Commit Graph

17227 Commits

Author SHA1 Message Date
Martin Brennan
a0fbccf612
Revert "A11Y: Improve create account modal for screen readers (#14204)" (#14233)
This reverts commit e0d2de73d8.
2021-09-03 09:42:56 +10:00
Martin Brennan
e0d2de73d8
A11Y: Improve create account modal for screen readers (#14204)
Improves the create account modal for screen readers by doing the following:

* Making the `modal-alert` section into an `aria-role="alert"` region and making it show and hide using height instead of display:none so screen readers pick it up. Made a change so the field-related error messages are always shown beneath the field.
* Add `aria-invalid` and `aria-describedby` attributes to each field in the modal, so the screen reader will read out the error hint on error. This necessitated an Ember component extension to allow both the `aria-*` attributes to be bound and to render on `{{input}}`.
* Moved the social login buttons to the right in the HTML structure so they are not read out first.
* Added `aria-label` attributes to the login buttons so they can have different content for screen readers.
* In some cases for modals, the title that should be used for the `aria-labelledby` attribute is within the modal content and not the discourse-modal-title title. This introduces a new titleAriaElementId property to the d-modal component that is then used by the create-account modal to read out the
2021-09-03 08:59:22 +10:00
Kris
75041dbbeb
UX: Remove :empty on topic-statuses, clean up (#14227) 2021-09-02 15:35:35 -04:00
Robin Ward
ea84c66fe0 DEV: This constructs a pluginId for modifyClass when dispatching events
It also helpfully adds the `ignoreMissing` option which was causing
logging issues on optional modifications before.
2021-09-02 14:50:31 -04:00
Joffrey JAFFEUX
8bb331e63f
DEV: prevents uppy to act on destroyed object (#14224) 2021-09-02 18:38:36 +02:00
Joffrey JAFFEUX
d2eef423c3
DEV: prevents broken tests due to focus bubbling (#14223) 2021-09-02 18:30:52 +02:00
Andrei Prigorshnev
074bce77f0
FIX: bug with navigation to the activity/topics and the activity/read pages (#14182) 2021-09-02 19:49:26 +04:00
Robin Ward
09764291b1 FIX: In test mode, initializers were modifying classes over and over
This adds a new property, `pluginId` which you can pass to `modifyClass`
which prevent the class from being modified over and over again.

This also includes a fix for polls which was leaking state between tests
which this new functionality exposed.
2021-09-02 11:22:01 -04:00
Martin Brennan
fa66d1fa82
FIX: Make bindMobileUploadButton explicit for upload mixins (#14220)
When using ComposerUpload and/or ComposerUploadUppy, we were
always calling bindMobileUploadButton. However with more composer-like
interfaces being developed, we need this to be optional, as not
everywhere will have a separate mobile upload button to bind to.

Also makes it so the composer extending the ComposerUpload mixins is
responsible for explicitly unbinding the mobile upload button if
it needs to.
2021-09-02 17:31:15 +10:00
Penar Musaraj
4f3a7c6f07
FIX: Visible "skip navigation" link on some themes (#14211) 2021-09-01 12:53:53 -04:00
Blake Erickson
0e62602fbf
FIX: Use named params correctly with dir-span (#14203) 2021-09-01 07:58:26 -06:00
Joffrey JAFFEUX
a2ca430068
DEV: prevents hooks to create leaks on widgets (#14207)
Before this, mounted widgets were not correctly unhooked and would keep a reference to a custom widget object.
2021-09-01 14:34:20 +02:00
Joffrey JAFFEUX
55739fd3c9
DEV: cards were leaking mousedown event listener (#14206) 2021-09-01 13:01:37 +02:00
Mark VanLandingham
eba317b74e
DEV: Extract textarea text manipulation to mixin (#14201) 2021-08-31 14:36:26 -05:00
Kris
2bf81592ec
UX: Comma separate public custom field lists (#14200) 2021-08-31 14:08:04 -04:00
Penar Musaraj
8f06528bb2
A11Y: Add "skip to main content" link (#14190) 2021-08-31 13:43:30 -04:00
Kris
94085d0996
UX: Select-kit update alignment fixes (#14199) 2021-08-31 17:44:11 +02:00
Joffrey JAFFEUX
499c69c827
DEV: prevents _lastKeyTimeout to leak after component lifecycle (#14194) 2021-08-31 15:22:25 +02:00
Blake Erickson
a2ccf0a9ff
DEV: Use named parameters for dir-span helper (#14195)
* DEV: Use named parameters for dir-span helper

Follow up to: e50a5c0c73

In order to improve code clarity this change introduces named parameters
for the dir-span helper. This is specifically for the new `htmlSafe`
parameter which you can use instead of just passing in a boolean if the
strings you are passing in have already been escaped.

