Commit Graph

26389 Commits

Author SHA1 Message Date
Robin Ward
a560f9d44b FIX: This was causing a flaky test in Ember CLI
The path should be `/topics/bulk` not `topics/bulk` (leading slash.)
2022-01-26 14:53:25 -05:00
David Taylor
2464839cbf
Revert "DEV: Run Ember CLI tests in random order" (#15717)
This reverts commit f43bba8d59.

Adding randomness has introduced a lot of flakiness in our ember-cli tests. We should fix those issues at the source. However, given the upcoming stable release, this randomness has been reverted so that the stable release includes a stable test suite. Having a stable test suite on stable will make backporting future commits much easier.
2022-01-26 15:30:03 +00:00
Dan Ungureanu
f5b94f152f
FIX: Allow staff to reset passwords by username (#15709)
When staff visits the user profile of another user, the `email` field
in the model is empty. In this case, staff cannot send the reset email
password because nothing is passed in the `login` field.

This commit changes the behavior for staff users to allow resetting
password by username instead.
2022-01-26 10:39:58 +02:00
Robin Ward
f43bba8d59 DEV: Run Ember CLI tests in random order
In browser this uses the `seed` config, in ember exam it adds `--random`
as a parameter.
2022-01-25 14:49:40 -05:00
David Taylor
c6f8729b5c
DEV: Move OAuth2UserInfo deprecation to after_save (#15704)
We initialize models as part of the warmup process in production, so this was being logged on every boot. We only want to log if a plugin is actually using the model, so after_save is a safer bet.
2022-01-25 10:29:31 +00:00
Osama Sayegh
5dd8b827e8
DEV: Update fixture to fix tests (#15699)
Follow-up to a742952c8d.
2022-01-25 00:44:14 +03:00
Osama Sayegh
a742952c8d
FIX: Client should be able to route ID-less topic URLs (#15697)
The topic ID portion of the topic URL is optional in Discourse as long as the topic slug is unique across the site. If you navigate to a topic without the ID in the URL, Discourse will redirect you to the canonical version of the URL that includes the ID.

However, we have a now regression where the client app doesn't correctly handle ID-less topic URLs displays an error message when the user clicks on such URL. The regression was introduced b537d591b3 when we switched from `DiscourseURL.routeTo` to using Ember's router to perform the redirecting to the canonical version of the URL, but the problem is that the canonical version comes from the server and it contains the hostname which the Ember router doesn't understand because it expects a relative URL.

This PR fixes the problem by constructing a relative URL that contains the topic slug and ID and passing that to the Ember route.
2022-01-24 23:19:35 +03:00
Alan Guo Xiang Tan
77137c5d29 FIX: Single line emojis has emoji metadata indexed twice.
This commit fixes a bug where we our `HTMLScrubber` was only searching
for emoji img tags which contains only the "emoji" class. However, our emoji image tags
may contain more than just the "emoji" class like "only-emoji" when an
emoji exists by itself on a single line.
2022-01-24 14:03:17 +08:00
Bianca Nenciu
48e5d1af03
FIX: Improve top links section from user summary (#15675)
* Do not extract links for hotlinked images
* Include only links that have been clicked at least once in user
summary
2022-01-24 11:33:23 +11:00
Andrei Prigorshnev
cd68279f5c
DEV: use query() instead of queryAll() in tests (#15681) 2022-01-24 11:27:58 +11:00
Penar Musaraj
1f2226270e
FIX: Restore outlet in mobile views (#15683) 2022-01-23 18:41:01 +01:00
Blake Erickson
4bf6789bd7
DEV: Do not use hard-coded everyone group id (#15679)
Follow up to: 12f041de5d

Probably best to lookup the "everyone" group_id instead of hard-coding
it to `0`. Also now its more clear what this `0` means.
2022-01-21 15:56:45 -07:00
Robin Ward
78852e9754 FIX: Tests should never cloak posts
Depending on the load order of modules, the post cloaking code might
not be disabled properly in test mode, which results in flakey failures.
2022-01-21 14:32:26 -05:00
David Taylor
6c3df84a93
DEV: In themes:update, only update themes which are out-of-date (#15676)
Running `update_from_remote` and `save!` cause a number of side-effects, including instructing all clients to reload CSS files. If there are no changes, then this is wasteful, and can even cause a 'flicker' effect on clients as they reload CSS.

