Commit Graph

44562 Commits

Author SHA1 Message Date
Osama Sayegh
492226a973
DEV: Add context in AdminConstraint (#15838)
This allows plugins to override the permissions required to access
specific things like the Logster and Sidekiq web UI without the changes
leaking to the rest of Discourse routes.
2022-02-07 16:25:31 +03:00
David Taylor
64be371749
DEV: Improve handling of invalid requests (#15841)
Our discourse_public_exceptions middleware is designed to catch bubbled exceptions from lower in the stack, and then use `ApplicationController.rescue_with_handler` to render an appropriate error response.

When the request itself is invalid, we had an escape-hatch to skip re-dispatching the request to ApplicationController. However, it was possible to work around this by 'layering' the errors. For example, if you made a request which resulted in a 404, but **also** had some other invalidity, the escape hatch would not be triggered.

This commit ensures that these kind of 'layered' errors are properly handled, without logging warnings. It also adds detection for invalid JSON bodies and badly-formed multipart requests.

The user-facing behavior is unchanged. This commit simply prevents warnings being logged for invalid requests.
2022-02-07 13:16:57 +00:00
dependabot[bot]
bc5f2d0c4e
Build(deps): Bump in_threads from 1.5.4 to 1.6.0 (#15642)
Bumps [in_threads](https://github.com/toy/in_threads) from 1.5.4 to 1.6.0.
- [Release notes](https://github.com/toy/in_threads/releases)
- [Changelog](https://github.com/toy/in_threads/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/in_threads/compare/v1.5.4...v1.6.0)

---
updated-dependencies:
- dependency-name: in_threads
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 14:11:52 +01:00
Penar Musaraj
45c00c72bd
FIX: Do not override mobile scroll on docked progress element (#15840) 2022-02-07 13:51:07 +01:00
Andrei Prigorshnev
404f882e5c
FEATURE: in result.rb don't use email for username suggestions until enabled in settings (#15586) 2022-02-07 16:02:26 +04:00
Martin Brennan
357186ab7e
FIX: User option fields definition was being mutated on save (#15837)
In the commit d8bf2810ff we hoisted
the userOptionFields array to a module-level variable, but kept
the code inside save() the same. This causes an issue where if
save() is called twice on the same user with some array of user
option fields, the userOptionFields array is mutated, which means
the second save is likely not saving the fields intended.

This commit fixes the issue by not mutating the array. We cannot
change them into consts though, because we have an API to add more
items to the array.
2022-02-07 16:58:27 +10:00
Martin Brennan
0a738bd5bc
FEATURE: Allow sending group SMTP emails with from alias (#15687)
This commit allows group SMTP emails to be sent with a
different from email address that has been set up as an
alias in the email provider. Emails from the alias will
be grouped correctly using Message-IDs in the mail client,
and replies to the alias go into the correct group inbox.
2022-02-07 13:52:01 +10:00
Alan Guo Xiang Tan
454d3740b4
DEV: Remove deprecated site settings. (#15725) 2022-02-07 11:26:06 +08:00
Alan Guo Xiang Tan
b7eacaed21
FIX: Handle addressable error when parsing an invalid URL. (#15836)
Passing in an invalid URL would result in an `Addressable::URI::InvalidURIError` which we were not catching.
2022-02-07 11:25:42 +08:00
Alan Guo Xiang Tan
5bd55acf83
FIX: Add DB constraints for post & topic counter cache for UserStat (#15626)
Ensures that `UserStat#post_count` and `UserStat#topic_count` does not
go below 0. When it does like it did now, we tend to have bugs in our
code since we're usually coding with the assumption that the count isn't
negative.

In order to support the constraints, our post and topic fabricators in
tests will now automatically increment the count for the respective
user's `UserStat` as well. We have to do this because our fabricators
bypasss `PostCreator` which holds the responsibility of updating `UserStat#post_count` and
`UserStat#topic_count`.
2022-02-07 11:23:34 +08:00
Ayke Halder
81e175e6ba
FIX: allow native lazy loading attribute for quoted avatar image (#15834) 2022-02-07 09:28:26 +08:00
dependabot[bot]
f805aa9e90 Build(deps): Bump ipaddr from 1.2.3 to 1.2.4
Bumps [ipaddr](https://github.com/ruby/ipaddr) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/ruby/ipaddr/releases)
- [Changelog](https://github.com/ruby/ipaddr/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby/ipaddr/compare/v1.2.3...v1.2.4)

---
updated-dependencies:
- dependency-name: ipaddr
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-07 09:26:40 +08:00
dependabot[bot]
ac8e5f0df7 Build(deps-dev): Bump rb-fsevent from 0.11.0 to 0.11.1
Bumps [rb-fsevent](https://github.com/thibaudgg/rb-fsevent) from 0.11.0 to 0.11.1.
- [Release notes](https://github.com/thibaudgg/rb-fsevent/releases)
- [Commits](https://github.com/thibaudgg/rb-fsevent/compare/v0.11.0...v0.11.1)

