Commit Graph

21860 Commits

Author SHA1 Message Date
Joffrey JAFFEUX
33f77e51b8
FIX: allows to select the action when agreeing with penalty (#9099)
Note this commit also fixes an issue where the edit post actions was trying to focus the edit textarea, but was using jquery functions on a DOM node.

scrollTo is not available on IE11 but that shouldn't cause much trouble.
2020-03-04 09:32:15 -05:00
Martin Brennan
3e54e0191e
FIX: Use full URL for secure attachments when secure media enabled (#9037)
When secure media is enabled and an attachment is marked as secure we want to use the full url instead of the short-url so we get the same access control post protections as secure media uploads.
2020-03-04 10:11:08 +11:00
David Taylor
65cc61be7a
PERF: Allow preloading 'recent time read' for a user (#9076)
This will be used when serializing multiple user cards
2020-03-03 13:57:46 +00:00
David Taylor
d23f7af3cb
PERF: Allow user serializer to make use of preloaded custom fields (#9074) 2020-03-03 13:56:54 +00:00
Martin Brennan
0df72a51b8
FIX: Stop infinite lookup-urls issue for video/audio on page (#9096)
Meta report: https://meta.discourse.org/t/excessive-requests-to-uploads-lookup-urls-leading-to-429-response/143119

* The data-orig-src attribute was not being removed from cooked
video and audio so the composer was infinitely trying to get the
URLs for them, which would never resolve to anything
* Also the code that retrieved the short URL was unscoped, and was
getting everything on the page. if running from the composer we
now scope to the preview window
* Also fixed a minor issue where the element href for the video
and audio tags was not being set when the short URL was found
2020-03-03 15:44:01 +11:00
Martin Brennan
0388653a4d
DEV: Upload and secure media retroactive rake task improvements (#9027)
* Add uploads:sync_s3_acls rake task to ensure the ACLs in S3 are the correct (public-read or private) setting based on upload security

* Improved uploads:disable_secure_media to be more efficient and provide better messages to the user.

* Rename uploads:ensure_correct_acl task to uploads:secure_upload_analyse_and_update as it does more than check the ACL

* Many improvements to uploads:secure_upload_analyse_and_update

* Make sure that upload.access_control_post is unscoped so deleted posts are still fetched, because they still affect the security of the upload.

* Add escape hatch for capture_stdout in the form of RAILS_ENABLE_TEST_STDOUT. If provided the capture_stdout code will be ignored, so you can see the output if you need.
2020-03-03 10:03:58 +11:00
Joffrey JAFFEUX
11425f8adc
FEATURE: alows to add a description link to a report (#9065)
This commit adds a description link to users_per_trust_level report linking to our blog  article on the subject https://blog.discourse.org/2018/06/understanding-discourse-trust-levels/
2020-03-02 14:30:51 -05:00
Robin Ward
a653737a66
FIX: Add aria-labels to topic list items (#9048)
* FIX: Add aria-labels to topic list items

Before this fix you could navigate the topic list using a screen reader
and a keyboard but some of the items were not as descriptive as they
could be. The newly added labels make it easier to understand what you
are tabbing over.

context:
https://meta.discourse.org/t/accessibility-aria-attributes-are-not-defined-for-links-under-replies-category/142539

* Update app/assets/javascripts/discourse/lib/utilities.js.es6

Co-Authored-By: Régis Hanol <regis@hanol.fr>

* Multiline fix

* Fix more tests

Co-authored-by: Régis Hanol <regis@hanol.fr>
2020-03-02 14:28:54 -05:00
Joffrey JAFFEUX
f17459c620
UX: attempts to increate popup menu hitzone on mobile (#9038) 2020-03-02 14:27:50 -05:00
Jarek Radosz
fedd8e3e3a
DEV: Remove uses of deprecated Ember.copy and Copyable (#8978) 2020-03-02 14:24:05 -05:00
Jarek Radosz
76a06dfa03
DEV: Remove the last (defunct) use of Ember.View (#8976)
This codepath has been deprecated 3 years ago in c5687100b0.

Ember.View has been removed in Ember 2.0.
2020-03-02 14:23:46 -05:00
David Taylor
f9cc3dc4b7
PERF: Allow passing an existing list of user field ids when loading (#8970)
* PERF: Allow passing an existing list of user field ids when loading

This avoids the need for running `UserField.pluck(:id)` for each user that is serialized

* Memoize user_fields to avoid rebuilding hash ever time
2020-03-02 14:22:49 -05:00
tshenry
a09e5d12c2
FIX: Topics should honor auto-close when published to category (#8963)
* FIX: Topics should honor auto-close when published to category

* Add test
2020-03-02 14:21:35 -05:00
Gerhard Schlager
5c39e21c18
UX: Allow correct pluralization for "too few topics and posts" notices (#8947) 2020-03-02 14:20:37 -05:00
Joffrey JAFFEUX
ed85cfe141
FIX: prevents click on sk header to bubble (#9084) 2020-03-02 20:06:02 +01:00
Rafael dos Santos Silva
d05142d3f7 FEATURE: Enable service worker on iOS PWA 2020-03-02 15:55:09 -03:00
Rafael dos Santos Silva
fd38ed3631
DEV: Fix lint error introduced in 58f16f2 2020-03-02 13:04:52 -03:00
Rafael dos Santos Silva
58f16f2e2b
FIX: Make FooterNav work with PWAs on iPadOS 2020-03-02 12:56:37 -03:00
Martin Brennan
8123538c94
DEV: Minor review fixes and fix bookmark spec logging (#9045)
As per:

https://review.discourse.org/t/fix-never-allow-custom-emoji-to-be-marked-secure-8965/9072
https://review.discourse.org/t/feature-improving-bookmarks-part-2-topic-bookmarking-8954/9038
2020-03-02 15:40:29 +10:00
Joffrey JAFFEUX
2db8ada222
FIX: ensures category url of category drop is built using slug and id (#9069) 2020-02-28 17:58:22 +01:00
David Taylor
0903aa44bb
FEATURE: Always disable customizations on the /safe-mode route (#9052)
This makes it easier to enter safe mode when a customization has made the UI unusable
2020-02-28 10:53:11 +00:00
Dan Ungureanu
60184a290c
FIX: Sync preload key format for category topic lists
The server and client used two different formats for preload keys. The
server was using 'topic_list_c/SLUG/l/latest', but the client was using
'topic_list_c/SLUG/ID/l/latest'.

This commit is an addition to 374534f00e.
2020-02-28 11:10:03 +02:00
Sam Saffron
8e5edae093
FEATURE: unconditionally skip indexing on search controller
There are absolutely no actions in search that need indexing

Also no point adding this header on non get requests
2020-02-28 09:21:31 +11:00
Mark VanLandingham
f358114361
FIX: Prettier on iframed-html component (#9062) 2020-02-27 11:56:13 -06:00
Mark VanLandingham
337b823ec6
Merge pull request from GHSA-vw39-6w7q-gfx5
Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-02-27 11:47:15 -06:00
Roman Rizzi
87f15f9ed6
FIX: When appending tags to restricted category posts, we need to pass the category id, or it won't work. (#9020) 2020-02-27 14:10:14 -03:00
Joffrey JAFFEUX
501936f0da
FIX: prevents loading to show during debouncing (#9060)
This will also fix a bug in IE11 where click event would not be triggered on row
2020-02-27 15:20:04 +01:00
romanrizzi
4673f31c75 FIX: Bulk badge awards should work even if the CSV has nil values 2020-02-27 11:08:24 -03:00
adam j hartz
0af2f5db64
UX: Differentiate Between PMs and Topics in Search Results (#8933)
PMs will now display an envelope icon next to the topic title in search results. This is especially useful when searching using `in:all`.

Co-authored-by: adam j hartz <hz@mit.edu>
2020-02-27 13:25:32 +00:00
Joffrey JAFFEUX
56345faf9a
FIX: prevents row click event to be caught by filter input event (#9059)
This was causing some dropdowns to not work under IE11
2020-02-27 14:04:23 +01:00
Dan Ungureanu
60908a94ec
FIX: Skip 'invited' small action if user is in an invited group (#9056)
Inviting a user that is already invited through a group used to generate
a small action and a notification. This commit skips that small action.
2020-02-27 14:45:20 +02:00
Vinoth Kannan
acf337d583
FEATURE: auto archive group message if topic is closed. (#9046)
Co-Authored-By: Régis Hanol <regis@hanol.fr>
2020-02-27 11:09:37 +05:30
Vinoth Kannan
5774107a2d
FIX: downloaded image URLs incorrectly replaced in post raw. (#9014)
Previously, while replacing the downloaded image URL `http://wiki.mozilla.org/images/2/2e/Longcat1.png` similar non-image URL `http://wiki.mozilla.org/images/2` was replaced wrongly.
2020-02-27 10:22:55 +05:30
Dan Ungureanu
3568f296a3
FIX: Another attempt at fixing reviewable claiming
Follow-up to 9314751e5c.
2020-02-26 10:46:10 +02:00
Dan Ungureanu
9314751e5c
FIX: Claim reviewable button did not show up for all topics
Follow-up to 514c22e64b.
2020-02-26 10:36:35 +02:00
Joffrey JAFFEUX
baba1cc02e
FIX: ensures destroying a user with security keys doesn't fail (#9042) 2020-02-25 14:07:57 -05:00
David Taylor
96ac4fc072
FIX: Include .json suffix for email login route (#9041)
In IE11, the browser returns the cached HTML response, rather than the JSON formatted response. Adding the `.json` suffix ensures that the cache is not shared. Same root cause as b0211772
2020-02-25 18:01:33 +00:00
Dan Ungureanu
514c22e64b
FIX: Make reviewable claiming work with deleted topics (#9040)
This fixes the case when the reviewed topic is deleted (for example, in
discourse-akismet).
2020-02-25 15:49:23 +02:00
Dan Ungureanu
5905930c32
FIX: Sync Ember and non-Ember layouts (#9028) 2020-02-25 15:31:04 +02:00
Joffrey JAFFEUX
a5c7f0c98d
UX: hides emoji picker from edit category tab topic template (#9036) 2020-02-25 00:49:41 +01:00
Joffrey JAFFEUX
e303b4d181
UX: hides local-date picker when used outside of main composer 2020-02-25 00:17:43 +01:00
Joffrey JAFFEUX
bd49368942
FIX: ensures topic count is correctly showing in box category badges (#9034) 2020-02-24 23:41:36 +01:00
Penar Musaraj
d6a603cc50
FIX: Translate none-tag and all-tags labels in tag filter (#9030)
* FIX: Translate none-tag and all-tags labels in tag filter
* Add test
2020-02-25 07:57:24 +11:00
Joffrey JAFFEUX
f336aeee6f
FIX: ensures scoped search category is searching in all categories (#9031) 2020-02-24 19:19:53 +01:00
Kris
832a0e410a UX: Restrict icon height in btn-small to prevent height inconsistency 2020-02-24 13:18:46 -05:00
Joffrey JAFFEUX
0ea11a9d49
FIX: ensures we don't attempt to create a new PM on an existing topic (#9029)
This fix attempts to both fix it at UI level and server side. A previous attempt related to this behavior has been made in commit: 49c750ca78
2020-02-24 08:55:12 -06:00
Sam Saffron
372f6f4f22
FEATURE: limit number of notifications per user to 10,000
Introduces a new site setting `max_notifications_per_user`.

