Andy Smith
ea61907397
Pass in data attribute to partial
2025-12-22 14:43:08 -06:00
Andy Smith
348808edc2
Replace span with li
2025-12-22 14:26:03 -06:00
Jason Zimdars
72ffc2b974
Merge branch 'main' into smooth-theme-change
2025-12-22 11:34:48 -06:00
Jason Zimdars
806297eb12
Merge pull request #2230 from basecamp/refactor-system-comment-classes
...
Refactor system comment classes
2025-12-22 11:15:48 -06:00
Jason Zimdars
5716303c22
Rename
...
It feels odd to have a `.system` class in the `.comment` namespace.
Might as well make it really obvious if we're going to rename it
2025-12-22 11:12:46 -06:00
Jason Zimdars
563c530e3e
Merge pull request #2213 from basecamp/welcome-letter
...
Stub welcome letter for newly created accounts
2025-12-22 10:17:41 -06:00
Stanko K.R.
0df667f4fb
Fix HTML injection in webhooks through card titles
2025-12-22 12:20:32 +01:00
Jason Zimdars
e724b3bf86
Move to variable
2025-12-20 18:19:13 -06:00
Jason Zimdars
71433718d5
Set view-transition-name so it gets calculated in the layer rendering
...
Prevents cards from briefly appearing on top of the letter while they
finish transitioning
2025-12-20 18:16:35 -06:00
Jason Zimdars
c33b12aa14
We get this for free
2025-12-20 18:12:34 -06:00
Jason Zimdars
d0587d5db8
turbo:load doesn't seem to be working, try a specific controller method to open it
2025-12-20 18:05:41 -06:00
Jason Zimdars
d4ace2752c
Ensure the flash notice passes through the redirect
2025-12-20 18:04:56 -06:00
Jason Zimdars
c32286da00
Remove second data-action attribute
2025-12-20 17:46:31 -06:00
Jason Zimdars
3b1c67f57d
Undo debug
2025-12-20 17:34:19 -06:00
Jason Zimdars
f2b49d0798
Avoid orphans
2025-12-20 17:34:05 -06:00
Jason Fried
69f6149ddc
Updated the welcome message.
2025-12-19 15:29:20 -08:00
Jason Zimdars
10f27f19a6
Add a close button
2025-12-19 15:46:18 -06:00
Jason Zimdars
0adcfabe4c
Stub welcome letter for newly created accounts
2025-12-19 15:36:52 -06:00
Rosa Gutierrez
641e67dc2e
Remove status from allowed parameters in CardsController#update
...
We don't allow changing the status via this action, and it's confusing
and can lead to cases where someone can set someone's else card as
draft, effectively hiding it.
2025-12-19 22:35:30 +01:00
Jeremy Daer
bd6c1cf34f
Storage: harden reconcile for concurrent writes and fix board transfer ( #2096 )
...
* Storage: harden reconcile for concurrent writes and fix board transfer
Reconcile now uses two-cursor approach: captures cursor before and after
the storage scan, aborting if they differ (entries added during scan).
Job retries 3x with 1-minute waits and limits concurrency to 1 per owner.
Board transfer now correctly moves storage for card description embeds
and comment embeds, not just direct attachments. Uses batched queries
to handle cards with thousands of comments efficiently.
Also fixes N+1 queries in attachment grouping via lookup maps.
* Storage: fix per-attachment reconcile and enforce no blob reuse
The storage ledger tracks per-attachment (not per-blob) as a business
abstraction for quotas. This fixes reconcile to match that model and
adds enforcement to prevent blob reuse in tracked contexts.
* Reconcile now uses joins(:blob).sum() for per-attachment counting
* New validation prevents reusing blobs across tracked attachments
* Race-safe storage_total creation with create_or_find_by
* Job efficiency: skip find_by when object already available
* Backfill script checks per-attachment, not just per-blob
2025-12-19 13:07:32 -08:00
Stanko K.R.
ca388c2b84
Replace handle_ naming
2025-12-19 19:21:58 +01:00
Stanko K.R.
df1dfde2b3
Use same constant for fake magic links
2025-12-19 19:21:58 +01:00
Stanko K.R.
3af8bdbe37
Replace FakeMagicLink with a temporary object
2025-12-19 19:21:58 +01:00
Stanko K.R.