This commit checks if any updates are available before triggering `update_from_remote` / `save!`. This should be much faster, and stop the 'flickering' UX from happening on every themes:update run.

It also improves the output of the command to include the from/to commit hashes, which may be useful for debugging issues. For example:

```
Checking 'Alien Night | A Dark Discourse Theme' for 'default'... already up to date
Checking 'Star Wars' for 'default'... updating from d8a170dd to 66b9756f
Checking 'Media Overlay' for 'default'... already up to date
```
2022-01-21 18:23:26 +00:00
Bianca Nenciu
3bb1cd5c4d
FIX: Select topics instead of posts (#15674)
A code error caused post objects to be added to the selected array.
2022-01-21 19:52:09 +02:00
Dan Ungureanu
984089c94a
DEV: Add test for avatar-uploader (#15633)
Follow up to 64b089072a.
2022-01-21 19:51:24 +02:00
Dan Ungureanu
d0f4f408af
DEV: Simplify emoji-uploader tests (#15672)
Removes one layer of indirection in the tests. `emoji-uploader`'s
`uploadDone` can call the test handler directly without going through
an additional action method.
2022-01-21 19:51:04 +02:00
Martin Brennan
70af45055a
DEV: Clear custom field preload proxy on preload_custom_fields (#15671)
If a model class calls preload_custom_fields twice then
we have to clear this otherwise the fields are cached inside the
already existing proxy and no new ones are added, so when we check
for custom_fields[KEY] an error is likely to occur
2022-01-21 14:29:51 +10:00
Martin Brennan
c1ae214c7b
DEV: Add more info to N1 custom field error (#15670)
This commit makes a more specific N1NotPreLoadedError from
StandardError to raise when a custom field is loaded before
being preloaded, so it is easier to test that this does
not happen from plugins. Also adds the name of the class
trying to load the custom field to the error message.
2022-01-21 13:21:13 +10:00
Alan Guo Xiang Tan
e4e37257cc FIX: Handle malformed URLs in TopicEmbed.absolutize_urls. 2022-01-21 11:18:54 +08:00
Robin Ward
d28808e866 FIX: The service observer was using this incorrectly
It was pointing at nothing due to context.
2022-01-20 16:51:36 -05:00
Régis Hanol
a582c49601
FIX: possible ReDOS in markdown newline rule (#15646)
Backport ffc49ab46b
2022-01-20 22:32:01 +01:00
Robin Ward
224f0a2655 DEV: This ensures that teardowns are executed if initializers are run
It does this by creating a new initializer that runs every time the app
is booted to track the current test. Then after each test, we see if the
app needs to be torn down.
2022-01-20 16:23:54 -05:00
Osama Sayegh
688be607c9
FIX: Allowed URLs for API scopes added by plugins (#15662) 2022-01-20 22:29:03 +03:00
Robin Ward
2dc0f36e07 DEV: A bunch of tests (like controller) weren't cleaning up
This creates a helper function with all the cleanup tasks we need to do
after tests, then makes sure to call it after tests that previously
weren't.

This fixes a lot of flakey tests.
2022-01-20 11:58:58 -05:00
Jarek Radosz
23aceedbd5
FIX: Display composer popovers over dropdowns (#15659) 2022-01-20 17:55:55 +01:00
Joffrey JAFFEUX
2426e3510d
FIX: correctly access last poster username (#15661)
Testing this is kinda complicated ATM (especially mobile template with hbr) , this is a component we should definitely aim to test very extensively when we move away from hbr templates.
2022-01-20 17:27:14 +01:00
Kris
1d02b9728d
A11Y: tag should be "role" not "aria-role" (#15653) 2022-01-20 09:58:32 -05:00
Kris
6a48106ed4
A11Y: do not use duplicate IDs (#15654) 2022-01-20 08:58:08 -05:00
Jarek Radosz
b9f650e55e
UX: Fix composer popup placement (#15660) 2022-01-20 14:21:13 +01:00
David Taylor
820564826e
FIX: Ensure that login does not fail for users with invite records (#15647)
In the unlikely, but possible, scenario where a user has no email_tokens, and has an invite record for their email address, login would fail. This commit fixes the `Invite` `user_doesnt_already_exist` validation so that it only applies to new invites, or when changing the email address.