---
updated-dependencies:
- dependency-name: rb-fsevent
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-07 09:26:24 +08:00
dependabot[bot]
a16184ab0d Build(deps): Bump excon from 0.90.0 to 0.91.0
Bumps [excon](https://github.com/excon/excon) from 0.90.0 to 0.91.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.90.0...v0.91.0)

---
updated-dependencies:
- dependency-name: excon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-02-07 09:26:08 +08:00
Alan Guo Xiang Tan
cc7a04afdc DEV: Improve test paths pattern for Ember CLI.
Ember tests follows a convention where test files have a postfix of
`-test.js`. This ensures that any files in the tests folder which
follows this pattern is included.
2022-02-07 09:22:15 +08:00
Alan Guo Xiang Tan
65f46ad4ed FIX: Better param guards for wiki and post_type posts controller. 2022-02-07 09:21:24 +08:00
Alan Guo Xiang Tan
930f51e175 FEATURE: Split up text segmentation for Chinese and Japanese.
* Chinese segmenetation will continue to rely on cppjieba
* Japanese segmentation will use our port of TinySegmenter
* Korean currently does not rely on segmentation which was dropped in c677877e4f
* SiteSetting.search_tokenize_chinese_japanese_korean has been split
into SiteSetting.search_tokenize_chinese and
SiteSetting.search_tokenize_japanese respectively
2022-02-07 09:21:14 +08:00
David Taylor
9ddd1f739e
DEV: Update :critical_user_email calls to use strings (#15827)
Symbols are converted to strings anyway, so there is no change in behaviour. The latest version of sidekiq introduced a warning for this.
2022-02-04 23:43:53 +00:00
David Taylor
5d82a695d0
DEV: Use string timestamp when enqueuing update_top_redirection (#15826)
Job arguments go via JSON, and so DateTime objects will appear as strings in the Job's `#execute` method. The latest version of Sidekiq has started warning about this to reduce developer confusion.
2022-02-04 23:14:35 +00:00
David Taylor
f53d70ac63
DEV: Ensure delay_for and queue are not passed as job arguments (#15824)
This regressed in 3a85c4d680 because deep_stringify_keys makes a copy of the `opts` hash
2022-02-04 20:11:03 +00:00
David Taylor
863262a5de
DEV: Update more Jobs#enqueue calls to use strings (#15823)
Symbols are converted to strings anyway, so there is no change in behaviour. The latest version of sidekiq introduced a warning for this.
2022-02-04 19:58:34 +00:00
David Taylor
be8c0baa18
DEV: Include exception class in Discourse.warn_exception log (#15822)
Sometimes, the 'message' portion of an exception isn't enough to work out what's happening. In these cases, including the exception class name can help with debugging.
2022-02-04 19:41:08 +00:00
David Taylor
c3a54eb30f DEV: Use strings for :user_email job type argument
Job arguments go via JSON, and so symbols will appear as strings in the Job's `#execute` method. The latest version of Sidekiq has started warning about this to reduce developer confusion.
2022-02-04 18:28:18 +00:00
David Taylor
3a85c4d680 DEV: Ensure Sidekiq job arguments have stringified keys
The latest version of Sidekiq introduced a warning when jobs are queued with arguments which 'do not stringify to JSON safely'. In the vast majority of cases, this is because a hash is passed with symbols as keys. When those args are passed to the job, the keys will be stringified.

Our job wrapper already takes care of this issue by calling '.with_indifferent_access' on the args before passing them to `#execute`, so we don't need to change anything about our use. All we need to do is satisfy Sidekiq's warning system by 'stringifying' all the keys before enqueuing the job.
2022-02-04 18:28:18 +00:00
Andrei Prigorshnev
62029ec4eb
DEV: remove the includeMidFuture option on future-date-input (#15818)
This option was always on. Essentially, we set it only in two places and always use `|| true` with it.

Note that we're going to switch future-date-input-selector to another source of time shortcuts(https://github.com/discourse/discourse/blob/main/app/assets/javascripts/discourse/app/lib/time-shortcut.js) and also change its API to make it more customizable. Removing the includeMidFuture option is a part of that change.
2022-02-04 21:33:11 +04:00
Benson Muite
783912d305
Increase geographical diversity of quotes (#15813) 2022-02-04 11:35:01 -05:00
David Taylor
fe5bfc8d3b
DEV: Route Sidekiq logs to Rails logger (#15817)
Most of our logging goes through Rails.logger, and therefore appears in Logster at `/logs` on a site. The Sidekiq logger was bypassing this and writing directly to STDERR.

