Commit Graph

12383 Commits

Author SHA1 Message Date
Penar Musaraj
cd4de88e4a
FIX: Correctly toggle bulk select checkboxes for regular users (#29984)
Non-admin/moderator users can bulk select items in new/unread, but not in
latest/top/hot. This commit ensures that when the user can no longer
bulk select items in a list, the bulk select checkboxes in the topic list
rows are hidden.
2024-11-28 09:39:17 -05:00
Sam
07813ba83c
DEV: fix hanging spec (#29974) 2024-11-28 11:06:19 +08:00
Ted Johansson
2d945e2373
DEV: Enable the normalize_emails site setting by default (#29952) 2024-11-28 10:23:00 +08:00
Sam
72132c35fb
DEV: fix flaky spec (#29972)
Spec was flaky cause work could still be in pipeline after the defer
length is 0. Our length denotes the backlog, not the in progress
count.

This adds a mechanism for gracefully stopping the queue and avoids
wait_for callse
2024-11-28 11:21:35 +11:00
Angus McLeod
6acf673f8d
FIX: topic post counts for webhook post_destroyed event (#29853)
* FIX: topic post counts for webhook post_destroyed event

- Generate webhook data after posts are destroyed
- Don't count user_deleted posts

* Remove unnecessary conditional
2024-11-27 11:36:51 -08:00
Mark VanLandingham
8c311dcbd5
FEATURE: Allow add group member endpoint to skip invite emails (#29962) 2024-11-27 11:33:09 -06:00
Guhyoun Nam
f186e3e80b
DEV: Add categories_and_hot Route (#29948)
This PR adds a route to categories_and_hot and methods in categories_controller.
2024-11-27 11:11:33 -06:00
Penar Musaraj
43ae59bb9c
FIX: Do not ignore redirects containing "/login" in the path (#29960) 2024-11-27 11:22:45 -05:00
Loïc Guitaut
d6bec460a8 DEV: Upgrade Rails to version 7.2 2024-11-27 10:48:47 +01:00
Ted Johansson
f4d0a77d5f
DEV: Add "delete user" options to illegal flag review (#29956)
We already add the "delete user" and "delete and block user" options to the drop-down for potential spam, but we should do this for potentially illegal posts as well.

This is entirely based on the implementation for the potential spam one, including caching the status on the reviewable record.

Also note that just as for potential spam, the user must be "deletable" for the option to appear.

I also took the liberty to move the options in the drop-down to what I think is a more intuitive place. (Between delete post and suspend/silence user.)
2024-11-27 17:23:57 +08:00
Martin Brennan
2ef9d6ac47
FEATURE: Allow admins to force refresh "What's new?" (#29911)
Sometimes changes to "What's new?" feed items are made or the feed items are
removed altogether, and the polling interval to check for new features is 1 day.

This is quite long, so this commit introduces a "Check for updates"
button for admins to click on the "What's new?" page which will bust
the cache for the feed and check again at the new features endpoint.
This is limited to 5 times per minute to avoid rapid sending of
requests.
2024-11-27 09:40:55 +10:00
Gabriel Grubba
51aa5ac43f
FIX: Solve flaky tests in PostMover (#29943)
* FEATURE: Add `freeze_original` option to `PostMover`

This option will allow the api user to specify if the original topic should be `frozen`(locked and posts not deleted neither moved)

With this option when moving topic posts your posts will be `copied` to the new topic and the original topic will be kept there.

* DEV: update tests to check raw instead of ids

* DEV: Implement `freeze_original` option for `PostMover`

update specs to use `*array` matcher

* DEV: add tests to `MovedPost` model in post mover

* DEV: Update `MovedPost` model rspec

* DEV: add back empty line to `post_mover.rb`

* FIX: Solve flaky tests in `PostMover`
2024-11-26 16:30:25 -03:00
Gabriel Grubba
1c03a9f078
Revert "FEATURE: Add freeze_original option to PostMover (#29880)" (#29940)
This reverts commit b6ec07c3ef.
2024-11-26 14:47:39 -03:00
Gabriel Grubba
b6ec07c3ef
FEATURE: Add freeze_original option to PostMover (#29880)
* FEATURE: Add `freeze_original` option to `PostMover`

This option will allow the api user to specify if the original topic should be `frozen`(locked and posts not deleted neither moved)

With this option when moving topic posts your posts will be `copied` to the new topic and the original topic will be kept there.