This regressed in d8fe0f4199 (based on `git bisect`)
2022-01-20 10:54:38 +00:00
Dan Ungureanu
5b7bddf966
FIX: Prefer email when resetting password (#15650)
The UI used to request a password reset by username when the user was
logged in. This did not work when hide_email_already_taken site setting
was enabled, which disables the lookup-by-username functionality.

This commit also introduces a check to ensure that the parameter is an
email when hide_email_already_taken is enabled as the single allowed
type is email (no usernames are allowed).
2022-01-20 10:04:45 +02:00
Bianca Nenciu
4951900bbc
FEATURE: Store dismissed state of topic nav popups (#15570)
The dismissed state will be stored between sessions if popupId
attribute is present.
2022-01-19 16:20:05 +02:00
Natalie Tay
3050fe893b
DEV: Quick fix to flaky test (#15644)
We know that the real problem has got to do with cloaking (/t/10298), but while we find out precisely why, here's a quick fix.

Similar to #15627
2022-01-19 11:23:35 +08:00
Blake Erickson
12f041de5d
FIX: Tag watching for everyone tag groups (#15622)
* FIX: Tag watching for everyone tag groups

Tags in tag groups that have permissions set to everyone were not able
to be saved correctly. A user on their preferences page would mark the
tags that they wanted to save, but the watched_tags in the response
would be empty. This did not apply to admins, just regular users. Even
though the watched tags were being saved in the db, the user serializer
response was filtering them out. When a user refreshed their preferences
pages it would show zero watched tags.

This appears to be a regression introduced by:

0f598ca51e

The issue that needed to be fixed is that we don't track the "everyone"
group (which has an id of 0) in the group_users table. This is because
everyone has access to it, so why fill a row for every single user, that
would be a lot. The fix was to update the query to include tag groups
that had permissions set to the "everyone" group (group_id 0).

I also added another check to the existing spec for updating
watched tags for tags that aren't in a tag group so that it checks the
response body. I then added a new spec which updates watched tags for
tags in a tag group which has permissions set to everyone.

* Resolve failing tests

Improve SQL query syntax for including the "everyone" group with the id
of 0.

This commit also fixes a few failing tests that were introduced. It
turns out that the Fabrication of the Tag Group Permissions was faulty.
What happens when creating the tag groups without any permissions is
that it sets the permission to "everyone". If we then follow up with
fabricating a tag group permission on the tag group instead of having a
single permission it will have 2 (everyone + the group specified)! We
don't want this. To fix it I removed the fabrication of tag group
permissions and just set the permissions directly when creating the tag
group.

* Use response.parsed_body instead of JSON.parse
2022-01-18 15:02:29 -07:00
David Taylor
2d67315c32
FIX: Disable service worker proxying in chrome 97-97.0.4692 (#15638)
https://bugs.chromium.org/p/chromium/issues/detail?id=1286367
2022-01-18 19:41:25 +00:00
Mark VanLandingham
fcc80137ce
DEV: Add chat_group_mention notification type (#15616) 2022-01-18 08:26:27 -06:00
Roman Rizzi
5ee31cbf7d
FIX: Mark invites flash messages as HTML safe. (#15539)
* FIX: Mark invites flash messages as HTML safe.
This change should be safe as all user inputs included in the errors are sanitized before sending it back to the client.

Context: https://meta.discourse.org/t/html-tags-are-explicit-after-latest-update/214220

* If somebody adds a new error message that includes user input and doesn't sanitize it, using html-safe suddenly becomes unsafe again. As an extra layer of protection, we make the client sanitize the error message received from the backend.

* Escape user input instead of sanitizing
2022-01-18 09:38:31 -03:00
David Taylor
7329b766cb
FIX: Ensure floating quote button is not positioned under sidebar (#15634)
If themes/plugins introduce a sidebar on the left of the screen, the quote button would sometimes be positioned underneath. This commit ensures that the positioning logic keeps the floating buttons within the width of `.topic-area`
2022-01-18 12:05:36 +00:00
David Taylor
b725b7f1fa
FIX: Quick-quote on Safari (#15631)
Some safari-specific logic was inadvertently removed during the refactoring in b2d45c59. This commit restores it. The logic requires some state, so the getRangeBoundaryRect helper has to be moved back into the Component class. The functional change in this commit is the three lines enclosed by `if (this.capabilities.isSafari) {`.
2022-01-18 11:44:58 +00:00
Dan Ungureanu
eb4ad958c1
FIX: Ensure method exists before calling (#15632)
`_perFileData` is not always defined and uploads failed when it is not.
2022-01-18 13:44:02 +02:00
David Taylor
235de5dd90
FIX: Add /session/sso service-worker workaround for chrome 97 (#15630)
Followup to 2278c7f82d. Depending on the site's SSO implementation, this route is also used as part of a redirect sequence and needs to be able to set cookies.