52d57c4681
Tidy up session_token
2025-12-19 19:21:57 +01:00
Stanko K.R.
e0270c6c49
Clean up interfaces
...
I talked to the mobile team, and to keep things simple we agreed to send
the token via a cookie.
2025-12-19 19:21:57 +01:00
Stanko K.R.
1a1f4a077b
Simplify auth logic
2025-12-19 19:21:57 +01:00
Fernando Olivares
cddddcf83a
Fix due to unit test when creating with invalid emails
2025-12-19 19:21:57 +01:00
Fernando Olivares
b3c8d02709
Cleanup session creation
2025-12-19 19:21:57 +01:00
Fernando Olivares
6e8d6a3df0
Update to always return a pending auth token for JSON responses.
2025-12-19 19:21:57 +01:00
Fernando Olivares
877f82c0cc
Pass a server token when creating a magic link via API
2025-12-19 19:21:57 +01:00
Fernando Olivares
a75a939289
Simplify code a bit
2025-12-19 19:21:57 +01:00
Fernando Olivares
360e14352f
Simplify session create logic for both html and json
2025-12-19 19:21:57 +01:00
Stanko K.R.
e5bdb3b071
Add back missing development magic link prompt
2025-12-19 19:21:57 +01:00
Stanko K.R.
c0a0786539
Return the session cookie
...
We had a call about this. In short, we could reuse access tokens but then the user would see access tokens for every mobile device they have without any indication as to what is going on. So, since this really is just logging in instead of an integration which seems to be the primary purpose of access tokens, we can just use our regular session cookie for authentication.
2025-12-19 19:21:57 +01:00
Stanko K.R.
54ceb4df7c
Remove email address and users from magic link response
...
The identity endpoint can be used to fetch that information
2025-12-19 19:21:57 +01:00
Stanko K.R.
b92982b244
Cleanup & simplify sign in
2025-12-19 19:21:57 +01:00
Fernando Olivares
093240c6f7
Return email and users too
2025-12-19 19:21:57 +01:00
Fernando Olivares
ab0f7a3ea5
Dev: Set magic link as header when JSON request in development
2025-12-19 19:21:57 +01:00
Fernando Olivares
7644bb7411
Allow JSON requests submitting a magic link code
2025-12-19 19:21:57 +01:00
Fernando Olivares
c8eb592746
Allow JSON requests to send a magic link
2025-12-19 19:21:57 +01:00
Jorge Manrubia
eb1d112013
Merge pull request #2203 from basecamp/remove-unused-param
...
Remove unused `tag_ids` parameter from `CardsController#update`
2025-12-19 12:16:32 +01:00
Jorge Manrubia
fcc426a97b
Merge pull request #2192 from italomatos/optimize-card-count-queries
...
Optimize card count queries to avoid duplicates
2025-12-19 12:05:35 +01:00
Jorge Manrubia
33fc239571
Merge pull request #2140 from dilberryhoundog/fix-stale-account-cache
...
Fix: resolve stale account names in jump menu and page titles
2025-12-19 11:26:23 +01:00
Jorge Manrubia
2cbbdfbd19
Merge pull request #2138 from italomatos/refactor/replace-reverse-merge-with-with-defaults
...
Refactor: Replace reverse_merge with with_defaults for improved readability
2025-12-19 11:24:46 +01:00
Rosa Gutierrez
1e640643e9
Remove unused tag_ids parameter from CardsController#update
...
This is no longer used in the normal flow of the app. The tags are added
via `Cards::TaggingsController`.
2025-12-19 11:16:20 +01:00
Rosa Gutierrez
cb01966439
Remove unused Card.published_or_drafted_by scope
...
As the tests for it could lead to confusion where it seems drafted cards
are not accessible to someone with access to the board and with the
direct drafted card URL.
2025-12-19 09:46:21 +01:00
Alexander Zaytsev
5657ee0455
Remove extra space
2025-12-19 09:37:07 +01:00
Alexander Zaytsev
e52eba9c4e
Rename .comment--system to .system-comment
2025-12-19 09:34:23 +01:00
Alexander Zaytsev
cc6b5cba9c
Use hash for conditional class
2025-12-19 09:33:07 +01:00
Samuel Péchèr
32a0acea11
Merge pull request #2107 from basecamp/adjust-paragraph-spacing
...
Adjusting text content spacing between paragraphs
2025-12-19 07:59:25 +01:00