Commit Graph

40730 Commits

Author SHA1 Message Date
bf5611f7eb FIX: Make discobot certificate faster/non blocking (#11344)
This moves the way we add the user avatar and site logo
to the discobot certificates from embeded base64 png to
just using the files urls in the href to the image tag.

This will make generation faster and the certificate
smaller overall, but it can't be used in a  `img` tag
anymore, since SVGs in `img` tags don't load the external images

In order to work around that we will move the certificate
in posts to an iframe, which works fine without any user
visible changes. For this to be possible the plugin automatically
adds the site current domain to the list of allowed iframe origins.
2021-02-01 20:49:32 -03:00
ca4a962766 Build(deps): Bump rubocop from 1.9.0 to 1.9.1
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.9.0...v1.9.1)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:47:02 +08:00
b43a169fc8 Build(deps-dev): Bump webmock from 3.11.1 to 3.11.2
Bumps [webmock](https://github.com/bblimke/webmock) from 3.11.1 to 3.11.2.
- [Release notes](https://github.com/bblimke/webmock/releases)
- [Changelog](https://github.com/bblimke/webmock/blob/master/CHANGELOG.md)
- [Commits](https://github.com/bblimke/webmock/compare/v3.11.1...v3.11.2)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:46:53 +08:00
c2e8a43b60 Build(deps): Bump excon from 0.78.1 to 0.79.0
Bumps [excon](https://github.com/excon/excon) from 0.78.1 to 0.79.0.
- [Release notes](https://github.com/excon/excon/releases)
- [Changelog](https://github.com/excon/excon/blob/master/changelog.txt)
- [Commits](https://github.com/excon/excon/compare/v0.78.1...v0.79.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:46:43 +08:00
a2ec617208 Build(deps): Bump bootsnap from 1.6.0 to 1.7.0
Bumps [bootsnap](https://github.com/Shopify/bootsnap) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/Shopify/bootsnap/releases)
- [Changelog](https://github.com/Shopify/bootsnap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Shopify/bootsnap/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 06:39:28 +08:00
e040de0c2c DEV: New option to always destroy posts. (#11898) 2021-02-01 16:57:31 -05:00
4b3d34d3d4 FIX: Skip shared drafts logic if disabled (#11918)
It always showed shared drafts if no category was set.

Follow-up to dd175537f3fb5f4a62a5935f65443fc9bedb37e3.
2021-02-01 20:29:04 +02:00
0f31a221c9 DEV: Performance fixes to filtered replies (#11916) 2021-02-01 11:53:13 -05:00
6efdeef461 FIX: Emoji search/autocomplete should respect selected skin tone (#11917)
This commit makes our emoji autocomplete in the composer respect the skin tone you select in the emoji picker.
2021-02-01 19:36:35 +03:00
dd175537f3 FIX: Existing shared drafts should be accessible (#11915)
Disabling shared drafts used to leave topics in an inconsistent state
where they were not displayed as shared drafts and thus there was no
way of publishing them. Moreover, they were accessible just to users
who have permissions to create shared drafts.

This commit adds another permission check that is used for most
operations and the old can_create_shared_draft? remains used just when
creating a new shared draft.
2021-02-01 16:16:34 +02:00
f113648107 DEV: Migrate more tests to our Ember CLI format. (#11899)
This should be fully backwards compatible.

Co-authored-by: Jarek Radosz <jradosz@gmail.com>

Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-02-01 09:01:47 -05:00
98201ecc24 DEV: {{user-selector}} replacement (#11726)
This PR is the first step towards replacing our `{{user-selector}}` and eventually deprecating and removing it from our codebase. Some of `{{user-selector}}` problems are:

1. It's called `{{user-selector}}`, but in reality in can also select groups and emails.
2. It's an Ember component, yet it doesn't have a handlebars template and uses jQuery to render itself and modify the DOM. An example of this problem is when you want to clear the selected users programmatically, see [this](6c155dba77/app/assets/javascripts/discourse/app/components/user-selector.js (L179-L185)).
3. We now have select kit which does very similar things but a lot better.

