Update Rails to v6.1.7.1

This reverts commit d45d9a31ac.

.github/workflows/tests.yml

@@ -5,6 +5,8 @@ on:
   push:
     branches:
       - main
+      - beta
+      - stable
 
 concurrency:
   group: tests-${{ format('{0}-{1}', github.head_ref || github.run_number, github.job) }}
@@ -14,7 +16,7 @@ jobs:
   build:
     name: ${{ matrix.target }} ${{ matrix.build_type }}
     runs-on: ubuntu-latest
-    container: discourse/discourse_test:slim${{ startsWith(matrix.build_type, 'frontend') && '-browsers' || '' }}
+    container: discourse/discourse_test:2.0.20220818-0047-slim${{ startsWith(matrix.build_type, 'frontend') && '-browsers' || '' }}
     timeout-minutes: 60
 
     env:
@@ -36,8 +38,6 @@ jobs:
             target: plugins
           - build_type: frontend
             target: core # Handled by core_frontend_tests job (below)
-          - build_type: frontend
-            target: plugins # Not yet passing in Ember CLI
         include:
           - build_type: frontend
             target: core-plugins
@@ -99,6 +99,10 @@ jobs:
         if: matrix.target == 'plugins'
         run: bin/rake plugin:install_all_official
 
+      - name: Pull compatible versions of plugins
+        if: matrix.target == 'plugins'
+        run: bin/rake plugin:pull_compatible_all
+
       - name: Fetch app state cache
         uses: actions/cache@v2
         id: app-cache
@@ -164,10 +168,10 @@ jobs:
         run: QUNIT_EMBER_CLI=0 bin/rake plugin:qunit['*','1200000']
         timeout-minutes: 30
 
-      - name: Plugin QUnit (Ember CLI)
-        if: matrix.build_type == 'frontend' && (matrix.target == 'plugins' || matrix.target == 'core-plugins')
-        run: QUNIT_EMBER_CLI=1 bin/rake plugin:qunit['*','1200000']
-        timeout-minutes: 30
+      # - name: Plugin QUnit (Ember CLI)
+      #   if: matrix.build_type == 'frontend' && (matrix.target == 'plugins' || matrix.target == 'core-plugins')
+      #   run: QUNIT_EMBER_CLI=1 bin/rake plugin:qunit['*','1200000']
+      #   timeout-minutes: 30
 
       - name: Check Annotations
         if: matrix.build_type == 'annotations'
@@ -186,61 +190,61 @@ jobs:
           fi
         timeout-minutes: 30
 
-  core_frontend_tests:
-    name: core frontend (${{ matrix.browser }})
-    runs-on: ubuntu-latest
-    container: discourse/discourse_test:slim-browsers
-    timeout-minutes: 30
+  # core_frontend_tests:
+  #   name: core frontend (${{ matrix.browser }})
+  #   runs-on: ubuntu-latest
+  #   container: discourse/discourse_test:slim-browsers
+  #   timeout-minutes: 30
 
-    strategy:
-      fail-fast: false
-      matrix:
-        browser: ["Chrome", "Firefox", "Headless Firefox"]
+  #   strategy:
+  #     fail-fast: false
+  #     matrix:
+  #       browser: ["Chrome", "Firefox", "Headless Firefox"]
 
-    steps:
-      - uses: actions/checkout@v2
-        with:
-          fetch-depth: 1
+  #   steps:
+  #     - uses: actions/checkout@v2
+  #       with:
+  #         fetch-depth: 1
 
-      - name: Setup Git
-        run: |
-          git config --global user.email "ci@ci.invalid"
-          git config --global user.name "Discourse CI"
+  #     - name: Setup Git
+  #       run: |
+  #         git config --global user.email "ci@ci.invalid"
+  #         git config --global user.name "Discourse CI"
 
-      - name: Get yarn cache directory
-        id: yarn-cache-dir
-        run: echo "::set-output name=dir::$(yarn cache dir)"
+  #     - name: Get yarn cache directory
+  #       id: yarn-cache-dir
+  #       run: echo "::set-output name=dir::$(yarn cache dir)"
 
-      - name: Yarn cache
-        uses: actions/cache@v2
-        id: yarn-cache
-        with:
-          path: ${{ steps.yarn-cache-dir.outputs.dir }}
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-yarn-
+  #     - name: Yarn cache
+  #       uses: actions/cache@v2
+  #       id: yarn-cache
+  #       with:
+  #         path: ${{ steps.yarn-cache-dir.outputs.dir }}
+  #         key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
+  #         restore-keys: |
+  #           ${{ runner.os }}-yarn-
 
-      - name: Yarn install
-        working-directory: ./app/assets/javascripts/discourse
-        run: yarn install
+  #     - name: Yarn install
+  #       working-directory: ./app/assets/javascripts/discourse
+  #       run: yarn install
 
-      - name: Ember Build
-        working-directory: ./app/assets/javascripts/discourse
-        run: |
-          sudo -E -u discourse mkdir /tmp/emberbuild
-          sudo -E -u discourse -H yarn ember build --environment=test  -o /tmp/emberbuild
+  #     - name: Ember Build
+  #       working-directory: ./app/assets/javascripts/discourse
+  #       run: |
+  #         sudo -E -u discourse mkdir /tmp/emberbuild
+  #         sudo -E -u discourse -H yarn ember build --environment=test  -o /tmp/emberbuild
 
-      - name: Core QUnit 1
-        working-directory: ./app/assets/javascripts/discourse
-        run: sudo -E -u discourse -H yarn ember exam --path /tmp/emberbuild --split=3 --partition=1 --launch "${{ matrix.browser }}"
-        timeout-minutes: 20
+  #     - name: Core QUnit 1
+  #       working-directory: ./app/assets/javascripts/discourse
+  #       run: sudo -E -u discourse -H yarn ember exam --path /tmp/emberbuild --split=3 --partition=1 --launch "${{ matrix.browser }}" --random
+  #       timeout-minutes: 20
 
-      - name: Core QUnit 2
-        working-directory: ./app/assets/javascripts/discourse
-        run: sudo -E -u discourse -H yarn ember exam --path /tmp/emberbuild --split=3 --partition=2 --launch "${{ matrix.browser }}"
-        timeout-minutes: 20
+  #     - name: Core QUnit 2
+  #       working-directory: ./app/assets/javascripts/discourse
+  #       run: sudo -E -u discourse -H yarn ember exam --path /tmp/emberbuild --split=3 --partition=2 --launch "${{ matrix.browser }}" --random
+  #       timeout-minutes: 20
 
-      - name: Core QUnit 3
-        working-directory: ./app/assets/javascripts/discourse
-        run: sudo -E -u discourse -H yarn ember exam --path /tmp/emberbuild --split=3 --partition=3 --launch "${{ matrix.browser }}"
-        timeout-minutes: 20
+  #     - name: Core QUnit 3
+  #       working-directory: ./app/assets/javascripts/discourse
+  #       run: sudo -E -u discourse -H yarn ember exam --path /tmp/emberbuild --split=3 --partition=3 --launch "${{ matrix.browser }}" --random
+  #       timeout-minutes: 20

Gemfile

@@ -18,7 +18,7 @@ else
   # this allows us to include the bits of rails we use without pieces we do not.
   #
   # To issue a rails update bump the version number here
-  rails_version = '6.1.4.1'
+  rails_version = '6.1.7.1'
   gem 'actionmailer', rails_version
   gem 'actionpack', rails_version
   gem 'actionview', rails_version
@@ -263,3 +263,5 @@ gem 'colored2', require: false
 gem 'maxminddb'
 
 gem 'rails_failover', require: false
+
+gem 'net-http'

Gemfile.lock

@@ -8,22 +8,22 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      actionview (= 6.1.4.1)
-      activejob (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionmailer (6.1.7.1)
+      actionpack (= 6.1.7.1)
+      actionview (= 6.1.7.1)
+      activejob (= 6.1.7.1)
+      activesupport (= 6.1.7.1)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.1.4.1)
-      actionview (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionpack (6.1.7.1)
+      actionview (= 6.1.7.1)
+      activesupport (= 6.1.7.1)
       rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (6.1.4.1)
-      activesupport (= 6.1.4.1)
+    actionview (6.1.7.1)
+      activesupport (= 6.1.7.1)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -32,15 +32,15 @@ GEM
       actionview (>= 6.0.a)
     active_model_serializers (0.8.4)
       activemodel (>= 3.0)
-    activejob (6.1.4.1)
-      activesupport (= 6.1.4.1)
+    activejob (6.1.7.1)
+      activesupport (= 6.1.7.1)
       globalid (>= 0.3.6)
-    activemodel (6.1.4.1)
-      activesupport (= 6.1.4.1)
-    activerecord (6.1.4.1)
-      activemodel (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
-    activesupport (6.1.4.1)
+    activemodel (6.1.7.1)
+      activesupport (= 6.1.7.1)
+    activerecord (6.1.7.1)
+      activemodel (= 6.1.7.1)
+      activesupport (= 6.1.7.1)
+    activesupport (6.1.7.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -129,7 +129,7 @@ GEM
       sprockets (>= 3.3, < 4.1)
     ember-source (2.18.2)
     erubi (1.10.0)
-    excon (0.89.0)
+    excon (0.93.0)
     execjs (2.8.1)
     exifr (1.3.9)
     fabrication (2.24.0)
@@ -165,7 +165,7 @@ GEM
     ffi (1.15.5)
     fspath (3.1.2)
     gc_tracer (1.5.1)
-    globalid (1.0.0)
+    globalid (1.0.1)
       activesupport (>= 5.0)
     guess_html_encoding (0.0.11)
     hana (1.3.7)
@@ -231,7 +231,7 @@ GEM
       rack (>= 1.1.3)
     method_source (1.0.0)
     mini_mime (1.1.2)
-    mini_portile2 (2.6.1)
+    mini_portile2 (2.8.0)
     mini_racer (0.6.1)
       libv8-node (~> 16.10.0.0)
     mini_scheduler (0.13.0)
@@ -248,15 +248,19 @@ GEM
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     mustache (1.1.1)
+    net-http (0.2.2)
+      uri
     nio4r (2.5.8)
-    nokogiri (1.12.5)
-      mini_portile2 (~> 2.6.1)
+    nokogiri (1.13.4)
+      mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
-    nokogiri (1.12.5-arm64-darwin)
+    nokogiri (1.13.4-aarch64-linux)
       racc (~> 1.4)
-    nokogiri (1.12.5-x86_64-darwin)
+    nokogiri (1.13.4-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.12.5-x86_64-linux)
+    nokogiri (1.13.4-x86_64-darwin)
+      racc (~> 1.4)
+    nokogiri (1.13.4-x86_64-linux)
       racc (~> 1.4)
     oauth (0.5.8)
     oauth2 (1.4.7)
@@ -318,12 +322,12 @@ GEM
       rack (>= 1.2.0)
     rack-protection (2.1.0)
       rack
-    rack-test (1.1.0)
-      rack (>= 1.0, < 3)
+    rack-test (2.0.2)
+      rack (>= 1.3)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.4.2)
+    rails-html-sanitizer (1.4.3)
       loofah (~> 2.3)
     rails_failover (0.7.3)
       activerecord (~> 6.0)
@@ -332,11 +336,11 @@ GEM
     rails_multisite (4.0.0)
       activerecord (> 5.0, < 7)
       railties (> 5.0, < 7)
-    railties (6.1.4.1)
-      actionpack (= 6.1.4.1)
-      activesupport (= 6.1.4.1)
+    railties (6.1.7.1)
+      actionpack (= 6.1.7.1)
+      activesupport (= 6.1.7.1)
       method_source
-      rake (>= 0.13)
+      rake (>= 12.2)
       thor (~> 1.0)
     rainbow (3.1.1)
     raindrops (0.20.0)
@@ -455,7 +459,7 @@ GEM
     test-prof (1.0.7)
     thor (1.2.1)
     tilt (2.0.10)
-    tzinfo (2.0.4)
+    tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
     uglifier (4.2.0)
       execjs (>= 0.3.0, < 3)
@@ -467,6 +471,7 @@ GEM
       kgio (~> 2.6)
       raindrops (~> 0.7)
     uniform_notifier (1.14.2)
+    uri (0.11.0)
     uri_template (0.7.0)
     webmock (3.14.0)
       addressable (>= 2.8.0)
@@ -477,7 +482,7 @@ GEM
       jwt (~> 2.0)
     xorcist (1.1.2)
     yaml-lint (0.0.10)
-    zeitwerk (2.5.3)
+    zeitwerk (2.6.6)
 
 PLATFORMS
   aarch64-linux
@@ -489,14 +494,14 @@ PLATFORMS
   x86_64-linux
 
 DEPENDENCIES
-  actionmailer (= 6.1.4.1)
-  actionpack (= 6.1.4.1)
-  actionview (= 6.1.4.1)
+  actionmailer (= 6.1.7.1)
+  actionpack (= 6.1.7.1)
+  actionview (= 6.1.7.1)
   actionview_precompiler
   active_model_serializers (~> 0.8.3)
-  activemodel (= 6.1.4.1)
-  activerecord (= 6.1.4.1)
-  activesupport (= 6.1.4.1)
+  activemodel (= 6.1.7.1)
+  activerecord (= 6.1.7.1)
+  activesupport (= 6.1.7.1)
   addressable
   annotate
   aws-sdk-s3
@@ -557,6 +562,7 @@ DEPENDENCIES
   mock_redis
   multi_json
   mustache
+  net-http
   nokogiri
   oj (= 3.13.2)
   omniauth
@@ -576,7 +582,7 @@ DEPENDENCIES
   rack-protection
   rails_failover
   rails_multisite
-  railties (= 6.1.4.1)
+  railties (= 6.1.7.1)
   rake
   rb-fsevent
   rbtrace
@@ -618,4 +624,4 @@ DEPENDENCIES
   yaml-lint
 
 BUNDLED WITH
-   2.3.4
+   2.3.16

app/assets/javascripts/admin/addon/controllers/admin-web-hooks-show.js

@@ -4,8 +4,6 @@ import I18n from "I18n";
 import { alias } from "@ember/object/computed";
 import bootbox from "bootbox";
 import discourseComputed from "discourse-common/utils/decorators";
-import { extractDomainFromUrl } from "discourse/lib/utilities";
-import { isAbsoluteURL } from "discourse-common/lib/get-url";
 import { isEmpty } from "@ember/utils";
 import { popupAjaxError } from "discourse/lib/ajax-error";
 
@@ -88,44 +86,20 @@ export default Controller.extend({
   actions: {
     save() {
       this.set("saved", false);
-      const url = this.get("model.payload_url");
-      const domain = extractDomainFromUrl(url);
       const model = this.model;
       const isNew = model.get("isNew");
 
-      const saveWebHook = () => {
-        return model
-          .save()
-          .then(() => {
-            this.set("saved", true);
-            this.adminWebHooks.get("model").addObject(model);
+      return model
+        .save()
+        .then(() => {
+          this.set("saved", true);
+          this.adminWebHooks.get("model").addObject(model);
 
