Commit Graph

45106 Commits

Author SHA1 Message Date
Martin Brennan
3f79b1c0f3
DEV: Ignore post_id and for_topic for bookmarks (#16898)
Since fcc2e7ebbf we
no longer use these columns, will delete in a few
months.
2022-05-24 13:52:34 +10:00
dependabot[bot]
e4606bfa1d
Build(deps-dev): Bump parallel_tests from 3.8.1 to 3.10.0 (#16897)
Bumps [parallel_tests](https://github.com/grosser/parallel_tests) from 3.8.1 to 3.10.0.
- [Release notes](https://github.com/grosser/parallel_tests/releases)
- [Changelog](https://github.com/grosser/parallel_tests/blob/master/CHANGELOG.md)
- [Commits](https://github.com/grosser/parallel_tests/compare/v3.8.1...v3.10.0)

---
updated-dependencies:
- dependency-name: parallel_tests
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-24 11:36:18 +08:00
Alan Guo Xiang Tan
6edf101d5f
DEV: Minor improvements to WordWatcher (#16735)
Follow-up to fd1dc91eed
2022-05-24 10:23:54 +08:00
Martin Brennan
1ee973e6e2
DEV: Add save_user_preferences option to BookmarkManager (#16894)
When saving / creating bookmarks, we have code to save
the user's preference of bookmark_auto_delete_preference
to their user_options.

Unfortunately this can cause weirdness when plugins
have code using BookmarkManager to set the auto delete preference for
only a specific bookmark.

This commit introduces a save_user_preferences option (false
by default) so that this user preference is not saved unless
specified by the consumer of BookmarkManager, so plugins will
not have to worry about it.
2022-05-24 11:13:21 +10:00
Michael Fitz-Payne
0553788d3b DEV(cache_critical_dns): improve postgres_healthcheck
The `PG::Connection#ping` method is only reliable for checking if the
given host is accepting connections, and not if the authentication
details are valid.

This extends the healthcheck to confirm that the auth details are
able to both create a connection and execute queries against the
database.

We expect the empty query to return an empty result set, so we can
assert on that. If a failure occurs for any reason, the healthcheck will
return false.
2022-05-24 08:20:10 +10:00
Bianca Nenciu
6c8f491dc3
DEV: Allow plugins to register Onebox handlers (#16870)
This targets only the local Oneboxes and allows plugins to customize
regular or inline Oneboxes for routes inside the site.
2022-05-23 20:02:02 +03:00
Andrei Prigorshnev
28573b504f
UX: align the trash button on the bookmark modal (#16884) 2022-05-23 18:51:01 +04:00
David Taylor
bf6f8299a7 FEATURE: Pull hotlinked images immediately after posting
Previously, with the default `editing_grace_period`, hotlinked images were pulled 5 minutes after a post is created. This delay was added to reduce the chance of automated edits clashing with user edits.

This commit refactors things so that we can pull hotlinked images immediately. URLs are immediately updated in the post's `cooked` HTML. The post's raw markdown is updated later, after the `editing_grace_period`.

This involves a number of behind-the-scenes changes including:

- Schedule Jobs::PullHotlinkedImages immediately after Jobs::ProcessPost. Move scheduling to after the `update_column` call to avoid race conditions

- Move raw changes into a separate job, which is delayed until after the ninja-edit window

- Move disable_if_low_on_disk_space logic into the `pull_hotlinked_images` job

- Move raw-parsing/replacing logic into `InlineUpload` so it can be easily be shared between `UpdateHotlinkedRaw` and `PullUserProfileHotlinkedImages`
2022-05-23 14:28:02 +01:00
David Taylor
0baabafa9d DEV: Map already-downloaded hotlinked images in post_process_cooked
Previously this mapping of **cooked** images was only being run for oneboxes. Now it runs for all images, so we can transform hotlinked images without needing to immediately update `raw`
2022-05-23 14:28:02 +01:00
David Taylor
115fe90bff
DEV: Only demux migration stdout if running concurrently (#16895)
This feature only was only demuxing stdout, not stderr. That means that stdout and stderr output appears out-of-order, and makes debugging migrations very confusing.

