureanu
fdb1d3404c
FEATURE: Add site setting to show more detailed 404 errors. (#8014)
If the setting is turned on, then the user will receive information
about the subject: if it was deleted or requires some special access to
a group (only if the group is public). Otherwise, the user will receive
a generic #404 error message. For now, this change affects only the
topics and categories controller.

This commit also tries to refactor some of the code related to error
handling. To make error pages more consistent (design-wise), the actual
error page will be rendered server-side.
2019-10-08 14:15:08 +03:00
David Taylor
d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Sam Saffron
8d5f47dded PREF: optimise preloading application
We preload to ensure as much memory as possible is reused from unicorn master
to various workers using copy-on-write (sidekiq, unicorn)

This migrates the preloading code into the Discourse module for easier
reuse and adds 3 notable preloading changes

1. We attempt to localize a string on each site, ensuring we warmup
the i18n

2. We preload all our templates (compiling .erb to class)

3. We warm-up our search tokenizer which uses cppjieba which is a large
memory consumer, this will only cause a warmup on CJK sites or sites with
the special site setting enabled.
2019-10-07 00:33:37 -04:00
David Taylor
3da9b99dbf FIX: Live reload plugin stylesheets when the color scheme changes 2019-09-17 09:54:55 +01:00
David Taylor
be96c4478e
FEATURE: Login with Discord (#8053)
This migrates the functionality of discourse-plugin-discord-auth into core. 

The plugin will automatically disable itself when core is updated: fd0867844d

For setup instructions, visit https://meta.discourse.org/t/configuring-discord-login-for-discourse/127129
2019-08-30 10:54:19 +01:00
Régis Hanol
00dbc260d3 FIX: ensure avatar sizes are integers 2019-08-27 17:03:20 +02:00
Vinoth Kannan
41f22946c3 FIX: properly load desktop and mobile only plugin css assets.
5bd6b70d98
2019-08-22 08:39:10 +05:30
Vinoth Kannan
5bd6b70d98
DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
Roman Rizzi
eb26bee046
DEV: group_list site settings should store IDs instead of group names (#7860)
* DEV: group_list site settings should store IDs instead of group names

* Ship site setting to know when we should migrate group_list settings

* Migrate existing group_list site settings

* Bump migration timestamp and don't set null when migrating is not possible.
2019-07-19 15:17:58 -03:00
Vinoth Kannan
839916aa49
DEV: Debundle plugin javascript assets and don't load if disabled (#7566)
And don't load javascript assets if plugin is disabled.

* precompile auto generated plugin js assets

* SPEC: remove spec test functions

* remove plugin js from test_helper

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: using equality is slightly easier to read than inequality

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* DEV: use `select` method instead of `find_all` for readability

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-07-15 20:22:54 +05:30
David Taylor
afb5ec811d FIX: Don't use DistributedCache to store redis readonly state
This can cause unbound CPU usage in some cases, and excessive logging in other cases. This commit moves redis readonly information into the local process, but maintains the DistributedCache for postgres readonly state.
2019-06-25 11:20:34 +08:00
David Taylor
ed21128ee6 FIX: Do not change directory when decompressing S3 inventory
In sidekiq, jobs are run in multiple threads within the same process. `cd` affects the entire process, so can cause unexpected issues in other running jobs.
2019-06-13 17:13:50 +01:00
Sam
fa2a5f6f56
FEATURE: SKIP_DB_AND_REDIS env var (#7756)
Sometimes we would like to create a base image without any DB access, this
assists in creating custom base images with custom plugins that already
includes `public/assets`

Following this change set you can run:

```
SPROCKETS_CONCURRENT=1 DONT_PRECOMPILE_CSS=1 SKIP_DB_AND_REDIS=1 RAILS_ENV=production bin/rake assets:precompile
```