Out-of-the-box this is set to 10,000. If a user exceeds this number of
notifications, we will delete the oldest notifications keeping only 10,000.

To disable this safeguard set the setting to 0.

Enforcement happens weekly.

This is in place to protect the system from pathological states where a
single user has enormous amounts of notifications causing various queries
to time out. In practice nobody looks back more than a few hundred notifications.
2020-02-24 11:42:50 +11:00
Kris
e5bc649057 modal footer button height fix 2020-02-21 20:13:23 -05:00
Neil Lalonde
f73ed45de9 FIX: blank popular posts in summary emails due to lightbox images
When looking for the first paragraph with content in a post,
it was matching the lightboxed image paragraph as "<p></p>".
Fix that and other potential empty paragraphs with the
p:not(:empty) selector.
Add a new selector to find the image links in lightboxed
images as valid content for emails.
2020-02-21 16:18:38 -05:00
Joffrey JAFFEUX
69a2ad626b
FIX: ensures group automatic membership dropdown works (#9022)
This commit also fixes a deprecation warning as the previous  component was overriding a computed property from the group model.

Finally a test has been added as this is the only place where we use list-setting outside of the settings, this was highly subject to regressions.
2020-02-21 22:14:24 +01:00
Kris
90e701b470 UX: Eliminate double modal scroll on long mobile create account forms 2020-02-21 16:08:19 -05:00
Kris
5b358a2ca7 Follow up padding fix to de559f3 2020-02-21 15:44:34 -05:00
Joffrey JAFFEUX
0b0290cddb
FIX: muted was not working in topic timeline (#9021) 2020-02-21 21:32:58 +01:00
Dan Ungureanu
533495169e
FEATURE: Publish a message when reviewable claimer changes (#9019)
This commit ensures that all users are kept in sync and no user can claim
a topic that has been claimed already.
2020-02-21 19:11:50 +02:00
Dan Ungureanu
cf0c6d5761
FIX: Ensure web hooks are retried at most 5 times 2020-02-21 17:02:40 +02:00
Jarek Radosz
6ba326a9f4
DEV: Deprecate ember module imports (#9011)
Removes remaining `ember` module imports.
2020-02-21 15:56:49 +01:00
Jarek Radosz
c607870f08
DEV: Add more @ember imports (#9012) 2020-02-21 14:27:04 +01:00
Joffrey JAFFEUX
cb69e89d7c
FIX: correctly shows suggested topics label (#9017) 2020-02-21 12:35:49 +01:00
Joffrey JAFFEUX
e807dff6fc
FIX: ensures mini-tag-chooser is respecting max_tags_per_topic (#9018) 2020-02-21 12:16:05 +01:00
Vinoth Kannan
8a031f19dc FIX: use dedicated site attribute in category + tag filtered pages too. 2020-02-21 15:55:17 +05:30
Martin Brennan
3af2670bd5
FIX: Consider webp a supported image format for upload (#9015)
* Also fixes an issue where if webp was a downloaded hotlinked
  image and then secure + sent in an email, it was not being
  redacted because webp was not a supported media format in
  FileHelper
* Webp originally removed as an image format in
  https://github.com/discourse/discourse/pull/6377
  and there was a spec to make sure a .bin webp
  file did not get renamed from its type to webp.

  However we want to support webp images now to make
  sure they are properly redacted if secure media is
  on, so change the example in the spec to use tiff,
  another banned format, instead
2020-02-21 13:08:01 +10:00
Robin Ward
a47e0a3fda FIX: TOTP could not be used on sites with colons in their names
This is because the TOTP gem identifies as a colon as an addressable
protocol. The solution for now is to remove the colon in the issuer
name.

Changing the issuer changes the token values, but now it was completely
broken for colons so this should not be breaking anyone new.
2020-02-20 16:35:30 -05:00
David Taylor
19dcc6bb7b
FIX: Restore initState() call within discourse-location for subfolder
d7d4612b2d removed the duplicate call to initState(). However, we are relying on a side effect of the duplicate call for subfolder sites to function correctly when accessed without a trailing slash. To avoid a large refactor before the stable release, this commit restores the old behavior.

Long term we should look at migrating to Ember's built-in location library, rather than maintaining our own (very similar) version

https://github.com/emberjs/ember.js/blob/master/packages/%40ember/-internals/routing/lib/location/history_location.ts
2020-02-20 16:41:50 +00:00
Arpit Jalan
7b92280b97 UX: use same styling for username and user-name 2020-02-20 17:51:37 +05:30
Arpit Jalan
f36719c1f5 FIX: respect prioritize_username_in_ux setting in email
UX: only the first attribute should be hyperlinked
UX: add margin based on attribute position
2020-02-20 17:47:16 +05:30
Martin Brennan
97d8f19387
FIX: When admin changes another user's email auto-confirm the change (#9001)
When admin changes a user's email from the preferences page of that user:

* The user will not be sent an email to confirm that their
  email is changing. They will be sent a reset password email
  so they can set the password for their account at the new
  email address.
* The user will still be sent an email to their old email to inform
  them that it was changed.
* Admin and staff users still need to follow the same old + new
  confirm process, as do users changing their own email.
2020-02-20 09:52:21 +10:00
Dan Ungureanu
20b90afad9
FIX: Remove broken error dismiss button 2020-02-19 23:03:52 +02:00
Robin Ward
345764565f FIX: Respect muted tags for mailing list mode
If a user has a tag muted, don't send them emails about that tag.
We've done this forever for categories so it makes sense to do it
for tags too.
2020-02-19 15:14:42 -05:00
Kris
2a7f53065d FEATURE: Add plugin outlet below login/create, add outlet to mobile 2020-02-19 14:08:35 -05:00
Kris
5b0025c816 Additional padding follow up to de559f3 2020-02-19 13:50:12 -05:00
Dan Ungureanu
fd1e04ba0a
UX: Improve small buttons appearance (#8990)
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
Co-authored-by: Kris  <kris.aubuchon@discourse.org>
2020-02-19 12:38:46 -05:00
David Taylor
8ec2d8a814
FIX: Disable save button for API key creation when invalid (#9005) 2020-02-19 16:33:09 +00:00
Kris
fdb45f2ba1 Follow-up padding fix for de559f3 2020-02-19 11:24:45 -05:00
Kris
de559f3fe3 FIX: Remove border-box from modal-body to avoid iOS fixed position bug 2020-02-19 11:08:15 -05:00
Robin Ward
c954d083df Link website when reviewing users 2020-02-19 10:18:05 -05:00
Joffrey JAFFEUX
74f2d48018
FIX: makes setting-object capable of defining value/name properties itself (#9003) 2020-02-19 10:01:21 +01:00
Joffrey JAFFEUX
30e2867547
FIX: prevents setting default values on setting component to reload page
This would happen when clicking on "add all themes" for example.
2020-02-19 09:04:57 +01:00
jjaffeux
32b3f55ef6 Revert "FIX: enums should be treated as flat arrays (#8995)"
This reverts commit 05be9beefd.
2020-02-19 07:53:29 +01:00
Jarek Radosz
9f8a27a132
DEV: Import makeArray from discourse-common instead using Ember global (#8977) 2020-02-19 00:57:58 +01:00
Joffrey JAFFEUX
25ebfd5998
DEV: allows to import isPresent (#8993) 2020-02-18 23:41:15 +01:00
Joffrey JAFFEUX
8f82d790d4
FIX: prevents notifications button to be cutoff on mobile (#8998) 2020-02-18 23:40:10 +01:00
Joffrey JAFFEUX
05be9beefd
FIX: enums should be treated as flat arrays (#8995) 2020-02-18 23:25:12 +01:00
Joffrey JAFFEUX
67ee79f023
FIX: group members dropdown was broken on mobile (#8994) 2020-02-18 23:23:38 +01:00
Vinoth Kannan
7a054fc142 FIX: remove anchors from banner headings.
Else it will create UX issues when the banner is visible on top of the banner topic.
2020-02-19 02:55:04 +05:30
Robin Ward
53054b41d2 FIX: Mentions updater should work regardless of .notify 2020-02-18 16:02:26 -05:00
Robin Ward
041168c9b6 FIX: Group mentions were not being cooked the same was as previewed
If a group mention could be notified on preview it was given an `<a>`
tag with the `.notify` class. When cooked it would display differently.
This patch makes the server side cooking match the client preview.
2020-02-18 15:45:02 -05:00
Robin Ward
163cbb4aa7 UX: Show mentions properly in small post messages 2020-02-18 14:38:33 -05:00
Penar Musaraj
8a0abafc9d UX: Adjust width for topic notifications dropdown on mobile
Previously, the dropdown was set to 400px wide, which exceeds the available width on many mobile devices.
2020-02-18 14:17:34 -05:00
Joffrey JAFFEUX
99746c2850
FIX: ensures report-filter/category is correctly filtering (#8992) 2020-02-18 17:37:43 +01:00
Roman Rizzi
9441362c72
FEATURE: Support uploading a csv with either user emails or usernames (#8971) 2020-02-18 10:53:12 -03:00
Sam Saffron
64b3512084
DEV: use DiskSpace module for all disk space calculations
This normalizes it so we only carry one place for grabbing disk space size

It also normalizes the command made so it uses Discourse.execute_command
which splits off params in a far cleaner way.
2020-02-18 15:13:19 +11:00
Sam Saffron
28292d2759
PERF: avoid shelling to get hostname aggressively
Previously we had many places in the app that called `hostname` to get
hostname of a server. This commit replaces the pattern in 2 ways

1. We cache the result in `Discourse.os_hostname` so it is only ever called once

2. We prefer to use Socket.gethostname which avoids making a shell command

This improves performance as we are not spawning hostname processes throughout
the app lifetime
2020-02-18 15:13:19 +11:00
Kris
ca9a5b8458 Increase topic breakpoint width to avoid small range where layout wraps 2020-02-17 16:04:24 -05:00
Kris
1e20bdec57 UX: Keep mobile composer category and tag inputs on one line 2020-02-17 13:55:04 -05:00
Kris
42729e6a27 Minor mobile alignment fixes 2020-02-17 13:00:31 -05:00
Kris
0c94e7b089 FIX: Some select-kit dropdowns were cut-off by hidden overflow in modals 2020-02-17 11:51:26 -05:00
Vinoth Kannan
2e397c78c4 FIX: use separate site attribute for single category "top tags" list.
And use it only in the single category pages.
38dd184a16
2020-02-17 21:09:27 +05:30
David Taylor
f1f9648e88
Revert "FIX: sk body should follow wrapper width (#8984)"
This was causing very narrow dropdowns in the composer and notification level dropdowns.

