When multiple admins are working in the review queue, it's quite easy for two people to try and handle the same reviewable at the same time. This change addresses the two major situations where this can occur.
The `ReviewableClaimedTopic` model has been extended to allow the system to mark a reviewable as claimed as soon as the first moderator starts handling the reviewable, even when the `reviewable_claiming` setting is disabled. This ensures that reviewable actions with client-site activity (for example, `agree_and_suspend`) will lock the reviewable before another moderator starts working on it.
When someone handles handles a reviewable, we now use `MessageBus` to inform other moderators that it's changed. If any of the other moderator have that reviewable open (either individually, or on the list screen), it will automatically refresh that data.
This PR renames a couple of settings related to anonymous mode:
1. `allow_anonymous_posting` → `allow_anonymous_mode`. This setting is
used as a switch for the entire anonymous mode feature, so it makes
sense to give it a generic name that better reflects what the setting
does.
2. `allow_anonymous_likes` → `allow_likes_in_anonymous_mode`. The new
name is clearer and will match a new setting that we'll add to allow
anonymous users to post in chat.
Internal topic: t/148088.
We currently limit the number of characters in the bar-separated list of auto-membership e-mail domains. We want to make this configurable through site settings.
After this change, we limit the length of each individual domain, and enable the number of domains to be configured through a hidden site setting.
The original limit is there to prevent DoS, since a TEXT column can take up to 1Gb. With this new limit we're still at a maximum of around 10kb.
The string introduced in
https://github.com/discourse/discourse/pull/31854 included a count but
was not pluralized. Even though the singular form may not be used in
English, proper pluralization is necessary for other languages. Some
languages have different plural forms depending on the number, so
explicitly defining pluralization ensures accurate translations.
When performing an action in the review queue, this change makes two improvements:
- The buttons on the reviewable item are disabled, so you can't accidentally multi-click.
- A toast is displayed when the action is complete, as a success indication.
This is a stripped-back version of the Search Banner
component https://meta.discourse.org/t/search-banner/122939,
which will be renamed to Advanced Search Banner,
see https://github.com/discourse/discourse-search-banner/pull/84.
This welcome banner interacts with the header search.
When `search_experience` is set to `search_field`, we only
show the header search after the welcome banner scrolls
out of view, and vice-versa.
Only new sites will get this feature turned on by default,
existing sites have a migration to disable it.
---------
Co-authored-by: Joffrey JAFFEUX <j.jaffeux@gmail.com>
Co-authored-by: Jordan Vidrine <jordan@jordanvidrine.com>
Now that we support multiple drafts, we can avoid the extra draft check
within composer when creating a new topic or reply. For posts, we
already autoload the existing draft into composer when the user tries to
create a new reply, so there is no longer a need for the abandon draft
dialog.
Drafts can still be deleted by closing the composer (using a different
dialog) or manually via the User Drafts page.
This change also correctly sets the draft key within composer actions
when switching from a post reply to a linked topic.
We already support `/apple-app-site-association` at the root. Apple also
accepts `.well-known/apple-app-site-association` as a valid path so this
adds that as well, just in case.
The service worker isn't served via normal asset paths or the CDN.
Instead, the ERB was being compiled by sprockets, fished out of the
`public/` directory by the static_controller, and then the
sprockets-specific stuff like `sourceMappingUrl` was being removed.
Instead, we can put the ERB under `views/static/`, and have it evaluate
at runtime. There are only a couple of super-cheap interpolations, plus
the route is cached in nginx, so there is no performance concern.
This takes us one step closer to removing sprockets.
There are a number of minor changes in this commit :
1. Combine the "Themes" and "Components" links in the admin sidebar into
a single tab labelled "Themes and components"
2. The combined tab links to the `/admin/config/customize/themes` page
(titled as "Themes and components")
3. Add a new "Components" tab to the "Themes and components" page.
There's already an existing "Themes" tab
4. Add a "back to" link at the top of individual theme/component page to
navigate back to the respective tab in the "Themes and components" page
5. Remove the themes/components list/sidebar that currently serves for
navigating between themes/components
6. Remove the header in the theme/component page
Changes 4–6 apply only if the admin sidebar is enabled; they have no
effect otherwise.
