The warning was:
DEPRECATION WARNING: Calling `<<` to an ActiveModel::Errors message array in order to add an error is deprecated. Please call `ActiveModel::Errors#add` instead. (called from block (3 levels) in activate! at discourse/plugins/poll/plugin.rb:519)
In some very rare cases, poll options can end up with images that have
no dimensions, in which case, navigating to replies in that post stream
might result in unexpected scrolling (as the browser loads the images
and adjusts its layout).
This ensures that if width/height attributes are missing from an image,
the image is forced to display within a 200 by 200 pixels space.
Co-authored-by: David Taylor <david@taylorhq.com>
Some plugins hook into Post after save to set custom fields and save again.
For example: https://github.com/discourse/discourse-category-experts/blob/main/lib/category_experts/post_handler.rb#L27
Problem is that in case like that `raw_changed?` is false but all callback are triggered. `extracted_polls` is class atribute therefore that should be reset with each attempt.
That was causing an error:
```
#<ActiveRecord::RecordNotUnique: PG::UniqueViolation: ERROR: duplicate key value violates unique constraint
"index_polls_on_post_id_and_name" DETAIL: Key (post_id, name)=(8967, poll) already exists.
```
* Move onebox gem in core library
* Update template file path
* Remove warning for onebox gem caching
* Remove onebox version file
* Remove onebox gem
* Add sanitize gem
* Require onebox library in lazy-yt plugin
* Remove onebox web specific code
This code was used in standalone onebox Sinatra application
* Merge Discourse specific AllowlistedGenericOnebox engine in core
* Fix onebox engine filenames to match class name casing
* Move onebox specs from gem into core
* DEV: Rename `response` helper to `onebox_response`
Fixes a naming collision.
* Require rails_helper
* Don't use `before/after(:all)`
* Whitespace
* Remove fakeweb
* Remove poor unit tests
* DEV: Re-add fakeweb, plugins are using it
* Move onebox helpers
* Stub Instagram API
* FIX: Follow additional redirect status codes (#476)
Don’t throw errors if we encounter 303, 307 or 308 HTTP status codes in responses
* Remove an empty file
* DEV: Update the license file
Using the copy from https://choosealicense.com/licenses/gpl-2.0/#
Hopefully this will enable GitHub to show the license UI?
* DEV: Update embedded copyrights
* DEV: Add Onebox copyright notice
* DEV: Add MIT license, convert COPYRIGHT.txt to md
* DEV: Remove an incorrect copyright claim
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: jbrw <jamie@goatforce5.org>
We now bundle Javascript for each theme/plugin separately, and only ship bundles for enabled plugins to the client. Therefore, these disabled_plugins checks are now redundant, and can be removed.
Per https://meta.discourse.org/t/-/186896, this is a simple copy change to help curb users from sending messages to the moderators via flagging the Discobot tutorial.
Based on feedback from Matt Haughey, we don't need to use so many words when describing a deleted topic or post.
Co-authored-by: Martin Brennan <martin@discourse.org>
Over the years we accrued many spelling mistakes in the code base.
This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change
- comments
- test descriptions
- other low risk areas
When issuing the discobot certificate, we were not closing the
iframe tag, which meant that the final message instruction to
the user was swallowed up.
Some polls with images can be very long. Those which showed a pie chart
for the results had a fixed height set, which meant that some long polls
could be cut off.
* DEV: Give a nicer error when `--proxy` argument is missing
* DEV: Improve Ember CLI's bootstrap logic
Instead of having Ember CLI know which URLs to proxy or not, have it try
the URL with a special header `HTTP_X_DISCOURSE_EMBER_CLI`. If present,
and Discourse thinks we should bootstrap the application, it will
instead stop rendering and return a HTTP HEAD with a response header
telling Ember CLI to bootstrap.
In other words, any time Rails would otherwise serve up the HTML for the
Ember app, it stops and says "no, you do it."
* DEV: Support asset filters by path using a new options object
Without this, Ember CLI's bootstrap would not get the assets it wants
because the path it was requesting was different than the browser path.
This adds an optional request header to fix it.
So far this is only used by the styleguide.
* FIX: Show date picker over modal
Previously, scrolling was necessary to see the whole picker.
* FEATURE: Improve validation for polls
Adds new error messages for each of the edge cases. Previously, it
failed with a simple error saying that the minimum value must be less
than the maximum value.
* UX: Copy edit
Headings with the exact same name generated exactly the same heading
names, which was invalid. This replaces the old code for generating
names for non-English headings which were using URI encode and resulted
in unreadable headings.
When invited by email, users will receive an invite URL which contains
a token. If that token is present when the invite is redeemed, their
account will be automatically activated.
The `details_enabled` site setting description did not clearly convey what it controls.
