Commit Graph

41070 Commits

Author SHA1 Message Date
David Taylor
a040f72f96
FIX: Make email_valid handling consistent (#11556)
Previously we were checking truthiness in some places, and `== true` in
others. That can lead to some inconsistent UX where the interface says
the email is valid, but account creation fails.

This commit ensures values are boolean when set, and raises an error for
other value types.

If this safety check is triggered, it means the specific auth provider
needs to be updated to pass booleans.
2021-02-22 12:05:36 +00:00
David Taylor
ef19431e44
DEV: Improve User#email= behavior (#11338)
- Only apply the change after `save` is called on the record
- Automatically remove matching secondary emails
2021-02-22 11:42:37 +00:00
Joffrey JAFFEUX
74d83abcc7
A11Y: gives autocomplete in search a more accessible name (#12164)
s/discourse/discourse-search
2021-02-22 12:11:06 +01:00
Joffrey JAFFEUX
b7dbdec6fb
A11Y: makes other and color, fieldset/legend elements (#12163) 2021-02-22 12:10:51 +01:00
Joffrey JAFFEUX
0b14eb6ab1
A11Y: makes edit username and avatar accessible (#12162)
This commit also adds name as a bindable attribute of link-to
2021-02-22 12:10:44 +01:00
David Taylor
863c7919d7
FIX: Close navigation dropdown when item selected (#12155)
This `if` statement was backwards, such that it was a no-op. This hasn't
caused a problem because clicking an item triggers a page load, which
destroys and recreates the component.

However, we are soon planning to remove the intermediate loading screen,
which means the component will not be removed/recreated.

https://meta.discourse.org/t/177939/202
2021-02-22 10:41:09 +00:00
David Taylor
04c75d417b
UX: Skip github commit avatars for topic/post thumbnails (#12157)
GitHub oneboxes use `.onebox-avatar-inline`, not `.onebox-avatar`
2021-02-22 10:40:40 +00:00
Joffrey JAFFEUX
72258c663b
A11Y: ensures avatar image in site header has alt attribute (#12161) 2021-02-22 11:09:18 +01:00
Jarek Radosz
a60e26e799
DEV: Clean up and refactor CI workflow(s) (#12144)
Includes:

* DEV: Remove external plugin linting (that's covered by CI in their repositories)
* DEV: Move lint stages to a separate workflow (partial de-`if`-ication of workflows)
* DEV: Run CI on `main` branch too
* DEV: Update postgres to 13
* DEV: Update redis to 6.x

Other changes:
* DEV: Remove matrix.os
* DEV: Remove env.BUILD_TYPE
* DEV: Remove env.TARGET
* DEV: Rename `build_types` config option to `build_type`
* DEV: Lowercase `target` and `build_type` names
* DEV: Rename `ci` to `tests`
* DEV: Rename `lint` to `linting`
* DEV: Lower the wizard qunit timeout (30 min -> 10)
* DEV: Ruby version is no longer configurable
* DEV: Run plugin tests only in the `plugins` target
* DEV: Use binstubs where applicable
* DEV: We don't open PRs to `tests-passed`
2021-02-22 10:28:32 +01:00
Kris
47ef83505f
UX: make tag input full width for PMs (#12158) 2021-02-22 16:49:12 +11:00
Roman Rizzi
4e716e9ce5
FIX: Reduce the time_read threshold to one minute. (#12159)
* FIX: Reduce the time_read threshold to one minute.

Five minutes is too much and could fill the queue with false positives.

* Update spec/jobs/enqueue_suspect_users_spec.rb

Co-authored-by: Arpit Jalan <arpit@techapj.com>

Co-authored-by: Arpit Jalan <arpit@techapj.com>
2021-02-20 08:25:32 -03:00
Blake Erickson
dbcda617b3
DEV: Add a CSV importer for restoring deleted users (#12147)
This is an importer I wrote to restore some users that were
accidentally deleted for being purged as old staged users or old
unactivated users.

