2.8.0.beta10: API Improvements, Domain Restricted Invite Links, Tab to Indent, and more

New features in 2.8.0.beta10

API scopes for badges

API keys can now be restricted to badges. Available scopes include create, read, update, and delete badges, list a user’s badges, and assign/remove a badge from a user.

Restrict link invites to email domain

Allow multiple emails to redeem a link invite only if the email domain name matches the one specified.

Save scroll position on the bookmarks page

Ever find yourself looking at your bookmarks, opening one, going back, and then finding yourself at the top of the page again? No more! Discourse now saves your scroll position so you’ll be right where you left off when you return.

Use Tab for indenting text in composer

Text can now be indented and de-indented in the composer via Tab and Shift+Tab respectively. This works for both code blocks as well as regular text.

2021-12-21_11-25-12

hide_email_address_taken site setting improvement

When enabled, the hide_email_address_taken site setting forces the use of email in the forgot password form. This helps sites receiving abuse/spam via forgot password as usernames can no longer be used to trigger email.

19 Likes

Even more!

But wait, there’s more! We do our best to highlight new features and changes for you, but there’s always too many changes to detail. For a full list of new features, bug fixes, UX improvements, and more, be sure to review the Additional Features and Fixes listed below.

Security Updates

This beta includes 1 security fix for issues reported by our community and HackerOne.

  • Disable MessageBus::Diagnostics.

Plugin improvements

Many plugins

  • Translations
    • We’ve updated the translations in many of our plugins

Assign

New Features

  • Delete previous assign reminder PMs
  • Active flag for assignments

Bug Fixes

  • Always unassign posts when deleted
  • Refresh topic when topic or post is deleted or recovered
  • Specs for search fix
  • Indirect assigned to in search
  • Dont allow assigning user to topic when post assigned
  • Correctly position dropdown in modal on desktop
  • Refactor assign / reassign to combine logic

LinkedIn Auth

Bug Fixes

  • Handle duplicate rows in migration

Accessibility

  • Adds missing titles to tc-message actions

Akismet

Bug Fixes

  • Deleting user works even if pending reviewable exist

Calendar

New Features

  • Re-use existing invite and reminders notifications.

Microsoft Auth

Bug Fixes

  • Handle duplicate rows in migration

UX Changes

  • Rename from Office365 to ‘Microsoft Auth’

Solved

New Features

  • Show notice if user can accept an answer

UX Changes

  • Prevent solve text and icon from wrapping

BCC

Bug Fixes

  • Groups being mentioned in each message

Kolide

New Features

  • Display detail of open Kolide issues in footnote.
  • Sync issues and devices based on webhook payload.
  • Alert Kolide group admins about unassigned devices.
  • Display global notice to warn about non-onboarded devices.

Bug Fixes

  • Assign topic variable before getting the title.
  • Don’t remind users when no issues found.
  • Don’t remind Kolide admins when no issues found.
  • Do not updated admin topic unless it changes
  • Skip reminders if there are no issues.
  • Increase per_page from default 25 to 500
  • Add default text for post body if issues not found.
  • Update custom field value only if post is present.
  • Use logger.warn instead of Discourse.warn method.
  • Take 2 on stopping notification flood.

UX Changes

  • Remove link to the Kolide for device issues.
  • Display the notice only if onboarding topic id available
  • Navigate users to onboarding topic via banner.

SAML

New Features

  • Allow the plugin to be configured using site settings

Bug Fixes

  • Ensure JS script path is correct for subfolder
  • Add content-type header to auto-submitting form
  • Do not compress SAML request for POST binding
  • Correct after_create_account errors from 4e0a5e0a
  • Defer UsernameSuggester logic to the auto_create_account
  • Ignore empty saml_base_url site setting
  • Do not override existing session cookie during callback
  • Ensure SAML follows after-login redirects
  • Remove prefix from base_url
  • Update name selection logic

UX Changes

  • If configured via environment variables, hide the site settings

Subscriptions

Bug Fixes

  • Html strong tags showing

Policy

New Features

  • Add private attribute to policy
  • Paginate PolicyUser results

Bug Fixes

  • Allow automatic groups to be selected
  • Policy users per page should not change

UX Changes

  • Show grey buttons for the other policy option

Reactions

Bug Fixes

  • Reaction notifications were broken (take 3)
  • Reaction notifications were broken (take 2)
  • Reaction notifications were broken

