Commit Graph

27022 Commits

Author SHA1 Message Date
Penar Musaraj
fd2dbdccdc
A11Y: Keyboard access for /u table headings (#17041) 2022-06-08 13:54:31 -04:00
Arpit Jalan
4bc2d54685
DEV: include time_left information in rate limiting error messages (#17037) 2022-06-08 14:30:41 +05:30
Blake Erickson
3941bad075
DEV: Remove this chained user scope (#17029)
This reverts one of the changes introduced just now in:

27d7b0c6de

I don't think we need this `activated_not_suspended_not_staged` scope
because we can just compose it ourselves via method chaining like
`User.activated.not_suspended.not_staged`.
2022-06-07 15:21:42 -06:00
Blake Erickson
27d7b0c6de
DEV: Add new user scopes (#17026)
Adds two new user scopes:

- `not_staged`
- `activated_not_suspended_not_staged`

This will allow us to easily grab activated users that are not suspended
or staged.

See this PR feedback:

https://github.com/discourse/discourse-chat/pull/913#discussion_r890692266
2022-06-07 12:58:58 -06:00
Isaac Janzen
de1153286d
DEV: Remove reply_as_new_topic from PM composer actions (#17023) 2022-06-07 11:06:42 -05:00
Penar Musaraj
86ab82f057
UX: Remove limit for emoji search in composer (#17014) 2022-06-07 12:00:52 -04:00
Penar Musaraj
4be67ef9a7
UX: Larger images in mobile emoji picker (#17013) 2022-06-07 12:00:09 -04:00
David Taylor
5238f6788c
FEATURE: Allow hotlinked media to be blocked (#16940)
This commit introduces a new site setting: `block_hotlinked_media`. When enabled, all attempts to hotlink media (images, videos, and audio) will fail, and be replaced with a linked placeholder. Exceptions to the rule can be added via `block_hotlinked_media_exceptions`.

`download_remote_image_to_local` can be used alongside this feature. In that case, hotlinked images will be blocked immediately when the post is created, but will then be replaced with the downloaded version a few seconds later.

This implementation is purely server-side, and does not impact the composer preview.

Technically, there are two stages to this feature:

1. `PrettyText.sanitize_hotlinked_media` is called during `PrettyText.cook`, and whenever new images are introduced by Onebox. It will iterate over all src/srcset attributes in the post HTML and check if they're allowed. If not, the attributes will be removed and replaced with a `data-blocked-hotlinked-src(set)` attribute

2. In the `CookedPostProcessor`, we iterate over all `data-blocked-hotlinked-src(set)` attributes and check whether we have a downloaded version of the media. If yes, we update the src to use the downloaded version. If not, the entire media element is replaced with a placeholder. The placeholder is labelled 'external media', and is a link to the offsite media.
2022-06-07 15:23:04 +01:00
Joe
98671445a7
UX: hide select-kits when the parent element is outside the viewport
If the select-kit header is not in the viewport (scrolled out of view), popper adds a data-popper-reference-hidden attribute.

This PR adds the recommended styles to "hide" the select-kit body when that happens. See

https://popper.js.org/docs/v2/modifiers/hide/
2022-06-07 16:57:10 +08:00
Alan Guo Xiang Tan
7da074d591
DEV: Implement "My Posts" section link for experimental sidebar (#17008) 2022-06-07 10:52:54 +08:00
Isaac Janzen
49415de3fa
DEV: Remove reply_as_private_message from composer (#16979)
* Remove 'New Message' option from composer dropdown
* Update Acceptance Tests
2022-06-06 15:10:34 -05:00
Blake Erickson
35e17ce115
FIX: Email Send post has already been taken error (#16992)
* FIX: Email Send post has already been taken error

Adding a failing test first before coming up with a good solution.

Related: 357011eb3b

The above commit changed

```
PostReplyKey.find_or_create_by_safe!
```

to

```
PostReplyKey.create_or_find_by!
```

But I don't think it is working as a 1-1 replacement because of the
`Validation failed: Post has already been taken` error we are receiving
with this change. Also we need to make sure we don't re-introduce any
concurrency issues.

Reported: https://meta.discourse.org/t/224706/13

* Remove rails unique constraint and rely on db index

I believe this is what is causing `create_or_find_by!` to fail. Because
we have a unique constraint in the db I think we can remove this rails
unique constraint?