It reads from CSV files exported from a discourse sql backup.
2021-02-19 13:46:54 -07:00
Neil Lalonde
da8b0818ef
DEV: add classes to sections in category settings (#12150)
Some had them, most didn't.
2021-02-19 15:28:19 -05:00
Rafael dos Santos Silva
5117f0a3e8
FIX: Subfolder replace should only affect URL prefix (#12135)
* FIX: Subfolder replace should only affect URL prefix

Issue was reported in https://meta.discourse.org/t/-/179504

* DEV: Test subfolder handling in get-url when called twice on the same path
2021-02-19 16:06:18 -03:00
David Taylor
b22ea7911c
DEV: Drop old SSO site setting rows from the database (#12148)
These were copied to their new names in 821bb1e8cb
2021-02-19 19:05:49 +00:00
dependabot[bot]
5a22c5fdac
Build(deps): Bump logster from 2.9.5 to 2.9.6 (#12149)
Bumps [logster](https://github.com/discourse/logster) from 2.9.5 to 2.9.6.
- [Release notes](https://github.com/discourse/logster/releases)
- [Changelog](https://github.com/discourse/logster/blob/master/CHANGELOG.md)
- [Commits](https://github.com/discourse/logster/compare/v2.9.5...v2.9.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-19 18:24:58 +00:00
Blake Erickson
ed0e4582a1
DEV: If disabled do not change setting after import (#12142)
When running an import script there are many site settings that are
changed but we reset them back to where they were originally before the
import. However, there are two settings that we don't roll back:

```
purge_unactivated_users_grace_period_days
purge_deleted_uploads_grace_period_days
```

which could have some unintended consequences.

My first question is do we *really* have to change these settings? I'm
not a huge fan of changing someones settings without them really knowing
they were changed.

If we really do have to change these settings here is my proposed PR
where we don't alter the `purge_unactivated_users_grace_period_days` if
it has been disabled.

As I'm writing this another change we could make is that we don't change
either of these site settings if we detect that they aren't set to the
default values.

The drive behind this PR is that there is a discourse instance which
relies on staged users as part of their workflow and this setting was
changed by accident via the import script causing users to be deleted
that shouldn't have been.
2021-02-19 09:33:35 -07:00
Penar Musaraj
5604ce70d4
DEV: More refactoring of SCSS importers (#12143) 2021-02-19 11:22:24 -05:00
Roman Rizzi
95fb363c2a
FEATURE: Use the "time_read" stat to flag users as suspicious. (#12145)
Completing the discobot tutorial gives you ~3m of reading time, so we set the limit at 5m. Additionally, we use an "OR" clause to cover the case when you just scroll through a single topic.
2021-02-19 13:10:19 -03:00
Penar Musaraj
7ee660a017
FIX: Sort admin dashboard new updates by latest (#12146) 2021-02-19 11:03:36 -05:00
Roman Rizzi
aac9e6cb0a
FIX: Don't require a rejection reason if the user is a spammer. (#12141) 2021-02-19 12:57:01 -03:00
Joffrey JAFFEUX
47835ade9a
UX: implements a new tags-intersection-chooser (#12139) 2021-02-19 13:46:02 +01:00
Martin Brennan
11f28e3eb3
FIX: Do not allow bookmarks to use post date in past for reminder (#12138)
See https://meta.discourse.org/t/bookmark-reminder-date-in-post-in-the-past/180128
2021-02-19 13:57:27 +10:00
Sam
58de9e85be
FIX: ensure corrected migration runs (#12137)
Some instances may have ran earier version of the migration. Ensure newer
one runs instead.
2021-02-19 11:48:32 +11:00
Sam
4ef642b300
FIX: optimise MoveNewSinceToTable (#12136)
* FIX: optimise MoveNewSinceToTable

Avoids shuffling all ids around to the app (only use min / max)
Ensure the query for boundaries is ordered by user_id
2021-02-19 11:35:52 +11:00
Kris
c3f6eb17a5
UX: On very short screens switch quick-access-profile to 2-columns (#12120) 2021-02-18 18:47:37 -05:00
Kris
77c8f0c864
UX: Show bullets for some composer lists (#12122) 2021-02-18 18:47:27 -05:00
Jordan Vidrine
de119afec5
UX: Adjust padding on create account modal (#12133)
This commit adds padding to the top and bottom of the form on the create account modal.
2021-02-18 16:03:55 -06:00
Rafael dos Santos Silva
d86cb7d1c3
FIX: Use the S3 CDN for the Group flair (#12130) 2021-02-18 17:24:44 -03:00
Neil Lalonde
180249112f Version bump to v2.7.0.beta4 2021-02-18 14:21:37 -05:00
romanrizzi
7aae498e3e DEV: Clear custom API Key scopes after testing. 2021-02-18 14:21:14 -05:00
Bianca Nenciu
3246c3cc92
DEV: Update mail and use fork (#10639)
Version 2.8 brings some changes to how address fields are handled and
this commits updates that and should also include a fix which handles
encoded attachment filenames.

