Commit Graph

6429 Commits

Author SHA1 Message Date
Sam
15857b900a DEV: explicitly require Rails components
`rails/all` includes too much stuff per: https://github.com/rails/rails/blob/master/railties/lib/rails/all.rb

This commit makes it explicit what pieces of Rails Discourse depends on.

Previously the LoadError was protecting us and we were excluding components,
using the Gemfile, this method ensures that even if we add `rails` meta gem
as a dependency only the parts of Rails Discourse uses will be used.
2019-02-06 17:45:48 +11:00
Gerhard Schlager
ba724d7f25 FIX: S3 endpoint broke bucket creation in non-default region 2019-02-05 18:17:02 +01:00
Maja Komel
d42139dfaa fix typo 2019-02-05 12:59:20 +01:00
Vinoth Kannan
3119e88efe Allow 'enable_s3_inventory' site setting to be shadowed. 2019-02-01 14:33:06 +05:30
Vinoth Kannan
b4f713ca52
FEATURE: Use amazon s3 inventory to manage upload stats (#6867) 2019-02-01 10:10:48 +05:30
Neil Lalonde
6bfd2b6eaf Update translations 2019-01-31 16:27:07 -05:00
Neil Lalonde
024ba28525 Update translations 2019-01-28 10:27:20 -05:00
David Taylor
77d26b9df6 FIX: Support application/gzip theme imports, and improve error message 2019-01-28 11:51:14 +00:00
Simon Cossar
47dbf54960 Update descriptions of public and staff user custom field Site Settings (#6954) 2019-01-25 14:47:36 -08:00
Joffrey JAFFEUX
85002cf02b
UX: improves copy of various reports (#6950) 2019-01-25 16:58:18 +01:00
David Taylor
d338e54f59
FEATURE: Allow setting font size per-device using a cookie (#6947) 2019-01-25 15:06:06 +00:00
David Taylor
a48731e359
FEATURE: Support additional metadata in theme about.json (#6944)
New `about.json` fields (all optional):
 - `authors`: An arbitrary string describing the theme authors
 - `theme_version`: An arbitrary string describing the theme version
 - `minimum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.
 - `maximum_discourse_version`: Theme will be auto-disabled for lower versions. Must be a valid version descriptor.

A localized description for a theme can be provided in the language files under the `theme_metadata.description` key

The admin UI has been re-arranged to display this new information, and give more prominence to the remote theme options.
2019-01-25 14:19:01 +00:00
Joffrey JAFFEUX
f461a9971f
FIX: makes staff_logins show only admins (#6948) 2019-01-25 11:28:52 +01:00
Joshua Rosenfeld
1bf3e46537
UX: Improve global notice description
Add "non-dismissible" to the site setting description for global notice per https://meta.discourse.org/t/global-notice-whats-the-use-case/107355/5
2019-01-24 10:34:31 -05:00
David Taylor
afd449089f
FEATURE: Import and export themes in a .tar.gz format (#6916) 2019-01-23 14:40:21 +00:00
Joe
d720215183 UX: admin badge page improvements 2019-01-23 11:29:51 +01:00
David Taylor
2e59a37687
FEATURE: List unused theme components (#6924) 2019-01-23 09:20:13 +00:00
Jeff Atwood
eb9377afd4 FEATURE: default block ahrefsbot crawler 2019-01-23 00:38:16 -08:00
Jeff Atwood
2dc680c94c very minor copyedit 2019-01-23 00:27:10 -08:00
Jeff Atwood
658cc4d0d0 FEATURE: default block semrushbot crawler 2019-01-23 00:25:01 -08:00
Bhanu
035c330457 Update Twitter App links
Twitter changed their Developer page link again, apps.twitter.com is now in sunset phase.
2019-01-22 09:10:22 -05:00
Neil Lalonde
65f6135213 Update translations 2019-01-21 14:04:43 -05:00
Joffrey JAFFEUX
3e1e9fce7e
FIX: better legend labels for stacked-charts (#6914) 2019-01-21 17:10:10 +01:00
Joffrey JAFFEUX
b95165b838
FEATURE: adds a new chart report to track pageviews (#6913) 2019-01-21 15:17:04 +01:00
Jeff Atwood
444bc466b0 for docs, normalize on space after code fence when specifying lang 2019-01-21 01:19:28 -08:00
Guo Xiang Tan
27c421775e Fix broken spec. 2019-01-21 16:15:39 +08:00
Jeff Atwood
9b7cbe444c copyedits 2019-01-20 23:35:45 -08:00
Vinoth Kannan
9cf4013073 Add raw post content in "flagged post removed by staff" PM 2019-01-21 12:27:23 +05:30
Guo Xiang Tan
eb9565d8fc DEV: Rescue from readonly error in lograge. 2019-01-21 14:20:19 +08:00
Gerhard Schlager
90823eaca6 Update translations 2019-01-19 23:41:52 +01:00
Maja Komel
45f66826ee PERF: delete potentially large associated tables before user_destroyer.destroy transaction 2019-01-18 16:10:03 +01:00
Claas Augner
78362448bc I18n: fix typo (#6903)
In site_settings.likes_notification_consolidation_window_mins
2019-01-18 10:01:41 -05:00
Guo Xiang Tan
ee7ab3e2ec Pause MiniScheduler when Sidekiq is paused. 2019-01-18 17:50:24 +08:00
Rishabh
a827e2afe3 UX: correct innacurate descriptions for short_title, pwa_config_title_warning
follow-up on 1a39f6fd
2019-01-18 11:29:16 +05:30
Gerhard Schlager
1d0ee6fa8d UX: Remove unused translations (#6885)
These messages aren't needed any more since bb93a345eb
2019-01-18 12:09:20 +08:00
Jeff Atwood
b2a12de8a1 remove out of date copy on category desc 2019-01-17 16:54:52 -08:00
Penar Musaraj
3501533a2b DEV: unpin Prettier version, apply to YAML files
We had Prettier pinned because of https://github.com/prettier/prettier/issues/5529. Since that bug is fixed, unpinning.

