Commit Graph

47282 Commits

Author SHA1 Message Date
Krzysztof Kotlarek
e313190fdb
FEATURE: better UI to manage 2fa (#19338)
In this PR, we introduced an option, that when all authenticators are disabled, but backup codes still exists, user can authenticate with those backup codes. This was reverted as this is not expected behavior.

https://github.com/discourse/discourse/pull/18982

Instead, when the last authenticator is deleted, backup codes should be deleted as well. Because this disables 2fa, user is asked to confirm that action by typing text.

In addition, UI for 2fa preferences was refreshed.
2022-12-08 09:41:22 +11:00
Penar Musaraj
63119144ff
FIX: Use correct property for theme's color_scheme_id (#19363)
Regressed in 7d7551adfc
2022-12-08 08:21:51 +11:00
jbrw
64b781dacf
PERF: Perform only one category update when creating a new topic (#19361)
When under extremely high load, it has been observed that updating the categories table when creating a new topic can become a bottleneck.

This change will reduce the two updates to one when a new topic is created within a category, and therefore should help with performance when under extremely high load.
2022-12-07 14:35:13 -05:00
Bianca Nenciu
16e3bc3ff4
FIX: Do not reset seen popups when skip_new_user_tips is false (#19345)
* FIX: Save only visible fields from the sidebar page

* FIX: Do not reset seen popups when set to false

If the option was unchecked, but it was not changed at all by the user
it was still sent to the server as a 'false' value which reset all seen
popups. This removes that behavior and resetting the list of seen popups
must be done using the "skip new user tips" button.
2022-12-07 18:27:10 +02:00
David Taylor
1db3a578e4
PERF: Improve Accept header handling for stylesheets and theme-js (#19357)
The default behavior for Rails is to vary the response of an endpoint based on the `Accept:` header, and therefore it returns a `Vary:` header on responses. This instructs browsers and intermediate proxies to key their caches based on the value of the request's `Accept` header. In some cases (e.g. Akamai), the presence of a `Vary` header is enough to prevent caching entirely.

This commit restructures the Rails route definitions so that:
1. The "format" segment of the route is 'required'
2. The "format" segment of the route is constrained to a single value (e.g. `js` or `css`)

Now that the routes are guaranteed to have a `:format` segment, Rails will always prioritize that over the `Accept` header, and will therefore omit the `Vary` header.

Request specs are also added to test this behaviour for both stylesheets and theme-javascripts.
2022-12-07 15:46:35 +00:00
Penar Musaraj
fc22790405
UX: Adjust emoji size in mentions (#19355)
Using pixel sizes to match what we do with a similar element in sidebar.
2022-12-07 10:17:29 -05:00
Gerhard Schlager
d1cddea685
REFACTOR: Make chat summary email notifications easier to translate (#19354) 2022-12-07 15:45:02 +01:00
David Taylor
566793208e
DEV: Support colocation under /admin namespace in themes/plugins (#19353) 2022-12-07 14:24:03 +00:00
Andrei Prigorshnev
f2d0832618
FIX: profile page is not loading (#19351)
When looking as an anonymous user at a profile page of another user (who has user status with an ending date) the profile page wasn't loading.

Reported in https://meta.discourse.org/t/profile-page-not-loading/247928.
2022-12-07 16:09:50 +04:00
Jarek Radosz
d3649873a2
DEV: Replace preferences/username route with a component (#19318)
That was a weird UX (why hide the preferences navigation?) and a deprecated implementation (manually rendering a template into a named outlet)

This PR replaces it with an inline component.
2022-12-07 11:16:01 +01:00
Alan Guo Xiang Tan
207b764ea3
UX: Exclude search ignored and user muted categories in similarity search (#19349)
When finding the candidates for `Topic.similar_to`, we will now ignore
topics in categories where `Category#search_priority` has been set to
ignore and also topics in categories which the user has specifically
muted.

