Commit Graph

43113 Commits

Author SHA1 Message Date
Andrei Prigorshnev
b609f6c11c
FIX: restrict other user's notification routes (#14442)
It was possible to see notifications of other users using routes:
- notifications/responses
- notifications/likes-received
- notifications/mentions
- notifications/edits

We weren't showing anything private (like notifications about private messages), only things that're publicly available in other places. But anyway, it feels strange that it's possible to look at notifications of someone else. Additionally, there is a risk that we can unintentionally leak something on these pages in the future.

This commit restricts these routes.
2021-09-29 16:24:28 +04:00
Joffrey JAFFEUX
2d4b9595e8
DEV: uses standard browser_start_timeout (#14472) 2021-09-29 13:25:34 +02:00
Andrei Prigorshnev
31970bd6fc
DEV: little cleanup in the notifications-index component (#14464)
- There's no need to pass `filter` to `user-notifications-large`. The component doesn't use it.
- Rename css class to avoid confusion (this div has nothing to-do with the Select Kit)
- Remove duplicated declarations in test fixtures
2021-09-29 15:24:55 +04:00
Joffrey JAFFEUX
fc432a9cab
FIX: incorrect interpolation was limiting to 1 dispatch / component (#14470) 2021-09-29 11:14:53 +02:00
Alan Guo Xiang Tan
a1745e05ae
FIX: Do not publish post for PM topic tracking if not new for user. (#14469) 2021-09-29 13:54:24 +08:00
Alan Guo Xiang Tan
9998090e5b
UX: Don't display group messages link for group with no messages. (#14453) 2021-09-29 10:18:56 +08:00
dependabot[bot]
7bc0700930
Build(deps): Bump rubocop-ast from 1.11.0 to 1.12.0 (#14467)
Bumps [rubocop-ast](https://github.com/rubocop/rubocop-ast) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/rubocop/rubocop-ast/releases)
- [Changelog](https://github.com/rubocop/rubocop-ast/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop/rubocop-ast/compare/v1.11.0...v1.12.0)

---
updated-dependencies:
- dependency-name: rubocop-ast
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-29 09:47:43 +08:00
Gerhard Schlager
a4d0d866aa
DEV: Bulk imports should find existing users by email (#14468)
Without this change, bulk imports unconditionally create new user records even when a user with the same email address exists.
2021-09-29 00:20:06 +02:00
Penar Musaraj
574cb28b0e
DEV: Sort styleguide icons alphabetically and fix render on refresh (#14463)
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-09-28 14:09:15 -04:00
David Taylor
b7fc576a8c
DEV: Increase chrome JS memory limit in CI (#14446) 2021-09-28 16:36:01 +01:00
David Taylor
4fa296c3ec
DEV: Print usedJSHeapSize to the console after QUnit run (#14462)
This is `console.log`'d to the browser console. run-qunit will print this to stdout. testem will not, so a custom reporter is implemented to print this message.

The `--enable-precise-memory-info` is added so that chrome provides high-resolution memory information. This API is not supported by firefox. The logic will degrade gracefully.
2021-09-28 16:32:56 +01:00
Joffrey JAFFEUX
4dc14e3a3f
DEV: prevents route nodes to leak on each test run (#14457)
Note this commit is also adding support for teardown in pre-initializers just like we have for initializers.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2021-09-28 17:08:05 +02:00
Discourse Translator Bot
a0cb340eef
Update translations (#14460) 2021-09-28 16:44:23 +02:00
Penar Musaraj
b0b87efb83
UX: Show scrollbar only when needed in dropdowns (#14461)
Avoids showing a disabled scrollbar when not necessary.
2021-09-28 10:36:16 -04:00
David Taylor
89cc910303
DEV: Use isLegacyEmber helper in setup-tests (#14458)
We were using multiple methods to check which environment we're running in. This commit switches us to use the isLegacyEmber helper consistently. This should be a no-op, but makes the code much easier to read
2021-09-28 14:30:55 +01:00
David Taylor
7fa2eb52f7
DEV: Destroy application instance after each test (#14455)
Under Ember CLI, we create a new application instance for each test. We were not correctly destroying it after the test, causing many references to be maintaned (e.g. at the end of a test run, `Ember.Namespace.NAMESPACES` would have an entry for each application instance).