Prettier now supports YAML, so this applies Prettier to all .yml except for translations, which should not be edited directly anyway.
2019-01-17 13:05:39 -05:00
Kris
675bf94133 UX: Bump up base font size 1px, add smaller text size option 2019-01-17 10:30:34 -05:00
David Taylor
880311dd4d
FEATURE: Support for localized themes (#6848)
- Themes can supply translation files in a format like `/locales/{locale}.yml`. These files should be valid YAML, with a single top level key equal to the locale being defined. For now these can only be defined using the `discourse_theme` CLI, importing a `.tar.gz`, or from a GIT repository.

- Fallback is handled on a global level (if the locale is not defined in the theme), as well as on individual keys (if some keys are missing from the selected interface language).

- Administrators can override individual keys on a per-theme basis in the /admin/customize/themes user interface.

- Theme developers should access defined translations using the new theme prefix variables:
  JavaScript: `I18n.t(themePrefix("my_translation_key"))`
  Handlebars: `{{theme-i18n "my_translation_key"}}` or `{{i18n (theme-prefix "my_translation_key")}}`

- To design for backwards compatibility, theme developers can check for the presence of the `themePrefix` variable in JavaScript

- As part of this, the old `{{themeSetting.setting_name}}` syntax is deprecated in favour of `{{theme-setting "setting_name"}}`
2019-01-17 11:46:11 +00:00
Guo Xiang Tan
234e0f35c5 Fix the build.
6edf285c89
2019-01-17 17:28:09 +08:00
Guo Xiang Tan
6edf285c89 FIX: Avoid rescuing error in login hint initializer.
On the first migration, trying to access the users table will throw an
error in PostgreSQL's log which has been confusing since users will
report it to us when rebuild fails.
2019-01-17 17:22:15 +08:00
Rishabh
1a39f6fd5d UX: Improve short_title SiteSetting description 2019-01-17 13:15:47 +05:30
Rishabh
88546bfe00
UX: Improve logo setting texts to hint that dimensions are a requirement (#6892)
* UX: Improve logo setting texts to hint that dimensions are a requirement
follow-up on 67a7670b
Use 512 × 512 instead of 512 x 512 or 512 by 512

* UX: Normalize all SiteSetting text dimensions to use the '512 × 512' format
2019-01-17 12:49:43 +05:30
Sam
384135845b FEATURE: introduce ultra_low priority queue
This commit introduces an ultra low priority queue for post rebakes. This
way rebakes can never interfere with regular sidekiq processing for cases
where we perform a large scale rebake.

Additionally it allows Post.rebake_old to be run with rate_limiter: false
to avoid triggering the limiter when rebaking. This is handy for cases
where you want to just force the full rebake and not wait for it to trickle
2019-01-17 14:53:19 +11:00
Jeff Atwood
67a7670bab copyedits 2019-01-16 19:43:28 -08:00
Jeff Atwood
2fad75306d minor copyedit 2019-01-16 19:13:41 -08:00
Jeff Atwood
9f179d4986 UX: soften dashboard warning PM 2019-01-16 15:11:06 -08:00
Jeff Atwood
f0999f27a7 UX: soften the "problems" alert on dashboard 2019-01-16 14:58:19 -08:00
Guo Xiang Tan
c30f78793a Lower default for SiteSetting.likes_notification_consolidation_threshold. 2019-01-16 17:56:02 +08:00
Guo Xiang Tan
e7b49c42c4 FIX: Allow liked notifications consolidation to be disabled. 2019-01-16 16:17:04 +08:00
Guo Xiang Tan
ebe65577ed
FEATURE: Consolidate likes notifications. (#6879) 2019-01-16 10:40:16 +08:00
Gerhard Schlager
70cdb42173 FIX: Tooltip for unlisted topics wasn't shown in topic list
The locale key had to be renamed, because this key is also used as CSS class.
The "invisible" CSS class makes the icon invisible. "unlisted" doesn't have that effect.
2019-01-15 16:13:06 +01:00
Penar Musaraj
1c1fd2051f
FEATURE: enable CSP by default on new sites (#6873)
- adds migration to enable CSP for new sites
- removes "EXPERIMENTAL" labels from setting names
- sets CSP violation report to default off
- adds CSP-related note to GTM setting
2019-01-15 08:58:46 -05:00
Neil Lalonde
81953339f2 Update translations 2019-01-14 12:23:49 -05:00
David Taylor
1ebd3dbbd0
FEATURE: Allow the base font size to be changed on a per-user basis (#6859) 2019-01-14 13:21:46 +00:00
Arpit Jalan
aeeead351a UX: use generic label for S3-compatible storage provider 2019-01-14 15:05:15 +05:30
Arpit Jalan
93eb0a0690 UX: better help text for private invite-only instance 2019-01-12 18:40:00 +05:30
David Taylor
49593d1a00 FIX: Fix registration dialog popup for 'full screen' social logins
Regression following the ember3 upgrade. In addition to fixing, this commit consolidates our social registration logic into one place, and adds tests for the behaviour.
2019-01-12 12:08:13 +00:00
David Taylor
a8fc677677 FIX: Correct copy for flag_sockpuppets site setting 2019-01-11 17:31:41 +00:00
Vinoth Kannan
2684ecaecf minor copyedit
Topics will be in closed status until the community flags are handled
2019-01-09 14:49:28 +05:30
Zach Whitehead
2748822576 FEATURE: Remove option for Google Plus sharing (#6864)
* Remove option for Google Plus sharing

* remove google+ share translations
2019-01-09 10:17:50 +08:00
Rafael dos Santos Silva
f73fe36772 FEATURE: PWA compatibility checks in the Dashboard (#6850) 2019-01-09 08:46:11 +08:00
Arpit Jalan
e0bc82657b FIX: better accept invite flow when user is invited via a link 2019-01-07 14:22:08 +05:30
Gerhard Schlager
c0a8bb9a91 FEATURE: Include "via <site_name>" in email From header 2019-01-04 17:06:19 +01:00
David Taylor
5bf16d7d10 FEATURE: Topic timer for bumping a topic in the future 2019-01-04 13:08:04 +00:00
Sam
8b7a2d1cb7 FEATURE: add setting to bypass sending redis CLIENT commands
Some cloud providers (Google Memorystore) do not support any CLIENT commands

By setting :id to nil in the redis config hash we can avoid these commands.