In future we may want to add stderr support to the demuxing. But right now, the concurrency variable is hard-coded to 1. Therefore the easiest fix is to bypass the demuxing.
2022-05-23 14:26:13 +01:00
Gerhard Schlager
eef17318c3
FIX: Applying default user options didn't work for boolean flags (#16890)
It also ensures that only human users are updated and replaces usage of `send` with `public_send`. Also, it adds more specs for existing code.
2022-05-23 15:20:51 +02:00
Osama Sayegh
d15867463f
FEATURE: Site setting for blocking onebox of URLs that redirect (#16881)
Meta topic: https://meta.discourse.org/t/prevent-to-linkify-when-there-is-a-redirect/226964/2?u=osama.

This commit adds a new site setting `block_onebox_on_redirect` (default off) for blocking oneboxes (full and inline) of URLs that redirect. Note that an initial http → https redirect is still allowed if the redirect location is identical to the source (minus the scheme of course). For example, if a user includes a link to `http://example.com/page` and the link resolves to `https://example.com/page`, then the link will onebox (assuming it can be oneboxed) even if the setting is enabled. The reason for this is a user may type out a URL (i.e. the URL is short and memorizable) with http and since a lot of sites support TLS with http traffic automatically redirected to https, so we should still allow the URL to onebox.
2022-05-23 13:52:06 +03:00
Martin Brennan
a03ae9b323
DEV: Add bookmark-icon component (#16893)
This component will be useful for chat, and also moves
the definition of the icon for with and without reminders
to the bookmark model as consts, so they can easily be
referenced in other places.
2022-05-23 15:01:44 +10:00
Gerhard Schlager
1e1b85c214
FIX: Site setting changes for boolean should be logged as true/false (#16888)
Previously true/false sometimes was logged as t or f
2022-05-23 11:23:10 +08:00
Gerhard Schlager
049f6e58c8
REFACTOR: Remove duplicate code in SiteSettingsController (#16889) 2022-05-23 11:21:45 +08:00
dependabot[bot]
f365d106e6
Build(deps): Bump oj from 3.13.11 to 3.13.13 (#16891)
Bumps [oj](https://github.com/ohler55/oj) from 3.13.11 to 3.13.13.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.13.11...v3.13.13)

---
updated-dependencies:
- dependency-name: oj
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-23 11:20:56 +08:00
Martin Brennan
faf5b4d3e9
PERF: Speed up secure media and ACL sync rake tasks (#16849)
Incorporates learnings from /t/64227:

* Changes the code to set access control posts in the rake
  task to be an efficient UPDATE SQL query.
  The original version was timing out with 312017 post uploads,
  the new query took ~3s to run.
* Changes the code to mark uploads as secure/not secure in
  the rake task to be an efficient UPDATE SQL query rather than
  using UploadSecurity. This took a very long time previously,
  and now takes only a few seconds.
* Spread out ACL syncing for uploads into jobs with batches of
  100 uploads at a time, so they can be parallelized instead
  of having to wait ~1.25 seconds for each ACL to be changed
  in S3 serially.

One issue that still remains is post rebaking. Doing this serially
is painfully slow. We have a way to do this in sidekiq via PeriodicalUpdates
but this is limited by max_old_rebakes_per_15_minutes. It would
be better to fan this rebaking out into jobs like we did for the
ACL sync, but that should be done in another PR.
2022-05-23 13:14:11 +10:00
Martin Brennan
fcc2e7ebbf
FEATURE: Promote polymorphic bookmarks to default and migrate (#16729)
This commit migrates all bookmarks to be polymorphic (using the
bookmarkable_id and bookmarkable_type) columns. It also deletes
all the old code guarded behind the use_polymorphic_bookmarks setting
and changes that setting to true for all sites and by default for
the sake of plugins.