This PR introduces `{{email-group-user-chooser}}` which is meant to replace `{{user-selector}}`. It extends select kit and has the same features that `{{user-selector}}` has. `{{user-selector}}` is still used in a few places in core, but they'll all be replaced with the new component in a separate commit. 

Once `{{user-selector}}` is not used anywhere in core, it'll be deprecated and then removed after the 2.7 release.
2021-02-01 13:07:11 +03:00
7e4dad3c56 DEV: Update msgpack to 1.4.2.
It seems like 1.4.1 was yanked.
2021-02-01 11:46:38 +08:00
184cd766ac Apply suggestions from code review
Co-authored-by: Jarek Radosz <jradosz@gmail.com>
2021-02-01 10:36:02 +08:00
5546fe609c Add autofocus to the change ownership modal 2021-02-01 10:36:02 +08:00
49e97279c7 FEATURE: Add daily job to check for new features 2021-02-01 10:31:44 +08:00
736b4137cc FIX: Return the CDN's URL when using the site's small logo as the system's user avatar.
Using "UrlHelper#absolute" returns the S3 URL, which is fine for the client because it modifies it to use the CDN instead. On the other hand, this replacement doesn't happen when the URL is server-side rendered, returning a 403 for the system's avatar.
2021-02-01 10:31:36 +08:00
2f2dd94217 left align popup-menu button text 2021-02-01 10:30:52 +08:00
0fab711e4a FIX: Stop trying to set values on destroyed bookmark component (#11909)
* sometimes the AJAX promise to create/save the bookmark did
  not come back before the component destroyed, causing an error
  when trying to set the model id afterward. this just eliminates
  the set code and uses the response.id instead
2021-02-01 10:23:06 +10:00
3e3f3f7b7e DEV: Add time shortcut picker component and libs and refactor bookmark modal controller into component which uses time shortcut picker (#11802)
This PR moves all of the time picking functionality from the bookmark modal and controller into a reusable time-shortcut-picker component, which will be used for the topic timer UI revamp. All of the utility JS for getting dates like tomorrow/next week/next month etc. have also been moved into a separate utility lib.

The time-shortcut-picker has a couple of options that can be passed in:

* prefilledDatetime - The date and time to parse and prefill into the custom date and time section, useful for editing interfaces.
* onTimeSelected (callback) - Called when one of the time shortcuts is clicked, and passes the type of the shortcut (e.g. tomorrow) and the datetime selected.
* additionalOptionsToShow - An array of option ids to show (by default `later_today` and `later_this_week` are hidden)
* hiddenOptions - An array of option ids to hide
* customOptions - An array of custom options to display (e.g. the option to select a post date for the bookmarks modal). The options should have the below properties:
    * id
    * icon
    * label (I18n key)
    * time (moment datetime object)
    * timeFormatted
    * hidden

