Commit Graph

40705 Commits

Author SHA1 Message Date
Robin Ward
5e110a5770 FIX: Search filters text was not able to be overridden
This is because the translations were being applied when the JS files
were parsed, which is before the overrides are loaded.

The solution is to return the filters in a function which is executed
when they are needed.
2020-10-29 16:01:00 -04:00
Robin Ward
435a9913a4 REFACTOR: Replace global find with queryAll
In newer Embers jQuery is removed. There is a `find` but it only returns
one element and not a jQuery selector. This patch migrates our code to a
new helper `queryAll` which allows us to remove the global.
2020-10-29 14:45:51 -04:00
Mark VanLandingham
c750a02f05
DEV: Move reports to concerns for autoloading (#11066) 2020-10-29 11:49:09 -05:00
Neil Lalonde
c5eba3f9ee
FIX: support new Google Analytics id format (#11067)
They start with UA- or G- now.
2020-10-29 12:06:20 -04:00
Sam
d10b6dc498
FEATURE: Allow admins to opt out of chunked encoding (#11060)
Most proxies out there will work with chunked encoding transfer. However
some proxies buffer, causing large delays which in turn force the message
bus client to disable chunked encoding. This wastes a request to the message
bus causing superfluous load on the server.

Also

- enableLongPolling is already default true in the client, no need to set it
- remove confusing comment about zepto
2020-10-29 16:25:46 +11:00
Krzysztof Kotlarek
8e7c746e56
FEATURE: Ask user to confirm topic deletion when views exceed a certain amount (#11006)
Before deleting a topic that has a high number of views (default of 5000), the user will be prompted with a confirmation popup. This works for all delete buttons on the topic located in: topic-timeline, topic-admin-menu, topic-footer-buttons, and post-menu if the post's ID is 1.

The delete button will be disabled while deletion is in progress, to prevent any unwanted behavior.

A site setting is also available to change the minimum amount of views required to display the confirmation popup.

All kudos are going to @RickyC0626. I only rebased with master and added few qunit tests to ensure that this feature works as expected.

Original PR: #10459
2020-10-29 14:18:43 +11:00
Vinoth Kannan
72810853ea
FIX: strip the trailing slash (/) of cors origins. (#10996)
Strips trailing `/` from global settings
Provides a validation for site settings to ensure a trailing `/` is not added
2020-10-29 13:01:06 +11:00
Robin Ward
79b414d2a1 FIX: The attribute is discourse-url not data-discourse-url 2020-10-28 17:12:29 -04:00
Roman Rizzi
2f32336081
FIX: Staff can create and edit posts even if a topic is in slow mode. (#11057)
Additionally, ninja edits are no longer restricted.
2020-10-28 16:47:50 -03:00
Vinoth Kannan
e3de45359f
DEV: enable cors to all cdn get requests from workbox. (#10685)
Now all external requests from the service worker will be in CORS mode without credentials.
2020-10-28 23:36:19 +05:30
dependabot-preview[bot]
f70042860b Build(deps): Bump chunky_png from 1.3.13 to 1.3.14
Bumps [chunky_png](https://github.com/wvanbergen/chunky_png) from 1.3.13 to 1.3.14.
- [Release notes](https://github.com/wvanbergen/chunky_png/releases)
- [Changelog](https://github.com/wvanbergen/chunky_png/blob/master/CHANGELOG.rdoc)
- [Commits](https://github.com/wvanbergen/chunky_png/compare/v1.3.13...v1.3.14)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-28 11:41:56 -04:00
Robin Ward
b302321451 REFACTOR: Test assertions should be imported.
Previously they were global functions.
2020-10-28 11:39:06 -04:00
ti0
f809e6eda7 Add upload-actions plugin outlet 2020-10-28 10:42:04 -04:00
Penar Musaraj
ab6894ea36
Add routing for category edit screens (#11027)
Also fixes category editing for instances with slug generation set to "none".
2020-10-28 09:59:38 -04:00
Arpit Jalan
6d4cfbf120
FIX: show 'quote' button when topic is closed but composer is open (#11054) 2020-10-28 19:25:06 +05:30
Krzysztof Kotlarek
dbec3792b7
FIX: pretty text allow list (#10977)
Reword whitelist to allowlist in pretty-text.
This library is used by plugins so we need deprecation notice.
2020-10-28 13:22:06 +11:00
Martin Brennan
632942e697
FIX: Ensure group SMTP and message builder always uses from address for Reply-To when IMAP is enabled (#11037)
There is a site setting reply_by_email_enabled which when combined with reply_by_email_address creates a Reply-To header in emails in the format "test+%{reply_key}@test.com" along with a PostReplyKey record, so when replying Discourse knows where to route the reply.