The copy change was discussed here: https://meta.discourse.org/t/183923
- removes the option from site settings
- deletes the site setting on existing sites that have it
- marks posts using emojis as requiring a rebake
Note that the actual image files are not removed here, the plan is to
remove them in a few weeks/months (when presumably the rebaking of old
posts has been completed).
This PR fixes a bug where if you navigate from topic to another one (via suggested topics, notifications etc.), the previous topic is not unsubscribed from presence manager, which means if you visit lots of topics all the subscriptions will accumulate and can cause rate limit errors.
This bug is exposed by the loading slider we're currently experimenting with on Meta because we no longer have an intermediate state when navigating between topics which means the `willDestroyElement` hook that's responsible for unsubscribing is not called.
Previously, the `{{mobile-nav}}` component required a `currentRouteName` property, passed from the router service. It would observe changes in this property, and update the UI accordingly.
If we change between routes which have the same `currentRouteName` (e.g. two different group message inboxes), then the `currentRouteName` does not change and does not trigger the observer. Currently in core, we are relying on the fact that currentRouteName temporarily enters a `.loading` substate during a transition. This will change when we remove the loading substate in the near future.
This commit refactors `{{mobile-nav}}` to inject the router directly, and use the `routeDidChange` event instead of an observer. The change is backwards compatible, but plugins passing the old `currentPath` property will be shown a deprecation notice.
This encompasses a lot of work done over the last year, much of which
has already been merged into master. This is the final set of changes
required to get Ember CLI running locally for development.
From here on it will be bug fixes / enhancements.
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: romanrizzi <rizziromanalejandro@gmail.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: romanrizzi <rizziromanalejandro@gmail.com>
This moves the way we add the user avatar and site logo
to the discobot certificates from embeded base64 png to
just using the files urls in the href to the image tag.
This will make generation faster and the certificate
smaller overall, but it can't be used in a `img` tag
anymore, since SVGs in `img` tags don't load the external images
In order to work around that we will move the certificate
in posts to an iframe, which works fine without any user
visible changes. For this to be possible the plugin automatically
adds the site current domain to the list of allowed iframe origins.
Includes:
* FIX: Don't override computed properties
* FIX: Prevent a set-after-destroy error
* FIX: Get rid of select-kit deprecations
* FIX: Replace removed admin-group-selector
* FIX: Provide onChange action to fix warnings
* FIX: Remove an element with an invalid id
* DEV: Remove topic-notifications-button from dropdowns
It has its own styleguide section under "Molecules".
* UX: Styleguide tweaks
* DEV: Make the dropdowns useable
Because the site admin is sending a message to themselves, there is only one user in the topic_allowed_users, and `.last` returns nil.
Attempt to recognize this situation and continue, or bail without doing anything if this somehow happens another way.
* DEV: Remove with_deleted workarounds for old Rails version
These workarounds using private APIs are no longer required in the latest version of Rails. The referenced issue (https://github.com/rails/rails/issues/4306) was closed in 2013. The acts_as_paranoid workaround which this was based on was removed for rails > 5.
Switching to using a scope also allows us to use it within a `belongs_to` relation (e.g. in the Poll model). This avoids issues which can be caused by unscoping all `where` clauses.
Predicates are not necessarily strings, so calling `.join(" AND ")` can sometimes cause weird errors. If we use `WhereClause#ast`, and then `.to_sql` we achieve the same thing with fully public APIs, and it will work successfully for all predicates.
We want to wrap the `Ember.run.debounce` function and internally call `Ember.run` instead when running tests.
This commit changes discourseDebounce to work the same way as `Ember.run.debounce`.
Now that `discourseDebounce` works exactly like `Ember.run.debounce`, let's replace it and only use `DiscourseDebounce` from now on.
Move debounce to discourse-common to be able to reuse it in different bundles
Keep old debounce file for backwards-compatibility
You might wonder why this matters. It turns out in some locales like
French, we replace quotation marks with « and » -- this should likely
not happen before BBCode is parsed but that is not the case for this
plugin. The plugin has code to handle this situation, but it means extra
spaces are inserted around the time zone which breaks it.
This fix allows us to supply extra whitespace and will show the correct
time zone.
Using arrow functions changes `this` context, which is undesired in tests, e.g. it makes it impossible to setup things like pretender (`this.server`) in `beforeEach` hooks.
Ember guides always use classic functions in examples (e.g. https://guides.emberjs.com/release/testing/test-types/), and that's what it uses in its own test suite, as do various addons and ember apps.
It was also already used in Discourse where `this` was required. Moving forward, it will be needed in more places as we migrate toward ember-cli.
(I might later add a custom rule to eslint-discourse-ember to enforce this)
Due to the new enhanced copy-paste handling, the URL would be included in the user's reply as code, too!
By surrounding the link in angle brackets, we prevent the bot from accidentally including the link itself and spoiling the surprise.