The other major work in this PR is moving all of the bookmark functionality out of the bookmark modal controller and into its own component, where it makes more sense to be able to access elements on the page via `document`. Tests have been added to accompany this move, and existing acceptance tests for bookmark are all passing.
2021-02-01 09:03:41 +10:00
e242e0b13c Build(deps): Bump rack-mini-profiler from 2.3.0 to 2.3.1 (#11906)
Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases)
- [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md)
- [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.3.0...v2.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:43:05 +01:00
acbbcfd038 Build(deps): Bump rspec-mocks from 3.10.1 to 3.10.2 (#11907)
Bumps [rspec-mocks](https://github.com/rspec/rspec-mocks) from 3.10.1 to 3.10.2.
- [Release notes](https://github.com/rspec/rspec-mocks/releases)
- [Changelog](https://github.com/rspec/rspec-mocks/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-mocks/compare/v3.10.1...v3.10.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:42:54 +01:00
647d88a224 Build(deps): Bump rspec-support from 3.10.1 to 3.10.2 (#11908)
Bumps [rspec-support](https://github.com/rspec/rspec-support) from 3.10.1 to 3.10.2.
- [Release notes](https://github.com/rspec/rspec-support/releases)
- [Changelog](https://github.com/rspec/rspec-support/blob/main/Changelog.md)
- [Commits](https://github.com/rspec/rspec-support/compare/v3.10.1...v3.10.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:42:36 +01:00
dbec522eb0 Build(deps): Bump fastimage from 2.2.1 to 2.2.2 (#11905)
Bumps [fastimage](https://github.com/sdsykes/fastimage) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/sdsykes/fastimage/releases)
- [Commits](https://github.com/sdsykes/fastimage/compare/v2.2.1...v2.2.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-31 22:28:28 +01:00
363170513e UX: Allow some overflow in composer preview (#11902) 2021-01-29 20:28:56 -05:00
ba2f4f3393 Improve invite to forum modal description (#11903) 2021-01-29 16:59:39 -08:00
39ba3f8291 remove hidden area in flagged removed post msg (#11901)
because users were having trouble figuring out how to expand the hidden post to determine "what post of mine was removed??", per customer reports
2021-01-29 15:42:04 -08:00
67e185b33e document user endpoints (#11894)
* document user endpoints, allow for empty request/response bodies

* document more user endpoints, improve debugging output if no details are specified

* document some more user endpoints

* minor cleanup

* FIX: flakey tests due to bad regex
2021-01-29 11:27:11 -07:00
11c812f042 Quite a few Ember-CLI / Upgrade related changes (#11867)
* Quite a few Ember-CLI / Upgrade related changes

They should all be backwards compatible. This is all to help merge our
branches.

* REFACTOR: DRY up username validation

Also avoids overwriting computed properties for compatibility with newer
Ember releases.
2021-01-29 10:19:54 -05:00
0bd0358158 Build(deps): Bump rubocop from 1.8.1 to 1.9.0 (#11892)
Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/rubocop-hq/rubocop/releases)
- [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rubocop-hq/rubocop/compare/v1.8.1...v1.9.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 12:37:06 +01:00
01b4d7a050 Build(deps): Bump oj from 3.11.1 to 3.11.2 (#11891)
Bumps [oj](https://github.com/ohler55/oj) from 3.11.1 to 3.11.2.
- [Release notes](https://github.com/ohler55/oj/releases)
- [Changelog](https://github.com/ohler55/oj/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/ohler55/oj/compare/v3.11.1...v3.11.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 12:34:53 +01:00
886ae6cdc4 Build(deps): Bump omniauth-oauth from 1.1.0 to 1.2.0 (#11890)
Bumps [omniauth-oauth](https://github.com/intridea/omniauth-oauth) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/intridea/omniauth-oauth/releases)
- [Commits](https://github.com/intridea/omniauth-oauth/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-29 12:34:18 +01:00
a5923ad603 DEV: apply allow origin response header for CDN requests. (#11893)
Currently, it creates a CORS error while accessing those static files.
2021-01-29 07:44:49 +05:30
4af4d36175 FIX: IMAP allow unknown senders to reply to group topics via email (#11877)
Adds a new column/setting to groups, allow_unknown_sender_topic_replies, which is default false. When enabled, this scenario is allowed via IMAP:

* OP sends an email to the support email address which is synced to a group inbox via IMAP, creating a group topic
* Group user replies to the group topic
* An email notification is sent to the OP of the topic via GroupSMTPMailer
* The OP has several email accounts and the reply is sent to all of them, or they forward their reply to another email account
* The OP replies from a different email address than the OP (gloria@gmail.com instead of gloria@hey.com for example)
* The a new staged user is created, the new reply is accepted and added to the topic, and the staged user is added to the topic allowed users