This adds a special global setting GCE users can enable:
`DISCOURSE_REDIS_SKIP_CLIENT_COMMANDS = true`
2019-01-04 15:08:33 +11:00
Sam
8f35fd4595 FEATURE: remove global settings for redis sentinels
This global setting is never used, configuring Discourse with sentinel is
unsupported.
2019-01-04 15:08:33 +11:00
cfitz
19d7545318 FEATURE: Make auth_redirect param options on user_api_keys
This is a possible solution for https://meta.discourse.org/t/user-api-keys-specification/48536/19
This allows for user-api-key requests to not require a redirect url.
Instead, the encypted payload will just be displayed after creation  ( which can be copied
pasted into an env for a CLI, for example  )

Also: Show instructions when creating user-api-key w/out redirect

This adds a view to show instructions when requesting a user-api-key
without a redirect. It adds a erb template and json format.
Also adds a i18n user_api_key.instructions for server.en.yml
2019-01-04 14:46:18 +11:00
Jeff Atwood
d7a82f146a minor copyedit 2019-01-03 16:47:39 -08:00
Joshua Rosenfeld
e74dd273b9
UX: Update site setting description to match current function 2019-01-03 19:08:25 -05:00
Sam
70269c7c97 FEATURE: tighter limits on per cluster post rebakes
We have the periodical job that regularly will rebake old posts. This is
used to trickle in update to cooked markdown. The problem is that each rebake
can issue multiple background jobs (post process and pull hotlinked images)

Previously we had no per-cluster limit so cluster running 100s of sites could
flood the sidekiq queue with rebake related jobs.

New system introduces a hard limit of 300 rebakes per 15 minutes across a
cluster to ensure the sidekiq job is not dominated by this.

We also reduced `rebake_old_posts_count` to 80, which is a safer default.
2019-01-04 09:24:46 +11:00
Vinoth Kannan
385829d7be FEATURE: Display error message when category restriction is applied for tags 2019-01-04 00:29:13 +05:30
Neil Lalonde
d7656f30c3 Update translations 2019-01-02 12:32:38 -05:00
Joe
2914431729
Improves admin and wizard logo copy
History:

https://meta.discourse.org/t/logo-recommended-resolution-tips/105053/6
2019-01-02 14:12:40 +08:00
Arpit Jalan
70fdc10365
FEATURE: move posts to new/existing PM (#6802) 2018-12-31 17:17:22 +05:30
Arpit Jalan
1381dc603d UX: show generic message when reloading 'activation email resent' page 2018-12-31 13:12:37 +05:30
Sam
a19170a4c2 DEV: avoid require_dependency for some libs
This avoids require dependency on method_profiler and anon cache.

It means that if there is any change to these files the reloader will not pick it up.

Previously the reloader was picking up the anon cache twice causing it to double load on boot.

This caused warnings.

Long term my plan is to give up on require dependency and instead use:

https://github.com/Shopify/autoload_reloader
2018-12-31 10:53:30 +11:00
Joffrey JAFFEUX
f1269fa807
FEATURE: Add Top Uploads report (#6825)
Co-Authored-By: I am very Pro-Grammer. <khalilovcmded@users.noreply.github.com>
2018-12-28 20:48:54 +01:00
Joe
eaabbe5943
UX: improves help text for admin and wizard logo settings 2018-12-28 17:48:33 +08:00
Joffrey JAFFEUX
0402f0f357
UX: new site setting to define activity metrics displayed on dashboard 2018-12-26 10:29:07 +01:00
Jeff Atwood
29c455bb7f minor copyedit on embedding referer error 2018-12-21 17:27:56 -08:00
Saurabh Patel
f4d8a330c3 Merge pull request #6761 from mrfinch/saurabh/show-popup
FIX:show popup before bulk invite
2018-12-21 21:36:17 +01:00
Joffrey JAFFEUX
e655e1863f
UX: Adding reports dashboard tab, new layout, report descriptions (#6790)
Co-Authored-By: Kris  <shout@k-ris.com>
2018-12-19 14:44:43 +01:00
Neil Lalonde
6774b64aef FEATURE: add /conduct as an alias for /guidelines 2018-12-18 16:40:24 -05:00
Rishabh
c279792130 FIX: Allow sending test e-mails to any email address when disable_email is set to non-staff (#6792) 2018-12-18 16:12:05 +01:00
Vinoth Kannan
341a6bd78a
REFACTOR: Calculate CTR in SearchLog model and hide unique column (#6791) 2018-12-18 19:13:46 +05:30
Jeff Atwood
f67cc2a540 minor copyedit 2018-12-17 19:31:02 -08:00
Gerhard Schlager
01cdbd3a13 FEATURE: Prohibit S3 bucket reusage
This validation makes sure that the s3_upload_bucket and the
s3_backup_bucket have different values. The backup bucket is
allowed to be a subfolder of the upload bucket. The other way
around is forbidden because the backup system searches by
prefix and would return all files stored within the backup
bucket and its subfolders.
2018-12-17 11:35:28 +01:00
Gerhard Schlager
1a8ca68ea3 FEATURE: Improve backup stats on admin dashboard
* Dashboard doesn't timeout anymore when Amazon S3 is used for backups
* Storage stats are now a proper report with the same caching rules
* Changing the backup_location, s3_backup_bucket or creating and deleting backups removes the report from the cache
* It shows the number of backups and the backup location
* It shows the used space for the correct backup location instead of always showing used space on local storage
* It shows the date of the last backup as relative date
2018-12-17 11:35:11 +01:00
Saurabh Patel
ed1a309fe4 FIX: use new key for delete topic to make it lowercased as all other buttons label around it (#6778) 2018-12-17 10:55:19 +08:00
David Taylor
430083019d UX: Improve dashboard report title copy
Make capitalization consistent, and slightly improve clarity of two headings
2018-12-14 17:37:07 +00:00
Neil Lalonde
124ae46763 Update translations 2018-12-14 10:34:12 -05:00
Joffrey JAFFEUX
03014b0d05
FEATURE: adds security tab to dashboard (#6768)
This commit also includes the new staff_logins report
2018-12-14 13:47:59 +01:00
Maja Komel
9f89aadd33 FIX: delete all posts in batches without hijack (#6747) 2018-12-14 11:04:18 +01:00
Neil Lalonde
a1db15fead FEATURE: require admins to re-validate their email addresses if they haven't been seen for a number of days, configurable with the invalidate_inactive_admin_email_after_days site setting. Social logins are also revoked. Default is 365 days. 2018-12-12 15:32:38 -05:00
Bianca Nenciu
7cac04e1a8 * FEATURE: Adds site setting to let quotes on direct replies.
* DEV: Added test.
* FIX: Do not bump topic when removing full quotes.
2018-12-12 15:42:53 +01:00
Maja Komel
dbbadb5c35 FEATURE: add short_site_description setting to be included in title tag on homepage 2018-12-12 11:46:58 +01:00
Joffrey JAFFEUX
3a799ed922
FEATURE: Check if draft exists before starting a new one (#6755)
Co-Authored-By: Bianca Nenciu <nbianca@users.noreply.github.com>
Co-Authored-By: zogstrip <regis@hanol.fr>
2018-12-12 10:21:51 +01:00
Guo Xiang Tan
e564fe1866 FIX: Sidekiq fails to start if any of the multisite has problems. 2018-12-12 11:30:14 +08:00
Sam
a34bc92e1a DEV: update mini profiler
This provides us with instrumentation missing after rails upgrade

