Commit Graph

20693 Commits

Author SHA1 Message Date
Penar Musaraj
4fa1ef0945 UX: Improve quoting on iOS
Fixes quote usability on iOS when the button is near the right edge of the screen.
2019-10-23 10:44:47 -04:00
Dan Ungureanu
a7301c8671 PERF: Add index on group to category_groups (#8231) 2019-10-23 10:30:43 +01:00
Dan Ungureanu
09a569aaba PERF: Add unique index oauth2_user_infos(user_id, provider) (#8230) 2019-10-23 10:27:56 +01:00
Sam Saffron
676c432b0f FIX: notifications are missing under certain conditions
This simplifies the code for refreshing notification counts. It now
unconditionally looks up the user object which protects against stale objects
in memory.

This also removes a pile of conditional logic we no longer need.
2019-10-23 16:09:55 +11:00
Penar Musaraj
ab6a540fc4 UX: fixes regression with iOS composer
Fixes a bug introduced in e83c2488a2 where dismissing the keyboard in iOS would not minimize the composer.
2019-10-22 23:10:18 -04:00
Kris
67ad8fbd1b minor button styling for admin login 2019-10-22 16:45:23 -04:00
Kris
d4f1e6d11b UX: update disabled dropdowns style w/ color variables 2019-10-22 16:32:24 -04:00
Penar Musaraj
2ab6a68629 UX: Standardize tag display in search menu results
This allows theme components (like discourse-tag-icons) to apply to tag results in search menu.
2019-10-22 14:19:24 -04:00
romanrizzi
a411806551 FIX: Return blank avatar when downloading an avatar is not possible due to file size 2019-10-22 12:05:36 -03:00
romanrizzi
e112369bb6 FIX: Exclude image_url from web_hook_topic_view_serializer 2019-10-22 11:53:24 -03:00
Blake Erickson
7d09af7eda
FIX: Prevent null-byte searches causing 500 error (#8226)
This fix ensures that searches that contain a null byte return a 400
error instead of causing a 500 error.

For some reason from rspec we will reach the raise statement inside
of the `rescue_from ArgumentError` block, but outside of rspec it will
not execute the raise statement and so a 500 is thrown instead of
reaching the `rescue_from Discourse::InvalidParameters` block inside of
the application controller.

This fix raises Discourse::InvalidParameters directly from the search
controller instead of relying on `PG::Connection.escape_string` to
raise the `ArgumentError`.
2019-10-22 08:44:52 -06:00
Robin Ward
283a0add80
Support for importing @ember/component and @ember/routing/route (#8214)
This will allow us to take the first step in updating our modules
to be consistent with example Ember code and to align with Ember CLI.
2019-10-22 09:47:27 -04:00
Mark VanLandingham
e5311ab645 DEV: Import DiscourseRoute rather than Discourse.Route (#8225)
* DEV: Discourse.Route -> DiscourseRoute with import

* ran prettier on all routes

* prettiered one more file
2019-10-22 09:46:10 -04:00
Blake Erickson
3201613f13 FEATURE: Include image url in topic serializer
The `image_url` is already included when fetching a list of topics, and
this commit adds it to the individual topic serializer so that it is
available via the api.

See

https://meta.discourse.org/t/single-topic-api-endpoint-should-contain-image-url/131020

for more details.
2019-10-21 22:02:49 -06:00
Blake Erickson
ef0fe51e05
FIX: Include user id in notification webhook (#8195)
The payload when receiving a notification webhook is pointless without
knowing which user the notification is for. This fix adds the user_id to
the notification serializer so that when you receive a notification
webhook you can properly identify which user the notification is for.

