Commit Graph

27846 Commits

Author SHA1 Message Date
Martin Brennan
e69f7d2fd9
SECURITY: Limit user profile field length (#18302)
Adds limits to location and website fields at model and DB level
to match the bio_raw field limits. A limit cannot be added at the
DB level for bio_raw because it is a postgres text field.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-09-21 12:07:06 +10:00
Kris
b98cd73ace
FEATURE: add tooltips to timeline start/end dates (#18294) 2022-09-21 09:46:14 +08:00
Osama Sayegh
3d2de7ca03
FIX: Add missing string for reviewables in user menu when reviewable post is deleted (#18295) 2022-09-21 09:05:08 +10:00
Keegan George
ea27079ffa
FIX: Sidebar scroll fade on older iOS (#18299)
* DEV: Use explicit transparent color rather than keyword
* DEV: Use variable for dark mode
* DEV: Add mobile style
2022-09-21 09:03:40 +10:00
Rafael dos Santos Silva
09cec7d6dd
FIX: Fix GitHub onebox syntax highlight (#18300)
Highlight.js 11 deprecated the feature to highlight HTML blocks while
keeping the HTML structure, which broke our GitHub onebox syntax
highlight.

This patch adds it back by bringing the maintainers code as a plugin.

See https://github.com/highlightjs/highlight.js/issues/2889
2022-09-21 09:01:14 +10:00
Keegan George
8b044cbc28
UX: Add ability to scroll when height is limited (#18297) 2022-09-20 13:48:00 -07:00
Osama Sayegh
496f910f03
DEV: Various A11Y improvements for the new user menu (#18288)
This commit includes various accessibility improvements for the new user menu:

* Add `title` attributes to the user menu tabs
* Properly label lists (by adding `aria-labelledby` to `<ul>` elements) for screen readers
* Change the user menu structure so that the tabs come before the content panel in the DOM, but use CSS to reverse them visually.
  Normally, changing the order of elements via CSS is bad for accessibility, but I believe this is one of the rare scenarios where it [makes sense](https://developer.mozilla.org/en-US/docs/Web/CSS/CSS_Flexible_Box_Layout/Ordering_Flex_Items#use_cases_for_order). Prior to this change, if you want to reach the first notification item after you select a tab using the keyboard, you have to hit <kbd>ctrl</kbd>+<kbd>tab</kbd> because the notifications list is before the tabs list. However, with this change, <kbd>tab</kbd> will move you to the first item in the list after you select a tab using your keyboard.
* Aria-hide the unread notifications badge/count on the tabs because the `title` attribute on the tab indicates the unread count.
* Add some tests.
2022-09-20 19:31:56 +03:00
Rafael dos Santos Silva
685e0da8c3
DEV: Update highlight.js to version 11 (#18282) 2022-09-20 12:43:28 -03:00
David Taylor
f71a981cb9
DEV: Remove testem parallel limit (#18290)
In itself, this change will not cause tests to run in parallel. It just unlocks the ability to use tools like `ember exam` to run tests in parallel. For example:

```
yarn ember exam --load-balance --parallel=3 --random
```
2022-09-20 15:43:06 +01:00
David Taylor
d0243f741e
UX: Use dominant color as image loading placeholder (#18248)
We previously had a system which would generate a 10x10px preview of images and add their URLs in a data-small-upload attribute. The client would then use that as the background-image of the `<img>` element. This works reasonably well on fast connections, but on slower connections it can take a few seconds for the placeholders to appear. The act of loading the placeholders can also break or delay the loading of the 'real' images.

This commit replaces the placeholder logic with a new approach. Instead of a 10x10px preview, we use imagemagick to calculate the average color of an image and store it in the database. The hex color value then added as a `data-dominant-color` attribute on the `<img>` element, and the client can use this as a `background-color` on the element while the real image is loading. That means no extra HTTP request is required, and so the placeholder color can appear instantly.

