Commit Graph

29 Commits

Author SHA1 Message Date
Keegan George
5a23a74bbc
DEV: Show confirmation dialog when admins disable 2FA (#29652)
This PR ensures that admins are shown a confirmation dialog when clicking to disable 2FA for a user. The 2FA button is right below the "Grant Badge" button and as such it can easily be clicked accidentally. It's also good practice to ask for confirmation before removing important functionality.
2024-11-07 16:39:42 -08:00
Linca
a1e5796ba1
FEAT: Allow admin delete user's associated accounts (#29018)
This commit introduces a feature that allows an admin to delete a user's
associated account. After deletion, a log will be recorded in staff
actions.

ref=t/136675
2024-09-27 20:08:05 +08:00
Kris
a914d3230b
DEV: remap all core icons for fontawesome 6 upgrade (#28715)
Followup to 7d8974d02f

Co-authored-by: David Taylor <david@taylorhq.com>
2024-09-13 16:50:52 +01:00
Osama Sayegh
35b748e7f4
FIX: Don't show silence button on staff users and display similar users (#28423)
This commit fixes a bug where the silence button is incorrectly displayed on the admin page of a staff user. It's not actually possible to silence a staff user because the backend correctly prevents it, but the frontend isn't checking if the button should be displayed.

Another small bug that this commit fixes is the similar users list not showing up inside the silence/suspend modals due to also a bug in the frontend.

I've also changed the way similar users are loaded so that they're not returned by the `admin/users#show` endpoint anymore and moved them into a new endpoint that the penalize modals (suspend and silence) can call directly to retrieve the list of users. This is done because the similar users list is never shown on the admin user page (`/admin/users/:user_id/:username`); they're only needed when the suspend or silence modals are opened.

Internal topic: t/130014.
2024-08-20 15:27:29 +03:00
Jarek Radosz
11067c73d0
DEV: Use fn+mut instead of action+mut (#26057)
One step closer to removing all `action` helper usage
2024-03-06 18:05:03 +01:00
Martin Brennan
e91d8feab3
Revert "FEATURE: Count only approved flagged posts in user pages (#22799)" (#23962)
This reverts commit 5f0bc4557f.

Through extensive internal discussion we have decided to revert
this change, as it significantly impacted moderation flow for
some Discourse site moderators, especially around "something else"
flags. We need to re-approach how flags are counted holistically,
so to that end this change is being reverted.
2023-10-18 11:38:17 +10:00
Jarek Radosz
1c87bb7fe9
DEV: Update DButton uses (#23333)
1. Use `this.` instead of `{{action}}` where applicable
2. Use `{{fn}}` instead of `@actionParam` where applicable
3. Use non-`@` versions of class/type/tabindex/aria-controls/aria-expanded
4. Remove `btn` class (it's added automatically to all DButtons)
5. Remove `type="button"` (it's the default)
6. Use `concat-class` helper
2023-08-31 11:49:35 +02:00
Kelv
5f0bc4557f
FEATURE: Count only approved flagged posts in user pages (#22799)
FEATURE: Only approved flags for post counters

* Why was this change necessary?
The counters for flagged posts in the user's profile and user index from
the admin view include flags that were rejected, ignored or pending
review. This introduces unnecessary noise. Also the flagged posts
counter in the user's profile includes custom flags which add further
noise to this signal.

* How does it address the problem?