Chrome bug reference: https://bugs.chromium.org/p/chromium/issues/detail?id=1286367
2022-01-18 11:27:01 +00:00
Natalie Tay
f2902d3830
FIX: Attempt to fix flaky test by using a shorter topic (#15627)
As part of /t/10298, try to remove the first flaky test in the list.

One finding is that the /t/280 topic has a very long post stream, so that may have caused some delay when rendering the topic. One way is to wait for the first expected element to load, but that doesn't scale well given how many waits we will need to add. So I chose to render a shorter topic instead.
2022-01-18 19:22:49 +08:00
David Taylor
ff5a6edb71 DEV: Update plugin JS loading in Ember CLI testem environment
Previously we were adding `/assets/discourse/tests/core_plugin_tests.js` to the test html all the time. This works in development mode, but fails silently when using testem via the `ember test` CLI, because there is no proxy running.

This commit makes a few changes to fix this, and make it more useful:

- Only renders the plugin `<script>` when in development mode, or when `LOAD_PLUGINS=1` (matching core's behavior)
- Only loads plugin translations based on the same logic
- When running via testem, and the above conditions are met, testem is configured to proxy `core_plugin_tests.js` through to a rails server. (port based on the `UNICORN_PORT` env variable)
- Adds a descriptive error if the plugin `<script>` fails to load. This can happen if the rails server hasn't been started
- Updates the logic for testem browsers. Ember CLI always launches testem in "CI" mode, and we don't really want 3 browsers opening by default. Our CI explicitly specifies the 3 browsers at runtime
2022-01-18 10:16:29 +00:00
David Taylor
b2d45c592a
UX: Apply new quote-button spacing behavior to all mobile devices (#15608)
This expands cbf99f48 to apply to all mobile devices. It removes the old mobile positioning logic entirely, refactors the new system a little for robustness and readability, and removes some JQuery.

On Andoid, we also need to avoid the start selection handle. Therefore the logic for locating selection boundaries is abstracted into a function for easier re-use.
2022-01-18 10:13:49 +00:00
Natalie Tay
2bf3f6d549
DEV: Remove duplicate key in fixture (#15625) 2022-01-18 16:42:53 +08:00
Alan Guo Xiang Tan
0aacd63436 FIX: Autocomplete incorrectly replacing text if used mid sentence.
* Adds test to document the behavior we were seeing.
2022-01-18 14:25:39 +08:00
Penar Musaraj
232f840b60
UX: Fix layout issues with long category names (#15604) 2022-01-17 16:05:27 -05:00
Rafael dos Santos Silva
3f91c8835b
FEATURE: Export topics to markdown (#15615)
* FEATURE: Export topics to markdown

The route `/raw/TOPIC_ID` will now export whole topics (paginated to 100
posts) in a markdown format.

See https://meta.discourse.org/t/-/152185/12
2022-01-17 18:05:14 -03:00
Andrei Prigorshnev
59d78dcfcc
DEV: Restore tests for inserting images as separate paragraphs (#15601) 2022-01-17 17:30:38 +04:00
Joffrey JAFFEUX
307742e3aa
FIX: correctly uses the name helper for selected content (#15610) 2022-01-17 12:18:43 +01:00
Joffrey JAFFEUX
655f28ca5e
UX: center emoji picker when limited space (#15607)
Previously the picker would attempt to avoid positioning itself hover textarea and could in limited width screen end up being out of screen.