* DEV: update tests to check raw instead of ids

* DEV: Implement `freeze_original` option for `PostMover`

update specs to use `*array` matcher

* DEV: add tests to `MovedPost` model in post mover

* DEV: Update `MovedPost` model rspec

* DEV: add back empty line to `post_mover.rb`
2024-11-26 14:25:55 -03:00
Jan Cernik
93443adf22
DEV: Remove the experimental_ prefix for fullpage login (#29546) 2024-11-26 11:08:27 -03:00
Martin Brennan
c7e471d35a
FIX: Empty post reviewable ignore bundle causing client errors (#29932)
We ran into an edge case where it was possible for a
ReviewableFlaggedPost to end up in a state where it was hidden
and the topic was already deleted. This meant that the Ignore
action bundle for the reviewable ended up empty, with no associated
actions.

This commit fixes the server-side issue where this was ending up
empty. A further commit will aim to make the client more resilient
to these issues by gracefully failing if a reviewable action bundle
is detected with no associated actions.
2024-11-26 16:18:32 +10:00
Ted Johansson
15a61a0c1f
DEV: Change admin emoji delete button from icon to text (#29931)
The Admin UI guidelines states that buttons should have text, not icons. This was an oversight on the admin emoji listing.

Part of this change is also opportunistically removing the CSS file for admin emojis, none of which is used any more since the conversion.
2024-11-26 14:10:14 +08:00
Martin Brennan
e708c99e12
FIX: Hide broken theme about/license URLs (#29930)
At the top of the theme show page we have a link
to the theme About and License, which are supposed
to be URLs. However some themes have left placeholder
text in these metadata fields, which leads to a wonky
experience.

Instead, we can just not serialize these fields if they
are not valid URLs, then they will not show as links
in the UI.
2024-11-26 13:53:10 +10:00
Martin Brennan
b8a5f95eb6
FIX: Handle multiple In-Reply-To Message-ID in group inbox (#29912)
This fix handles the case where an In-Reply-To mail header
can contain multiple Message-IDs. We use this header to
try look up an EmailLog record to find the post to reply
to in the group email inbox flow.

Since the case where multiple In-Reply-To Message-IDs is
rare (we've only seen a couple of instances of this causing
errors in the wild), we are just going to use the first one
in the array.

Also, Discourse does not support replying to multiple posts
at once, so it doesn't really make sense to use multiple
In-Reply-To Message-IDs anyway.
2024-11-26 11:12:40 +10:00
Jan Cernik
a964e62cd8
FIX: Discourse Connect fixes for full page login (#29915) 2024-11-25 18:06:14 -03:00
Penar Musaraj
e6fdfcdcd2
DEV: Remove experimental_topics_filter setting (#29902) 2024-11-25 10:49:40 -05:00
David Taylor
bfe0eccdd9
FIX: Extension-less secure uploads (#29914)
Previously, the secure-upload redirection logic would fail for extension-less files. This commit updates it to work, and adds a spec for the behavior.

Extension-less file uploads are not allowed by default, so this is a very niche situation.
2024-11-25 12:18:21 +00:00
Selase Krakani
a20b7fa83f
DEV: Gracefully handle regex_replace max column length violations (#29787)
* DEV: Gracefully handle `regex_replace` violations of column length constraints

This is a follow-up to the `remap` [refactor](9b0cfa99c5).
Similar to `remap`, the entire `regex_replace` operation fails if the new content exceeds the column’s max length.

This change introduces an optional mode, controlled by the new `skip_max_length_violations` param
to skip records eligible for `regex_replace`  where the new content violates the max column length constraint.

It also includes updates to the exception message raised when `regex_replace` fails to include more details

* DEV: Remove string escapes in heredoc text
2024-11-25 11:39:53 +00:00
Osama Sayegh
118f7869bb
FEATURE: Add bulk destroy to admin users list (#29744)
This commit introduces a new feature that allows staff to bulk select and delete users directly from the users list at `/admin/users/list`. The main use-case for this feature is make deleting spammers easier when a site is under a large spam attack.

Internal topic: t/140321.
2024-11-25 11:13:35 +03:00
Osama Sayegh
eaa3f813c1
FIX: Don't secure the about banner image (#29889)
Uploads that are linked to site settings shouldn't be flagged as secure in login-required sites that enable secure uploads. However, in order for site setting uploads to not be marked secured, the frontend uploader has to include 2 params in the upload request: `for_site_setting: true` and `type: "site_setting"`.

Since these 2 params are semantically identical, we want the `type: "site_setting"` param alone to make the upload correctly treated as a site setting upload. To achieve that, we need to include the `site_setting` type in the public types list because the `for_site_setting` param has the same effect — it marks the upload as a public type.

b138eaf9e5/lib/upload_security.rb (L128-L131)
2024-11-25 11:12:00 +03:00
Ted Johansson
fd39753e58
DEV: Ignore normalize_emails when using SSO (#29890)
We recently tried to default the normalize_emails site setting to true to avoid spam. What this does is it considers e-mails the same regardless of plus addressing, e.g. bob+1@mail.com == bob+2@mail.com. This caused some problems for SSO users.

