Commit Graph

34393 Commits

Author SHA1 Message Date
Vinoth Kannan
1c79a6cc3a SPEC: fix the discourse_plugin_registry spec.
41f22946c3
2019-08-22 11:02:18 +05:30
Vinoth Kannan
41f22946c3 FIX: properly load desktop and mobile only plugin css assets.
5bd6b70d98
2019-08-22 08:39:10 +05:30
Sam Saffron
741d5bf541 DEV: improvement to stripping quote logic
Followup one afc7830b we needed handling for nested quotes
2019-08-22 12:09:32 +10:00
Sam Saffron
afc7830be5 PERF: faster length calculation of composer body
Every time we type a letter the composer issues a reply length check.

This is due to the interconnecting components, the title one depends on the
body which means that this decision making is passed along each time, even
if the title does not need it strictly.

Anyway...

This optimisation has 3 parts:

1. If the composer string is super long (10000 chars) we will bypass, quote
stripping and space squashing.

2. Quote stripping is now done much more efficiently, we strip them all in
one go

3. Space squashing eg: `hello    world` to `hello world` is done in an
efficient loop to avoid needing to generate superflous strings that need
GC
2019-08-22 11:56:38 +10:00
Kris
2d5b928da9 UX: Layout fix for category boxes w/ long subcategory names 2019-08-21 20:03:34 -04:00
Penar Musaraj
14cdb01254 FIX: Allow topic edits when using a hidden tag
Previously, a regular user could not edit the title or category
of a topic if a hidden tag had already been applied.

This also stops hidden tag names from leaking in the error message.
2019-08-21 16:33:01 -04:00
Daniel Waterworth
6924f1ab15 FIX: Race-condition in fallback handlers (#8005)
Calling `verify_master` in multiple threads simultaneously would cause
multiple threads to be spawned.
2019-08-21 15:47:44 +02:00
Gerhard Schlager
00b75b4f4e FIX: Don't try to delete staged, unused admins and mods 2019-08-21 15:29:51 +02:00
Daniel Waterworth
d59746cdc1 SECURITY: Don't send CSRF token in query string
The token is already present in the headers thanks to the csrf-token
initializer.
2019-08-21 13:16:38 +01:00
Arpit Jalan
75f37ac16a Rename lazyYT plugin directory name to lazy-yt 2019-08-21 14:35:14 +05:30
Gerhard Schlager
cc7b24b88b FIX: Regularly reset unknown extension of uploads
Discourse will try to detect the extension the next time the upload is needed. Maybe there was just a transient error the last time.
2019-08-21 10:23:20 +02:00
Sam Saffron
719a93c312 FEATURE: treat theme_uploads as settings in JavaScript
This change allows themes and components access to theme assets.

This means that inside theme js you can now get the URL for an asset with:

```
settings.theme_uploads.name
```
2019-08-21 16:51:10 +10:00
Arpit Jalan
038bf02e33 Bump onebox version.
- strip whitespace from Twitter onebox
2019-08-21 10:19:54 +05:30
Jeff Atwood
8c9a3ccb87
Update INSTALL-cloud.md 2019-08-20 16:24:25 -07:00
Rafael dos Santos Silva
72c2818655 FIX: Limit PWA install banner to Android for now 2019-08-20 14:47:17 -03:00
Vinoth Kannan
5bd6b70d98
DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
romanrizzi
36425eb9f0 Revert "FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)"
This reverts commit 5dda5c2f7c.
2019-08-20 13:29:22 -03:00
Roman Rizzi
5dda5c2f7c
FEATURE: Publish read state on group messages. (#7989) [Undo revert] (#8024)
* Reenable: "FEATURE: Publish read state on group messages. (#7989)"

This reverts commit 67f5cc1ce8.