Dominant color will be calculated:
1. When a new upload is created
2. During a post rebake, if the dominant color is missing from an upload, it will be calculated and stored
3. Every 15 minutes, 25 old upload records are fetched and their dominant color calculated and stored. (part of the existing PeriodicalUpdates job)

Existing posts will continue to use the old 10x10px placeholder system until they are next rebaked
2022-09-20 10:28:17 +01:00
Alan Guo Xiang Tan
e7091d2f59
DEV: Remove redundant args for user-main-nav plugin outlet (#18284) 2022-09-20 17:12:15 +08:00
Alan Guo Xiang Tan
27bff3fcfa
UX: Add icons to all navigation link on user page (#18283) 2022-09-20 12:44:40 +08:00
Andrei Prigorshnev
37777ac3a2
DEV: use sketchy favicon in dev ember proxy (#18280) 2022-09-20 10:53:18 +10:00
Gerhard Schlager
7b243f3955
FIX: Overriding text with admin_js.* keys didn't work (#18281) 2022-09-20 10:47:57 +10:00
Gerhard Schlager
f91426a7fa
FIX: Empty inline BBCodes were broken (#18276)
Upgrading to Markdown.it v13 broke empty inline BBCodes. This works around the problem by adding an empty token before a closing token if the previous token was a BBCode token.

It also removes the unused `jump` attribute which was removed in Markdown.it v12.3
2022-09-20 09:50:22 +10:00
Jordan Vidrine
a766bf8818
UX: Welcome topic CTA adjustments (#18168)
* UX: Adjust welcome cta

* more

* FIX: Adjust test syntax
2022-09-19 16:40:44 -05:00
Penar Musaraj
36aec7f546
DEV: Add two new plugin outlets in topic list (#18270) 2022-09-19 18:35:13 +02:00
Osama Sayegh
0414bd00ae
DEV: Tone down copy in experimental user menu for pending users (#18277)
The experimental user menu has a tab that displays recent reviewables and at the moment when a new signs up for the site and they need to be approved, admins see a very scary "suspicious user" copy in the reviewables tab in the user menu. We don't need the copy to be very scary because when a user needs to be approved, it's because the site operator has configured the site to force all new users to go through the review queue and it's not some kind of spam detector flagging the user.
2022-09-19 19:32:34 +03:00
Kris
dc6418bd8f
Revert "UX: Retry "left-align title with content for sidebar (#18202)" (#18242)" (#18278)
This reverts commit 5ee760dc2c.
2022-09-19 11:05:41 -04:00
Arpit Jalan
ce27dbd560
FIX: header offset position was not correct in some cases (#18155)
When a topic is opened in a new tab and is fully loaded the scroll
position is a bit off.

This commit partially reverts 9a55c9c433.
2022-09-19 14:56:34 +02:00
Alan Guo Xiang Tan
754ad42344
UX: Use the same text for linking to more categories and tags in sidebar (#18275)
Before this change, anonymous user and a logged in user used different
text for the links to the categories and tags routes.

Follow-up to 321aa4b4b4
2022-09-19 12:01:08 +08:00
Jarek Radosz
5259198c61
DEV: Extract virtual keyboard code (#18267)
Makes it possible for other code to use `.keyboard-visible` class on `<html>` element.
2022-09-16 21:09:28 +02:00
David Taylor
3904c23121
Introduce warning message for Safari 13 and below (#18258)
Discourse will be dropping support for these browsers in early 2023. https://meta.discourse.org/t/224747
2022-09-16 11:17:49 +01:00
dependabot[bot]
4af080d20b
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18266) 2022-09-16 02:05:44 +02:00
David Taylor
3e8b6c67ea
FIX: Do not attempt to serialize Tag objects when tagging disabled (#18264)
When tagging is enabled, we were correctly serializing tags by their name. However, when tagging was disabled we were attempting to serialize an entire Tag object which raises an error since ee07f6da7d.

