- Sets `https://www.mixcloud.com` as a `requires_iframe_origins` to allow the iframe content to be displayed
- Attempts to render something approximating the Mixcloud content in the preview pane of the Composer, rather than just displaying a large version of the artwork associated with the link
We currently remove the splash screen once Discourse starts booting.
This can be an issue on very slow devices, which can take up to 6 seconds. This PR ensures that we don't remove the splash until the browser has finished parsing all of the site's assets. It won't impact fast devices.
Internal topic /t/65378/60
Hopefully fixes flakes like:
```
not ok 1123 Chrome 102.0 - [undefined ms] - Global error: Uncaught Error: Unhandled request in test environment: /forum/u/eviltrout.json (PUT) at http://localhost:7357/assets/vendor.js, line 38378
While executing test: Unit | Utility | click-track: routes to absolute internal urls
---
browser log: |
{"type":"error","text":"Unhandled request in test environment: /forum/u/eviltrout.json (PUT)"}
{"type":"error","text":"Uncaught Error: Unhandled request in test environment: /forum/u/eviltrout.json (PUT) at http://localhost:7357/assets/vendor.js, line 38378\n","testContext":{"id":1123,"name":"Unit | Utility | click-track: routes to absolute internal urls","items":[],"state":"executing"}}
...
```
There's an obscure bug where really slow devices end up removing the splash screen before they're finished parsing all of the Discourse assets.
This PR won't impact fast devices but should hopefully prevent the premature removal of the splash on super slow devices.
There's an obscure bug where really slow devices end up removing the splash screen before they're finished parsing all of the Discourse assets.
This PR won't impact fast devices but should hopefully prevent the premature removal of the splash on super slow devices.
This commit does six things
* changes the animation for the splash screen. To a more subtle animation.
* defers displaying the splash by 1.5 seconds
* defers displaying the splash "loading" text by 2.5 seconds
* defers removing the splash until all Discourse initializers have run
* fixes a display issue in Firefox
* Inlines the SVG as a base64 and inlines the required CSS.
The encoded SVG is hard coded for now, but we will use a helper to generate that based on the file after some testing.
This PR introduces a new hidden site setting that allows admins to display a splash screen while site assets load.
The splash screen can be enabled via the `splash_screen` hidden site setting.
This is what the splash screen currently looks like
5ceb72f085.mp4
Once site assets load, the splash screen is automatically removed.
To control the loading text that shows in the splash screen, you can change the preloader_text translation string in admin > customize > text
This commit allows quoting of discourse-local-date elements
and converts the quoted tags back into bbcode so that the
rendered quote will also render the discourse-local-date HTML.
This works on single dates as well as date ranges, and supports
all of the options used by discourse-local-date.
This also necessitated adding addTextDecorateCallback to the
to-markdown core lib (similar to addBlockDecorateCallback and
addTagDecorateCallback) to transform the text nodes between
date ranges to remove the -> in the final quote.
c.f. https://meta.discourse.org/t/quotes-that-contain-date-time/101999
Now that we've switched to Ember CLI, these things are no longer used.
- These sprockets manifests are superceded by the assets generated by ember cli
- These vendored scripts are now fetched by ember-auto-import at compile time
Updates markdown-it to v13.0.1
Noteworthy changes:
* `markdownit()` is now available on `globalThis` instead of `window`.
* The `text_collapse` rule was renamed to `fragments_join` which affected the `bbcode-inline` implementation.
* The `linkify` rule was added to the `inline` chain which affected the handling of the `[url]` BBCode. If available, our implementation reuses `link_open` and `link_close` tokens created by linkify in order to prevent duplicate links.
* The rendered HTML for code changed slightly. There's now a linebreak before the `</code>` tag. The tests were adjusted accordingly.
```
{"type":"warn","text":"DEPRECATION: Using this.clearRender has been deprecated, consider using `clearRender` imported from `@ember/test-helpers`. [deprecation id: ember-test-helpers.setup-rendering-context.clearRender]"}
```
Similar to #17145
This commit moves the SVG sprite container to the <discourse-assets> element.
There is 0 visual or functional changes in this PR. It just tidies up the element view in devTools.
This PR introduces 0 visual or functional changes. The only thing that it changes is that it moves the data-preloaded div (which has the app boot json into the <discourse-assets> element.
See #17078 for a bit more context.
