Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zerver/views/home.py

269 lines
10 KiB
Python
Raw Normal View History

python: Sort imports with isort. Fixes #2665. Regenerated by tabbott with `lint --fix` after a rebase and change in parameters. Note from tabbott: In a few cases, this converts technical debt in the form of unsorted imports into different technical debt in the form of our largest files having very long, ugly import sequences at the start. I expect this change will increase pressure for us to split those files, which isn't a bad thing. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-11 00:54:34 +02:00
import logging
python: Use standard secrets module to generate random tokens. There are three functional side effects: • Correct an insignificant but mathematically offensive bias toward repeated characters in generate_api_key introduced in commit 47b4283c4b4c70ecde4d3c8de871c90ee2506d87; its entropy is increased from 190.52864 bits to 190.53428 bits. • Use the base32 alphabet in confirmation.models.generate_key; its entropy is reduced from 124.07820 bits to the documented 120 bits, but now it uses 1 syscall instead of 24. • Use the base32 alphabet in get_bigbluebutton_url; its entropy is reduced from 51.69925 bits to 50 bits, but now it uses 1 syscall instead of 10. (The base32 alphabet is A-Z 2-7. We could probably replace all of these with plain secrets.token_urlsafe, since I expect most callers can handle the full urlsafe_b64 alphabet A-Z a-z 0-9 - _ without problems.) Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-05 04:02:13 +02:00
import secrets
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
from django.conf import settings
home: Use already imported redirect shortcut for redirects.
2021-09-20 08:05:40 +02:00
from django.http import HttpRequest, HttpResponse
home: Change render_to_response to render. Related to #4093
2017-03-16 14:14:31 +01:00
from django.shortcuts import redirect, render
home: Redirect https://selfhosting.zuliphostname/ to /serverlogin/. This is a reasonable default page to render for that hostname, and less confusing than "Organization does not exist."
2024-01-11 23:57:38 +01:00
from django.urls import reverse
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
from django.utils.cache import patch_cache_control
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
from zerver.actions.user_settings import do_change_tos_version, do_change_user_setting
home: For web public realms, skip login for spectators. To provide a smoother experience of accessing a web public stream, we don't ask user to login unless user directly requests a `/login` URL. Fixes #21690.
2022-04-19 11:47:26 +02:00
from zerver.context_processors import get_realm_from_request, get_valid_realm_from_request
realm: Add option to enable/disable spectator login. We restrict access of messages from web public streams if anonymous login is disabled via `enable_spectator_access`. Display of `Anonymous login` button is now controlled by the value of `enable_spectator_access`. Admins can toggle `enable_spectator_access` via org settings in UI.
2021-10-03 14:16:07 +02:00
from zerver.decorator import web_public_view, zulip_login_required
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
from zerver.forms import ToSForm
compatibility: Shift functions to new module. Shift functions used for compatibility from zerver.lib.home (is_outdated_server) and zerver.view.compatibility (pop_numerals, version_lt, find_mobile_os, is_outdated_desktop_app, is_unsupported_browser) to zerver.lib.compatibility module.
2021-06-04 10:19:50 +02:00
from zerver.lib.compatibility import is_outdated_desktop_app, is_unsupported_browser
gear_menu: Extract the gear menu as a handlebars template. For this extraction, we need to move some context parameter (from home_real in `views/home.py`) to extra page_params parameter (of build_page_params_for_home_page_load in `lib/home.py`) so handlebars template can access them. While moving I confirmed that these parameters are not used elsewhere if some parameter is used elsewhere (like `apps_page_url`) then I didn't remove it from the context list, I just added it to the page_params list. Fixes: #18795.
2021-06-14 12:38:43 +02:00
from zerver.lib.home import build_page_params_for_home_page_load, get_user_permission_info
narrow: Split out narrow_helpers. This will make more sense as I get deeper into modernizing how we accept narrows from users via the API and represent the narrows in event queues.
2023-06-30 02:48:22 +02:00
from zerver.lib.narrow_helpers import NarrowTerm
request: Refactor ZulipRequestNotes to RequestNotes. This utilizes the generic `BaseNotes` we added for multipurpose patching. With this migration as an example, we can further support more types of notes to replace the monkey-patching approach we have used throughout the codebase for type safety.
2021-08-21 19:24:20 +02:00
from zerver.lib.request import RequestNotes
home: Use access_stream_by_name to access streams.