* clean up spec wording
2022-06-06 13:13:26 -06:00
Jarek Radosz
79f5a7750c
DEV: Remove unused wizard code (#17016)
`theme-preview` component and `colorsId`/`fontId` usage.
2022-06-06 21:01:47 +02:00
Jarek Radosz
54e42b124a
FIX: Restore automatic style preview in wizard (#17015)
Updating the homepage/style preview regressed in #16994.
2022-06-06 21:01:34 +02:00
Joe
5109ea0cf1
UX: don't tether popper to the viewport if reference is out of the viewport (#17012)
followup to 

https://github.com/discourse/discourse/pull/16504

Internal

`/t/64811`

public

`/t/228953`
2022-06-06 22:20:29 +08:00
Penar Musaraj
370df7ccb4
DEV: Dejquerify marking FAQ as read (#17001) 2022-06-06 08:27:10 -04:00
Penar Musaraj
210d9c2b8f
DEV: De-jQuerify is-element-in-viewport (#17000) 2022-06-06 08:26:49 -04:00
Jarek Radosz
0a2eb7e2f4
DEV: Add choices only to relevant wizard fields (#16993) 2022-06-06 15:22:44 +08:00
Alan Guo Xiang Tan
9f08a3b160
FIX: DiscourseConnect login did not auto approve based on email domain (#17006)
This commit resolves a bug where users are not auto approved based on
`SiteSetting.auto_approve_email_domains` when
`SiteSetting.must_approve_users` has been enabled.
2022-06-06 15:16:01 +08:00
Joffrey JAFFEUX
42683d4874
FIX: ensures composer is not pre-filled with none/all tags (#16998) 2022-06-05 16:58:38 +02:00
Jarek Radosz
8a58ce6578
DEV: Use @action decorator in wizard (#16996) 2022-06-04 19:19:49 +02:00
Jarek Radosz
f4b9d4e285
FIX: Don't throw errors on wizard dropdowns (#16994) 2022-06-04 18:04:00 +02:00
Joffrey JAFFEUX
17227e9e53
DEV: under specific conditions (like tests) presenceState can be null (#16990) 2022-06-03 20:59:30 +02:00
Isaac Janzen
f8d2da2fa0
DEV: Remove jquery from invite-panel (#16989) 2022-06-03 11:30:44 -05:00
Alan Guo Xiang Tan
3b3f60218e
DEV: Display new/unread count for tracked link in sidebar (#16957) 2022-06-03 15:48:35 +08:00
Alan Guo Xiang Tan
0fa0094531
FIX: Approves user when redeeming an invite for invites only sites (#16984)
When a site has `SiteSetting.invite_only` enabled, we create a
`ReviewableUser`record when activating a user if the user is not
approved. Therefore, we need to approve the user when redeeming an
invite.

There are some uncertainties surrounding why a `ReviewableRecord` is
created for a user in an invites only site but this commit does not seek
to address that.

Follow-up to 7c4e2d33fa
2022-06-03 11:43:52 +08:00
Martin Brennan
f94682e2c4
FIX: Do not use SVGs for twitter:image metadata (#16973)
Twitter does not allow SVGs to be used for twitter:image
metadata (see https://developer.twitter.com/en/docs/twitter-for-websites/cards/overview/markup)
so we should fall back to the site logo if the image option
provided to `crawlable_meta_data` or SiteSetting.site_twitter_summary_large_image_url
is an SVG, and do not add the meta tag for twitter:image at all
if the site logo is an SVG.
2022-06-03 09:02:57 +10:00
Isaac Janzen
f5e4df1b0e
DEV: Remove jquery from themes list (#16980) 2022-06-02 16:01:24 -05:00
Isaac Janzen
91f00ecf5a
DEV: Remove jquery from group list (#16981) 2022-06-02 16:01:07 -05:00
Vinoth Kannan
951b3016a4
FIX: keep composer draft when go back and forth between PM and New Topic. (#16978)
Previously, draft get destroyed accidentally when we switch to PM with the below steps
1. Click “New Topic”
2. Type in the body
3. Switch to “New Message”
4. Click “cancel”
2022-06-02 23:36:34 +05:30
Kris
8e75f8c371
DEV: quick-access-panel setting for viewAllLabel (#16977) 2022-06-02 10:13:41 -04:00
Gerhard Schlager
7c4e2d33fa
SECURITY: Remove auto approval when redeeming an invite (#16974)
This security fix affects sites which have `SiteSetting.must_approve_users`
enabled. There are intentional and unintentional cases where invited
users can be auto approved and are deemed to have skipped the staff approval process.
Instead of trying to reason about when auto-approval should happen, we have decided that
enabling the `must_approve_users` setting going forward will just mean that all new users
must be explicitly approved by a staff user in the review queue. The only case where users are auto
approved is when the `auto_approve_email_domains` site setting is used.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2022-06-02 16:10:48 +02:00
Jeff Wong
2dd09b4b6a
DEV: allow plugins to override max file size for avatar downloads (#16970) 2022-06-01 17:12:06 -07:00
Andrei Prigorshnev
0bbbd8371e
DEV: emoji picker - make it possible to choose picker's placement and add a dedicated class for an anchor (#16969) 2022-06-01 22:24:23 +04:00
Kris
e579e9e61c
DEV: add class name to nav-bar nav items (#16968) 2022-06-01 14:18:47 -04:00
David Taylor
333c58dd05
FIX: Harmonise category body class generation on server/client (#16967)
The server-side implementation had unintentionally changed to include `-{id}` at the end of the body class name. This change meant that the JS client was unaware of the class, and didn't remove it when navigating away from the category page.

