Commit Graph

54875 Commits

Author SHA1 Message Date
Jarek Radosz
26198fb328
DEV: Fix incorrect hbs syntax in tests (#27345) 2024-06-05 13:28:22 +02:00
Selase Krakani
f2c4474c1e
DEV: Improve user generic bulk importer anonymization (#27307)
* DEV: Improve user generic bulk importer anonymization

Add support for properly anonymizing:
 - email
 - date_of_birth
 - location
 - website
 - bio

* DEV: Remove uneeded anon username check in `import_user_emails`
2024-06-05 11:25:17 +00:00
dependabot[bot]
c67f810a4b Build(deps): Bump rails_failover from 2.0.1 to 2.1.0
Bumps [rails_failover](https://github.com/discourse/rails_failover) from 2.0.1 to 2.1.0.
- [Changelog](https://github.com/discourse/rails_failover/blob/main/CHANGELOG.md)
- [Commits](https://github.com/discourse/rails_failover/compare/v2.0.1...v2.1.0)

---
updated-dependencies:
- dependency-name: rails_failover
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-05 09:54:58 +02:00
Alan Guo Xiang Tan
82383ea776
DEV: Avoid unique validation in UserPasswordExpirer.expire_user_password (#27343)
This commit updates the `UserPasswordExpirer.expire_user_password`
method to update `UserPassword#password_expired_at` when an existing
`UserPassword` record exists with the same `password_salt`,
`password_hash` and `password_algorithm`. This is to prevent the unique
validation error on `UserPassword#user_id` and
`UserPassword#password_hash` from being raised when the method is called
twice for a user that has not changed its password.
2024-06-05 15:22:40 +08:00
Martin Brennan
748240ce3b
FIX: Pluralisation for short password count (#27342)
Followup 0434112aa7,
when I introduced the pluralisation for the
password.too_short message I didn't change the
key name to `count`, which is necessary.
2024-06-05 16:20:48 +10:00
Martin Brennan
0434112aa7
UX: Streamline reset password page (#27341)
This commit includes various UX improvements to the reset
password page:

* Introduce a `hide-application-header-buttons` helper to do the following:
  * Hide Sign Up and Log In buttons, they are not necessary on this flow
  * Hide the sidebar, it is a distraction on this flow
* Improve messaging when a 2FA confirmation is required first
* Improve display of server-side ActiveRecord model validation errors
  in password form, e.g. instead of "is the same as your current password"
  we do "The password is the same as your current password"
* Move password tip to next line below input and move caps lock hint
  inline with Show/Hide password toggle
* Add system specs for 2FA flow on reset password page
* Fixes a computed property conflict issue on the password reset
   page when toggling 2FA methods
2024-06-05 15:22:59 +10:00
Krzysztof Kotlarek
aa88b07640
FEATURE: the ability to change the order of flags (#27269)
Continued work on moderate flags UI.
In this PR admins are allowed to change the order of flags. The notify user flag is always on top but all other flags can be moved.
2024-06-05 13:27:06 +10:00
Krzysztof Kotlarek
c1ecbb8d28
UX: move users link to the top of the admin sidebar (#27339)
Before, users link was in the community section.
2024-06-05 12:49:46 +10:00
Alan Guo Xiang Tan
9ff0805a1d
DEV: Monkey patch Selenium::WebDriver::Platform.localhost to retry (#27335)
On Github Actions, system tests which uses `Capybara#using_session` are
failing intermittently with the error "Socket::ResolutionError: getaddrinfo: Temporary failure in name resolution"
when `Selenium::WebDriver::Platform.localhost` tries to resolve
`localhost`.