Then it is straight forward to create a base image without needing a DB or
Redis.
2019-06-13 12:58:27 +10:00
David Taylor
5666316285 FEATURE: Display 'last updated' on dashboard, improve release notes link (#7560) 2019-05-17 15:42:45 +10:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan
b7b9960558 DEV: Fix missing port in URLs in development mode. 2019-05-06 13:26:57 +08:00
Vinoth Kannan
92cc57b5da FIX: make 'stats' method compatible with multisite.
a8f410a9c5
2019-05-01 23:34:18 +05:30
Vinoth Kannan
a8f410a9c5
FEATURE: Create new helper method 'Discourse.stats' (#7388) 2019-04-17 12:45:04 +05:30
Robin Ward
ba6d4b2a8d FIX: Better handling for toggling must_approve_users
If you turn it on now, default all users to approved since they were
previously. Also support approving a user that doesn't have a reviewable
record (it will be created first.)

This also includes a refactor to move class method calls to
`DiscourseEvent` into an initializer. Otherwise the load order of
classes makes a difference in the test environment and some settings
might be triggered and others not, randomly.
2019-04-16 15:56:35 -04:00
David Taylor
20cda5d689 DEV: Raise exceptions when jobs fail in test mode
Previously jobs would fail silently in test mode. Now they will raise the exception and cause the relevant test to fail. This identified a few broken tests, which I will fix in a followup commit
2019-04-08 15:59:04 +01:00
David Taylor
f524f8f811
Remove Yahoo login support from core and deprecate OpenID2.0 (#7310)
- Plugin developers using OpenID2.0 should migrate to OAuth2 or OIDC. OpenID2.0 APIs will be removed in v2.4.0

- For sites requiring Yahoo login, it can be implemented using the OpenID Connect plugin: https://meta.discourse.org/t/103632

For more information, see https://meta.discourse.org/t/113249
2019-04-08 10:38:25 +01:00
Robin Ward
b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
David Taylor
0d3531c2f1 FEATURE: Allow auth providers to define specific icons
Previously we relied on the provider name matching the name of the icon. Now icon names are explicitly set. Plugin providers which do not define an icon will get the default "sign-in-alt" icon
2019-03-27 13:25:04 +00:00
David Taylor
01dd96d178
FIX: Use default frame size for Instagram login
I don't know why this was set to 1x1 pixels, but it shouldn't have been
2019-03-19 18:57:57 +00:00
Guo Xiang Tan
0e0daa2c91 DEV: Prevent race condition when keeping site in readonly mode. 2019-02-20 10:01:18 +08:00
Guo Xiang Tan
c29076152d PERF: Reduce hit to Redis server when keeping a site in reaonly mode. 2019-02-19 10:29:08 +08:00
Gerhard Schlager
220944a38a FIX: Unpause sidekiq before adding uploads to backup
tar exits with status 1 when uploads are modified or deleted by a sidekiq job, so we need to treat it like status 0.

According to the documentation it should be safe to ignore status 1 ("Some files differ"):

> If tar was given `--create', `--append' or `--update' option, this exit code means that some files were changed while being archived and so the resulting archive does not contain the exact copy of the file set.