This commit fixes the server-side implementation to match the client
2022-06-01 18:18:20 +01:00
Johannes Faigle
7a223331d1
FIX: Show suspended by user (#16927)
- Show "suspended by" user
- Add specs for silence user
2022-06-01 14:54:23 +02:00
Vinoth Kannan
cd0f912159
FIX: Make f query param sticky when navigating between nav items (#16714)
Also, hides categories navigation link when f query param is present.
2022-06-01 16:13:15 +08:00
Alan Guo Xiang Tan
1e9f132b15
FIX: Topic list nav items count not respecting tracked filter. (#16935)
This commit seeks to only handle the `f=tracked` and `filter=tracked`
query params for a topic list. There are other "hidden" filters for a
topic list which can be activated by passing the right query param to
the request. However, they are hidden because there is no way to
activate those filters via the UI. We are handling the `f=tracked`
filter because we will soon be adding a link that allows a user to
quickly view their tracked topics.
2022-06-01 14:54:42 +08:00
Jean
098bea19de
FIX: change event target on select kit row (#16960) 2022-06-01 14:49:04 +08:00
Sam
7b4e338c0e
FIX: fallback to default push notification icon if none exists (#16961)
Due to some changes we started notifying via push notifications on other
families of notifications. There are a total of about 30 or so possible
notification you could get, some can be pushed.

This fallback means that if for any reason we are unable to find an icon
for a push notification we just fallback to the Discourse logo.

Also go with a simple reply icon for watching first post.

Note, that in production `image_url` can return an exception if an image is
missing. This is not the case in test / development.
2022-06-01 12:00:05 +10:00
Sam
bc8f651501
FIX: do not looks for plugin test js in production (#16962)
Previous to this fix, in production we were getting 500 errors from
bootstrap.json cause script_asset_path can not find plugin-tests

Opted for the simplest fix that is omitting the files in production
2022-06-01 10:49:53 +10:00
Jean
9ac85d6163
DEV: add request data to the before_session_destroy event (#16905) 2022-05-31 18:18:56 -04:00
Jarek Radosz
4f423fa548
PERF: Improve to-markdown speed, update the code (#16939)
## `to-markdown` function performance improvement

### Small example

```html
<span>test</span>
```

Before: 63 `Tag` objects created; 4,090 ops/sec ±2.77%
After: 1 `Tag` object created; 151,707 ops/sec ±2.64%

### Large example

```html
<div>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>
  <p>lorem <b>ipsum</b></p>

  <aside class="quote no-group">
    <blockquote>
      <aside class="quote no-group">
        <blockquote>
          <p dir="ltr">test</p>
        </blockquote>
      </aside>
      <p dir="ltr">test2</p>
    </blockquote>
  </aside>

  <div>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
    <p><span>test</span> <span>test</span> <span>test</span></p>
  </div>
</div>
```

Before: 2394 `Tag` objects created; 179 ops/sec ±2.35%
After: 38 `Tag` objects created; 4,346 ops/sec ±2.62%

### Note

discourse-spoiler-alert ~~needs~~ (needed) to be updated as it modifies to-markdown code.

### Included commits

* DEV: Minor code transforms
* PERF: Don't create unnecessary Tag instances
* DEV: Remove a now obsolete constructor argument
* DEV: Rename constant
* DEV: Use built-in functions, string interpolation
* DEV: De-jQuerify
2022-05-31 13:17:08 +02:00
Jarek Radosz
711cd7c85d
DEV: Add to-markdown decorator functions (#16943)
To be used in discourse-spoiler-alert
2022-05-31 11:06:41 +02:00
Chapoi
69bab5e5a0
UX: update chat menu popover styling (#16955) 2022-05-31 09:51:50 +02:00
Sam
020c77440e
FEATURE: allow for overlapping DiscourseConnect secrets per domain (#16915)
Previously we limited Discourse Connect provider to 1 secret per domain.

This made it pretty awkward to cycle secrets in environments where config
takes time to propagate

This change allows for the same domain to have multiple secrets

Also fixes internal implementation on DiscourseConnectProvider which was
not thread safe as it leaned on class variables to ferry data around

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
2022-05-31 15:24:04 +10:00
Alan Guo Xiang Tan
30bd1dcefd
DEV: More efficiently trigger topic tracking state on state change (#16952)
* When loading topics in bulk, only trigger state change callbacks after
all the topics have been loaded and we determine that state has actually
changed.

* State change callbacks are also only triggered when state has changed.

The use of JSON.stringify might raise some performance concerns here as this is a
performance sensitive codepath. However, I measured the time for each
`_setState` function call locally, by wrapping the function call with
`performance.now()`, and did not see any significant overhead.
2022-05-31 10:20:55 +08:00
Andrei Prigorshnev
c5c9b2eced
DEV: do not trigger the user-status:changed event twice (#16954) 2022-05-30 19:23:21 +04:00
Andrei Prigorshnev
943cae82da
FEATURE: propagate user status via message bus (#16944) 2022-05-30 13:41:53 +04:00