-            if (isNew) {
-              this.transitionToRoute("adminWebHooks.show", model.get("id"));
-            }
-          })
-          .catch(popupAjaxError);
-      };
-
-      if (
-        domain === "localhost" ||
-        domain.match(/192\.168\.\d+\.\d+/) ||
-        domain.match(/127\.\d+\.\d+\.\d+/) ||
-        isAbsoluteURL(url)
-      ) {
-        return bootbox.confirm(
-          I18n.t("admin.web_hooks.warn_local_payload_url"),
-          I18n.t("no_value"),
-          I18n.t("yes_value"),
-          (result) => {
-            if (result) {
-              return saveWebHook();
-            }
+          if (isNew) {
+            this.transitionToRoute("adminWebHooks.show", model.get("id"));
           }
-        );
-      }
-
-      return saveWebHook();
+        })
+        .catch(popupAjaxError);
     },
 
     destroy() {

app/assets/javascripts/admin/addon/controllers/modals/admin-install-theme.js

@@ -25,12 +25,14 @@ export default Controller.extend(ModalFunctionality, {
   importUrl: "/admin/themes/import",
   recordType: "theme",
   checkPrivate: match("uploadUrl", /^ssh\:\/\/.*\@.*\.git$|.*\@.*\:.*\.git$/),
+  privateKey: null,
   localFile: null,
   uploadUrl: null,
   uploadName: null,
   advancedVisible: false,
   selectedType: alias("themesController.currentTab"),
   component: equal("selectedType", COMPONENTS),
+  urlPlaceholder: "https://github.com/discourse/sample_theme",
 
   init() {
     this._super(...arguments);
@@ -79,17 +81,24 @@ export default Controller.extend(ModalFunctionality, {
     );
   },
 
-  @discourseComputed("privateChecked")
-  urlPlaceholder(privateChecked) {
-    return privateChecked
-      ? "git@github.com:discourse/sample_theme.git"
-      : "https://github.com/discourse/sample_theme";
+  @discourseComputed("name")
+  nameTooShort(name) {
+    return !name || name.length < MIN_NAME_LENGTH;
   },
 
-  @observes("privateChecked")
+  @discourseComputed("component")
+  placeholder(component) {
+    if (component) {
+      return I18n.t("admin.customize.theme.component_name");
+    } else {
+      return I18n.t("admin.customize.theme.theme_name");
+    }
+  },
+
+  @observes("checkPrivate")
   privateWasChecked() {
-    const checked = this.privateChecked;
-    if (checked && !this._keyLoading) {
+    const checked = this.checkPrivate;
+    if (checked && !this._keyLoading && !this.publicKey) {
       this._keyLoading = true;
       ajax(this.keyGenUrl, { type: "POST" })
         .then((pair) => {
@@ -105,40 +114,29 @@ export default Controller.extend(ModalFunctionality, {
     }
   },
 
-  @discourseComputed("name")
-  nameTooShort(name) {
-    return !name || name.length < MIN_NAME_LENGTH;
-  },
-
-  @discourseComputed("component")
-  placeholder(component) {
-    if (component) {
-      return I18n.t("admin.customize.theme.component_name");
-    } else {
-      return I18n.t("admin.customize.theme.theme_name");
+  @discourseComputed("selection", "themeCannotBeInstalled")
+  submitLabel(selection, themeCannotBeInstalled) {
+    if (themeCannotBeInstalled) {
+      return "admin.customize.theme.create_placeholder";
     }
-  },
 
-  @discourseComputed("selection")
-  submitLabel(selection) {
     return `admin.customize.theme.${
       selection === "create" ? "create" : "install"
     }`;
   },
 
-  @discourseComputed("privateChecked", "checkPrivate", "publicKey")
-  showPublicKey(privateChecked, checkPrivate, publicKey) {
-    return privateChecked && checkPrivate && publicKey;
+  @discourseComputed("checkPrivate", "publicKey")
+  showPublicKey(checkPrivate, publicKey) {
+    return checkPrivate && publicKey;
   },
 
   onClose() {
     this.setProperties({
       duplicateRemoteThemeWarning: null,
-      privateChecked: false,
-      privateKey: null,
       localFile: null,
       uploadUrl: null,
       publicKey: null,
+      privateKey: null,
       branch: null,
       selection: "popular",
     });
@@ -209,11 +207,9 @@ export default Controller.extend(ModalFunctionality, {
         options.data = {
           remote: this.uploadUrl,
           branch: this.branch,
+          public_key: this.publicKey,
+          private_key: this.privateKey,
         };
-
-        if (this.privateChecked) {
-          options.data.private_key = this.privateKey;
-        }
       }
 
       if (this.get("model.user_id")) {

app/assets/javascripts/admin/addon/models/email-preview.js

@@ -16,6 +16,7 @@ EmailPreview.reopenClass({
 
   sendDigest(username, lastSeenAt, email) {
     return ajax("/admin/email/send-digest.json", {
+      type: "POST",
       data: { last_seen_at: lastSeenAt || oneWeekAgo(), username, email },
     });
   },

app/assets/javascripts/admin/addon/templates/components/admin-editable-field.hbs

@@ -1,7 +1,7 @@
 <div class="field">{{i18n name}}</div>
 <div class="value">
   {{#if editing}}
-    {{text-field value=buffer autofocus="autofocus" autocomplete="discourse"}}
+    {{text-field value=buffer autofocus="autofocus" autocomplete="off"}}
   {{else}}
     <a href {{action "edit"}} class="inline-editable-field">
       <span>{{value}}</span>

app/assets/javascripts/admin/addon/templates/components/simple-list.hbs

@@ -26,9 +26,10 @@
     value=newValue
     placeholderKey="admin.site_settings.simple_list.add_item"
     class="add-value-input"
-    autocomplete="discourse"
+    autocomplete="off"
     autocorrect="off"
-    autocapitalize="off"}}
+    autocapitalize="off"
+  }}
 
   {{d-button
       action=(action "addValue")

app/assets/javascripts/admin/addon/templates/components/themes-list.hbs

@@ -20,7 +20,8 @@
       {{input
         class="filter-input"
         placeholder=(i18n "admin.customize.theme.filter_placeholder")
-        autocomplete="discourse"
+        autocomplete="off"
+        type="search"
         value=(mut filterTerm)
       }}
       {{d-icon "search"}}

app/assets/javascripts/admin/addon/templates/modal/admin-install-theme.hbs

@@ -68,26 +68,16 @@
             <div class="label">{{i18n "admin.customize.theme.remote_branch"}}</div>
             {{input value=branch placeholder="master"}}
           </div>
+        {{/if}}
 
-          <div class="check-private">
-            <label>
-              {{input type="checkbox" checked=privateChecked}}
-              {{i18n "admin.customize.theme.is_private"}}
-            </label>
-          </div>
-          {{#if showPublicKey}}
-            <div class="public-key">
-              <div class="label">{{i18n "admin.customize.theme.public_key"}}</div>
-              <div class="public-key-text-wrapper">
-                {{textarea class="public-key-value" readonly=true value=publicKey}}
-                {{copy-button selector="textarea.public-key-value"}}
-              </div>
+        {{#if this.showPublicKey}}
+          <div class="public-key">
+            <div class="label">{{i18n "admin.customize.theme.public_key"}}</div>
+            <div class="public-key-text-wrapper">
+              <Textarea class="public-key-value" readonly={{true}} @value={{this.publicKey}} />
+              <CopyButton @selector="textarea.public-key-value" />
             </div>
-          {{else}}
-            {{#if privateChecked}}
-              <div class="public-key-note">{{i18n "admin.customize.theme.public_key_note"}}</div>
-            {{/if}}
-          {{/if}}
+          </div>
         {{/if}}
       </div>
     {{/if}}

app/assets/javascripts/discourse-common/addon/utils/decorators.js

@@ -20,7 +20,7 @@ export function afterRender(target, name, descriptor) {
   const originalFunction = descriptor.value;
   descriptor.value = function () {
     schedule("afterRender", () => {
-      if (this.element && !this.isDestroying && !this.isDestroyed) {
+      if (!this.isDestroying && !this.isDestroyed) {
         return originalFunction.apply(this, arguments);
       }
     });

app/assets/javascripts/discourse/app/components/composer-editor.js

@@ -100,6 +100,7 @@ export function cleanUpComposerUploadMarkdownResolver() {
 export default Component.extend(ComposerUploadUppy, {
   classNameBindings: ["showToolbar:toolbar-visible", ":wmd-controls"],
 
+  editorClass: ".d-editor",
   fileUploadElementId: "file-uploader",
   mobileFileUploaderId: "mobile-file-upload",
   eventPrefix: "composer",
@@ -199,7 +200,10 @@ export default Component.extend(ComposerUploadUppy, {
 
   @discourseComputed()
   acceptsAllFormats() {
-    return authorizesAllExtensions(this.currentUser.staff, this.siteSettings);
+    return (
+      this.capabilities.isIOS ||
+      authorizesAllExtensions(this.currentUser.staff, this.siteSettings)
+    );
   },
 
   @discourseComputed()

app/assets/javascripts/discourse/app/components/d-editor.js

@@ -477,7 +477,7 @@ export default Component.extend(TextareaTextManipulation, {
       key: "#",
       afterComplete: (value) => {
         this.set("value", value);
-        return this._focusTextArea();
+        schedule("afterRender", this, this._focusTextArea);
       },
       transformComplete: (obj) => {
         return obj.text;
@@ -504,7 +504,7 @@ export default Component.extend(TextareaTextManipulation, {
       key: ":",
       afterComplete: (text) => {
         this.set("value", text);
-        this._focusTextArea();
+        schedule("afterRender", this, this._focusTextArea);
       },
 
       onKeyUp: (text, cp) => {

app/assets/javascripts/discourse/app/components/scrolling-post-stream.js

@@ -58,24 +58,6 @@ export default MountWidget.extend({
     );
   },
 
-  beforePatch() {
-    this.prevHeight = document.body.clientHeight;
-    this.prevScrollTop = document.body.scrollTop;
-  },
-
-  afterPatch() {
-    const height = document.body.clientHeight;
-
-    // This hack is for when swapping out many cloaked views at once
-    // when using keyboard navigation. It could suddenly move the scroll
-    if (
-      this.prevHeight === height &&
-      document.body.scrollTop !== this.prevScrollTop
-    ) {
-      document.body.scroll({ left: 0, top: this.prevScrollTop });
-    }
-  },
-
   scrolled() {
     if (this.isDestroyed || this.isDestroying) {
       return;
@@ -103,7 +85,7 @@ export default MountWidget.extend({
     const slack = Math.round(windowHeight * 5);
     const onscreen = [];
     const nearby = [];
-    const windowTop = document.documentElement.scrollTop;
+    const windowTop = document.scrollingElement.scrollTop;
     const postsWrapperTop = domUtils.offset(
       document.querySelector(".posts-wrapper")
     ).top;
@@ -202,9 +184,7 @@ export default MountWidget.extend({
         const elem = postsNodes.item(onscreen[0]);
         const elemId = elem.id;
         const elemPos = domUtils.position(elem);
-        const distToElement = elemPos
-          ? document.body.scrollTop - elemPos.top
-          : 0;
+        const distToElement = elemPos?.top || 0;
 
         const topRefresh = () => {
           refresh(() => {
@@ -213,7 +193,7 @@ export default MountWidget.extend({
             // Quickly going back might mean the element is destroyed
             const position = domUtils.position(refreshedElem);
             if (position && position.top) {
-              let whereY = position.top + distToElement;
+              let whereY = position.top - distToElement;
               document.documentElement.scroll({ top: whereY, left: 0 });
 
               // This seems weird, but somewhat infrequently a rerender

app/assets/javascripts/discourse/app/components/search-text-field.js

@@ -4,7 +4,7 @@ import TextField from "discourse/components/text-field";
 import { applySearchAutocomplete } from "discourse/lib/search";
 
 export default TextField.extend({
-  autocomplete: "discourse-search",
+  autocomplete: "off",
 
   @discourseComputed("searchService.searchContextEnabled")
   placeholder(searchContextEnabled) {

app/assets/javascripts/discourse/app/components/site-header.js

@@ -441,6 +441,5 @@ export default SiteHeaderComponent.extend({
 
 export function headerTop() {
   const header = document.querySelector("header.d-header");
-  const headerOffsetTop = header.offsetTop ? header.offsetTop : 0;
-  return headerOffsetTop - document.body.scrollTop;
+  return header.offsetTop ? header.offsetTop : 0;
 }

app/assets/javascripts/discourse/app/controllers/invites-show.js

@@ -1,4 +1,4 @@
-import { alias, notEmpty, or, readOnly } from "@ember/object/computed";
+import { alias, bool, not, readOnly } from "@ember/object/computed";
 import Controller, { inject as controller } from "@ember/controller";
 import DiscourseURL from "discourse/lib/url";
 import EmberObject from "@ember/object";
@@ -29,24 +29,23 @@ export default Controller.extend(
     invitedBy: readOnly("model.invited_by"),
     email: alias("model.email"),
     accountEmail: alias("email"),
+    existingUserId: readOnly("model.existing_user_id"),
+    existingUserCanRedeem: readOnly("model.existing_user_can_redeem"),
+    existingUserCanRedeemError: readOnly(
+      "model.existing_user_can_redeem_error"
+    ),
+    existingUserRedeeming: bool("existingUserId"),
     hiddenEmail: alias("model.hidden_email"),
     emailVerifiedByLink: alias("model.email_verified_by_link"),
     differentExternalEmail: alias("model.different_external_email"),
     accountUsername: alias("model.username"),
-    passwordRequired: notEmpty("accountPassword"),
+    passwordRequired: not("externalAuthsOnly"),
     successMessage: null,
     errorMessage: null,
     userFields: null,
     authOptions: null,
     inviteImageUrl: getUrl("/images/envelope.svg"),
     isInviteLink: readOnly("model.is_invite_link"),
-    submitDisabled: or(
-      "emailValidation.failed",
-      "usernameValidation.failed",
-      "passwordValidation.failed",
-      "nameValidation.failed",
-      "userFieldsValidation.failed"
-    ),
     rejectedEmails: null,
 
     init() {
@@ -81,6 +80,15 @@ export default Controller.extend(
       });
     },
 
+    @discourseComputed("existingUserId")
+    subheaderMessage(existingUserId) {
+      if (existingUserId) {
+        return I18n.t("invites.existing_user_can_redeem");
+      } else {
+        return I18n.t("create_account.subheader_title");
+      }
+    },
+
     @discourseComputed("email")
     yourEmailMessage(email) {
       return I18n.t("invites.your_email", { email });
@@ -100,21 +108,69 @@ export default Controller.extend(
       );
     },
 
-    @discourseComputed("externalAuthsOnly", "discourseConnectEnabled")
-    showSocialLoginAvailable(externalAuthsOnly, discourseConnectEnabled) {
-      return !externalAuthsOnly && !discourseConnectEnabled;
+    @discourseComputed(
+      "emailValidation.failed",
+      "usernameValidation.failed",
+      "passwordValidation.failed",
+      "nameValidation.failed",
+      "userFieldsValidation.failed",
+      "existingUserRedeeming",
+      "existingUserCanRedeem"
+    )
+    submitDisabled(
+      emailValidationFailed,
+      usernameValidationFailed,
+      passwordValidationFailed,
+      nameValidationFailed,
+      userFieldsValidationFailed,
+      existingUserRedeeming,
+      existingUserCanRedeem
+    ) {
+      if (existingUserRedeeming) {
+        return !existingUserCanRedeem;
+      }
+
+      return (
+        emailValidationFailed ||
+        usernameValidationFailed ||
+        passwordValidationFailed ||
+        nameValidationFailed ||
+        userFieldsValidationFailed
+      );
+    },
+
+    @discourseComputed(
+      "externalAuthsEnabled",
+      "externalAuthsOnly",
+      "discourseConnectEnabled"
+    )
+    showSocialLoginAvailable(
+      externalAuthsEnabled,
+      externalAuthsOnly,
+      discourseConnectEnabled
+    ) {
+      return (
+        externalAuthsEnabled && !externalAuthsOnly && !discourseConnectEnabled
+      );
     },
 