Internal Ref: /t/87132
2022-12-07 11:33:01 +08:00
GeckoLinux
5aaaf26636
Update server.en.yml (#19348)
Remove " on disk" from description of `maximum_backups`, because the setting also works for S3.
2022-12-07 09:38:47 +08:00
Andrei Prigorshnev
26a45e8166
FIX: error when opening a previously deleted post (#19346)
The repro for the bug:

Add a post with a mention of a user
Post another post below
Delete the first post with a mention
Reload the page and try to attempt to view hidden reply
2022-12-06 23:49:34 +04:00
Isaac Janzen
b341f75400
DEV: Render the scroll area at correct times (#19333)
- Only display topic actions (reply / notification bell) under correct circumstances (multiple posts present, etc)
- Moves topic actions from `glimmer-topic-timeline` into `glimmer-topic-timeline/container` where it should be
2022-12-06 13:35:02 -06:00
Isaac Janzen
5a40c31110
DEV: Update inappropriate flag text (#19344) 2022-12-06 12:43:46 -06:00
Joffrey JAFFEUX
179d15d90e
FIX: webhook should touch channel’s last_message_sent_at (#19342) 2022-12-06 19:33:39 +01:00
Roman Rizzi
9c8043a4d2
FEATURE: Enforce mention limits for chat messages (#19034)
* FEATURE: Enforce mention limits for chat messages

The first part of these changes adds a new setting called `max_mentions_per_chat_message`, which skips notifications when the message contains too many mentions. It also respects the `max_users_notified_per_group_mention` setting
and skips notifications if expanding a group mention would exceed it.

We also include a new component to display JIT warning for these limits to the user while composing a message.

* Simplify ignoring/muting filter in chat_notifier

* Post-send warnings for unsent warnings

* Improve pluralization

* Address review feedback

* Fix test

* Address second feedback round

* Third round of feedback

Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
2022-12-06 14:54:04 -03:00
Joffrey JAFFEUX
4e92a6e804
FIX: uses CDN when available for chat mp3 sounds (#19341) 2022-12-06 16:27:59 +01:00
Discourse Translator Bot
58ffa06d4a
Update translations (#19340) 2022-12-06 16:22:23 +01:00
Andrei Prigorshnev
a76d864c51
FEATURE: Show live user status on inline mentions on posts (#18683)
Note that we don't have a database table and a model for post mentions yet, and I decided to implement it without adding one to avoid heavy data migrations. Still, we may want to add such a model later, that would be convenient, we have such a model for mentions in chat.

Note that status appears on all mentions on all posts in a topic except of the case when you just posted a new post, and it appeared on the bottom of the topic. On such posts, status won't be shown immediately for now (you'll need to reload the page to see the status). I'll take care of it in one of the following PRs.
2022-12-06 19:10:36 +04:00
Rafael dos Santos Silva
d247e5d37c
FEATURE: Youtube Short onebox support (#19335)
* FEATURE: Youtube Shorts onebox support

Co-authored-by: Canapin <canapin@gmail.com>
2022-12-06 11:56:48 -03:00
Penar Musaraj
57fe57e7ce
FIX: URL fragments not purging (#19324)
Fixes issue introduced in commit 2704a02e3a. Once a user visited an in-page anchor, that URL "stuck" in the browser's address bar. See also https://meta.discourse.org/t/anchors-url-not-purge-when-page-changed/244484 for a detailed report.
2022-12-06 09:52:59 -05:00
Bianca Nenciu
e5a18dddac
FIX: Update match_count of screened IP address (#19321)
When a screened IP address is matched because it is either blocked or
allowed it should update match_count. This did not work because it
tried to validate the IP address and it failed as it matched with
itself.
2022-12-06 13:09:38 +02:00
Martin Brennan
e6f9504dd6
FEATURE: Allow user_status scope for UserApiKey (#19296)
Follow-up to 6357a3ce33
where we allowed a general API key scope for user status
GET/PUT/DELETE, this commit allows the same for the
UserApiKey system.
2022-12-06 08:56:03 +10:00
Martin Brennan
22a55ef0ce
DEV: Add messages_count to ChatChannel table (#19295)
This commit adds the messages_count column for ChatChannel messages,
which is the number of not-deleted messages in the channel.

This is not updated every time a message is created or deleted in a
channel, so it should not be displayed in the UI.
It is updated eventually via Jobs::ChatPeriodicalUpdates, which
will have additional functions in future after being introduced
here.