The reason behind this change is that it makes devTools element view a little bit less cluttered.
At some point in the past we decided to rename the 'regular' notification state of topics/categories to 'normal'. However, some UI copy was missed when the initial renaming was done so this commit changes the spots that were missed to the new name.
This is related to #17063 and is also a pre-request for the splash screen work.
This PR introduces 0 visual or functional changes. It just relocates the stylesheets in the load order.
`.css` stylesheets block the browser render. We need to move those out of the <head> tag.
However, they still need to be loaded before core/plugin/theme rendered HTML to avoid FOUC.
This is pre-request work to introduce a splash screen while site assets load.
The only change this commit introduces is that it ensures we add the defer attribute to core/plugin/theme .JS files. This will allow us to insert markup before the browser starts evaluating those scripts later on. It has no visual or functional impact on core.
This will not have any impact on how themes and plugins work. The only exception is themes loading external scripts in the </head> theme field directly via script tags. Everything will work the same but those would need to add the defer attribute if they want to keep the benefits introduced in this PR.
`email-group-user-chooser` currently handles paste events to allow users to paste multiple entries at once instead of entering them one by one. This behavior makes sense when the component is used in scenarios where it makes sense to provide multiple entries such as the recipients field when creating a PM. However, for instances where the component accepts only 1 entry, it doesn't make a lot of sense to do custom handling of paste events.
This commit makes our paste event handler a NOOP when the component is configured to accept only 1 entry in which case pasting will simply input the value into the component's search field.
* FIX: Make watched words uploads work as intended
Currently when we upload a file containing watched words, it will always
add the words to the action that was initially selected: this is the
`block` action by default but if changing manually the action in the URL
to `flag` for example, then this action will be selected and uploaded
watched words will be categorised as `flag` no matter what.
The problem lies with how the component works: it’s an Uppy object where
extra data is defined to provide an action key to the server but when
navigating to another listed action, while this action key is properly
updated on the component itself, the underlying Uppy object has already
been created and doesn’t care about the new value.
This patch solves this by using the `_perFileData` method instead of
`data`: the former is merged just before uploading a file whereas the
latter is used when the Uppy object is created.
This reverts commit 94c3bbc2d1.
At this current point in time, we do not have enough data on whether
this centralisation is the trade-offs of coupling features into a single
channel.
In the specific case where you start typing an emoji, then open the full emoji picker, the chosen emoji would be inserted in the wrong place. This was an unintentional side effect of the changes in 75d9c16156
This commit updates the `emojiSelected` logic to avoid mutating the 'selected' object, and also adds a test for this specific behaviour.
* The `javascript:update` rake task failed because recent versions of chart.js use a lowercase filename (`chart.min.js` instead of `Chart.min.js`)
* Changed `loadScript()` to use lowercase keys to lookup scripts
* `svg-arrow.css` seems to have changed slightly (linebreak at the end of file)
e.g.
```
presenceChannel = this.presence.getChannel('/blah');
presenceChannel.subscribe();
presenceChannel.on('change', (channel) => console.log(channel.users));
```
This commit also does some refactoring to remove the use of an unnecessary EmberObject and dynamic `defineProperty` call
When a user is answering a whisper comment, they cannot change from whisper to regular answer.
However, user can click reply to topic. We keep `postSnapshot` so user can change mind and switch back to reply to post. In that case, a toggle whisper button should appear.
To make it happen, I am ensuring to display a toggle whisper button when user is replying to topic - `postLink` attribute is missing.
Fixes many Ember deprecation warnings like:
```
WARNING: Binding style attributes may introduce cross-site scripting vulnerabilities; please ensure that values being bound are properly escaped. For more information, including how to disable this warning, see https://emberjs.com/deprecations/v1.x/#toc_binding-style-attributes. Style affected: "border-color: #33B0B0; --category-color: #33B0B0;"
```
As part of this commit, a bug where updating a tag's notification level on the server side does not update the state of the user's tag notification levels on the client side is fixed too.
Allow for a default translation string to be returned when a translation cannot
be found.
Useful in contexts where there is a known fallback, such as custom emoji group
strings.
This commit removes many uses of `this._$textarea`, and also switches us to use `document.execCommand("insertText")` for the majority of manipulations. This means that the browser undo history will be preserved when doing things like pasting rich html, using bold/italic shortcuts, etc.
