Commit Graph

36315 Commits

Author SHA1 Message Date
0c6f2892c6 DEV: Add raw PG connection tracing behind an environment variable
This should be useful for debugging connection problems. Warning: this will generate some large files, and will likely impact performance
2020-02-17 16:21:26 +00:00
72b6f908f4 UX: minor tweaks to poll builder UI (#8985) 2020-02-17 11:02:44 -05:00
2e397c78c4 FIX: use separate site attribute for single category "top tags" list.
And use it only in the single category pages.
38dd184a16f38fed1f011eeb39de580a301b8f4e
2020-02-17 21:09:27 +05:30
330d1ae9bc DEV: Correct test names 2020-02-17 11:47:18 -03:00
f1f9648e88 Revert "FIX: sk body should follow wrapper width (#8984)"
This was causing very narrow dropdowns in the composer and notification level dropdowns.

This reverts commit d33aaa0292ec33ffcb6c084d12869e67e98ce8d7.
2020-02-17 13:10:26 +00:00
82b307cd52 FIX: Use correct translation string 2020-02-17 13:49:43 +02:00
d33aaa0292 FIX: sk body should follow wrapper width (#8984) 2020-02-17 10:39:20 +01:00
9feace3388 FIX: prevents error when loading tag groups (#8983) 2020-02-17 10:39:04 +01:00
d827430ea6 FIX: prevents expand post to trigger page routing (#8982) 2020-02-17 10:06:38 +01:00
e8efdd60d4 FIX: Tweak upload security emoji check (#8981)
Further on from my earlier PR #8973 also reject upload as secure if its origin URL contains images/emoji. We still check Emoji.all first to try and be canonical.

This may be a little heavy handed (e.g. if an external URL followed this same path it would be a false positive), but there are a lot of emoji aliases where the actual Emoji url is something, but you can have another image that should not be secure that that thing is an alias for. For example slight_smile.png does not show up in Emoji.all BUT slightly_smiling_face does, and it aliases slight_smile e.g. /images/emoji/twitter/slight_smile.png?v=9 and /images/emoji/twitter/slightly_smiling_face.png?v=9 are equivalent.
2020-02-17 15:11:15 +10:00
9dcc454a07 FIX: Improvements and fixes for update_upload_acl rake task (#8980)
The rake task was broken, because the addition of the
UploadSecurity check returned true/false instead of the
upload ID to determine which uploads to set secure.
Also it was rebaking the posts in the wrong place and
pretty inefficiently at that. Also it was rebaking before
the upload was being changed to secure in the DB.
This also updates the task to set the access_control_post_id
for all uploads. the first post the upload is linked to is used
for the access control. if the upload doesn't get changed to
secure this doesn't affect anything.
Added a spec for the rake task to cover common cases.
2020-02-17 14:21:43 +10:00
dac923379a FIX: Never mark uploads based on regular emoji secure (#8973)
Sometimes PullHotlinkedImages pulls down a site emoji and creates a new upload record for it. In the cases where these happen the upload is not created via the normal path that custom emoji follows, so we need to check in UploadSecurity whether the origin of the upload is based on a regular site emoji. If it is we never want to mark it as secure (we don't want emoji not accessible from other posts because of secure media).

This only became apparent because the uploads:ensure_correct_acl rake task uses UploadSecurity to check whether an upload should be secure, which would have marked a whole bunch of regular-old-emojis as secure.
2020-02-17 12:30:47 +10:00
3b062f79fc FIX: invalid syntax in elsif in Theme importer
elsif had a check that assigned to vars, this is not valid syntax and
could explode at runtime
2020-02-16 20:37:54 +11:00
28d61cb0d7 Revert "Build(deps): Bump oauth2 from 1.4.2 to 1.4.4 (#8952)"
This reverts commit c7544880b69cc029e3583441458fafb16a7588f2.

