Commit Graph

2301 Commits

Author SHA1 Message Date
Joffrey JAFFEUX
0431942f3d
DEV: select-kit 2 (#7998)
This new iteration of select-kit focuses on following best principales and disallowing mutations inside select-kit components. A best effort has been made to avoid breaking changes, however if you content was a flat array, eg: ["foo", "bar"] You will need to set valueProperty=null and nameProperty=null on the component.

Also almost every component should have an `onChange` handler now to decide what to do with the updated data. **select-kit will not mutate your data by itself anymore**
2020-02-03 14:22:14 +01:00
Roman Rizzi
2ee6a615b7
FEATURE: Send suspect users to the review queue (#8811) 2020-01-29 15:38:27 -03:00
Roman Rizzi
9eb622985a
FEATURE: Replace existing badge owners when using the bulk award feature (#8770)
* FEATURE: Replace existing badge owners when using the bulk award feature

* Use ActiveRecord to sanitize title update query, Change replace checkbox text

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-01-23 14:14:58 -03:00
Neil Lalonde
b63d146128 UX: add confirmation when adding tag synonyms
The new confirmation modal explains that adding a tag as a synonym to
another tag will change all topics to replace the synonyms with the
base tag.
2020-01-22 12:35:42 -05:00
romanrizzi
0d08eac1c7 UX: Users must confirm when leaving a private group 2020-01-17 17:58:47 -03:00
Robin Ward
e4a85e2a80 Minor tweaks to badge CSV upload 2020-01-13 12:44:22 -05:00
Roman Rizzi
d69c5eebcf
Feature: Mass award badge (#8694)
* UI: Mass grant a badge from the admin ui

* Send the uploaded CSV and badge ID to the backend

* Read the CSV and grant badge in batches

* UX: Communicate the result to the user

* Don't award if badge is disabled

* Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href.

* Dynamically discover current route
2020-01-13 11:20:26 -03:00
Gerhard Schlager
52a59b5811 FIX: English and US date/time formats 2019-12-24 12:17:25 +01:00
Hector Bustillos
87c04ebe39 FEATURE: Keyboard shortcut for opening the topic admin menu (#8568)
* Keyboard shortcut for opening the topic admin menu

* Review changes

* Attrubute and target class renaming
2019-12-19 14:18:14 -05:00
Penar Musaraj
ea05a68df7
FIX: Use updated_at date to denote expired invites (#8521) 2019-12-17 10:13:49 -05:00
Mark VanLandingham
8c4ffaea1b
FEATURE: Modal for profile featured topic & admin wrench refactor (#8545) 2019-12-16 08:41:34 -08:00
Régis Hanol
1309262569 UX: pluralize "likes/read this"
When expending the number of likes/reads, the text wasn't handling
proper pluralization that might be useful in locales that requires it.
2019-12-13 22:18:28 +01:00
Rishabh
387daaf7b8 UX: Improve copy on Move to Topic and Move to Message modals
Also clarify that messages can be searched for by url, id and not just title.
2019-12-13 14:13:13 +05:30
David Taylor
4c9ca24ccf
FEATURE: Hash API keys in the database (#8438)
API keys are now only visible when first created. After that, only the first four characters are stored in the database for identification, along with an sha256 hash of the full key. This makes key usage easier to audit, and ensures attackers would not have access to the live site in the event of a database leak.

This makes the merge lower risk, because we have some time to revert if needed. Once the change is confirmed to be working, we will add a second commit to drop the `key` column.
2019-12-12 11:45:00 +00:00
Martin Brennan
6261339da9
Improving bookmarks part 1 (#8466)
Note: All of this functionality is hidden behind a hidden, default false, site setting called `enable_bookmarks_with_reminders`. Also, any feedback on Ember code would be greatly appreciated!