These manipulations are already extensively tested. This commit extends a few of the tests to verify the undo behavior.
There are still a few cases (e.g. replacing upload placeholders with true URLs) where we don't necessarily want to bring the composer into focus. In those cases, the old history-breaking behavior remains for now.
The test was un-skipped in 6f25f17360 but
has since been flaky again. Removing the test completely as it has
resulted in more pain for us than the value the test provides.
This commit introduces a new site setting: `block_hotlinked_media`. When enabled, all attempts to hotlink media (images, videos, and audio) will fail, and be replaced with a linked placeholder. Exceptions to the rule can be added via `block_hotlinked_media_exceptions`.
`download_remote_image_to_local` can be used alongside this feature. In that case, hotlinked images will be blocked immediately when the post is created, but will then be replaced with the downloaded version a few seconds later.
This implementation is purely server-side, and does not impact the composer preview.
Technically, there are two stages to this feature:
1. `PrettyText.sanitize_hotlinked_media` is called during `PrettyText.cook`, and whenever new images are introduced by Onebox. It will iterate over all src/srcset attributes in the post HTML and check if they're allowed. If not, the attributes will be removed and replaced with a `data-blocked-hotlinked-src(set)` attribute
2. In the `CookedPostProcessor`, we iterate over all `data-blocked-hotlinked-src(set)` attributes and check whether we have a downloaded version of the media. If yes, we update the src to use the downloaded version. If not, the entire media element is replaced with a placeholder. The placeholder is labelled 'external media', and is a link to the offsite media.
If the select-kit header is not in the viewport (scrolled out of view), popper adds a data-popper-reference-hidden attribute.
This PR adds the recommended styles to "hide" the select-kit body when that happens. See
https://popper.js.org/docs/v2/modifiers/hide/
Twitter does not allow SVGs to be used for twitter:image
metadata (see https://developer.twitter.com/en/docs/twitter-for-websites/cards/overview/markup)
so we should fall back to the site logo if the image option
provided to `crawlable_meta_data` or SiteSetting.site_twitter_summary_large_image_url
is an SVG, and do not add the meta tag for twitter:image at all
if the site logo is an SVG.
Previously, draft get destroyed accidentally when we switch to PM with the below steps
1. Click “New Topic”
2. Type in the body
3. Switch to “New Message”
4. Click “cancel”
This commit seeks to only handle the `f=tracked` and `filter=tracked`
query params for a topic list. There are other "hidden" filters for a
topic list which can be activated by passing the right query param to
the request. However, they are hidden because there is no way to
activate those filters via the UI. We are handling the `f=tracked`
filter because we will soon be adding a link that allows a user to
quickly view their tracked topics.
Due to some changes we started notifying via push notifications on other
families of notifications. There are a total of about 30 or so possible
notification you could get, some can be pushed.
This fallback means that if for any reason we are unable to find an icon
for a push notification we just fallback to the Discourse logo.
Also go with a simple reply icon for watching first post.
Note, that in production `image_url` can return an exception if an image is
missing. This is not the case in test / development.
* When loading topics in bulk, only trigger state change callbacks after
all the topics have been loaded and we determine that state has actually
changed.
* State change callbacks are also only triggered when state has changed.
The use of JSON.stringify might raise some performance concerns here as this is a
performance sensitive codepath. However, I measured the time for each
`_setState` function call locally, by wrapping the function call with
`performance.now()`, and did not see any significant overhead.
Since the default for the bookmark modal is to have no
reminder if you create a bookmark by clicking out of
the modal or pressing the Save button, this commit highlights
None by default.
Also changes the bookmark component to not use @on for Ember
lifecycle, we don't use that style
The commit fcc2e7ebbf to promote
polymorphic bookmarks did not correctly set the username for
the quick access bookmark menu based on the new serializer
values, so the username is not being shown in the bookmark
quick access menu. This commit fixes it, and also adds additional
tests for that menu and updates the user fixtures to reflect
the current state of the bookmarks endpoint.
Given this html:
```
<aside class="quote no-group">
<blockquote>
<aside class="quote no-group">
<blockquote>
<p dir="ltr">test</p>
</blockquote>
</aside>
<p dir="ltr">test2</p>
</blockquote>
</aside>
```
The result was an invalid markdown:
```
[quote]
[quote]
> test
> [/quote]
>
>
>
> test2
[/quote]
```
Now the result is:
```
[quote]
[quote]
test
[/quote]
test2
[/quote]
```
The bookmarkable_type instead of the bookmarkable_url
was being used for the link to the bookmark for the quick
access menu, leading to links like /ChatMessage. This
fixes the issue, follow up PR with tests for the quick
access menu to follow.