However this conflicts with the IMAP implementation. Since we are sending the email for a group via SMTP and from their actual email account, we want all replys to go to that email account as well so the IMAP sync job can pick them up and put them in the correct place. So if the group has IMAP enabled and configured, then the reply-to header will be correct.

This PR also makes a further fix to 64b0b50 by using the correct recipient user for the PostReplyKey record. If the post user is used we encounter this error:

if destination.user_id != user.id && !forwarded_reply_key?(destination, user)
  raise ReplyUserNotMatchingError, "post_reply_key.user_id => #{destination.user_id.inspect}, user.id => #{user.id.inspect}"
end
This is because the user above is found from the from_address, but the destination which is the PostReplyKey is made by the post.user, which will be different people.
2020-10-28 07:01:58 +10:00
Penar Musaraj
12724ac6e4
FIX: iPad DiscourseHub app layout issues (#11048)
- fixes height of user dropdown menu
- fixes offset when jumping to a post
- removes landscape-specific CSS padding (following a fix in the app repo)
2020-10-27 15:12:24 -04:00
jbrw
586dd064c6
FIX - don't hide tags if user has correct permissions (#11046) 2020-10-27 14:17:13 -04:00
Arpit Jalan
c6bf70c870
DEV: annotate models (#11047) 2020-10-27 23:42:33 +05:30
jbrw
35cfca1f3f
FIX: Hide delete button if user cannot delete and/or flag a post (#11045)
* FIX: Hide delete button if user cannot delete and/or flag a post

* Move canFlag conditional
2020-10-27 13:02:31 -04:00
dependabot-preview[bot]
1698b34d2b Build(deps): Bump puma from 5.0.3 to 5.0.4
Bumps [puma](https://github.com/puma/puma) from 5.0.3 to 5.0.4.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.3...v5.0.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-27 11:51:48 -04:00
Mark VanLandingham
554a617b3d
DEV: Better custom field preload error (#11044) 2020-10-27 10:05:07 -05:00
Kane York
03503a37be
FIX: Capybara diet upgrade, can eat real 🌿 now (#11040)
More seriously: discobot wasn't reacting properly if users used their
emoji keyboard to insert a real herb emoji, which works just as well
in a real post.

While we're here, use String#include? instead of constructing a new regexp.

https://meta.discourse.org/t/capybaras-dont-eat-real-emojis/168361
2020-10-27 07:49:22 -07:00
Kane York
e35fcd3340
FEATURE: Include rejected queued posts in the user archive export (#10859)
Requested at https://meta.discourse.org/t/where-can-a-user-find-the-post-that-was-rejected-by-the-moderator/165671?u=riking

Field whitelisting is applied to the json field using Hash#slice, which was activesupport until Ruby 2.5.
2020-10-27 07:48:48 -07:00
Discourse Translator Bot
9648122b51
Update translations (#11042) 2020-10-27 15:36:21 +01:00
Prayag Verma
66402abe9a Fix typos
occured ---> occurred
embeded ---> embedded
2020-10-27 09:55:57 -04:00
Robin Ward
e634513568 Move click and fillIn to imports
Previously they were global functions.
2020-10-27 08:55:56 -04:00
Jarek Radosz
690a38bc9b
FIX: Show title on results of all poll types (#11041)
Previously, the title was shown only with pie chart results. Issue originally reported in https://meta.discourse.org/t/keep-the-heading-visible-when-showing-poll-results/167585

Also includes:
UX: Move the "Show breakdown" button (Display it with other poll buttons at the bottom)
FIX: Show the breakdown button only on any votes
2020-10-27 13:48:54 +01:00
dependabot-preview[bot]
d6e0c09e89
Build(deps): Bump rubocop-ast from 1.0.1 to 1.1.0 (#11038)
Bumps [rubocop-ast](https://github.com/rubocop-hq/rubocop-ast) from 1.0.1 to 1.1.0.
- [Release notes](https://github.com/rubocop-hq/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop-ast/compare/v1.0.1...v1.1.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-10-27 11:45:07 +01:00
Joffrey JAFFEUX
5fc239b535
FIX: converts html to text to use it as title attribute (#11009) 2020-10-27 11:05:10 +01:00
Martin Brennan
c7cefb8e08
FIX: Prevent slow bookmark first post reminder at query for topic (#11024)
On forums with a large amount of posts when a user had a bookmark in the topic, PostgreSQL was using an inefficient query plan to fetch the first post of the topic. When running this ActiveRecord query:

```
topic.posts.with_deleted.where(post_number: 1).first
```

