Commit Graph

254 Commits

Author SHA1 Message Date
Régis Hanol
821e920711 DEV: fix deprecation warnings in specs
Also fixed a typo in a string key "max_pm_recepients" -> "max_pm_recipients"
2020-01-23 16:37:48 +01:00
Martin Brennan
7c32411881
FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664)
### General Changes and Duplication

* We now consider a post `with_secure_media?` if it is in a read-restricted category.
* When uploading we now set an upload's secure status straight away.
* When uploading if `SiteSetting.secure_media` is enabled, we do not check to see if the upload already exists using the `sha1` digest of the upload. The `sha1` column of the upload is filled with a `SecureRandom.hex(20)` value which is the same length as `Upload::SHA1_LENGTH`. The `original_sha1` column is filled with the _real_ sha1 digest of the file. 
* Whether an upload `should_be_secure?` is now determined by whether the `access_control_post` is `with_secure_media?` (if there is no access control post then we leave the secure status as is).
* When serializing the upload, we now cook the URL if the upload is secure. This is so it shows up correctly in the composer preview, because we set secure status on upload.

### Viewing Secure Media

* The secure-media-upload URL will take the post that the upload is attached to into account via `Guardian.can_see?` for access permissions
* If there is no `access_control_post` then we just deliver the media. This should be a rare occurrance and shouldn't cause issues as the `access_control_post` is set when `link_post_uploads` is called via `CookedPostProcessor`

### Removed

We no longer do any of these because we do not reuse uploads by sha1 if secure media is enabled.

* We no longer have a way to prevent cross-posting of a secure upload from a private context to a public context.
* We no longer have to set `secure: false` for uploads when uploading for a theme component.
2020-01-16 13:50:27 +10:00
Dan Ungureanu
c2d051315d FIX: Create post notices only for public posts (#8708)
This also ensures only public posts are considered when creating post
notices for new and returning users.
2020-01-15 11:40:19 +01:00
Sam Saffron
941162e90e FIX: draft not clearing when replying to new topic
This amends our API so we provide it with the draft key when saving a post
this means post creator can clean up the draft consistently even if we are
doing fancy stuff like replying to a new topic or new pm or whatever.

There will be some followup work to clean it up so client never calls destroy
on draft during normal operation and the #create/#update endpoints takes care of it
every time
2019-11-26 18:23:20 +11:00
Penar Musaraj
5c5d8a307a FIX: Only trigger upload ACL update when needed
In `post_creator`, the ACL update is only necessary when uploads need to be secured.

This should fix a regression with S3 clones that do not support updating ACLs.
2019-11-25 11:20:33 -05:00
Dan Ungureanu
a992caf741
DEV: Replace magic values (#8398)
Follow-up to 35942f7c7c.
2019-11-25 14:32:19 +02:00
Penar Musaraj
102909edb3 FEATURE: Add support for secure media (#7888)
This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. 

A few notes: 

- the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads
- the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured
- upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status
- when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error
- when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-18 11:25:42 +10:00
Sam Saffron
d8f7f363cd FEATURE: stop updating last_posted_at on users for messages and whispers
This ensures we only update last_posted_at which is user facing for non messages
and non whispers.

We still update this date for secure categories, we do not revert it for
deleted posts.
2019-10-31 09:01:26 +11:00
Daniel Waterworth
55a1394342 DEV: pluck_first
Doing .pluck(:column).first is a very common pattern in Discourse and in
most cases, a limit cause isn't being added. Instead of adding a limit
clause to all these callsites, this commit adds two new methods to
ActiveRecord::Relation:

pluck_first, equivalent to limit(1).pluck(*columns).first

and pluck_first! which, like other finder methods, raises an exception
when no record is found
2019-10-21 12:08:20 +01:00
Sam Saffron
f5d1aff8dd FEATURE: experimental hidden setting for draft backups
Under exceptional situations the automatic draft feature can fail.

This new **hidden, default off** site setting
`backup_drafts_to_pm_length` will automatically backup any draft that is
saved by the system to a dedicated PM (originating from self)

The body of that PM will contain the text of the reply.

We can enable this feature strategically on sites exhibiting issues to
diagnose issues with the draft system and offer a recourse to users who
appear to lose drafts. We automatically checkpoint these drafts every 5
minutes forcing a new revision each 5 minutes so you can revert to old
content.

Longer term we are considering automatically enabling this kind of feature
for extremely long drafts where the risk is really high one could lose
days of writing.
2019-10-17 16:58:21 +11:00
Krzysztof Kotlarek
427d54b2b0 DEV: Upgrading Discourse to Zeitwerk (#8098)
Zeitwerk simplifies working with dependencies in dev and makes it easier reloading class chains. 

