Commit Graph

21427 Commits

Author SHA1 Message Date
David Taylor
e2e30788b9
DEV: Add note about wrapper element to renderInOutlet API (#23903) 2023-10-11 23:11:08 +01:00
Godfrey Chan
2ae913f45e
Consistently import escape from discourse-common (#23790)
`escape` from `pretty-text/sanitizer` is a re-export of the same
function defined in `discourse-common`. Updating the import paths
across the codebase to use the `discourse-common` import path.

`escape` is a rather simple function that can be accomplished with
a regular expression in `discourse-common`.

On the other hand, the remaining parts in `pretty-text/sanitizer`
has a lot of code, PLUS it depend on the rather heavy "xss" NPM
library.

Currently, most of the consumers of `pretty-text/sanitizer` are of
the `{ escape }` varient. This is resolved by this PR.

The remaining usages are either:

1. via/through `PrettyText` which is essentially gated behind
   loading the markdown-it bundle, OR

2. via `sanitize` from `discourse/lib/text`

I believe we may ultimately be able to move all the usages to behind
the markdown-it bundle (or, equivilantly, set up another lazy bundle
for `sanitize`) and be able to shed the sanitization code and the
"xss" library from the initial page load.

`discourse/lib/text` also defines a `sanitizeAsync` which is gated
behind loading the markdown-it bundle.

Looking through the usages of `sanitize`, I believe most of these
can be safely switched to use `sanitizeAsync`, in that they are
already in an asynchrnous path that handles a server response. Most
of them are actually rendering a piece of server-generated HTML
message as flash message, so I am not sure there really is value in
sanitizing (we should be able to trust our own server?), but in any
case, code-wise, they should already be able to absorb the async
just fine.

I am not sure if `sanitize` and `sanitizeAsync` are actually API
compatible – they both take `options` but I think those `options` do
pretty different things. This is somethign for another person to
investigate down the road in another PR.

According to `all-the-plugins`, `discourse-graphviz` also import
from this location, so perhaps we should PR to update. That being
said, it doesn't really hurt anything to keep the alias around for
a while.
2023-10-11 22:21:01 +01:00
Godfrey Chan
210d13e3cb
DEV: fix setting isTesting (#23901)
This started out as a seemingly benign refactor to replace the
`require` for `withPluginApi` to an actual import. However, it
broke the test in seemingly random places.

It turns out that in serveral places, we are calling `isTesting()`
in module scope and assigning the result to a constant. For example
we do that in the composer service to disable checking drafts when
testing.

This is problematic because `isTesting` doesn't really set until
the `discourse-bootstrap` initializer is run, and so any modules
that are evaluated before then will have locked in the wrong value
for `isTesting()`.

If we are going to use and treat `isTesting()` like a constant then
we will have to make sure we set it sufficiently early before any
code-loading happens.
2023-10-11 22:20:02 +01:00
Meghna
90be6f304f
UX: fix likes notification for multiple users on mobile (#23896) 2023-10-11 20:41:19 +05:30
David Taylor
597ef11195
DEV: Improve reactivity of user-tips and remove runloop workarounds (#23897)
Previously, the `user-tips` service included a couple of calls to `next()`. These were introduced to work around errors like

```
You attempted to update `availableTips` on `<UserTips:ember659>`, but it had already been used previously in the same computation
```

These errors come from the fact that various `<UserTip>` components are rendering at slightly different times in the runloop and stepping on each other. Normally this doesn't happen in Ember, but the implementation details of our 'Widget' system and its 'RenderGlimmer' helper mean that RenderGlimmer components are rendered later than normal Ember components. Using `next()` avoids the problem because it means that all the updates are scheduled together in the following runloop interation.