* Modifying User#flags_received_count to return posts with only approved
  standard flags
* Refactoring User#number_of_flagged_posts to alias to
  User#flags_received_count
* Updating the flagged post staff counter hyperlink to navigate to a
  filtered view of that user's approved flagged posts to maintain
  consistency with the counter
* Adding system tests for the profile page to cover the flagged posts
  staff counter
2023-07-31 13:33:10 +08:00
David Taylor
be354e7950
DEV: Update admin controllers to native class syntax (#20674)
This commit was generated using the ember-native-class-codemod along with a handful of manual updates
2023-03-15 09:42:12 +00:00
David Taylor
9e440dca33 DEV: Rename all uses of PluginOutlet @args in core
The `args` argument is now deprecated. This commit uses a codemod (https://github.com/discourse/discourse-ember-codemods/tree/main/transforms/rename-plugin-outlet-args) to automatically rename all uses to `@outletArgs`.
2023-01-31 13:51:25 +00:00
David Taylor
26b5c0472f DEV: Remove use of PluginOutlet @tagName argument in core
The `tagName` argument is now deprecated. This commit uses a codemod (https://github.com/discourse/discourse-ember-codemods/tree/main/transforms/extract-plugin-outlet-tagname) to automatically remove the `@tagName` from all PluginOutlet invocations, and create a matching wrapper element so that the HTML structure is unchanged. We may want to remove some/all of these wrappers entirely in future, but that would be a riskier change which we should tackle on a case-by-case basis.
2023-01-31 12:15:37 +00:00
David Taylor
c8e2e37fa7 DEV: Apply prettier to hbs files 2022-12-28 13:11:12 +00:00
Kris
d6ddb337c8
UX: use solid envelope icon for consistency (#19157) 2022-11-23 08:46:35 +08:00
Peter Wagenet
371bbadb92
No implicit this codemod (#17235)
* Run no-implicit-this codemod for app templates
* Run tagless-ember-components-codemod for plugins
* Turn on no-implicit-this lint
2022-07-05 19:41:31 +02:00
Jarek Radosz
16ea7ab248
DEV: Run angle-brackets codemod (#17286)
Co-authored-by: Peter Wagenet <peter.wagenet@gmail.com>
2022-06-30 12:30:50 +02:00
Isaac Janzen
47d64b7a08
DEV: Remove last instance of {{with}} helper (#16651) 2022-05-05 06:16:34 -05:00
awesomerobot
be4699fc28 add classes to danger buttons on user admin 2022-04-12 09:09:04 +08:00
Jarek Radosz
14778ba52e
DEV: Fix select-kit deprecations (#15080) 2022-04-05 19:01:09 +02:00
David Taylor
c1f74cd92a
DEV: Update default tagName and connectorTagName for plugin outlets (#13685)
This commit should be a no-op for all existing core outlets. Outlets which are introduced by themes/plugins may see a change in behavior, and should follow the steps below if they want to maintain their previous behavior.

`tagName="" connectorTagName=""` is almost always the correct choice for plugin outlets. 40eba8cd introduced a `noTags=true` shortcut which achieved this, and left a comment saying it should be the future default. This commit does exactly that. To avoid any breaking changes for plugins, all existing plugin outlets have been reviewed and adjusted by following this logic:

1) If `noTags=true`, remove the `noTags` parameter, and do not complete any further steps
2) If `tagName` is not specified, set `tagName="span"` (the previous default)
3) If `connectorTagName` is not specified, set `selectorTagName="div"` (the previous default)
4) If `tagName=""`, remove it
5) If `connectorTagName=""`, remove it