This is part 1 of the bookmark improvements. The next PR will address the backend logic to send reminder notifications for bookmarked posts to users. This PR adds the following functionality:

* We are adding a new `bookmarks` table and `Bookmark` model to make the bookmarks a first-class citizen and to allow attaching reminders to them.
* Posts now have a new button in their actions menu that has the icon of an actual book
* Clicking the button opens the new bookmark modal.
* Both name and the reminder type are optional.
* If you close the modal without doing anything, the bookmark is saved with no reminder.
* If you click the Cancel button, no bookmark is saved at all.
* All of the reminder type tiles are dynamic and the times they show will be based on your user timezone set in your profile (this should already be set for you).
* If for some reason a user does not have their timezone set they will not be able to set a reminder, but they will still be able to create a bookmark.
* A bookmark can be deleted by clicking on the book icon again which will be red if the post is bookmarked.

This PR does NOT do anything to migrate or change existing bookmarks in the form of `PostActions`, the two features live side-by-side here. Also this does nothing to the topic bookmarking.
2019-12-11 14:04:02 +10:00
Krzysztof Kotlarek
5e29ae3ef5
FEATURE: Warning when component is added and not assigned (#8482)
When a component is installed and not assigned to any theme and the user is changing page, we should display a warning.

If the user decides to skip warning or come back later, a warning should not be shown anymore.

Also, when the user clicks "delete" button right after installation, warning about forgotten themes should not be shown.
2019-12-10 08:43:26 +11:00
Mark VanLandingham
14cb386f1e
FEATURE: Featured topic for user profile & card (#8461) 2019-12-09 11:15:47 -08:00
Dan Ungureanu
192ada0067
UX: Remove 'show more' from upload modals (#8470) 2019-12-09 12:57:43 +02:00
Neil Lalonde
875f0d8fd8
FEATURE: Tag synonyms
This feature adds the ability to define synonyms for tags, and the ability to merge one tag into another while keeping it as a synonym. For example, tags named "js" and "java-script" can be synonyms of "javascript". When searching and creating topics using synonyms, they will be mapped to the base tag.

Along with this change is a new UI found on each tag's page (for example, `/tags/javascript`) where more information about the tag can be shown. It will list the synonyms, which categories it's restricted to (if any), and which tag groups it belongs to (if tag group names are public on the `/tags` page by enabling the "tags listed by group" setting). Staff users will be able to manage tags in this UI, merge tags, and add/remove synonyms.
2019-12-04 13:33:51 -05:00
Krzysztof Kotlarek
bb69e8942e
FEATURE: ability to add all active components to theme (#8447)
* FEATURE: ability to add all active components to theme

* FIX: add a component to all themes takes only active ones

* FIX: move select components/themes to top

* FIX: improve defaultIsAvailable

* FIX: Add filter(Boolean) and remove btn class
2019-12-04 17:13:41 +11:00
Krzysztof Kotlarek
b120728999
FEATURE: Ability to add components to all themes (#8404)
* FEATURE: Ability to add components to all themes

This is the first and functional step from that topic https://dev.discourse.org/t/adding-a-theme-component-is-too-much-work/15398/16

The idea here is that when a new component is added, the user can easily assign it to all themes (parents).

To achieve that, I needed to change a site-setting component to accept `setDefaultValues` action and `setDefaultValuesLabel` translated label.
Also, I needed to add `allowAny` option to disable that for theme selector.

I also refactored backend to accept both parent and child ids with one method to avoid duplication (Renamed `add_child_theme!` to more general `add_relative_theme!`)

* FIX: Improvement after code review

* FIX: Improvement after code review2

* FIX: use mapBy and filterBy directly
2019-11-28 16:19:01 +11:00
Vinoth Kannan
481c8314f0 FEATURE: consolidate group membership request notifications. 2019-11-28 04:02:35 +05:30
Martin Brennan
e7c7a05097
FIX: Mark secure media upload insecure automatically if used for theme component (#8413)
When uploading a file to a theme component, and that file is existing and has already been marked as secure, we now automatically mark the file as secure: false, change the ACL, and log the action as the user (also rebake the posts for the upload)
2019-11-28 07:32:17 +10:00
Martin Brennan
afb5533581
FEATURE: Add timezone to core user_options (#8380)
* Add timezone to user_options table

* Also migrate existing timezone values from UserCustomField,
  which is where the discourse-calendar plugin is storing them

* Allow user to change their core timezone from Profile

* Auto guess & set timezone on login & invite accept & signup

* Serialize user_options.timezone for group members. this is so discourse-group-timezones can access the core user timezone, as it is being removed in discourse-calendar.