Also update these counts for existing channels in a post migration.
2022-12-06 08:40:46 +10:00
dependabot[bot]
ea542d632a
Build(deps): Bump timeout from 0.3.0 to 0.3.1 (#19325)
Bumps [timeout](https://github.com/ruby/timeout) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/ruby/timeout/releases)
- [Commits](https://github.com/ruby/timeout/compare/v0.3.0...v0.3.1)

---
updated-dependencies:
- dependency-name: timeout
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:01:32 +08:00
dependabot[bot]
1ab465f1fe
Build(deps): Bump uri from 0.11.0 to 0.12.0 (#19326)
Bumps [uri](https://github.com/ruby/uri) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/ruby/uri/releases)
- [Commits](https://github.com/ruby/uri/compare/v0.11.0...v0.12.0)

---
updated-dependencies:
- dependency-name: uri
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:01:25 +08:00
dependabot[bot]
11b324cd09
Build(deps): Bump digest from 3.1.0 to 3.1.1 (#19327)
Bumps [digest](https://github.com/ruby/digest) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/ruby/digest/releases)
- [Commits](https://github.com/ruby/digest/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: digest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:01:13 +08:00
dependabot[bot]
990c156fd5
Build(deps): Bump json from 2.6.2 to 2.6.3 (#19328)
Bumps [json](https://github.com/flori/json) from 2.6.2 to 2.6.3.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.6.2...v2.6.3)

---
updated-dependencies:
- dependency-name: json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:00:50 +08:00
dependabot[bot]
eb2ec1e811
Build(deps): Bump net-protocol from 0.1.3 to 0.2.0 (#19330)
Bumps [net-protocol](https://github.com/ruby/net-protocol) from 0.1.3 to 0.2.0.
- [Release notes](https://github.com/ruby/net-protocol/releases)
- [Commits](https://github.com/ruby/net-protocol/compare/v0.1.3...v0.2.0)

---
updated-dependencies:
- dependency-name: net-protocol
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 06:00:22 +08:00
dependabot[bot]
57ef622d8e
Build(deps): Bump racc from 1.6.0 to 1.6.1 (#19331)
Bumps [racc](https://github.com/tenderlove/racc) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/tenderlove/racc/releases)
- [Changelog](https://github.com/ruby/racc/blob/master/ChangeLog)
- [Commits](https://github.com/tenderlove/racc/compare/v1.6.0...v1.6.1)

---
updated-dependencies:
- dependency-name: racc
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-06 05:59:45 +08:00
Alan Guo Xiang Tan
ff40c890ac
DEV: Correct order of triggering topic trashed and recovered event (#19313)
Previously we would trigger the event before the `Topic#deleted_at`
column has been updated making it hard for plugins to correctly work
with the model when its new state has not been persisted in the
database.
2022-12-06 05:56:16 +08:00
Joffrey JAFFEUX
cc769ac916
FIX: new message brings a direct message channel to the top (#19332)
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-12-05 22:49:42 +01:00
Joffrey JAFFEUX
1d42cc94a2
FIX: nullify active channel only when not on a chat channel (#19319)
This would nullify the active channel when going from channel settings page to the channel.
2022-12-05 22:42:35 +01:00
Isaac Janzen
04acee5de3
Fix timeline admin menu button spacing (#19322) 2022-12-05 12:41:24 -06:00
Blake Erickson
738f1958d8
FIX: Only modify secured sidebar links on user promotion/demotion (#19141)
* FIX: Only modify secured sidebar links on user promotion/demotion

If a user is created populate their sidebar with the default
categories/tags that they have access to.

If a user is promoted to admin populate any new categories/tags that
they now have access to.

If an admin is demoted remove any categories/tags that they no longer
have access to.

This will only apply for "secured" categories. For example if these are
the default sitebar categories:

- general
- site feedback
- staff

and a user only has these sidebar categories:

- general

when they are promoted to admin they will only receive the "staff"
category. As this is a default category they didn't previously have
access to.

* Add spec, remove tag logic on update

Change it so that if a user becomes unstaged it used the "add" method
instead of the "update" method because it is essentially following the
on_create path.

On admin promotion/demotion remove the logic for updating sidebar tags because
we don't currently have the tag equivalent like we do for User.secure_categories.

Added the test case for when a user is promoted to admin it should
receive *only* the new sidebar categories they didn't previously have
access to. Same for admin demotion.

* Add spec for suppress_secured_categories_from_admin site setting

* Update tags as well on admin promotion/demotion

* only update tags when they are enabled

* Use new SidebarSectionLinkUpdater

We now have a SidebarSectionLinkUpdater
that was introduced in: fb2507c6ce

* remove empty line
2022-12-05 11:39:10 -07:00
Bianca Nenciu
93859037ef
FEATURE: Improve composer warnings for mentions (#18796)
* FEATURE: Show warning if group cannot be mentioned

A similar warning is displayed when the user cannot be mentioned because
they have not been invited to the topic.