This reverts commit d33aaa0292.
2020-02-17 13:10:26 +00:00
Joffrey JAFFEUX
d33aaa0292
FIX: sk body should follow wrapper width (#8984) 2020-02-17 10:39:20 +01:00
Joffrey JAFFEUX
9feace3388
FIX: prevents error when loading tag groups (#8983) 2020-02-17 10:39:04 +01:00
Joffrey JAFFEUX
d827430ea6
FIX: prevents expand post to trigger page routing (#8982) 2020-02-17 10:06:38 +01:00
Kris
cd5b7109d0 UX: Cap height of user fields on mobile user-cards, add line-clamp mixin 2020-02-14 16:19:11 -05:00
Kris
f81bebf93f UX: Cap staff action detail height 2020-02-14 14:23:31 -05:00
Kris
103af2dcce FIX: Toolbar menu specificity 2020-02-14 13:44:38 -05:00
Roman Rizzi
99305511bc
DEV: Remove unused BreakString class (#8942) 2020-02-14 15:32:59 -03:00
Robin Ward
92bb7b9269 FIX: Username mentions lost styling 2020-02-14 13:02:56 -05:00
Robin Ward
d51107e2c9 FIX: If a group is unmentionable, don't render it as mentionable
Now if a group is visible but unmentionable, users can search for it
when composing by typing with `@`, but it will be rendered without the
grey background color.

It will also no longer pop up a JIT warning saying "You are about to
mention X people" because the group will not be mentioned.
2020-02-14 12:29:56 -05:00
Penar Musaraj
ea0f20e331 DEV: Concatenate value-list choices array
Followup to 89d9704194
2020-02-14 11:33:17 -05:00
Penar Musaraj
89d9704194 FIX: value-list choices when removing a value
Fixes an issue where choices were broken when removing an item from the value-list component.

Adds test case for this scenario.
2020-02-14 11:21:06 -05:00
Robin Ward
dafa354d3d FIX: Confirm draft_key is present on GET
Also adds a test for the `show` action which did not exist
2020-02-14 11:06:12 -05:00
Robin Ward
bfdd42c53a FIX: Return a 404 when the draft_key is missing
Previously if `draft_key` was missing you'd get a 500 error in the logs.
2020-02-14 10:48:56 -05:00
Régis Hanol
aad46a1aba DEV: remove unused 'composer/parse_html' route 2020-02-14 16:15:34 +01:00
Joffrey JAFFEUX
7d94de6439
FIX: brings back castInteger as a safer migration path for sk2 (#8966) 2020-02-14 10:00:39 +01:00
Krzysztof Kotlarek
e90f9e5cc4
FIX: when unread reply notification exists don't create new (#8921)
* FIX: when unread reply notification exists don't create new

From time to time, the user is creating a reply post and then they want to add additional details. They edit an existing post and for example, add a quote from a previous one.

In that situation, if the user to whom reply was directed to already have the unread notification, we should not create the new one.

That behaviour was mentioned here: https://meta.discourse.org/t/reply-then-edit-to-add-quote-notification-redundancy/138358

* FIX: dont create new notification if already exists
2020-02-14 16:41:42 +11:00
Vinoth Kannan
38dd184a16 FIX: update Site.top_tags in "categories" route if topic list available.
Else it is not updating the tags dropdown while navigate between the category pages.
2020-02-14 09:53:41 +05:30
Martin Brennan
56b16bc68e
FIX: Never allow custom emoji to be marked secure (#8965)
* Because custom emoji count as post "uploads" we were
marking them as secure when updating the secure status for post uploads.
* We were also giving them an access control post id, which meant
broken image previews from 403 errors in the admin custom emoji list.
* We now check if an upload is used as a custom emoji and do not
assign the access control post + never mark as secure.
2020-02-14 11:17:09 +10:00
Joffrey JAFFEUX
149196b9ce
FIX: displays selection text when no default_notification_level is set (#8962) 2020-02-13 23:45:03 +01:00
Joffrey JAFFEUX
6405159484
FEATURE: adds a new plugin api to decorate plugin outlets (#8937)
```
api.decoratePluginOutlet(
  "discovery-list-container-top",
  elem => {
    if (elem.classList.contains("foo")) {
      elem.style.backgroundColor = "yellow";
    }
  }
);
```
2020-02-13 23:44:34 +01:00
Gerhard Schlager
a7efca1fa9 DEV: Remove unused "search help" 2020-02-13 18:31:21 +01:00
David Taylor
8d50f092b5
DEV: Use classes for styling user and group cards (#8913)
Styling based on element-ids, it is impossible for themes/plugins to display multiple cards on a single page. Using classes is a more flexible approach. The element-ids are maintained for backwards compatibility with existing plugins/themes.
2020-02-13 09:58:17 +00:00
Joffrey JAFFEUX
3875785dcc
FIX: ensures shortcuts work correctly with topic-notifications-button (#8956) 2020-02-13 10:01:28 +01:00
Joffrey JAFFEUX
42bda52486
FIX: ensures select-kit can select a row with 0 as value (#8955) 2020-02-13 09:04:32 +01:00
Martin Brennan
e1e74abd4f
FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954)
### UI Changes

If `SiteSetting.enable_bookmarks_with_reminders` is enabled:

* Clicking "Bookmark" on a topic will create a new Bookmark record instead of a post + user action
* Clicking "Clear Bookmarks" on a topic will delete all the new Bookmark records on a topic
* The topic bookmark buttons control the post bookmark flags correctly and vice-versa
Disabled selecting the "reminder type" for bookmarks in the UI because the backend functionality is not done yet (of sending users notifications etc.)

### Other Changes

* Added delete bookmark route (but no UI yet)
* Added a rake task to sync the old PostAction bookmarks to the new Bookmark table, which can be run as many times as we want for a site (it will not create duplicates).
2020-02-13 16:26:02 +10:00
Kris
e7c4ebc6d5 Fix styling for topic count in category chooser 2020-02-12 22:19:00 -05:00
Blake Erickson
965ac3567b FIX: Handle SSO Provider Parse exception
Prevent unnecessary 500 errors from appearing in the logs and return a
422 response instead.
2020-02-12 16:08:04 -07:00
Penar Musaraj
efa9ba4975
UX: Prevent category-drop topic count from wrapping to new line (#8943) 2020-02-12 14:34:16 -05:00
Artem Vasiliev
c36ae17260
FEATURE: export defaultRenderTag function (#8941)
* FEATURE: export defaultRenderTag function

This can be helpful for plugins e.g. when combined with replaceTagRenderer: a plugin may want to customize rendering for some tags and let others be rendered with default code

* refactor: don't change version

..as per review comment, https://github.com/discourse/discourse/pull/8941#discussion_r378406809
2020-02-12 14:26:04 -05:00
Robin Ward
726d97b29d FIX: Linking to a category via hashtag had a broken URL. 2020-02-12 14:23:09 -05:00
Penar Musaraj
a791b67e66 UX: Use border-box sizing on SK2 dropdowns 2020-02-12 14:14:36 -05:00
Arpit Jalan
3bcd1485f7 UX: show all parent categories for destination topic 2020-02-13 00:34:02 +05:30
Vinoth Kannan
9c96511ec4 FIX: use plain text if available instead of image upload.
Previously, while pasting from Excel 365 it uploaded a table image instead of markdown table.
2020-02-12 23:13:51 +05:30
Penar Musaraj
52fe5b938c FIX: Regression with wizard canvas elements 2020-02-12 12:31:15 -05:00
Dan Ungureanu
67c9940d72
FIX: Avoid highlight mention to groups that are not public.
Follow-up to 3f50481188.
2020-02-12 13:04:40 +02:00
Dan Ungureanu
ec40242b5c
FIX: Make inline oneboxes work with secured topics in secured contexts (#8895) 2020-02-12 12:11:28 +02:00
David Taylor
d7d4612b2d
FIX: Subfolder sites rewriting URLs to root domain on initial load (#8932)
The `DiscourseLocation.initState` function was accidently renamed in 0431942f (select-kit-2) to `initOptions`. This means that the ember router does not automatically call the function after the router is initialized.

For a long time, we have been calling the `initState` function in the `init` function of discourse-location, which caused an imperceptible URL change to the the root domain, before switching back to the correct subfolder URL when ember called `initState`. This commit removes that call from the initializer, so `initState` is only called once (by ember).

Relevant ember code: https://github.com/emberjs/ember.js/blob/v3.12.2/packages/@ember/-internals/routing/lib/system/router.ts#L695-L699
2020-02-12 09:36:46 +00:00
Joffrey JAFFEUX
47f255f62c
FIX: date was not mutated when changing it in change-timestamp modal (#8935) 2020-02-12 09:12:36 +01:00
Dan Ungureanu
3f50481188
Improvements to group mentions (#8927)
* FIX: Avoid highlight mention to groups that are not public
* UX: Composer autocomplete will suggest all visible group names
2020-02-12 10:11:10 +02:00
Joffrey JAFFEUX
fc3d547268
UX: do not enlarge emojis in polls (#8934) 2020-02-12 08:37:32 +01:00
Arpit Jalan
7ef754759e UX: show destination topic status when moving post(s) to an existing topic 2020-02-12 11:32:40 +05:30
Kris
e6e5ce3c54 FIX: Don't use theme colors for digest unsubscribe footer links 2020-02-11 15:52:38 -05:00
Kris
d73e94bbeb UX: Update mobile site setting slide-out nav for RTL 2020-02-11 15:23:12 -05:00
Joffrey JAFFEUX
adbff5835d
FIX: correctly excludes current user in user-chooser (#8928) 2020-02-11 20:41:18 +01:00
Mark VanLandingham
3e89774908
DEV: Use .hbr for raw template file extension (#8883) 2020-02-11 13:38:12 -06:00
Joffrey JAFFEUX
78a0ca53bf
FIX: makes user-selector use real booleans (#8909) 2020-02-11 20:20:12 +01:00
Kris
567b7263fd UX: mobile layout fix for claimable reviewables 2020-02-11 14:18:42 -05:00
Penar Musaraj
30b7006ca2 DEV: Eliminate "post bounce" after creating a post
Fix has two parts:
a) skips jumping to post if post is in view
b) debounces layout calculation when composer changes state
2020-02-11 14:04:46 -05:00
Roman Rizzi
3413ec0a5c
FEATURE: Pending queued posts are included even if they don't pass the minimum priority threshold (#8925) 2020-02-11 15:29:22 -03:00
Joffrey JAFFEUX
6a7e82c44c
DEV: Apply rubocop (#8926) 2020-02-11 16:21:03 +00:00
Jay Pfaffman
d294e13225
add postmark webhook handling (#8919) 2020-02-11 10:09:07 -05:00
Dan Ungureanu
ecaf2c2f4e
FIX: Make category slug validation less strict (#8915)
This was changed recently and caused issues saving old categories which
already had digits at the beginning of the slug (for example, '30-days').
2020-02-11 17:01:12 +02:00
Joffrey JAFFEUX
902d0e1e3a
DEV: enforces no-invalid-interactive linting rule (#8907) 2020-02-11 15:55:16 +01:00
Joffrey JAFFEUX
9d50e1b40f
DEV: introducing user-chooser (#8910) 2020-02-11 15:54:56 +01:00
Martin Brennan
7ff58f1787
FIX: Disable preloading audio + video when secure media enabled (#8922)
Meta topic: https://meta.discourse.org/t/secure-media-uploads-expire/140894