Latest version of rails uses exec_params internally which is no longer
routed to intercepted methods in mini profiler 1.0.0
2018-12-10 14:29:20 +11:00
Penar Musaraj
67450ba402 UX: when composer is minimized, let user open composer in regular size instead of full screen 2018-12-07 17:45:13 -05:00
Bianca Nenciu
41e184280d FEATURE: Remove full quotes of direct replies. (#6729) 2018-12-07 13:07:11 +01:00
Jay Pfaffman
cf2e86c763 FEAT: make s3_force_path_style shadowed_by_global
Without this it's impossible to enable S3 backups to Minio (and Digital Ocean Spaces?) using only ENV variables in config.

@tgxworld 

https://meta.discourse.org/t/can-we-make-s3-force-path-style-be-shadowed-by-global/103571
2018-12-07 10:59:15 +11:00
Gerhard Schlager
43cfdb1cb9 FIX: Wizard tries harder to find existing Welcome Topic
The wizard searches for:

* a topic that with the "is_welcome_topic" custom field
* a topic with the correct slug for the current default locale
* a topic with the correct slug for the English locale
* the oldest globally pinned topic

It gives up if it didn't find any of the above.
2018-12-06 10:27:22 +01:00
Bianca Nenciu
e9bbdef156 FEATURE: Add support for inline emoji translation. 2018-12-05 21:58:55 +01:00
Bianca Nenciu
b585f7f336 DEV: Apply code review. 2018-12-05 21:56:18 +01:00
Bianca Nenciu
56890efd7a FEATURE: Add 'Advanced Test' for admin panel. 2018-12-05 21:56:18 +01:00
Guo Xiang Tan
978f0db109 SECURITY: Require groups to be given when inviting to a restricted category. (#6715) 2018-12-05 16:43:07 +01:00
Jeff Atwood
1d8266a623 very minor copyedit 2018-12-05 03:18:11 -08:00
Vinoth Kannan
d33d031742
FEATURE: Filter topic and post web hook events by tags (#6726)
* FEATURE: Filter topic and post web hook events by tags

* Add a spec test with unmatched tags
2018-12-05 14:44:06 +05:30
Sam
1a71f98d28 DEV: only publish logs error count to admins 2018-12-05 17:03:37 +11:00
Jeff Atwood
ba762ea87f minor copyedit 2018-12-04 16:36:47 -08:00
Régis Hanol
3c9c95ac83 Update Rubocop to 0.60 2018-12-04 10:48:16 +01:00
Guo Xiang Tan
cfa0321aaa FIX: Increase timeout when trying to reload unicorn.
Also fail better when reloading takes too long by sending
unicorn a TERM.
2018-12-04 13:43:14 +08:00
Sam
12f5889c85 DEV: stop logging warning when overriding open scope
ActiveRecord defines automatic scopes for enums, the Poll model defines
an enum for `{open: 1}` this mean Rails wants the scope `Poll.all.open`
to work which in turn means it has to override `open` which is defined
privately.

Rails feature req exists for: https://github.com/rails/rails/issues/34599
which will allow us to define enums without scopes which would resolve this
a lot more cleaner.
2018-12-03 13:52:09 +11:00
Maja Komel
1073634271 FIX: show generic title when quoting off-topic secure category posts 2018-12-03 09:42:32 +11:00
Kris
7efc1b7bf7 Removing added text from commit a113777 2018-11-30 19:56:10 -05:00
Kris
a113777003 Extra margin isn't needed on mobile 2018-11-30 19:49:26 -05:00
Kyle Zhao
488fba3c5f
FEATURE: allow plugins and themes to extend the default CSP (#6704)
* FEATURE: allow plugins and themes to extend the default CSP

For plugins:

```
extend_content_security_policy(
  script_src: ['https://domain.com/script.js', 'https://your-cdn.com/'],
  style_src: ['https://domain.com/style.css']
)
```

For themes and components:

```
extend_content_security_policy:
  type: list
  default: "script_src:https://domain.com/|style_src:https://domain.com"
```