     @discourseComputed(
       "externalAuthsOnly",
       "authOptions",
-      "emailValidation.failed"
+      "emailValidation.failed",
+      "existingUserRedeeming"
     )
-    shouldDisplayForm(externalAuthsOnly, authOptions, emailValidationFailed) {
+    shouldDisplayForm(
+      externalAuthsOnly,
+      authOptions,
+      emailValidationFailed,
+      existingUserRedeeming
+    ) {
       return (
         (this.siteSettings.enable_local_logins ||
           (externalAuthsOnly && authOptions && !emailValidationFailed)) &&
-        !this.siteSettings.enable_discourse_connect
+        !this.siteSettings.enable_discourse_connect &&
+        !existingUserRedeeming
       );
     },
 

app/assets/javascripts/discourse/app/controllers/share-topic.js

@@ -1,7 +1,9 @@
 import Controller from "@ember/controller";
 import { action } from "@ember/object";
 import { getAbsoluteURL } from "discourse-common/lib/get-url";
-import discourseComputed from "discourse-common/utils/decorators";
+import discourseComputed, {
+  afterRender,
+} from "discourse-common/utils/decorators";
 import { ajax } from "discourse/lib/ajax";
 import { extractError } from "discourse/lib/ajax-error";
 import Sharing from "discourse/lib/sharing";
@@ -16,14 +18,30 @@ export default Controller.extend(
   bufferedProperty("invite"),
   {
     topic: null,
-    restrictedGroups: null,
 
     onShow() {
       this.set("showNotifyUsers", false);
 
-      if (this.model && this.model.read_restricted) {
-        this.restrictedGroupWarning();
+      this._showRestrictedGroupWarning();
+    },
+
+    @afterRender
+    _showRestrictedGroupWarning() {
+      if (!this.model) {
+        return;
       }
+
+      Category.fetchVisibleGroups(this.model.id).then((result) => {
+        if (result.groups.length > 0) {
+          this.flash(
+            I18n.t("topic.share.restricted_groups", {
+              count: result.groups.length,
+              groupNames: result.groups.join(", "),
+            }),
+            "warning"
+          );
+        }
+      });
     },
 
     @discourseComputed("topic.shareUrl")
@@ -111,24 +129,5 @@ export default Controller.extend(
         topicTitle: this.topic.title,
       });
     },
-
-    restrictedGroupWarning() {
-      this.appEvents.on("modal:body-shown", () => {
-        let restrictedGroups;
-        Category.reloadBySlugPath(this.model.slug).then((result) => {
-          restrictedGroups = result.category.group_permissions.map(
-            (g) => g.group_name
-          );
-
-          if (restrictedGroups) {
-            const message = I18n.t("topic.share.restricted_groups", {
-              count: restrictedGroups.length,
-              groupNames: restrictedGroups.join(", "),
-            });
-            this.flash(message, "warning");
-          }
-        });
-      });
-    },
   }
 );

app/assets/javascripts/discourse/app/lib/render-tag.js

@@ -2,6 +2,7 @@ import User from "discourse/models/user";
 import { escapeExpression } from "discourse/lib/utilities";
 import getURL from "discourse-common/lib/get-url";
 import { helperContext } from "discourse-common/lib/helpers";
+import { escape } from "pretty-text/sanitizer";
 
 let _renderer = defaultRenderTag;
 
@@ -44,7 +45,7 @@ export function defaultRenderTag(tag, params) {
     href +
     " data-tag-name=" +
     tag +
-    (params.description ? ' title="' + params.description + '" ' : "") +
+    (params.description ? ' title="' + escape(params.description) + '" ' : "") +
     " class='" +
     classes.join(" ") +
     "'>" +

app/assets/javascripts/discourse/app/lib/text.js

@@ -150,7 +150,6 @@ export function excerpt(cooked, length) {
         resultLength += element.textContent.length;
       }
     } else if (element.tagName === "A") {
-      element.innerHTML = element.innerText;
       result += element.outerHTML;
       resultLength += element.innerText.length;
     } else if (element.tagName === "IMG") {

app/assets/javascripts/discourse/app/mixins/composer-upload-uppy.js

@@ -64,7 +64,7 @@ export default Mixin.create(ExtendableUploader, UppyS3Multipart, {
       this.fileInputEventListener
     );
 
-    this.element.removeEventListener("paste", this.pasteEventListener);
+    this.editorEl?.removeEventListener("paste", this.pasteEventListener);
 
     this.appEvents.off(`${this.eventPrefix}:add-files`, this._addFiles);
     this.appEvents.off(
@@ -92,6 +92,7 @@ export default Mixin.create(ExtendableUploader, UppyS3Multipart, {
     this.set("inProgressUploads", []);
     this.placeholders = {};
     this._preProcessorStatus = {};
+    this.editorEl = this.element.querySelector(this.editorClass);
     this.fileInputEl = document.getElementById(this.fileUploadElementId);
     const isPrivateMessage = this.get("composerModel.privateMessage");
 
@@ -106,7 +107,7 @@ export default Mixin.create(ExtendableUploader, UppyS3Multipart, {
       this.fileInputEl,
       this._addFiles
     );
-    this.element.addEventListener("paste", this.pasteEventListener);
+    this.editorEl?.addEventListener("paste", this.pasteEventListener);
 
     this._uppyInstance = new Uppy({
       id: this.uppyId,
@@ -520,12 +521,12 @@ export default Mixin.create(ExtendableUploader, UppyS3Multipart, {
       return;
     }
 
-    const { canUpload } = clipboardHelpers(event, {
+    const { canUpload, canPasteHtml, types } = clipboardHelpers(event, {
       siteSettings: this.siteSettings,
       canUpload: true,
     });
 
-    if (!canUpload) {
+    if (!canUpload || canPasteHtml || types.includes("text/plain")) {
       return;
     }
 

app/assets/javascripts/discourse/app/mixins/textarea-text-manipulation.js

@@ -25,18 +25,16 @@ export default Mixin.create({
 
   // ensures textarea scroll position is correct
   _focusTextArea() {
-    schedule("afterRender", () => {
-      if (!this.element || this.isDestroying || this.isDestroyed) {
-        return;
-      }
+    if (!this.element || this.isDestroying || this.isDestroyed) {
+      return;
+    }
 
-      if (!this._textarea) {
-        return;
-      }
+    if (!this._textarea) {
+      return;
+    }
 
-      this._textarea.blur();
-      this._textarea.focus();
-    });
+    this._textarea.blur();
+    this._textarea.focus();
   },
 
   _insertBlock(text) {
@@ -171,7 +169,7 @@ export default Mixin.create({
     this._$textarea.prop("selectionStart", (pre + text).length + 2);
     this._$textarea.prop("selectionEnd", (pre + text).length + 2);
 
-    this._focusTextArea();
+    schedule("afterRender", this, this._focusTextArea);
   },
 
   _addText(sel, text, options) {

app/assets/javascripts/discourse/app/models/category.js

@@ -519,6 +519,10 @@ Category.reopenClass({
     return category;
   },
 
+  fetchVisibleGroups(id) {
+    return ajax(`/c/${id}/visible_groups.json`);
+  },
+
   reloadById(id) {
     return ajax(`/c/${id}/show.json`);
   },

app/assets/javascripts/discourse/app/routes/user-activity-pending.js

@@ -1,4 +1,6 @@
 import DiscourseRoute from "discourse/routes/discourse";
+import { emojiUnescape } from "discourse/lib/text";
+import { escapeExpression } from "discourse/lib/utilities";
 
 export default DiscourseRoute.extend({
   beforeModel() {
@@ -6,9 +8,19 @@ export default DiscourseRoute.extend({
   },
 
   model() {
-    return this.store.findAll("pending-post", {
-      username: this.username,
-    });
+    return this.store
+      .findAll("pending-post", {
+        username: this.username,
+      })
+      .then((pendingPosts) => {
+        for (let pendingPost of pendingPosts.content) {
+          pendingPost.title = emojiUnescape(
+            escapeExpression(pendingPost.title)
+          );
+        }
+
+        return pendingPosts;
+      });
   },
 
   activate() {

app/assets/javascripts/discourse/app/templates/components/composer-title.hbs

@@ -5,7 +5,7 @@
   placeholderKey=composer.titlePlaceholder
   aria-label=(I18n composer.titlePlaceholder)
   disabled=disabled
-  autocomplete="discourse"
+  autocomplete="off"
 }}
 
 {{popup-input-tip validation=validation}}

app/assets/javascripts/discourse/app/templates/components/d-editor.hbs

@@ -43,7 +43,7 @@
 
       {{conditional-loading-spinner condition=loading}}
       {{d-textarea
-        autocomplete="discourse"
+        autocomplete="off"
         tabindex=tabindex
         value=value
         class="d-editor-input"

app/assets/javascripts/discourse/app/templates/components/emoji-picker.hbs

@@ -24,7 +24,8 @@
           class="filter"
           name="filter"
           placeholder=(i18n "emoji_picker.filter_placeholder")
-          autocomplete="discourse"
+          autocomplete="off"
+          type="search"
           autocorrect="off"
           autocapitalize="off"
           input=(action "onFilter")

app/assets/javascripts/discourse/app/templates/group-index.hbs

@@ -4,7 +4,7 @@
       {{text-field
         value=filterInput
         placeholderKey=filterPlaceholder
-        autocomplete="discourse"
+        autocomplete="off"
         class="group-username-filter no-blur"
       }}
     {{/if}}

app/assets/javascripts/discourse/app/templates/invites/show.hbs

@@ -4,7 +4,7 @@
       <h1 class="login-title">{{welcomeTitle}}</h1>
       <img src={{wavingHandURL}} alt="" class="waving-hand">
       {{#unless successMessage}}
-        <p class="login-subheader">{{i18n "create_account.subheader_title"}}</p>
+        <p class="login-subheader">{{loginSubheader}}</p>
       {{/unless}}
     </div>
 
@@ -70,7 +70,7 @@
                 {{/if}}
 
                 <div class="input username-input input-group">
-                  {{input value=accountUsername class=(value-entered accountUsername) id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="discourse"}}
+                  {{input value=accountUsername class=(value-entered accountUsername) id="new-account-username" name="username" maxlength=maxUsernameLength autocomplete="off"}}
                   <label class="alt-placeholder" for="new-account-username">
                     {{i18n "user.username.title"}}
                     <span class="required">*</span>
@@ -132,6 +132,13 @@
                 {{/if}}
               </form>
             {{/if}}
+            {{#if this.existingUserRedeeming}}
+              {{#if this.existingUserCanRedeem}}
+                <DButton @class="btn-primary" @action={{action "submit"}} @type="submit" @disabled={{this.submitDisabled}} @label="invites.accept_invite" />
+              {{else}}
+                <div class="alert alert-error">{{this.existingUserCanRedeemError}}</div>
+              {{/if}}
+            {{/if}}
           {{/if}}
         </div>
       </div>

app/assets/javascripts/discourse/app/templates/mobile/group-index.hbs

@@ -2,7 +2,7 @@
   {{text-field
     value=filterInput
     placeholderKey=filterPlaceholder
-    autocomplete="discourse"
+    autocomplete="off"
     class="group-username-filter no-blur"
   }}
 

app/assets/javascripts/discourse/app/templates/modal/create-account.hbs

@@ -49,7 +49,7 @@
                   maxlength=maxUsernameLength
                   aria-describedby="username-validation"
                   aria-invalid=usernameValidation.failed
-                  autocomplete="discourse"
+                  autocomplete="off"
                 }}
                 <label class="alt-placeholder" for="new-account-username">
                   {{i18n "user.username.title"}}

app/assets/javascripts/discourse/app/templates/user/bookmarks.hbs

@@ -12,7 +12,9 @@
         value=searchTerm
         placeholder=(i18n "bookmarks.search_placeholder")
         enter=(action "search")
-        id="bookmark-search" autocomplete="discourse"}}
+        id="bookmark-search"
+        autocomplete="off"
+      }}
       {{d-button
         class="btn-primary"
         action=(action "search")

app/assets/javascripts/discourse/ember-cli-build.js

@@ -104,7 +104,6 @@ module.exports = function (defaults) {
   // For example: our very specific version of bootstrap-modal.
   app.import(vendorJs + "bootbox.js");
   app.import(vendorJs + "bootstrap-modal.js");
-  app.import(vendorJs + "jquery.ui.widget.js");
   app.import(vendorJs + "caret_position.js");
   app.import("node_modules/ember-source/dist/ember-template-compiler.js", {
     type: "test",

app/assets/javascripts/discourse/tests/acceptance/admin-install-theme-modal-test.js

@@ -8,7 +8,6 @@ acceptance("Admin - Themes - Install modal", function (needs) {
   test("closing the modal resets the modal inputs", async function (assert) {
     const urlInput = ".install-theme-content .repo input";
     const branchInput = ".install-theme-content .branch input";
-    const privateRepoCheckbox = ".install-theme-content .check-private input";
     const publicKey = ".install-theme-content .public-key textarea";
 
     const themeUrl = "git@github.com:discourse/discourse.git";
@@ -19,17 +18,12 @@ acceptance("Admin - Themes - Install modal", function (needs) {
     await fillIn(urlInput, themeUrl);
     await click(".install-theme-content .inputs .advanced-repo");
     await fillIn(branchInput, "tests-passed");
-    await click(privateRepoCheckbox);
     assert.strictEqual(query(urlInput).value, themeUrl, "url input is filled");
     assert.strictEqual(
       query(branchInput).value,
       "tests-passed",
       "branch input is filled"
     );
-    assert.ok(
-      query(privateRepoCheckbox).checked,
-      "private repo checkbox is checked"
-    );
     assert.ok(query(publicKey), "shows public key");
 
     await click(".modal-footer .d-modal-cancel");
@@ -38,16 +32,11 @@ acceptance("Admin - Themes - Install modal", function (needs) {
     await click("#remote");
     assert.strictEqual(query(urlInput).value, "", "url input is reset");
     assert.strictEqual(query(branchInput).value, "", "branch input is reset");
-    assert.ok(
-      !query(privateRepoCheckbox).checked,
-      "private repo checkbox unchecked"
-    );
     assert.notOk(query(publicKey), "hide public key");
   });
 
   test("show public key for valid ssh theme urls", async function (assert) {
     const urlInput = ".install-theme-content .repo input";
-    const privateRepoCheckbox = ".install-theme-content .check-private input";
     const publicKey = ".install-theme-content .public-key textarea";
 
     // Supports backlog repo ssh url format
@@ -59,12 +48,7 @@ acceptance("Admin - Themes - Install modal", function (needs) {
     await click("#remote");
     await fillIn(urlInput, themeUrl);
     await click(".install-theme-content .inputs .advanced-repo");
-    await click(privateRepoCheckbox);
     assert.strictEqual(query(urlInput).value, themeUrl, "url input is filled");
-    assert.ok(
-      query(privateRepoCheckbox).checked,
-      "private repo checkbox is checked"
-    );
     assert.ok(query(publicKey), "shows public key");
 