This PR makes it so that DiscourseConnect never normalizes e-mails.
2024-11-25 11:55:27 +08:00
Ted Johansson
88af23e1ca
DEV: Modernize admin user fields (#29843)
This PR modernizes the user fields area of the admin UI. It is largely based on the work on the emoji section.
2024-11-25 11:54:43 +08:00
Mark VanLandingham
d880db3b7b
DEV: Apply modifier for topic_view link_counts (#29883) 2024-11-22 14:49:39 -06:00
Juan David Martínez Cubillos
08440b0035
DEV: Add tl3_custom_promotions plugin modifier to tl3_promotions.rb (#29834)
* DEV: Add tl3_custom_promotions plugin modifier to tl3_promotions.rb

* added tests

* added tests for demotions

* changed argument order in test
2024-11-22 15:28:43 -05:00
Gerhard Schlager
0295b4165c
FIX: Permalink.create didn't work as expected anymore (#29895)
This moves the logic of setting the correct permalink values back into the controller. And it replaces the validation with a simpler one, that always works, even when the model is loaded from the DB.

Follow-up to #29634 which broke import scripts and lots of documentation on Meta.
2024-11-22 21:11:26 +01:00
Akshay Birajdar
b138eaf9e5
FEATURE: Add Bulk actions to /filter page (#29420)
- Add bulk actions component on /filter page for both desktop & mobile view.
- Add system specs to assert bulk actions to be available on /filter page.
2024-11-22 11:51:06 +11:00
Bianca Nenciu
250a145361
DEV: Fix undefined variable (#29876)
Follow up to commit 429cf656e7.
2024-11-21 20:23:20 +02:00
Gabriel Grubba
db15e11cb9
FEATURE: Add modifier to delete after merge (#29872)
while it is ok to have the check for if the person can delete a topic, for this feature some times you might want some more flexibility.

Instead of relying on patching this class and method, it would be better to have a modifier that can be decide if the topic should be deleted after the merge.
2024-11-21 11:12:06 -03:00
Bianca Nenciu
429cf656e7
FIX: Use FinalDestination::HTTP to push notifications (#29858)
Sometimes `Jobs::PushNotification` gets stuck, probably because of the
network call. This commit replaces `Excon` with `FinalDestination::HTTP`
which is safer.
2024-11-21 14:11:51 +11:00
Blake Erickson
acc87202b9
DEV: Fix flaky test with bulk select closing topics (#29871)
This commit is going to try using the `have_read_post` page object from
`topic_view` instead of the page object for `topic` because it's
implementation has a longer wait time as it uses the ENV variable for
wait time: `Capybara.default_max_wait_time * 2`.

If this works out we should probably remove the duplicated
`have_read_post` page object so that we have a single implementation.
2024-11-20 16:34:44 -07:00
Alan Guo Xiang Tan
6e1aeb1f50
DEV: Fix constant redefinition warnings when running specs (#29837)
Don't load rake files over and over again when running specs.
2024-11-20 15:17:36 +11:00
Kris
acc7caa816
A11Y: make the uppy image uploader keyboard navigable (#29807) 2024-11-19 15:38:13 -05:00
Angus McLeod
ec7de0fd68
Require permitted scopes when registering a client (#29718) 2024-11-19 15:28:04 -05:00
Bianca Nenciu
4f11d16deb
DEV: Remove migrate_column_to_bigint spec helper (#29805)
This spec helper was introduced as a temporary solution to the problem
of mismatched types between primary key and foreign key columns. All
plugins have been migrated and the only remaining use of this helper is
in core Discourse.
2024-11-19 21:22:02 +02:00
Loïc Guitaut
719457e430 DEV: Add a try step to services
This patch adds a new step to services named `try`.

It’s useful to rescue exceptions that some steps could raise. That way,
if an exception is caught, the service will stop its execution and can
be inspected like with any other steps.

Just wrap the steps that can raise with a `try` block:
```ruby
try do
  step :step_that_can_raise
  step :another_step_that_can_raise
end
```
By default, `try` will catch any exception inheriting from
`StandardError`, but we can specify what exceptions to catch:
```ruby
try(ArgumentError, RuntimeError) do
  step :will_raise
end
```

An outcome matcher has been added: `on_exceptions`. By default it will
be executed for any exception caught by the `try` step.
Here also, we can specify what exceptions to catch:
```ruby
on_exceptions(ArgumentError, RuntimeError) do |exception|
  …
end
```

Finally, an RSpec matcher has been added:
```ruby
  it { is_expected.to fail_with_exception }
  # or
  it { is_expected.to fail_with_exception(ArgumentError) }
```
2024-11-19 12:01:07 +01:00
Krzysztof Kotlarek
04bac33ed9
UX: consistent flags page (#29798)
Add/Edit form should not have an admin header
2024-11-19 14:46:08 +11:00
Ted Johansson
235c6434c1
FIX: Don't include secret membership groups when serializing other users (#29799)
As part of a previous fix we changed which groups are serialized for a user, in order to fix a bug in the default group selector under user preferences.