See

https://meta.discourse.org/t/getting-the-target-user-for-notification-webhook-events/129052?u=blake

for more details.
2019-10-21 16:24:41 -06:00
Dan Ungureanu
2f54dd5e3d
FIX: Load user model when some attributes are missing.
Follow-up to 3ad07aacfa.
2019-10-21 21:05:25 +03:00
Robin Ward
ab53b485b4 Add setter for excerpt_size so plugins can set it more easily 2019-10-21 13:44:32 -04:00
Michael Brown
40b0b549ff DEV: update the comments re the encoded slug changes
* followup to 2e73985d
2019-10-21 13:39:45 -04:00
Rafael dos Santos Silva
2e73985d1b FIX: Make category updates slug validation idempotent
Co-authored-by: Michael Brown <supermathie@gmail.com>
2019-10-21 14:33:19 -03:00
Dan Ungureanu
3ad07aacfa
FIX: Reload only notifications when refreshing notification count (#8221)
Previously, we used to reload the whole User instance which discarded
any changes made (for example setting 'unstage' to false).
2019-10-21 20:25:46 +03:00
Dan Ungureanu
1358312584
FIX: Zeitwerk-related fixes for jobs. (#8219) 2019-10-21 20:25:35 +03:00
Kris
b41b12ad71
Add unique class to custom field wrappers (#8193) 2019-10-21 12:22:55 -04:00
Kris
56862f61c0
Add group name classes to tag page so groups can be hidden with CSS (#8118) 2019-10-21 12:22:19 -04:00
Robin Ward
3085b923f6 Removed MOVED_MODULES which is 3 years old 2019-10-21 11:59:13 -04:00
Robin Ward
9dcdbcfd5b Run prettier on the loader 2019-10-21 11:56:15 -04:00
David Taylor
cc56f226b8 FIX: Correct mention autocomplete in new topics in unsecured categories
When autocompleting mentions in secure categories, we immediately populate the list with users which have permission to view the category. This logic is applied to unsecured categories as well, but the server returns an empty list of users. This commit teaches the autocomplete to understand empty lists of users without terminating the autocomplete dropdown.
2019-10-21 14:52:54 +01:00
Daniel Waterworth
594925b896 FIX: id is always true since it's been to_i'd
Let's only look up the category if the id has been provided
2019-10-21 13:21:12 +01:00
Daniel Waterworth
55a1394342 DEV: pluck_first
Doing .pluck(:column).first is a very common pattern in Discourse and in
most cases, a limit cause isn't being added. Instead of adding a limit
clause to all these callsites, this commit adds two new methods to
ActiveRecord::Relation:

pluck_first, equivalent to limit(1).pluck(*columns).first

and pluck_first! which, like other finder methods, raises an exception
when no record is found
2019-10-21 12:08:20 +01:00
Joffrey JAFFEUX
72822aa93f
FIX: d-button should default type to button (#8217)
This will prevent unexpected behaviour of  d-button being considered as a submit button.
2019-10-21 09:42:19 +02:00
Sam Saffron
98d6cee7c7 FIX: various fixes to draft system
- destroyDraft which is called when we cancel a draft is now async,
  removing race conditions when you click "reply" to a post and are
  already editing. We used to trigger double dialogs for cancelling
  drafts which was confusing.

- Remove reply as new topic / reply as pm keys, they are no longer
  used and only caused confustion. For example we used to pop up a
  warning when you are composing a reply and flick to reply as
  new topic

- Remove createTopic key, this was a bug that proliferated. Whenever
  creating a topic via the C shortcut or clicking on new topic on full
  screen search the correct new topic draft key will be used
  consistently

- When abandoning an edit we now say "Are you sure you want to discard
  your changes" (instead of abandon your post which is confusing)
2019-10-21 17:24:06 +11:00
Mark VanLandingham
054fbd7846
FEATURE: Remember scroll position in private message lists (#8212)
* FEATURE: remember position in private message lists

* Unified saving scroll position between topic lists

* added discovery-topics-list template

* ran prettier

* removed dynamic scroll key

* JS cleanup
2019-10-18 13:16:52 -05:00
tshenry
95114f87ae
Improve spam_hosts copy (#8203)
- Increase size of the reviewable's conversation excerpt to prevent truncation of the new copy
- Remove the `domain` parameter from the `flag_linked_posts_as_spam` method in the user model since it is no longer needed
- Remove the `domain` interpolation variable from all translation files
- Add "All posts from this user that include links should be reviewed." to server.en.yml for added clarity on why the posts entered the queue
2019-10-18 09:31:15 -07:00
Joffrey JAFFEUX
2fa3808928
FIX: polyfills forEach support on NodeList for IE11 (#8213) 2019-10-18 12:27:51 +02:00
Jarek Radosz
ac06c87b43
DEV: Remove badge-select-controller (#8207)
* DEV: Remove badge-select-controller

1. The `selectableUserBadges` computed property of `badge-title` was being incorrectly overwritten, which triggered computed-property.override deprecation.