Calling `destroy` on the application instance tidies up these references, and is one step towards fixing our test memory leak problem. Unfortunately there still seem to be other references being held to the application, so this commit is not a total fix.
2021-09-28 11:37:40 +01:00
Alan Guo Xiang Tan
9d5da2b383
PERF: Revert all inboxes from messages route. (#14445)
The all inboxes was introduced in
016efeadf6 but we decided to roll it back
for performance reasons. The main performance challenge here is that PG
has to basically loop through all the PMs that a user is allowed to view
before being able to order by `Topic#bumped_at`. The all inboxes was not
planned as part of the new/unread filter so we've decided not to tackle
the performance issue for the upcoming release.

Follow-up to 016efeadf6
2021-09-28 11:58:04 +08:00
Yasuo Honda
d06d09f479
Fix: Support Ruby 3 keyword arguments for DiscourseRedis (#14444) 2021-09-28 10:11:18 +08:00
Alan Guo Xiang Tan
cd64e88711
PERF: Improve database query perf when loading topics for a category. (#14416)
* PERF: Improve database query perf when loading topics for a category.

Instead of left joining the `topics` table against `categories` by filtering with `categories.id`,
we can improve the query plan by filtering against `topics.category_id`
first before joining which helps to reduce the number of rows in the
topics table that has to be joined against the other tables and also
make better use of our existing index.

The following is a before and after of the query plan for a category
with many subcategories.

Before:

```
                                                                                                       QUERY PLAN

-------------------------------------------------------------------------------------------------------------------------------------
-----------------------------------------------------------------------------------
 Limit  (cost=1.28..747.09 rows=30 width=12) (actual time=85.502..2453.727 rows=30 loops=1)
   ->  Nested Loop Left Join  (cost=1.28..566518.36 rows=22788 width=12) (actual time=85.501..2453.722 rows=30 loops=1)
         Join Filter: (category_users.category_id = topics.category_id)
         Filter: ((topics.category_id = 11) OR (COALESCE(category_users.notification_level, 1) <> 0) OR (tu.notification_level > 1))
         ->  Nested Loop Left Join  (cost=1.00..566001.58 rows=22866 width=20) (actual time=85.494..2453.702 rows=30 loops=1)
               Filter: ((COALESCE(tu.notification_level, 1) > 0) AND ((topics.category_id <> 11) OR (topics.pinned_at IS NULL) OR ((t
opics.pinned_at <= tu.cleared_pinned_at) AND (tu.cleared_pinned_at IS NOT NULL))))
               Rows Removed by Filter: 1
               ->  Nested Loop  (cost=0.57..528561.75 rows=68606 width=24) (actual time=85.472..2453.562 rows=31 loops=1)
                     Join Filter: ((topics.category_id = categories.id) AND ((categories.topic_id <> topics.id) OR (categories.id = 1
1)))
                     Rows Removed by Join Filter: 13938306
                     ->  Index Scan using index_topics_on_bumped_at on topics  (cost=0.42..100480.05 rows=715549 width=24) (actual ti
me=0.010..633.015 rows=464623 loops=1)
                           Filter: ((deleted_at IS NULL) AND ((archetype)::text <> 'private_message'::text))
                           Rows Removed by Filter: 105321
                     ->  Materialize  (cost=0.14..36.04 rows=30 width=8) (actual time=0.000..0.002 rows=30 loops=464623)
                           ->  Index Scan using categories_pkey on categories  (cost=0.14..35.89 rows=30 width=8) (actual time=0.006.
.0.040 rows=30 loops=1)
                                 Index Cond: (id = ANY ('{11,53,57,55,54,56,112,94,107,115,116,117,97,95,102,103,101,105,99,114,106,1
13,104,98,100,96,108,109,110,111}'::integer[]))
               ->  Index Scan using index_topic_users_on_topic_id_and_user_id on topic_users tu  (cost=0.43..0.53 rows=1 width=16) (a
ctual time=0.004..0.004 rows=0 loops=31)
                     Index Cond: ((topic_id = topics.id) AND (user_id = 1103877))
         ->  Materialize  (cost=0.28..2.30 rows=1 width=8) (actual time=0.000..0.000 rows=0 loops=30)
               ->  Index Scan using index_category_users_on_user_id_and_last_seen_at on category_users  (cost=0.28..2.29 rows=1 width
=8) (actual time=0.004..0.004 rows=0 loops=1)
                     Index Cond: (user_id = 1103877)
 Planning Time: 1.359 ms
 Execution Time: 2453.765 ms
(23 rows)
```