Looking up values from the `emojiStore` calls out to the browser's localStorage API and then decodes a JSON blob. This makes it relatively slow.
Previously we were doing this lookup in the emoji-picker's `init()` function, even if `isActive` was false. If many inactive emoji pickers are rendered simultaneously (e.g. for discourse-chat reactions), this performance hit quickly adds up.
This commit updates the service to notify about changes, and uses a computed property to provide a cached value in the emoji-picker.
`run-qunit.js` does not expect QUnit tests to start automatically but
our wizard QUnit setup did not respect the `qunit_disable_auto_start`
URL param. Hence, tests would start running automatically and when a
subsequent `QUnit.start()` function call is made, we ended up getting a
`QUnit.start cannot be called inside a test context.` error.
This error can be consistently reproduced in the `discourse:discourse_test` container but not in
the local development environment. I do not know why and did not feel
like it is important at this point in time to know why.
There is no need for the extra protection on the client side if there is
a bug on the server side. In fact, we want the bug to be surfaced so
that it can be fixed on the server side.
Sometimes we need to render the icon as a call to action
to create a bookmark at which point the bookmark does
not yet exist, so we need to just show the normal bookmark
icon and a create title.
Also adds a CSS class for the bookmark existing and not existing
for styling.
This improves the bookmark-icon title to be more like the
post bookmark icons, to include the special formatted date
as well as the name of the bookmark.
This component will be useful for chat, and also moves
the definition of the icon for with and without reminders
to the bookmark model as consts, so they can easily be
referenced in other places.
This commit migrates all bookmarks to be polymorphic (using the
bookmarkable_id and bookmarkable_type) columns. It also deletes
all the old code guarded behind the use_polymorphic_bookmarks setting
and changes that setting to true for all sites and by default for
the sake of plugins.
No data is deleted in the migrations, the old post_id and for_topic
columns for bookmarks will be dropped later on.
Previously we were only applying the restriction to `a[href]` and `img[src]`. This commit ensures we apply the same logic to all allowlisted media src attributes.
Categories that had a CategoryUser record and the notification level
set to "Normal" were not selectable in any of the "Watched", "Tracked",
"Watching First Post" or "Muted" inputs. This happened because the
category seemed to be already selected in the "Normal" input, but that
does not exist (it is the default value if category is not present in
any of the other inputs).
The composer is displayed over the bottom part of the page. To make sure
that no content is covered by the composer, a bottom padding is added
equal to the height of the composer. When the composer is opened or
closed that padding is added after around 300ms because of a debounce.
This commit makes sure that the padding is added as soon as the composer
state changes by using a CSS custom property (variable) and transition
property for a smooth user interface.
The title had to be added both on the 404 page generated by the server
side, displayed when the user reaches a bad page directly and the 404
page rendered by Ember when a user reaches a missing topic while
navigating the forum.
If userA has multiple tab/devices on the same topic, and:
1. userA likes a post in tab1
2. userB likes the same post
3. userA post like `acted` attr would desync in tab2
This fix handles this case and also the reverse one when removing likes
interleaved with other users acting on the same post.
Reported in Meta at https://meta.discourse.org/t/-/227239/3
cf273ec6 removed ie11 as a target. A side effect is that this also removed support for Safari 12, which we will be maintaining support for until January 2023
https://meta.discourse.org/t/224747
While editing a reviewable's tags, the tag chooser did not show the tags
restricted to a specific category. This happened because the tag-chooser
did not pass the categoryId to the server while it was requesting the
list of tags the user can use.
For some pages, when navigating to a topic and then pressing the Back
browser button to go back to the topic list, the scroll position was
not preserved and the user was taken to the beginning of the list.
This happened because the application failed to detect when the user
used the Back button and whether the topic list should be fetch from
the cache or not. The scroll position is preserved only for cached
topic lists.
Other improvements:
* Improve isPoppedState
* Reset position for topic-lists from user-activity page
* Remove usage of jQuery
* Make sure the scrollTo function has effect
Follow up to 618a1ba571.