This fixes the issue where if secure media was enabled, audio
and video files would do an initial load using the presigned
URL for the media to get metadata information e.g. duration of
track/video. However this started the expiry countdown for the
URL, so when a user pressed play on the media after 15 seconds
the media would be expired and AWS would return a 403 error.

We do not preload media if secure media is enabled. Otherwise
we just set the preload type to "metadata" which is the browser
default anyway.
2020-02-11 11:49:58 +10:00
Jeff Wong
1a1bb7a2c9
FEATURE: Add logging when claiming and unclaiming reviewable flagged posts (#8920) 2020-02-10 15:40:01 -08:00
Kris
c60182cdb2 UX: Prevent new badge from being orphaned on mobile 2020-02-10 13:48:47 -05:00
Penar Musaraj
8009d7bda2
FEATURE: Support video caption tags/attributes (#8914) 2020-02-10 13:37:32 -05:00
Jarek Radosz
6cfd16656f
FIX: Ignore group mentions inside quotes (#8905)
Also includes:
* DEV: Reuse found elements
2020-02-10 18:31:42 +01:00
Kris
38011c1d2d login/signup table shouldn't have border on tbody 2020-02-10 11:16:03 -05:00
Joffrey JAFFEUX
4de7d5ff90 FIX: removes limit for trust level growth report (#8908) 2020-02-10 11:56:29 +01:00
Joffrey JAFFEUX
0d6578dc4d FIX: makes tag-{info,list} more specific to avoid styling other elements (#8902) 2020-02-10 08:41:38 +01:00
Joffrey JAFFEUX
0d9b99582d DEV: enforces table-groups linting rule (#8903) 2020-02-10 08:14:26 +01:00
Joffrey JAFFEUX
99ad2e408a DEV: enforces style-concatenation linting rule (#8888) 2020-02-10 08:13:50 +01:00
Joffrey JAFFEUX
f5f4ce90c1 DEV: adds afterRender decorator (#8864) 2020-02-10 08:13:13 +01:00
Blake Erickson
bd49d4af1a FIX: Flair icon being removed when updating other profile info
The commit: 75069ff179

allows users to remove their primary group, but this introduced a bug
where if you were to edit any other profile info like location or
website which is a form on a separate page then the flair dropdown,
would cause the selected flair to be removed.

This fix ensures that if the `primary_group_id` parameter is missing
from the update payload it does not remove the existing
`primary_group_id`. It will only remove the `primary_group_id` if it is
present in the payload and empty.
2020-02-07 16:26:33 -07:00
David Taylor
5919618a87
DEV: Drop legacy OpenID 2.0 support (#8894)
This is not used in core or official plugins, and has been printing a deprecation notice since v2.3.0beta4. All OpenID 2.0 code and dependencies have been dropped. The user_open_ids table remains for now, in case anyone has missed the deprecation notice, and needs to migrate their data.

Context at https://meta.discourse.org/t/-/113249
2020-02-07 17:32:35 +00:00
Jordan Vidrine
e3c3c88ab5 REFACOR: Closing Tag Changes
- a,td, and if closing tag locations for ShowLikes / ShowOpLikes
2020-02-07 10:54:45 -06:00
Penar Musaraj
99fd65328c FIX: Skip absolutizing URLs when source URI is invalid 2020-02-07 10:54:24 -05:00
Bianca Nenciu
88a4d5a2c1
FIX: Properly convert quotes to Markdown (#8808)
* FIX: Properly convert quotes to Markdown

When quoting a quote it used to convert the quote header, including the
user avatar and username, into a image and some text and then the
contents. This also caused issues when quoting full paragraphs (or when
selecting paragraphs by triple-clicking) because the user avatar and
name from the following quote would also be included.

This commit implements the support necessary to convert
<aside class="quote"> elements to proper Discourse quotes.
2020-02-07 16:25:23 +01:00
David Taylor
6f3952e7f1 DEV: Include the authOptions variable in create-account outlet 2020-02-07 14:01:04 +00:00
David Taylor
bc1977ef93 UX: Always disable create account button when user fields are invalid
Previously the button would never be disabled when an external authenticator was being used. The validation error would only appear after submit
2020-02-07 13:20:50 +00:00
Joffrey JAFFEUX
252989e261
DEV: better detection of new item (#8889) 2020-02-07 14:12:17 +01:00
Joffrey JAFFEUX
a0bf2ac313
DEV: applies valueAttribute deprecation when null (#8887) 2020-02-07 10:39:39 +01:00
Joffrey JAFFEUX
d86ed028c7
FIX: ensure s2 is working with wizard (#8886) 2020-02-07 10:00:39 +01:00
Joffrey JAFFEUX
928e011140
FIX: prevents ac wrap to overflow on group-add-member modal (#8882) 2020-02-06 20:47:53 +01:00
Joffrey JAFFEUX
20944e69e4
FEATURE: adds trust_level_growth report (#8878) 2020-02-06 19:44:30 +01:00
Joffrey JAFFEUX
dafd3c3b47
DEV: enforces no self-closing-void-elements (#8879) 2020-02-06 17:26:06 +01:00
Dan Ungureanu
2a884e25be
DEV: Make image resize controls more resilient (#8867)
Commit aa24be1 made it possible to build data attributes from image's
Markdown and this changes ensure that the resize controls still work
when data attributes are present.
2020-02-06 17:19:24 +02:00
David Taylor
db4ae50928
PERF: Load users in batches when generating notifications (#8870)
Previously, `notify_first_post_users` was loading all users into memory simultaneously, which can cause Sidekiq to run out of memory for large sites. `notify_post_users` was loading every user one-by-one in a loop.

This commit makes both these functions load users in batches of 100. This should make the memory usage of `notify_first_post_users` lower, and reduce the number of queries required in `notify_post_users`.
2020-02-06 12:14:19 +00:00
Joffrey JAFFEUX
f25e787ae2
FIX: ensures we have a proper component name (#8876) 2020-02-06 11:30:38 +01:00
Joffrey JAFFEUX
8ca9ad887d
FIX: replaces fake null value by clearable option (#8875) 2020-02-06 08:30:26 +01:00
Dan Ungureanu
2240b1681b
FIX: Show detailed error messages for category pages. (#8832) 2020-02-06 15:32:12 +11:00
Martin Brennan
697d4720df
DEV: Add DEBUG_PRELOADED_APP_DATA to log pre-loaded JSON in development (#8873)
Extracted from #8772

This will allow developers (in rails development mode only) to log pre-loaded JSON app data to the browser console for inspection.
2020-02-06 13:14:33 +10:00
Neil Lalonde
542e62ccf0 FIX: tag info misleading message saying it's not restricted
When a tag is restricted to a secured category that the user can't see,
the message was saying that it wasn't restricted to any categories.
Now it will say it's restricted to categories you can't access.
2020-02-05 15:23:39 -05:00
Osama Sayegh
6f52bbefb8
DEV: Use scheduleOnce correctly (#8865)
* DEV: Use scheduleOnce correctly

* remove jquery usage here
2020-02-05 21:21:00 +03:00
Blake Erickson
926d5f1c0a REFACTOR: Edit title respects min trust to edit post
Follow up to: 241d8f6452
2020-02-05 10:36:24 -07:00
Mark VanLandingham
49c750ca78
FIX: Opening new topic draft never creates post (#8828) 2020-02-05 11:17:58 -06:00
Joffrey JAFFEUX
6bee972a5c
FIX: corrects min/max logic for mini-tag-chooser (#8871) 2020-02-05 17:47:20 +01:00
Penar Musaraj
6253ddc74e DEV: Do not trigger missing icon warning in icon picker 2020-02-05 11:39:46 -05:00
Mark VanLandingham
499b57a9ed
DEV: Ember linting - disallow Ember.* variable usage (#8782) 2020-02-05 10:14:42 -06:00
Joffrey JAFFEUX
98303ee645
FIX: simplify maximum/minimum logic in sk2 to avoid chicken/egg (#8868) 2020-02-05 16:01:58 +01:00
Jarek Radosz
be42b87338
FIX: Allow submitting various forms via keyboard (#8866) 2020-02-05 15:23:35 +01:00
Jarek Radosz
53529a3427
DEV: Upgrade Ember to version 3.12.2 (#8753)
* DEV: Use Ember 3.12.2
* Add Ember version to ThemeField's DEPENDENT_CONSTANTS
* DEV: Use `id` instead of `elementId` (See: https://github.com/emberjs/ember.js/issues/18147)
* FIX: Don't leak event listeners (bug introduced in 999e2ff)
2020-02-05 14:51:00 +01:00
Joffrey JAFFEUX
d7dffbb13c
UX: caches icon picker full icon's list (#8862) 2020-02-05 09:22:11 +01:00
Joffrey JAFFEUX
a9f1652131
REFACTOR: querySelector instead of querySelectorAll to get first node (#8861) 2020-02-05 08:49:02 +01:00
Osama Sayegh
a6da0bb1ef
UX: Remove subtle render delay with timeline notification button (#8860) 2020-02-05 18:35:47 +11:00
Sam Saffron
0d6839e8a8 UX: adjust algorithm for picking notification count
Our current algorithm for picking the number of notifications to display
when expanding the notifications relies on magic numbers.