* clear CSP base url before each test

we have a test that stubs `Rails.env.development?` to true

* Only allow extending directives that core includes, for now
2018-11-30 09:51:45 -05:00
Neil Lalonde
d43d007929 Update translations 2018-11-29 10:51:16 -05:00
Saurabh Patel
55945ec7c8 FIX: throw error when link in reason for grant badge is an external link (#6690) 2018-11-28 18:01:41 +01:00
Penar Musaraj
654b80e472 FIX: add FA Discourse icon, update setting instructions 2018-11-28 09:53:06 -05:00
Gerhard Schlager
e7b76b319a FEATURE: Setting for short title used by Android on homescreen 2018-11-28 14:59:30 +01:00
Saurabh Patel
49c3cf9c75 UX: Topic stats were hard to translate 2018-11-28 14:25:22 +01:00
Jeff Atwood
54c599c7a3 copyedit on max consecutive replies help 2018-11-27 03:35:27 -08:00
Penar Musaraj
03deda2147
Upgrade to FontAwesome 5 (take two) (#6673)
* Add missing icons to set

* Revert FA5 revert

 This reverts commit 42572ff

* use new SVG syntax in locales

* Noscript page changes (remove login button, center "powered by" footer text)

* Cast wider net for SVG icons in settings

- include any _icon setting for SVG registry (offers better support for plugin settings)

- let themes store multiple pipe-delimited icons in a setting

- also replaces broken onebox image icon with SVG reference in cooked post processor

* interpolate icons in locales

* Fix composer whisper icon alignment

* Add support for stacked icons

* SECURITY: enforce hostname to match discourse hostname

This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname

* load SVG sprite with pre-initializers

* FIX: enable caching on SVG sprites

* PERF: use JSONP for SVG sprites so they are served from CDN

This avoids needing to deal with CORS for loading of the SVG

Note, added the svg- prefix to the filename so we can quickly tell in
dev tools what the file is

* Add missing SVG sprite JSONP script to CSP

* Upgrade to FA 5.5.0

* Add support for all FA4.7 icons

- adds complete frontend and backend for renamed FA4.7 icons

- improves performance of SvgSprite.bundle and SvgSprite.all_icons

* Fix group avatar flair preview

- adds an endpoint at /svg-sprites/search/:keyword

- adds frontend ajax call that pulls icon in avatar flair preview even when it is not in subset

* Remove FA 4.7 font files
2018-11-26 16:49:57 -05:00
Vinoth Kannan
cedd2118c4
FEATURE: If PM email bounced for staged user then alert in whisper reply (#6648) 2018-11-27 00:29:37 +05:30
David Taylor
a3ed570124
FIX: Fix routes ending in :username for usernames containing periods (#6660) 2018-11-23 17:41:41 +00:00
Guo Xiang Tan
a19780d7a6 DEV: Don't expose wizard qunit route in production. 2018-11-23 13:49:31 +08:00
Kyle Zhao
80398d0b8f
Extract inline JS on embedded comments (#6645)
* use the meta refresh tag instead

* extract inline JS in embedded comment
2018-11-22 10:02:58 -05:00
Kyle Zhao
8e32aa1483 FEATURE: show post approvals in Moderation History (#6643) 2018-11-22 10:22:23 +08:00
Saurabh Patel
d984323e23 FEATURE: Show change name of user in staff logs (#6647)
https://meta.discourse.org/t/admins-changing-users-name-not-username-should-be-logged/99511
2018-11-22 10:13:02 +08:00
Gerhard Schlager
a3f8ef89a6 FIX: Setting DISCOURSE_S3_REGION env variable had no effect 2018-11-21 23:15:28 +01:00
Guo Xiang Tan
598ac69773 Stop Sidekiq first before reloading unicorn master. 2018-11-21 09:53:00 +08:00
Guo Xiang Tan
1def6c08ec Fix copy due to 050dd57494. 2018-11-21 08:00:15 +08:00
Kyle E. Mitchell
15e793fd3b FEATURE: Terms of Service v1.0.0
Co-authored-by: Gerhard Schlager <mail@gerhard-schlager.at>
2018-11-21 00:45:16 +01:00
Jeff Atwood
050dd57494 update wizard intro copy step 2018-11-20 13:43:18 -08:00
Erick Guan
a2042c8e7d strip unused string from an deleted site setting 2018-11-20 14:28:42 +01:00
Bianca Nenciu
a0022a1771 FIX: Use count variable for pluralized string. 2018-11-20 14:17:31 +02:00
Kyle Zhao
e25b3965a7 do not overwrite hostname in development (#6623) 2018-11-20 14:34:02 +11:00
Joffrey JAFFEUX
e860c8b844
FIX: adds support for missing reports from old dashboard (#6624) 2018-11-19 12:20:05 +01:00
Sam
1824ac9d39 PERF: cache path for svg-sprite in upcoming FA5
We need to make sure NGINX caches all paths for SVG assets,
this ensures only the first request for an svg sprite ever hits the app
2018-11-19 10:34:16 +11:00
Guo Xiang Tan
44d7249a17
Stop seeding assets for site design topic. (#6609) 2018-11-16 12:57:04 +08:00
Joffrey JAFFEUX
dcc6527dff
FIX: s/save/finish for wizard exit early button (#6614) 2018-11-15 21:26:26 +01:00
Kyle Zhao
5f754b43f1
extract inline onpopstate handler on 404 page (#6613) 2018-11-15 13:35:38 -05:00
Joffrey JAFFEUX
c52e68a0c8
FIX: better handling of missing welcome topic in wizard (#6606) 2018-11-15 12:20:48 +01:00
Sam
e7001f879a SECURITY: enforce hostname to match discourse hostname
This ensures that the hostname rails uses for various helpers always matches
the Discourse hostname
2018-11-15 15:23:06 +11:00
Régis Hanol
5852fe7975 FIX: change 'max_consecutive_replies' default to 3 2018-11-14 22:58:05 +01:00
David Taylor
7987425e09 UX: Improve copy for tag upload 2018-11-14 20:03:36 +00:00
Andrew Schleifer
581016c31f Revert "strip X-Forwarded-Host in sample"
This broke brotli_assets on a site, more testing needed.

