In one of the discourse narrative bot tutorial steps, we show the user a
few links and ask them to copy one and paste it in a reply to teach them
about oneboxes. In order to prevent the links from getting oneboxed in
the bot's post, we enclose them in `<>` which makes the links render
as-is without oneboxing.
However, if an admin attempts to customize via site texts the tutorial
step about onebox, the links enclosed in `<>` get removed completely
from the step content because they're interpreted as HTML tags when the
text override goes through sanitization (see [relevant
code](424da95128/app/models/translation_override.rb (L73-L74))).
To prevent that, this commit changes the default content for the onebox step
to use the `[]()` syntax which doesn't get sanitized and also doesn't
get oneboxed.
Internal topic: t/147912.
When an email is sent by sendgrid to an email address with an invalid
host, the webhook payload does not contain the "status" field:
```
[
{
"bounce_classification": "Unclassified",
"email": "noemail@this.does.not.exist.tld",
"event": "bounce",
"reason": "unable to get mx info: failed to get IPs from PTR record: lookup <nil>: unrecognized address",
"sg_event_id": "Ym91bmNlLTQtNTA0ODUxOTUtZXVvMmlLeGRTYXlQRjRZRTQtLUk3QS0w",
"sg_message_id": "euo2iKxdSayPF4YE4--I7A.recvd-5f54b5d587-pczjm-1-67BADEEA-6.0",
"smtp-id": "<870b3a2a-160c-4fc8-bc9a-bd0d5b943b81@forum.umbraco.com>",
"timestamp": 1740300320,
"tls": 0,
"type": "blocked"
}
]
```
When the `status` field is missing, it results in a `NoMethodError
(undefined method `[]' for nil:NilClass)`
error in the controller method. In this commit, we will specifically
handle the webhook event from sendgrid when the email address's domain
is invalid.
Co-Authored-By: @nul800sebastiaan
As part of the theme/color palette overhaul project, we're redesigning
the UI for the editing color palettes. This commit introduces a new
`ColorPaletteEditor` component that encapsulates all the logic and
interface for editing color palettes in the redesigned admin interface.
This component isn't used anywhere at this moment, but it will be once
we start introducing the rest of the redesigned interface.
This optimization is similar to the optimization applied in
eb603b246bad6df964b179a047a63e2b7894be8a. As part of the
`UserAnonymizer#make_anonymous` method call, the `Jobs::UpdateUsername`
sidekiq job is enqueued and this job runs many expensive and hard to
optimize SQL queries. Hence, we are restricting the
`cluster_concurrency` for
the sidekiq job to `1` to prevent the database from being overloaded in
the event that many users are being anonymized in a short period of
time.
This issue was found via Discobot. In part of the tutorial
for Discobot, it asks for a URL on one line so it can demonstrate
how oneboxes work.
The way it does this when the user replies is to cook the
post raw and check if there is a cached onebox for the URL
in the post. However, if you reply really fast to Discobot
with the URL without waiting for the onebox to appear in the
composer preview, it's not cached by the time we do this
check in the Discobot code.
This commit fixes the issue by following a more simplified
approach, where we check for the existence of one of the
following links from the onebox instructions:
```
https://en.wikipedia.org/wiki/Inherently_funny_wordhttps://en.wikipedia.org/wiki/Death_by_coconuthttps://en.wikipedia.org/wiki/Calculator_spelling
```
This will fall down if someone customizes the onebox
step text, or if the user uses a different link instead,
but we are willing to accept that risk at this time to simplify things.
`PrettyText.cook` does two things: 1️⃣ convert raw to cooked, 2️⃣
partial sanitisation.
This commit splits the 2️⃣ up so that it can be applied to other cooked
content.
Previously the rendered locale was based on the current session's
locale. Now that we're routing requests via the CDN, we can't rely on
the user's session, and should instead include the locale name in the
URL. Also adds a `.js` suffix for parity with our other JS assets.
Currently LF is used, making the backup codes indistinguishable for Windows users.
Instead, use CRLF which is compatible for Windows as well as Linux and macOS.
https://meta.discourse.org/t/-/331940
CDNs are often configured to strip query params, which means that the
`?v=` parameter wasn't reaching the Rails app, and therefore the
cache-control header was not being set correctly. Having a 40 character
sha1 digest in the **path** is the approach we take for other similar
assets like stylesheets and theme-javascripts.
Also adds a spec for the fix in 573fbeef64f052decc47e740cbe01a3c298c20b5
Adds a description to highlight the need for sender to have correct
permissions when sending PM. Without the correct permissions the PM is
not sent and a message is added to the site logs.
Followup to 1b5e4b6b0fef9811839490f2ee3b9f31d5fbed3b
When running through a CDN in a multisite environment, the site hostname
needs to be included in the path or query or the URL so that the
'current db' can be set correctly by rails multisite. Without this, the
response will assume the default site in the cluster.
Updates the chat summary email to account for:
- unread mentions in category channels (same as before)
- unread direct messages (now excluding threads)
- unread watched thread replies (for both channels and DM channels)
We have also reduced the window from 1 week down to 1 day for all 3
criteria. The DM unreads query is now properly selecting the first
unread message within the window (rather than the first message
regardless of read status).
Previously, the SiteSetting::Update service allowed to update of a
single site setting. In the About controller, we were using the loop
through all settings -
https://github.com/discourse/discourse/blob/main/app/controllers/admin/config/about_controller.rb#L39
It is suboptimal because if the 3 first settings are saved and the
fourth is invalid, we will end with partially updated data.
Changing SiteSetting::Update to accept hash means that we will check
upfront if none of the settings are hidden or invalid and update all or
none.
Custom policies are used to report which settings are failing.
On chat setup we get the initial state of drafts for the current users,
we need to add them to the drafts manager, but we don't need to store
them again on the backend.
This commit adds a persist (boolean) parameter to the
`ChatDraftsManager.add` service which when set to true will only add the
draft on the frontend and not send it to the backend.
No test, as the behavior is already tested and unchanged, this is only a
performance improvement.