Unfortunately it's not possible to do `Sidekiq.logger = Rails.logger` because `Sidekiq#logger=` applies a number of patches to the logger instance, causing our whole logging system to break.

Instead, this commit adds a dedicated Logger instance with no output, which is then patched to forward all messages directly to `Rails.logger`
2022-02-04 16:28:20 +00:00
Discourse Translator Bot
0dfaaf49a5
Update translations (#15816) 2022-02-04 16:23:45 +00:00
Penar Musaraj
f0c15dc399
Revert "FIX: Image sizes were slightly off in some cases (#15678)" (#15815)
This reverts commit eff0106efb. It causes
visible layout issues, especially on mobile.
2022-02-04 15:40:54 +01:00
Andrei Prigorshnev
778abb067f
FIX: Caret moves to a wrong position when uploading an image via toolbar (#15684)
When uploading an image, we change the uploading placeholder several times. Every time, we correct the position of the cursor after replacing. But we schedule repositioning of cursor to the afterRender queue in Ember Run Loop. As a result, sometimes we replace the placeholder several times but correct the cursor position only once at the end.

It just cannot work correctly with scheduling, we'll always be dealing with cumulative error. Removing scheduling fixes the problem.

Sadly, I cannot make the test work, I skipped it for now, going to give it another try later.
2022-02-04 18:26:48 +04:00
Penar Musaraj
d13117fa05
FEATURE: Select range in topic list with Shift + click (#15682) 2022-02-04 15:20:38 +01:00
Andrei Prigorshnev
c52e8ef8b6
DEV: dry up formatting of time options in time-shortcut-picker (#15810) 2022-02-04 17:18:21 +04:00
David Taylor
f4c6a61855
PERF: Update ember-auto-import (#15814)
This makes a small improvement to 'cold cache' ember-cli build times, and a large improvement to 'warm cache' build times

The ember-auto-import update means that vendor is now split into multiple files for efficiency. These are named `chunk.*`, and should be included immediately after the `vendor.js` file. This commit also updates the rails app to render script tags for these chunks
2022-02-04 11:00:51 +00:00
Martin Brennan
f3467ee673
FEATURE: Add requestCustomMarkdownCookFunction API (#15753)
This commit adds a requestCustomMarkdownCookFunction function
to the `helper` that is provided to custom markdown rules
via their `setup` function.

The way this works is that once the default markdown engine that
we use for cooking posts has been set up, we loop through all
of the callbacks registered by `requestCustomMarkdownCookFunction`
and call `_buildCustomMarkdownCookFunction`. This creates
a new markdown engine using many of the same settings as the
default one, but will allow for the following options to be
changed by the markdown rule requesting the custom function:

* featuresOverride - The markdown-it features to allow for the engine
* markdownItRules - The markdown-it rules to allow for the engine

After this engine is set up a render function which renders + sanitizes
the output is returned for use by the markdown rule.

The use case for this API is mainly for block BBCode markdown rules
which want to render their content with a limited subset of the
markdown features/rules. Our initial use case for this is chat message
quoting.

This commit also does some minor refactoring of discourse-markdown-it
to accommodate this new engine building.
2022-02-04 09:00:40 +10:00
Martin Brennan
9fc33d310b
FIX: Table pasting issues with uppy (#15787)
When changing to uppy for file uploads we forgot to add
these conditions to the paste event from 9c96511ec4

Basically, if you are pasting more than just a file (e.g. text,
html, rtf), then we should not handle the file and upload it, and
instead just paste in the text. This causes issues with spreadsheet
tools, that will copy the text representation and also an image
representation of cells to the user's clipboard.

This also moves the paste event for composer-upload-uppy to the
element found by the `editorClass` property, so it shares the paste
event with d-editor (via TextareaTextManipulation), which makes testing
this possible as the ember paste bindings are not picked up unless both
paste events are on the same element.
2022-02-04 08:45:55 +10:00
Keegan George
1485dab12e
FEATURE: Ability to re-order value lists (#15775)
Adds up and down buttons next to the inputs of value lists when there is more than 1 item present. This helps to re-order the items in the value lists if necessary.
2022-02-03 22:47:02 +01:00
janzenisaac
6e4af0e36f
DEV: update show social login logic (#15809)
Only display text if one or more social login options are enabled
2022-02-03 15:17:36 -06:00
Kris
b44950c3d9
DEV: new plugin outlet on user page (#15808) 2022-02-03 16:11:35 -05:00
Jordan Vidrine
5f322605c6
DEV: Add category-color variable (#15807) 2022-02-03 13:16:27 -06:00
janzenisaac
cffc2836cb
DEV: Don't allow users to immediately reinvite (#15722)
- Limit bulk re-invite to 1 time per day
- Move bulk invite by csv behind a site setting (hidden by default)
- Bump invite expiry from 30 -> 90 days

## Updates to rate_limiter
When limiting reinvites I found that **staff** are never limited in any way. So I updated the **rate_limiter** model to allow for a few things:
- add an optional param of `staff_limit`, which (when included and passed values, and the user passes `.staff?`) will override the default `max` & `secs` values and apply them to the user.
- in the case you **do** pass values to `staff_limit` but the user **does not** pass `staff?` the standard `max` & `secs` values will be applied to the user.