Too much time has been spent trying to figure out why so we are giving
up here and just retrying the resolution of `localhost` on Github
Actions.
2024-06-05 07:54:15 +08:00
Alan Guo Xiang Tan
9705bd6cbe
DEV: Update Rails to 7.0.8.4 (#27337)
Resolves 2 CVEs that has been determined to not affect us but upgrading
anyway.
2024-06-05 07:53:45 +08:00
Kris
9404459188
UX: prevent twitter like/retweet counts from wrapping (#27333) 2024-06-04 16:55:50 -04:00
Discourse Translator Bot
a5c06f0b2c
Update translations (#27321) 2024-06-04 21:44:04 +02:00
Kris
a4001548d8
UX: fix only-emoji size in user-stream excerpts (#27330) 2024-06-04 14:59:43 -04:00
Jarek Radosz
a50a5cd157
Revert "Build(deps): Bump ffi from 1.16.3 to 1.17.0 (#27310)" (#27331)
This reverts commit 8789b19aed.

Temporary revert as we work out compatibility issues with a private plugin that uses ffi
2024-06-04 20:46:59 +02:00
Jarek Radosz
e57fe1e994
DEV: Remove uses of @on from native classes (#27327)
Fixes a deprecation warning introduced in a64f021f49 and removes all uses of `@on` in native classes. (those are unnecessary)
2024-06-04 20:16:05 +02:00
Jarek Radosz
bbdf14828b
DEV: Check lifecycle props in Presence service (#27328)
This may or may not fix flakes in `Unit | Service | presence` tests
2024-06-04 20:15:27 +02:00
Kris
4236aa0851
UX: add space between revision avatar and username (#27329) 2024-06-04 12:48:16 -04:00
Kris
14f81490ec
UX: fix mobile read state alignment (#27323) 2024-06-04 09:40:41 -04:00
Jarek Radosz
0b7563b804
DEV: Fix the order of operations in themes-frontend (#27317)
Previously "themes frontend" CI job would:

1. pull compatible versions of themes that happened to be in the base image
2. clone all official themes (overriding the compatible versions from 1.)
3. run tests
2024-06-04 15:16:44 +02:00
Jarek Radosz
c972a31819
DEV: Fix typos and formatting (#27320) 2024-06-04 15:16:24 +02:00
Mark VanLandingham
d42a1c8885
DEV: Pass recipient email address to message_builder modifiers (#27308) 2024-06-04 08:00:30 -05:00
David Taylor
0ddad8fc64
Revert "DEV: Update action syntax for routes/application.js (#27282)" (#27318)
This reverts commit 0b10e335ae.

I realised that some of these actions are overridden in themes/plugins, so this is going to cause problems (especially because modifyClass doesn't currently work well with the `@action` decorator)
2024-06-04 13:44:19 +01:00
David Taylor
0b10e335ae
DEV: Update action syntax for routes/application.js (#27282) 2024-06-04 13:38:24 +01:00
David Taylor
d02e40e989
DEV: Update action syntax for routes/discourse.js (#27283) 2024-06-04 13:37:18 +01:00
David Taylor
aa37be3323
UX: Use regular reset-password flow for expired passwords (#27316)
This makes it more obvious what's happening, and makes it much less likely that users will send repeated reset emails (and thereby hit the rate limit)

Followup to e97ef7e9af
2024-06-04 12:47:33 +01:00
dependabot[bot]
f0539afb02
Build(deps-dev): Bump rubocop-rspec from 2.29.2 to 2.30.0 (#27311)
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.29.2 to 2.30.0.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.29.2...v2.30.0)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 12:02:42 +02:00
dependabot[bot]
8789b19aed
Build(deps): Bump ffi from 1.16.3 to 1.17.0 (#27310)
Bumps [ffi](https://github.com/ffi/ffi) from 1.16.3 to 1.17.0.
- [Changelog](https://github.com/ffi/ffi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ffi/ffi/compare/v1.16.3...v1.17.0)

---
updated-dependencies:
- dependency-name: ffi
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 12:02:30 +02:00
Alan Guo Xiang Tan
e97ef7e9af
FEATURE: Allow site admin to mark a user's password as expired (#27314)
This commit adds the ability for site administrators to mark users'
passwords as expired. Note that this commit does not add any client side
interface to mark a user's password as expired.

The following changes are introduced in this commit:

1. Adds a `user_passwords` table and `UserPassword` model. While the
   `user_passwords` table is currently used to only store expired
   passwords, it will be used in the future to store a user's current
   password as well.