Status 2 ("Fatal error") still results in an exception.
2019-02-12 13:50:50 +01:00
Penar Musaraj
d639cadb7a
DEV: Plugin scss errors should break precompile (#6974) 2019-02-07 09:27:42 -05:00
Vinoth Kannan
b4f713ca52
FEATURE: Use amazon s3 inventory to manage upload stats (#6867) 2019-02-01 10:10:48 +05:30
Guo Xiang Tan
b0adffdef5 FIX: Clear anon cache when clearing recently readonly. 2019-01-22 09:53:04 +08:00
Guo Xiang Tan
c732ae9ca9 FIX: Don't update User#last_seen_at when PG is in readonly. 2019-01-21 13:29:29 +08:00
Guo Xiang Tan
d7660dfe40 FIX: Enabling readonly mode should clear anon cache as well. 2018-12-18 11:56:25 +08:00
Guo Xiang Tan
c0aae16f6b FIX: Clear anon cache when disabling readonly mode.
`SiteSerializer#is_readonly` is cached for an anonymous user so we have
to clear the cache when disabling readonly mode. Otherwise, the site may
appear to be in readonly mode for an extended period of time.
2018-12-17 17:27:44 +08:00
Guo Xiang Tan
9e795b9d90 Follow up to 704a122656. 2018-12-17 16:39:46 +08:00
Guo Xiang Tan
e75ad37aaf FIX: Switch recently readonly mdoe cache to a DistributedCache.
A per process cache is hard to reason about. During PostgreSQL
failovers. The site may bounce in and out of readonly mode depending on
which server and process that a request hits.
2018-12-17 13:28:36 +08:00
Guo Xiang Tan
704a122656 Remove Ruby warning due to assignment in conditional. 2018-12-17 13:08:12 +08:00
Xiao Guan
7ec124fc89 FEATURE: Improved deprecation warnings (#6722)
* FEATURE: Discourse.deprecate can report version

* Ember counterpart for deprecation
2018-12-06 11:38:01 +00:00
Gerhard Schlager
555f467727 DEV: Add less confusing aliases for base_uri and base_url_no_prefix 2018-11-07 11:33:52 +01:00
Guo Xiang Tan
1c9b5e75e7 DEV: Support post deployment migrations for plugins. 2018-10-09 13:11:45 +08:00
Guo Xiang Tan
40fa96777d
FEATURE: Post deployment migrations. (#6406)
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.