This reverts commit 118abfad0f.
2018-11-14 12:05:21 -06:00
Bianca Nenciu
b6576d9473 FEATURE: Add new setting to force user edit last post. (#6571) 2018-11-14 15:48:16 +01:00
Bianca Nenciu
fce0a0ccc8 FEATURE: Compute distance between logins to generate login alerts. (#6562) 2018-11-14 13:26:47 +01:00
Penar Musaraj
f6fb079129 Disable wizard invites step when local_logins are turned off 2018-11-14 13:05:32 +01:00
Bianca Nenciu
34e4d82f1a FEATURE: Report edit conflicts when saving draft. (#6585) 2018-11-14 12:56:25 +01:00
Guo Xiang Tan
44391ee8ab
FEATURE: Upload Site Settings. (#6573) 2018-11-14 15:03:02 +08:00
Andrew Schleifer
118abfad0f strip X-Forwarded-Host in sample 2018-11-13 12:44:32 -06:00
Robin Ward
0cb33d2b52 UX: Rename Most Disagreed Flaggers report to "User Flagging Ratio" 2018-11-12 16:23:37 -05:00
David Taylor
ba00fcc371 FIX: Translation improvements for unused tags (d89ffbe) 2018-11-12 16:36:56 +00:00
David Taylor
d89ffbeffd
FEATURE: Add button to delete unused tags (#6587)
This is particularly useful if you have uploaded a CSV file, and wish
to bulk-delete all of the tags that you uploaded.
2018-11-12 16:24:34 +00:00
Joffrey JAFFEUX
9c616e0679
FIX: handles not found reports in bulk loading (#6582) 2018-11-12 13:47:24 +01:00
Sam
e17a13ce19 FEATURE: additional "related messages" section
This splits out previous message correspondence from suggeted and instead
has a dedicated section called "related messages"
2018-11-12 13:04:42 +11:00
Sam
173408d72f DEV: correctly force Ruby version 2.5.2 and up 2018-11-09 18:36:18 +11:00
Gerhard Schlager
cbd6bd191a Add base path to relative links in translations 2018-11-08 23:31:05 +00:00
Gerhard Schlager
42f693adfa Update translations 2018-11-08 23:31:05 +00:00
Gerhard Schlager
24e5be3f0c FIX: Relative links in translations should work with subfolder 2018-11-08 23:31:05 +00:00
Gerhard Schlager
5c845c5877 Remove unused copy 2018-11-08 23:31:05 +00:00
Jay Pfaffman
53634c457c
replace "digest" with "summary"
https://meta.discourse.org/t/discourse-activity-summary-emails-guide/36627 suggests that "digest" is no longer what these are to be called.
2018-11-08 12:02:33 -08:00
Sam
42572ff138 Revert font awesome 5 changes
We are still pushing ahead on this 100% just need a bit longer to prepare
all plugins
2018-11-08 16:12:18 +11:00
Penar Musaraj
005e1ecb9b
FEATURE: Update Font Awesome to v5.4.1 and SVGs (#6557)
* First take on subsetting svg icons

* FontAwesome 5 svg subset WIP

* Include icons from plugins/badges into svg sprite subset

* add svg icon support to themes

* Add spec for SvgSprite

* Misc. SVG icon fixes

* Use FA5 svgs in local-dates plugin

* CSS adjustments, fix SVG icons in group flair

* Use SVG icons in poll plugin

* Add SVG icons to /wizard
2018-11-07 13:05:43 -05:00
Claas Augner
31ee618b50 Fix typo in server.en.yml 2018-11-06 22:47:52 +00:00
Daniel Hollas
30501b6660 Fix link to GitHub oauth registration page (#6567)
* Fix link to GitHub oauth registration page

The old link lead only to the list of authorised apps for a particular user.

* Whoops, fix href tag.

Co-Authored-By: danielhollas <danekhollas@gmail.com>
2018-11-06 15:22:16 +00:00
Joffrey JAFFEUX
75b1865d15
UX: adds new categories layouts to the wizard (#6569) 2018-11-06 15:52:13 +01:00
Bianca Nenciu
bd3e8d1a54 UX: Minor copyedit. 2018-11-05 13:58:20 +02:00
David Taylor
d963f96fa4 Update translations 2018-11-05 11:16:58 +00:00
Maja Komel
ae9eddb002 FIX: don't allow adding a value containing vertical bar char to the secret list 2018-11-05 12:14:56 +01:00
Jeff Atwood
48501b0d45 minor wizard copyedit 2018-11-03 15:36:29 -07:00
scossar
939d5ede91 Fix sso overrides avatar description 2018-11-02 11:52:49 -07:00
Robin Ward
5194313133 Revert "Add base_url to config locales (#6510)"
This reverts commit 8a443e051b.
2018-11-02 10:58:28 -04:00
Joffrey JAFFEUX
4e0f033fae
FEATURE: adds ignored flags to most_disagreed_flags report (#6554) 2018-11-02 11:08:00 +01:00
Robin Ward
ec91450aae FEATURE: Track how many user flags are agreed/disagreed/ignored
Display the percentage when reviewing flags.
2018-11-01 09:59:50 -04:00
Sam
ceafcbc898 FEATURE: show added date when looking at group members 2018-11-01 15:33:28 +11:00
Régis Hanol
0bf52d422c FEATURE: new 'simultaneous_uploads' site setting 2018-10-31 10:58:09 +01:00
Daniel Kessler
8a443e051b Add base_url to config locales (#6510) 2018-10-31 08:19:37 +00:00
Joe
d08cd0b21f
UX: updates category muting instructions 2018-10-31 13:01:22 +08:00
Bianca Nenciu
e0ccd36dbe FEATURE: Suspicious logins report. (#6544) 2018-10-30 22:51:58 +00:00
Bianca Nenciu
e1e392f15b DEV: Use DiscourseIpInfo for all IP queries. (#6482)
* DEV: Use DiscourseIpInfo for all IP queries.