Previously we only allowed for header and an estimate of maximum height of
notification container, this is not ideal as there is padding at the bottom
and top of the notification container

This adds a special number for padding.

The longer term fix though is to render the notification panel off screen
then grab the correct count, finally adding it back into view with.

This would allow for large fonts, small fonts, custom themes and much more.
2020-02-05 16:03:44 +11:00
Sam Saffron
15b27f28aa UX: Topic progress bar should not flash on desktop
Followup on 78725f50

This makes the change a bit safer in case .d-header is not to be found due
to a customization.
2020-02-05 15:36:39 +11:00
Sam Saffron
78725f5081 Revert "FIX: Topic progress bar shouldn't show up on desktop (#8854)"
This reverts commit 7133fd8c89.

Unfortunately performCheckSize may have certain situations in topic
navigation where it is unsafe to call.

We need to add som more safety here prior to merging.
2020-02-05 15:22:44 +11:00
Osama Sayegh
7133fd8c89
FIX: Topic progress bar shouldn't show up on desktop (#8854) 2020-02-05 15:19:20 +11:00
Joffrey JAFFEUX
f0fe2ba9ac
UX: introduces icon-picker component for badges (#8844) 2020-02-05 00:41:10 +01:00
Blake Erickson
241d8f6452 FIX: Edit title respects min trust to edit post
This fix ensures that the site setting `post_edit_time_limit` does not
bypass the limit of the site setting `min_trust_to_edit_post`. This
prevents a bug where users that did not meet the minimum trust level to
edit could edit the title of topics.
2020-02-04 16:31:16 -07:00
Joffrey JAFFEUX
666a4be888
UX: prevents mini tag chooser header to wrap (#8858) 2020-02-04 23:55:50 +01:00
Joffrey JAFFEUX
7fd5a8db72
UX: adds arrow navigation support to mini-tag-chooser (#8857) 2020-02-04 23:54:59 +01:00
Joffrey JAFFEUX
9252bbbd7d
FIX: prevents firefox to generate a click event on space (#8856) 2020-02-04 23:41:40 +01:00
Kris
7ac81a6019 UX: Center titles in docked header when there aren't two rows 2020-02-04 13:40:28 -05:00
Joffrey JAFFEUX
2c2ab474a4
FIX: ensures tags-admin-dropdown is working correctly with sk2 (#8852) 2020-02-04 19:23:44 +01:00
Kris
35a1912e2d FIX: Links in category box descriptions should be clickable 2020-02-04 13:02:55 -05:00
Rafael dos Santos Silva
5ead60677a
FEATURE: Ensure we always fill the short_name in the web manifest 2020-02-04 14:16:00 -03:00
David Taylor
fec1c0f097
DEV: Handle null notification level when generating data attribute (#8851)
This happens in tests, but handling it properly will make the production code more robust. Followup to ebdebf152d
2020-02-04 17:05:49 +00:00
Penar Musaraj
095e3d8946 DEV: Autofilter combo boxes on 10+ dropdown items by default 2020-02-04 11:23:15 -05:00
David Taylor
ebdebf152d DEV: Use a string for category data-notification-level, not an integer
This makes writing CSS to target specific notification levels more intuitive. Follow-up to 7640914552
2020-02-04 16:05:45 +00:00
Vinoth Kannan
dabba87954 DEV: introduce diffLocalChangesUrl attribute to theme model. 2020-02-04 21:33:19 +05:30
Mark VanLandingham
c8a02161dd
FIX: Warn users of overwriting new topic draft (#8841) 2020-02-04 09:59:56 -06:00
Mark VanLandingham
91b70f8ffc
FIX: Featured topic title on profile HTML parsed (#8850) 2020-02-04 09:33:46 -06:00
Joffrey JAFFEUX
14126e9a38
UX: do not display pinned option description on mobile (#8846) 2020-02-04 15:34:56 +01:00
Joffrey JAFFEUX
ca63502ce6
UX: ensures pinned options icon is not on a new line (#8845) 2020-02-04 15:34:37 +01:00
Joffrey JAFFEUX
1d54e78311
FIX: prevents exception on /admin/badges page when model is not set (#8849)
Exception:

TypeError: Cannot read property 'badge_type_id' of null
2020-02-04 15:34:19 +01:00
Joffrey JAFFEUX
5d31f353f4
remove duplicated }} (#8848) 2020-02-04 15:02:40 +01:00
Gerhard Schlager
71849242fa PERF: Speed up moving posts on large databases
Old exection plan:
```
Delete on post_replies pr  (cost=6.59..20462.62 rows=2254 width=24) (actual time=2.580..2.580 rows=0 loops=1)
  ->  Nested Loop  (cost=6.59..20462.62 rows=2254 width=24) (actual time=0.086..2.557 rows=4 loops=1)
        Join Filter: (p.topic_id <> r.topic_id)
        Rows Removed by Join Filter: 328
        ->  Nested Loop  (cost=6.16..16845.77 rows=2254 width=26) (actual time=0.020..1.886 rows=332 loops=1)
              ->  Nested Loop  (cost=5.74..13257.09 rows=2254 width=20) (actual time=0.016..1.361 rows=332 loops=1)
                    ->  Seq Scan on moved_posts mp  (cost=0.00..19.70 rows=970 width=10) (actual time=0.002..0.028 rows=263 loops=1)
                    ->  Bitmap Heap Scan on post_replies pr  (cost=5.74..13.63 rows=2 width=14) (actual time=0.004..0.005 rows=1 loops=263)
                          Recheck Cond: ((reply_post_id = mp.old_post_id) OR (post_id = mp.old_post_id))
                          Heap Blocks: exact=278
                          ->  BitmapOr  (cost=5.74..5.74 rows=2 width=0) (actual time=0.004..0.004 rows=0 loops=263)
                                ->  Bitmap Index Scan on index_post_replies_on_reply_post_id  (cost=0.00..2.87 rows=1 width=0) (actual time=0.001..0.001 rows=1 loops=263)
                                      Index Cond: (reply_post_id = mp.old_post_id)
                                ->  Bitmap Index Scan on index_post_replies_on_post_id_and_reply_post_id  (cost=0.00..2.87 rows=1 width=0) (actual time=0.002..0.002 rows=1 loops=263)
                                      Index Cond: (post_id = mp.old_post_id)
              ->  Index Scan using posts_pkey on posts p  (cost=0.42..1.59 rows=1 width=14) (actual time=0.001..0.001 rows=1 loops=332)
                    Index Cond: (id = pr.post_id)
        ->  Index Scan using posts_pkey on posts r  (cost=0.42..1.59 rows=1 width=14) (actual time=0.001..0.002 rows=1 loops=332)
              Index Cond: (id = pr.reply_post_id)
Planning Time: 0.305 ms
Execution Time: 2.600 ms
```

New execution plan:
```
Delete on post_replies pr  (cost=15.34..6538275.37 rows=364157 width=12) (actual time=1.961..1.961 rows=0 loops=1)
  ->  Nested Loop  (cost=15.34..6538275.37 rows=364157 width=12) (actual time=0.048..1.827 rows=187 loops=1)
        ->  Seq Scan on moved_posts mp  (cost=0.00..19.70 rows=970 width=10) (actual time=0.004..0.029 rows=188 loops=1)
        ->  Bitmap Heap Scan on post_replies pr  (cost=15.34..6736.72 rows=375 width=14) (actual time=0.009..0.009 rows=1 loops=188)
              Recheck Cond: ((reply_post_id = mp.old_post_id) OR (post_id = mp.old_post_id))
              Filter: ((SubPlan 1) <> (SubPlan 2))
              Heap Blocks: exact=187
              ->  BitmapOr  (cost=15.34..15.34 rows=377 width=0) (actual time=0.003..0.003 rows=0 loops=188)
                    ->  Bitmap Index Scan on index_post_replies_on_reply_post_id  (cost=0.00..4.33 rows=1 width=0) (actual time=0.001..0.001 rows=1 loops=188)
                          Index Cond: (reply_post_id = mp.old_post_id)
                    ->  Bitmap Index Scan on index_post_replies_on_post_id_and_reply_post_id  (cost=0.00..10.82 rows=376 width=0) (actual time=0.001..0.001 rows=0 loops=188)
                          Index Cond: (post_id = mp.old_post_id)
              SubPlan 1
                ->  Index Scan using posts_pkey on posts p  (cost=0.43..8.45 rows=1 width=4) (actual time=0.002..0.002 rows=1 loops=187)
                      Index Cond: (id = pr.post_id)
              SubPlan 2
                ->  Index Scan using posts_pkey on posts r  (cost=0.43..8.45 rows=1 width=4) (actual time=0.002..0.003 rows=1 loops=187)
                      Index Cond: (id = pr.reply_post_id)
Planning Time: 0.136 ms
Execution Time: 1.990 ms
```
2020-02-04 12:30:43 +01:00
Jarek Radosz
67d5ce8ed1
FIX: Sort out the route navigation in admin/email-style (#8837)
Previously it would go to the "html" page when refreshing on the "css" page, and would open an invalid empty-state page when trying to go to the "email style" tab when already on it.
2020-02-04 11:42:43 +01:00
Jarek Radosz
4ab696dd2f
DEV: Add the @action decorator (#8836)
This also enables`@action` use in plugin connectors.

Setting `actions` earlier allows `setupComponents` to use them, for example, when setting up event listeners.
2020-02-04 11:42:25 +01:00
Jarek Radosz
9a52a44d09
DEV: Add outlet args to editor-preview outlet (#8835)
Those are the same arguments that are passed into `after-d-editor` outlet. This will enable plugins that attach to editor preview to be conditionally enabled, usually only for the composer.
Plugins that will use this: discourse-canned-responses, discourse-zoom.
2020-02-04 11:41:45 +01:00
Vinoth Kannan
e4f3244141 DEV: introduce updateUrl attribute to theme-setting-editor component. 2020-02-04 15:19:17 +05:30
Robin Ward
ee17138c0f FIX: Better error messages when name is too long
Previously you'd get a server side generic error due to a password check
failing. Now the input element has a maxlength attribute and the server
side will respond with a nicer error message if the value is too long.
2020-02-03 14:14:32 -05:00
Penar Musaraj
375f4c09ce FIX: Restore up/down icons in period-chooser 2020-02-03 13:56:58 -05:00
Robin Ward
37888d9818 FIX: Never return the same reply more than once via reply_ids
If our reply tree somehow ends up with cycles or other odd
structures, we only want to consider a reply once, at the first
level in the tree that it appears.
2020-02-03 13:41:18 -05:00
David Taylor
7640914552
UX: Include muted categories on the category page by default (#8842)
* DEV: Add data-notification-level attribute to category UI

* Show muted categories on the category page by default

This reverts commit ed9c21e42c.