The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.

```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```

To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
Guo Xiang Tan
be89f593f9 DEV: Include caller in error message for Discourse#execute_command. 2018-08-17 16:17:07 +08:00
Régis Hanol
de92913bf4 FIX: store the topic links using the cooked upload url 2018-08-14 12:23:32 +02:00
Sam
6cae47aa53 collect extra environment correctly 2018-08-13 16:33:28 +10:00
Sam
168ffd8384 FEATURE: group warnings about IP level rate limiting 2018-08-13 14:38:20 +10:00
Gerhard Schlager
6ddf7fcd1f Fix warnings about already initialized constants 2018-08-09 17:29:02 +02:00
Sam
ed4c0f256e FIX: check permalinks for deleted topics
- allow to specify 410 vs 404 in Discourse::NotFound exception
- remove unused `permalink_redirect_or_not_found` which
- handle JS side links to topics via Discourse-Xhr-Redirect mechanism
2018-08-09 15:05:12 +10:00
David Taylor
812add18bd REFACTOR: Serve auth provider information in the site serializer.
At the moment core providers are hard-coded in Javascript, and plugin providers get added to the JS payload at compile time. This refactor means that we only ship enabled providers to the client.
2018-08-06 09:25:48 +01:00
Neil Lalonde
4ad7ce70ce REFACTOR: extract scheduler to the mini_scheduler gem 2018-07-31 17:12:55 -04:00
David Taylor
eda1462b3b
FEATURE: List, revoke and reconnect associated accounts. Phase 1 (#6099)
Listing connections is supported for all built-in auth providers. Revoke and reconnect is currently only implemented for Facebook.
2018-07-23 16:51:57 +01:00
Guo Xiang Tan
97d8cd820e No need to expire readonly mode key immediately. 2018-06-21 17:52:42 +08:00
Sam
44091f20c6 DEV: allow for method deprecation using Discourse.deprecate
New method deprecator will ensure one log message an hour happens
for all deprecated method calls per call site

Also removes unused monkey patches to ActiveRecord::Base
2018-06-20 17:53:49 +10:00
Guo Xiang Tan
41c1e1b302 FIX: Discourse.keep_readonly_mode does not work for multisite. 2018-06-19 15:44:08 +08:00
Guo Xiang Tan
34e4c8f573 FIX: Discourse.keep_readonly_mode spins a new thread each time it is called. 2018-06-19 10:24:08 +08:00
Guo Xiang Tan
c34100d1e7 Remove unused variable. 2018-06-15 07:45:51 +08:00
Sam Saffron
6123f61f5f seconds is not needed here 2018-06-14 20:53:24 +10:00
Sam
87fabdc2f3 FIX: correct pool reaper
This removes a freedom patch and replaces with a custom reaper thread
it also captures an issue where reaper would fail when connections where
empty
2018-06-14 18:22:02 +10:00
Sam
71aa20bd30 FIX: pool drainer to use Rails 5.2 implementation
old implementation did not reap abandoned connections
2018-06-14 15:54:48 +10:00
Guo Xiang Tan
805fd17b23 ActiveRecord in Rails 5.2 discards connection pools after fork. 2018-06-12 09:30:52 +08:00
Guo Xiang Tan
bfa0f71e2b FIX: Discouse.keep_readonly_mode incorrect extends expiry. 2018-06-12 00:21:29 +08:00
Guo Xiang Tan
aa5805e8b0 Revert "Initialize the v8 context after forking."
This reverts commit 41c4e32e64.
2018-06-06 14:33:20 +08:00
Guo Xiang Tan
41c4e32e64 Initialize the v8 context after forking. 2018-06-05 11:36:38 +08:00
Guo Xiang Tan
bbc85258c9 Rename display_plugins -> visible_plugins. 2018-05-09 07:52:45 +08:00
Guo Xiang Tan
c6f45fcfdb Expose an API for plugins to be hidden on the admin plugin page. 2018-05-08 13:24:58 +08:00
Guo Xiang Tan
45fe5dc793 $redis.client -> $redis._client.
See c239abb43c
2018-04-20 13:01:17 +08:00
Guo Xiang Tan
142571bba0 Remove use of rescue nil.
* `rescue nil` is a really bad pattern to use in our code base.
  We should rescue errors that we expect the code to throw and
  not rescue everything because we're unsure of what errors the
  code would throw. This would reduce the amount of pain we face
  when debugging why something isn't working as expexted. I've
  been bitten countless of times by errors being swallowed as a
  result during debugging sessions.
2018-04-02 13:52:51 +08:00
Sam
f028ffaf29 SECURITY: correct local onebox category checks
Also removes ugly "source_topic_id" from cooked posts

Patch was authored by @zogstrip

Signed-off-by: Sam <sam.saffron@gmail.com>
2018-02-14 10:40:46 +11:00
Robin Ward
569e57f0a9 FIX: Delete the invalid auth cookie even if you hit the rate limit 2018-02-09 19:09:54 -05:00
Sam
4f946319b4 improve warning text 2018-01-19 08:32:15 +11:00
Sam
25f4d98307 improve error logging for warn_exception 2018-01-05 09:54:42 +11:00
Robin Ward