2. The `badge-select-controller` mixin contained properties that were used either by `badge-title` component or `badges/show` controller, but none were being used by both. This change moves properties where they belong, and removes the mixin.

* Update app/assets/javascripts/discourse/controllers/badges/show.js.es6

Co-Authored-By: Robin Ward <robin.ward@gmail.com>

* Improve code brevity
2019-10-18 02:17:05 +02:00
Jarek Radosz
7de3e7b322
DEV: Fix the Function.prototype.on deprecation (#8205)
https://deprecations.emberjs.com/v3.x/#toc_function-prototype-extensions-on
2019-10-18 01:49:41 +02:00
Jarek Radosz
f6ea986aec
DEV: Remove suspend from Admin::UsersController responses (#8206)
`suspend` isn't a User attribute, but was being assigned to the frontend User model as if it was. The model has a computed property that depends on `suspended_till`, so instead of overriding this property, it's better to return relevant attributes.

Fixes a computed-property.override deprecation (https://emberjs.com/deprecations/v3.x#toc_computed-property-override)
2019-10-18 01:49:26 +02:00
Rafael dos Santos Silva
42c2068ada DEV: fix prettier offense 2019-10-17 17:39:44 -03:00
Rafael dos Santos Silva
f97b6e85da FIX: Handle encoded slugs for subcategories 2019-10-17 17:02:17 -03:00
Neil Lalonde
85140aa09a UX: dashboard links to git commits list instead of git comparison
Previously the link went to a comparison of the installed commit with
the tests-passed branch. This change will show the list of installed
commits.
2019-10-17 15:08:43 -04:00
David Taylor
d1b86352d4
UX: Make group membership UI clearer (#8210)
The 'automatically set primary group' checkbox looked like it was associated with the email membership. In fact, it applies to all members who join the group. This commit moves it next to the 'automatic trust level' setting, and puts them both under an 'Effects' heading
2019-10-17 18:05:42 +01:00
Vinoth Kannan
3cdcd093ee
REFACTOR: improve the code readability. (#8211)
b2f682f35e
2019-10-17 22:05:44 +05:30
Mark VanLandingham
bd969332e0 FIX: Display site text overrides for non '_MF' keys (#8189)
FIX: Transform pluralized keys to `.other`, to check valid interpolation
2019-10-17 18:34:07 +02:00
David Taylor
ecfba0bb37 UX: Ensure GitHub onebox info does not wrap unnecessarily 2019-10-17 11:00:44 +01:00
Joffrey JAFFEUX
b6ef473a31
DEV: prevents redefinition of various constants (#8199)
CLEANUP_GRACE_PERIOD
MAX_AWARDED
POLL_MAILBOX_TIMEOUT_ERROR_KEY
2019-10-17 09:18:07 +02:00
Sam Saffron
cb0443792b DEV: correct revision debouncer for backup draft
We were debouncing on update_at which we kept on pushing forward, this
was leading to not enough revisions.
2019-10-17 17:41:28 +11:00
Sam Saffron
3314aa9f88 DEV: annotate models
Some comments were out of data, updated
2019-10-17 16:58:22 +11:00
Sam Saffron
f5d1aff8dd FEATURE: experimental hidden setting for draft backups
Under exceptional situations the automatic draft feature can fail.

This new **hidden, default off** site setting
`backup_drafts_to_pm_length` will automatically backup any draft that is
saved by the system to a dedicated PM (originating from self)

The body of that PM will contain the text of the reply.

We can enable this feature strategically on sites exhibiting issues to
diagnose issues with the draft system and offer a recourse to users who
appear to lose drafts. We automatically checkpoint these drafts every 5
minutes forcing a new revision each 5 minutes so you can revert to old
content.