https://meta.discourse.org/t/232885
2022-09-15 16:17:48 +01:00
Jarek Radosz
87f8bafa7e
DEV: Remove obsolete CSS prefixes (#18262) 2022-09-15 16:54:08 +02:00
Jarek Radosz
658eedeaa7
UX: Avoid showing text cursor on unselectables (#18261) 2022-09-15 15:56:45 +02:00
Joffrey JAFFEUX
1a2bf52656
DEV: adds includes helper to templates (#18259)
Usage :

```
{{#if (includes fooArray foo)}}
```

```
{{#if (includes fooString foo)}}
```
2022-09-15 14:20:37 +02:00
Jarek Radosz
e567eeb927
DEV: Log theme error names and messages (#18260) 2022-09-15 14:14:52 +02:00
Penar Musaraj
2704a02e3a
FIX: In-page anchor links were broken in subfolder setups (#18250)
The key fix in this commit is that it removes `this.replaceState(path)` for anchor-only URLs. We still intercept those routing changes to properly calculate the scroll position of the anchor via `jumpToElement`, but we no longer use the Ember router to override the browser's history. This fixes the subfolder issue and also lets the browser maintain its history correctly.

The commit also includes a small refactor to the `jumpToElement` helper to facilitate stubbing in tests.
2022-09-15 08:09:34 -04:00
dependabot[bot]
38dab71448
Build(deps): Bump @babel/core in /app/assets/javascripts (#18256)
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.19.0 to 7.19.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.1/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2022-09-15 12:02:05 +02:00
dependabot[bot]
51ee861ab3
Build(deps): Bump @babel/standalone in /app/assets/javascripts (#18255)
Bumps [@babel/standalone](https://github.com/babel/babel/tree/HEAD/packages/babel-standalone) from 7.19.0 to 7.19.1.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.19.1/packages/babel-standalone)

---
updated-dependencies:
- dependency-name: "@babel/standalone"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-15 12:01:01 +02:00
Alan Guo Xiang Tan
b18f1fefda
UX: Remove height CSS preventing sidebar touch scrolling on mobile (#18257) 2022-09-15 17:17:08 +08:00
Alan Guo Xiang Tan
2583d21aa7
UX: Improve styling of sidebar on mobile (#18246)
* Make sidebar footer is sticky
* Ensure that only the sidebar sections is scrollable
2022-09-15 11:35:33 +08:00
Penar Musaraj
86ecb6c58b
DEV: update yes/no confirmation dialogs (#18181) 2022-09-14 11:06:56 -04:00
David Taylor
04e433d286
PERF: Skip image placeholders when secure_media is enabled (#18247)
Secure media requests go through the app. In topics with many images, this makes it very easy to hit rate limiters. Skipping the low-res placeholders reduces the chance of this problem occuring.
2022-09-14 12:42:59 +01:00
Joffrey JAFFEUX
09a434e2d8
DEV: emoji model should set the group of the emoji (#18237)
We do it for custom emojis but not for standard emojis which is quite unexpected and limit the use cases we can have for it.
2022-09-14 13:10:48 +02:00
communiteq
56555a0231
Disallow access to raw email for non-staff users (#17569) 2022-09-14 09:57:12 +08:00
Pixlz
dee8a1db20
UX: Do not mark activity table heading as a cursor (#18244) 2022-09-13 18:26:41 -04:00
Osama Sayegh
2f428023da
DEV: ctrl+click on user menu items should open in new tab (#18243) 2022-09-13 18:25:40 -04:00
Jarek Radosz
5ee760dc2c
UX: Retry "left-align title with content for sidebar (#18202)" (#18242)
Reverts #18241 and fixes issues with the original PR:

1. Remove an extraneous `margin-left: auto` from a grid cell (this was causing the buggy behavior in webkit)
2. Add `grid-area` name to `.extra-info-wrapper`
3. Account for `.wrap` padding
4. Remove unused css (`.header-row` and inner styles)
2022-09-13 21:45:31 +02:00
Kris
c69473128b
UX: improve composer toolbar flexibility (#18195) 2022-09-13 14:20:33 -04:00
Osama Sayegh
19909a74b0
DEV: Add a tab for watching notifications to the experimental user menu (#18240)
This commit adds a new tab to the experimental user menu for the `posted` and `watching_first_post` notification types.