* FIX: Read indicator only appears when the group setting is enabled
2019-08-20 11:57:25 -03:00
romanrizzi
67f5cc1ce8 Revert "FEATURE: Publish read state on group messages. (#7989)"
This reverts commit 1630dae2db.
2019-08-20 10:24:34 -03:00
Roman Rizzi
1630dae2db
FEATURE: Publish read state on group messages. (#7989)
* Enable or disable read state based on group attribute

* When read state needs to be published, the minimum unread count is calculated in the topic query. This way, we can know if someone reads the last post

* The option can be enabled/disabled from the UI

* The read indicator will live-updated using message bus

* Show read indicator on every post

* The read indicator now shows read count and can be expanded to see user avatars

* Read count gets updated everytime someone reads a message

* Simplify topic-list read indicator logic

* Unsubscribe from message bus on willDestroyElement, removed unnecesarry values from post-menu, and added a comment to explain where does minimum_unread_count comes from
2019-08-20 09:46:57 -03:00
Joe
15e70cc4b4
UX: prevents non-lightboxed images in quotes from stretching/squeezing (#8021) 2019-08-20 18:59:02 +08:00
Rishabh
f1f1fd4690 DEV: Remove unused "Email Reject No Account" template (#8022) 2019-08-20 12:43:51 +02:00
Régis Hanol
53667a01c2 FIX: ensure extra locales are only available to staff 2019-08-20 12:38:46 +02:00
Régis Hanol
d18c9b2d4d FIX: ensure offset is always positive 2019-08-20 12:03:16 +02:00
Régis Hanol
727430aacf SECURITY: bump nokogiri
We're not using the vulnerable method but there's no harm in upgrading.
2019-08-20 10:58:18 +02:00
Sam Saffron
8db38de9d7 SECURITY: add rate limiting to anon JS error reporting
This adds a 1 minute rate limit to all JS error reporting per IP. Previously
we would only use the global rate limit.

This also introduces DISCOURSE_ENABLE_JS_ERROR_REPORTING, if it is set to
false then no JS error reporting will be allowed on the site.
2019-08-20 11:29:11 +10:00
Rafael dos Santos Silva
0a5b332b8c
FEATURE: Incorporate PWA install prompt into Discourse UI (#8013)
* FEATURE: Incorporate PWA install prompt into Discourse UI

This is mainly done so Discourse forums stop nagging people to install
on the very first visits to a website.

We will prevent the native install "mini-info" bar from ever appearing,
capture the event that pops with it, and delay it until the user meets
our criteria, which currently is trust_level 1.

If the event happens and the user meets our criteria we show a Discourse
alert banner proposing the install to the user. Dismissal of the banner
is recorded so the user ins't bothered anymore on the same device.


Co-Authored-By: Gerhard Schlager <mail@gerhard-schlager.at>
Co-Authored-By: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2019-08-19 14:09:21 -03:00
Joffrey JAFFEUX
6f70138f4a
DEV: injects router in customHref/customFilter of addNavigationBarItem (#8018) 2019-08-19 18:33:12 +02:00
Arpit Jalan
f27564a0a0 Bump onebox version.
- normalize and decode html entities for image URL
2019-08-19 19:01:23 +05:30
Joffrey JAFFEUX
08e7211d7d
DEV: attempts to fix an heisentest in date-time-input-range (#8017) 2019-08-19 12:39:30 +02:00
Dan Ungureanu
0b1146add4
UX: Hide "Create Tag" option if user cannot create tag. (#7723) 2019-08-19 11:40:56 +03:00
Joffrey JAFFEUX
1a731dcff1
FIX: prevents mobile nav to create an error when unregistering click events (#8016)
This what happening when clickin on "All groups", as it was trying to get element of a destroying component.
2019-08-19 09:33:54 +02:00
Sam Saffron
47638ffea4 Merge branch 'master' of github.com:discourse/discourse 2019-08-19 17:21:17 +10:00
Sam Saffron
accbbded15 PERF: avoid N+1 on topic view
Serializer is injecting information into cooked and reaching direct to
custom fields that were not preloaded

This amends it so basic post serializer can use the proper interface

That said we should probably follow this up so we don't reach for this
info on every post.
2019-08-19 17:20:56 +10:00
Arpit Jalan
24f94c40a6 SECURITY: don't reveal category details to users that do not have access 2019-08-19 12:38:28 +05:30
Joffrey JAFFEUX
897cdfb596 FIX: uses simpler pattern for custom href on extra nav items (#8015)
THe main advantage of this solution is that it will be called on each rerendered whereas the other is not once href has been set.