I considered having the bot automatically edit the user's post to remove the backticks. I very quickly ran into a problem with spurious whitespace, and it would also look _super weird_ for the bot to edit your post when that's not what's being taught.
The seemingly bare link not automatically embedding is also weird, but slightly less so.
Fun fact: this doesn't work on localhost, because the onebox engine refuses to issue requests to localhost :)
In newer Embers jQuery is removed. There is a `find` but it only returns
one element and not a jQuery selector. This patch migrates our code to a
new helper `queryAll` which allows us to remove the global.
More seriously: discobot wasn't reacting properly if users used their
emoji keyboard to insert a real herb emoji, which works just as well
in a real post.
While we're here, use String#include? instead of constructing a new regexp.
https://meta.discourse.org/t/capybaras-dont-eat-real-emojis/168361
I also took the opportunity with this commit to move some test specific
stuff out of `discourse-loader` which is loaded on the front end of the
application. The test module building now happens in the `test_helper`
bundle.
DEV: Replace instances of Discourse.base_uri with Discourse.base_path
This is clearer because the base_uri is actually just a path prefix. This continues the work started in 555f467.
This is long overdue. We had a lot of (not linted) code to initialize
our test suite as part of the Ruby `test_helper.js` bundle.
This refactor moves that out to a `setup-tests` module, which imports
all the modules properly, rather than using `require`.
It also removes the global `server` variable which some tests were using
for pretender. Those tests are fixed, and in the case of widget tests,
support for a `pretend()` was added, which mimics our acceptance tests.
One problematic test was removed, which overwrites `/posts` - this could
break tons of other tests depending on order.
We used many global functions to handle tests when they should be
imported like other libraries in our application. This also gets us
closer to the way Ember CLI prefers our tests to be laid out.
This plugin is only useful for developers, however, making it core allows us to centralize any component modification in one commit.
This integration also adds a new site_setting: `styleguide_admin_only` which allows to enable a styleguide on a live site while restricting visibility to admins only.
By default, styleguide is disabled.
Poll markdown processing failed when there were any heading elements preceding a poll.
(Issue originally reported in babbebfb35 (commitcomment-42983768))
This is where they should be as far as ember is concerned. Note this is
a huge commit and we should be really careful everything continues to
work properly.
Adds an optional title attribute to polls. The rationale for this addition is that polls themselves didn't contain context/question and relied on post body to explain them. That context wasn't always obvious (e.g. when there are multiple polls in a single post) or available (e.g. when you display the poll breakdown - you see the answers, but not the question)
As a side note, here's a word on how the poll plugin works:
> We have a markdown poll renderer, which we use in the builder UI and the composer preview, but… when you submit a post, raw markdown is cooked into html (twice), then we extract data from the generated html and save it to the database. When it's render time, we first display the cooked html poll, and then extract some data from that html, get the data from the post's JSON (and identify that poll using the extracted html stuff) to then render the poll using widgets and the JSON data.
eslint --fix is capable of fix it automatically for you, ensure prettier is run after eslint as eslint --fix could leave the code in an invalid prettier state.
This is a little bit of refactoring. Core Discourse should have default promotion message for TL2.
In addition, when the Discobot plugin is enabled, the user is invited to advanced training
This PR removes the user reminder topic timers, because that system has been supplanted and improved by bookmark reminders. The option is removed from the UI and all existing user reminder topic timers are migrated to bookmark reminders.
Migration does this:
* Get all topic_timers with status_type 5 (reminders)
* Gets all bookmarks where the user ID and topic ID match
* Loops through the found topic timers
* If there is no bookmark for the OP of the topic, then we just create a bookmark with a reminder
* If there is a bookmark for the OP of the topic and it does **not** have a reminder set, then just
update it with the topic timer reminder
* If there is a bookmark for the OP of the topic with a reminder then just discard the topic timer
* Cancels all outstanding user reminder topic timers
* **Trashes (not deletes) all user reminder topic timers**
Notes:
* For now I have left the user reminder topic timer job class in place; this is so the jobs can be cancelled in the migration. It and the specs will be deleted in the next PR.
* At a later date I will write a migration to delete all trashed user topic timers. They are not deleted here in case there are data issues and they need to be recovered.
* A future PR will change the UI of the topic timer modal to make it look more like the bookmark modal.
Previously we were manually comparing the composer 'action' to the REPLY and EDIT constants. This meant that other forms of editing (e.g. shared drafts) were not included. This commit changes the presence logic to use the existing composer computed variables.
* FIX - make Discobot new user tutorial a little more robust
Plugin allows reply, regardless of other SiteSettings
Skip image upload step if user can’t upload images, calls new ‘likes’ step instead
* Test that the images step is skipped
* Slight optimization
eg:
timezone="America/Detroit"
timezones="US/Eastern"
Before this commit we would show America/Detroit in previews and not US/Eastern, given US/Eastern and America/Detroit are equivalent.