After:

```
                                                                                                                            QUERY PLAN
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 Limit  (cost=1.28..438.55 rows=30 width=12) (actual time=38.297..657.215 rows=30 loops=1)
   ->  Nested Loop Left Join  (cost=1.28..195944.68 rows=13443 width=12) (actual time=38.296..657.211 rows=30 loops=1)
         Filter: ((categories.topic_id <> topics.id) OR (topics.category_id = 11))
         Rows Removed by Filter: 29
         ->  Nested Loop Left Join  (cost=1.13..193462.59 rows=13443 width=16) (actual time=38.289..657.092 rows=59 loops=1)
               Join Filter: (category_users.category_id = topics.category_id)
               Filter: ((topics.category_id = 11) OR (COALESCE(category_users.notification_level, 1) <> 0) OR (tu.notification_level > 1))
               ->  Nested Loop Left Join  (cost=0.85..193156.79 rows=13489 width=20) (actual time=38.282..657.059 rows=59 loops=1)
                     Filter: ((COALESCE(tu.notification_level, 1) > 0) AND ((topics.category_id <> 11) OR (topics.pinned_at IS NULL) OR ((topics.pinned_at <= tu.cleared_pinned_at) AND (tu.cleared_pinned_at IS NOT NULL))))
                     Rows Removed by Filter: 1
                     ->  Index Scan using index_topics_on_bumped_at on topics  (cost=0.42..134521.06 rows=40470 width=24) (actual time=38.267..656.850 rows=60 loops=1)
                           Filter: ((deleted_at IS NULL) AND ((archetype)::text <> 'private_message'::text) AND (category_id = ANY ('{11,53,57,55,54,56,112,94,107,115,116,117,97,95,102,103,101,105,99,114,106,113,104,98,100,96,108,109,110,111}'::integer[])))
                           Rows Removed by Filter: 569895
                     ->  Index Scan using index_topic_users_on_topic_id_and_user_id on topic_users tu  (cost=0.43..1.43 rows=1 width=16) (actual time=0.003..0.003 rows=0 loops=60)
                           Index Cond: ((topic_id = topics.id) AND (user_id = 1103877))
               ->  Materialize  (cost=0.28..2.30 rows=1 width=8) (actual time=0.000..0.000 rows=0 loops=59)
                     ->  Index Scan using index_category_users_on_user_id_and_last_seen_at on category_users  (cost=0.28..2.29 rows=1 width=8) (actual time=0.004..0.004 rows=0 loops=1)
                           Index Cond: (user_id = 1103877)
         ->  Index Scan using categories_pkey on categories  (cost=0.14..0.17 rows=1 width=8) (actual time=0.001..0.001 rows=1 loops=59)
               Index Cond: (id = topics.category_id)
 Planning Time: 1.633 ms
 Execution Time: 657.255 ms
(22 rows)
```

* PERF: Optimize index on topics bumped_at.

Replace `index_topics_on_bumped_at` index with a partial index on `Topic#bumped_at` filtered by archetype since there is already another index that covers private topics.
2021-09-28 10:05:00 +08:00
tshenry
ba17d9106e
DEV: Make discourse-reactions official and sort existing plugin list (#14452) 2021-09-28 09:44:10 +08:00
dependabot[bot]
5e4d507516
Build(deps): Bump nokogiri from 1.12.4 to 1.12.5 (#14451)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.12.4 to 1.12.5.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.12.4...v1.12.5)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-28 09:41:51 +08:00
Penar Musaraj
0b69675060
UX: Adjust mobile spacing for full page search (#14450) 2021-09-27 18:03:56 -04:00
Mark VanLandingham
ba49eaccfe
DEV: Plugin API to add to document title count (#14449) 2021-09-27 13:18:49 -05:00
Rafael dos Santos Silva
1c73b97d50
FIX: Workaround Safari 15 createImageBitmap bug (#14448) 2021-09-27 15:02:17 -03:00
Joffrey JAFFEUX
6273dfad4b
REFACTOR: minor changes to api-keys-new (#14435)
- moves loading scopes to controller
- avoids declaring array
- simplify code
2021-09-27 10:43:47 +02:00
Joffrey JAFFEUX
1abe807528
REFACTOR: setting component mixin (#14437)
* REFACTOR: setting component mixing

- drops jquery usage
- extract spit function
- uses @action
- removes get usage where possible
- uses helpers
- minor changes