* FEATURE: Resolve mentions for new topic

This commit improves several improvements and refactors
/u/is_local_username route to a better /composer/mentions route that
can handle new topics too.

* FEATURE: Show warning if only some are notified

Sometimes users are still notified even if the group that was mentioned
was not invited to the message. This happens because its members were
invited directly or are members of other groups that were invited.

* DEV: Refactor _warnCannotSeeMention
2022-12-05 20:22:05 +02:00
Isaac Janzen
b46a7b51f7
DEV: htmlSafe timeline topic title (#19320) 2022-12-05 11:31:57 -06:00
Bianca Nenciu
7d7551adfc
DEV: Remove user options from current user serializer (#19089)
User options were serialized at the root level of CurrentUserSerializer,
but UserSerializer has a user_option field. This inconsistency caused
issues in the past because user_option fields had to be duplicated on
the frontend.
2022-12-05 18:25:30 +02:00
Joffrey JAFFEUX
68c4f16a73
FEATURE: channels can allow/disallow @all/@here mentions (#19317)
The settings tab of each category channel should now present the option to allow or disallow channel wide mentions: @here and @all.

When disallowed, using these mentions in the channel should have no effect.
2022-12-05 17:03:51 +01:00
Ayke Halder
569299b7a9
DEV: use structured data in topic-list for referencing only (#16235)
This simplifies the ItemList to only be a point of reference to the
actual DiscussionForumPosting objects.

See "Summary page": https://developers.google.com/search/docs/advanced/structured-data/carousel?hl=en#summary-page

Co-authored-by: Bianca Nenciu <nenciu.bianca@gmail.com>
2022-12-05 18:00:32 +02:00
David Taylor
f06be7d295
DEV: Fix multiple set-cookie through Ember-CLI proxy (#19316)
The `Set-Cookie` header is an exceptional case where multiple values are allowed, and should not be joined into a single header. Because of its browser-focussed origins (where set-cookie is not visible), `fetch()` does not have a clean API for this. Instead we have to access the `raw()` data.

This fixes various authentication-related issues when developing via the Ember CLI proxy.
2022-12-05 15:01:55 +00:00
Kris
6d1de26279
UX: refactor & update small post styles (#19274) 2022-12-05 09:54:29 -05:00
Penar Musaraj
1245743595
FIX: Don't force show topic map on non-first posts (#19302)
By default, the topic map in the OP shows only if there are replies.
Some themes may want to show it at all times, and to do so, they can
use the API via `api.includePostAttributes('topicMap');`.

But this was including the topic map in every post. This change ensures
that attribute is only set for the first post (and it only affects that
API endpoint).
2022-12-05 15:42:32 +01:00
Natalie Tay
d2c5c65e29
DEV: Remove unused i18n keys (#19312) 2022-12-05 22:01:54 +08:00
Joffrey JAFFEUX
105f38c04a
FIX: ensures chat channel metadata date is updated (#19314) 2022-12-05 14:47:01 +01:00
David Taylor
3c6bd97efe
DEV: Document ALLOW_EMBER_CLI_PROXY_BYPASS in error page (#19315) 2022-12-05 13:44:16 +00:00
dependabot[bot]
cc88e9fdda
Build(deps): Bump decode-uri-component in /app/assets/javascripts (#19311)
Bumps [decode-uri-component](https://github.com/SamVerschueren/decode-uri-component) from 0.2.0 to 0.2.2.
- [Release notes](https://github.com/SamVerschueren/decode-uri-component/releases)
- [Commits](https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.2)

---
updated-dependencies:
- dependency-name: decode-uri-component
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:39:50 +01:00
dependabot[bot]
8034614dd3
Build(deps): Bump terser in /app/assets/javascripts (#19309)
Bumps [terser](https://github.com/terser/terser) from 5.16.0 to 5.16.1.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/5.16.0...v5.16.1)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:39:00 +01:00
dependabot[bot]
3df6a2bca9
Build(deps): Bump eslint in /app/assets/javascripts (#19307)
Bumps [eslint](https://github.com/eslint/eslint) from 8.28.0 to 8.29.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.28.0...v8.29.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-05 12:31:33 +08:00