We no longer need to use Rails "require_dependency" anywhere and instead can just use standard 
Ruby patterns to require files.

This is a far reaching change and we expect some followups here.
2019-10-02 14:01:53 +10:00
Daniel Waterworth
3407445831 FIX: Prevent deadlock (#7691)
Before the locking here was added, replying to a post and liking a post
at roughly the same time could cause a deadlock.

Liking a post grabs an update lock on the post and then on the topic (to
update like counts).

We now lock the replied to post before getting the topic lock so that we
can update the replied to post later without causing a deadlock.
2019-06-05 11:29:27 +10:00
Dan Ungureanu
da39d66e83
DEV: Improve support for plugins. (#7332)
* DEV: Allow NewPostManager handlers handle PMs.
* DEV: Add custom fields topic option to PostCreator.
* DEV: Add topic_id to serializer data.
* DEV: Wrap topic title from notification item in a span.
2019-05-25 16:53:03 +03:00
Sam Saffron
30990006a9 DEV: enable frozen string literal on all files
This reduces chances of errors where consumers of strings mutate inputs
and reduces memory usage of the app.

Test suite passes now, but there may be some stuff left, so we will run
a few sites on a branch prior to merging
2019-05-13 09:31:32 +08:00
Guo Xiang Tan
152238b4cf DEV: Prefer public_send over send. 2019-05-07 09:33:21 +08:00
Sam Saffron
1be01f8dd4 DEV: Add support for Rails 6
Minor fixes to add Rails 6 support to Discourse, we now will boot
with RAILS_MASTER=1, all specs pass

Only one tiny deprecation left

Largest change was the way ActiveModel:Errors changed interface a
bit but there is a simple backwards compat way of working it
2019-05-02 16:23:25 +10:00
Sam Saffron
45285f1477 DEV: remove update_attributes which is deprecated in Rails 6
See: https://github.com/rails/rails/pull/31998

update_attributes is a relic of the past, it should no longer be used.
2019-04-29 17:32:25 +10:00
Dan Ungureanu
57d1dea8a2
FEATURE: Let staff add custom post notices. (#7377) 2019-04-19 17:53:58 +03:00
David Taylor
24ef4f7b2b Remove support for disable_jump_reply user setting (#7359) 2019-04-12 09:03:06 +10:00
Robin Ward
b58867b6e9 FEATURE: New 'Reviewable' model to make reviewable items generic
Includes support for flags, reviewable users and queued posts, with REST API
backwards compatibility.

Co-Authored-By: romanrizzi <romanalejandro@gmail.com>
Co-Authored-By: jjaffeux <j.jaffeux@gmail.com>
2019-03-28 12:45:10 -04:00
Sam Saffron
9ebabc1de8 FEATURE: unconditionally update Topic updated_at when posts change in topic
Previously we would bypass touching `Topic.updated_at` for whispers and post
recovery / deletions.

This meant that certain types of caching can not be done where we rely on
this information for cache accuracy.

For example if we know we have zero unread topics as of yesterday and whisper
is made I need to bump this date so the cache remains accurate

This is only half of a larger change but provides the groundwork.

Confirmed none of our serializers leak out Topic.updated_at so this is safe
spot for this info

At the moment edits still do not change this but it is not relevant for the
unread cache.

This commit also cleans up some specs to use the new `eq_time` matcher for
millisecond fidelity comparison of times

Previously `freeze_time` would fudge this which is not that clean.
2019-03-28 17:28:01 +11:00
Tarek Khalil
a31a35b334 FEATURE: Ignored user notification behaviour should be as a muted user (#7227) 2019-03-21 12:15:34 +01:00
David Taylor
ddd3e43326 FIX: Skip create_post_notice when importing
Imports don't necessarily happen in chronological order, so this can cause some very unusual behavior
2019-03-15 13:48:35 +00:00
Dan Ungureanu
32bae48fd3 DEV: Use User#human? User#bot? (#7140) 2019-03-12 07:58:14 +08:00
Dan Ungureanu
b28b418363
FIX: Various improvements to post notices.
- Notices are visible only by poster and trust level 2+ users.
- Notices are not generated for non-human or staged users.
- Notices are deleted when post is deleted.
2019-03-11 11:19:58 +02:00
Dan Ungureanu
ac8425ad30
FIX: Date format and styling for post notices
Follow-up to 35942f7.
2019-03-08 12:25:03 +02:00
Dan Ungureanu
2312caccdc
FEATURE: Skip small actions when counting replies in PMs. (#7108) 2019-03-08 10:49:34 +02:00
Dan Ungureanu
35942f7c7c
FEATURE: Special call-out for new / returning posters. (#7115) 2019-03-08 10:48:35 +02:00
Robin Ward
bc3efab816 FIX: When disagreeing with a flag that silenced a user, unsilence them
Previously it would unhide their post but leave them silenced.