     // Supports AWS CodeCommit style repo URLs

app/assets/javascripts/discourse/tests/acceptance/composer-uploads-uppy-test.js

@@ -2,12 +2,13 @@ import {
   acceptance,
   createFile,
   loggedInUser,
+  paste,
   query,
 } from "discourse/tests/helpers/qunit-helpers";
 import { withPluginApi } from "discourse/lib/plugin-api";
 import bootbox from "bootbox";
 import { authorizedExtensions } from "discourse/lib/uploads";
-import { click, fillIn, visit } from "@ember/test-helpers";
+import { click, fillIn, settled, visit } from "@ember/test-helpers";
 import I18n from "I18n";
 import { skip, test } from "qunit";
 
@@ -52,6 +53,7 @@ acceptance("Uppy Composer Attachment - Upload Placeholder", function (needs) {
   needs.pretender(pretender);
   needs.settings({
     simultaneous_uploads: 2,
+    enable_rich_text_paste: true,
   });
 
   test("should insert the Uploading placeholder then the complete image placeholder", async function (assert) {
@@ -313,6 +315,64 @@ acceptance("Uppy Composer Attachment - Upload Placeholder", function (needs) {
     const image = createFile("avatar.png");
     appEvents.trigger("composer:add-files", image);
   });
+
+  skip("should place cursor properly after inserting a placeholder", async function (assert) {
+    const appEvents = loggedInUser().appEvents;
+    const done = assert.async();
+
+    await visit("/");
+    await click("#create-topic");
+    await fillIn(".d-editor-input", "The image:\ntext after image");
+    const input = query(".d-editor-input");
+    input.selectionStart = 10;
+    input.selectionEnd = 10;
+
+    appEvents.on("composer:all-uploads-complete", () => {
+      // after uploading we have this in the textarea:
+      // "The image:\n![avatar.PNG|690x320](upload://yoj8pf9DdIeHRRULyw7i57GAYdz.jpeg)\ntext after image"
+      // cursor should be just before "text after image":
+      assert.equal(input.selectionStart, 76);
+      assert.equal(input.selectionEnd, 76);
+      done();
+    });
+
+    const image = createFile("avatar.png");
+    appEvents.trigger("composer:add-files", image);
+  });
+
+  test("should be able to paste a table with files and not upload the files", async function (assert) {
+    await visit("/");
+    await click("#create-topic");
+    const appEvents = loggedInUser().appEvents;
+    const done = assert.async();
+
+    let uppyEventFired = false;
+
+    appEvents.on("composer:upload-started", () => {
+      uppyEventFired = true;
+    });
+
+    let element = query(".d-editor");
+    let inputElement = query(".d-editor-input");
+    inputElement.focus();
+    await paste(element, "\ta\tb\n1\t2\t3", {
+      types: ["text/plain", "Files"],
+      files: [createFile("avatar.png")],
+    });
+    await settled();
+
+    assert.strictEqual(
+      inputElement.value,
+      "||a|b|\n|---|---|---|\n|1|2|3|\n",
+      "only the plain text table is pasted"
+    );
+    assert.strictEqual(
+      uppyEventFired,
+      false,
+      "uppy does not start uploading the file"
+    );
+    done();
+  });
 });
 
 acceptance("Uppy Composer Attachment - Upload Error", function (needs) {

app/assets/javascripts/discourse/tests/acceptance/invite-accept-test.js

@@ -119,7 +119,13 @@ acceptance("Invite accept", function (needs) {
     );
 
     await fillIn("#new-account-email", "john.doe@example.com");
-    assert.not(
+    assert.ok(
+      exists(".invites-show .btn-primary:disabled"),
+      "submit is disabled because password is not filled"
+    );
+
+    await fillIn("#new-account-password", "top$ecret");
+    assert.notOk(
       exists(".invites-show .btn-primary:disabled"),
       "submit is enabled"
     );

app/assets/javascripts/discourse/tests/acceptance/share-topic-test.js

@@ -1,8 +1,11 @@
+import CategoryFixtures from "discourse/tests/fixtures/category-fixtures";
+import I18n from "I18n";
 import { click, visit } from "@ember/test-helpers";
 import {
   acceptance,
   count,
   exists,
+  query,
   queryAll,
 } from "discourse/tests/helpers/qunit-helpers";
 import selectKit from "discourse/tests/helpers/select-kit-helper";
@@ -11,6 +14,20 @@ import { test } from "qunit";
 acceptance("Share and Invite modal", function (needs) {
   needs.user();
 
+  needs.pretender((server, helper) => {
+    server.get(`/c/2481/visible_groups.json`, () =>
+      helper.response(200, {
+        groups: ["group_name_1", "group_name_2"],
+      })
+    );
+
+    server.get(`/c/2/visible_groups.json`, () =>
+      helper.response(200, {
+        groups: [],
+      })
+    );
+  });
+
   test("Topic footer button", async function (assert) {
     await visit("/t/internationalization-localization/280");
 
@@ -23,6 +40,11 @@ acceptance("Share and Invite modal", function (needs) {
 
     assert.ok(exists(".share-topic-modal"), "it shows the modal");
 
+    assert.notOk(
+      exists("#modal-alert.alert-warning"),
+      "it does not show the alert with restricted groups"
+    );
+
     assert.ok(
       queryAll("input.invite-link")
         .val()
@@ -64,6 +86,14 @@ acceptance("Share and Invite modal", function (needs) {
       exists("#modal-alert.alert-warning"),
       "it shows restricted warning"
     );
+    assert.strictEqual(
+      query("#modal-alert.alert-warning").innerText,
+      I18n.t("topic.share.restricted_groups", {
+        count: 2,
+        groupNames: "group_name_1, group_name_2",
+      }),
+      "it shows correct restricted group name"
+    );
   });
 });
 
@@ -90,6 +120,13 @@ acceptance("Share and Invite modal - mobile", function (needs) {
 acceptance("Share url with badges disabled - desktop", function (needs) {
   needs.user();
   needs.settings({ enable_badges: false });
+
+  needs.pretender((server, helper) => {
+    server.get("/c/feature/find_by_slug.json", () =>
+      helper.response(200, CategoryFixtures["/c/1/show.json"])
+    );
+  });
+
   test("topic footer button - badges disabled - desktop", async function (assert) {
     await visit("/t/internationalization-localization/280");
     await click("#topic-footer-button-share-and-invite");

app/assets/javascripts/discourse/tests/acceptance/topic-test.js

@@ -20,10 +20,20 @@ import { skip, test } from "qunit";
 import { withPluginApi } from "discourse/lib/plugin-api";
 import topicFixtures from "discourse/tests/fixtures/topic";
 import { cloneJSON } from "discourse-common/lib/object";
+import CategoryFixtures from "discourse/tests/fixtures/category-fixtures";
 
 acceptance("Topic", function (needs) {
   needs.user();
   needs.pretender((server, helper) => {
+    server.get("/c/2/visible_groups.json", () =>
+      helper.response(200, {
+        groups: [],
+      })
+    );
+
+    server.get("/c/feature/find_by_slug.json", () => {
+      return helper.response(200, CategoryFixtures["/c/1/show.json"]);
+    });
     server.put("/posts/398/wiki", () => {
       return helper.response({});
     });

app/assets/javascripts/discourse/tests/helpers/create-pretender.js

@@ -1117,6 +1117,8 @@ export function applyDefaultHandlers(pretender) {
       ],
     });
   });
+
+  pretender.get("/c/:id/visible_groups.json", () => response({ groups: [] }));
 }
 
 export function resetPretender() {

app/assets/javascripts/discourse/tests/helpers/qunit-helpers.js

@@ -1,4 +1,5 @@
 import QUnit, { module, skip, test } from "qunit";
+import { deepMerge } from "discourse-common/lib/object";
 import MessageBus from "message-bus-client";
 import {
   clearCache as clearOutletCache,
@@ -561,3 +562,11 @@ export function createFile(name, type = "image/png", blobData = null) {
   });
   return file;
 }
+
+export async function paste(element, text, otherClipboardData = {}) {
+  let e = new Event("paste", { cancelable: true });
+  e.clipboardData = deepMerge({ getData: () => text }, otherClipboardData);
+  element.dispatchEvent(e);
+  await settled();
+  return e;
+}

app/assets/javascripts/discourse/tests/integration/components/d-editor-test.js

@@ -5,6 +5,7 @@ import componentTest, {
 import {
   discourseModule,
   exists,
+  paste,
   query,
   queryAll,
 } from "discourse/tests/helpers/qunit-helpers";
@@ -822,14 +823,6 @@ third line`
     }
   );
 
-  async function paste(element, text) {
-    let e = new Event("paste", { cancelable: true });
-    e.clipboardData = { getData: () => text };
-    element.dispatchEvent(e);
-    await settled();
-    return e;
-  }
-
   componentTest("paste table", {
     template: hbs`{{d-editor value=value composerEvents=true}}`,
     beforeEach() {

app/assets/javascripts/discourse/tests/unit/lib/text-test.js

@@ -0,0 +1,27 @@
+import { module, test } from "qunit";
+import { cookAsync, excerpt } from "discourse/lib/text";
+
+module("Unit | Utility | text", function () {
+  test("excerpt", async function (assert) {
+    let cooked = await cookAsync("Hello! :wave:");
+    assert.strictEqual(
+      await excerpt(cooked, 300),
+      'Hello! <img src="/images/emoji/google_classic/wave.png?v=12" title=":wave:" class="emoji" alt=":wave:" loading="lazy" width="20" height="20">'
+    );
+
+    cooked = await cookAsync("[:wave:](https://example.com)");
+    assert.strictEqual(
+      await excerpt(cooked, 300),
+      '<a href="https://example.com"><img src="/images/emoji/google_classic/wave.png?v=12" title=":wave:" class="emoji only-emoji" alt=":wave:" loading="lazy" width="20" height="20"></a>'
+    );
+
+    cooked = await cookAsync('<script>alert("hi")</script>');
+    assert.strictEqual(await excerpt(cooked, 300), "");
+
+    cooked = await cookAsync("[`<script>alert('hi')</script>`]()");
+    assert.strictEqual(
+      await excerpt(cooked, 300),
+      "<a><code>&lt;script&gt;alert('hi')&lt;/script&gt;</code></a>"
+    );
+  });
+});

app/assets/javascripts/select-kit/addon/templates/components/select-kit/select-kit-filter.hbs

@@ -4,7 +4,7 @@
     tabindex=0
     class="filter-input"
     placeholder=placeholder
-    autocomplete="discourse"
+    autocomplete="off"
     autocorrect="off"
     autocapitalize="off"
     name="filter-input-search"
@@ -14,6 +14,7 @@
     paste=(action "onPaste")
     keyDown=(action "onKeydown")
     keyUp=(action "onKeyup")
+    type="search"
   }}
 
   {{#if selectKit.options.filterIcon}}

app/assets/javascripts/select-kit/addon/templates/components/selected-choice.hbs

@@ -4,7 +4,7 @@
     {{yield}}
   {{else}}
     <span class="d-button-label">
-      {{html-safe itemName}}
+      {{itemName}}
     </span>
   {{/if}}
 </button>

app/assets/javascripts/vendor-common.js

@@ -3,13 +3,11 @@
 //= require template_include.js
 
 //= require message-bus
-//= require jquery.ui.widget.js
 //= require Markdown.Converter.js
 //= require bootbox.js
 //= require popper.js
 //= require bootstrap-modal.js
 //= require caret_position
-//= require jquery.sortable.js
 //= require lodash.js
 //= require itsatrap.js
 //= require rsvp.js

app/assets/javascripts/wizard-vendor.js

@@ -1,6 +1,5 @@
 //= require ember_jquery
 //= require template_include.js
-//= require jquery.ui.widget.js
 //= require uppy.js
 //= require bootstrap-modal.js
 //= require bootbox.js

app/assets/javascripts/wizard/test/test_helper.js

@@ -49,6 +49,13 @@ let createPretendServer = requirejs(
 ).default;
 
 let server;
+
+const queryParams = new URLSearchParams(window.location.search);
+
+if (queryParams.get("qunit_disable_auto_start") === "1") {
+  QUnit.config.autostart = false;
+}
+
 QUnit.testStart(function () {
   server = createPretendServer();
 });

app/assets/stylesheets/common/base/discourse.scss

@@ -230,6 +230,14 @@ input {
   }
 }
 
+input[type="search"] {
+  &::-webkit-search-cancel-button,
+  &::-webkit-search-decoration {
+    -webkit-appearance: none;
+    appearance: none;
+  }
+}
+
 // Fixes Safari height inconsistency
 ::-webkit-datetime-edit {
   display: inline;

app/controllers/admin/themes_controller.rb

@@ -5,6 +5,7 @@ require 'base64'
 class Admin::ThemesController < Admin::AdminController
 
   skip_before_action :check_xhr, only: [:show, :preview, :export]
+  before_action :ensure_admin
 
   def preview
     theme = Theme.find_by(id: params[:id])
@@ -101,8 +102,11 @@ class Admin::ThemesController < Admin::AdminController
 
       begin
         branch = params[:branch] ? params[:branch] : nil
-        @theme = RemoteTheme.import_theme(remote, theme_user, private_key: params[:private_key], branch: branch)
-        render json: @theme, status: :created
+
+        hijack do
+          @theme = RemoteTheme.import_theme(remote, theme_user, private_key: params[:private_key], branch: branch)
+          render json: @theme, status: :created
+        end
       rescue RemoteTheme::ImportError => e
         render_json_error e.message
       end

app/controllers/admin/web_hooks_controller.rb

@@ -84,22 +84,12 @@ class Admin::WebHooksController < Admin::AdminController
   end
 
   def redeliver_event
-    web_hook_event = WebHookEvent.find(params[:event_id])
+    web_hook_event = WebHookEvent.find_by(id: params[:event_id])
 
     if web_hook_event
       web_hook = web_hook_event.web_hook
-      conn = Excon.new(URI(web_hook.payload_url).to_s,
-                       ssl_verify_peer: web_hook.verify_certificate,
-                       retry_limit: 0)
-
-      now = Time.zone.now
-      response = conn.post(headers: MultiJson.load(web_hook_event.headers), body: web_hook_event.payload)
-      web_hook_event.update!(
-        status: response.status,
-        response_headers: MultiJson.dump(response.headers),
-        response_body: response.body,
-        duration: ((Time.zone.now - now) * 1000).to_i
-      )
+      emitter = WebHookEmitter.new(web_hook, web_hook_event)
+      emitter.emit!(headers: MultiJson.load(web_hook_event.headers), body: web_hook_event.payload)
       render_serialized(web_hook_event, AdminWebHookEventSerializer, root: 'web_hook_event')
     else
       render json: failed_json

app/controllers/application_controller.rb

@@ -642,6 +642,7 @@ class ApplicationController < ActionController::Base
 
   def banner_json
     json = ApplicationController.banner_json_cache["json"]
+    return "{}" if !current_user && SiteSetting.login_required?
 
     unless json
       topic = Topic.where(archetype: Archetype.banner).first

app/controllers/categories_controller.rb

@@ -2,9 +2,9 @@
 
 class CategoriesController < ApplicationController
 
-  requires_login except: [:index, :categories_and_latest, :categories_and_top, :show, :redirect, :find_by_slug]
+  requires_login except: [:index, :categories_and_latest, :categories_and_top, :show, :redirect, :find_by_slug, :visible_groups]
 
-  before_action :fetch_category, only: [:show, :update, :destroy]
+  before_action :fetch_category, only: [:show, :update, :destroy, :visible_groups]
   before_action :initialize_staff_action_logger, only: [:create, :update, :destroy]
   skip_before_action :check_xhr, only: [:index, :categories_and_latest, :categories_and_top, :redirect]
 