Without allow_unknown_sender_topic_replies enabled the new reply creates an entirely new topic (because the email address it is sent from is not previously part of the topic email chain).
2021-01-29 09:59:10 +10:00
5114a6421b Build(deps-dev): Bump rswag-specs from 2.3.1 to 2.3.2 (#11889)
Bumps [rswag-specs](https://github.com/rswag/rswag) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/rswag/rswag/releases)
- [Changelog](https://github.com/rswag/rswag/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rswag/rswag/compare/2.3.1...2.3.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 16:12:27 -07:00
f49e3e5731 DEV: Add security_last_changed_at and security_last_changed_reason to uploads (#11860)
This PR adds security_last_changed_at and security_last_changed_reason to uploads. This has been done to make it easier to track down why an upload's secure column has changed and when. This necessitated a refactor of the UploadSecurity class to provide reasons why the upload security would have changed.

As well as this, a source is now provided from the location which called for the upload's security status to be updated as they are several (e.g. post creator, topic security updater, rake tasks, manual change).
2021-01-29 09:03:44 +10:00
0990112d80 UX: fix bulk select top positioning (#11888) 2021-01-28 16:44:54 -05:00
598c7d2fcb fix topic entrance button layout (#11887) 2021-01-28 15:44:01 -05:00
ce904dc765 DEV: Remove tabindex property from selected name template (#11882) 2021-01-28 13:42:59 -05:00
8e53c2a2c3 FIX: Invisible is not the opposite of visible (#11881)
If visible is undefined, then invisible should be too.
2021-01-28 20:17:46 +02:00
b70e0d88f7 Include accessibility commits when generating release notes (#11884) 2021-01-28 12:58:04 -05:00
c4dc610498 Version bump to v2.7.0.beta3 v2.7.0.beta3 2021-01-28 12:53:10 -05:00
a20bcd34da FIX: Approving a user was not sending an email (#11883)
When we made rejection emails optional we accidentally changed the
default for approval emails from true to false.
2021-01-28 12:41:30 -05:00
d8846e4fcd FEATURE: add contact emails metadata entry to optional plugin meta (#11879) 2021-01-28 11:17:00 -05:00
80f85167be FIX: Allow a single invite per email address (#11855) 2021-01-28 13:38:36 +02:00
8881ae4af4 DEV: Remove dead code (latestTopicOnly) (#11833)
Background: I wanted to see `categories.latest_by` translation in context in a live app but couldn't find it, so I traced it throughout the code.

My step-by-step reasoning for the removal is:

1. `categories-only` does not use `latestTopicOnly`, so there's no need to call it with that argument
2. `parent-category-row` is never called with `latestTopicOnly` argument, so the reference to that arg can be removed from its template
3. after that, `featured-topic` is now no longer ever called with `latestTopicOnly` argument (except in the `ghost` theme, but that's because its override of `categories-only` template 4e2fba963c/common/header.html (L119) is based on the old version of that template from core), so it seems safe to remove it there too (`categories.latest_by` i18n string is also no longer needed)
4. then, nothing is using `latestTopicOnly` anymore so it can be removed from `categories` hbs/js

I checked in each step that there are no plugins or themes (in all-the-plugins/all-the-themes) using those properties/arguments/strings.
2021-01-28 11:48:51 +01:00
5a6baa7c46 FIX: Translated button title didn't work (#11872)
Follow-up to 6f13d2b03912165e2d9d5830a2ef6f73b535f3f4
2021-01-28 08:32:02 +01:00
9ae067164d ensure topic footer buttons are the same height (#11875)
follow-up to f1d5d2b
2021-01-27 21:40:45 -05:00
d3febe5e86 Fix post edit icon color (#11873) 2021-01-27 20:38:15 -05:00
0de897fbf2 Build(deps): Bump puma from 5.1.1 to 5.2.0 (#11869)
Bumps [puma](https://github.com/puma/puma) from 5.1.1 to 5.2.0.
- [Release notes](https://github.com/puma/puma/releases)
- [Changelog](https://github.com/puma/puma/blob/master/History.md)
- [Commits](https://github.com/puma/puma/compare/v5.1.1...v5.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-01-28 01:06:14 +01:00