Internal topic: t/146006.
Redis / Valkey over TLS requires authentication involving both a
username and a password.
On most instances, the default username is `default`, but this allows
Discourse to provide its own.
Followup https://github.com/discourse/discourse/pull/31505/
When sending notification emails for system user responses for PMs,
we removed the part of the CTA where it says "to respond to xyz" in a
previous commit.
This commit takes it slightly further -- we now only show a "Visit
Topic"
or "Visit Message" button if the PM notification is from a system user,
it's a bit cleaner.
This commit also adds more in-depth tests, and refactors the message
builder a little.
**Note:** Do not merge before the backfill (#31606) is merged.
### What is this change?
We're now storing the selected API key scope mode in the back-end, and
can display it in the API key list.
**Screenshot:**
<img width="551" alt="Screenshot 2025-03-04 at 7 27 42 PM"
src="https://github.com/user-attachments/assets/9f234242-cfaa-4a2c-93e9-740770bd9944"
/>
This commit reverts commit b600288 "FIX: Simplify nginx config change
(#30383)" and fixes it by repeating the `proxy_set_header` lines in the
`@discourse` block.
Our previous understanding of this was incomplete: `proxy_set_header`
only has an effect when `proxy_pass` is *directly* used.
In our Nginx configuration file, we have two paths to get from the
`location /` main block to the upstream:
1: `location /` → `proxy_pass http://discourse` → `upstream discourse`
2: `location /` → `try_files @discourse` → `proxy_pass http://discourse`
→ `upstream discourse`
In the first case, the `proxy_set_header` directives from the `location
/` block (or one of its sub-blocks) takes effect and the headers are set
as expected.
In the second case, the `proxy_set_header` directives from the `location
/` block are *not used* since `proxy_pass` was not used from that
location.
Only the `proxy_set_header` directives from the `location @discourse`
block are considered since that is the configuration block that calls
`proxy_pass`
This PR adds a destroy:posts rake task that can be used to hard-delete a list of posts. Useful for dealing with large amounts of spam that has been soft deleted and needs to go.
Notes:
Works on both non-deleted and soft-deleted posts. (We might want to change this to work on only soft-deleted posts?)
Works exclusively on post IDs. We can't mix topic and post IDs as they might clash, and we have no way of resolving that ambiguity.
Accepts either a rake-style array of IDs or, more conveniently, you can pipe the argument in through STDIN.
Added a confirmation step since it's a fairly destructive operation.
When a post is flagged due to matching watched words, it can be difficult to know what you're looking for, particularly if you have a lot of watched words built up over a long period of time.
This change stores the list of matched words, and later displays them in the review queue, listing which Watched Words were responsible for the flag. Because watched words can change, this is recorded at the time the post is flagged. For posts that were flagged prior to this feature landing, it tries to guess the relevant words based on the current Watched Words set.
Redesigned page to update site logos. `AdminBrandingLogoFormComponent`
is attached to the old logos page and the new branding page. In the next
steps, branding will replace the logos page.
A new `AdminConfigAreaCardSection` component was added hidden and less
frequently used settings.
An image placeholder was also needed because many additional logos have
a fallback to the site logo.
Finally, `twitter_summary_large_image` was renamed to
`x_summary_large_image`.
Desktop
Mobile
This bumps the core ruby version requirement
to at least 3.3.0, and moves this version check
into the Gemfile per
https://bundler.io/guides/gemfile_ruby.html
We are doing this because generally our gems
are using a higher version, it's about time
for a bump anyway.
As we’re currently using a namespace for Sidekiq, in order to upgrade to
the latest version, we need to drop it as it’s not supported anymore.
The recommended way is to use a different Redis DB for Sidekiq.
This patch uses a different config for Sidekiq and also takes care of
migrating existing jobs (in queues and the retry and scheduled sets).
Adds `.json` a suffix everywhere and makes it clear that's it's a json
route.
Also adds a missing spec for this endpoint and updates the underlying
discourse-emojis gem for better symlinking
- Hide seldom-used fields behind an 'advanced' checkbox. This replaces
the old 'only show edited' checkbox, since the number of fields shown by
default is now so small that 'only show edited' isn't useful.