This fix also cleans up some of the helper classes to make it easier
to pass extra data to the silencing code (for example, a link to the
post that caused the user to be silenced.)

This patch also refactors the auto_silence specs to avoid using
stubs.
2019-02-08 08:50:50 -05:00
Guo Xiang Tan
ec27db78be FIX: Set unique post key for a user outside of transaction.
Previously, the Redis key was set within the transaction and the key
isn't deleted if the transaction is not successful.

Note that this isn't tested because we don't have a repro of what can
raise an error within the transaction.

https://meta.discourse.org/t/body-is-too-similar-to-what-you-previously-posted-even-when-previous-post-didnt-go-through/105436
2019-01-08 15:22:22 +08:00
Régis Hanol
788719d271 DEV: speed up posts base imports 2019-01-04 15:30:17 +01:00
Gerhard Schlager
e8053d6e7d FIX: Polls didn't work in imported posts
Imports skip validation of posts, but polls are only created during the validation phase.
2019-01-02 15:26:57 +01:00
Bianca Nenciu
ddd260941e FIX: Fix query selecting users not accepting PMs. 2018-11-29 15:59:30 +08:00
Guo Xiang Tan
d4b05d7bc5 Always link post to uploads in post process.
The operation is cheap anyway so no point skipping.
2018-09-06 14:08:03 +08:00
Guo Xiang Tan
434035f167 FIX: Link post to uploads in PostCreator.
* This ensures that uploads are linked to their post on creation
  instead of a background job which may be delayed if Sidekiq
  is facing difficulties.
2018-09-06 11:18:11 +08:00
Sam
cbd9045c6b FIX: avoid race condition creating posts
in some cases the distributed mutex was not protecting us
and transactions would fail
2018-08-23 15:11:06 +10:00
Osama Sayegh
2711f173dc FIX: don't allow inviting more than max_allowed_message_recipients
* FIX: don't allow inviting more than `max_allowed_message_recipients` setting allows

* add specs for guardian

* user preferences for auto track shouldn't be applicable to PMs (it auto watches on visit)

Execlude PMs from "Automatically track topics I enter..." and "When I post in a topic, set that topic to..." user preferences

* groups take only 1 slot in PM

* just return if topic is a PM
2018-08-23 14:36:49 +10:00
Patrick Gansterer
28dd7fb562 FEATURE: Create hidden posts for received spam emails (#6010)
* Add possibility to add hidden posts with PostCreator

* FEATURE: Create hidden posts for received spam emails

Spamchecker usually have 3 results: HAM, SPAM and PROBABLY_SPAM
SPAM gets usually directly rejected and needs no further handling.
HAM is good message and usually gets passed unmodified.
PROBABLY_SPAM gets an additional header to allow further processing.
This change addes processing capabilities for such headers and marks
new posts created as hidden when received via email.
2018-07-05 11:07:46 +02:00
Guo Xiang Tan
0365806b93 FIX: Properly display error when post action fails to create. 2018-06-20 21:20:23 +08:00
Sam
89ad2b5900 DEV: Rails 5.2 upgrade and global gem upgrade
This updates tests to use latest rails 5 practice
and updates ALL dependencies that could be updated

Performance testing shows that performance has not regressed
if anything it is marginally faster now.
2018-06-07 14:21:33 +10:00
Guo Xiang Tan
c148500d51 FIX: Deadlock when topic with auto close topic timers exceeds auto_close_topics_post_count. 2018-04-23 13:34:24 +08:00
Neil Lalonde
8fc1289172 move topic excerpt code to one method to DRY it up and for extensibility 2018-04-17 15:08:21 -04:00
Robin Ward
b9abd7dc9e FEATURE: Shared Drafts
This feature can be enabled by choosing a destination for the
`shared drafts category` site setting.

* Staff members can create shared drafts, choosing a destination
category for the topic when it is published.

* Shared Drafts can be viewed in their category, or above the
topic list for the destination category where it will end up.

* When the shared draft is ready, it can be published to the
appropriate category by clicking a button on the topic view.