* Annotate user_option with timezone

* Validate timezone values
2019-11-25 10:49:27 +10:00
Kris
09579bffbe UX: More obvious alt auth link 2019-11-20 23:44:10 -05:00
Vinoth Kannan
3bb7ad4be1
FEATURE: remove support for 'suppress_from_latest' category setting. (#8308) 2019-11-18 12:28:35 +05:30
Martin Brennan
e7226a8c84
FEATURE: Allow scoping search to tag (#8345)
* When viewing a tag, the search widget will now show a checkbox to scope the search by tag, which will limit search results to that tag on desktop and mobile
2019-11-14 10:40:26 +10:00
Mark VanLandingham
3dd2f2f701
DEV: Remove RSS feed polling in favor of plugin (#8233) 2019-11-12 09:49:02 -06:00
Martin Brennan
56d3e29a69
FIX: Badge and user title interaction fixes (#8282)
* Fix user title logic when badge name customized
* Fix an issue where a user's title was not considered a badge granted title when the user used a badge for their title and the badge name was customized. this affected the effectiveness of revoke_ungranted_titles! which only operates on badge_granted_titles.
* When a user's title is set now it is considered a badge_granted_title if the badge name OR the badge custom name from TranslationOverride is the same as the title
* When a user's badge is revoked we now also revoke their title if the user's title matches the badge name OR the badge custom name from TranslationOverride
* Add a user history log when the title is revoked to remove confusion about why titles are revoked
* Add granted_title_badge_id to user_profile, now when we set badge_granted_title on a user profile when updating a user's title based on a badge, we also remember which badge matched the title
* When badge name (or custom text) changes update titles of users in a background job
* When the name of a badge changes, or in the case of system badges when their custom translation text changes, then we need to update the title of all corresponding users who have a badge_granted_title and matching granted_title_badge_id. In the case of system badges we need to first get the proper badge ID based on the translation key e.g. badges.regular.name
* Add migration to backfill all granted_title_badge_ids for both normal badge name titles and titles using custom badge text.
2019-11-08 15:34:24 +10:00
Gerhard Schlager
94a34af702 Update translations 2019-11-05 16:52:48 +01:00
David Taylor
52c5cf33f8
FEATURE: Overhaul of admin API key system (#8284)
- Allow revoking keys without deleting them
- Auto-revoke keys after a period of no use (default 6 months)
- Allow multiple keys per user
- Allow attaching a description to each key, for easier auditing
- Log changes to keys in the staff action log
- Move all key management to one place, and improve the UI
2019-11-05 14:10:23 +00:00
Neil Lalonde
d777844ed6 FEATURE: categories can require topics have a tag from a tag group
In a category's settings, the Tags tab has two new fields to
specify the number of tags that must be added to a topic
from a tag group. When creating a new topic, an error will be
shown to the user if the requirement isn't met.
2019-10-31 16:10:19 -04:00
Neil Lalonde
091d058ff2 UX: widen tag group name input field and add placeholder text 2019-10-31 16:10:19 -04:00
Kris
4434f419c6 Copy edit: rename profile header to profile background 2019-10-31 13:06:59 -04:00
Mark VanLandingham
4eb54f08b2
FEATURE: Site setting/UI to allow users to set their primary group (#8244)
* FEATURE: Site setting/ui to allow users to set their primary group

* prettier and remove logic from account template

* added 1 to 43 to make web_hook_user_serializer_spec pass
2019-10-28 12:46:27 -05:00
Sam Saffron
98d6cee7c7 FIX: various fixes to draft system
- destroyDraft which is called when we cancel a draft is now async,
  removing race conditions when you click "reply" to a post and are
  already editing. We used to trigger double dialogs for cancelling
  drafts which was confusing.