2. Adds a `UserPasswordExpirer.expire_user_password` method which can
   be used from the Rails console to mark a user's password as expired.

3. Updates `SessionsController#create` to check that the user's current
   password has not been marked as expired after confirming the
   password. If the password is determined to be expired based on the
   existence of a `UserPassword` record with the `password_expired_at`
   column set, we will not log the user in and will display a password
   expired notice. A forgot password email is automatically send out to
   the user as well.
2024-06-04 15:42:53 +08:00
Kris
30f55cd64b
UX: improve search result consistency (#27289) 2024-06-04 15:34:21 +10:00
Krzysztof Kotlarek
eebf332025
FEATURE: expand the admin sidebar when filtering (#27312)
Even when the admin sidebar sections are collapsed, they should expand while filtering. When the filter is removed, sections should go back to the previous state.

In addition, trim whitespace from the filter section.
2024-06-04 12:23:21 +10:00
dependabot[bot]
472c02bda8
Build(deps-dev): Bump lefthook from 1.6.14 to 1.6.15 (#27309)
Bumps [lefthook](https://github.com/evilmartians/lefthook) from 1.6.14 to 1.6.15.
- [Release notes](https://github.com/evilmartians/lefthook/releases)
- [Changelog](https://github.com/evilmartians/lefthook/blob/master/CHANGELOG.md)
- [Commits](https://github.com/evilmartians/lefthook/compare/v1.6.14...v1.6.15)

---
updated-dependencies:
- dependency-name: lefthook
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-04 06:47:40 +08:00
Jan Cernik
625c715856
FIX: Lazy TikTok embeds height in chat (#27306) 2024-06-03 11:20:47 -03:00
David Taylor
a64f021f49
DEV: Convert user-posts-stream to native class syntax (#27278)
This is the final model in Discourse core to be converted
2024-06-03 15:03:50 +01:00
Jarek Radosz
adeda6c6a5
FIX: Restore cmd+click ability in topic-info (#27305) 2024-06-03 16:01:20 +02:00
David Taylor
29b826c8f7
DEV: Convert DiscourseURL to native class syntax (#27284) 2024-06-03 14:59:05 +01:00
David Taylor
a3d0a9edbb
DEV: Convert almost all routes to native class syntax (#27281)
Only remaining ones are `routes/discourse.js` and `routes/application.js`. Those two both contain legacy `actions: {}` hashes which need to be updated before being converted to native class syntax.
2024-06-03 14:58:53 +01:00
Gerhard Schlager
602ef2c819 FIX: Store special characters in permalink URL as encoded characters
see https://meta.discourse.org/t/permalink-not-working-with-cyrilics-symbols/301130
2024-06-03 13:20:24 +02:00
Gerhard Schlager
9061282515 FIX: Permalinks with external URL didn't work with subfolders 2024-06-03 13:20:24 +02:00
Gerhard Schlager
387e906610 REFACTOR: All kinds of permalinks should return relative URLs
Mixing relative and absolute URLs is unnecessary and confusing.
2024-06-03 13:20:24 +02:00
David Battersby
4e80c9eb13
FIX: chat direct message group user limit is off by 1 (#27014)
This change allows the correct number of members to be added when creating a group direct message, based on the site setting chat_max_direct_message_users.

Previously we counted the current user within the max user limit and therefore the count was off by 1.
2024-06-03 12:11:49 +04:00
Joffrey JAFFEUX
82cccf89e1
DEV: attempts to remove using_session patch (#27292)
I suspect it's not useful anymore, if it ever was, and might cause more harm than good.
2024-06-03 09:38:03 +02:00
Osama Sayegh
fed9055818
DEV: Remove admin-revamp and introduce foundations for admin config (#27293)
This commit removes the `/admin-revamp` routes which were introduced as a part of an experiment to revamp the admin pages. We still want to improve the admin/staff experience, but we're going to do them within the existing `/admin` routes instead of introducing a completely new route.