The following query plan was produced:

```
 Limit  (cost=0.43..583.49 rows=1 width=891) (actual time=3850.515..3850.515 rows=1 loops=1)
   ->  Index Scan using posts_pkey on posts  (cost=0.43..391231.51 rows=671 width=891) (actual time=3850.514..3850.514
rows=1 loops=1)
         Filter: ((topic_id = 160918) AND (post_number = 1))
         Rows Removed by Filter: 2274520
 Planning time: 0.200 ms
 Execution time: 3850.559 ms
(6 rows)
```

The issue here is the combination of ORDER BY and LIMIT causing the ineficcient Index Scan using posts_pkey on posts to be used. When we correct the AR call to this:

```
topic.posts.with_deleted.find_by(post_number: 1)
```

We end up with a query that still has a LIMIT but no ORDER BY, which in turn creates a much more efficient query plan:

```
Limit  (cost=0.43..1.44 rows=1 width=891) (actual time=0.033..0.034 rows=1 loops=1)
   ->  Index Scan using index_posts_on_topic_id_and_post_number on posts  (cost=0.43..678.82 rows=671 width=891) (actua
l time=0.033..0.033 rows=1 loops=1)
         Index Cond: ((topic_id = 160918) AND (post_number = 1))
 Planning time: 0.167 ms
 Execution time: 0.072 ms
(5 rows)
```

This query plan uses the correct index, `Index Scan using index_posts_on_topic_id_and_post_number on posts`. Note that this is only a problem on forums with a larger amount of posts; tiny forums would not notice the difference. On large forums a query for a topic that takes 1s without a bookmark can take 8-30 seconds, and even end up with 502 errors from nginx.
2020-10-27 16:15:32 +10:00
Krzysztof Kotlarek
8253f8fc5c
PERF: we don't need to use a huge image to test thumbnails (#11025)
* PERF: we don't need to use a huge image to test thumbnails

Generating images with 5000x5000 dimensions is an expensive operation.

Using smaller images reduce the time of model spec from 11s to 3s and integration spec from 6s to 2s.
2020-10-27 12:39:52 +11:00
Sam
e630ba7483
FEATURE: disable default bing throttle (#11035)
See: https://meta.discourse.org/t/bingbot-is-default-throttled/84620

It appears bing is behaving in a more reasonable way, disabling the default
throttle.
2020-10-27 12:35:42 +11:00
Kris
863f86c3a3
FIX: adjust user card position, follow-up to da5841d (#11036) 2020-10-27 12:35:18 +11:00
Krzysztof Kotlarek
61f6f53dab
PERF: apply sprockets patch in a test environment (#11034)
When plugin spec is evaluated for the first time, it took 30 seconds to run:
```
rm -rf tmp/* && LOAD_PLUGINS=1 be rspec ./plugins/discourse-solved/spec/requests/topics_controller_spec.rb
```

Applying sprocket patch in test environment solves that issue
2020-10-27 10:17:21 +11:00
dependabot-preview[bot]
a5ff9fbe51 Build(deps): Bump bootsnap from 1.4.8 to 1.4.9
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.4.8 to 1.4.9.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.4.8...v1.4.9)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-26 15:59:16 -04:00
jbrw
aeb24bd4b5
FIX - don't attempt to optimized animated images (#11031)
* FIX - don't attempt to optimized animated images

* ensure_safe_paths before calling ImageMagick
2020-10-26 15:10:19 -04:00
Penar Musaraj
d9a5d563cf
FIX: iPad app sticky header positioning (#11029) 2020-10-26 13:53:20 -04:00
Robin Ward
1e4c0d1857 Remove more global variables from tests.
* Use `sinon` instead of `sandbox` and require an import.
* You need to import `currentURL` to use it.
2020-10-26 13:32:11 -04:00
Arpit Jalan
5ce006aea1
UX: prioritize "invite by link" option (for staff users) (#11028)
UX: update locale for single/multiple invites tab
2020-10-26 21:59:17 +05:30
dependabot-preview[bot]
32a38ebd32 Build(deps): Bump puma from 5.0.2 to 5.0.3
Bumps [puma](https://github.com/puma/puma) from 5.0.2 to 5.0.3.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.0.2...v5.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-26 12:19:17 -04:00
ValdikSS
1031915b75 FIX: ignore PGP data in emails by MIME type
New version of Thunderbird email client reimplemented PGP support. Now the following attachments are added by default, if email signatures are enabled:

* OpenPGP_0x(pgp key id).asc
* OpenPGP_signature(.asc)

The last one has `name="OpenPGP_signature.asc"` in `Content-Type` but `filename="OpenPGP_signature"` (without extension) in `Content-Disposition: attachment`.