* Remove redundant spec - muted categories are now visible by default
2020-02-03 10:40:02 -08:00
Penar Musaraj
6301477b4c FIX: Make dropdown custom user fields compatible with select-kit 2 2020-02-03 13:19:38 -05:00
Robin Ward
f83362b05b FIX: Don't return post replies from other topics
It seems in some situations replies have been moved to other topics but
the `PostReply` table has not been updated. I will try and fix this in a
follow up PR, but for now this fix ensures that every time we ask a post
for its replies that we restrict it to the same topic.
2020-02-03 13:12:27 -05:00
Matt Marjanović
ad2aa7b52c
FEATURE: Add logout functionality to SSO Provider protocol (#8816)
This commit adds support for an optional "logout" parameter in the
payload of the /session/sso_provider endpoint.  If an SSO Consumer
adds a "logout=true" parameter to the encoded/signed "sso" payload,
then Discourse will treat the request as a logout request instead
of an authentication request.  The logout flow works something like
this:

 * User requests logout at SSO-Consumer site (e.g., clicks "Log me out!"
   on web browser).
 * SSO-Consumer site does whatever it does to destroy User's session on
   the SSO-Consumer site.
 * SSO-Consumer then redirects browser to the Discourse sso_provider
   endpoint, with a signed request bearing "logout=true" in addition
   to the usual nonce and the "return_sso_url".
 * Discourse destroys User's discourse session and redirects browser back
   to the "return_sso_url".
 * SSO-Consumer site does whatever it does --- notably, it cannot request
   SSO credentials from Discourse without the User being prompted to login
   again.
2020-02-03 12:53:14 -05:00
Stephen Chung
98e9302c26
Log error when optimized image file fails to store. (#8840) 2020-02-03 12:28:45 -05:00
Penar Musaraj
231617ff70 DEV: Rename deprecated "warning" icon to "exclamation-triangle" 2020-02-03 10:43:05 -05:00
Joffrey JAFFEUX
0431942f3d
DEV: select-kit 2 (#7998)
This new iteration of select-kit focuses on following best principales and disallowing mutations inside select-kit components. A best effort has been made to avoid breaking changes, however if you content was a flat array, eg: ["foo", "bar"] You will need to set valueProperty=null and nameProperty=null on the component.

Also almost every component should have an `onChange` handler now to decide what to do with the updated data. **select-kit will not mutate your data by itself anymore**
2020-02-03 14:22:14 +01:00
Arpit Jalan
0e2cbee339 UX: add icon for Google Map onebox. 2020-02-03 18:12:42 +05:30
Dan Ungureanu
a2f8ac9aac
FIX: Check parameter types
/u/is_local_username used to throw a 500 error
2020-02-03 12:36:08 +02:00
Martin Brennan
dd3a7f4825
FIX: Admin user list not showing 2FA icon for only security keys enabled (#8839)
If someone only had security keys enabled, the icon to say they had 2FA enabled would not show in the admin staff user list. It would only show if they had TOTP enabled.
2020-02-03 14:37:46 +10:00
Krzysztof Kotlarek
5b03f35614
FIX: suppress notification flood when post is edited (#8838) 2020-02-03 11:27:18 +11:00
Roman Rizzi
df43ac901d
FIX: We don't want to update the post read count and user stats if the post timing wasn't created due to a conflict. (#8824) 2020-01-31 10:23:24 -03:00
Penar Musaraj
999e2ff514
UX: Show vertical topic timeline while composing (#8813)
Keeps topic timeline visible if space permits when composing, and adjusts its height dynamically.
2020-01-30 13:52:48 -05:00
Dan Ungureanu
e470b27b41
FIX: Ensure 'unless' helper resolves variable name once (#8820)
This fixes a bug which caused '{{#unless var}}' to act the same as
'{{#if true}}' because 'unless' was transforming the conditional value
to 'undefined'.
2020-01-30 18:41:39 +02:00
Mark VanLandingham
089d38e9d3
FIX: Disallow featuring hidden topics (#8814) 2020-01-30 10:00:49 -06:00
Rafael dos Santos Silva
f15264e977 FEATURE: Add Tactile feedback on likes 2020-01-30 12:01:52 -03:00
Martin Brennan
1150cd4621
FIX: Stop secure media URLs being censored too liberally in emails (#8817)
For example /t/ URLs were being replaced if they contained secure-media-uploads so if you made a topic called "Secure Media Uploads Are Cool" the View Topic link in the user notifications would be stripped out.

Refactored code so this secure URL detection happens in one place.
2020-01-30 16:19:14 +10:00
Martin Brennan
c84652eb8b Get rid of no longer needed target_usernames warning log 2020-01-30 12:30:11 +10:00
Roman Rizzi
2ee6a615b7
FEATURE: Send suspect users to the review queue (#8811) 2020-01-29 15:38:27 -03:00
Dan Ungureanu
09e8be3209
UX: Introduce automatic 'categories topics' setting (#8804)
When 'categories topics' setting is set to 0, the system will
automatically try to find a value to keep the two columns (categories
and topics) symmetrical.

The value is computed as 1.5x the number of top level categories and at
least 5 topics will always be returned.
2020-01-29 20:30:48 +02:00
Kris
d24d47b2ee
FIX: set showFooter to true on group topic list (#8795)
If using {{#if showFooter}} in a template, showFooter is never set to true on a group's g/groupname/activity/topics route (it's correctly set on other group routes like group-activity-posts)
2020-01-29 12:12:38 -05:00
Joffrey JAFFEUX
e19459185a
DEV: new widget hooks mousemove/mouseup/mousedown/doubleclick (#8807) 2020-01-29 17:19:12 +01:00
Mark VanLandingham
e29fef9e99
FEATURE: Users can feature any public topic on his/her profile (#8809) 2020-01-29 10:10:23 -06:00
Martin Brennan
397adfd128
FIX: Wrap markdown videos with video-container class to stop post height jumping (#8806)
This will lock video aspect ratio to 16:9 and stop them from making posts jump around on load.

See also discourse/onebox@6f58545 and fe20cb4.
2020-01-29 15:52:02 +10:00
Martin Brennan
ab3bda6cd0
FIX: Mitigate issue where legacy pre-secure hotlinked media would not be redownloaded (#8802)
Basically, say you had already downloaded a certain image from a certain URL
using pull_hotlinked_images and the onebox. The upload would be stored
by its sha as an upload record. Whenever you linked to the same URL again
in a post (e.g. in our case an og:image on review.discourse) we would
would reuse the original upload record because of the sha1.

However when you turned on secure media this could cause problems as
the first post that uses that upload after secure media is enabled
will set the access control post for the upload to the new post.
Then if the post is deleted every single onebox/link to that same image
URL will fail forever with 403 as the secure-media-uploads URL fails
if the access control post has been deleted.

To fix this when cooking posts and pulling hotlinked images, we only
allow using an original upload by URL if its access control post
matches the current post, and if the original_sha1 is filled in,
meaning it was uploaded AFTER secure media was enabled. otherwise
we just redownload the media again to be safe, as the URL will always
be new then.
2020-01-29 10:11:38 +10:00
Krzysztof Kotlarek
20e7fb1c95
FIX: correct notification when tag or category is added (#8801)
Regression was created here:
https://github.com/discourse/discourse/pull/8750

When tag or category is added and the user is watching that category/tag
we changed notification type to `edited` instead of `new post`.

However, the logic here should be a little bit more sophisticated.

If the user has already seen the post, notification should be `edited`.

However, when user hasn't yet seen post, notification should be "new
reply". The case for that is when for example topic is under private
category and set for publishing later. In that case, we modify an
existing topic, however, for a user, it is like a new post.

Discussion on meta:
https://meta.discourse.org/t/publication-of-timed-topics-dont-trigger-new-topic-notifications/139335/13
2020-01-29 11:03:47 +11:00
Gerhard Schlager
9621af2214 FIX: Award "User of the month" badge at the beginning of month
Previously the badge was granted one month after the last time the badge was granted. The exact date shifted by one day each month. The new logic tries to grant the badge always at the beginning of a new month by looking at new users of the previous month. The "granted at" date is set to the end of the previous month.
2020-01-28 22:59:13 +01:00
David Taylor
a9d0d55817 FEATURE: Add message to log when admins are automatically deactivated 2020-01-28 12:16:24 +00:00
David Taylor
25fd2b544a
PERF: Use a separate route for user cards, and split user serializer (#8789)
Adds a new route `/u/{username}/card.json`, which has a reduced number of fields. This change is behind a hidden site setting, so we can test compatibility before rolling out.
2020-01-28 11:55:46 +00:00
Dan Ungureanu
5060811464
FIX: Export all category names in user archives (#8790) 2020-01-28 12:52:07 +02:00
Mark VanLandingham
9fa2016d2a
DEV: Plugin outlet for admin backup view (#8793) 2020-01-27 12:31:08 -06:00
Vinoth Kannan
602f965070 FIX: undefined method 'title' for nil:NilClass in PostAlerter#create_notification 2020-01-27 23:54:11 +05:30
David Taylor
fe0d912b97
FIX: getURL on a subfolder site should ignore prefix in middle of URL (#8794) 2020-01-27 17:51:46 +00:00
Gerhard Schlager
ea11ad4d99 DEV: Drop unused columns 2020-01-27 15:28:56 +01:00
Rafael dos Santos Silva
ce83fd93bb FEATURE: Use Contact Picker API for invites 2020-01-27 11:07:28 -03:00
Jarek Radosz
8a82ceb3bc
FIX: Improve downsize_uploads (#8409)
With this change the script:
* Actually removes original large-sized images
* Doesn't save processed files if their size has increased
* Prevents inconsistent state
2020-01-27 03:31:11 +01:00
Jarek Radosz
b843aa7b05
FIX: Adjust the broken image placeholder border (#8781)
* DEV: Remove `.large-image` selector

This selector is no longer used in core and there's no reference to it in any of `all-the-plugins`.

* FIX: Adjust the broken image placeholder border
2020-01-27 02:39:05 +01:00
Vinoth Kannan
b6765aac4b FIX: add 'noindex' header to rss feed responses. 2020-01-24 09:30:27 +05:30
Martin Brennan
45b37a8bd1
FIX: Resolve pull hotlinked image and broken link issues for secure media URLs (#8777)
When pull_hotlinked_images tried to run on posts with secure media (which had already been downloaded from external sources) we were getting a 404 when trying to download the image because the secure endpoint doesn't allow anon downloads.

Also, we were getting into an infinite loop of pull_hotlinked_images because the job didn't consider the secure media URLs as "downloaded" already so it kept trying to download them over and over.

