Commit Graph

42419 Commits

Author SHA1 Message Date
Gerhard Schlager
a37b5b177b
FIX: Remapping of uploads could fail during restore of backup (#13897)
Sidekiq should be paused until the end of the restore, otherwise it might interfere (deadlock) with the remap of upload URLs in posts.
2021-07-30 11:25:28 +02:00
Bianca Nenciu
531dbc5e6a
FIX: Do not offer to save draft if invalid (#13863)
An invalid draft is the draft of a topic with a short title or body.
The client does not save these, but it will ask the client if they want
to save it. Even if the answer is 'yes', the draft is discarded. This
commit skips Save button for small drafts.
2021-07-30 10:43:09 +03:00
Alan Guo Xiang Tan
849827841f Revert "DEV: Move private message topic tracking state publish into sidekiq."
This reverts commit c51c80466c.

There is a conditional in post jobs enqueuer that only enqueues the job
for non-PM posts.
2021-07-30 11:36:01 +08:00
Alan Guo Xiang Tan
5633c40e50 DEV: Bump client side plugin-api version.
Follow-up to  91456ad2cb
2021-07-30 10:12:16 +08:00
Alan Guo Xiang Tan
5a47b351ac DEV: Remove ember export which has long been deprecated. 2021-07-30 09:39:31 +08:00
dependabot[bot]
4cd388e84f Build(deps): Bump puma from 5.3.2 to 5.4.0
Bumps [puma](https://github.com/puma/puma) from 5.3.2 to 5.4.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.3.2...v5.4.0)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-30 09:34:31 +08:00
Blake Erickson
1c60be7658
DEV: Document anonymize user api endpoint (#13893)
Adding the anonymize user endpoint to the api docs.

See: https://meta.discourse.org/t/158704/7
2021-07-29 17:40:41 -06:00
Kris
200a75e4b6
re-show excerpts on bookmark page (#13892) 2021-07-29 18:50:58 -04:00
Kris
668272387d
UX: use share modal in dominating topic msg (#13837) 2021-07-29 16:36:02 -04:00
Mark VanLandingham
c51b39302c
FIX: Typu in intercept-click (#13889) 2021-07-29 15:15:10 -05:00
Mark VanLandingham
91456ad2cb
DEV: Plugin API to add card listener elements (#13887) 2021-07-29 14:25:10 -05:00
Kris
a049b8f596
UX: User bookmark page style adjustments (#13869) 2021-07-29 12:11:15 -04:00
David Taylor
1e66e4602f
UX: Update styling of readonly values in signup form (#13886)
During some authentication flows (e.g. external auth with validated emails), some fields on the signup form are readonly. Previously, they were rendered in a simple `<span>`, with no associated label. This commit makes them render in a disabled `<input>` field, so that the styling matches the rest of the form.

A subtle background is added to the disabled input to distinguish them from editable inputs.
2021-07-29 09:19:44 -05:00
Bianca Nenciu
300db3d3fa
FIX: Update draft count after creating a post (#13884)
When a post is created, the draft sequence is increased and then older
drafts are automatically executing a raw SQL query. This skipped the
Draft model callbacks and did not update user's draft count.

I fixed another problem related to a raw SQL query from Draft.cleanup!
method.
2021-07-29 17:06:11 +03:00
David Taylor
9b8c4d4790
FIX: Add users-directory-controls outlet to mobile template (#13883)
This outlet was added to the desktop template in e1175f9f
2021-07-29 14:40:36 +01:00
Joffrey JAFFEUX
74f0631acd
FIX: allows authentication data to be present in bootstrap (#13885) 2021-07-29 15:01:11 +02:00
Alan Guo Xiang Tan
2b5625bbf0
FIX: Avoid creating a post revision when topic tags have not changed. (#13881)
Co-authored-by: jmperez127 <jmperez127@gmail.com>
2021-07-29 08:14:25 -04:00
David Taylor
c94879ea43 DEV: Remove incorrect method descriptions
These do not accurately describe the methods. They were likely copy/pasted from another controller.
2021-07-29 18:23:56 +08:00
Alan Guo Xiang Tan
c51c80466c DEV: Move private message topic tracking state publish into sidekiq.
Same intend as b1f32f2f57.
2021-07-29 14:57:19 +08:00
Alan Guo Xiang Tan
543a2d70b2 FIX: PM tags route should work for usernames with a period. 2021-07-29 13:54:29 +08:00
dependabot[bot]
4dc5452682 Build(deps): Bump redis from 4.3.1 to 4.4.0
Bumps [redis](https://github.com/redis/redis-rb) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/redis/redis-rb/releases)
- [Changelog](https://github.com/redis/redis-rb/blob/master/CHANGELOG.md)
- [Commits](https://github.com/redis/redis-rb/compare/v4.3.1...v4.4.0)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-29 13:29:30 +08:00
Alan Guo Xiang Tan
8775191cf3 Revert "DEV: suppress assets logs from qunit tests (#13871)"
This reverts commit 1b649016d9.