This behavior would be even more probable on full screen mode where the textarea takes a lot of space.
2022-01-17 12:11:04 +01:00
Jarek Radosz
214bce6fad
UX: No border-radius on textarea (#15594)
We already set border-radius to 0 on all input elements, but we didn't do that for textarea, which resulted in some of those elements appearing rounded on some browsers (iOS Safari)
2022-01-17 08:58:57 +01:00
Jarek Radosz
f2be253b7c
DEV: Fix a computed override in tests (#15596)
Re-lands #11190
2022-01-17 08:58:37 +01:00
Jarek Radosz
f0abad6998
DEV: Use a real image to fix a net::err in tests (#15597) 2022-01-17 08:57:52 +01:00
Robin Ward
e1fb020a63
DEV: Improve stability of Tests (#15591)
* The current evaluation of uppy promises is causing the entire suite to fail
if there's an exception. Instead of using `done` we use the simpler
pattern of returning the promise from the test to force Qunit to wait
until it's completed.

* In some browser conditions `/last.json` will be requested depending on the
particular scroll / performance. This causes the tests not to fail if
that is the case.

* Keyboard shortcuts were not being fully cleared between runs,
  resulting in tests failures.
2022-01-17 08:57:05 +01:00
Martin Brennan
bc8cb38081
DEV: Skip failing flaky tests for now (#15605)
At Sam's request, these are causing a lot of build
problems right now.
2022-01-17 15:43:38 +10:00
Martin Brennan
35343e7f91
FIX: Improve emoji upload UI (#15603)
This commit adds a hover effect for drag and drop in
the admin emoji uploader. It also changes the "Add New
Emoji" button to open the file selector; previously it
was useless because it was disabled unless a name was
entered (which is not even a requirement for the emoji)
and also it didn't actually do anything on click even
if it wasn't disabled.

Now we have a way of adding files without having to drag
and drop them, which is nice.

Also in this PR, there was no indication before that the upload was
complete apart from the button becoming enabled again.
This commit adds the highlight class to the emoji list
and removes it once the highlight fade animation is done,
like we do for new posts.
2022-01-17 11:48:49 +10:00
David Taylor
5099c574d3
UX: Animate the movement of the quote button on selection change (#15590) 2022-01-17 12:05:05 +11:00
David Taylor
cbf99f48d8
FIX: Ensure floating quote button is distanced from iOS selection (#15588)
Tapping within ~50px of the selection end handle on iOS doesn't trigger a click event. This commit ensures that our quote buttons are always at least 50px away from the end handle. It will try 4 positions in order of preference:

1. The original position
2. 50px to the left of the handle
3. 50px to the right of the handle
4. 50px below the handle, centered on the handle
2022-01-17 12:03:43 +11:00
Martin Brennan
b06c5dde94
FIX: Emoji group not actually saving (#15602)
Follow up to 48f70dcd5f. The group
_appeared_ to be saved in the UI until a refresh when it became
clear that the group wasn't actually sent to the DB. This is because
of the way the per-file data was being set with a computed property.
This commit fixes the computed property by changing it to a regular
function and also makes sure the name resetting after the first upload
in multiple uploads works too.
2022-01-17 10:29:06 +10:00
Rafael dos Santos Silva
8cfd791e0f
FEATURE: Add missing emojis (#15582)
* FEATURE: Add missing emojis

* More missing emojis
2022-01-14 17:51:13 -03:00
Joffrey JAFFEUX
a9d69b0e88
DEV: fix tests (#15587)
These tests have been constantly failing locally for me on /qunit. Also it feels better to just rely on native component behavior.
2022-01-14 16:59:26 +01:00
Joffrey JAFFEUX
c758e2cdd1
UX: flat-btn should also respond to Enter (#15584) 2022-01-14 15:51:31 +01:00
Joffrey JAFFEUX
f56eff2303
FIX: limits pre-line impact to tweet text (#15583) 2022-01-14 10:44:21 +01:00
Martin Brennan
48f70dcd5f
FIX: Selected group cleared between emoji uploads (#15581)
When uploading multiple emoji in Admin/Customize/Emojis
with an emoji Group selected, the group was cleared between
each file uploaded, making bulk uploading of emojis a chore
if anything but the default group was needed.