@@ -117,6 +117,7 @@ class CategoriesController < ApplicationController
     if Category.topic_create_allowed(guardian).where(id: @category.id).exists?
       @category.permission = CategoryGroup.permission_types[:full]
     end
+
     render_serialized(@category, CategorySerializer)
   end
 
@@ -249,6 +250,11 @@ class CategoriesController < ApplicationController
     render_serialized(@category, CategorySerializer)
   end
 
+  def visible_groups
+    @guardian.ensure_can_see!(@category)
+    render json: success_json.merge(groups: @category.groups.merge(Group.visible_groups(current_user)).pluck("name"))
+  end
+
   private
 
   def self.topics_per_page
@@ -365,6 +371,7 @@ class CategoriesController < ApplicationController
 
   def fetch_category
     @category = Category.find_by_slug(params[:id]) || Category.find_by(id: params[:id].to_i)
+    raise Discourse::NotFound if @category.blank?
   end
 
   def initialize_staff_action_logger

app/controllers/invites_controller.rb

@@ -12,7 +12,6 @@ class InvitesController < ApplicationController
 
   before_action :ensure_invites_allowed, only: [:show, :perform_accept_invitation]
   before_action :ensure_new_registrations_allowed, only: [:show, :perform_accept_invitation]
-  before_action :ensure_not_logged_in, only: :perform_accept_invitation
 
   def show
     expires_now
@@ -20,98 +19,11 @@ class InvitesController < ApplicationController
     RateLimiter.new(nil, "invites-show-#{request.remote_ip}", 100, 1.minute).performed!
 
     invite = Invite.find_by(invite_key: params[:id])
+
     if invite.present? && invite.redeemable?
-      if current_user
-        added_to_group = false
-
-        if invite.groups.present?
-          invite_by_guardian = Guardian.new(invite.invited_by)
-          new_group_ids = invite.groups.pluck(:id) - current_user.group_users.pluck(:group_id)
-          new_group_ids.each do |id|
-            if group = Group.find_by(id: id)
-              if invite_by_guardian.can_edit_group?(group)
-                group.add(current_user)
-                added_to_group = true
-              end
-            end
-          end
-        end
-
-        create_topic_invite_notifications(invite, current_user)
-
-        if topic = invite.topics.first
-          new_guardian = Guardian.new(current_user)
-          return redirect_to(topic.url) if new_guardian.can_see?(topic)
-        elsif added_to_group
-          return redirect_to(path("/"))
-        end
-
-        return ensure_not_logged_in
-      end
-
-      email = Email.obfuscate(invite.email)
-
-      # Show email if the user already authenticated their email
-      different_external_email = false
-      if session[:authentication]
-        auth_result = Auth::Result.from_session_data(session[:authentication], user: nil)
-        if invite.email == auth_result.email
-          email = invite.email
-        else
-          different_external_email = true
-        end
-      end
-
-      email_verified_by_link = invite.email_token.present? && params[:t] == invite.email_token
-      if email_verified_by_link
-        email = invite.email
-      end
-
-      hidden_email = email != invite.email
-
-      if hidden_email || invite.email.nil?
-        username = ""
-      else
-        username = UserNameSuggester.suggest(invite.email)
-      end
-
-      info = {
-        invited_by: UserNameSerializer.new(invite.invited_by, scope: guardian, root: false),
-        email: email,
-        hidden_email: hidden_email,
-        username: username,
-        is_invite_link: invite.is_invite_link?,
-        email_verified_by_link: email_verified_by_link
-      }
-
-      if different_external_email
-        info[:different_external_email] = true
-      end
-
-      if staged_user = User.where(staged: true).with_email(invite.email).first
-        info[:username] = staged_user.username
-        info[:user_fields] = staged_user.user_fields
-      end
-
-      store_preloaded("invite_info", MultiJson.dump(info))
-
-      secure_session["invite-key"] = invite.invite_key
-
-      render layout: 'application'
+      show_invite(invite)
     else
-      flash.now[:error] = if invite.blank?
-        I18n.t('invite.not_found', base_url: Discourse.base_url)
-      elsif invite.redeemed?
-        if invite.is_invite_link?
-          I18n.t('invite.not_found_template_link', site_name: SiteSetting.title, base_url: Discourse.base_url)
-        else
-          I18n.t('invite.not_found_template', site_name: SiteSetting.title, base_url: Discourse.base_url)
-        end
-      elsif invite.expired?
-        I18n.t('invite.expired', base_url: Discourse.base_url)
-      end
-
-      render layout: 'no_ember'
+      show_irredeemable_invite(invite)
     end
   rescue RateLimiter::LimitExceeded => e
     flash.now[:error] = e.description
@@ -272,24 +184,33 @@ class InvitesController < ApplicationController
     params.permit(:email, :username, :name, :password, :timezone, :email_token, user_custom_fields: {})
 
     invite = Invite.find_by(invite_key: params[:id])
+    redeeming_user = current_user
 
     if invite.present?
       begin
         attrs = {
-          username: params[:username],
-          name: params[:name],
-          password: params[:password],
-          user_custom_fields: params[:user_custom_fields],
           ip_address: request.remote_ip,
           session: session
         }
 
-        if invite.is_invite_link?
-          params.require(:email)
-          attrs[:email] = params[:email]
+        if redeeming_user
+          attrs[:redeeming_user] = redeeming_user
         else
-          attrs[:email] = invite.email
-          attrs[:email_token] = params[:email_token] if params[:email_token].present?
+          attrs[:username] = params[:username]
+          attrs[:name] = params[:name]
+          attrs[:password] = params[:password]
+          attrs[:user_custom_fields] = params[:user_custom_fields]
+
+          # If the invite is not scoped to an email then we allow the
+          # user to provide it themselves
+          if invite.is_invite_link?
+            params.require(:email)
+            attrs[:email] = params[:email]
+          else
+            # Otherwise we always use the email from the invitation.
+            attrs[:email] = invite.email
+            attrs[:email_token] = params[:email_token] if params[:email_token].present?
+          end
         end
 
         user = invite.redeem(**attrs)
@@ -301,7 +222,10 @@ class InvitesController < ApplicationController
         return render json: failed_json.merge(message: I18n.t('invite.not_found_json')), status: 404
       end
 
-      log_on_user(user) if user.active? && user.guardian.can_access_forum?
+      if !redeeming_user && user.active? && user.guardian.can_access_forum?
+        log_on_user(user)
+      end
+
       user.update_timezone_if_missing(params[:timezone])
       post_process_invite(user)
       create_topic_invite_notifications(invite, user)
@@ -311,6 +235,10 @@ class InvitesController < ApplicationController
 
       if user.present?
         if user.active? && user.guardian.can_access_forum?
+          if redeeming_user
+            response[:message] = I18n.t("invite.existing_user_success")
+          end
+
           if user.guardian.can_see?(topic)
             response[:redirect_to] = path(topic.relative_url)
           else
@@ -413,6 +341,85 @@ class InvitesController < ApplicationController
 
   private
 
+  def show_invite(invite)
+    email = Email.obfuscate(invite.email)
+
+    # Show email if the user already authenticated their email
+    different_external_email = false
+
+    if session[:authentication]
+      auth_result = Auth::Result.from_session_data(session[:authentication], user: nil)
+      if invite.email == auth_result.email
+        email = invite.email
+      else
+        different_external_email = true
+      end
+    end
+
+    email_verified_by_link = invite.email_token.present? && params[:t] == invite.email_token
+
+    if email_verified_by_link
+      email = invite.email
+    end
+
+    hidden_email = email != invite.email
+
+    if hidden_email || invite.email.nil?
+      username = ""
+    else
+      username = UserNameSuggester.suggest(invite.email)
+    end
+
+    info = {
+      invited_by: UserNameSerializer.new(invite.invited_by, scope: guardian, root: false),
+      email: email,
+      hidden_email: hidden_email,
+      username: username,
+      is_invite_link: invite.is_invite_link?,
+      email_verified_by_link: email_verified_by_link
+    }
+
+    if different_external_email
+      info[:different_external_email] = true
+    end
+
+    if staged_user = User.where(staged: true).with_email(invite.email).first
+      info[:username] = staged_user.username
+      info[:user_fields] = staged_user.user_fields
+    end
+
+    if current_user
+      info[:existing_user_id] = current_user.id
+      info[:existing_user_can_redeem] = invite.can_be_redeemed_by?(current_user)
+      info[:existing_user_can_redeem_error] = existing_user_can_redeem_error(invite)
+      info[:email] = current_user.email
+      info[:username] = current_user.username
+    end
+
+    store_preloaded("invite_info", MultiJson.dump(info))
+
+    secure_session["invite-key"] = invite.invite_key
+
+    render layout: 'application'
+  end
+
+  def show_irredeemable_invite(invite)
+    flash.now[:error] = \
+      if invite.blank?
+        I18n.t('invite.not_found', base_url: Discourse.base_url)
+      elsif invite.redeemed?
+        if invite.is_invite_link?
+          I18n.t('invite.not_found_template_link', site_name: SiteSetting.title, base_url: Discourse.base_url)
+        else
+          I18n.t('invite.not_found_template', site_name: SiteSetting.title, base_url: Discourse.base_url)
+        end
+      elsif invite.expired?
+        I18n.t('invite.expired', base_url: Discourse.base_url)
+      end
+
+    render layout: 'no_ember'
+  end
+
   def ensure_invites_allowed
     if (!SiteSetting.enable_local_logins && Discourse.enabled_auth_providers.count == 0 && !SiteSetting.enable_discourse_connect)
       raise Discourse::NotFound
@@ -427,14 +434,6 @@ class InvitesController < ApplicationController
     end
   end
 
-  def ensure_not_logged_in
-    if current_user
-      flash[:error] = I18n.t("login.already_logged_in")
-      render layout: 'no_ember'
-      false
-    end
-  end
-
   def post_process_invite(user)
     user.enqueue_welcome_message('welcome_invite') if user.send_welcome_message
 
@@ -469,4 +468,13 @@ class InvitesController < ApplicationController
       end
     end
   end
+
+  def existing_user_can_redeem_error(invite)
+    return if invite.can_be_redeemed_by?(current_user)
+    if invite.invited_users.exists?(user: current_user)
+      I18n.t("invite.existing_user_already_redemeed")
+    else
+      I18n.t("invite.existing_user_cannot_redeem")
+    end
+  end
 end

app/controllers/notifications_controller.rb

@@ -23,6 +23,7 @@ class NotificationsController < ApplicationController
       limit = 50 if limit > 50
 
       notifications = Notification.recent_report(current_user, limit)
+      notifications = filter_inaccessible_notifications(notifications)
       changed = false
 
       if notifications.present? && !(params.has_key?(:silent) || @readonly_mode)
@@ -50,6 +51,7 @@ class NotificationsController < ApplicationController
 
       total_rows = notifications.dup.count
       notifications = notifications.offset(offset).limit(60)
+      notifications = filter_inaccessible_notifications(notifications)
       render_json_dump(notifications: serialize_data(notifications, NotificationSerializer),
                        total_rows_notifications: total_rows,
                        seen_notification_id: user.seen_notification_id,
@@ -101,4 +103,9 @@ class NotificationsController < ApplicationController
     render_json_dump(NotificationSerializer.new(@notification, scope: guardian, root: false))
   end
 
+  def filter_inaccessible_notifications(notifications)
+    topic_ids = notifications.map { |n| n.topic_id }.compact.uniq
+    accessible_topic_ids = guardian.can_see_topic_ids(topic_ids: topic_ids)
+    notifications.select { |n| n.topic_id.blank? || accessible_topic_ids.include?(n.topic_id) }
+  end
 end

app/controllers/session_controller.rb

@@ -181,9 +181,11 @@ class SessionController < ApplicationController
           return
         end
 
-        # users logging in via SSO using an invite do not need to be approved,
-        # they are already pre-approved because they have been invited
-        if SiteSetting.must_approve_users? && !user.approved? && invite.blank?
+        if SiteSetting.must_approve_users? && !user.approved?
+          if invite.present? && user.invited_user.blank?
+            redeem_invitation(invite, sso, user)
+          end
+
           if SiteSetting.discourse_connect_not_approved_url.present?
             redirect_to SiteSetting.discourse_connect_not_approved_url
           else
@@ -195,7 +197,7 @@ class SessionController < ApplicationController
         # the user has not already redeemed an invite
         # (covers the same SSO user visiting an invite link)
         elsif invite.present? && user.invited_user.blank?
-          redeem_invitation(invite, sso)
+          redeem_invitation(invite, sso, user)
 
           # we directly call user.activate here instead of going
           # through the UserActivator path because we assume the account
@@ -646,7 +648,7 @@ class SessionController < ApplicationController
     end
 
     if invite.redeemable?
-      if !invite.is_invite_link? && sso.email != invite.email
+      if invite.is_email_invite? && sso.email != invite.email
         raise Invite::ValidationFailed.new(I18n.t("invite.not_matching_email"))
       end
     elsif invite.expired?
@@ -658,14 +660,15 @@ class SessionController < ApplicationController
     invite
   end
 
-  def redeem_invitation(invite, sso)
+  def redeem_invitation(invite, sso, redeeming_user)
     InviteRedeemer.new(
       invite: invite,
       username: sso.username,
       name: sso.name,
       ip_address: request.remote_ip,
       session: session,
-      email: sso.email
+      email: sso.email,
+      redeeming_user: redeeming_user
     ).redeem
     secure_session["invite-key"] = nil
 

app/controllers/user_badges_controller.rb

@@ -24,11 +24,19 @@ class UserBadgesController < ApplicationController
       user_badges = user_badges.offset(offset.to_i)
     end
 
+    user_badges_topic_ids = user_badges.map { |user_badge| user_badge.post&.topic_id }.compact
+
     user_badges = UserBadges.new(user_badges: user_badges,
                                  username: params[:username],
                                  grant_count: grant_count)
 
-    render_serialized(user_badges, UserBadgesSerializer, root: :user_badge_info, include_long_description: true)
+    render_serialized(
+      user_badges,
+      UserBadgesSerializer,
+      root: :user_badge_info,
+      include_long_description: true,
+      allowed_user_badge_topic_ids: guardian.can_see_topic_ids(topic_ids: user_badges_topic_ids)
+    )
   end
 
   def username
@@ -46,9 +54,12 @@ class UserBadgesController < ApplicationController
       .includes(post: :topic)
       .includes(:granted_by)
 
+    user_badges_topic_ids = user_badges.map { |user_badge| user_badge.post&.topic_id }.compact
+
     render_serialized(
       user_badges,
       DetailedUserBadgeSerializer,
+      allowed_user_badge_topic_ids: guardian.can_see_topic_ids(topic_ids: user_badges_topic_ids),
       root: :user_badges,
     )
   end

app/controllers/users_controller.rb

@@ -69,7 +69,7 @@ class UsersController < ApplicationController
       user_serializer = serializer_class.new(@user, scope: guardian, root: 'user')
 
       topic_id = params[:include_post_count_for].to_i
-      if topic_id != 0
+      if topic_id != 0 && guardian.can_see?(Topic.find_by_id(topic_id))
         user_serializer.topic_post_count = { topic_id => Post.secured(guardian).where(topic_id: topic_id, user_id: @user.id).count }
       end
     else
@@ -1062,10 +1062,12 @@ class UsersController < ApplicationController
     RateLimiter.new(nil, "activate-edit-email-hr-#{request.remote_ip}", 5, 1.hour).performed!
 