Longer term we are considering automatically enabling this kind of feature
for extremely long drafts where the risk is really high one could lose
days of writing.
2019-10-17 16:58:21 +11:00
Sam Saffron
c3d06ef01a DEV: avoid making direct HTML changes in controllers
Followup on d5d8db7f, we prefer not to amend DOM directly from controllers.
2019-10-17 08:43:30 +11:00
Robin Ward
f14020dd0a Allow the topic excerpt size to be customizable by plugins 2019-10-16 16:28:28 -04:00
Rafael dos Santos Silva
6e9c8fe854
FIX: More encoded slug fixes (#8191)
* FIX: Do not encode the URL twice

Now that we encode slugs in the server we don't need this anymore.

Reverts fe5na33

* FIX: More places do deal with encoded slugs

* the param is a string now, not a hash

* FIX: Handle the nil slug on /categories

* DEV: Add seeded? method to identity default categories

* DEV: Use SiteSetting to keep track of seeded categories
2019-10-16 17:08:43 -03:00
Daniel Waterworth
7a0c06691c FIX: Account for nil when looking up subcategories 2019-10-16 20:04:54 +01:00
Penar Musaraj
baf8ae604a FIX: Correct topic timeline position calculation
Fixes calculation for themes with tall custom headers.
2019-10-16 15:01:01 -04:00
Penar Musaraj
48c1238492 FIX: Do not send notification to empty push_url
Completes e4424d7
2019-10-16 11:27:07 -04:00
Kris
d6118c8bc8 Add digest email template classes for popular post section 2019-10-16 11:22:33 -04:00
Penar Musaraj
e4424d7c2e FIX: Do not make notification API call if push_url is blank
Followup to 77643931bc
2019-10-16 10:59:06 -04:00
Kris
1c4baadc49 UX: Wrap digest email footer in a table for better alignment options 2019-10-16 10:39:40 -04:00
Penar Musaraj
c6e255f4e0 UX: Include metadata in composer link modal search results
Metadata includes topic status (closed, pinned, solved, etc.) as well as category and tags.
2019-10-16 10:17:27 -04:00
Daniel Waterworth
7ba914f1e1 FIX: Add migrations to fix index on category slugs
Slugs can be the empty string, but the added index didn't account for
that. This commit changes the migration, stopping it from being unique
so that it can be applied everywhere and adds another migration that
recreates the index properly.
2019-10-16 14:02:11 +00:00
Joffrey JAFFEUX
02250bd91f
DEV: removes one deprecation with app-events:main 2019-10-16 10:50:43 +02:00
Joffrey JAFFEUX
5a543f8abd
FIX: prevents trash button to get focus when submiting input on profile (#8198)
This is a default behavior for browsers to submit using first button which doesn't have `type="button"` in a form when pressing enter inside an input.
2019-10-16 10:05:46 +02:00
Arpit Jalan
c596d7df77 FIX: respect private_email setting for user invited notification email 2019-10-16 12:50:30 +05:30
Arpit Jalan
600233482f FIX: include topic link when inviting existing users to a topic/PM
FEATURE: allow staff to use topic_url for customizing email template
2019-10-16 12:36:16 +05:30
Sam Saffron
d5d8db7fa8 FEATURE: improve honeypot and challenge logic
This feature amends it so instead of using one challenge and honeypot
statically per site we have a rotating honeypot and challenge value which
changes every hour.

This means you must grab a fresh copy of honeypot and challenge value once
an hour or account registration will be rejected.

We also now cycle the value of the challenge when after successful account
registration forcing an extra call to hp.json between account registrations

Client has been made aware of these changes.

Additionally this contains a JavaScript workaround for:
https://bugs.chromium.org/p/chromium/issues/detail?id=987293