The updates were accomplished with the help of a ruby script:

```ruby
def removeAttr(tag, attribute)
  tag = tag.sub /\s#{attribute}="?\w*"? /, " "
  tag = tag.sub /\s#{attribute}="?\w*"?}}/, "}}"
  tag = tag.sub /^\s*#{attribute}="?\w*"?\n/, ""
  tag
end

files = Dir.glob("app/assets/javascripts/**/*.hbs")

puts "Checking #{files.count} files..."
files.each do |f|
  content = File.read(f)

  count = 0
  edits = 0
  content.gsub!(/{{\s*plugin-outlet.*?}}/m) do |match|
    count += 1

    result = match

    noTags = result.include?("noTags=true")
    tagName = result[/tagName="(\w*)"/, 1]
    connectorTagName = result[/connectorTagName="(\w*)"/, 1]

    if noTags
      result = removeAttr(result, "noTags")
    else
      if connectorTagName == ""
        result = removeAttr(result, "connectorTagName")
      elsif connectorTagName.nil?
        result = result.sub(/name="[\w-]+"/) { |m| "#{m} connectorTagName=\"div\"" }
      end

      if tagName == ""
        result = removeAttr(result, "tagName")
      elsif tagName.nil?
        result = result.sub(/name="[\w-]+"/) { |m| "#{m} tagName=\"span\"" }
      end
    end

    edits += 1 if match != result

    result
  end

  puts "#{count} outlets, #{edits} edited -> #{f}"

  File.write(f, content)
end
```
2022-01-06 20:38:17 +00:00
Bianca Nenciu
6a7ea66670
FEATURE: Use second factor for admin confirmation (#14293)
Administrators can use second factor to confirm granting admin access
without using email. The old method of confirmation via email is still
used as a fallback when second factor is unavailable.
2021-09-14 15:19:28 +03:00
Arpit Jalan
419d71abcb
FEATURE: allow admin to delete all posts by a user irrespectively (#14128)
This commit allows admin to delete all posts by a user irrespective of
site settings `delete_user_max_post_age` and `delete_all_posts_max`.
2021-08-25 10:14:22 +05:30
Jean
e7b8e75583
FEATURE: Add post edits count to user activity (#13495) 2021-08-02 10:15:53 -04:00
Kris
f002c58a30
DEV: Buttons were missing btn-default classes (#12991) 2021-05-08 11:45:18 -04:00
Arpit Jalan
a174c8b8d4
FIX: hide sso payload behind a button click and log views (#12110) 2021-02-17 21:27:51 +05:30
David Taylor
821bb1e8cb
FEATURE: Rename 'Discourse SSO' to DiscourseConnect (#11978)
The 'Discourse SSO' protocol is being rebranded to DiscourseConnect. This should help to reduce confusion when 'SSO' is used in the generic sense.

This commit aims to:
- Rename `sso_` site settings. DiscourseConnect specific ones are prefixed `discourse_connect_`. Generic settings are prefixed `auth_`
- Add (server-side-only) backwards compatibility for the old setting names, with deprecation notices
- Copy `site_settings` database records to the new names
- Rename relevant translation keys
- Update relevant translations

This commit does **not** aim to:
- Rename any Ruby classes or methods. This might be done in a future commit
- Change any URLs. This would break existing integrations
- Make any changes to the protocol. This would break existing integrations
- Change any functionality. Further normalization across DiscourseConnect and other auth methods will be done separately

The risks are:
- There is no backwards compatibility for site settings on the client-side. Accessing auth-related site settings in Javascript is fairly rare, and an error on the client side would not be security-critical.
- If a plugin is monkey-patching parts of the auth process, changes to locale keys could cause broken error messages. This should also be unlikely. The old site setting names remain functional, so security-related overrides will remain working.

A follow-up commit will be made with a post-deploy migration to delete the old `site_settings` rows.
2021-02-08 10:04:33 +00:00
Arpit Jalan
00b41437b0
FIX: hide sso email behind a button click and log views (#11186) 2020-11-11 00:42:44 +05:30
Joffrey JAFFEUX
7b34433fc2
REVERT: revert change from action + mut to mut (#10844)
* Revert "FIX: fixes regression where wizard dropdown couldn't update (#10838)"

This reverts commit e3b2fc6074.

* Revert "DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822)"

This reverts commit c0350dc362.
2020-10-06 23:50:05 +02:00
Joffrey JAFFEUX
c0350dc362
DEV: replaces unecessary (action (mut .*)) by (mut .*) (#10822) 2020-10-06 17:17:45 +02:00
Robin Ward
ce3fe2f4c4 REFACTOR: Support bundling our admin section as an ember addon 2020-09-22 15:14:29 -04:00