Plugins depend on specific version so this upgrade is in fact
not safe
2020-02-16 10:45:06 +11:00
c7544880b6 Build(deps): Bump oauth2 from 1.4.2 to 1.4.4 (#8952)
Bumps [oauth2](https://github.com/oauth-xx/oauth2) from 1.4.2 to 1.4.4.
- [Release notes](https://github.com/oauth-xx/oauth2/releases)
- [Changelog](https://github.com/oauth-xx/oauth2/blob/master/CHANGELOG.md)
- [Commits](https://github.com/oauth-xx/oauth2/compare/v1.4.2...v1.4.4)

Change should be safe mainly cosmetic
2020-02-16 10:38:56 +11:00
cd5b7109d0 UX: Cap height of user fields on mobile user-cards, add line-clamp mixin 2020-02-14 16:19:11 -05:00
f81bebf93f UX: Cap staff action detail height 2020-02-14 14:23:31 -05:00
103af2dcce FIX: Toolbar menu specificity 2020-02-14 13:44:38 -05:00
99305511bc DEV: Remove unused BreakString class (#8942) 2020-02-14 15:32:59 -03:00
92bb7b9269 FIX: Username mentions lost styling 2020-02-14 13:02:56 -05:00
d51107e2c9 FIX: If a group is unmentionable, don't render it as mentionable
Now if a group is visible but unmentionable, users can search for it
when composing by typing with `@`, but it will be rendered without the
grey background color.

It will also no longer pop up a JIT warning saying "You are about to
mention X people" because the group will not be mentioned.
2020-02-14 12:29:56 -05:00
c31039d51f FIX: tag topic counts wrong after adding synonyms
After adding a tag as a synonym of another tag,
both tags will have the wrong topic counts. It's
corrected within 12 hours by the EnsureDbConsistency
job. This fix ensures the topic counts are updated
much sooner.
2020-02-14 12:15:29 -05:00
fadb2b7157 FEATURE: Users cannot reflag recently handled items using the same reason unless the post was edited, or it was reviewed more than 24 hours ago. (#8969) 2020-02-14 13:43:48 -03:00
ea0f20e331 DEV: Concatenate value-list choices array
Followup to 89d9704194c837f027f428fc370247c52e361266
2020-02-14 11:33:17 -05:00
89d9704194 FIX: value-list choices when removing a value
Fixes an issue where choices were broken when removing an item from the value-list component.

Adds test case for this scenario.
2020-02-14 11:21:06 -05:00
dafa354d3d FIX: Confirm draft_key is present on GET
Also adds a test for the `show` action which did not exist
2020-02-14 11:06:12 -05:00
bfdd42c53a FIX: Return a 404 when the draft_key is missing
Previously if `draft_key` was missing you'd get a 500 error in the logs.
2020-02-14 10:48:56 -05:00
aad46a1aba DEV: remove unused 'composer/parse_html' route 2020-02-14 16:15:34 +01:00
b37d2f09ba PERF: Memoize allowed user fields more efficiently (#8968)
Previously we were caching by user_id, but the there are only two possible outcomes. Therefore we only need to cache two values.

This removes another N+1 query when serializing multiple user cards.
2020-02-14 14:47:16 +00:00
2c7d32e783 FIX: prevents everyone group to show as group option for polls (#8957) 2020-02-14 14:11:34 +01:00
ce588006e3 DEV: Update the site title in qunit fixtures (#8959)
This confuses me every time I run qunit tests in the browser. The tab is labelled Meta, but it's not meta! This change has no functional impact on the tests
2020-02-14 11:30:04 +00:00
8eae7d2799 DEV: Improve code readability (#8967)
Follow-up to b0f72ca1 and 8e27fa1b.
2020-02-14 13:05:52 +02:00
7d94de6439 FIX: brings back castInteger as a safer migration path for sk2 (#8966) 2020-02-14 10:00:39 +01:00
09edde8ef7 DEV: Add test (#8961)
Follow-up to 67c9940d72faafa2fec7e327018249ef5a005f15.
2020-02-14 10:19:57 +02:00
9aeb9f0ca1 DEV: Add test (#8960)
Follow-up to 3ad07aacfaab57aa458b43c3896ccb805bb26722.
2020-02-14 10:19:40 +02:00
e90f9e5cc4 FIX: when unread reply notification exists don't create new (#8921)
* FIX: when unread reply notification exists don't create new

From time to time, the user is creating a reply post and then they want to add additional details. They edit an existing post and for example, add a quote from a previous one.