In this PR I have also refactored secure-media-upload URL checks and mutations into single source of truth in Upload, adding a SECURE_MEDIA_ROUTE constant to check URLs against too.
2020-01-24 11:59:30 +10:00
Vinoth Kannan
e4b8121650 Fix the build.
Make prettier happy.
2020-01-24 04:39:07 +05:30
Vinoth Kannan
26186ee6af FIX: topics sorting in tag pages is broken. 2020-01-24 04:26:14 +05:30
Roman Rizzi
9eb622985a
FEATURE: Replace existing badge owners when using the bulk award feature (#8770)
* FEATURE: Replace existing badge owners when using the bulk award feature

* Use ActiveRecord to sanitize title update query, Change replace checkbox text

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-01-23 14:14:58 -03:00
Roman Rizzi
db5373a87c
UX: Invalid CSV error message now includes information about the malformed line (#8773)
* UX: Invalid CSV error message now includes information about the malformed line

* Update config/locales/server.en.ym and use line_number instead of lineno

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

Co-authored-by: Robin Ward <robin.ward@gmail.com>
2020-01-23 14:04:06 -03:00
Dan Ungureanu
6279d0e8b5 UX: Use '-' as default category slug (#8607)
This replaces the default slug from 'ID-category' to '-'.
2020-01-23 15:44:29 +01:00
Martin Brennan
1b3b0708c0
FEATURE: Update upload security status on post move, topic conversion, category change (#8731)
Add TopicUploadSecurityManager to handle post moves. When a post moves around or a topic changes between categories and public/private message status the uploads connected to posts in the topic need to have their secure status updated, depending on the security context the topic now lives in.
2020-01-23 12:01:10 +10:00
Martin Brennan
65481858c2
FEATURE: Use upload:// short URL for videos and audio in composer (#8760)
For consistency this PR introduces using custom markdown and short upload:// URLs for video and audio uploads, rather than just treating them as links and relying on the oneboxer. The markdown syntax for videos is ![file text|video](upload://123456.mp4) and for audio it is ![file text|audio](upload://123456.mp3).

This is achieved in discourse-markdown-it by modifying the rules for images in mardown-it via md.renderer.rules.image. We return HTML instead of the token when we encounter audio or video after | and the preview renders that HTML. Also when uploading an audio or video file we insert the relevant markdown into the composer.
2020-01-23 09:41:39 +10:00
Mark VanLandingham
c5eec19368
FIX: Featuring topic on other users profile shows their topics (#8769) 2020-01-22 14:16:17 -06:00
Dan Ungureanu
c7a8bbd6a5
FIX: Show category list on subcategory page if it has subcategories too (#8768)
The category list was displayed only for top level categories, which
had no parent.
2020-01-22 20:27:30 +02:00
Neil Lalonde
b63d146128 UX: add confirmation when adding tag synonyms
The new confirmation modal explains that adding a tag as a synonym to
another tag will change all topics to replace the synonyms with the
base tag.
2020-01-22 12:35:42 -05:00
Dan Ungureanu
b25d9e96c1
FIX: Show all parent categories on topic page (#8767) 2020-01-22 17:39:50 +02:00
Bianca Nenciu
7b7e1717f2
FIX: Quoting a quote preserves the original post information (#8746)
Let's say post #2 quotes post number #1. If a user decides to quote the
quote in post #2, it should keep the information of post #1
("user_1, post: 1, topic: X"), instead of replacing with current post
info ("user_2, post: 2, topic: X").
2020-01-22 16:10:23 +02:00
Blake Erickson
8a89b7e108 FIX: Ensure only edited badge titles update a users title
When editing site texts from

/admin/customize/site_texts/

you can edit badge titles (aka name) and this will update any users that
have that badge currently set as their title. This fix prevents a badge
description text from being set as their title if an admin updates the
badge description text or any other badge fields that aren't the title.
2020-01-21 19:09:42 -07:00
Régis Hanol
96b64df4d4 FIX: use schema.org's BreadcrumList
The data-vocabulary.org schema is being deprecated.
We're now using the BreadcrumList data from the latest and greatest schema.org.

FIX: categories_breadcrumb helper to support more than 2 levels of categories.
2020-01-21 22:27:21 +01:00
Dan Ungureanu
89bd7ba45f
FIX: Use new tag routes (#8683)
Commit 1fb7a62 added unambiguous routes for tags. This commit ensures
that the new routes are used.
2020-01-21 19:23:08 +02:00
Bianca Nenciu
9c628f0897
FIX: Workaround limitation in jquery.autoellipsis (#8747)
Calling $.ellipsis() on an element containing <br> elements would throw
an exception.
2020-01-21 18:44:50 +02:00
Bianca Nenciu
0a27086764
FEATURE: Export all types of reports (#8748)
There is a single stacked_chart which was not exportable
2020-01-21 18:43:19 +02:00
Kris
411512c0e3 FIX: higher z-index for usercards in the header 2020-01-21 10:57:32 -05:00
David Taylor
84a2aae77f
FIX: Allow the app to generate and accept longer backup codes (#8761)
- Increase size of textarea when displaying generated codes
- Adjust maxlength of input field in JS UI
- Adjust maxlength of input field in no_ember UI

Follow-up to bff9880d63
2020-01-21 14:28:31 +00:00
Martin Brennan
9db59deb11 Only warn about missing recipients for PM archetype 2020-01-21 16:38:16 +10:00
Martin Brennan
88e23d4cfa Change logger.debug to logger.warn for PM debug messages 2020-01-21 16:11:52 +10:00
Sam Saffron
bff9880d63 DEV: increase the length of backup codes
16 ^ 8 though not tiny but is a workable search space in the event of
breach, 16 ^ 16 is not.
2020-01-21 15:32:06 +11:00
Martin Brennan
c677f8ee6a
DEV: Add debug lines for mystery no_user_selected error (#8759)
On some customer forums we are randomly getting a "You must select a valid user" error when sending a PM even when all parameters seem to be OK. This is an attempt to track it down with more data.
2020-01-21 10:50:44 +10:00
Krzysztof Kotlarek
aa04349cfd
FIX: Incorrect locale in badge granter (#8749)
We want to use default locale when:
a) Site settings are not allowing for user locale
OR
b) User locale are blank
2020-01-21 09:08:48 +11:00
Krzysztof Kotlarek
0420be88a6
FIX: when tag or category is added notify users that topic was modified (#8750)
There is a feature, that when tag or category is added to the topic,
customers who are watching that category or tag are notified.

The problem is that it is using default notification type "new post"

It would be better to use "new post" only when there really is a new
post and "edited" when categories or tags were modified.
2020-01-21 08:41:13 +11:00
Martin Brennan
1014e56e80
DEV: Respond with 403 instead of 500 for disabled local login via email
Previously if local login via email was disabled because of the site setting or because SSO was enabled, we were raising a 500 error. We now raise a 403 error instead; we shouldn't raise 500 errors on purpose, instead keeping that code for unhandled errors. It doesn't make sense in the context of what we are validating either to raise a 500.
2020-01-20 16:11:58 +10:00
Dan Ungureanu
eeefa1177f
FIX: Make category-chooser show all parent categories (#8706) 2020-01-19 13:07:54 +02:00
Blake Erickson
79ec686ec9 DEV: Use blank instead of NOT present
Follow up to: 75069ff179
2020-01-18 07:34:15 -07:00
Blake Erickson
75069ff179 FIX: Users should be able to remove their primary group
This fix allows a user to remove their currently assigned primary group
if the Site Setting `user selected primary groups` is enabled.

Before this fix, if a user selected "none" for their primary group it
would silently fail and never be updated.
2020-01-17 15:43:54 -07:00
Gerhard Schlager
3fc589f875 FIX: Don't override timezone on every visit of profile preferences
The timezone should only be initialized when there is no timezone stored in the DB yet. This also fixes an error that happened in dev mode whenever you switch between user preference tabs.
2020-01-17 22:34:18 +01:00
romanrizzi
0d08eac1c7 UX: Users must confirm when leaving a private group 2020-01-17 17:58:47 -03:00
Kris
4089607b40 UX: Minor adjustments to choose topic modal 2020-01-17 15:02:04 -05:00
Joffrey JAFFEUX
a7ae28ed88
REFACTOR: removes places where we never show glyph and DRY code (#8744) 2020-01-17 20:58:15 +01:00
Kris
b56ade5043 FIX: show PM icon in docked header 2020-01-17 13:30:54 -05:00
Joffrey JAFFEUX
6abc2f5072
FIX: applies correct styles to icon and attempts to dry code (#8739) 2020-01-17 18:20:23 +01:00
Joffrey JAFFEUX
56fa77c032
FIX: do not increase size of emojis in markdown tables (#8742) 2020-01-17 18:15:05 +01:00
Gerhard Schlager
ab07b945c2
Merge pull request #8736 from gschlager/rename_reply_id_column
REFACTOR: Rename `post_replies.reply_id` column to `post_replies.reply_post_id`
2020-01-17 17:24:49 +01:00
Joffrey JAFFEUX
3b5a6c9895
REFACTOR: unify naming of only emoji (#8741) 2020-01-17 17:21:08 +01:00
Roman Rizzi
28d09227f5
FIX: Reload the ReviewableScore types when extending flags (#8740)
ReviewableScore#types extend the PostActionTypes with their own, storing the result inside a class variable. To avoid overwriting an existing flag, we need to calculate the next flag ID using these types instead of the PostAction ones. Since we first call the score types to calculate the id, this list gets memoized, leaving us with an outdated list.

To fix this, we now reload ReviewableScore#types after replacing flags.
2020-01-17 11:59:38 -03:00
Kris
af3dce4930 Hide PM glyph, follow-up to 02dbcac 2020-01-17 07:10:44 -05:00
Dan Ungureanu
7d8c33a094 FIX: Include sub-sub-categories in new/unread counts (#8710)
The count used to be less than the real one because the topics in
sub-sub-categories and deeper were not taken into account.
2020-01-17 10:02:57 +00:00
Kris
02dbcac861 UX: Improve appearance of pm title editing 2020-01-16 21:31:17 -05:00
Martin Brennan
9c04aa593c
Fix broken admin login fro SSO enabled sites (#8737)
* When we refactored away the admin-login route we introduced a bug where admins could not log into an SSO enabled site, because of a check in the email_login route that disallowed this.
* Allow admin to get around this check.
2020-01-17 11:25:31 +10:00
Régis Hanol
7b83237261 FIX: groups pagination was broken 2020-01-16 23:57:34 +01:00
Roman Rizzi
0c4ac2a7bc
Merge pull request from GHSA-569c-22ff-pj3x 2020-01-16 15:17:16 -03:00
Jarek Radosz
fe588cc7f8
DEV: Fix function prototype deprecations (#8681)
* DEV: Fix the function prototype observers deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.observes('foo') to observer('foo', function() {}). [deprecation id: function-prototype-extensions.observes] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-observes for more details.