This fixes a corner case of the perf optimization in d4e35f5.
When you have the the same post showing in multiple tab/devices and like
said post in one place, we updated the like count but didn't flip the
`acted` bool in the front-end. This caused a small visual desync.
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
The prioritize_username_in_ux site settings controls if the username or
name will be prioritized in the user interface. On the user directory
page the name was never displayed if the user and username were very
similar, being completely different from all the other places where the
username or name is displayed.
The scroll position was reset everytime the user pressed the back button
and returned to a user activity page. This fix applies only to pages
that uses the user-stream component. Pages with topic lists already had
this functionality implemented.
A bit of a mixed bag, this addresses several edge areas of bookmarks and makes them compatible with polymorphic bookmarks (hidden behind the `use_polymorphic_bookmarks` site setting). The main ones are:
* ExportUserArchive compatibility
* SyncTopicUserBookmarked job compatibility
* Sending different notifications for the bookmark reminders based on the bookmarkable type
* Import scripts compatibility
* BookmarkReminderNotificationHandler compatibility
This PR also refactors the `register_bookmarkable` API so it accepts a class descended from a `BaseBookmarkable` class instead. This was done because we kept having to add more and more lambdas/properties inline and it was very messy, so a factory pattern is cleaner. The classes can be tested independently as well.
Some later PRs will address some other areas like the discourse narrative bot, advanced search, reports, and the .ics endpoint for bookmarks.
For some reason, we're seeing inconsistency between production and
development environment where the computed width of #main-outlet-wrapper
is not taking the full width of the grid column in production.
Follow-up to b35cf7cc0c.
Note this commit also introduce a new {{d-popover}} component, example usage:
```hbs
{{#d-popover |state|}}
{{d-button label="foo.things" class="d-popover-trigger"}}
<div class="d-popover-content">
Some content
<div>
{{/d-popover}}
```
If you happen to mention someone with the wrong capitalization for that
person's username (e.g. `@sAm`), that incorrect capitalization would get
displayed on their user card.
This update will fix that by displaying the `user.username` value, which
will have the correct capitalization.
I also added some tests that will ensure `username` and `name` are
displayed on the user card in the correct order based on the
`prioritize_username_in_ux` setting.
This issue was reported here:
https://meta.discourse.org/t/capitalization-does-not-match-when-you-open-user-cards-using-mentions/217166
The values in Discourse dropdown menus only come from admin-defined strings, not unsanitised end-user input, so this lack of escaping was not exploitable.
* hidden siteSetting to enable experimental sidebar
* user preference to enable experimental sidebar
* `experimental_sidebar_enabled` attribute for current user
* Empty glimmer component for Sidebar
Before this change, we were using the labels from the original chartData to the chart builder, and we would then apply our collapse function on each dataset which could change the labels and cause a mismatch.
This was very visible when using quarterly periods on consolidated pageviews.
Other things may have added things to the style attribute (e.g. the `image-aspect-ratio` decorator).
Unfortunately this is difficult to add a test for because `lazy-load-images` leans on the `onload` event. We have no control over image loading in tests, so race conditions would be very likely.
- Make proxy pass `x-forward...` headers, so that Rails can set the host/port correctly in the csp
- Make `testem.js` available on a route which is within the app's default CSP
There was an edge when a user re-quoted a nested quote that it would return an incorrect `full name` but the correct `username` for the original quote. This PR updates the logic to fall back to using the OP user's username.
The complexity of the changes required to allow for full names to be displayed on nested quotes far outweighs how rare quoting nested quotes is.
This pull request follows on from https://github.com/discourse/discourse/pull/16308. This one does the following:
* Changes `BookmarkQuery` to allow for querying more than just Post and Topic bookmarkables
* Introduces a `Bookmark.register_bookmarkable` method which requires a model, serializer, fields and preload includes for searching. These registered `Bookmarkable` types are then used when validating new bookmarks, and also when determining which serializer to use for the bookmark list. The `Post` and `Topic` bookmarkables are registered by default.
* Adds new specific types for Post and Topic bookmark serializers along with preloading of associations in `UserBookmarkList`
* Changes to the user bookmark list template to allow for more generic bookmarkable types alongside the Post and Topic ones which need to display in a particular way
All of these changes are gated behind the `use_polymorphic_bookmarks` site setting, apart from the .hbs changes where I have updated the original `UserBookmarkSerializer` with some stub methods.