Test is failing with the following message:

```
navigate to  http://localhost:60099/qunit?hidepassed=1&seed=312984199721107128645754962579661839397&qunit_disable_auto_start=1
2021-07-29T02:57:13.303Z - (type: network/error) message: Failed to load resource: the server responded with a status of 403 (Forbidden), url: http://localhost:60099/extra-locales/admin?v=eeeea38a700966a1a7fb600b23f3a222
2021-07-29T02:57:43.823Z - (type: network/error) message: Failed to load resource: net::ERR_EMPTY_RESPONSE, url: http://localhost:60099/assets/discourse/tests/test_helper.js
ReferenceError: define is not defined
    at eval (discourse/tests/acceptance/about-test:1:1)
    at http://localhost:60099/assets/discourse/tests/core_plugins_tests.js:1:1
ReferenceError: require is not defined
    at eval (discourse/tests/test_starter:5:24)
    at http://localhost:60099/assets/discourse/tests/test_starter.js:1:1
2021-07-29T02:57:43.891Z - (type: network/error) message: Failed to load resource: the server responded with a status of 403 (Forbidden), url: http://localhost:60099/extra-locales/admin?v=eeeea38a700966a1a7fb600b23f3a222

Tests timed out
```
2021-07-29 13:28:24 +08:00
Dan Ungureanu
823c3f09d4
FIX: Reduce input of to_tsvector to follow limits (#13806)
Long posts may have `cooked` fields that produce tsvectors longer than
the maximum size of 1MiB (1,048,576 bytes). This commit uses just the
first million characters of the scrubbed cooked text for indexing.

Reducing the size to exactly 1MB (1_048_576) is not sufficient because
sometimes the output tsvector may be longer than the input and this
gives us some breathing room.
2021-07-28 18:25:14 +03:00
Joffrey JAFFEUX
b673fee946
DEV: resets user search cache between tests (#13873)
The current behaviour was producing random tests failures which where consistently reproducible using `seed=32037592518471299633729129648744282271`

The cause of this error, is a previous test not giving any topicId or categoryId resulting in a cache key "undefined-undefined", just like a possibly previous test. Reseting cache between tests, seems the most straightforward and future proof solution
2021-07-28 15:32:49 +02:00
Alan Guo Xiang Tan
2818ebd19f DEV: Avoid duplication of gems in gemfile.
Follow-up to 08c6a7679d
2021-07-28 21:23:15 +08:00
Joffrey JAFFEUX
1b649016d9
DEV: suppress assets logs from qunit tests (#13871)
Partially reverts: 956f849250

Note that this way of running tests will soon be deprecated in favor of `ember test` and this shouldn’t matter anymore.
2021-07-28 14:27:45 +02:00
Andrei Prigorshnev
5a2ad7e386
DEV: remove calls to guardian from GroupActionLogger (#13835)
We shouldn't be checking if a user is allowed to do an action in the logger. We should be checking it just before we perform the action. In fact, guardians in the logger can make things even worse in case of a security bug. Let's say we forgot to check user's permissions before performing some action, but we still have a call to the guardian in the logger. In this case, a user would perform the action anyway, and this action wouldn't even be logged!

I've checked all cases and I confirm that we're safe to delete this calls from the logger.