This should give us enough flexibility to 
1. continue to apply a strict rate limit to a standard user
2. but also apply a secondary (less strict) limit to staff
2022-02-03 13:07:40 -06:00
dependabot[bot]
69cbdb9f97
Build(deps-dev): Bump rspec-rails from 5.0.2 to 5.1.0 (#15789)
Bumps [rspec-rails](https://github.com/rspec/rspec-rails) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/rspec/rspec-rails/releases)
- [Changelog](https://github.com/rspec/rspec-rails/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-rails/compare/v5.0.2...v5.1.0)

---
updated-dependencies:
- dependency-name: rspec-rails
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 19:26:15 +01:00
dependabot[bot]
452905abee
Build(deps-dev): Bump fabrication from 2.26.0 to 2.27.0 (#15801)
Bumps [fabrication](https://gitlab.com/fabrication-gem/fabrication) from 2.26.0 to 2.27.0.
- [Release notes](https://gitlab.com/fabrication-gem/fabrication/tags)
- [Changelog](https://gitlab.com/fabrication-gem/fabrication/blob/master/Changelog.markdown)
- [Commits](https://gitlab.com/fabrication-gem/fabrication/compare/2.26.0...2.27.0)

---
updated-dependencies:
- dependency-name: fabrication
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 19:25:58 +01:00
David Taylor
569fa8a135
DEV: Improve Ember module shims under Ember CLI (#15795) (#15806)
In our legacy environment, Ember RFC176 shims are included in `discourse-loader.js` which is part of the `vendor.js` bundle. This meant that the module shims were available as soon as the vendor.js asset was loaded.

Under Ember CLI, we were defining these shims in `discourse-boot.js`. This is loaded by the browser much later, and meant that the shims were not available to themes/plugins that call `require()` before Discourse has booted. This was causing errors under some circumstances.

This commit refactors the Ember CLI implementation so that the shims are included in the vendor.js bundle. This is done via an addon which leans on the ember-rfc176-data NPM package. This will ensure we have all the definitions, without the need for manual copy/paste.
2022-02-03 17:36:32 +00:00
David Taylor
c985f82174
Revert "PERF: Update ember-auto-import (#15695)" (#15805)
This reverts commit 76022132f7. This update introduced 'chunking' of vendored dependencies, which we don't support in the rails app.
2022-02-03 16:54:48 +00:00
Rafael dos Santos Silva
5b5cbbfe5c
FEATURE: Onebox for news.ycombinator.com (#15781) 2022-02-03 13:39:21 -03:00
David Taylor
ea37b30ab2
Revert "DEV: Improve Ember module shims under Ember CLI (#15795)" (#15803)
This reverts commit 7933278ef4. This isn't working in production, reverting pending investigations.
2022-02-03 16:13:33 +00:00
janzenisaac
1febf3cd94
DEV: Update Font Awesome to 5.15.4 2022-02-03 09:16:17 -06:00
dependabot[bot]
1a53617b4f
Build(deps): Bump excon from 0.89.0 to 0.90.0 (#15574)
Bumps [excon](https://github.com/excon/excon) from 0.89.0 to 0.90.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.89.0...v0.90.0)

---
updated-dependencies:
- dependency-name: excon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 15:50:30 +01:00
dependabot[bot]
b96b49e744
Build(deps): Bump i18n from 1.8.11 to 1.9.1 (#15797)
Bumps [i18n](https://github.com/ruby-i18n/i18n) from 1.8.11 to 1.9.1.
- [Release notes](https://github.com/ruby-i18n/i18n/releases)
- [Changelog](https://github.com/ruby-i18n/i18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ruby-i18n/i18n/compare/v1.8.11...v1.9.1)

---
updated-dependencies:
- dependency-name: i18n
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 15:50:14 +01:00
dependabot[bot]
c9e7ddc137
Build(deps): Bump puma from 5.5.2 to 5.6.1 (#15796)
Bumps [puma](https://github.com/puma/puma) from 5.5.2 to 5.6.1.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.5.2...v5.6.1)

---
updated-dependencies:
- dependency-name: puma
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 15:26:23 +01:00