However, the use of `next()` can create some subtle timing issues, which have been evident in the recent flakiness of some qunit tests. This commit makes a few changes to improve the situation:

1. Use a TrackedMap to provide fine-grained `shouldRender()` reactivity for each user-tip id. That means that different user tips will not be trying to update the same piece of tracked state (previously the entire `availableTips` array was `@tracked`, and was completely re-assigned every time a new `<UserTip>` was rendered

2. Avoid reassigning any tracked state unless the value has actually changed

3. Remove the `next()` workarounds
2023-10-11 14:03:31 +01:00
David Taylor
6970c7dc13
DEV: Resolve and prevent user fixture changes leaking between tests (#23898)
- Introduces a `deepFreeze` helper to block any mutations to the current-user fixture

- Add `cloneJSON` to any places which were previously causing mutations
2023-10-11 13:46:06 +01:00
Osama Sayegh
683032fcce
DEV: Add specific class to metadata section in topic-list-item (#23893)
Currently, the UI section that contains the title+category+tags of a topic list item (the mobile version) has only one and very generic CSS class, `.right`. Plugins and themes that need to target this section for styling would have to use awkward/very specific CSS selectors in order to avoid incorrectly styling other elements that happen to have the same generic CSS class.

This commit adds an additional class `.topic-item-metadata` to the section to allow easier and more maintainable styling for it.

See https://github.com/discourse/discourse-clickable-topic/pull/4 for a theme that will benefit from this change.
2023-10-11 12:19:15 +03:00
Krzysztof Kotlarek
b061631c18
FIX: correctly untrack topics when dismiss unread (#23894)
Bug introduced when dismiss modal was moved to new component-based API - https://github.com/discourse/discourse/pull/22262

We need to track `dismissTopics` property to send correct request to  server.

Meta: https://meta.discourse.org/t/dismiss-all-unread/280948
2023-10-11 02:51:43 +00:00
dependabot[bot]
775c7d427b
Build(deps): Bump ember-cli-babel in /app/assets/javascripts (#23890)
Bumps [ember-cli-babel](https://github.com/babel/ember-cli-babel) from 8.1.0 to 8.2.0.
- [Release notes](https://github.com/babel/ember-cli-babel/releases)
- [Changelog](https://github.com/babel/ember-cli-babel/blob/master/CHANGELOG.md)
- [Commits](https://github.com/babel/ember-cli-babel/compare/v8.1.0...v8.2.0)

---
updated-dependencies:
- dependency-name: ember-cli-babel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 00:18:58 +02:00
dependabot[bot]
df80cd459a
Build(deps-dev): Bump sass in /app/assets/javascripts (#23892)
Bumps [sass](https://github.com/sass/dart-sass) from 1.69.0 to 1.69.2.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.69.0...1.69.2)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 00:18:10 +02:00
Kris
270710f3bc
A11Y: remove positive tabindex from create modal (#23883) 2023-10-10 17:42:00 -04:00
David Taylor
48193767bf DEV: Sort imports
Automatically generated by `eslint --fix` to satisfy the updated configuration
2023-10-10 21:46:54 +01:00
David Taylor
ee0fef489f DEV: Move gjs <template> to bottom of class definitions
To satisfy updated eslint configuration
2023-10-10 21:46:54 +01:00
Renato Atilio
b8813e9759
UX: keep form template client state when shrinking/reopening the composer (#23858)
* UX: keep form template client state when shrinking/reopening the composer
2023-10-10 16:21:06 -03:00
Mark VanLandingham
d4399b4f3d
FIX: Prevent browser refresh when clicking search menu result (#23881) 2023-10-10 13:05:13 -05:00
chapoi
7f580a3083
UX: Composer and sidebar better fit (#23841) 2023-10-10 20:01:08 +02:00
David Taylor
38e7960082
DEV: Add link to gjs template override error (#23880) 2023-10-10 18:02:29 +01:00
Keegan George
5f5fe912a5
DEV: Add outlet and API for adding/controlling post selection buttons (#23782) 2023-10-10 09:57:23 -07:00
Mark VanLandingham
e110256cb0
DEV: Restructure search menu so that it can be rendered outside of header (#23852) 2023-10-10 11:36:32 -05:00
David Taylor
ef5cb6e7ed
DEV: Support components under /index paths in themes/plugins (#23876)
Normally, modules defined under `blah/index` can be imported as `blah`. This is also true of Ember resolver lookups - `<MyComponent />` should resolve to the same as `<MyComponent::Index />`. This was working as expected in Discourse core, but we had not implemented the same in our custom resolver logic for themes/plugins.