Our initial efforts to improve the Discourse admin experience is this commit which introduces the foundation for a new subroute `/admin/config` which will house various new pages for configuring Discourse. The first new page (or "config area") will be `/admin/config/about` that will house all the settings and controls for configuring the `/about` page of Discourse.

Internal topic: t/128544
2024-06-03 10:18:14 +03:00
Alan Guo Xiang Tan
aec892339e
DEV: Add rspec tests for SignalTrapLogger (#27302)
Follow-up to 23c38cbf11
2024-06-03 13:40:21 +08:00
Alan Guo Xiang Tan
d68983e060
DEV: Use same Socket.getaddrinfo arguments as selenium-webdriver (#27301)
Follow up to c408b53689. We need better
debugging information
2024-06-03 13:11:40 +08:00
Alan Guo Xiang Tan
23c38cbf11
DEV: Log Unicorn worker timeout backtraces to Rails.logger (#27257)
This commit introduces the following changes:

1. Introduce the `SignalTrapLogger` singleton which starts a single
   thread that polls a queue to log messages with the specified logger.
   This thread is necessary becasue most loggers cannot be used inside
   the `Signal.trap` context as they rely on mutexes which are not
   allowed within the context.

2. Moves the monkey patch in `freedom_patches/unicorn_http_server_patch.rb` to
   `config/unicorn.config.rb` which is already monkey patching
   `Unicorn::HttpServer`.

3. `Unicorn::HttpServer` will now automatically send a `USR2` signal to
   a unicorn worker 2 seconds before the worker is timed out by the
   Unicorn master.

4. When a Unicorn worker receives a `USR2` signal, it will now log only
   the main thread's backtraces to `Rails.logger`. Previously, it was
   `put`ing the backtraces to `STDOUT` which most people wouldn't read.
   Logging it via `Rails.logger` will make the backtraces easily
   accessible via `/logs`.
2024-06-03 12:51:12 +08:00
Martin Brennan
4b2bd4d682
FEATURE: Allow "move to inbox" and "move to archive" for private messages using new bulk topic dropdown (#27236)
This commit re-introduces the "Move to Inbox" and "Move to Archive"
bulk topic actions, which we had in the old modal but had not yet added
to the new "experimental" dropdown, which isn't really experimental at
this point.

Once this is merged we can remove the old modal and only
rely on the new dropdown.
2024-06-03 14:37:28 +10:00
dependabot[bot]
a8f0a927a0
Build(deps-dev): Bump sass from 1.77.3 to 1.77.4 (#27294)
Bumps [sass](https://github.com/sass/dart-sass) from 1.77.3 to 1.77.4.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.77.3...1.77.4)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 10:38:10 +08:00
dependabot[bot]
c7292c1ffc
Build(deps): Bump net-imap from 0.4.11 to 0.4.12 (#27295)
Bumps [net-imap](https://github.com/ruby/net-imap) from 0.4.11 to 0.4.12.
- [Release notes](https://github.com/ruby/net-imap/releases)
- [Commits](https://github.com/ruby/net-imap/compare/v0.4.11...v0.4.12)

---
updated-dependencies:
- dependency-name: net-imap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 10:37:25 +08:00
dependabot[bot]
858a37ef58
Build(deps): Bump sass-embedded from 1.77.2 to 1.77.4 (#27297)
Bumps [sass-embedded](https://github.com/sass-contrib/sass-embedded-host-ruby) from 1.77.2 to 1.77.4.
- [Commits](https://github.com/sass-contrib/sass-embedded-host-ruby/compare/v1.77.2...v1.77.4)

---
updated-dependencies:
- dependency-name: sass-embedded
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 10:37:12 +08:00
dependabot[bot]
3ca0b81d02
Build(deps-dev): Bump rubocop from 1.64.0 to 1.64.1 (#27296)
Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.64.0 to 1.64.1.
- [Release notes](https://github.com/rubocop/rubocop/releases)
- [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop/compare/v1.64.0...v1.64.1)

---
updated-dependencies:
- dependency-name: rubocop
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 10:37:01 +08:00