Following this PR will be several plugin PRs (for assign, chat, encrypt) that will register their own bookmarkable types or otherwise alter the bookmark serializers in their own way, also gated behind `use_polymorphic_bookmarks`.
This commit also removes `BookmarkQuery.preloaded_custom_fields` and the functionality surrounding it. It was added in 0cd502a558 but only used by one plugin (discourse-assign) where it has since been removed, and is now used by no plugins. We don't need it anymore.
This was causing unexpected behaviors on production builds. And also on firefox on local environnement, however the issues was slightly different.
- production chrome: colors don't load
- dev firefox: colors don't change when selecting a different color set
Previously, accessing the Rails app directly in development mode would give you assets from our 'legacy' Ember asset pipeline. The only way to run with Ember CLI assets was to run ember-cli as a proxy. This was quite limiting when working on things which are bypassed when using the ember-cli proxy (e.g. changes to `application.html.erb`). Also, since `ember-auto-import` introduced chunking, visiting `/theme-qunit` under Ember CLI was failing to include all necessary chunks.
This commit teaches Sprockets about our Ember CLI assets so that they can be used in development mode, and are automatically collected up under `/public/assets` during `assets:precompile`. As a bonus, this allows us to remove all the custom manifest modification from `assets:precompile`.
The key changes are:
- Introduce a shared `EmberCli.enabled?` helper
- When ember-cli is enabled, add ember-cli `/dist/assets` as the top-priority Rails asset directory
- Have ember-cli output a `chunks.json` manifest, and teach `preload_script` to read it and append the correct chunks to their associated `afterFile`
- Remove most custom ember-cli logic from the `assets:precompile` step. Instead, rely on Rails to take care of pulling the 'precompiled' assets into the `public/assets` directory. Move the 'renaming' logic to runtime, so it can be used in development mode as well.
- Remove fingerprinting from `ember-cli-build`, and allow Rails to take care of things
Long-term, we may want to replace Sprockets with the lighter-weight Propshaft. The changes made in this commit have been made with that long-term goal in mind.
tldr: when you visit the rails app directly, you'll now be served the current ember-cli assets. To keep these up-to-date make sure either `ember serve`, or `ember build --watch` is running. If you really want to load the old non-ember-cli assets, then you should start the server with `EMBER_CLI_PROD_ASSETS=0`. (the legacy asset pipeline will be removed very soon)
This reverts commit 01107e418e.
We have seen some random occurrences of corrupted assets, and think it may be related to the sprockets 4 update. Reverting for investigation
Commit 68497bddf2 implemented a function
to format durations in a medium format, similar to how durationTiny did.
The existent translation strings do not cover all cases and this commit
adds the missing translation strings.
1. When the select-kit body is rendered, it defaults to being displayed under the triggering select-kit header, unless...
there isn't enough space between the bottom of the select-kit header and the bottom of the viewport
&
there's enough space on top of the select-kit header, and in that case, we render it on top.
2. We give it a bit of padding on top, so it never renders below the header on the Z-axis.
14778ba52e/app/assets/javascripts/select-kit/addon/components/select-kit.js (L877-L884)
3. If there isn't enough space between the bottom of the viewport and the bottom of the select-kit header, and there isn't enough space between its top and the bottom of `d-header`, it renders at the bottom of the select-kit header.
In theory, number 3 above rarely ever happens. However, it can occur in the case of the user preferences page in combination with a large select-kit body (many categories).
The select-kit body then renders below the trigging select-kit header, but it's cut off. Users won't be able to see the entire select-kit body.
Here's an example
a719734d92.mp4
This PR adds a "prevent overflow" modifier to Popper. What it does is that it handles the case above.
If there's not enough space below the select-kit header or above it, render the select-kit body below the select-kit header BUT... anchor it to the bottom of the viewport.
Here's what that looks like
32cd1639bb.mp4
After this fix, even very large select-kit bodies will always be on the screen.
Please note that this PR has no impact on either number 1 or number 2 above, and those will continue to function as they currently do.
The only downside here is that the select-kit body might cover the select-kit header if it needs to be anchored at the bottom of the viewport, and it's very large. However, between that and not being able to see all the options, I think it's a fair compromise. There's only so much space in the viewport.