* When published, Drafts change their timestamps to the current
time, and any edits to the original post are removed.
2018-03-20 17:15:26 -04:00
Guo Xiang Tan
1365bab0d7 FEATURE: Live updates for user's messages page.
https://meta.discourse.org/t/group-inbox-messages-not-updated-for-new-posts/38189
2018-03-06 18:15:21 +08:00
Gerhard Schlager
e0d73a957d FEATURE: Allow posting via email to read-only mailing list mirror category 2018-01-05 11:21:53 +01:00
Guo Xiang Tan
ad02437358 FIX: Missing post/topic created web hooks due to race condition. 2018-01-03 17:24:01 +08:00
Gerhard Schlager
613f4d737a FIX: updating topic stats failed silently for invalid topics 2017-11-23 18:47:45 +01:00
Neil Lalonde
9dc9ca4ac0 FIX: be consistent with how first posts in topics are counted. do like DirectoryItem.refresh_period :all 2017-11-10 12:18:25 -05:00
Neil Lalonde
f29290ad11 FIX: don't count whispers in user stats post_count 2017-11-02 18:05:23 -04:00
Guo Xiang Tan
79de10b212 FEATURE: Allow users to disable new PMs.
https://meta.discourse.org/t/is-it-possible-to-disable-private-messaging-for-a-specific-user/46391
2017-10-19 12:32:55 +08:00
Régis Hanol
3bdd8f57c1 FIX: invited staged users would sometimes not get notified of replies 2017-10-06 16:37:28 +02:00
Guo Xiang Tan
4552840e54 REFACTOR: DRY update code that uses duplicated logic. 2017-10-06 14:33:38 +08:00
Guo Xiang Tan
5012d46cbd Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00
Arpit Jalan
7cffbc8ba8 FEATURE: new site setting to limit message recipients
New site setting `max_allowed_message_recipients` to limit message
recipients

https://meta.discourse.org/t/one-of-my-users-just-group-messaged-100-other-user-with-a-spam-offer/65612/7?u=techapj
2017-07-06 22:52:49 +05:30
Guo Xiang Tan
e888369f51 UX: Don't send emails for discobot notifications. 2017-06-12 17:00:27 +09:00
Sam
0aed2533ac Revert unread optimisation, has too many edge cases 2017-05-26 09:04:13 -04:00
Sam
29fac1ac18 PERF: improve performance of unread queries
Figuring out what unread topics a user has is a very expensive
operation over time.

Users can easily accumulate 10s of thousands of tracking state rows
(1 for every topic they ever visit)

When figuring out what a user has that is unread we need to join
the tracking state records to the topic table. This can very quickly
lead to cases where you need to scan through the entire topic table.

This commit optimises it so we always keep track of the "first" date
a user has unread topics. Then we can easily filter out all earlier
topics from the join.

We use pg functions, instead of nested queries here to assist the
planner.
2017-05-25 15:07:30 -04:00
Neil Lalonde
7821400141 FEATURE: staff can set a timer to remind them about a topic 2017-05-16 14:49:50 -04:00
Neil Lalonde
55b61e9bea rename topic_status_update to topic_timer 2017-05-11 18:27:53 -04:00
cpradio
20c2c66dd4 FEATURE: Add normal as a preference for topic subscription state when replying to a topic 2017-04-20 22:33:10 -04:00
Guo Xiang Tan
e4d7e4fbe3 Improve error messages. 2017-04-04 17:19:14 +08:00
Guo Xiang Tan
34b7bee568 FEATURE: Allow admin to auto reopen at topic.
* This commit also introduces a `TopicStatusUpdate`
  model to support other forms of deferred topic
  status update in the future.
2017-03-31 11:14:18 +08:00
Robin Ward
cf7774bdd9 FEATURE: Block muted users from sending you PMs 2017-01-03 14:51:53 -05:00
Sam
2b808ad9da Merge pull request #4609 from joebuhlig/category-topics-wiki
FEATURE: Category setting to make all topics wikis
2016-12-20 09:15:51 +11:00
Neil Lalonde
923cf73c6e Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox. 2016-12-19 14:54:07 -05:00
Joe Buhlig
87251fded7 FEATURE: Category setting to make all topics wikis
FEATURE: Category setting to make all topics wikis
2016-12-19 06:42:18 -06:00
Neil Lalonde
a4c4f13901 Remove the topic_featured_link_onebox setting. We will always try to onebox a link and add it to the body if topic_featured_link_enabled is enabled. 2016-12-09 13:28:12 -05:00
Erick Guan
52763f5115
FEATURE: Allow posting a link with topics 2016-12-05 17:20:54 +01:00
Sam
c04d4171ff FIX: whisper no longer experimental
- Regular users are not notified of whispers
- Regular users no longer have "stuck" topics in unread
- Additional tracking for staff highest post number
- Remove a bunch of unused columns in topics table
2016-12-02 17:03:31 +11:00
cpradio
6f1c31d777 Add notification level user preference when replying to a topic 2016-09-30 14:58:07 -04:00
Robin Ward
79245a25a3 Explain the skip_jobs parameter 2016-08-24 11:06:14 -04:00
Robin Ward
2cb4cb7b72 FIX: Don't enqueue jobs in a transaction 2016-08-23 16:07:59 -04:00
Guo Xiang Tan
5fe4837e28 Add PostCreator#create!. 2016-07-15 11:36:06 +08:00
Robin Ward
baae2a4b7c FIX: Don't update the last read post when disable jump reply is set 2016-06-08 14:08:19 -04:00
Neil Lalonde
f13470b96b Use db schema for tags instead of plugin store and custom fields 2016-05-26 14:29:48 -04:00
Neil Lalonde
0101528821 PERF: update_user_counts is too slow during imports 2016-05-17 13:22:32 -04:00
Neil Lalonde
3deda3ca39 skip auto-close during import 2016-05-17 11:16:51 -04:00
Neil Lalonde
1625b08c86 FIX: posting my fail because there are no tags 2016-05-06 11:20:17 -04:00
Arpit Jalan
53809d526c FIX: show proper error message when no user selected for private message 2016-05-05 18:47:08 +05:30
Neil Lalonde
e5918c7d00 FEATURE: Merge tagging plugin into core 2016-04-27 11:58:53 -04:00
Régis Hanol
2194ccec6e slightly better automatic flag reason messages 2016-04-25 23:03:17 +02:00
Jeff Atwood
f39186b24a FIX: autoclose topic max replies used wrong constant 2016-04-12 13:42:52 -07:00
Sam
0113fce420 FEATURE: automatically close topics with 10k+ posts
FEATURE: automatically close messages with 2k+ posts