This commit fixes the issue, introduces tests for emoji-uploader,
and also adds `add-files` appEvents for uppy-upload mixin, same
as the composer-upload-uppy mixin, for interop with tests and so
we don't have to rely on a file upload element's change event.
2022-01-14 13:25:51 +10:00
Penar Musaraj
87dd69937f
DEV: Add after-topic-progress plugin outlet (#15572) 2022-01-13 21:32:05 -05:00
Martin Brennan
bd5fd93e81
DEV: Fix missing test paths for Ember CLI (#15578)
Since 6272edd121 some tests were
not loading for Ember CLI, this commit adds the missing paths so
all the tests load.
2022-01-14 11:53:52 +10:00
Martin Brennan
5d0c2cba07
DEV: Fix typo for email encoded (#15577) 2022-01-14 09:33:15 +10:00
Robin Ward
6272edd121 DEV: Support for running theme test with Ember CLI (third attempt)
The second attempt fixed issues with smoke test.

This one makes sure minification only happens in production mode.
2022-01-13 16:02:07 -05:00
Joffrey JAFFEUX
e3174e70c6
FIX: attempts to compensate for first line spacing with pre-line (#15566) 2022-01-13 16:14:51 +01:00
Joffrey JAFFEUX
29bdcf2f7f
FIX: prevents tweets to lose format in onebox (#15565) 2022-01-13 15:34:40 +01:00
Joffrey JAFFEUX
25722e0b08
DEV: using Enter on a focused button should trigger action (#15564) 2022-01-13 14:24:52 +01:00
Dan Ungureanu
c7a6d9bc3a
SECURITY: Do not sign in unapproved users (#15552) 2022-01-13 10:42:48 +02:00
David Taylor
909de9b36c
FIX: Bypass service worker on the SSO path (#15558) (#15560)
This is a workaround a behavior change in Chromium v97.
The following text was sent to the blink-dev mailing list:

> This change broke a SingleSignOn login on the FOSS software Discourse. We have a flow like:
>
> 1. User visits forum.siteA.com, click login
> 2. Gets redirected to idp.siteB.com
> 3. Fills login details
> 4. Gets redirected to forum.siteA.com/session/sso_login?parameters
> 5. Gets redirected to forum.siteA.com/homepage
>
> On step 4, the response includes a `set-cookie` header, with proper `HttpOnly; SameSite=Lax; Secure `and set. But if there is an active service worker, the login will fail as that cookie will be rejected by Chromium due to SameSite rules now.
>
> t=2971 [st=258]        COOKIE_INCLUSION_STATUS
>                        --> domain = "forum.siteA.com"
>                        --> name = "_t"
>                        --> operation = "store"
>                        --> path = "/"
>                        --> status = "EXCLUDE_SAMESITE_LAX, DO_NOT_WARN"
>
> The service worker is a vanilla WorkboxJS service worker that intercepts all GETs with the "Network First" strategy.
>
> Disabling the service worker or using Firefox results in a successful login. There is no warning in either DevTools network tab nor the console that the cookie was rejected.
>
> Chrome 96: login works
> Chrome 97: login does not work
> Chrome 98: login does not work
>
> Is this expected behavior? Even if the request `GET forum.siteA.com` was initiated because of a redirect from a different domain, is it expected that Chrome will silently drop same site cookies from forum.siteA.com?

Co-authored-by: Rafael dos Santos Silva <xfalcox@gmail.com>
2022-01-13 00:08:33 +00:00
Martin Brennan
107239a442
Revert "DEV: Support for running theme test with Ember CLI (second attempt)" (#15559)
This reverts commit 2c7906999a.

The changes break some things in local development (putting JS files
into minified files, not allowing debugger, and others)
2022-01-13 10:05:35 +10:00
Rafael dos Santos Silva
2278c7f82d
FIX: Bypass service worker on the SSO path (#15558)
This is a workaround a behavior change in Chromium v97.
The following text was sent to the blink-dev mailing list:

> This change broke a SingleSignOn login on the FOSS software Discourse. We have a flow like:
>
> 1. User visits forum.siteA.com, click login
> 2. Gets redirected to idp.siteB.com
> 3. Fills login details
> 4. Gets redirected to forum.siteA.com/session/sso_login?parameters
> 5. Gets redirected to forum.siteA.com/homepage
>
> On step 4, the response includes a `set-cookie` header, with proper `HttpOnly; SameSite=Lax; Secure `and set. But if there is an active service worker, the login will fail as that cookie will be rejected by Chromium due to SameSite rules now.
>
> t=2971 [st=258]        COOKIE_INCLUSION_STATUS
>                        --> domain = "forum.siteA.com"
>                        --> name = "_t"
>                        --> operation = "store"
>                        --> path = "/"
>                        --> status = "EXCLUDE_SAMESITE_LAX, DO_NOT_WARN"
>
> The service worker is a vanilla WorkboxJS service worker that intercepts all GETs with the "Network First" strategy.
>
> Disabling the service worker or using Firefox results in a successful login. There is no warning in either DevTools network tab nor the console that the cookie was rejected.
>
> Chrome 96: login works
> Chrome 97: login does not work
> Chrome 98: login does not work
>
> Is this expected behavior? Even if the request `GET forum.siteA.com` was initiated because of a redirect from a different domain, is it expected that Chrome will silently drop same site cookies from forum.siteA.com?
2022-01-12 20:01:53 -03:00
Kris
320c4c12f4
UX: adjust invite and related form spacing (#15556) 2022-01-13 08:41:28 +11:00
Arpit Jalan
c593727497
FIX: navigate to topic/PM regardless of Shift key press (#15551)
Currently when pressing Shift key and hitting Reply button the user
stays on the post they are on and does not get navigated to newly
created topic/PM/reply. This is fine for replies but creates confusion
when composing a new topic/PM.

This commits makes it such that pressing Shift key and Reply button
(or ctrl-shift-enter / cmd-shift-enter) works only for replies and not
for new topic/PM. The user will always be navigated to new topic/PM.
2022-01-13 08:13:33 +11:00
Robin Ward
2c7906999a DEV: Support for running theme test with Ember CLI (second attempt)
This PR includes support for running theme tests in legacy ember
production envrionments.
2022-01-12 15:43:29 -05:00
Dan Ungureanu
584c6a2e8b
SECURITY: Do not sign in unapproved users (#15552) 2022-01-12 22:24:54 +02:00
David Taylor
6750c682ac DEV: Add integration test for refreshing discovery-topics views
This test would have detected the regression which was fixed in f94c01b233
2022-01-12 12:18:37 +00:00
David Taylor
78c6fc6e43 DEV: Use Ember router to determine currentURL
This means that our DiscourseURL logic will work consistently in tests, where `window.location` doesn't get updated.

To make it work properly, our `replaceState` implementation needed to be updated so that it writes the new URL to Ember's router, rather than bypassing the router and going straight to the `location` API.

A couple of tests needed updating following this fix:
- the composer-test was asserting that the new reply should be missing from the DOM... when really it **should** be in the DOM, and this fix to the test environment makes it so
- the topic-test was making a fake topic fixture based on the data from a topic with a different id. This was causing the topic route to get confused, and 'fix' the currentURL. This commit updates it to use a fixture with consistent data.

This commit also removes the feature detection of `window.history`. It's feature-detected within `discourse-location`. Plus, we don't support any browsers without it.
2022-01-12 12:18:37 +00:00
Natalie Tay
dd3ed27930
DEV: Allow utility class domFromString to take in strings with multiple top level elements (#15548)
Previously only `<div>one top element</div>` was allowed because we use `firstChild` instead of `children`.
We also want `<div>one</div><div>two</div>` to work with this method.
2022-01-12 19:49:24 +08:00
David Taylor
252bb87ab3
Revert "DEV: Support for running theme test with Ember CLI" (#15547)
This reverts commit ea84a82f77.

This is causing problems with `/theme-qunit` on legacy, non-ember-cli production sites. Reverting while we work on a fix
2022-01-11 23:38:59 +00:00
Kris
1d0e5ae4c8
DEV: add invite-page class (#15546) 2022-01-11 17:05:13 -05:00
Robin Ward
ea84a82f77 DEV: Support for running theme test with Ember CLI
This is quite complex as it means that in production we have to build
Ember CLI test files and allow them to be used by our Rails application.

There is a fair bit of glue we can remove in the future once we move to
Ember CLI completely.
2022-01-11 15:42:13 -05:00
David Taylor
8eb61de1cd
FIX: Handling of /p/### URLs within Ember (#15536) 2022-01-11 13:10:46 +00:00
David Taylor
5cfe42474a
FIX: LOAD_PLUGINS=0 in dev/prod, warn in plugin:pull_compatible_all (stable) (#15538)
The `plugin:pull_compatible_all` task is intended to take incompatible plugins and downgrade them to an earlier version. Problem is, when running the rake task in development/production environments, the plugins have already been activated. If an incompatible plugin raises an error in `plugin.rb` then the rake task will be unable to start.