Mobile/desktop targets are included in that list because we now
recommend people use CSS breakpoints for handling different device
sizes.
- Update names & descriptions of fields to be more descriptive
- Show the descriptions of fields at the top of the editor. Previously
they were only shown as tooltips.
Before:
<img width="1109" alt="SCR-20250228-lunn"
src="https://github.com/user-attachments/assets/8faebba1-39c1-491a-b236-411cfb6d9c74"
/>
After, default view:
<img width="1102" alt="SCR-20250303-kayr"
src="https://github.com/user-attachments/assets/1e483845-613f-44d6-83d6-ade628251fe5"
/>
After, advanced view:
<img width="1122" alt="SCR-20250303-kazn"
src="https://github.com/user-attachments/assets/45b8933d-2271-42ba-b5b4-81b326709adb"
/>
This commit moves most of emoji logic into the discourse-emojis gem:
https://github.com/discourse/discourse-emojis/
Most notably:
- images are now symlinked from the gem
- the gem provides path to the json files
Search aliases have also been made asynchronous and memoized. When you
will search for an emoji we will now load the aliases and store the list
for future use.
---------
Co-authored-by: David Taylor <david@taylorhq.com>
In some error paths, headers that were set earlier can get overwritten
(e.g. `Cross-Origin-Opener-Policy`) by middleware such as
ActionDispatch::ShowExceptions.
This PR sets the `Cross-Origin-Opener-Policy` header to the value of the
SiteSetting `cross_origin_opener_policy_header` if it's missing and if
the response is for HTML.
In future, this DefaultHeaders middleware can be used to set other
default headers that relate to security or other purposes.
### Testing
<img width="631" alt="test"
src="https://github.com/user-attachments/assets/05106a40-2bc7-435d-91a2-4dd2a098f349"
/>
This change standardises the `User-Agent` header that Discourse will send when talking to other sites.
`Discourse.user_agent` is now the authority on what the user agent value should be. For Onebox requests, this changes the user agent from their existing value to match the new value (unless overridden).
For all other requests, `Net::HTTPHeader` is monkey-patched to add a default `User-Agent` header when one hasn't been provided.
Followup e26a1175d7c33746bddbc858ad89e68cc14beefe
Adds extra functionality and tests for the admin search modal.
* Show third level plugin config pages in search, e.g. AI Usage
* Remember last used search filters
* Allow navigating search results with keyboard, using tab or up/down
and enter to go to result
* Add a placeholder beneath search input to tell the admin what to do
* Add a full page search at `/admin/search` which can be reached from
pressing Enter on the search input
* Add specs for modal and full page search
* Change admin sidebar filter "no results found" to point to full page
search
* Add keyboard shortcut help to modal for admin search
This change adjusts the markup and aria tags so that the like and read
counts on posts will read who liked/read when clicked. Previously this
content was inaccessible to screen readers.
This change required:
* Keeping the empty containing divs present and adding `aria-live` tags
(if the `aria-live` tag isn't initially present in the DOM, it will not
read changes to the content within)
* Adjusting some styles to avoid extra margin from the empty div (added
a conditional class to add the margin back when expanded)
* Cleaned up the aria tags, we don't need to hide the "liked this" text,
as it will be read naturally after the usernames like "username1,
username2, liked this" This allows us to remove the screenreader only
description.
* Removed "Click to view" from the button label, the interactivity is
inherent because the screenreader identifies it as a button
Adds a search field to the page header on desktop that is controlled by
a site setting (within Search).
The search field toggles back to the search icon (magnifying class) when
the header is minimized (ie. scrolling in topics) and restores to the
field again when header is no longer minimized.
On mobile the search experience is still the same.
This commit introduces a new `Calendar` control for form-kit. This
control will render a date picker and a time input. On mobile the date
picker will be replaced by a native input of type date.
The following validation options have also been added:
- `dateAfterOrEqual`
- `dateBeforeOrEqual`
The control has two options:
- `includeTime` - show or hide the time input (default true)
- `expandedDatePickerOnDesktop` - show an expanded datepicker on
desktop, or not (default true)