Both configurable via `auto_close_messages_post_count`
and `auto_close_topics_post_count`
2016-04-12 13:29:48 +10:00
Sam Saffron
b0567f9c62 FEATURE: automatically sync "move to inbox" / "archive" state on messages 2016-02-07 23:39:07 +11:00
Sam
d0ee32f3ce FIX: correct counts on user summary 2016-01-24 16:39:01 +11:00
Sam
1a27d887fa FIX: if topic did not save do not attempt to skip inbox 2016-01-14 10:38:20 +11:00
Sam
4ec409f705 FEATURE: don't add admins to topic allowed users if already in group 2016-01-12 13:57:45 +11:00
Régis Hanol
cf4cb2126a FIX: word_count wasn't working with non-latin sentences 2016-01-11 11:16:23 +01:00
Sam
03ea0bfe22 FEATURE: allow users to archive messages
Messages are now in 3 buckets

- Inbox for all new messages
- Sent for all sent messages
- Archive for all messages you are done with

You can select messages from your Inbox or Sent and move them to your Archive,
you can move messages out of your Archive similarly

Similar concept applied to group messages, except that archiving and unarchiving
will apply to all group members
2015-12-23 11:09:30 +11:00
Régis Hanol
31a54377be staged users automatically watches all topics they participates in 2015-11-18 22:24:46 +01:00
Sam
606aeb9d55 improvements to importer
- improve perf of test for existing posts
- always use a system guardian when importing posts
- for lithuim importer requery raw (transform is not repeatable)
2015-10-16 10:41:21 +11:00
Régis Hanol
54d6d24cbf FIX: timing issue with edits and cook post processing 2015-09-29 18:51:26 +02:00
Robin Ward
64598ceaba FIX: Replies to whispers *must* be whispers 2015-09-25 11:29:40 -04:00
Robin Ward
79beb9f409 FIX: You could set reply_to_post_number when replying as a new topic 2015-09-22 13:32:19 -04:00
Robin Ward
9f89aefdd3 FIX: Don't update the last poster when a whisper is made 2015-09-22 12:23:37 -04:00
Sam
5f5d055a86 only if \u0000 is included for the perf 2015-08-19 12:32:45 +10:00
Sam
431def1f52 need to dup strings, some may be frozen 2015-08-19 12:32:45 +10:00
Sam
714f841f0a FIX: null bytes in user input should not cause post creation to fail 2015-08-19 12:15:38 +10:00
Régis Hanol
ac8e90674b FIX: be more lenient when creating a post with a username that is no longer valid 2015-08-12 15:54:51 +02:00
Sam
7b8b96446e FEATURE: track statistics around post creation
- how long were people typing?
- how long was composer open?
- how many drafts were created?
- correct, draft saved to go away after you continue typing

store in Post.find(xyz).post_stat
2015-08-03 14:29:15 +10:00