Automation

Bug Fixes

  • Only allows select-script when creating a new automation

UX Changes

  • Makes dropdowns filterable and scrollable

Footnote

Bug Fixes

  • Moves to assets/vendor/javascripts
  • Correctly import popper

Security Changes

  • Fix malicious footnote causing clientside errors

Chat Integration

New Features

  • Allow selecting ‘automatic’ groups for rules

Bug Fixes

  • Store slack thread_ts on a per-channel basis
  • Ensure edit modal validation works on first opening
  • Ensure telegram bot only responds to slash-commands

Additional Features and Fixes

Click to expand

New Features

  • when suggesting usernames skip input that consist entirely of disallowed characters
  • Scheduled problem checks for admin dashboard
  • Allow to modify topic-backed static pages
  • Add topic-navigation plugin outlet and popup component
  • Extend plugin API to add multiple poster icons
  • Add Apple plugin to the official list
  • A notification consolidation plan for keeping the latest one.
  • Delete previous reviewable reminders.
  • Experimental support for group membership via google auth
  • Pre-setting user locale via bulk invite
  • Add the ability to go back and forth between PM and New Topic

Bug Fixes

  • fallback to anonymous not user when suggesting usernames for anonymous users
  • Use correct argument name in pending reviewables translation
  • Menu panel position adjustment
  • Use basic meta description if other description tags are missing
  • Translation overrides from fallback locale didn’t work on client
  • “Customize Text” showed compiled MessageFormat string for overridden _MF translations
  • Translation precedence was different on client and server
  • Incorrect header offset calculation
  • Add smooth scrolling polyfill
  • Uses new format for search tag endpoint to prevent issues
  • Notify group members when someone quotes or replies to their post.
  • Add more actions to the uploads API key scope
  • Correct email_tokens_token_to_nullable migration
  • Ensure theme names are escaped in HTML attributes
  • Check if invite domain is valid
  • Allow OAuth2Authenticator to handle existing associations
  • Blurry onebox favicon images
  • Only consider it handled by composer when a composer
  • Defer topic/post created events until emails have been added
  • Make tests work with higher starting upload id
  • Select correct topic draft for user
  • Update has_topic_draft when draft is updated
  • Ensure MessageIdService can handle hostname changes and multisite
  • –header-offset didn’t account for overscroll
  • References header leading to broken email threading
  • Make thumbnail tests start with a clean slate
  • Display pending posts in a moderated category
  • Edit tag test
  • Tag transition only if tag name changed
  • Missing allowed urls when displaying granualar API key scopes.
  • Auth incorrectly handles duplicate usernames
  • Updating a consolidated notification should bump it to the top.
  • When using external auth disallowed characters weren’t removed from username
  • Make user themes sort order case insensitive
  • Add random suffix to outbound Message-ID for email
  • PWA badges were not updating
  • Match for indeterminate depth in URL during upload tests
  • Allows more precise placement strategy on mobile
  • Don’t redirect XHR/JSON requests when login is required
  • Extract and fix overriding of usernames by external auth
  • Set auto_update to false for non-git themes/components
  • Skip themes that have blank URL in the themes:update rake task

UX Changes

  • Update navigation-container scaling & wrapping
  • Correctly handles escape on emoji picker
  • Always show avatar on mobile topic lists
  • Let mobile post controls scroll on overflow
  • Show group card with animated loading state
  • Prevent timeline overflow in extreme cases
  • Extend user hyperlink in staff action logs
  • Fix topic status icon size in mobile search results
  • Only apply link formats on paste to selections that do not contain bbcode-like tags
  • Make toggling to filtered replies mode less jumpy.
  • Improve composer presence-display positioning
  • Scroll row to top of container in select-kit
  • Fix flair dropdown styling in user account
  • Remove style that breaks composer on pm page
  • Reduce composer jumpiness on android
  • Prevent overflow on mobile timeline dates
  • Improve tag info style
  • Fix alignment in group navigation bar
  • Only apply link formats on paste to selections that do not contain links

Performance

  • Make tests faster by prefabricating more things
  • Prefabricate more parts of users_controller_spec
  • Speed up the tests by pre-fabricating more things
  • Prefabricate posters in topics_controller_spec
  • Prefabricate more of topics_controller_spec.rb
  • Redis snapshotting during tests
  • Speed up tests
  • Add index on email_tokens.token_hash
  • Shave off some test-suite time
  • Migrate normalized_emails in a migrations

Accessibility

  • Focus last viewed topic in topic lists
  • Move focus to highlighted post when visiting a topic
  • Remove dupe label on signup confirm field
16 Likes