This is client side code that is specific to Chrome user agent and swaps
a PASSWORD type honeypot with a TEXT type honeypot.
2019-10-16 16:53:44 +11:00
Kris
645faa847b Follow up fix to c71da3f, class was defined twice 2019-10-15 20:12:50 -04:00
David Taylor
7332649f1a DEV: Add plugin outlet to category security tab 2019-10-15 22:37:41 +01:00
Kris
50b618dd44 UX: Add CSS classes to digest email template to allow for easier styling 2019-10-15 16:21:55 -04:00
Daniel Waterworth
c71da3f335 FIX: Add unique index to prevent duplicate slugs for categories 2019-10-15 19:44:50 +00:00
Daniel Waterworth
5f5b232cde FIX: Category.find_by_slug
find_by_slug should ensure that the parent actually exists when its
looking for a parent.
2019-10-15 16:44:24 +01:00
Penar Musaraj
e83c2488a2 FIX: do not unpin reply box in iOS when selecting Emoji 2019-10-15 10:51:53 -04:00
Vinoth Kannan
b2f682f35e
FEATURE: Option to update category preferences of all users when site setting changed (#8180) 2019-10-15 18:41:27 +05:30
Daniel Waterworth
0de7e4339c FIX: Subcategory permissions validation
When a category has a subcategory, we ensure that no one who can see the
subcategory cannot see the parent. However, we don't take into account
the fact that, when no CategoryGroups exist, the default is that
everyone has full permissions.
2019-10-14 21:13:22 +01:00
Daniel Waterworth
c49b20a1a2 FIX: Validation of category tree depth
This prevents the creation of sub-sub-categories in multiple tabs
2019-10-14 21:13:22 +01:00
romanrizzi
9845963105 FEATURE: Use the 'ugc' rel attribute alongside 'nofollow' 2019-10-14 15:21:48 -03:00
David Taylor
392f6cdf33 DEV: Stop overriding computed property on models/category.js.es6
This causes an Ember deprecation notice, and is a confusing pattern. We never used the default values, so there is no benefit to including them.
2019-10-14 16:26:48 +01:00
Gerhard Schlager
2c011252f1 FIX: Move notification level only when user posted
Moving posts also moves the read state (`topic_users` table) to the destination topic. This changes that behavior so that only users who posted in the destination topic will have the original notification level (probably "watching") of the original topic. The notification level for all other users will be set to "regular".
2019-10-14 15:06:09 +02:00
Gerhard Schlager
f1742617fb PERF: Faster moving of read state
This should improve the performance of moving the read state of lots of posts to a new/existing topic.
2019-10-14 15:06:09 +02:00
Dan Ungureanu
086b46051c
FIX: Zeitwerk-related fixes for jobs. (#8187) 2019-10-14 13:03:22 +03:00
Arpit Jalan
815edf6f4d FEATURE: add short site description on login page title 2019-10-14 11:40:09 +05:30
Krzysztof Kotlarek
99086edf85
FIX: Allow themes to upload and serve js files (#8188)
If you set `config.public_file_server.enabled = false` when you try to get uploaded js file you will get an error:
`Security warning: an embedded <script> tag on another site requested protected JavaScript. If you know what you're doing, go ahead and disable forgery protection on this action to permit cross-origin JavaScript embedding.`

The reason is that content type is `application/javascript` and in Rails 5 guard looked like that:
https://github.com/rails/rails/blob/5-2-stable/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L278-L280
However, in Rails 6 `application` was added to regex:
https://github.com/rails/rails/blob/master/actionpack/lib/action_controller/metal/request_forgery_protection.rb#L282-L284

This pull request is related to https://meta.discourse.org/t/uploaded-js-file-for-theme-causes-a-rejection/129753/8
2019-10-14 15:40:33 +11:00
Jeff Wong
2b74dc5885 FIX: allow change password with TOTP 2019-10-13 00:53:57 -07:00
Joffrey JAFFEUX
312ecf2a05
FIX: allows scrolling of search menu panel when showing more results (#8186) 2019-10-11 22:25:28 +02:00
Robin Ward
c5d03c30ca DEV: Add a plugin API for registering a "beforeSave" on the composer
This allows plugins to perform operations before saves occur, and
perhaps reject the post.
2019-10-11 14:55:27 -04:00
Robin Ward
ee4369f972 Hook that allows custom logic before saving the composer 2019-10-11 14:55:09 -04:00
Faizaan Gagan
4d67f2a8ed bumped plugin api version to 0.8.33 (#8185) 2019-10-11 13:56:04 -04:00
Mark VanLandingham
f63db1c4c8
FIX: Accurate sub_total calculation for reviewable_scores (#8184) 2019-10-11 11:07:19 -05:00
Rafael dos Santos Silva
76ab0350f1
FIX: Properly encoded slugs when configured to (#8158)
When an admin changes the site setting slug_generation_method to
encoded, we weren't really encoding the slug, but just allowing non-ascii
characters in the slug (unicode).