This PR ignores mobile because we have a different placement strategy. We use `position: absolute`... so, users can scroll the viewport if needed.
This commit fixes two issues at play. The first was introduced
in f6c852b (or maybe not introduced
but rather revealed). When a user posted a new message in a topic,
they received the unread topic tracking state MessageBus message,
and the Unread (X) indicator was incremented by one, because with the
aforementioned perf commit we "guess" the correct last read post
for the user, because we no longer calculate individual users' read
status there. This meant that every time a user posted in a topic
they tracked, the unread indicator was incremented. To get around
this, we can just exclude the user who created the post from the
target users of the unread state message.
The second issue was related to the private message topic tracking
state, and was somewhat similar. Whenever a user created a new private
message, the New (X) indicator was incremented, and could not be
cleared until the page was refreshed. To solve this, we just don't
update the topic state for the user when the new_topic tracking state
message comes through if the user who created the topic is the
same as the current user.
cf. https://meta.discourse.org/t/bottom-of-topic-shows-there-is-1-unread-remaining-when-there-are-actually-0-unread-topics-remaining/220817
This updates the fix in commit eb70ea4.
Co-authored-by: Osama Sayegh <asooomaasoooma90@gmail.com>
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
This PR will include `suspended` attribute in post serializer to check it in post widget and add a CSS class name.
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
The main difference is that Sprockets 4.0 no longer tries to compile everything by default. This is good for us, because we can remove all our custom 'exclusion' logic which was working around the old sprockets 3.0 behavior.
The other big change is that lambdas can no longer be added to the `config.assets.precompile` array. Instead, we can do the necessary globs ourselves, and add the desired files manually.
A small patch is required to make ember-rails compatible. Since we plan to remove this dependency in the near future, I do not intend to upstream this change.
I have compared the `bin/rake assets:precompile` output before and after this change, and verified that all files are present.
The error would happen when emoji_autocomplete_min_chars site setting is set to anything superior to 0, in this case until we reach the min chars length, emojiSearch would return "skip" and the code was currently expecting an array.
Discourse has the Discourse Connect Provider protocol that makes it possible to
use a Discourse instance as an identity provider for external sites. As a
natural extension to this protocol, this PR adds a new feature that makes it
possible to use Discourse as a 2FA provider as well as an identity provider.
The rationale for this change is that it's very difficult to implement 2FA
support in a website and if you have multiple websites that need to have 2FA,
it's unrealistic to build and maintain a separate 2FA implementation for each
one. But with this change, you can piggyback on Discourse to take care of all
the 2FA details for you for as many sites as you wish.
To use Discourse as a 2FA provider, you'll need to follow this guide:
https://meta.discourse.org/t/-/32974. It walks you through what you need to
implement on your end/site and how to configure your Discourse instance. Once
you're done, there is only one additional thing you need to do which is to
include `require_2fa=true` in the payload that you send to Discourse.
When Discourse sees `require_2fa=true`, it'll prompt the user to confirm their
2FA using whatever methods they've enabled (TOTP or security keys), and once
they confirm they'll be redirected back to the return URL you've configured and
the payload will contain `confirmed_2fa=true`. If the user has no 2FA methods
enabled however, the payload will not contain `confirmed_2fa`, but it will
contain `no_2fa_methods=true`.
You'll need to be careful to re-run all the security checks and ensure the user
can still access the resource on your site after they return from Discourse.
This is very important because there's nothing that guarantees the user that
will come back from Discourse after they confirm 2FA is the same user that
you've redirected to Discourse.
Internal ticket: t62183.
The main difference is that Sprockets 4.0 no longer tries to compile everything by default. This is good for us, because we can remove all our custom 'exclusion' logic which was working around the old sprockets 3.0 behavior.
The other big change is that lambdas can no longer be added to the `config.assets.precompile` array. Instead, we can do the necessary globs ourselves, and add the desired files manually.
A small patch is required to make ember-rails compatible. Since we plan to remove this dependency in the near future, I do not intend to upstream this change.
I have compared the `bin/rake assets:precompile` output before and after this change, and verified that all files are present.
All current browser treat the HTML document (not the body element) as
the scrollable document element. Hence in all current browsers,
`document.body.scrollTop` returns 0. This commit removes all usage of
this property, because it is effectively 0.
Co-authored-by: David Taylor <david@taylorhq.com>