The fork contains a bugfix to correctly decode mail attachments.
2021-02-18 20:15:02 +02:00
jbrw
447ea3f888
FIX: NewPostManager should respect category_group_moderator settings (#12116)
NewPostManager’s `post_needs_approval_in_its_category` method should allow category group moderators to create topics/reply to topics that where they have appropraite permissions.

(ie, if a user has permission to moderate a post, any posts made by them shouldn’t be sent to moderation)
2021-02-18 13:00:06 -05:00
Penar Musaraj
916e1d85cf
FEATURE: Quick theme installs via query parameters (#12128) 2021-02-18 12:51:44 -05:00
Joffrey JAFFEUX
e175e17ebb
UX: publishes page, on public change, only when page is published (#12123) 2021-02-18 17:34:50 +01:00
Joshua Rosenfeld
b79c06f3b7
Include UI commits when generating release notes. (#12127)
`UX` is the officially supported prefix per https://meta.discourse.org/t/19392, but sometimes `UI` is used instead. We should still include those commits.
2021-02-18 10:53:23 -05:00
Osama Sayegh
69017298e8
FIX: Limit post read time to the max integer value (#12126)
Some users somehow manage to keep a topic open for a very long time that it causes the post read time to exceed the max integer value (2^31 - 1) which causes errors when we try to update the read time in the database to values above the integer limit.

This PR will cap posts read time at 2^31 - 1 to prevent these errors.
2021-02-18 17:48:15 +03:00
Kris
c6a9142dbb
FIX: remove top gradient from signup modal (#12121) 2021-02-18 08:12:28 -06:00
Jordan Vidrine
2aab306665
UX: Remove margin from security key login button (#12115)
This commit removes the right margin from the security key button in the login with security key screen.
2021-02-18 08:12:03 -06:00
Bianca Nenciu
08acf51be0
FEATURE: Use diffhtml to update composer preview (#11237)
Displaying videos, animated GIFs or any kind of rich content in preview
used to refresh on every keystroke, which could cause performance
problems.
2021-02-18 16:07:26 +02:00
Dan Ungureanu
bddf94c0ab
FIX: Delete topic timers far in the future (#12125)
The migration used to fail because the same duration in minutes was out
of the integer range. The '20 years' limit was introduced in e0f0fe5.
2021-02-18 14:18:43 +02:00
David Taylor
13d2a1f82c
SECURITY: Attach DiscourseConnect (SSO) nonce to current session (#12124) 2021-02-18 10:35:10 +00:00
Krzysztof Kotlarek
2f4630742c
FIX: remove unnecessary OR from dismiss service (#12117)
Quick fix after https://github.com/discourse/discourse/pull/12103
2021-02-18 14:55:58 +11:00
Vinoth Kannan
d628c65af0
DEV: add CORS header for all files served from public folder. (#12119)
It's required when we enable cors mod in service worker.
2021-02-18 08:41:13 +05:30
Martin Brennan
e0f0fe5624
FIX: Bump max topic timer duration to 20 years (#12107)
This way it has some sort of cap, even if it seems pretty
high, and we don't have to worry about requests for increasing
it from 2 to 5 to 10 etc.
2021-02-18 11:52:30 +10:00
Krzysztof Kotlarek
7829558c6d
FIX: dismiss new when topic_user exists without last read (#12103)
The bug was mentioned on meta: https://meta.discourse.org/t/pressing-dismiss-new-doesnt-clear-new-topics/179858

Problem is that sometimes the user has TopicUser records with `last_read_post_number` set as NULL. In that case, the topic is still "new" to them and should be dismissed when they click dismiss button.

In addition, I added that condition to post_migration and bumped the number to fix existing records. Migration is written to be idempotent so it will make no harm to already deployed instances.
2021-02-18 10:39:05 +11:00
Kris
c4ff6def8e
UX: change emailLogin to info class when empty (#12105) 2021-02-17 16:28:52 -05:00
Penar Musaraj
4739bdac0a
UX: Adjustments to admin theme editor (#12112) 2021-02-17 13:00:34 -05:00
Roman Rizzi
07cf0f9460
FIX: Allow plugins to correctly extend API key scopes. (#12113)
Adding a scope from a plugin was broken. This commit fixes it and adds a test.

It also documents the instance method and renames the serialized "id" attribute to "scope_id" to avoid a conflict when the scope also has a parameter with the same name.
2021-02-17 14:42:44 -03:00
Arpit Jalan
a174c8b8d4
FIX: hide sso payload behind a button click and log views (#12110) 2021-02-17 21:27:51 +05:30