* DEV: Fix the function prototype event listeners deprecation

DEPRECATION: Function prototype extensions have been deprecated, please migrate from function(){}.on('foo') to on('foo', function() {}). [deprecation id: function-prototype-extensions.on] See https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-on for more details.

* DEV: Simplify `default as` imports

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2020-01-16 18:56:53 +01:00
Jarek Radosz
ff5a82b614
FIX: Change rootNone behavior in category-chooser (#8692)
This breaking change was originally a deprecation fix for overriding a computed property `none`.

There are 4 uses of `rootNone` in core and "all-the-plugins":
1. in discourse-chat-integration, admin-plugins-chat-edit-rule.hbs - changed behavior, that I'd consider a fix - `rootNoneLabel` is now used regardless of `siteSettings.allow_uncategorized_topics` value, which I believe was an originally intended behavior (i.e. it most likely hasn't been tested with disabled uncategorized topics)
2. in discourse-slack-official, plugins-slack.hbs - the same as 1.
3. in core, edit-category-general.hbs (in this PR) - no change in behavior
4. in discourse-googlebooks, edit-category-general.hbs - no change in behavior (since `allowUncategorized="true"` is also passed as an argument)
2020-01-16 18:51:29 +01:00
Gerhard Schlager
f216c6d60b FEATURE: Drop "backup" schema 7 days after restore
The "backup" schema is used to rollback a failed restore. It isn't useful after a longer period of time and turns into a waste of disk space.
2020-01-16 17:48:47 +01:00
Joffrey JAFFEUX
948bd00340
FEATURE: line with only 1 to 3 emojis will now display as large emojis 2020-01-16 09:54:26 +01:00
Martin Brennan
18bba860b5 Fix mobile topic-timeline not closing on scrolling past last post (#8730)
* when we dragged the topic-timeline handle past the last post
  in a topic we were not closing the timeline as we would if
  scrolling to a specific post
* this also fixes the issue where when scrolling past the end of
  the topic with a massive last post, none of the post could be
  seen
2020-01-16 17:23:44 +11:00
Martin Brennan
7c32411881
FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664)
### General Changes and Duplication

* We now consider a post `with_secure_media?` if it is in a read-restricted category.
* When uploading we now set an upload's secure status straight away.
* When uploading if `SiteSetting.secure_media` is enabled, we do not check to see if the upload already exists using the `sha1` digest of the upload. The `sha1` column of the upload is filled with a `SecureRandom.hex(20)` value which is the same length as `Upload::SHA1_LENGTH`. The `original_sha1` column is filled with the _real_ sha1 digest of the file. 
* Whether an upload `should_be_secure?` is now determined by whether the `access_control_post` is `with_secure_media?` (if there is no access control post then we leave the secure status as is).
* When serializing the upload, we now cook the URL if the upload is secure. This is so it shows up correctly in the composer preview, because we set secure status on upload.

### Viewing Secure Media

* The secure-media-upload URL will take the post that the upload is attached to into account via `Guardian.can_see?` for access permissions
* If there is no `access_control_post` then we just deliver the media. This should be a rare occurrance and shouldn't cause issues as the `access_control_post` is set when `link_post_uploads` is called via `CookedPostProcessor`

### Removed

We no longer do any of these because we do not reuse uploads by sha1 if secure media is enabled.

* We no longer have a way to prevent cross-posting of a secure upload from a private context to a public context.
* We no longer have to set `secure: false` for uploads when uploading for a theme component.
2020-01-16 13:50:27 +10:00
Mark VanLandingham
135d09d671
FIX: Styling for feature topic on profile modal (#8727) 2020-01-15 15:20:12 -06:00
Arpit Jalan
0bc65fa60e
FIX: show error message if the topic deletion fails (#8723) 2020-01-16 00:58:03 +05:30
Roman Rizzi
2db7b3d9c7
FIX: Correctly wrap image and resize controls inside paragraph (#8718) 2020-01-15 14:01:14 -03:00
Arpit Jalan
0f8695958b FIX: better error message when topic deletion fails 2020-01-15 19:30:06 +05:30
Régis Hanol
c4817e9ee9 DEV: lint 💅 2020-01-15 11:36:33 +01:00
Martin Brennan
66f2db4ea4 SECURITY: 2FA with U2F / TOTP 2020-01-15 11:27:12 +01:00
Régis Hanol
5d75f90b27 FIX: group membership leak
FIX: raised a proper NotFound exception when filtering groups by username with invalid username.
FIX: properly filter the groups based on current user visibility when viewing another user's groups.
DEV: Guardian.can_see_group?(group) is now using Guardian.can_see_groups(groups) instead of duplicating the same code.
FIX: spec for groups_controller#index when group directory is disabled for logged in user.
FIX: groups_controller.sortable specs to actually test all sorting combinations.
DEV: s/response_body/body/g for slightly shorter spec code.
FIX: rewrote the "view another user's groups" specs to test all group_visibility and members_group_visibility combinations.
DEV: Various refactoring for cleaner and more consistent code.
2020-01-15 11:21:58 +01:00
Joffrey JAFFEUX
ac865112a3
FIX: ensures group-navigation states changes when route changes (#8724) 2020-01-15 10:13:07 +01:00
Joffrey JAFFEUX
f4744193bd
FEATURE: allows to define a dissmiss duration on global notices (#8715)
This commit also adds more documentation to various options and defines a 1 week duration for IE global notice dismiss duration.
2020-01-15 09:02:28 +01:00
Joffrey JAFFEUX
ec1aeb8a55
FIX: ensures secondary menu of user notifications mobile nav reloads (#8716) 2020-01-15 09:01:44 +01:00
Kris
b1508a6f44 UX: Improve appearance of lists and user fields in mobile bios 2020-01-14 16:33:50 -05:00
Mark VanLandingham
5df0ef1e98
FIX: Update user-selector excluded usernames after insert (#8711) 2020-01-14 10:28:35 -06:00
Gerhard Schlager
c351ffe580 FEATURE: Add hidden setting to disable configuration of inventory bucket 2020-01-14 17:23:12 +01:00
David Taylor
12d2fe7ff6 UX: Ensure all generated backup codes are displayed on the screen 2020-01-14 15:33:27 +00:00
David Taylor
4fdfc2665d FIX: Update featured badge ranking when mass-awarding badges
Follow-up to cff6e941de
2020-01-14 14:39:20 +00:00
David Taylor
cff6e941de
PERF: Cache ranks for featured badges, to simplify user serialization (#8698) 2020-01-14 14:26:49 +00:00
Joffrey JAFFEUX
f10078eab4
FIX: moves back padStart/padEnd to core polyfills (#8714)
Multiple users are on chrome 56 when this is only supported on chrome 57. Given it's only few lines of code, it makes sense to keep supporting this.
2020-01-14 10:54:39 +01:00
romanrizzi
d3091edcea UX: Return a friendlier error when the CSV is invalid. Added a cancel button to return to the /badges view 2020-01-13 15:53:41 -03:00
Robin Ward
e4a85e2a80 Minor tweaks to badge CSV upload 2020-01-13 12:44:22 -05:00
Roman Rizzi
d69c5eebcf
Feature: Mass award badge (#8694)
* UI: Mass grant a badge from the admin ui

* Send the uploaded CSV and badge ID to the backend

* Read the CSV and grant badge in batches

* UX: Communicate the result to the user

* Don't award if badge is disabled

* Create a 'send_notification' method to remove duplicated code, slightly shrink badge image. Replace router transition with href.

* Dynamically discover current route
2020-01-13 11:20:26 -03:00
Martin Brennan
9e399b42b9 DEV: Remove redundant admin_login route, share with email_login 2020-01-13 12:10:07 +10:00
Blake Erickson
1a31a403ce DEV: Remove buffered-render file
This is the last and final commit in a multi-commit refactor to remove
all uses of buffered-render.

Previous commit: fc94b6cb9e in this
series.
2020-01-10 18:19:23 -07:00
Penar Musaraj
687c79ca1c FIX: Remove padding while composer is saving
Padding on `#main-outlet` while compooser was in "saving" state was causing posts to bounce after replying.
2020-01-10 12:57:16 -05:00
Mark VanLandingham
5898afaa73
FEATURE: pass in excluded usernames to user-selector (#8695) 2020-01-10 09:02:43 -08:00
Rafael dos Santos Silva
5a70f50032
FEATURE: Use new Badging API
Now that the spec is finished use the unprefixed API, which was also moved
from window to navigator.

Still uses feature detection so it fail gracefully when not available in
the user agent.
2020-01-10 13:41:35 -03:00
Dan Ungureanu
815116f6a2
FIX: Make 'findBySlugPathWithID' when URL ends with a slash (#8699)
Make URLs such as 'https://discourse/c/foo/bar/' work the same way
'https://discourse/c/foo/bar' does.
2020-01-10 17:02:36 +02:00
Joffrey JAFFEUX
5ce602ecea FIX: prevents url of file from being pasted when pasting file on iOS (#8693) 2020-01-10 08:39:01 +05:30
Martin Brennan
cb660ef952 SECURITY: Improve second factor auth logic 2020-01-10 10:45:56 +10:00
Kris
dd52291fb7 UX: Center featured topic on mobile profiles 2020-01-09 16:35:34 -05:00
Kris
ef9828b25d UX: Remove reliance on JS for category box links 2020-01-09 16:25:41 -05:00
Robin Ward
dcbe527a82 FIX: Don't log a claimed topic database error during tests
We now test the uniqueness validation, but also rescue a DB
exception in case the controller fails this check.
2020-01-09 12:32:05 -05:00
Robin Ward
d043a4c6fe FIX: Stop logging errors in postgres on reviewable conflict
The previous concurrency-safe implementation relied on catching an
index conflict and following through appropriately. Unfortunately
those conflicts were logged to Postgres and there is no easy way
to turn them off.

This solution approaches the problem differently. It should still
be safe under concurrency and not log errors.
2020-01-09 12:04:17 -05:00
Jarek Radosz
531016f99b
DEV: Add missing indexes to user_profiles (#8691)
* DEV: Update model annotations
* DEV: Add missing indexes to user_profiles

The columns were changed in 24347ace10 (diff-baa5914c0c7cddf3c8b5cd9139e0d091)
2020-01-09 17:08:55 +01:00
Régis Hanol
92a9ae6ab0
REFACTOR: isValidLink
- Reduced verbose comments
- Merged 2 `if` which had the same logic
2020-01-08 18:14:24 +01:00