     if params[:username].present?
+      RateLimiter.new(nil, "activate-edit-email-hr-username-#{params[:username]}", 5, 1.hour).performed!
       @user = User.find_by_username_or_email(params[:username])
       raise Discourse::InvalidAccess.new unless @user.present?
       raise Discourse::InvalidAccess.new unless @user.confirm_password?(params[:password])
     elsif user_key = session[SessionController::ACTIVATE_USER_KEY]
+      RateLimiter.new(nil, "activate-edit-email-hr-user-key-#{user_key}", 5, 1.hour).performed!
       @user = User.where(id: user_key.to_i).first
     end
 

app/jobs/regular/emit_web_hook_event.rb

@@ -9,7 +9,6 @@ module Jobs
     PING_EVENT = 'ping'
     MAX_RETRY_COUNT = 4
     RETRY_BACKOFF = 5
-    REQUEST_TIMEOUT = 20
 
     def execute(args)
       @arguments = args
@@ -43,39 +42,13 @@ module Jobs
     end
 
     def send_webhook!
-      uri = URI(@web_hook.payload_url.strip)
-      conn = Excon.new(
-        uri.to_s,
-        ssl_verify_peer: @web_hook.verify_certificate,
-        retry_limit: 0,
-        write_timeout: REQUEST_TIMEOUT,
-        read_timeout: REQUEST_TIMEOUT,
-        connect_timeout: REQUEST_TIMEOUT
-      )
-
       web_hook_body = build_webhook_body
       web_hook_event = create_webhook_event(web_hook_body)
+      uri = URI(@web_hook.payload_url.strip)
       web_hook_headers = build_webhook_headers(uri, web_hook_body, web_hook_event)
-      web_hook_response = nil
 
-      begin
-        now = Time.zone.now
-        web_hook_response = conn.post(headers: web_hook_headers, body: web_hook_body)
-        web_hook_event.update!(
-          headers: MultiJson.dump(web_hook_headers),
-          status: web_hook_response.status,
-          response_headers: MultiJson.dump(web_hook_response.headers),
-          response_body: web_hook_response.body,
-          duration: ((Time.zone.now - now) * 1000).to_i
-        )
-      rescue => e
-        web_hook_event.update!(
-          headers: MultiJson.dump(web_hook_headers),
-          status: -1,
-          response_headers: MultiJson.dump(error: e),
-          duration: ((Time.zone.now - now) * 1000).to_i
-        )
-      end
+      emitter = WebHookEmitter.new(@web_hook, web_hook_event)
+      web_hook_response = emitter.emit!(headers: web_hook_headers, body: web_hook_body)
 
       publish_webhook_event(web_hook_event)
       process_webhook_response(web_hook_response)
@@ -151,12 +124,12 @@ module Jobs
       headers = {
         'Accept' => '*/*',
         'Connection' => 'close',
-        'Content-Length' => web_hook_body.bytesize,
+        'Content-Length' => web_hook_body.bytesize.to_s,
         'Content-Type' => content_type,
         'Host' => uri.host,
         'User-Agent' => "Discourse/#{Discourse::VERSION::STRING}",
         'X-Discourse-Instance' => Discourse.base_url,
-        'X-Discourse-Event-Id' => web_hook_event.id,
+        'X-Discourse-Event-Id' => web_hook_event.id.to_s,
         'X-Discourse-Event-Type' => @arguments[:event_type]
       }
 

app/jobs/regular/export_user_archive.rb

@@ -261,15 +261,16 @@ module Jobs
 
       CategoryUser
         .where(user_id: @current_user.id)
-        .select(:category_id, :notification_level, :last_seen_at)
+        .includes(:category)
+        .merge(Category.secured(guardian))
         .each do |cu|
-        yield [
-          cu.category_id,
-          piped_category_name(cu.category_id),
-          NotificationLevels.all[cu.notification_level],
-          cu.last_seen_at
-        ]
-      end
+          yield [
+            cu.category_id,
+            piped_category_name(cu.category_id, cu.category),
+            NotificationLevels.all[cu.notification_level],
+            cu.last_seen_at
+          ]
+        end
     end
 
     def flags_export
@@ -408,10 +409,9 @@ module Jobs
       @guardian ||= Guardian.new(@current_user)
     end
 
-    def piped_category_name(category_id)
-      return "-" unless category_id
-      category = Category.find_by(id: category_id)
-      return "#{category_id}" unless category
+    def piped_category_name(category_id, category)
+      return "#{category_id}" if category_id && !category
+      return "-" if !guardian.can_see_category?(category)
       categories = [category.name]
       while category.parent_category_id && category = category.parent_category
         categories << category.name
@@ -433,10 +433,10 @@ module Jobs
       user_archive_array = []
       topic_data = user_archive.topic
       user_archive = user_archive.as_json
-      topic_data = Topic.with_deleted.find_by(id: user_archive['topic_id']) if topic_data.nil?
+      topic_data = Topic.with_deleted.includes(:category).find_by(id: user_archive['topic_id']) if topic_data.nil?
       return user_archive_array if topic_data.nil?
 
-      categories = piped_category_name(topic_data.category_id)
+      categories = piped_category_name(topic_data.category_id, topic_data.category)
       is_pm = topic_data.archetype == "private_message" ? I18n.t("csv_export.boolean_yes") : I18n.t("csv_export.boolean_no")
       url = "#{Discourse.base_url}/t/#{topic_data.slug}/#{topic_data.id}/#{user_archive['post_number']}"
 

app/jobs/regular/group_smtp_email.rb

@@ -46,6 +46,12 @@ module Jobs
         cc.match(EmailValidator.email_regex) ? cc : nil
       end.compact
 
+      # Mask the email addresses of non-staged users so
+      # they are not revealed unnecessarily when we are sending
+      # the email notification out.
+      bcc_addresses = User.not_staged.with_email(cc_addresses).pluck(:email)
+      cc_addresses = cc_addresses - bcc_addresses
+
       # There is a rare race condition causing the Imap::Sync class to create
       # an incoming email and associated post/topic, which then kicks off
       # the PostAlerter to notify others in the PM about a reply in the topic,
@@ -68,7 +74,13 @@ module Jobs
       # The EmailLog record created by the sender will have the raw email
       # stored, the group smtp ID, and any cc addresses recorded for later
       # cross referencing.
-      message = GroupSmtpMailer.send_mail(group, email, post, cc_addresses)
+      message = GroupSmtpMailer.send_mail(
+        group,
+        email,
+        post,
+        cc_addresses: cc_addresses,
+        bcc_addresses: bcc_addresses
+      )
       Email::Sender.new(message, :group_smtp, recipient_user).send
 
       # Create an incoming email record to avoid importing again from IMAP

app/mailers/group_smtp_mailer.rb

@@ -5,7 +5,7 @@ require_dependency 'email/message_builder'
 class GroupSmtpMailer < ActionMailer::Base
   include Email::BuildEmailHelper
 
-  def send_mail(from_group, to_address, post, cc_addresses = nil)
+  def send_mail(from_group, to_address, post, cc_addresses: nil, bcc_addresses: nil)
     raise 'SMTP is disabled' if !SiteSetting.enable_smtp
 
     op_incoming_email = post.topic.first_post.incoming_email
@@ -51,7 +51,8 @@ class GroupSmtpMailer < ActionMailer::Base
       from: from_group.email_username,
       from_alias: I18n.t('email_from_without_site', user_name: group_name),
       html_override: html_override(post),
-      cc: cc_addresses
+      cc: cc_addresses,
+      bcc: bcc_addresses
     )
   end
 

app/mailers/user_notifications.rb

@@ -529,11 +529,13 @@ class UserNotifications < ActionMailer::Base
 
     # tag names
     if opts[:show_tags_in_subject] && post.topic_id
-
-      tags = Tag.joins(:topic_tags)
-        .where("topic_tags.topic_id = ?", post.topic_id)
-        .limit(3)
-        .pluck(:name)
+      tags =
+        DiscourseTagging
+          .visible_tags(Guardian.new(user))
+          .joins(:topic_tags)
+          .where("topic_tags.topic_id = ?", post.topic_id)
+          .limit(3)
+          .pluck(:name)
 
       show_tags_in_subject = tags.any? ? tags.join(" ") : nil
     end

app/models/email_log.rb

@@ -132,6 +132,7 @@ end
 #  cc_user_ids   :integer          is an Array
 #  raw           :text
 #  topic_id      :integer
+#  bcc_addresses :text
 #
 # Indexes
 #

app/models/email_token.rb

@@ -69,7 +69,7 @@ class EmailToken < ActiveRecord::Base
       user.create_reviewable if !skip_reviewable
       user.set_automatic_groups
       DiscourseEvent.trigger(:user_confirmed_email, user)
-      Invite.redeem_from_email(user.email)
+      Invite.redeem_for_existing_user(user)
 
       user.reload
     end

app/models/group.rb

@@ -141,7 +141,7 @@ class Group < ActiveRecord::Base
   scope :with_smtp_configured, -> { where(smtp_enabled: true) }
 
   scope :visible_groups, Proc.new { |user, order, opts|
-    groups = self.order(order || "name ASC")
+    groups = self.order(order || "groups.name ASC")
 
     if !opts || !opts[:include_everyone]
       groups = groups.where("groups.id > 0")

app/models/invite.rb

@@ -66,14 +66,26 @@ class Invite < ActiveRecord::Base
     end
   end
 
+  # Even if a domain is specified on the invite, it still counts as
+  # an invite link.
   def is_invite_link?
-    email.blank?
+    self.email.blank?
+  end
+
+  # Email invites have specific behaviour and it's easier to visually
+  # parse is_email_invite? than !is_invite_link?
+  def is_email_invite?
+    self.email.present?
   end
 
   def redeemable?
     !redeemed? && !expired? && !deleted_at? && !destroyed? && link_valid?
   end
 
+  def redeemed_by_user?(redeeming_user)
+    self.invited_users.exists?(user: redeeming_user)
+  end
+
   def redeemed?
     if is_invite_link?
       redemption_count >= max_redemptions_allowed
@@ -82,6 +94,23 @@ class Invite < ActiveRecord::Base
     end
   end
 
+  def email_matches?(email)
+    email.downcase == self.email.downcase
+  end
+
+  def domain_matches?(email)
+    _, domain = email.split('@')
+    self.domain == domain
+  end
+
+  def can_be_redeemed_by?(user)
+    return false if !self.redeemable?
+    return false if redeemed_by_user?(user)
+    return true if self.email.blank? && self.domain.blank?
+    return true if self.email.present? && email_matches?(user.email)
+    self.domain.present? && domain_matches?(user.email)
+  end
+
   def expired?
     expires_at < Time.zone.now
   end
@@ -115,6 +144,8 @@ class Invite < ActiveRecord::Base
         invite.destroy
         invite = nil
       end
+      email_digest = Digest::SHA256.hexdigest(email)
+      RateLimiter.new(invited_by, "reinvites-per-day-#{email_digest}", 3, 1.day.to_i).performed!
     end
 
     emailed_status = if opts[:skip_email] || invite&.emailed_status == emailed_status_types[:not_required]
@@ -164,14 +195,11 @@ class Invite < ActiveRecord::Base
     invite.reload
   end
 
-  def redeem(email: nil, username: nil, name: nil, password: nil, user_custom_fields: nil, ip_address: nil, session: nil, email_token: nil)
+  def redeem(email: nil, username: nil, name: nil, password: nil, user_custom_fields: nil, ip_address: nil, session: nil, email_token: nil, redeeming_user: nil)
     return if !redeemable?
 
-    if is_invite_link? && UserEmail.exists?(email: email)
-      raise UserExists.new I18n.t("invite_link.email_taken")
-    end
-
     email = self.email if email.blank? && !is_invite_link?
+
     InviteRedeemer.new(
       invite: self,
       email: email,
@@ -181,10 +209,20 @@ class Invite < ActiveRecord::Base
       user_custom_fields: user_custom_fields,
       ip_address: ip_address,
       session: session,
-      email_token: email_token
+      email_token: email_token,
+      redeeming_user: redeeming_user
     ).redeem
   end
 
+  def self.redeem_for_existing_user(user)
+    invite = Invite.find_by(email: Email.downcase(user.email))
+    if invite.present? && invite.redeemable?
+      InviteRedeemer.new(invite: invite, redeeming_user: user).redeem
+    end
+    invite
+  end
+
+  # Deprecated: Replaced by redeem_for_existing_user in tests-passed
   def self.redeem_from_email(email)
     invite = Invite.find_by(email: Email.downcase(email))
     InviteRedeemer.new(invite: invite, email: invite.email).redeem if invite

app/models/invite_redeemer.rb

@@ -1,16 +1,50 @@
 # frozen_string_literal: true
 
-InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_custom_fields, :ip_address, :session, :email_token, keyword_init: true) do
-
+# NOTE: There are a _lot_ of complicated rules and conditions for our
+# invite system, and the code is spread out through a lot of places.
+# Tread lightly and read carefully when modifying this code. You may
+# also want to look at:
+#
+# * InvitesController
+# * SessionController
+# * Invite model
+# * User model
+#
+# Invites that are scoped to a specific email (email IS NOT NULL on the Invite
+# model) have different rules to invites that are considered an "invite link",
+# (email IS NULL) on the Invite model.
+InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_custom_fields, :ip_address, :session, :email_token, :redeeming_user, keyword_init: true) do
   def redeem
+    ensure_email_is_present!(email)
     Invite.transaction do
-      if invite_was_redeemed?
+      if can_redeem_invite? && mark_invite_redeemed
         process_invitation
         invited_user
       end
     end
   end
 
+  # The email must be present in some form since many of the methods
+  # for processing + redemption rely on it. If it's still nil after
+  # these checks then we have hit an edge case and should not proceed!
+  def ensure_email_is_present!(email)
+    if email.blank?
+      Rails.logger.warn(
+        "email param was blank in InviteRedeemer for invite ID #{invite.id}. The `redeeming_user` was #{self.redeeming_user.present? ? "(ID: #{self.redeeming_user.id})" : "not"} present.",
+      )
+    end
+
+    if email.blank? && self.invite.is_email_invite?
+      self.email = self.invite.email
+    elsif self.redeeming_user.present?
+      self.email = self.redeeming_user.email
+    else
+      self.email = email
+    end
+
+    raise Discourse::InvalidParameters if self.email.blank?
+  end
+
   # extracted from User cause it is very specific to invites
   def self.create_user_from_invite(email:, invite:, username: nil, name: nil, password: nil, user_custom_fields: nil, ip_address: nil, session: nil, email_token: nil)
     if username && UsernameValidator.new(username).valid_format? && User.username_available?(username, email)
@@ -19,13 +53,6 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
       available_username = UserNameSuggester.suggest(email)
     end
 
-    if email.present? && invite.domain.present?
-      username, domain = email.split('@')
-      if domain.present? && invite.domain != domain
-        raise ActiveRecord::RecordNotSaved.new(I18n.t('invite.domain_not_allowed'))
-      end
-    end
-
     user = User.where(staged: true).with_email(email.strip.downcase).first
     user.unstage! if user
     user ||= User.new
@@ -40,10 +67,10 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
       registration_ip_address: ip_address
     }
 