I've added two calls to guardians in admin/user_controller. We didn't have security bugs there, because regular users can't access admin/... routes at all. But it's good to have calls to guardian in these methods anyway, neighboring methods have them.
2021-07-28 15:04:04 +04:00
Alan Guo Xiang Tan
32951ca2f4 FIX: User can change name when auth_overrides_name is enabled. 2021-07-28 14:40:57 +08:00
awesomerobot
343ea81ac3 UX: Remove theme-specific css, fix space 2021-07-28 09:34:33 +08:00
Martin Brennan
84e77e9078
FIX: Remove additional setting check for uppy-upload (#13867)
Because the enable_s3_uploads setting may be false for
some sites but GlobalSetting.use_s3? is true, we need to
remove this additional check in uppy-upload. The hidden
enable_direct_s3_uploads setting is sufficient.
2021-07-28 11:26:09 +10:00
dependabot[bot]
53b33a3a7c
Build(deps): Bump globalid from 0.4.2 to 0.5.1 (#13866)
Bumps [globalid](https://github.com/rails/globalid) from 0.4.2 to 0.5.1.
- [Release notes](https://github.com/rails/globalid/releases)
- [Commits](https://github.com/rails/globalid/compare/v0.4.2...v0.5.1)

---
updated-dependencies:
- dependency-name: globalid
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-28 00:44:06 +02:00
dependabot[bot]
dfb5a244cb
Build(deps): Bump css_parser from 1.9.0 to 1.10.0 (#13865)
Bumps [css_parser](https://github.com/premailer/css_parser) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/premailer/css_parser/releases)
- [Changelog](https://github.com/premailer/css_parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/premailer/css_parser/compare/v1.9.0...v1.10.0)

---
updated-dependencies:
- dependency-name: css_parser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-07-28 00:43:23 +02:00
Martin Brennan
b500949ef6
FEATURE: Initial implementation of direct S3 uploads with uppy and stubs (#13787)
This adds a few different things to allow for direct S3 uploads using uppy. **These changes are still not the default.** There are hidden `enable_experimental_image_uploader` and `enable_direct_s3_uploads`  settings that must be turned on for any of this code to be used, and even if they are turned on only the User Card Background for the user profile actually uses uppy-image-uploader.

A new `ExternalUploadStub` model and database table is introduced in this pull request. This is used to keep track of uploads that are uploaded to a temporary location in S3 with the direct to S3 code, and they are eventually deleted a) when the direct upload is completed and b) after a certain time period of not being used. 

### Starting a direct S3 upload

When an S3 direct upload is initiated with uppy, we first request a presigned PUT URL from the new `generate-presigned-put` endpoint in `UploadsController`. This generates an S3 key in the `temp` folder inside the correct bucket path, along with any metadata from the clientside (e.g. the SHA1 checksum described below). This will also create an `ExternalUploadStub` and store the details of the temp object key and the file being uploaded.

Once the clientside has this URL, uppy will upload the file direct to S3 using the presigned URL. Once the upload is complete we go to the next stage.

### Completing a direct S3 upload

Once the upload to S3 is done we call the new `complete-external-upload` route with the unique identifier of the `ExternalUploadStub` created earlier. Only the user who made the stub can complete the external upload. One of two paths is followed via the `ExternalUploadManager`.

1. If the object in S3 is too large (currently 100mb defined by `ExternalUploadManager::DOWNLOAD_LIMIT`) we do not download and generate the SHA1 for that file. Instead we create the `Upload` record via `UploadCreator` and simply copy it to its final destination on S3 then delete the initial temp file. Several modifications to `UploadCreator` have been made to accommodate this.

2. If the object in S3 is small enough, we download it. When the temporary S3 file is downloaded, we compare the SHA1 checksum generated by the browser with the actual SHA1 checksum of the file generated by ruby. The browser SHA1 checksum is stored on the object in S3 with metadata, and is generated via the `UppyChecksum` plugin. Keep in mind that some browsers will not generate this due to compatibility or other issues.

    We then follow the normal `UploadCreator` path with one exception. To cut down on having to re-upload the file again, if there are no changes (such as resizing etc) to the file in `UploadCreator` we follow the same copy + delete temp path that we do for files that are too large.

3. Finally we return the serialized upload record back to the client

There are several errors that could happen that are handled by `UploadsController` as well.