Internal topic: t/72835.
2022-09-13 20:52:02 +03:00
Kris
6c1b6a98ff
Revert header sidebar change 0ef68f5 (#18241) 2022-09-13 13:20:08 -04:00
Penar Musaraj
b8adb70973
DEV: Refactor composer and logout dialogs (#18156) 2022-09-13 12:30:52 -04:00
Roman Rizzi
08cb9ecca4
FIX: Don't delete previous messages when we're inside the sent_recently window. (#18239)
`delete_previous!` deletes existing topics even when we cannot send a new one due to the `limit_once_per` option. The dashboard problems PM gets deleted the next time the job runs (30 minutes), so the inbox could be empty when
admins click on the summary notification.
2022-09-13 12:43:24 -03:00
Kris
5865868c76
remove unused grid-area (#18238) 2022-09-13 10:49:43 -04:00
Osama Sayegh
12ebdf0ff0
DEV: Convert experimental user menu tabs to links when they're active (#18158)
This PR restores a small feature which was present in the old menu and allowed users to click on the active tab in the menu to navigate to some page that showed the same items in the menu but with more details.

For example, if you switch to the PMs tab and then click on it again, currently nothing happens. However, with this change, clicking on the tab again will take you to your messages page at `/my/messages`.

Note: plugins that register custom tabs in the menu can provide a `linkWhenActive` property for their tab if they wish to mimic core's tabs, but it's optional; if they don't provide one, the tab will do nothing if the user clicks on it again.

Internal topic: t/73349.
2022-09-13 17:12:27 +03:00
Osama Sayegh
8c2c96af25
DEV: Ensure experimental user menu is always closed after clicking on items (#18231)
Because Discourse is a single-page application, clicks on the majority of `<a>` elements in the app need to be intercepted by JavaScript to prevent browsers' default action (full page reload). Links in the user menu - which include notifications, reviewables, bookmarks etc. - are no exception to this rule and currently clicks on these items are handled by the global [click-interceptor](1fa21ed415/app/assets/javascripts/discourse/app/lib/intercept-click.js (L20)) which calls the `preventDefault` function on the click event object and uses the `DiscourseURL.routeTo` function to route the user to the page they request.

However, for links in the user menu, there's an extra step which is to let the header know that it should close the user menu after clicking an item in the menu, but the global interceptor doesn't know that because the step is specific to links in the user menu. This can cause a bug on mobile devices where the menu remains open after clicking on a notification which results in the user having to close the menu to see the page that the notification takes them to.

This commit adds a click handler to user menu items that ensures the menu is closed when an item is clicked and navigates the user to wherever the item links to. There's a small downside to this change which is that user menu items now have their own click interceptor instead of relying on the global interceptor, i.e. duplicated logic, but since it's only a couple of lines, I think we can live with it for a while.

I did try to make the click handler of the user menu items only close the menu (call the `closeUserMenu` function), but for some reasons it caused a full page reload to happen when clicking a notification item due to some weird interactions between the header widget and the user menu. I didn't debug this thoroughly because we have plans to change the header implementation from widgets/virtual-dom to Glimmer component, which will likely resolve that weird full page reload issue and we'll be able to make the click handler just close the menu and let the global interceptor prevents the default action and do the routing.

Internal topic: t/71911/118.
2022-09-13 15:44:45 +03:00
Kris
0ef68f52d8
UX: left-align title with content for sidebar (#18202) 2022-09-13 09:46:57 +08:00