* UX: Use latitude and longitude for more precision.
2018-10-30 22:08:57 +00:00
Bianca Nenciu
087b12b40c FIX: Fix 'New Login Alert' message. (#6539) 2018-10-30 19:13:25 +00:00
Gerhard Schlager
e32993f96c minor copyedit 2018-10-30 13:33:26 +01:00
Maja Komel
5485248fbe FIX: sso provider copyedit 2018-10-30 10:02:22 +01:00
Jeff Atwood
23ae2023ef minor copyedit 2018-10-30 00:25:34 -07:00
Jeff Atwood
8e12846b9c more copyedits on staff unusual login email 2018-10-27 18:30:45 -07:00
Jeff Atwood
a453643a5b copyedits on staff unusual login alert 2018-10-27 18:17:40 -07:00
Jeff Atwood
817cf8b229 remove extraneous two factor auth info popup 2018-10-27 14:10:26 -07:00
Jeff Atwood
58b53f7841 update copy for "was this you?" login dialog 2018-10-27 13:57:30 -07:00
Rafael dos Santos Silva
2450f178ca FEATURE: Allow admins to control PWA display mode per user agent 2018-10-26 13:47:22 -03:00
Joffrey JAFFEUX
b2585524a9
FEATURE: adds a most disagreed flaggers report 2018-10-26 15:59:04 +02:00
Kyle Zhao
a6eca28ec6
CSP - extract all other inline JavaScripts (#6528)
* wizard page inline js

* print topic inline js

* drop JS for preventing double submission

this is the default behavior with Rails' UJS `disable_with` helper

* omniauth complete redirect JS

* account activate inline js
2018-10-25 09:52:01 -04:00
Bianca Nenciu
6a3767cde7 FEATURE: Warn users via email about suspicious logins. (#6520)
* FEATURE: Warn users via email about suspicious logins.

* DEV: Move suspicious login check to a job.
2018-10-25 09:45:31 +00:00
Jeff Atwood
54e025225d minor copyedit 2018-10-24 16:22:29 -07:00
Sam Saffron
64aca0dc1b FIX: remove duplicate referrer policy
Rails already ships with strict-origin-when-cross-origin, no need
to also add no-referrer-when-downgrade

see: https://meta.discourse.org/t/harden-referrer-policy-header/100172
2018-10-24 08:38:39 +11:00
Kyle Zhao
e9a971a2b6
FEATURE: [Experimental] Content Security Policy (#6514)
do not register new MIME type, parse raw body instead
2018-10-22 13:22:23 -04:00
Régis Hanol
3e232412e3 UX: show error when hitting the rate limit on password reset 2018-10-22 19:00:30 +02:00
Rafael dos Santos Silva
db26fe1527 FIX: Proper naming for the GNU/Linux OS 2018-10-22 13:34:01 -03:00
Bianca Nenciu
99b43f281b FIX: Fix browser detection for Microsoft Edge. (#6516)
cool!
2018-10-22 23:15:41 +11:00
David Taylor
37b7afa522 FIX: Sanitize tags before creation 2018-10-22 10:53:42 +01:00
Arpit Jalan
ce0a51665e FIX: count emoji shortcuts in topic title
https://meta.discourse.org/t/max-emojis-in-title-set-to-0-conflicting-with-emoji-shortcuts/98368/3?u=techapj
2018-10-22 13:44:05 +05:30
Kyle Zhao
dca830cb73 Revert "FEATURE: [Experimental] Content Security Policy (#6504)"
This reverts commit fb8231077a.
2018-10-19 11:53:29 -04:00
David Taylor
0dd717e641 Revert "FIX: Sanitize tags before creation"
This reverts commit 18ae8de9e5.
2018-10-19 15:49:05 +01:00
David Taylor
18ae8de9e5 FIX: Sanitize tags before creation 2018-10-19 15:43:31 +01:00
Kyle Zhao
fb8231077a
FEATURE: [Experimental] Content Security Policy (#6504) 2018-10-19 10:39:22 -04:00
Bianca Nenciu
b69652278f FEATURE: Add Wiki Editor badge. (#6511) 2018-10-19 15:30:27 +02:00
Bianca Nenciu
f60b10d090 UX: Warn users if the post that's currently edited has changed. (#6498) 2018-10-17 15:35:32 +02:00
Jeff Atwood
0db3e27ce4 remove windows phone references, it is ☠ 2018-10-16 15:11:24 -07:00
Davide Porrovecchio
005e1f5373 Add Cache-Control header to CORS (#6490) 2018-10-16 10:46:55 +11:00
Kyle Zhao
99d1ded3b3
rename route /javascripts to /theme-javascripts (#6495) 2018-10-15 11:32:52 -04:00
Maja Komel
c104256991 FIX: SSO provider secrets - check wildcard domains last, toggle secrets visibility 2018-10-15 16:18:29 +02:00
David Taylor
7ac08f936e
FEATURE: Upload tags from CSV (#6484) 2018-10-15 09:12:54 +01:00
Maja Komel
27e732a58d FEATURE: allow multiple secrets for Discourse SSO provider
This splits off the logic between SSO keys used incoming vs outgoing, it allows to far better restrict who is allowed to log in using a site.

This allows for better auditing of the SSO provider feature
2018-10-15 16:03:53 +11:00
Kyle Zhao
6acdea37c4 DEV: extract inline js when baking theme fields (#6447)
* extract inline js when baking theme fields
* destroy javascript cache when destroying theme fields

This work is needed to support CSP work
2018-10-15 15:55:23 +11:00
Joe
2acb885c72 FEATURE: fullscreen composer mode on desktop
Adds keyboard shortcut and icon that allows expanding composer to full screen.
2018-10-15 13:59:49 +11:00
Guo Xiang Tan
84d4c81a26 FEATURE: Support backup uploads/downloads directly to/from S3.
This reverts commit 3c59106bac.
2018-10-15 09:43:31 +08:00
Neil Lalonde
af39624d19 Update translations 2018-10-12 10:40:25 -04:00
Neil Lalonde
12f132736b FIX: error looking at users in admin when tl3_promotion_min_duration is set to a very high value 2018-10-11 15:11:48 -04:00
Jeff Wong
b5b382dcd6 Feature: add boxes with subcategories option for desktop categories page (#6471)
* Feature: add boxes with subcategories option for desktop categories page

* only add subclass div when subclasses exist
2018-10-11 15:59:37 +08:00
Guo Xiang Tan
3c59106bac Revert "FEATURE: Support backup uploads/downloads directly to/from S3."
This reverts commit c29a4dddc1.