Also in this PR is some refactoring of `displayErrorForUpload` to handle both uppy and jquery file uploader errors.
2021-07-28 08:42:25 +10:00
Gerhard Schlager
4a37612fd5
FIX: Changing the post owner didn't update the reply_to_user_id of replies (#13862) 2021-07-27 20:49:08 +02:00
Andrew Schleifer
461cb96532 use more appropriate labels for chinese UI option 2021-07-27 22:47:59 +08:00
Discourse Translator Bot
e951cb9aef
Update translations (#13860) 2021-07-27 15:24:03 +02:00
Joffrey JAFFEUX
8ded33c411
DEV: prevents badges tests to log 404 (#13859) 2021-07-27 14:46:49 +02:00
Joffrey JAFFEUX
cdeaddbbb6
DEV: referencing global exists is deprecated (#13857) 2021-07-27 14:42:36 +02:00
Joffrey JAFFEUX
32d0467881
DEV: avoids using document.write (#13858)
It doesn’t provide much than just avoiding some logs in tests. I didn't change test_starter as it's going to be removed at some point.
2021-07-27 14:42:21 +02:00
Joffrey JAFFEUX
29e71f8450
DEV: adds grinning_face_with_smiling_eyes.png to google-classic (#13856) 2021-07-27 13:27:13 +02:00
Bianca Nenciu
760c9a5698
FEATURE: Show draft count in user menu and activity (#13812)
This commit adds the number of drafts a user has next to the "Draft"
label in the user preferences menu and activity tab. The count is
updated via MessageBus when a draft is created or destroyed.
2021-07-27 14:05:33 +03:00
Joffrey JAFFEUX
d801e33e0b
DEV: ensures tree is present for traverseCustomWidgets (#13855)
We already had this check sometimes in code, it's just safer to have this responsibility baked in the function.
2021-07-27 11:37:40 +02:00
wbhouston
efe38efb0a
FIX: Don't grant sharing badges to users who don't exist (#13851)
In badge queries for 'First Share' and 'Nice/Good/Great Share' badges,
check that the user exists.

For 'Nice+ Share' badges, also grant badges if the number of shares is
equal to the threshhold count to better match the descriptions.
2021-07-27 16:32:59 +10:00
Alan Guo Xiang Tan
1780961e70 DEV: Fix flaky topics invite spec due to id collision.
The hardcoded group id eventually became a valid group id leading to 2
groups being attached to the invite.
2021-07-27 13:59:07 +08:00
Alan Guo Xiang Tan
02b84dbff2 DEV: Fix flaky instagram onebox spec by not mutating constant. 2021-07-27 13:54:14 +08:00
awesomerobot
c161f5e0b2 fix badge wrapping on user summary 2021-07-27 12:48:16 +08:00
dependabot[bot]
e28fbf73c7 Build(deps): Bump bootsnap from 1.7.5 to 1.7.6
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.7.5 to 1.7.6.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.7.5...v1.7.6)

---
updated-dependencies:
- dependency-name: bootsnap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-07-27 09:10:44 +08:00
jbrw
292412f196
DEV: Add new after-create-topic-button plugin outlet (#13848) 2021-07-26 17:39:59 -04:00
Vinoth Kannan
5a93893b08
FIX: use correct URL in schema markup for post images. (#13847)
Currently, it wrongly adds Discourse base URL in prefix even for CDN URLs.
2021-07-26 21:39:51 +05:30
Martin Brennan
e1d2b67178
DEV: Fix stylesheet manager flaky spec (#13846)
The cache_fullpath for the Stylesheet::Manager was the same for
every test runner in a parallel test environment, so when other
specs or other places e.g. the stylesheets_controller_spec ran
rm -rf Stylesheet::Manager.cache_fullpath this caused errors
for other specs running that went through the
Stylesheet::Manager::Builder#compile path, causing the error

```
Errno::ENOENT:
       No such file or directory @ rb_sysopen
```


Also fixed the stylesheet_controller which was interpolating Rails.root + CACHE_PATH
itself instead of just using Stylesheet::Manager.cache_fullpath
2021-07-26 14:22:54 +10:00