Before: `{{dir-span category.description false}}`
After: `{{dir-span category.description htmlSafe=true}}`

* Set default value for params arg
2021-08-31 13:51:08 +08:00
Osama Sayegh
45a166b6ef
FIX: Jump to reply button in post stream was not working (#14123) 2021-08-31 15:18:45 +10:00
Penar Musaraj
ba91041b35
UX: Better login/signup styling for small desktop windows (#14185)
This aims to fix UI issues when authenticating sites on DiscourseHub in
iPadOS, which uses a special dialog-like window that is about 650px wide.
2021-08-30 15:22:05 -04:00
Blake Erickson
e50a5c0c73
DEV: Add default on encoding to dir-span (#14183) 2021-08-30 11:25:12 -06:00
Mark VanLandingham
db0429da1f
DEV: make composer-upload-uppy more flexible 2021-08-27 11:56:46 -05:00
David Taylor
31db83527b DEV: Introduce PresenceChannel API for core and plugin use
PresenceChannel aims to be a generic system for allow the server, and end-users, to track the number and identity of users performing a specific task on the site. For example, it might be used to track who is currently 'replying' to a specific topic, editing a specific wiki post, etc.

A few key pieces of information about the system:
- PresenceChannels are identified by a name of the format `/prefix/blah`, where `prefix` has been configured by some core/plugin implementation, and `blah` can be any string the implementation wants to use.
- Presence is a boolean thing - each user is either present, or not present. If a user has multiple clients 'present' in a channel, they will be deduplicated so that the user is only counted once
- Developers can configure the existence and configuration of channels 'just in time' using a callback. The result of this is cached for 2 minutes.
- Configuration of a channel can specify permissions in a similar way to MessageBus (public boolean, a list of allowed_user_ids, and a list of allowed_group_ids). A channel can also be placed in 'count_only' mode, where the identity of present users is not revealed to end-users.
- The backend implementation uses redis lua scripts, and is designed to scale well. In the future, hard limits may be introduced on the maximum number of users that can be present in a channel.
- Clients can enter/leave at will. If a client has not marked itself 'present' in the last 60 seconds, they will automatically 'leave' the channel. The JS implementation takes care of this regular check-in.
- On the client-side, PresenceChannel instances can be fetched from the `presence` ember service. Each PresenceChannel can be used entered/left/subscribed/unsubscribed, and the service will automatically deduplicate information before interacting with the server.
- When a client joins a PresenceChannel, the JS implementation will automatically make a GET request for the current channel state. To avoid this, the channel state can be serialized into one of your existing endpoints, and then passed to the `subscribe` method on the channel.
- The PresenceChannel JS object is an ember object. The `users` and `count` property can be used directly in ember templates, and in computed properties.
- It is important to make sure that you `unsubscribe()` and `leave()` any PresenceChannel objects after use

An example implementation may look something like this. On the server:

```ruby
register_presence_channel_prefix("site") do |channel|
  next nil unless channel == "/site/online"
  PresenceChannel::Config.new(public: true)
end
```

And on the client, a component could be implemented like this:

```javascript
import Component from "@ember/component";
import { inject as service } from "@ember/service";

export default Component.extend({
  presence: service(),
  init() {
    this._super(...arguments);
    this.set("presenceChannel", this.presence.getChannel("/site/online"));
  },
  didInsertElement() {
    this.presenceChannel.enter();
    this.presenceChannel.subscribe();
  },
  willDestroyElement() {
    this.presenceChannel.leave();
    this.presenceChannel.unsubscribe();
  },
});
```

With this template:

```handlebars
Online: {{presenceChannel.count}}
<ul>
  {{#each presenceChannel.users as |user|}} 
    <li>{{avatar user imageSize="tiny"}} {{user.username}}</li>
  {{/each}}
</ul>
```
2021-08-27 16:26:06 +01:00
Joffrey JAFFEUX
480e512e37
DEV: reapply height hack for iOS (#14176) 2021-08-27 12:02:05 +02:00
Martin Brennan
90232af778
DEV: Bump Uppy to v2.X and rebuild bundle (#14173)
Uppy V2 includes the S3 multipart batch presigning change
we contributed in d613b849a6
so we need to upgrade it. This also brings both package.json
files into line and accounts for the renaming of Plugin
to BasePlugin in Uppy.