We're doing a beta bump soon so un-revert this after that is done.
2018-10-11 11:08:23 +08:00
Gerhard Schlager
c29a4dddc1 FEATURE: Support backup uploads/downloads directly to/from S3. 2018-10-11 10:38:43 +08:00
Robin Ward
a566ed42ae FEATURE: Option to disable user presence and profile
This allows users who are privacy conscious to disable the presence
features of the forum as well as their public profile.
2018-10-10 17:34:33 -04:00
Joshua Rosenfeld
fd48ba10b8
Add quotes to site setting HTML links 2018-10-10 16:53:02 -04:00
Joshua Rosenfeld
51029e3884
Revert sendgrid URL change
per 2ded524b5a
2018-10-10 09:00:39 -04:00
Joshua Rosenfeld
18e99ddfa9 Link to social login instructions in site settings 2018-10-10 08:46:48 -04:00
Joshua Rosenfeld
cd2b8d40f1 Properly link to URLs in site settings 2018-10-10 08:46:03 -04:00
Joshua Rosenfeld
d35bce96ab Use https:// when possible 2018-10-10 07:11:58 -04:00
Joshua Rosenfeld
3d8b063c83
Update test_mailer to minimize URL redirects 2018-10-10 06:16:33 -04:00
Bianca Nenciu
1d26a473e7 FEATURE: Show "Recently used devices" in user preferences (#6335)
* FEATURE: Added MaxMindDb to resolve IP information.

* FEATURE: Added browser detection based on user agent.

* FEATURE: Added recently used devices in user preferences.

* DEV: Added acceptance test for recently used devices.

* UX: Do not show 'Show more' button if there aren't more tokens.

* DEV: Fix unit tests.

* DEV: Make changes after code review.

* Add more detailed unit tests.

* Improve logging messages.

* Minor coding style fixes.

* DEV: Use DropdownSelectBoxComponent and run Prettier.

* DEV: Fix unit tests.
2018-10-09 22:21:41 +08:00
Penar Musaraj
47f19adac8 Remove old bookmark strings 2018-10-09 09:31:08 -04:00
Vinoth Kannan
ac034a6b2c copyedit on branch field help text 2018-10-09 11:56:51 +05:30
Erin Kosewic
51aba32651 FEATURE: add branch option to remote theme import
* FEATURE: add branch option to remote theme import

* FIX: Add missing variable in params

* FIX: Add missing param for import_theme method

* SPEC: Add test methods for branch support in git import

* FIX: Add missing space to scss style

* Do not assume default branch as master

* Change branch field placeholder

* FIX: add missing div start tag
2018-10-09 17:01:08 +11:00
Kyle Zhao
acba7d2a5d Extract discourse_javascript.html.erb to a scrip include
* extract omniauth auth complete inline JS

* extract Ember error logging inline JS

* transpile `authentication-complete`

This is CSP related work
2018-10-09 16:50:45 +11:00
Guo Xiang Tan
1c9b5e75e7 DEV: Support post deployment migrations for plugins. 2018-10-09 13:11:45 +08:00
Jeff Wong
e55f220b33 add category style boxes with featured topics option 2018-10-08 16:19:54 -07:00
Gerhard Schlager
97ad9e9d9b UX: Prompt for custom invite message was hard to translate 2018-10-08 18:01:21 +02:00
Guo Xiang Tan
40fa96777d
FEATURE: Post deployment migrations. (#6406)
This moves us away from the delayed drops pattern which
was problematic on two counts. First, it uses a hardcoded "delay for"
duration which may be too short for certain deployment strategies.
Second, delayed drop doesn't ensure that it only runs after
the latest application code has been deployed. If the migration runs
and the application code fails to deploy, running the migration after
"delay for" has been met will cause the application to blow up.

The new strategy allows post deployment migrations to be skipped if the
env `SKIP_POST_DEPLOYMENT_MIGRATIONS` is provided.

```
SKIP_POST_DEPLOYMENT_MIGRATIONS=1 rake db:migrate
-> deploy app servers
SKIP_POST_DEPLOYMENT_MIGRATIONS=0 rake db:migrate
```

To aid with the generation of a post deployment migration, a generator
has been added. Simply run `rails generate post_migration`.
2018-10-08 15:47:38 +08:00
Jeff Atwood
3b6a525e5b minor copyedit for bookmarks 2018-10-07 04:17:59 -07:00
Arpit Jalan
2a94bf9dfb UX: change staff actions logs user label 2018-10-06 13:54:46 +05:30
David Taylor
9bf522f227
FEATURE: Mixed case tagging (#6454)
- By default, behaviour is not changed: tags are made lowercase upon creation and edit.

- If force_lowercase_tags is disabled, then mixed case tags are allowed.

- Tags must remain case-insensitively unique. This is enforced by ActiveRecord and Postgres.

- A migration is added to provide a `UNIQUE` index on `lower(name)`. Migration includes a safety to correct any current tags that do not meet the criteria.

- A `where_name` scope is added to `models/tag.rb`, to allow easy case-insensitive lookups. This is used instead of `Tag.where(name: "blah")`.

- URLs remain lowercase. Mixed case URLs are functional, but have the lowercase equivalent as the canonical.
2018-10-05 10:23:52 +01:00
Vinoth Kannan
8430ea927e FIX: Generate webhook payloads before destroy events (#6325) 2018-10-05 16:53:59 +08:00
Guo Xiang Tan
da39a310c3 Fix missing quotes in unicorn_launcher. 2018-10-05 12:21:07 +08:00
Guo Xiang Tan
07eca289d3 Fix invalid bash syntax. 2018-10-05 12:18:20 +08:00
Guo Xiang Tan
00ae94cb4d DEV: Prevent unicorn_launcher from looping forever.
For some reason, the new master unicorn process that we
detect might be replaced with another process causing
the script to loop forever.
2018-10-05 12:12:54 +08:00
Guo Xiang Tan
3400624d70 Log pid of launcher script when logging. 2018-10-05 11:48:32 +08:00