-    if !SiteSetting.must_approve_users? ||
-        (SiteSetting.must_approve_users? && invite.invited_by.staff?) ||
-        EmailValidator.can_auto_approve_user?(user.email)
-      ReviewableUser.set_approved_fields!(user, invite.invited_by)
+    if (!SiteSetting.must_approve_users && SiteSetting.invite_only) ||
+       (SiteSetting.must_approve_users? && EmailValidator.can_auto_approve_user?(user.email))
+
+      ReviewableUser.set_approved_fields!(user, Discourse.system_user)
     end
 
     user_fields = UserField.all
@@ -80,8 +107,10 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
     user.save!
     authenticator.finish
 
-    if invite.emailed_status != Invite.emailed_status_types[:not_required] && email == invite.email && invite.email_token.present? && email_token == invite.email_token
-      user.email_tokens.create!(email: user.email, scope: EmailToken.scopes[:signup])
+    if invite.emailed_status != Invite.emailed_status_types[:not_required] &&
+        email == invite.email &&
+        invite.email_token.present? &&
+        email_token == invite.email_token
       user.activate
     end
 
@@ -90,33 +119,50 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
 
   private
 
-  def invited_user
-    @invited_user ||= get_invited_user
+  def can_redeem_invite?
+    return false if !invite.redeemable?
+    return false if email.blank?
+
+    # Invite scoped to email has already been redeemed by anyone.
+    if invite.is_email_invite? && InvitedUser.exists?(invite_id: invite.id)
+      return false
+    end
+
+    # The email will be present for either an invite link (where the user provides
+    # us the email manually) or for an invite scoped to an email, where we
+    # prefill the email and do not let the user modify it.
+    #
+    # Note that an invite link can also have a domain scope which must be checked.
+    email_to_check = redeeming_user&.email || email
+
+    if invite.email.present? && !invite.email_matches?(email_to_check)
+      raise ActiveRecord::RecordNotSaved.new(I18n.t('invite.not_matching_email'))
+    end
+
+    if invite.domain.present? && !invite.domain_matches?(email_to_check)
+      raise ActiveRecord::RecordNotSaved.new(I18n.t('invite.domain_not_allowed'))
+    end
+
+    # Anon user is trying to redeem an invitation, if an existing user already
+    # redeemed it then we cannot redeem now.
+    redeeming_user ||= User.where(admin: false, staged: false).find_by_email(email)
+    if redeeming_user.present? && InvitedUser.exists?(user_id: redeeming_user.id, invite_id: invite.id)
+      return false
+    end
+
+    true
   end
 
   def process_invitation
-    approve_account_if_needed
     add_to_private_topics_if_invited
     add_user_to_groups
     send_welcome_message
     notify_invitee
   end
 
-  def invite_was_redeemed?
-    mark_invite_redeemed
-  end
-
   def mark_invite_redeemed
-    if !invite.is_invite_link? && InvitedUser.exists?(invite_id: invite.id)
-      return false
-    end
-
-    existing_user = get_existing_user
-    if existing_user.present? && InvitedUser.exists?(user_id: existing_user.id, invite_id: invite.id)
-      return false
-    end
-
     @invited_user_record = InvitedUser.create!(invite_id: invite.id, redeemed_at: Time.zone.now)
+
     if @invited_user_record.present?
       Invite.increment_counter(:redemption_count, invite.id)
       delete_duplicate_invites
@@ -125,9 +171,20 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
     @invited_user_record.present?
   end
 
-  def get_invited_user
-    result = get_existing_user
-    result ||= InviteRedeemer.create_user_from_invite(
+  def invited_user
+    return @invited_user if defined?(@invited_user)
+
+    # The redeeming user is an already logged in user or a user who is
+    # activating their account who is redeeming the invite,
+    # which is valid for existing users to be invited to topics or groups.
+    if redeeming_user.present?
+      @invited_user = redeeming_user
+      return @invited_user
+    end
+
+    # If there was no logged in user then we must attempt to create
+    # one based on the provided params.
+    invited_user ||= InviteRedeemer.create_user_from_invite(
       email: email,
       invite: invite,
       username: username,
@@ -138,18 +195,24 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
       session: session,
       email_token: email_token
     )
-    result.send_welcome_message = false
-    result
-  end
-
-  def get_existing_user
-    User.where(admin: false, staged: false).find_by_email(email)
+    invited_user.send_welcome_message = false
+    @invited_user = invited_user
+    @invited_user
   end
 
   def add_to_private_topics_if_invited
-    topic_ids = Topic.where(archetype: Archetype::private_message).includes(:invites).where(invites: { email: email }).pluck(:id)
+    # Should not happen because of ensure_email_is_present!, but better to cover bases.
+    return if email.blank?
+
+    topic_ids = TopicInvite.joins(:invite)
+      .joins(:topic)
+      .where("topics.archetype = ?", Archetype::private_message)
+      .where("invites.email = ?", email)
+      .pluck(:topic_id)
     topic_ids.each do |id|
-      TopicAllowedUser.create!(user_id: invited_user.id, topic_id: id) unless TopicAllowedUser.exists?(user_id: invited_user.id, topic_id: id)
+      if !TopicAllowedUser.exists?(user_id: invited_user.id, topic_id: id)
+        TopicAllowedUser.create!(user_id: invited_user.id, topic_id: id)
+      end
     end
   end
 
@@ -170,27 +233,18 @@ InviteRedeemer = Struct.new(:invite, :email, :username, :name, :password, :user_
     invited_user.send_welcome_message = true
   end
 
-  def approve_account_if_needed
-    if invited_user.present? && reviewable_user = ReviewableUser.find_by(target: invited_user, status: Reviewable.statuses[:pending])
-      reviewable_user.perform(
-        invite.invited_by,
-        :approve_user,
-        send_email: false,
-        approved_by_invite: true
-      )
-    end
-  end
-
   def notify_invitee
-    if inviter = invite.invited_by
-      inviter.notifications.create!(
-        notification_type: Notification.types[:invitee_accepted],
-        data: { display_username: invited_user.username }.to_json
-      )
-    end
+    return if invite.invited_by.blank?
+    invite.invited_by.notifications.create!(
+      notification_type: Notification.types[:invitee_accepted],
+      data: { display_username: invited_user.username }.to_json
+    )
   end
 
   def delete_duplicate_invites
+    # Should not happen because of ensure_email_is_present!, but better to cover bases.
+    return if email.blank?
+
     Invite
       .where('invites.max_redemptions_allowed = 1')
       .joins("LEFT JOIN invited_users ON invites.id = invited_users.invite_id")

app/models/remote_theme.rb

@@ -15,7 +15,7 @@ class RemoteTheme < ActiveRecord::Base
   ALLOWED_FIELDS = %w{scss embedded_scss head_tag header after_header body_tag footer}
 
   GITHUB_REGEXP = /^https?:\/\/github\.com\//
-  GITHUB_SSH_REGEXP = /^git@github\.com:/
+  GITHUB_SSH_REGEXP = /^ssh:\/\/git@github\.com:/
 
   has_one :theme, autosave: false
   scope :joined_remotes, -> {
@@ -25,8 +25,10 @@ class RemoteTheme < ActiveRecord::Base
   validates_format_of :minimum_discourse_version, :maximum_discourse_version, with: Discourse::VERSION_REGEXP, allow_nil: true
 
   def self.extract_theme_info(importer)
-    JSON.parse(importer["about.json"])
-  rescue TypeError, JSON::ParserError
+    json = JSON.parse(importer["about.json"])
+    json.fetch("name")
+    json
+  rescue TypeError, JSON::ParserError, KeyError
     raise ImportError.new I18n.t("themes.import_error.about_json")
   end
 
@@ -80,6 +82,7 @@ class RemoteTheme < ActiveRecord::Base
     importer.import!
 
     theme_info = RemoteTheme.extract_theme_info(importer)
+
     component = [true, "true"].include?(theme_info["component"])
     theme = Theme.new(user_id: user&.id || -1, name: theme_info["name"], component: component)
     theme.child_components = theme_info["components"].presence || []

app/models/reviewable_flagged_post.rb

@@ -1,6 +1,9 @@
 # frozen_string_literal: true
 
 class ReviewableFlaggedPost < Reviewable
+  scope :pending_and_default_visible, -> {
+    pending.default_visible
+  }
 
   # Penalties are handled by the modal after the action is performed
   def self.action_aliases

app/models/reviewable_user.rb

@@ -12,7 +12,7 @@ class ReviewableUser < Reviewable
   def build_actions(actions, guardian, args)
     return unless pending?
 
-    if guardian.can_approve?(target) || args[:approved_by_invite]
+    if guardian.can_approve?(target)
       actions.add(:approve_user) do |a|
         a.icon = 'user-plus'
         a.label = "reviewables.actions.approve_user.title"

app/models/tag.rb

@@ -107,7 +107,7 @@ class Tag < ActiveRecord::Base
 
     return [] if scope_category_ids.empty?
 
-    filter_sql = guardian&.is_staff? ? '' : " AND tags.id NOT IN (#{DiscourseTagging.hidden_tags_query.select(:id).to_sql})"
+    filter_sql = guardian&.is_staff? ? '' : " AND tags.id IN (#{DiscourseTagging.visible_tags(guardian).select(:id).to_sql})"
 
     tag_names_with_counts = DB.query <<~SQL
       SELECT tags.name as tag_name, SUM(stats.topic_count) AS sum_topic_count

app/models/theme.rb

@@ -115,7 +115,12 @@ class Theme < ActiveRecord::Base
   end
 
   def update_javascript_cache!
-    all_extra_js = theme_fields.where(target_id: Theme.targets[:extra_js]).pluck(:value_baked).join("\n")
+    all_extra_js = theme_fields
+      .where(target_id: Theme.targets[:extra_js])
+      .order(:name, :id)
+      .pluck(:value_baked)
+      .join("\n")
+
     if all_extra_js.present?
       js_compiler = ThemeJavascriptCompiler.new(id, name)
       js_compiler.append_raw_script(all_extra_js)

app/models/topic.rb

@@ -424,8 +424,12 @@ class Topic < ActiveRecord::Base
     posts.where(post_type: Post.types[:regular], user_deleted: false).order('score desc nulls last').limit(1).first
   end
 
+  def self.has_flag_scope
+    ReviewableFlaggedPost.pending_and_default_visible
+  end
+
   def has_flags?
-    ReviewableFlaggedPost.pending.default_visible.where(topic_id: id).exists?
+    self.class.has_flag_scope.exists?(topic_id: self.id)
   end
 
   def is_official_warning?

app/models/user.rb

@@ -218,6 +218,7 @@ class User < ActiveRecord::Base
   scope :suspended, -> { where('suspended_till IS NOT NULL AND suspended_till > ?', Time.zone.now) }
   scope :not_suspended, -> { where('suspended_till IS NULL OR suspended_till <= ?', Time.zone.now) }
   scope :activated, -> { where(active: true) }
+  scope :not_staged, -> { where(staged: false) }
 
   scope :filter_by_username, ->(filter) do
     if filter.is_a?(Array)

app/models/user_email.rb

@@ -18,6 +18,10 @@ class UserEmail < ActiveRecord::Base
 
   scope :secondary, -> { where(primary: false) }
 
+  before_save ->() { destroy_email_tokens(self.email_was) }, if: :will_save_change_to_email?
+
+  after_destroy { destroy_email_tokens(self.email) }
+
   def normalize_email
     self.normalized_email = if self.email.present?
       username, domain = self.email.split('@', 2)
@@ -62,6 +66,10 @@ class UserEmail < ActiveRecord::Base
       )
     end
   end
+
+  def destroy_email_tokens(email)
+    EmailToken.where(email: email).destroy_all
+  end
 end
 
 # == Schema Information

app/models/user_profile.rb

@@ -8,7 +8,8 @@ class UserProfile < ActiveRecord::Base
   belongs_to :featured_topic, class_name: 'Topic'
 
   validates :bio_raw, length: { maximum: 3000 }
-  validates :website, url: true, allow_blank: true, if: Proc.new { |c| c.new_record? || c.website_changed? }
+  validates :website, url: true, length: { maximum: 3000 }, allow_blank: true, if: Proc.new { |c| c.new_record? || c.website_changed? }
+  validates :location, length: { maximum: 3000 }
   validates :user, presence: true
   before_save :cook
   after_save :trigger_badges
@@ -168,8 +169,8 @@ end
 # Table name: user_profiles
 #
 #  user_id                      :integer          not null, primary key
-#  location                     :string
-#  website                      :string
+#  location                     :string(3000)
+#  website                      :string(3000)
 #  bio_raw                      :text
 #  bio_cooked                   :text
 #  dismissed_banner_key         :integer

app/models/web_hook.rb

@@ -15,6 +15,7 @@ class WebHook < ActiveRecord::Base
   validates_presence_of :content_type
   validates_presence_of :last_delivery_status
   validates_presence_of :web_hook_event_types, unless: :wildcard_web_hook?
+  validate :ensure_payload_url_allowed, if: :payload_url_changed?
 
   before_save :strip_url
 
@@ -113,6 +114,23 @@ class WebHook < ActiveRecord::Base
   def self.guardian
     Guardian.new(Discourse.system_user)
   end
+
+  # This check is to improve UX
+  # IPs are re-checked at request time
+  def ensure_payload_url_allowed
+    return if payload_url.blank?
+    uri = URI(payload_url.strip)
+
+    allowed = begin
+      FinalDestination::SSRFDetector.lookup_and_filter_ips(uri.hostname).present?
+    rescue FinalDestination::SSRFDetector::DisallowedIpError
+      false
+    end
+
+    if !allowed
+      self.errors.add(:base, I18n.t("webhooks.payload_url.blocked_or_internal"))
+    end
+  end
 end
 
 # == Schema Information

app/serializers/category_serializer.rb

@@ -33,19 +33,30 @@ class CategorySerializer < SiteCategorySerializer
 
   def group_permissions
     @group_permissions ||= begin
-      perms = object.category_groups.joins(:group).includes(:group).order("groups.name").map do |cg|
-        {
-          permission_type: cg.permission_type,
-          group_name: cg.group.name
-        }
-      end
+      perms = object
+        .category_groups
+        .joins(:group)
+        .includes(:group)
+        .merge(Group.visible_groups(scope&.user, "groups.name ASC", include_everyone: true))
+        .map do |cg|
+          {
+            permission_type: cg.permission_type,
+            group_name: cg.group.name
+          }
+        end
+
       if perms.length == 0 && !object.read_restricted
         perms << { permission_type: CategoryGroup.permission_types[:full], group_name: Group[:everyone]&.name.presence || :everyone }
       end
+
       perms
     end
   end
 
+  def include_group_permissions?
+    scope&.can_edit?(object)
+  end
+
   def include_available_groups?
     scope && scope.can_edit?(object)
   end

app/serializers/concerns/user_badge_post_and_topic_attributes_mixin.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# Post and topic attributes are only included when the `allowed_user_badge_topic_ids` option is provided. The caller of the
+# serializer is responsible for ensuring that the topic ids in the options can be seen by the scope of the user by passing
+# the result of `Guardian#can_see_topic_ids` to the `allowed_user_badge_topic_ids` option.
+module UserBadgePostAndTopicAttributesMixin
+  private
+
+  def include_post_attributes?
+    return false if !object.badge.show_posts || !object.post
+    return true if scope.is_admin?
+
+    allowed_user_badge_topic_ids = options[:allowed_user_badge_topic_ids]
+
+    return false if allowed_user_badge_topic_ids.blank?
+
+    topic_id = object.post.topic_id
+
+    return false if topic_id.blank?
+
+    allowed_user_badge_topic_ids.include?(topic_id)
+  end
+
+  def include_topic_attributes?
+    include_post_attributes? && object.post.topic
+  end
+end

app/serializers/detailed_user_badge_serializer.rb

@@ -1,27 +1,34 @@
 # frozen_string_literal: true
 
 class DetailedUserBadgeSerializer < BasicUserBadgeSerializer
+  include UserBadgePostAndTopicAttributesMixin
+
   has_one :granted_by, serializer: UserBadgeSerializer::UserSerializer
 
   attributes :post_number, :topic_id, :topic_title, :is_favorite, :can_favorite
 
-  def include_post_number?
-    object.post
+  def post_number
+    object.post.post_number
   end
 