This has been tested and is working locally for both
regular Ember and Ember CLI, for uploads.json
XHR uploads and for direct S3 uploads (single and multipart).
2021-08-27 11:02:57 +10:00
Martin Brennan
cfeb6347c3
DEV: Make composer-uppy-upload mixin more extensible (#14138)
This mixin needs to be shared between the composer and composer-like
user interfaces. This commit makes it so the events and the underlying
data model is configurable by the component extending the ComposerUploadUppy
mixin.

Also removes two MessageBus unsubscribe calls which were unnecessary.
2021-08-27 10:04:27 +10:00
Joffrey JAFFEUX
14e92bb0ea
FIX: correctly apply unusual padding to profile dropdowns (#14172) 2021-08-27 10:03:59 +10:00
Martin Brennan
99ec8eb6df
FIX: Capture S3 metadata when calling create_multipart (#14161)
The generate_presigned_put endpoint for direct external uploads
(such as the one for the uppy-image-uploader) records allowed
S3 metadata values on the uploaded object. We use this to store
the sha1-checksum generated by the UppyChecksum plugin, for later
comparison in ExternalUploadManager.

However, we were not doing this for the create_multipart endpoint,
so the checksum was never captured and compared correctly.

Also includes a fix to make sure UppyChecksum is the last preprocessor to run.
It is important that the UppyChecksum preprocessor is the last one to
be added; the preprocessors are run in order and since other preprocessors
may modify the file (e.g. the UppyMediaOptimization one), we need to
checksum once we are sure the file data has "settled".
2021-08-27 09:50:23 +10:00
David Taylor
189b4c4992
DEV: Promote all javascripts/discourse devDependencies to dependencies (#14167) 2021-08-26 22:19:44 +01:00
Andrei Prigorshnev
9415fecfd0
UX: improve blank page syndrome on the user messages page (#14165)
The user-topic-list template is also in use in other places when we want to improve blank page syndrome, so this PR is a preparation for that changes as well.
2021-08-26 21:38:34 +04:00
Joffrey JAFFEUX
f66217c0b3
DEV: updates popperjs 2.0.6 -> 2.9.3 (#14163) 2021-08-26 16:37:04 +02:00
Joffrey JAFFEUX
a4684c151b
REFACTOR: badge-title component (#14162)
- uses tagName=""
- removes user property which is not being used
- extract utility functions
- better wording for boolean properties
- initializes all properties
- uses @action
- uses optional chaining
- other minor changes
2021-08-26 15:19:09 +02:00
Martin Brennan
2eddf210d3 DEV: Revert uppy upgrade
This rolls uppy back to the previous bundle that was used,
which will break multipart functionality (which is not yet
enabled anywhere).

No other upload functionality should be affected by this change,
it will be as if d295a16dab had
not been merged.
2021-08-26 09:18:16 -04:00
Blake Erickson
75b0d6df93
SECURITY: escape cat name (#14154) 2021-08-25 17:11:58 -06:00
Robin Ward
167fcb5eef Revert "DEV: fixes broken tests on ember-cli due to uppy"
This reverts commit d4a418e295.
2021-08-25 17:17:53 -04:00
Penar Musaraj
85b8fea262
UX: Add Styling step to wizard (#14132)
Refactors three wizard steps (colors, fonts, homepage style) into one new step called Styling.
2021-08-25 17:10:12 -04:00
Robin Ward
cfbf69848a Revert "FIX: The LogsNotice service was never unsubscribing from the mbus"
This reverts commit 14b76dece6.
2021-08-25 17:04:59 -04:00
Robin Ward
14b76dece6 FIX: The LogsNotice service was never unsubscribing from the mbus
Whenever we `subscribe` to something there should be an equivalent
`unsubscribe` and this implements it for `LogsNotice`.

In the future we should make this closer to what Ember expects a Service
to be, but at least it's properly cleaning up after itself now.
2021-08-25 16:31:48 -04:00
jjaffeux
d4a418e295 DEV: fixes broken tests on ember-cli due to uppy
The import was not found and causing the following error:

```
Uncaught TypeError: Class extends value undefined is not a constructor or null
```
2021-08-25 16:01:14 -04:00
Andrei Prigorshnev
506a5dc607
FEATURE: improve "blank page syndrome" on the user notifications page (#14103) 2021-08-25 20:57:27 +04:00
Bianca Nenciu
5ae700e731
FIX: Make user-card-metadata plugin outlet tagless (#14131) 2021-08-25 13:03:53 +03:00
Martin Brennan
58e9fffe4c
DEV: Do not abort direct S3 uploads if upload_debug_mode enabled (#14141)
See the previous commit d66b258b0e as
well.