In that situation, if the user to whom reply was directed to already have the unread notification, we should not create the new one.

That behaviour was mentioned here: https://meta.discourse.org/t/reply-then-edit-to-add-quote-notification-redundancy/138358

* FIX: dont create new notification if already exists
2020-02-14 16:41:42 +11:00
38dd184a16 FIX: update Site.top_tags in "categories" route if topic list available.
Else it is not updating the tags dropdown while navigate between the category pages.
2020-02-14 09:53:41 +05:30
157dcc7e3b DEV: Bump sidekiq from 6.0.4 to 6.0.5 (#8964)
Bumps [sidekiq](https://github.com/mperham/sidekiq) from 6.0.4 to 6.0.5.
- [Release notes](https://github.com/mperham/sidekiq/releases)
- [Changelog](https://github.com/mperham/sidekiq/blob/master/Changes.md)
- [Commits](https://github.com/mperham/sidekiq/compare/v6.0.4...v6.0.5)

Changes are safe, mostly around 2.7 support
2020-02-14 14:53:31 +11:00
56b16bc68e FIX: Never allow custom emoji to be marked secure (#8965)
* Because custom emoji count as post "uploads" we were
marking them as secure when updating the secure status for post uploads.
* We were also giving them an access control post id, which meant
broken image previews from 403 errors in the admin custom emoji list.
* We now check if an upload is used as a custom emoji and do not
assign the access control post + never mark as secure.
2020-02-14 11:17:09 +10:00
149196b9ce FIX: displays selection text when no default_notification_level is set (#8962) 2020-02-13 23:45:03 +01:00
6405159484 FEATURE: adds a new plugin api to decorate plugin outlets (#8937)
```
api.decoratePluginOutlet(
  "discovery-list-container-top",
  elem => {
    if (elem.classList.contains("foo")) {
      elem.style.backgroundColor = "yellow";
    }
  }
);
```
2020-02-13 23:44:34 +01:00
2136d4b5d5 Version bump to v2.4.0.beta11 v2.4.0.beta11 2020-02-13 16:56:46 -05:00
637535fc6b Update translations 2020-02-13 15:00:16 -05:00
c2e58b6b85 FIX: Don't remove the topic image if posts don't have them 2020-02-13 14:00:30 -05:00
4b46db6ea8 Build(deps-dev): Bump webmock from 3.8.1 to 3.8.2 (#8951)
Bumps [webmock](https://github.com/bblimke/webmock) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.8.1...v3.8.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-02-13 12:32:02 -05:00
a7efca1fa9 DEV: Remove unused "search help" 2020-02-13 18:31:21 +01:00
8d50f092b5 DEV: Use classes for styling user and group cards (#8913)
Styling based on element-ids, it is impossible for themes/plugins to display multiple cards on a single page. Using classes is a more flexible approach. The element-ids are maintained for backwards compatibility with existing plugins/themes.
2020-02-13 09:58:17 +00:00
3875785dcc FIX: ensures shortcuts work correctly with topic-notifications-button (#8956) 2020-02-13 10:01:28 +01:00
42bda52486 FIX: ensures select-kit can select a row with 0 as value (#8955) 2020-02-13 09:04:32 +01:00
e1e74abd4f FEATURE: Improving bookmarks part 2 -- Topic Bookmarking (#8954)
### UI Changes

If `SiteSetting.enable_bookmarks_with_reminders` is enabled:

* Clicking "Bookmark" on a topic will create a new Bookmark record instead of a post + user action
* Clicking "Clear Bookmarks" on a topic will delete all the new Bookmark records on a topic
* The topic bookmark buttons control the post bookmark flags correctly and vice-versa
Disabled selecting the "reminder type" for bookmarks in the UI because the backend functionality is not done yet (of sending users notifications etc.)

### Other Changes

* Added delete bookmark route (but no UI yet)
* Added a rake task to sync the old PostAction bookmarks to the new Bookmark table, which can be run as many times as we want for a site (it will not create duplicates).
2020-02-13 16:26:02 +10:00