No data is deleted in the migrations, the old post_id and for_topic
columns for bookmarks will be dropped later on.
2022-05-23 10:07:15 +10:00
Johannes Faigle
bf987af3ca
FEATURE Add reset bump dates bulk action (#16885) 2022-05-22 12:32:55 -04:00
Jordan Vidrine
20d1f90edf
FIX: Refactor placement of plugin outlet & index use (#16874) 2022-05-20 11:03:47 -05:00
David Taylor
a8163a5c0c
DEV: Add comment about UserController#cards route (#16882)
This is unusual because it is not used directly by any core UI. It was added for theme components.
2022-05-20 13:03:00 +01:00
Arpit Jalan
578955dcc9
DEV: allow running plugin tests for server_plugin_outlet (#16883)
This commit allows us to run plugin tests for `server_plugin_outlet`
method.
2022-05-20 17:14:55 +05:30
Osama Sayegh
eddb8891c4
FIX: Clear inline onebox cache when a post is rebaked (#16871)
Meta topic: https://meta.discourse.org/t/prevent-to-linkify-when-there-is-a-redirect/226964/4?u=osama.
2022-05-20 14:09:50 +03:00
dependabot[bot]
1fb8fef3f8
Build(deps): Bump image_size from 3.0.1 to 3.0.2 (#16876)
Bumps [image_size](https://github.com/toy/image_size) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/toy/image_size/releases)
- [Changelog](https://github.com/toy/image_size/blob/master/CHANGELOG.markdown)
- [Commits](https://github.com/toy/image_size/compare/v3.0.1...v3.0.2)

---
updated-dependencies:
- dependency-name: image_size
  dependency-type: indirect
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-20 12:58:01 +02:00
Arpit Jalan
77a8a4bee6
DEV: do not run plugin tests for server_plugin_outlet (#16880) 2022-05-20 14:01:14 +05:30
Arpit Jalan
e8e9754a3c
FIX: pass empty hash for view locals by default (#16879)
DEV: enable plugin tests for server_plugin_outlet
2022-05-20 13:34:43 +05:30
Isaac Janzen
4b63cd3848
DEV: Add test ENV conditional back to server_plugin_outlet (#16878)
Add test ENV conditional back to server_plugin_outlet
2022-05-20 01:16:02 -05:00
Arpit Jalan
defa5a4e94
FEATURE: allow locals to be passed in server_plugin_outlet (#16850) 2022-05-20 10:00:24 +05:30
Gerhard Schlager
0af05c2682
DEV: Compatibility with TruffleRuby (#16864)
Removes thread unsafe lazy initialization.
See https://meta.discourse.org/t/225447

It also removes an unused variable in `FlagSettings`.
2022-05-19 21:56:55 +02:00
David Taylor
166fe3bb34
FIX: Apply 'allowed_href_schemes' to all src/srcset attributes (#16860)
Previously we were only applying the restriction to `a[href]` and `img[src]`. This commit ensures we apply the same logic to all allowlisted media src attributes.
2022-05-19 11:18:30 +01:00
dependabot[bot]
95c85a278e
Build(deps): Bump json from 2.6.1 to 2.6.2 (#16848)
Bumps [json](https://github.com/flori/json) from 2.6.1 to 2.6.2.
- [Release notes](https://github.com/flori/json/releases)
- [Changelog](https://github.com/flori/json/blob/master/CHANGES.md)
- [Commits](https://github.com/flori/json/compare/v2.6.1...v2.6.2)

---
updated-dependencies:
- dependency-name: json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-19 10:56:05 +02:00
dependabot[bot]
f927ac6a01
Build(deps): Bump rubocop-rspec from 2.10.0 to 2.11.1 (#16868)
Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 2.10.0 to 2.11.1.
- [Release notes](https://github.com/rubocop/rubocop-rspec/releases)
- [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-rspec/compare/v2.10.0...v2.11.1)