If enable_upload_debug_mode is true, we do not want to abort the
direct S3 upload, because that will delete the file on S3 and prevent
further inspection of any errors that have come up.
2021-08-25 14:48:06 +10:00
Arpit Jalan
419d71abcb
FEATURE: allow admin to delete all posts by a user irrespectively (#14128)
This commit allows admin to delete all posts by a user irrespective of
site settings `delete_user_max_post_age` and `delete_all_posts_max`.
2021-08-25 10:14:22 +05:30
Alan Guo Xiang Tan
f66007ec83
FEATURE: Display unread and new counts for messages. (#14059)
There are certain design decisions that were made in this commit.

Private messages implements its own version of topic tracking state because there are significant differences between regular and private_message topics. Regular topics have to track categories and tags while private messages do not. It is much easier to design the new topic tracking state if we maintain two different classes, instead of trying to mash this two worlds together.

One MessageBus channel per user and one MessageBus channel per group. This allows each user and each group to have their own channel backlog instead of having one global channel which requires the client to filter away unrelated messages.
2021-08-25 11:17:56 +08:00
Martin Brennan
d295a16dab
FEATURE: Uppy direct S3 multipart uploads in composer (#14051)
This pull request introduces the endpoints required, and the JavaScript functionality in the `ComposerUppyUpload` mixin, for direct S3 multipart uploads. There are four new endpoints in the uploads controller:

* `create-multipart.json` - Creates the multipart upload in S3 along with an `ExternalUploadStub` record, storing information about the file in the same way as `generate-presigned-put.json` does for regular direct S3 uploads
* `batch-presign-multipart-parts.json` - Takes a list of part numbers and the unique identifier for an `ExternalUploadStub` record, and generates the presigned URLs for those parts if the multipart upload still exists and if the user has permission to access that upload
* `complete-multipart.json` - Completes the multipart upload in S3. Needs the full list of part numbers and their associated ETags which are returned when the part is uploaded to the presigned URL above. Only works if the user has permission to access the associated `ExternalUploadStub` record and the multipart upload still exists.

  After we confirm the upload is complete in S3, we go through the regular `UploadCreator` flow, the same as `complete-external-upload.json`, and promote the temporary upload S3 into a full `Upload` record, moving it to its final destination.
* `abort-multipart.json` - Aborts the multipart upload on S3 and destroys the `ExternalUploadStub` record if the user has permission to access that upload.

Also added are a few new columns to `ExternalUploadStub`:

* multipart - Whether or not this is a multipart upload
* external_upload_identifier - The "upload ID" for an S3 multipart upload
* filesize - The size of the file when the `create-multipart.json` or `generate-presigned-put.json` is called. This is used for validation.

When the user completes a direct S3 upload, either regular or multipart, we take the `filesize` that was captured when the `ExternalUploadStub` was first created and compare it with the final `Content-Length` size of the file where it is stored in S3. Then, if the two do not match, we throw an error, delete the file on S3, and ban the user from uploading files for N (default 5) minutes. This would only happen if the user uploads a different file than what they first specified, or in the case of multipart uploads uploaded larger chunks than needed. This is done to prevent abuse of S3 storage by bad actors.

Also included in this PR is an update to vendor/uppy.js. This has been built locally from the latest uppy source at d613b849a6. This must be done so that I can get my multipart upload changes into Discourse. When the Uppy team cuts a proper release, we can bump the package.json versions instead.
2021-08-25 08:46:54 +10:00
Andrei Prigorshnev
4d5f5a67c1
FIX: the empty state message was appearing in wrong moments on the user bookmarks stage (#14127)
Steps to reproduce:

1. Go to activity/bookmarks
2. Search for something that isn’t in your bookmarks, so you get no results
3. Navigate away and then click "Bookmarked" on the sidebar or open the user menu and click the View All Bookmarks button on the bottom of the bookmarks tab, and you get the message "You haven't bookmarked anything yet". 

This commit fixes the problem. We have a controller with a query parameter q that contains a search query. And we also have a property searchTerm that is bound to the search box on the page and mirrors the value in q. We were using a value from searchTerm when querying the server, but ember controllers are singletons so the searchTerm value persisted between page visits and leaded to this bug.

To make things work properly, we should be using the value from q everywhere except two places when we copy a value from q to searchTerm and vice versa.
2021-08-24 23:40:08 +04:00
Bianca Nenciu
ff367e22fb
FEATURE: Make allow_uploaded_avatars accept TL (#14091)
This gives admins more control over who can upload custom profile
pictures.
2021-08-24 10:46:28 +03:00
Kris
bde6f7e9b0
UX: Update "get a room" composer message (#14104) 2021-08-23 18:34:23 -04:00
Penar Musaraj
8fa4849abc
FIX: minor SK3 styling issues in Safari (#14121) 2021-08-23 15:42:11 -04:00