This commit implements the `/index` fallback, and adds a test for the behaviour.
2023-10-10 16:29:40 +01:00
Penar Musaraj
df90c7f0c1
FIX: Disable overflow-anchor on composer textarea (#23875)
This fixes an issue where, on a textarea with a lot of text, the cursor
would jump when adding a new line. See video in PR for a repro.

This is a Chrome bug with scroll anchoring.

Refs: https://bugs.chromium.org/p/chromium/issues/detail?id=997266

The fix here disables `overflow-anchor` on the composer textarea. There
should be no side effects to this change, as scroll anchoring is likely
not needed for the composer textarea element.
2023-10-10 09:50:02 -04:00
Mark VanLandingham
20700c7c19
DEV: Wrap bookmark-list table header in plugin outlet (#23817) 2023-10-10 08:18:31 -05:00
David Taylor
f4aeebeb64
UX: Correct description on 'create topic' composer dropdown (#23871)
The 'create topic' entry in the dropdown was incorrectly using the 'reply as new topic' description. This fixes the logic to use a separate locale key for the description.
2023-10-10 13:23:00 +01:00
Osama Sayegh
fdd5e577d6
DEV: Add above-topic-list-item plugin outlet and pass topic in above-latest-topic-list-item args (#23431)
This commit does a couple of things:

1. Add a new plugin outlet, `above-topic-list-item`, to the `topic-list-item` component
2. Pass the topic in question as an outlet argument for the (existing) `above-latest-topic-list-item` outlet in the `latest-topic-list-item` component.
2023-10-10 12:36:37 +03:00
Krzysztof Kotlarek
bb342bafe9
FIX: display error when moving post fails (#23860)
This fix ensures that an error modal is displayed when a post is moved to a new topic that has an invalid title.
2023-10-10 00:49:48 +00:00
Martin Brennan
b58f660cd2
DEV: Add meta_topic_id plugin metadata (#23838)
For the admin plugin list we want to be able to link to
a meta topic for plugins, but we have no standard way to
do this at the moment. This adds support for meta_topic_id
alongside other plugin metadata like authors, URL etc,
that gets built into a Meta topic URL in the serializer.
2023-10-10 10:16:13 +10:00
Alan Guo Xiang Tan
cdda28ecb4
DEV: Correct versions used in deprecation message (#23857) 2023-10-10 06:45:23 +08:00
Andrei Prigorshnev
fcc9d99ba2
DEV: Start renaming cookAsync() function to cook() (#23462)
Some time ago, we introduced the `cookAsync` instead of the existing 
`cook` function, and planned to migrate everything to it. Then after 
migrating, we wanted to raname the function to simply `cook`.

I've checked Core and plugins, and currently we call `cookAsync` everywhere, 
there are no calls to the `cook` function anymore. So we're good 
to proceed with this refactoring.

This PR makes the first step by making current cookAsync and cook functions 
do the same thing. Effectively now the `cook` function becomes an alias 
for the `cookAsync` function.
2023-10-09 20:22:46 +04:00
Jarek Radosz
53c9c9c1e6
FIX: Fetch csrf token if needed before uploading (#23825) 2023-10-09 15:47:36 +02:00
Joffrey JAFFEUX
42801c950f
UI: redesigned settings/members (#23804)
This PR is a first step towards private groups. It redesigns settings/members area of a channel and also drops the "about" page which is now mixed into settings.