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-09-27 10:43:26 +02:00
Jarek Radosz
37413f180a
FIX: Do not display userColorSchemeId in the UI (#14441)
A followup to #14066. The previous fix worked correctly only if the user had the default theme active.
2021-09-24 22:50:10 +02:00
Penar Musaraj
01e50f325d
A11Y: Use shorter label for hamburger menu (#14439) 2021-09-24 14:22:40 -04:00
Kris
d19a64fffe
DEV: Tag topic list needs discovery outlets (#14438) 2021-09-24 13:39:07 -04:00
Penar Musaraj
9235e2ad5d
A11Y: Fix several minor issues (#14436) 2021-09-24 11:52:07 -04:00
Bianca Nenciu
1f57b29147
SECURITY: Escape watched word in error message (#14434) 2021-09-24 11:55:15 +03:00
Kris
e5754dedf4
DEV: Adding plugin outlets to avoid overrides (#14433) 2021-09-23 21:52:33 -04:00
Penar Musaraj
8cef6dabb5
A11Y: Add labels to some search fields, category notification selector (#14430) 2021-09-23 14:52:34 -04:00
Penar Musaraj
8a250a1eac
UX: Ensure sticky elements don't overflow header (#14432) 2021-09-23 14:51:06 -04:00
Jean
fd0e287da6
FIX: make update banner always available on the categories view (#14431) 2021-09-23 13:10:05 -04:00
Penar Musaraj
8115e5ef76
UX: Better placement for bulk select actions button (#14419) 2021-09-23 10:50:10 -04:00
Joffrey JAFFEUX
456189795a
FIX: more robust tabindex restriction on preview (#14425) 2021-09-23 16:27:51 +02:00
Joffrey JAFFEUX
372479bada
UX: move fast edit before sharing (#14429)
As sharing has some hover behavior, it was looking slightly clunky with fast edit changing position. Putting sharing at the last position will reduce this effect.
2021-09-23 09:56:00 -04:00
David Taylor
688e03fc42
FIX: Ensure subcategory list is hidden when not required (#14424)
When the loading spinner is removed (e.g. via the loading-slider component), the subcategory list view will persist, even when no longer required. This is because we were conditionally rendering the list into the `header-list-container` outlet. When the condition was false, we were doing nothing. Instead, we should use `disconectOutlet` to make sure the content is removed from the DOM.
2021-09-23 12:18:24 +01:00
Martin Brennan
ec087027b3
DEV: Disable upload instrumentation if performance.measure returns undefined (#14427)
Firefox does not return a PerformanceMeasure object when using
performance.mark and performance.measure, even though MDN says it
should https://developer.mozilla.org/en-US/docs/Web/API/Performance/measure#return_value

So for now, we disable the upload instrumentation with a test
to see if a PerformanceMeasure (or anything really) is returned.
2021-09-23 11:34:51 +10:00
Martin Brennan
57f17854fb
FIX: Do not error _removeDeleteOnOwnerReplyBookmarks on navigate (#14426)
When creating a reply after already navigating out of the
topic (e.g. open the reply composer, go to a different topic,
then create the post), the _removeDeleteOnOwnerReplyBookmarks
function was erroring because it relied on the topic model
being present.

We can skip this function altogether if the topic model is _not_
present, because the PostCreator already takes care of deleting
bookmarks with the on_owner_reply auto_delete_preference. The
_removeDeleteOnOwnerReplyBookmarks function just cleans up the
in-memory post stream and topic model.
2021-09-23 11:18:49 +10:00
Rafael dos Santos Silva
38b8eb5971
FIX: Don't try to boot the ember app on old browsers (#14423) 2021-09-22 16:54:57 -03:00
Penar Musaraj
e8182a133a
DEV: Fix flaky search-full-page test (#14421) 2021-09-22 15:05:00 -04:00
Mark VanLandingham
c9e7b64a64
DEV: Add toolbar button when chat in installed (#14422) 2021-09-22 13:46:06 -05:00
Jarek Radosz
db69b87187
DEV: Fix theme qunit error messages (#14420) 2021-09-22 20:00:19 +02:00
Joffrey JAFFEUX
e28a2735bc
FIX: correctly defines data-attributes used by local-dates (#14418)
This was previously relying on data-* being allowed by other initialisers which could cause bugs if local dates ends up being used in other contexts.
2021-09-22 16:49:45 +02:00
Rafael dos Santos Silva
a4cef67e14
FIX: Feature detect globalThis (#14410)
* FIX: Feature detect globalThis

So browsers without support will receive a warning and browse our JS-less view.
2021-09-22 11:39:41 -03:00
Dan Ungureanu
2e085915cc
FIX: include_ serializer methods must end with ? (#14407)
Otherwise, they are simply dead code and the attribute is visible by
default. These bugs did not expose any sensitive information.
2021-09-22 16:01:25 +03:00
Joffrey JAFFEUX
dd091fbf36
FEATURE: enables fast edit by default (#14417) 2021-09-22 10:15:17 +02:00
Penar Musaraj
c599469e9d
UX: Adjust quote button position on mobile (#14411) 2021-09-22 09:34:29 +02:00