Since both the key and the signature have proper MIME types, filter them by default.
2020-10-26 12:15:31 -04:00
Robin Ward
f2a17feb3a Use response helper
These tests were using a much more verbose API. `response` is much
simpler.
2020-10-26 12:14:36 -04:00
Blake Erickson
c9515ede2e
DEV: Add api docs for invite and group update endpoint (#11019)
Documenting a few more endpoints so that our api docs can be
automatically generated. Made a couple other minor changes, like
including the "OK" example for our default success response.
2020-10-26 08:55:22 -06:00
Vinoth Kannan
8d3837c824
DEV: include cors header to public file server in dev environment. (#11007)
While enabling CORS header in localhost we should include it in public file server too. Else it will return the errors.
2020-10-26 17:45:35 +05:30
Dan Ungureanu
43557143fe
FIX: Reset invite when resending it (#11013)
Resending an invite moved the expire date in the future, but did not
invalidate it. For example, if an invite was sent to an email,
invalidated and then resent, it would still be left invalidated.
2020-10-26 12:26:43 +02:00
Martin Brennan
57d06518d4
FIX: Prevent slow bookmark first post reminder at query for topic (#11024)
On forums with a large amount of posts when a user had a bookmark in the topic, PostgreSQL was using an inefficient query plan to fetch the first post of the topic. When running this ActiveRecord query:

```
topic.posts.with_deleted.where(post_number: 1).first
```

The following query plan was produced:

```
 Limit  (cost=0.43..583.49 rows=1 width=891) (actual time=3850.515..3850.515 rows=1 loops=1)
   ->  Index Scan using posts_pkey on posts  (cost=0.43..391231.51 rows=671 width=891) (actual time=3850.514..3850.514 
rows=1 loops=1)
         Filter: ((topic_id = 160918) AND (post_number = 1))
         Rows Removed by Filter: 2274520
 Planning time: 0.200 ms
 Execution time: 3850.559 ms
(6 rows)
```

The issue here is the combination of ORDER BY and LIMIT causing the ineficcient Index Scan using posts_pkey on posts to be used. When we correct the AR call to this:

```
topic.posts.with_deleted.find_by(post_number: 1)
```

We end up with a query that still has a LIMIT but no ORDER BY, which in turn creates a much more efficient query plan:

```
Limit  (cost=0.43..1.44 rows=1 width=891) (actual time=0.033..0.034 rows=1 loops=1)
   ->  Index Scan using index_posts_on_topic_id_and_post_number on posts  (cost=0.43..678.82 rows=671 width=891) (actua
l time=0.033..0.033 rows=1 loops=1)
         Index Cond: ((topic_id = 160918) AND (post_number = 1))
 Planning time: 0.167 ms
 Execution time: 0.072 ms
(5 rows)
```

This query plan uses the correct index, `Index Scan using index_posts_on_topic_id_and_post_number on posts`. Note that this is only a problem on forums with a larger amount of posts; tiny forums would not notice the difference. On large forums a query for a topic that takes 1s without a bookmark can take 8-30 seconds, and even end up with 502 errors from nginx.
2020-10-26 14:30:31 +10:00
dependabot-preview[bot]
9c5b7a4396 Build(deps-dev): Bump simplecov from 0.19.0 to 0.19.1
Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/simplecov-ruby/simplecov/releases)
- [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md)
- [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.19.0...v0.19.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-26 10:59:35 +08:00
dependabot-preview[bot]
01eb1dfe68 Build(deps): Bump rspec-support from 3.9.3 to 3.9.4
Bumps [rspec-support](https://github.com/rspec/rspec-support) from 3.9.3 to 3.9.4.
- [Release notes](https://github.com/rspec/rspec-support/releases)
- [Changelog](https://github.com/rspec/rspec-support/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-support/compare/v3.9.3...v3.9.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-10-26 10:59:15 +08:00