After this commit, we will display the date with America/Detroit but show US/Eastern in the previews.
The poll breakdown modal replaces the grouped pie charts feature.
Includes:
* MODAL: Untangle `onSelectPanel`
Previously modal-tab component would call on click the onSelectPanel callback with itself (modal-tab) as `this` which severely limited its usefulness. Now showModal binds the callback to its controller.
"The PR includes a fix/change to d-modal (b7f6ec6) that hasn't been extracted to a separate PR because it's not currently possible to test a change like this in abstract, i.e. with dynamically created controllers/components in tests. The percentage/count toggle test for the poll breakdown feature is essentially a test for that d-modal modification."
Ensure that the inappropriate flag is used and not some other flag
type. If some other flag is used a message will be posted letting the
user know they used the wrong flag and the original flag will be removed
so that they can try again.
Bug reported on meta: https://meta.discourse.org/t/-/157075
Per the linked site (http://mths.be/details) and https://caniuse.com/#feat=details the <details> element is supported since Chrome 12/Safari 6/Firefox 49/Edge 79. IE 11 doesn't handle them, but we dropped the support for that browser.
Previously it would sleep for either 2 or 3 seconds instead of sleeping
between a range of 2 to 3 seconds. Also, 2 to 3 seconds seems to be
excessivly long when I tried out discobot again.
* Remove unused Discourse.SiteSettings
* Remove `Discourse.SiteSettings` from many tests
* REFACTOR: `lib:formatter` was using a lot of leaky state
* Remove more `Discourse.SiteSettings` from tests
* More SiteSettings removed from tests
When doing a migration, there might be some cases where the discobot user
doesn't have a user_option / user_profile record(s).
This ensures we always create one during the seed phase.
In French, the help trigger has a raw content of "afficher l'aider" which is then cooked into "afficher l’aide" (note the different quote character).
Since we were checking the raw content of the trigger against the cooked version of the post, this trigger never worked in French.
This changes so that we cook the trigger before checking in against the cooked version of the post.
DEV: new 'discobot_username' method that is used everywhere instead of 'discobot_user.username' / 'discobot_user.username_lower'
This reverts commit 20780a1eee.
* SECURITY: re-adds accidentally reverted commit:
03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
instead of the 03d26cd6 parent (which contains security fixes)
We have been using YouTube's 'hqdefault.jpg' image which works consistently to provide a 480x360 thumbnail. YouTube does provide larger thumbnails, but not consistently for every video. By using og:image, we will fetch the best resolution YouTube can provide for each video.
This commit also refactors lazy-yt to re-use the thumbnail already existing in the cooked content. This means we get lazy-loading for free, and avoid hotlinking images to YouTube (when download remote images is enabled on the site).
The thumbnails were being correctly downloaded, but the URLs were not being substituted correctly in post_process_cooked because the lazy-yt output did not include the `onebox` class.
Previously the image was imported from a Discourse hosted CDN but the
URL has since become invalid. However, it was not caught since all
errors are rescued. This commit fixes the issue by shipping the user
avatar with the plugin.
This will make a few minor improvements to the second factor user interface. Highlights include:
- Using the site's title to prefix the backup code filename. If non-ascii characters are detected, then prefix "discourse" instead.
- Add icons and change the text on some of the buttons for better clarity and consistency
- Add an education link to the security key modal
This change amends it so we use a static service to keep track of
the typing presence.
It correct various edge cases the initial implementation had
- Faster close messages
- When composing on topic 1 and viewing topic 2 we had incorrect
presence
- Changing a running composer to reply as new topic or reply to a
differet topic would not correctly shift presence
Authored by tgxworld, with contributions by sam
* Rename all instances of bookmarkWithReminder and bookmark_with_reminder to just bookmark
* Delete old bookmark code at the same time
* Add migration to remove the bookmarkWithReminder post menu item if people have it set in site settings
On some installations, there may be a leftover symlink which uses the
old plugin name:
public/plugins/discourse-internet-explorer ->
-> plugins/discourse-internet-explorer/public
Before this commit, the presence state of users were stored on the
server side and any updates to the state meant we had to publish the
entire state to the clients. Also, the way the state of users were
stored on the server side meant we didn't have a way to differentiate
between replying users and whispering users.
In this redesign, we decided to move the tracking of users state to the client
side and have the server publish client events instead. As a result of
this change, we're able to remove the number of opened connections
needed to track presence and also reduce the payload that is sent for
each event.
At the same time, we've also improved on the restrictions when publishing message_bus messages. Users that
do not have permission to see certain events will not receive messages
for those events.
* Bookmarks with reminders is a core feature now, no need to have a separate URL
* Keep around the old /u/:username/activity/bookmarks-with-reminders route for backwards compat in Ember but just redirect to user activity bookmarks.