Example API:
```
      api.addNavigationBarItem({
        name: "foo",
        displayName: "Foo",
        customHref: function(category, args) {
          const router = api.container.lookup("service:router");
          const queryParams = { bar: "1" };
          return router.urlFor(router.currentRouteName, category, {
            queryParams
          });
        }
      });
```
2019-08-19 16:27:16 +10:00
Sam Saffron
10b36c6446 FIX: rack-mini-profiler not showing plugin frames
Previously the default stack suppressor in rack-mini-profiler was excluding
the plugin directory.

This made islolating issues more complicated cause you needed to defer to
pp=full-backtrace which is both slow and noisy
2019-08-19 15:47:53 +10:00
Blake Erickson
2fd654a4ae Ran prettier to fix build
Not sure why lefthook didn't pick this up before on my previous commit,
but manually running prettier found this.

Followup to: 893d30fb92
2019-08-16 13:03:01 -06:00
Blake Erickson
893d30fb92 REVERT: External auth when redeeming invites
Reverting this commit:

87a0a6664e

because I'm extracting all of this logic into a plugin instead.
2019-08-16 12:44:14 -06:00
Dan Ungureanu
ab7038bfc2
DEV: User simulator tried to modify frozen string. 2019-08-16 17:32:17 +03:00
Dan Ungureanu
df6630f868
FIX: J/K navigation resets current selection when scrolling fast.
Sometimes, when keeping J or K pressed and scrolling fast, the current
selection would go out of the viewport for a few moments and the
algorithm would try selecting the "best" element that is in viewport.

This bug is reproducible only on certain machines. For example, Linux
machines seem to be passing key events faster to the browser.
2019-08-16 17:28:25 +03:00
Joffrey JAFFEUX
936d4ce17a
FEATURE: favorites emojis will also show in composer autocomplete (#8011) 2019-08-16 11:47:03 +02:00
Sam Saffron
9a9e31f927 FIX: properly set notification levels on group invite
Previously we relied on side effects to set tracking state correctly
when inviting groups to messages

Also has a minor optimisation in that we use pluck instead of pulling in
full record
2019-08-16 18:23:51 +10:00
Sam Saffron
a590061aae FIX: when inviting groups to message respect tracking state
Previously we would unconditionally issue an "invited_to_pm" notification
to all non muting users.

New behavior

- Watching and Watching first post get notified
- Tracking get a new "summary" message
- The rest get nothing

This is consistent with topic creation and way clearer
2019-08-16 17:22:18 +10:00
Sam Saffron
096f932ef2 Lint files
Both needed some prettier tlc
2019-08-16 13:06:51 +10:00
tshenry
82e07cb0f4 UX: Consistent placement of category-title-before plugin outlet (#8010) 2019-08-16 09:04:50 +10:00
Robin Ward
b4878cde6f FEATURE: Add a webhook for user notifications
If enabled, this will fire a webhook whenever a user's notification has
been created. This could potentially be a lot of data depending on your
forum, and should be used carefully since it includes everything all users
will see in their feeds.
2019-08-15 14:47:25 -04:00
Blake Erickson
69498a58e9
FEATURE: Staff only poll results (#7984)
* FEATURE: Staff only poll results

These changes allow only staff to see the results of a poll.

Non-staff users will be shown a screen like this:

1b8bd76013.png

The "Votes are public" message has been removed from the info section,
and the button to show the votes has been replaced with a message
stating the results will only be shown to staff.

* Update PR based on feedback

* Update plugins/poll/app/models/poll.rb

make sure we return a boolean

Co-Authored-By: Régis Hanol <regis@hanol.fr>
2019-08-15 12:27:18 -06:00
Joffrey JAFFEUX
00b91de5e8 DEV: allows customHref for extra nav items (#8012)
* DEV: allowes customHref for extra nav item

* linting

* uses value not key
2019-08-15 12:26:21 -06:00
Robin Ward
b8f21ea962 FIX: Explicitly require topic_query_params 2019-08-15 13:54:52 -04:00