This commit is also:
- introducing chat-form, a small DSL to create forms, ideally I would want something in core for this
- introducing a DToggleSwitch page object component to simplify testing toggles
- migrating various components to gjs
2023-10-09 14:11:16 +02:00
Jarek Radosz
81de02525f
DEV: Update the content-tag patch (#23840) 2023-10-09 12:01:58 +02:00
Krzysztof Kotlarek
c468110929
FEATURE: granular webhooks (#23070)
Before this change, webhooks could be only configured for specific groups like for example, all topic events.

We would like to have more granular control like for example topic_created or topic_destroyed.

Test are failing because plugins changed has to be merged as well:
discourse/discourse-assign#498
discourse/discourse-solved#248
discourse/discourse-topic-voting#159
2023-10-09 03:35:31 +00:00
dependabot[bot]
110197423b
Build(deps-dev): Bump the embroider group in /app/assets/javascripts with 1 update (#23831)
Bumps the embroider group in /app/assets/javascripts with 1 update: [@embroider/compat](https://github.com/embroider-build/embroider/tree/HEAD/packages/compat).

- [Release notes](https://github.com/embroider-build/embroider/releases)
- [Changelog](https://github.com/embroider-build/embroider/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/embroider/commits/HEAD/packages/compat)

---
updated-dependencies:
- dependency-name: "@embroider/compat"
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: embroider
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 08:32:47 +08:00
dependabot[bot]
312eb30e1a
Build(deps-dev): Bump eslint from 8.50.0 to 8.51.0 in /app/assets/javascripts (#23832)
Bumps [eslint](https://github.com/eslint/eslint) from 8.50.0 to 8.51.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.50.0...v8.51.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 08:32:17 +08:00
Alan Guo Xiang Tan
832b3b9e60
FEATURE: Remove support for legacy navigation menu (#23752)
Why this change?

Back in May 17 2023 along with the release of Discourse 3.1, we announced
on meta that the legacy hamburger dropdown navigation menu is
deprecated and will be dropped in Discourse 3.2. This is the link to the announcement
on meta: https://meta.discourse.org/t/removing-the-legacy-hamburger-navigation-menu-option/265274

## What does this change do?

This change removes the `legacy` option from the `navigation_menu` site
setting and migrates existing sites on the `legacy` option to the
`header dropdown` option.

All references to the `legacy` option in code and tests have been
removed as well.
2023-10-09 07:24:10 +08:00
dependabot[bot]
ebc2874b2b
Build(deps): Bump content-tag from 1.1.1 to 1.1.2 in /app/assets/javascripts (#23833)
Bumps [content-tag](https://github.com/embroider-build/content-tag) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/embroider-build/content-tag/releases)
- [Changelog](https://github.com/embroider-build/content-tag/blob/main/CHANGELOG.md)
- [Commits](https://github.com/embroider-build/content-tag/compare/v1.1.1...v1.1.2)

---
updated-dependencies:
- dependency-name: content-tag
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 06:25:41 +08:00
dependabot[bot]
618ef3a2f8
Build(deps-dev): Bump sass from 1.68.0 to 1.69.0 in /app/assets/javascripts (#23834)
Bumps [sass](https://github.com/sass/dart-sass) from 1.68.0 to 1.69.0.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.68.0...1.69.0)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 06:25:29 +08:00
dependabot[bot]
20a52816ff
Build(deps-dev): Bump eslint-plugin-qunit from 8.0.0 to 8.0.1 in /app/assets/javascripts (#23835)
Bumps [eslint-plugin-qunit](https://github.com/platinumazure/eslint-plugin-qunit) from 8.0.0 to 8.0.1.
- [Release notes](https://github.com/platinumazure/eslint-plugin-qunit/releases)
- [Changelog](https://github.com/platinumazure/eslint-plugin-qunit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/platinumazure/eslint-plugin-qunit/compare/v8.0.0...v8.0.1)

---
updated-dependencies:
- dependency-name: eslint-plugin-qunit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 06:24:24 +08:00
Krzysztof Kotlarek
e94b553e9a
FEATURE: delete multiple inactive themes/components (#23788)
Ability to select multiple inactive themes or components and delete them all together
2023-10-08 21:35:53 +00:00
David Taylor
77e1d69b74
DEV: Add tag argument to extra-nav-item outlet (#23815)
This will make it easier for themes/plugins to introduce nav items which work correctly on tag discovery routes
2023-10-06 20:10:55 +01:00
Ted Johansson
e113eff663
DEV: Sanitize integer site settings in front- and back-end (#23816)
Currently, if you set an integer site setting in the admin interface and include thousands separators, you will silently configure the wrong value.