- Remove reply as new topic / reply as pm keys, they are no longer
  used and only caused confustion. For example we used to pop up a
  warning when you are composing a reply and flick to reply as
  new topic

- Remove createTopic key, this was a bug that proliferated. Whenever
  creating a topic via the C shortcut or clicking on new topic on full
  screen search the correct new topic draft key will be used
  consistently

- When abandoning an edit we now say "Are you sure you want to discard
  your changes" (instead of abandon your post which is confusing)
2019-10-21 17:24:06 +11:00
David Taylor
d1b86352d4
UX: Make group membership UI clearer (#8210)
The 'automatically set primary group' checkbox looked like it was associated with the email membership. In fact, it applies to all members who join the group. This commit moves it next to the 'automatic trust level' setting, and puts them both under an 'Effects' heading
2019-10-17 18:05:42 +01:00
Vinoth Kannan
b2f682f35e
FEATURE: Option to update category preferences of all users when site setting changed (#8180) 2019-10-15 18:41:27 +05:30
Penar Musaraj
3a469a79cf
FEATURE: search topics when adding a link in composer (#8178) 2019-10-11 11:37:44 -04:00
David Taylor
445a3851d6 FEATURE: Display created and last_used dates for API keys 2019-10-09 14:24:41 +01:00
David Taylor
d2bceff133
FEATURE: Use full page redirection for all external auth methods (#8092)
Using popups is becoming increasingly rare. Full page redirects are already used on mobile, and for some providers. This commit removes all logic related to popup authentication, leaving only the full page redirect method.

For more info, see https://meta.discourse.org/t/do-we-need-popups-for-login/127988
2019-10-08 12:10:43 +01:00
Mark VanLandingham
30087beb72
UX: Input for name when creating a new authenticator (#8153)
* FEATURE: Added input for name when creating a new authenticator in user preferences

* FEATURE: Added placeholders to authenticator inputs

* Ran prettier on second-factor-add-totp.js.es6
2019-10-04 13:46:48 -05:00
Roman Rizzi
10565e4623
SECURITY: Safely decompress files. (#8124)
* FEATURE: Adds an extra protection layer when decompressing files.

* Rename exporter/importer to zip importer. Update old locale

* Added a new composite class to decompress a file with multiple strategies

* Set max file size inside a site setting

* Ensure that file is deleted after compression

* Sanitize path and files before compressing/decompressing
2019-10-03 10:19:35 -03:00
Joffrey JAFFEUX
4cec575ad8
FIX: EmojiOne is now JoyPixels (#8142) 2019-10-02 16:01:22 -04:00
Martin Brennan
9f5ec7154d [FIX] Webauthn security key fixes after real-world usage (#8135)
* Fix broken security key 2FA on mobile login.hbs

* Show nicer error message when a security key already exists

* [COPY] Disable -> Delete for security key editing

* Standardize UI elements in 2FA prefs password confirmation

* Minor fixes to label location for resetPasswordProgress
2019-10-02 11:47:29 -07:00
Martin Brennan
68d35b14f4 FEATURE: Webauthn authenticator management with 2FA login (Security Keys) (#8099)
Adds 2 factor authentication method via second factor security keys over [web authn](https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API).

Allows a user to authenticate a second factor on login, login-via-email, admin-login, and change password routes. Adds registration area within existing user second factor preferences to register multiple security keys. Supports both external (yubikey) and built-in (macOS/android fingerprint readers).
2019-10-01 19:08:41 -07:00
Kris
5cfbe19eef UX: Change composer's edit reason link to an icon 2019-09-30 20:58:31 -04:00
Jeff Atwood
7ad338e3e6 copyedit on topic template modify warn 2019-09-18 16:31:53 -07:00
Joshua Rosenfeld
c463a04c3f Copy: Update too few topics/posts notice
The current copy has caused some confusion that admins can only create 5 topics or 30 posts. Update copy to make it clearer this is a recommended minimum, not a limit.
2019-09-17 14:41:52 -04:00
Arpit Jalan
671ffc4e06 FIX: do not allow posting of category topic template without any changes 2019-09-17 12:32:46 +05:30