That brings problems when a user posts a link to topic without the slug, as
our topic controller tries to redirect the user to the correct URL that contains
the slug with unicode characters. Having unicode in the Location header in a
response is a RFC violation and some browsers end up in a redirection loop.

Bug report: https://meta.discourse.org/t/-/125371?u=falco

This commit also checks if a site uses encoded slugs and clear all saved slugs
in the db so they can be regenerated using an onceoff job.
2019-10-11 12:38:16 -03:00
Penar Musaraj
3a469a79cf
FEATURE: search topics when adding a link in composer (#8178) 2019-10-11 11:37:44 -04:00
David Taylor
67787799bb DEV: Allow plugins to mark user custom fields as editable only by staff
This adds a staff_only parameter to the register_editable_user_custom_field API. The default is false, to maintain backwards compatibility.
2019-10-11 09:57:55 +01:00
Faizaan Gagan
3bcfa158a7 fixed wrong method name while calling (#8182) 2019-10-11 03:51:18 -04:00
Krzysztof Kotlarek
694a5bf229 FIX: Prevent from creation of duplicated TopicAllowedUsers (#8169)
Ensure that we don't try to create duplicated TopicAllowedUsers

Related to https://meta.discourse.org/t/error-message-topic-allowed-users-is-invalid/130382/5

Spec amended to cover a case creating an overlap.
2019-10-11 17:44:29 +11:00
Penar Musaraj
5c5845f3f2 FIX: Minor Github onebox layout issues
- prevents long branch names from overflowing

- fixes alignment of inline avatars in preview
2019-10-10 21:35:36 -04:00
Penar Musaraj
21f3c044e5 FIX: Mobile adjustments for reviewable list 2019-10-10 21:19:49 -04:00
Faizaan Gagan
8fc0cc9aaa Serialize draft (#8175)
* DEV: allow serializing data for drafts

* Various fixes

* added an alias method for 'serializeToDraft' to plugin-api

* fixed linting issues

* changed single quotes to double quotes to fix linting issue

* fixed linting issues

* fixed composer model file via prettier

* fixed composer controller file via prettier

* fixed plugin-api file via prettier
2019-10-10 13:02:35 -04:00
Arpit Jalan
1be8c737e6 UX: add glyph to "Help" button on Password Reset modal 2019-10-10 10:15:43 +05:30
Sam Saffron
5aaf7e3316 FIX: during concurrent emails generation renderer should not be reused
Our instance used for template rendering needs a lock to ensure there is
no race condition where rendering happens on 2 threads at the same time.

This can lead to local poisoning which can cause unexpected results in
emails
2019-10-10 08:50:48 +11:00
Penar Musaraj
04452e748d DEV: remove old code, refactor jQuery call 2019-10-09 14:40:48 -04:00
Mark VanLandingham
d710316ed1 FIX: Order UserFields by position, by default (#8176)
* FIX: site user_fields sorted by position

* FIX: Sort UserField by position for Site
2019-10-09 13:49:28 -04:00
Penar Musaraj
a91ad81ed1 UX: Trigger primary action in modals using Enter
A modal's primary action (blue button in the default theme) can now be invoked
by hitting Enter on the keyboard. This applies to all modals that aren't strict
forms as long as the focus is not on a textarea element.
2019-10-09 13:28:07 -04:00
Gerhard Schlager
10e509e47f FIX: Don't swallow the original error when moving posts
Dropping the temp table in an `ensure` block hides the actual exception. Creating the table with `ON COMMIT DROP` makes the temp table disappear automatically at the end of the transaction. We only need the explicit `DROP` in tests, because tests already run inside a transaction, so the temp table won't be dropped after each test which leads to spec failures.
2019-10-09 17:02:17 +02:00
David Taylor
445a3851d6 FEATURE: Display created and last_used dates for API keys 2019-10-09 14:24:41 +01:00