This commit centralises our LOAD_PLUGINS detection, adds support for LOAD_PLUGINS=0 in dev/prod, and adds a warning to `plugin:pull_compatible_all` if it's run with plugins enabled.
2022-01-11 12:30:38 +00:00
David Taylor
b3e52f99e6
FIX: LOAD_PLUGINS=0 in dev/prod, warn in plugin:pull_compatible_all (#15537)
The `plugin:pull_compatible_all` task is intended to take incompatible plugins and downgrade them to an earlier version. Problem is, when running the rake task in development/production environments, the plugins have already been activated. If an incompatible plugin raises an error in `plugin.rb` then the rake task will be unable to start.

This commit centralises our LOAD_PLUGINS detection, adds support for LOAD_PLUGINS=0 in dev/prod, and adds a warning to `plugin:pull_compatible_all` if it's run with plugins enabled.
2022-01-11 12:30:22 +00:00
Bianca Nenciu
dd3e766efd
DEV: Do not manually require ip_addr (#15535) 2022-01-11 12:43:00 +02:00
David Taylor
b537d591b3
FIX: allow slug-less topic URLs to work within the same topic (#15508)
- Update the TOPIC_URL_REGEXP in `lib/url` so that `navigatedToPost` doesn't attempt to handle slug-less URLs. Slugs must contain at least one non-numeric character, so we can use that fact to make the regex more specific. We want slug-less URLs to be routed as a normal Ember transition, so that `topic-by-slug-or-id` can catch them and re-write the URL to include the slug.

- Update the `topic-by-slug-or-id` afterModel to ensure that the Ember router is used to handle the redirect, rather than DiscourseURL. This guarantees that it will function as a redirect (DiscourseURL.routeTo sometimes bypasses the router). This solves the history problem which was worked-around in 27211ee7bb.

- Update routes/topic to recover from aborted transitions gracefully. This means that following an aborted transition, the browser URL continues to be updated with post numbers as the user scrolls down the page.
2022-01-11 10:37:37 +00:00
Bianca Nenciu
5d35c38db2
FEATURE: Search screened IP address in blocks (#15461)
An admin could search for all screened ip addresses in a block by
using wildcards. 192.168.* returned all IPs in range 192.168.0.0/16.
This feature allows admins to search for a single IP address in all
screened IP blocks. 192.168.0.1 returns all IP blocks that match it,
for example 192.168.0.0/16.

* FEATURE: Remove roll up button for screened IPs

* FIX: Match more specific screened IP address first
2022-01-11 09:16:51 +02:00
Bianca Nenciu
5a8b8f6f1e
FEATURE: Show warning if user won't be mentioned (#15339)
The new warnings cover more cases and more accurate. Most of the
warnings will be visible only to staff members because otherwise they
would leak information about user's preferences.
2022-01-11 09:16:20 +02:00
Vinoth Kannan
6626089034
UX: change text of public_topic action code in login required sites. (#14764)
The wording "made this topic public" made confusion in login required forums.
2022-01-11 11:35:16 +05:30
Alan Guo Xiang Tan
2ee9a09c8c DEV: Fix failing test. 2022-01-11 11:45:22 +08:00
Alan Guo Xiang Tan
6fb89c153a Revert "DEV: Remove stale ignored_columns from models."
This reverts commit 9f5c8644d0.

Have to revert because the ignored columns have not been dropped.
2022-01-11 11:00:58 +08:00
Alan Guo Xiang Tan
c2afc3915b FEATURE: Customizable rules and plugins for PrettyText.markdown.
This commit extends the options which can be passed to
`PrettyText.markdown` so that which Markdown-it rules and Discourse
Markdown plugins to be used when rendering a text can be customizable.
Currently, this extension is mainly used by plugins.
2022-01-11 10:39:40 +08:00
Alan Guo Xiang Tan
9f5c8644d0 DEV: Remove stale ignored_columns from models. 2022-01-11 10:38:10 +08:00
Jarek Radosz
2dcad9772f FIX: Don't display duplicated emoji in picker 2022-01-11 10:37:02 +08:00