-  alias :include_topic_id? :include_post_number?
-  alias :include_topic_title? :include_post_number?
-
-  def post_number
-    object.post.post_number if object.post
+  def include_post_number?
+    include_post_attributes?
   end
 
   def topic_id
-    object.post.topic_id if object.post
+    object.post.topic_id
+  end
+
+  def include_topic_id?
+    include_topic_attributes?
   end
 
   def topic_title
-    object.post.topic.title if object.post && object.post.topic
+    object.post.topic.title
+  end
+
+  def include_topic_title?
+    include_topic_id?
   end
 
   def can_favorite

app/serializers/user_badge_serializer.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 class UserBadgeSerializer < ApplicationSerializer
+  include UserBadgePostAndTopicAttributesMixin
 
   class UserSerializer < BasicUserSerializer
     include UserPrimaryGroupMixin
@@ -22,10 +23,9 @@ class UserBadgeSerializer < ApplicationSerializer
   end
 
   def include_post_id?
-    object.badge.show_posts && object.post_id && object.post
+    include_post_attributes?
   end
 
-  alias :include_topic? :include_post_id?
   alias :include_post_number? :include_post_id?
 
   def post_number
@@ -35,4 +35,8 @@ class UserBadgeSerializer < ApplicationSerializer
   def topic
     object.post.topic
   end
+
+  def include_topic?
+    include_topic_attributes?
+  end
 end

app/services/web_hook_emitter.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+class WebHookEmitter
+  REQUEST_TIMEOUT = 20
+
+  def initialize(webhook, webhook_event)
+    @webhook = webhook
+    @webhook_event = webhook_event
+  end
+
+  def emit!(headers:, body:)
+    uri = URI(@webhook.payload_url.strip)
+
+    connection_opts = {
+      request: {
+        write_timeout: REQUEST_TIMEOUT,
+        read_timeout: REQUEST_TIMEOUT,
+        open_timeout: REQUEST_TIMEOUT
+      },
+    }
+
+    if !@webhook.verify_certificate
+      connection_opts[:ssl] = { verify: false }
+    end
+
+    conn = Faraday.new(nil, connection_opts) do |f|
+      f.adapter FinalDestination::FaradayAdapter
+    end
+
+    start = Process.clock_gettime(Process::CLOCK_MONOTONIC, :millisecond)
+    error = nil
+    response = nil
+    begin
+      response = conn.post(uri.to_s, body, headers)
+    rescue => e
+      error = e
+    end
+    duration = Process.clock_gettime(Process::CLOCK_MONOTONIC, :millisecond) - start
+    event_update_args = {
+      headers: MultiJson.dump(headers),
+      duration: duration,
+    }
+    if response
+      event_update_args[:response_headers] = MultiJson.dump(response.headers)
+      event_update_args[:response_body] = response.body
+      event_update_args[:status] = response.status
+    else
+      event_update_args[:status] = -1
+      if error.is_a?(Faraday::Error) && error.wrapped_exception.is_a?(FinalDestination::SSRFDetector::DisallowedIpError)
+        error = I18n.t("webhooks.payload_url.blocked_or_internal")
+      end
+      event_update_args[:response_headers] = MultiJson.dump(error: error)
+    end
+    @webhook_event.update!(**event_update_args)
+    response
+  end
+end

config/application.rb

@@ -246,6 +246,8 @@ module Discourse
     # see: http://stackoverflow.com/questions/11894180/how-does-one-correctly-add-custom-sql-dml-in-migrations/11894420#11894420
     config.active_record.schema_format = :sql
 
+    config.active_record.yaml_column_permitted_classes = [Hash, HashWithIndifferentAccess, Time, Symbol]
+
     # We use this in development-mode only (see development.rb)
     config.active_record.use_schema_cache_dump = false
 

config/locales/client.ar.yml

@@ -3597,7 +3597,6 @@ ar:
       default_list_filter: "تصفية القائمة الافتراضية:"
       allow_badges_label: "السماح بمنح الشارات في هذه الفئة"
       edit_permissions: "تعديل الأذونات"
-      reviewable_by_group: "بالإضافة إلى فريق العمل، يمكن أيضًا مراجعة المحتوى في هذه الفئة بواسطة:"
       review_group_name: "اسم المجموعة"
       require_topic_approval: "طلب موافقة المشرف على جميع الموضوعات الجديدة"
       require_reply_approval: "طلب موافقة المشرف على جميع الردود الجديدة"

config/locales/client.da.yml

@@ -2951,7 +2951,6 @@ da:
       default_list_filter: "Standard Listefilter:"
       allow_badges_label: "Tillad at emblemer bliver tildelt i denne kategori"
       edit_permissions: "Redigér tilladelser"
-      reviewable_by_group: "Ud over personalet kan indholdet i denne kategori også gennemgås af:"
       review_group_name: "gruppe navn"
       require_topic_approval: "Kræv moderator godkendelse af alle nye emner"
       require_reply_approval: "Kræv moderator godkendelse af alle nye svar"

config/locales/client.el.yml

@@ -2590,7 +2590,6 @@ el:
       default_list_filter: "Προεπιλεγμένο φίλτρο λίστας:"
       allow_badges_label: "Να επιτρέπεται η απονομή παράσημων σε αυτή την κατηγορία"
       edit_permissions: "Επεξεργασία Δικαιωμάτων"
-      reviewable_by_group: "Εκτός από το προσωπικό, το περιεχόμενο αυτής της κατηγορίας μπορεί επίσης να αναθεωρηθεί από:"
       review_group_name: "όνομα ομάδας"
       require_topic_approval: "Απαιτήστε έγκριση συντονιστή για όλα τα νέα θέματα"
       require_reply_approval: "Απαιτήστε έγκριση συντονιστή για όλες τις νέες απαντήσεις"

config/locales/client.en.yml

@@ -1988,6 +1988,7 @@ en:
       name_label: "Name"
       password_label: "Password"
       optional_description: "(optional)"
+      existing_user_can_redeem: "Redeem your invitation to a topic or group."
 
     password_reset:
       continue: "Continue to %{site_name}"
@@ -4245,7 +4246,6 @@ en:
         go_back: "Back to list"
         payload_url: "Payload URL"
         payload_url_placeholder: "https://example.com/postreceive"
-        warn_local_payload_url: "It seems you are trying to set up the webhook to a local url. Event delivered to a local address may cause side-effect or unexpected behaviors. Continue?"
         secret_invalid: "Secret must not have any blank characters."
         secret_too_short: "Secret should be at least 12 characters."
         secret_placeholder: "An optional string, used for generating signature"
@@ -4534,7 +4534,6 @@ en:
           is_private: "Theme is in a private git repository"
           remote_branch: "Branch name (optional)"
           public_key: "Grant the following public key access to the repo:"
-          public_key_note: "After entering a valid private repository URL above, an SSH key will be generated and displayed here."
           install: "Install"
           installed: "Installed"
           install_popular: "Popular"

config/locales/client.es.yml

@@ -173,6 +173,7 @@ es:
     themes:
       default_description: "Por defecto"
       broken_theme_alert: "Tu sitio puede que no funcione porque el tema / componente %{theme} tiene errores. Desactívalo en %{path}."
+    broken_decorator_alert: "Puede que las publicaciones no se muestren correctamente porque uno de los decoradores de contenido de publicaciones de tu sitio está causando errores. Revisa la consola de desarrollo del navegador para más información."
     s3:
       regions:
         ap_northeast_1: "Asia-Pacífico (Tokio)"
@@ -3071,7 +3072,7 @@ es:
       default_list_filter: "Filtro de lista por defecto:"
       allow_badges_label: "Permitir que se concedan insignias en esta categoría"
       edit_permissions: "Editar permisos"
-      reviewable_by_group: "Además del personal, el contenido de esta categoría también puede ser revisado por:"
+      reviewable_by_group: "Además del personal, los siguientes grupos también pueden revisar el contenido de esta categoría:"
       review_group_name: "nombre del grupo"
       require_topic_approval: "Requiere aprobación del moderador para todos los temas nuevos"
       require_reply_approval: "Requiere aprobación del moderador para todas las respuestas nuevas"

config/locales/client.et.yml

@@ -2161,7 +2161,6 @@ et:
       default_list_filter: "Vaikimisi teemade filter:"
       allow_badges_label: "Luba selles foorumis autasustamist märgistega"
       edit_permissions: "Muuda kasutusõigusi"
-      reviewable_by_group: "Lisaks meeskonnaliikmetle saavad selle kategooria sisu üle vaadata ka:"
       review_group_name: "grupi nimi"
       require_topic_approval: "Nõua moderaatori heakskiitu kõikidele uutele teemadele"
       require_reply_approval: "Nõua moderaatori heakskiitu kõikidele uutele vastustele"

config/locales/client.fi.yml

@@ -2956,7 +2956,6 @@ fi:
       default_list_filter: "Oletusluettelosuodatin:"
       allow_badges_label: "Salli kunniamerkkien myöntäminen tällä alueella"
       edit_permissions: "Muokkaa oikeuksia"
-      reviewable_by_group: "Henkilökunnan lisäksi tämän alueen sisältöä voi käsitellä myös:"
       review_group_name: "ryhmän nimi"
       require_topic_approval: "Edellytä valvojan hyväksyntää kaikille uusille ketjuille"
       require_reply_approval: "Edellytä valvojan hyväksyntää kaikille uusille vastauksille"

config/locales/client.fr.yml

@@ -2953,7 +2953,6 @@ fr:
       default_list_filter: "Filtre de liste par défaut :"
       allow_badges_label: "Autoriser les badges à être accordés dans cette catégorie"
       edit_permissions: "Modifier les permissions"
-      reviewable_by_group: "En plus des responsables, le contenu de cette catégorie peut également être examiné par :"
       review_group_name: "nom du groupe"
       require_topic_approval: "Nécessiter l'approbation pour chaque nouveau sujet"
       require_reply_approval: "Nécessiter l'approbation pour chaque nouvelle réponse"

config/locales/client.gl.yml

@@ -2859,7 +2859,6 @@ gl:
       default_list_filter: "Filtro de listaxe predeterminado:"
       allow_badges_label: "Permitir adxudicar insignias nesta categoría"
       edit_permissions: "Editar permisos"
-      reviewable_by_group: "Ademais do equipo, o contido desta categoría tamén pode ser revisado por:"
       review_group_name: "nome do grupo"
       require_topic_approval: "Require a aprobación de todos os temas novos polo moderador"
       require_reply_approval: "Require a aprobación de todas as respostas novas polo moderador"

config/locales/client.hu.yml

@@ -2834,6 +2834,7 @@ hu:
       default_view: "Alapértelmezett témakörök"
       allow_badges_label: "Kitűzök elnyerésének engedélyezése ebben a kategóriában"
       edit_permissions: "Jogok szerkesztése"
+      reviewable_by_group: "Az ebbe a kategóriába tartozó tartalmakat a stábon kívül a következők is jóváhagyhatják:"
       review_group_name: "csoport neve"
       this_year: "ez az év"
       position: "Kategóriák oldalon elfoglalt pozíció:"

config/locales/client.it.yml

@@ -3026,7 +3026,7 @@ it:
       default_list_filter: "Filtro predefinito della lista:"
       allow_badges_label: "Permetti l'assegnazione di distintivi in questa categoria"
       edit_permissions: "Modifica Permessi"
-      reviewable_by_group: "Oltre allo staff, i contenuti di questa categoria possono essere esaminati da:"
+      reviewable_by_group: "Oltre che dal personale, i contenuti di questa categoria possono essere revisionati anche da:"
       review_group_name: "nome gruppo"
       require_topic_approval: "Richiedi l'approvazione di un moderatore per tutti i nuovi argomenti"
       require_reply_approval: "Richiedi l'approvazione di un moderatore per tutte le nuove risposte"

config/locales/client.ja.yml

@@ -2886,7 +2886,6 @@ ja:
       default_list_filter: "デフォルトのリストのフィルタ:"
       allow_badges_label: "このカテゴリでバッジの付与を許可する"
       edit_permissions: "権限を編集"
-      reviewable_by_group: "このカテゴリのコンテンツはスタッフのほか、次のユーザーもレビューできる:"
       review_group_name: "グループ名"
       require_topic_approval: "すべての新しいトピックにモデレーターの承認を必要とする"
       require_reply_approval: "すべての新しい返信にモデレーターの承認を必要とする"

config/locales/client.ko.yml

@@ -2918,7 +2918,6 @@ ko:
       default_list_filter: "목록 기본 필터:"
       allow_badges_label: "배지가 이 카테고리에서 주어질 수 있도록 허용"
       edit_permissions: "권한 수정"
-      reviewable_by_group: "이 카테고리의 콘텐츠는 관리자 외에도 다음과 같은 방법으로 검토할 수 있습니다."
       review_group_name: "그룹명"
       require_topic_approval: "모든 새 글에 대한 관리자 승인 필요"
       require_reply_approval: "모든 새 댓글의 관리자 승인 필요"

config/locales/client.lt.yml

@@ -2898,7 +2898,6 @@ lt:
       default_list_filter: "Numatytasis sąrašo filtras:"
       allow_badges_label: "Leisti trofėjų apdovanojimus šioje kategorijoje"
       edit_permissions: "Redaguoti leidimus"
-      reviewable_by_group: "Be darbuotojų, šios kategorijos turinį taip pat gali peržiūrėti:"
       review_group_name: "grupės pavadinimas"
       require_topic_approval: "Reikalauti, kad moderatorius patvirtintų visas naujas temas"
       require_reply_approval: "Reikalauti, kad moderatorius patvirtintų visus naujus atsakymus"

config/locales/client.nb_NO.yml

@@ -2910,7 +2910,6 @@ nb_NO:
       default_list_filter: "Standard listefilter:"
       allow_badges_label: "Tillat merker å bli tildelt i denne kategorien"
       edit_permissions: "Rediger tillatelser"
-      reviewable_by_group: "I tillegg til de ansatte, kan innholdet i denne kategorien også gjennomgås ved å:"
       review_group_name: "gruppenavn"
       require_topic_approval: "Krev godkjennelse fra moderator for alle nye emner"
       require_reply_approval: "Krev godkjennelse fra moderator for alle nye svar"

config/locales/client.nl.yml

@@ -2970,7 +2970,6 @@ nl:
       default_list_filter: "Standaard lijstfilter:"
       allow_badges_label: "Badges laten toekennen in deze categorie"
       edit_permissions: "Toestemmingen bewerken"
-      reviewable_by_group: "Naast stafleden kan inhoud in deze categorie ook worden beoordeeld door:"
       review_group_name: "groepsnaam"
       require_topic_approval: "Goedkeuring van moderator voor alle nieuwe topics vereisen"
       require_reply_approval: "Goedkeuring van moderator voor alle nieuwe antwoorden vereisen"