However, we should only change this when serializing the current user. This change combines the old code-path and the new based on who is serializing.
2024-11-18 19:25:42 +08:00
Selase Krakani
9b0cfa99c5
DEV: Gracefully handle remaps which violate DB column constraints (#29501)
* DEV: Gracefully handle remaps which violate DB column constraints

This change implements length constraint enforcement to skip remaps
which exceed column max lengths

* DEV: Only perform skipped column stats lookup when verbose is true

* DEV: Tidy up specs

* DEV: Make skipping violating remap behaviour opt-in

This change introduces a new `skip_max_length_violations` param for
`remap`, set to `false` by default to ensure we still continue to fail
hard when max lenth constraints are violated.

To aid in quick resolution when remaps fail, this change also
adds more context to the exception message to include the offending table
and column information

* Apply suggestions from code review

Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>

* FIX: Various fixes

- Linter errors
- Remap status "logger" early return condition

---------

Co-authored-by: Gerhard Schlager <gerhard.schlager@discourse.org>
2024-11-15 10:42:25 +00:00
Alan Guo Xiang Tan
6bf0ac730f
FIX: Rescue ActiveRecord::ReadOnlyError when baking theme field (#29776)
Firstly, we need to understand that ActiveRecord can be
connected to a role which prevent writes and this happens in Discourse when a
replica database has been setup for failover purposes. When a role
prevent writes from happening, ActiveRecord will raise the
`ActiveRecord::ReadOnlyError` if a write query is attempted.

Secondly, theme fields are baked at runtime within GET requests. The
baking process involves writing the baked value to the
`ThemeField#baked_value` column in the database.

If we combine the two points above, we can see how the writing of the
baked value to the database will trigger a `ActiveRecord::ReadOnlyError`
in a GET requests when the database is connected to a role preventing
writes. However, failing to bake a theme is not the end of the world and
should not cause GET requests to fail. Therefore, this commit adds a rescue
for `ActiveRecord::ReadOnlyError` in the `ThemeField#ensure_baked!`
method.
2024-11-15 10:19:10 +08:00
Martin Brennan
4e5de17e7c
FIX: Admin backups erroring because of S3 dualstack (#29775)
Followup 0568d36133
Followup 97cf069a06

Due to the S3 dualstack endpoint change, sites with
S3 backups configured but _not_ S3 uploads were erroring,
with admins unable to access the backups page. This
commit fixes the error by not enabling S3 dualstack
endpoints if S3 uploads have not been enabled, backups
don't need to use them.

c.f. https://meta.discourse.org/t/unable-to-backup-or-navigate-to-backups/335899
2024-11-15 12:05:59 +10:00
Jan Cernik
2ac1894292
FIX: Error with social logins and fullpage signup (#29761) 2024-11-14 16:02:17 -03:00
Régis Hanol
fd1220af69
FIX: chat bookmarks in drawer mode (#29757)
When using chat in drawer mode, after you've clicked on a chat bookmark in the user menu, clicking any other chat bookmark would "do nothing".

In 8b18fd1556 we added an optimization to prevent the same route from being reloaded, but it ended up breaking the bookmarks.

This commit reverts the changed made the above commit and adds a system specs that ensure we can click two chat bookmarks in the user menu when using chat in drawer mode.

Internal ref - t/134362
2024-11-14 17:20:11 +01:00
Gabriel Grubba
b39c30045b
FEATURE: Add skip notification option to group invite to topic (#29741)
* FEATURE: Add skip notification option to group invite to topic

* DEV: rename `skip_notification` to `should_notify`

* DEV: update `should_notify` param to be default `true` in controllers

* DEV: update spec to use `greater than` instead of `equal to` to prevent flakiness

* Update app/controllers/topics_controller.rb

Co-authored-by: David Taylor <david@taylorhq.com>

* DEV: merged two `#invite_group` specs into one

* DEV: Added test case for `invite-group` in requests spec

---------

Co-authored-by: David Taylor <david@taylorhq.com>
2024-11-14 13:00:15 -03:00
Penar Musaraj
9b691853e0
FIX: Dismiss unread posts in subcategories (#29671)
When a parent category shows topics from subcategories, dismissing
should dismiss posts in both parent and subcategories.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2024-11-14 10:06:12 -05:00
David Taylor
fd5ef6896d
DEV: Overhaul devcontainer configuration (#28446)
- Uses a more appropriate image, with immutable tag (so update prompts work correctly)
- Updates port forwarding
- Improves mount setup (inc. persistant PG/Redis when rebuilding)
- Fixes ember-cli live reload
- Automatically configures VSCode & extensions
2024-11-14 12:11:38 +00:00