---
updated-dependencies:
- dependency-name: rubocop-rspec
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-19 10:55:06 +02:00
Chapoi
a6abf8d07a
UX: update hljs-builtin-name colour (#16863) 2022-05-18 16:11:59 -04:00
Gabe Pacuilla
4284ba9c27
FIX(cache_critical_dns): use correct DISCOURSE_DB_USERNAME envvar (#16862) 2022-05-18 13:01:18 -04:00
Bianca Nenciu
4d1c6396c9
FIX: Allow users to select "regular" categories (#16857)
Categories that had a CategoryUser record and the notification level
set to "Normal" were not selectable in any of the "Watched", "Tracked",
"Watching First Post" or "Muted" inputs. This happened because the
category seemed to be already selected in the "Normal" input, but that
does not exist (it is the default value if category is not present in
any of the other inputs).
2022-05-18 17:57:57 +03:00
Loïc Guitaut
aa4b1d9c38 DEV: Use new defaults for ActiveSupport::Digest
Use the `OpenSSL::Digest::SHA256` class for `ActiveSupport::Digest`.
This could lead to cache invalidation.
2022-05-18 16:51:07 +02:00
Penar Musaraj
71c74a262d
FEATURE: Include participants in PN search data (#16855)
This makes it easier to find PMs involving a particular user, for
example by searching for `in:messages thisUser` (previously, that query
would only return results in posts where `thisUser` was in the post body).
2022-05-18 10:34:01 -04:00
Chapoi
96d656f450
UX: update hljs-builtin-name highlight (#16859)
* update hljs-builtin-name highlight

* Move dark-light function to better file
2022-05-18 15:55:40 +02:00
Gabe Pacuilla
9f246e6969
FIX(cache_critical_dns): use discourse database name and user by default (#16856) 2022-05-17 16:09:32 -04:00
Bianca Nenciu
9ea8a4a9af
FIX: Use CSS transition to make room for composer (#16750)
The composer is displayed over the bottom part of the page. To make sure
that no content is covered by the composer, a bottom padding is added
equal to the height of the composer. When the composer is opened or
closed that padding is added after around 300ms because of a debounce.

This commit makes sure that the padding is added as soon as the composer
state changes by using a CSS custom property (variable) and transition
property for a smooth user interface.
2022-05-17 22:44:25 +03:00
Daniel Waterworth
6e53f4d913
DEV: New readonly mode. Only applies to non-staff (#16243) 2022-05-17 13:06:08 -05:00
Bianca Nenciu
985afe1092
FEATURE: Add page title to 404 pages (#16846)
The title had to be added both on the 404 page generated by the server
side, displayed when the user reaches a bad page directly and the 404
page rendered by Ember when a user reaches a missing topic while
navigating the forum.
2022-05-17 18:37:43 +03:00
Loïc Guitaut
0feffa6f88 DEV: Enable Rails 7 cache format version 2022-05-17 17:32:10 +02:00
David Taylor
8bc8dbc134
Revert "DEV: Drop our mail gem fork (#16622)" (#16853)
This reverts commit 0d30c19b7e.

Pending resolution of https://github.com/mikel/mail/issues/1489
2022-05-17 16:11:39 +01:00
Discourse Translator Bot
ddb5d88158
Update translations (#16852) 2022-05-17 16:51:11 +02:00
Rafael dos Santos Silva
5f1c3b4c9f
FIX: acted state in post action like could desync with multiple likes (#16847)
If userA has multiple tab/devices on the same topic, and:

1. userA likes a post in tab1
2. userB likes the same post
3. userA post like `acted` attr would desync in tab2

This fix handles this case and also the reverse one when removing likes
interleaved with other users acting on the same post.

Reported in Meta at https://meta.discourse.org/t/-/227239/3
2022-05-17 10:21:17 -03:00
Meghna
28affa8cba
UX: consistent spacing on group interaction form (#16851) 2022-05-17 18:38:46 +05:30
Loïc Guitaut
73de203843 FIX: Apply 'hide email account' for invites 2022-05-17 09:56:06 +02:00
Penar Musaraj
f31301b6de
UX: Fix status icon size in suggested topics (#16845) 2022-05-16 15:53:40 -04:00
David Taylor
38216f6f0b
DEV: Make user field validation more specific (#16746)
- Only validate if custom_fields are loaded, so that we don't trigger a db query
- Only validate public user fields, not all custom_fields

This commit also reverts the unrelated spec changes in ba148e08, which were required to work around these issues
2022-05-16 14:21:33 +01:00