This PR replaces TextField inputs for integer site settings with NumberField. It also cleans the numeric input of any non-digits in the backend in case any separators make it through.
2023-10-06 19:21:01 +02:00
Jarek Radosz
484004fc5e
DEV: Use Session service rather than singleton (#23813)
(where applicable)
2023-10-06 17:14:31 +02:00
Jarek Radosz
2c490773f1
FIX: Always use the current session token in uppy (#23812)
…rather than the value at the time when uppy is initialized.

Future TODO: extract csrf-fetching logic from ajax helper to Session service.
2023-10-06 15:26:39 +02:00
Jarek Radosz
bd52b1ec7b
FIX: Embroider breaking index html structure (#23811)
The custom html elements we were using for bootstraping were causing Embroider to end the `<head>` tag and immediately start `<body>`. As a result most of `<meta>` tags ended up in the `<body>`.

That mean (among possibly other issues) that the app did not have CSRF token set properly on launch (in the development env)
2023-10-06 13:41:47 +02:00
dependabot[bot]
ed905094eb
Build(deps-dev): Bump sinon from 16.0.0 to 16.1.0 in /app/assets/javascripts (#23809)
Bumps [sinon](https://github.com/sinonjs/sinon) from 16.0.0 to 16.1.0.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v16.0.0...v16.1.0)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-06 07:44:43 +08:00
Alan Guo Xiang Tan
913fd3a7b3
DEV: Improve addToolbarPopupMenuOptionsCallback plugin api (#23769)
Why this change?

Previously just using the `addToolbarPopupMenuOptionsCallback` plugin
API itself was insufficient because it required the return object to
include an `action` key which only accepted a name of the action
function as a string. This was highly problematic because the action
function had to be defined on the `composer` service which means using
the `modifyClass` API to add the action function. This made the API
awkward to use leading to poor developer experiencec.

What does this change do?

This commit introduces a couple of improvemnts to the API.

1. First the API has been renamed to `addComposerToolbarPopupMenuOption` because
   the API no longer accepts a callback function which was quite
   redundant. Instead, it now accepts an Object. The
   `addToolbarPopupMenuOptionsCallback` API function is deprecated and
   will be dropped in Discourse 3.3. Note that passing the API a
   function is still supported but will be dropped when the `addToolbarPopupMenuOptionsCallback`
   is removed.

2. The `action` key in the Object passed to the function can now be a
   function and is passed the `toolbarEvent` object when called.

3. The `condition` on key in the Object passed to the function can now be a
   function and is passed the `composer` service when called.
2023-10-06 07:43:40 +08:00
Jarek Radosz
a27823fd3c
DEV: Correctly test post-cooked "widget" (#23806)
It's a special case widget - its constructor has different contructor arguments:

```js
export default class PostCooked {
  constructor(attrs, decoratorHelper, currentUser) {
...
```

vs

```js
export default class Widget {
  constructor(attrs, register, opts) {
...
```
2023-10-05 22:19:54 +02:00
Penar Musaraj
921f1279b9
DEV: Update webauthn authentication documentation (#23787)
Also adds a `userHandle` check for first factor verification, though this is not yet implemented in Rails controllers and UI.
2023-10-05 15:22:43 -04:00
Jarek Radosz
8a6aaf9446
DEV: Convert user-status modal to a glimmer component (#23798) 2023-10-05 21:22:28 +02:00
Jarek Radosz
4db41ed28a
DEV: Do not manually create app-events on models (#23799) 2023-10-05 21:22:16 +02:00