aed37770e3 FIX: Load the route format before discourse 2017-12-21 16:29:11 -05:00
Sam
6c82a50903 Improve error handling in hijacked code 2017-12-01 16:23:32 +11:00
Sam
f52111f787 FEATURE: allow plugins to easily detect if running in Rack
Usage: Discourse.running_in_rack? to tell if rack was booted
2017-11-16 08:39:29 +11:00
Sam
70bb2aa426 FEATURE: allow specifying s3 config via globals
This refactors handling of s3 so it can be specified via GlobalSetting

This means that in a multisite environment you can configure s3 uploads
without actual sites knowing credentials in s3

It is a critical setting for situations where assets are mirrored to s3.
2017-10-06 16:20:01 +11:00
Sam
a4d4db4f0c PERF: code not correctly caching git commands
Every check for Discourse version could result in shelling out.
2017-10-04 14:22:38 +11:00
Robin Ward
460ed3c8cf Revert "Allow NotFound to specify an optional Location for the resource"
This reverts commit 4ae66c9e01.
2017-09-26 12:58:24 -04:00
Robin Ward
4ae66c9e01 Allow NotFound to specify an optional Location for the resource 2017-09-26 09:10:18 -04:00
Robin Ward
d1ebc62065 The ability to display errors on flagging actions. 2017-09-25 12:28:01 -04:00
Robin Ward
717ed75fc4 Add warning when plugins changed by tmp was not removed 2017-09-08 13:38:46 -04:00
Guo Xiang Tan
4d840d10db PERF: Reduce number of Redis hits per requests. 2017-09-07 13:34:27 +08:00
Sam Saffron
7f8a90ef63 remove non english comment 2017-08-31 17:00:37 -04:00
Sam
552fbd3c8d lint 2017-08-28 12:25:34 -04:00
darix
4b5724ec02 Extend config/version.rb with more informations (#5061)
This gives installations not using git checkouts
to provide all the informations needed for the
internal version checks and version display in
the dashboard.

The build:stamp rake task was extended to also
add the new informations.
2017-08-28 12:24:56 -04:00
Guo Xiang Tan
0e656ff213 FIX: Can't reset AR schema cache due to versions table. 2017-08-17 19:27:35 +09:00
Guo Xiang Tan
86adc8d717 Fix typo. 2017-08-16 13:06:47 +09:00
Guo Xiang Tan
ed851dbfff FIX: Avoid publishing a gigantic payload.
* Certain sites have way too many categories.
2017-08-16 11:38:30 +09:00
Guo Xiang Tan
3f24ed2b3e Can't revert due to incompatibility of new site setting types.
Revert "Revert "FEATURE: Site settings defaults per locale""

This reverts commit 439fe8ba24.
2017-08-07 10:43:09 +09:00
Guo Xiang Tan
439fe8ba24 Revert "FEATURE: Site settings defaults per locale"
This reverts commit 468a8fcd20.
2017-08-07 10:31:50 +09:00
Erick Guan
468a8fcd20 FEATURE: Site settings defaults per locale
This change-set allows setting different defaults for different locales. 

It also:

- Adds extensive testing around site setting validation

- raises deprecation error if site setting has the default property based on env

- relocated site settings for dev and tests in the initializer

- deprecated client_setting in the site setting's loading process

- ensure it raises when a enum site setting being set

- default_locale is promoted to `required` category.

- fixes incorrect default setting and validation

- fixes ensure type check for site settings

- creates a benchmark for site setting

- sets reasonable defaults for Chinese
2017-08-02 12:24:19 -04:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Robin Ward
d2490cbbb8 Test failures for Inline Onebox 2017-07-20 16:01:16 -04:00
Robin Ward
3882722195 FEATURE: Inline (Mini) Oneboxing
see:
https://meta.discourse.org/t/mini-inline-onebox-support-rfc/66400?source_topic_id=66066
2017-07-20 15:38:04 -04:00
Guo Xiang Tan
e7c972ac89 FIX: Don't use backticks that take in inputs. 2017-03-17 15:33:51 +08:00
Sam
1935f624b8 FEATURE: reset active record cache in sidekiq if needed
This can happen in multisite environments after restores
2017-02-17 12:09:53 -05:00
Robin Ward
adb73180f7 FEATURE: Let plugins register themes easily 2017-01-13 11:50:52 -05:00
Régis Hanol
dfb633fde3 remove 'already initialized constant' warning 2017-01-11 11:03:36 +01:00
Guo Xiang Tan
cdd550e947 Use a different Redis key when PG failover sets site to readonly mode. 2017-01-11 16:38:49 +08:00
Guo Xiang Tan
22059d4df9 Add Rake task to clean up unused multisite Redis keys. 2016-12-05 11:46:34 +08:00
Guo Xiang Tan
e8a3043129 Spawn a single thread that checks for PostgreSQL fallback. 2016-11-17 13:52:08 +08:00
Sam
f4c754b389 FEATURE: split JavaScript application bundle, so plugins live in own file
This adds plugin.js and plugin_third_party.js files
2016-11-15 11:43:13 +11:00
Sam
c995fd65be fix oops 2016-11-02 17:00:24 +11:00