2017-01-30 03:11:00 +01:00
from zerver.lib.streams import access_stream_by_name
subdomains: Extract zerver.lib.subdomains library. These never really belonged with the rest of zerver.lib.utils.py, and having a separate library makes it easier to enforce full test coverage.
2017-10-19 07:21:57 +02:00
from zerver.lib.subdomains import get_subdomain
page_params: Remove unused prompt_for_invites. It’s unused since commit ebe959f2b0768e5d5aaeb05a3e9a8f67a6c4fad0. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-02-07 06:19:03 +01:00
from zerver.models import Realm, RealmUserDefault, Stream, UserProfile
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
ruff: Fix UP007 Use `X | Y` for type annotations. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-07-12 02:30:23 +02:00
def need_accept_tos(user_profile: UserProfile | None) -> bool:
home: Allow logged out user through home. We allow user to load webapp without log-in. This is only be enabled for developed purposes now. Production setups will see no changes.
2020-09-27 06:49:16 +02:00
if user_profile is None:
home: Extract terms of service check to a function.
2019-09-14 01:38:28 +02:00
return False
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
if user_profile.tos_version == UserProfile.TOS_VERSION_BEFORE_FIRST_LOGIN:
return True
settings: Rename TOS_VERSION to TERMS_OF_SERVICE_VERSION. The previous version was appropriate in a setting where it was only used for Zulip Cloud, but it's definitely clearer to spell it out.
2021-12-07 02:23:24 +01:00
if settings.TERMS_OF_SERVICE_VERSION is None:
home: Extract terms of service check to a function.
2019-09-14 01:38:28 +02:00
return False
settings: Rename TOS_VERSION to TERMS_OF_SERVICE_VERSION. The previous version was appropriate in a setting where it was only used for Zulip Cloud, but it's definitely clearer to spell it out.
2021-12-07 02:23:24 +01:00
return int(settings.TERMS_OF_SERVICE_VERSION.split(".")[0]) > user_profile.major_tos_version()
home: Extract terms of service check to a function.
2019-09-14 01:38:28 +02:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
@zulip_login_required
zerver/views: Use Python 3 syntax for typing. Edited by tabbott to remove state.py and streams.py, because of problems with the original PR's changes, and wrap some long lines.
2017-11-27 09:28:57 +01:00
def accounts_accept_terms(request: HttpRequest) -> HttpResponse:
mypy: Fix most AnonymousUser type errors. This commit fixes several mypy errors with Django stubs, by telling mypy that we know in a given code path that the user is authenticated.
2021-07-24 20:37:35 +02:00
assert request.user.is_authenticated
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
if request.method == "POST":
form = ToSForm(request.POST)
if form.is_valid():
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
assert (
settings.TERMS_OF_SERVICE_VERSION is not None
or request.user.tos_version == UserProfile.TOS_VERSION_BEFORE_FIRST_LOGIN
)
settings: Rename TOS_VERSION to TERMS_OF_SERVICE_VERSION. The previous version was appropriate in a setting where it was only used for Zulip Cloud, but it's definitely clearer to spell it out.
2021-12-07 02:23:24 +01:00
do_change_tos_version(request.user, settings.TERMS_OF_SERVICE_VERSION)
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
email_address_visibility = form.cleaned_data["email_address_visibility"]
if (
email_address_visibility is not None
and email_address_visibility != request.user.email_address_visibility
):
do_change_user_setting(
request.user,
"email_address_visibility",
email_address_visibility,
acting_user=request.user,
)
accounts_accept_terms: Check if imported user wants marketing emails.
2024-09-11 11:00:22 +02:00
enable_marketing_emails = form.cleaned_data["enable_marketing_emails"]
if (
enable_marketing_emails is not None
and enable_marketing_emails != request.user.enable_marketing_emails
):
do_change_user_setting(
request.user,
"enable_marketing_emails",
enable_marketing_emails,
acting_user=request.user,
)
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
return redirect(home)
else:
form = ToSForm()
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
default_email_address_visibility = None
first_time_login = request.user.tos_version == UserProfile.TOS_VERSION_BEFORE_FIRST_LOGIN
if first_time_login:
realm_user_default = RealmUserDefault.objects.get(realm=request.user.realm)
default_email_address_visibility = realm_user_default.email_address_visibility
home: Simplify and comment terms of service notice implementation.
2022-01-28 22:45:56 +01:00
context = {
"form": form,
"email": request.user.delivery_email,
# Text displayed when updating TERMS_OF_SERVICE_VERSION.
"terms_of_service_message": settings.TERMS_OF_SERVICE_MESSAGE,
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
"terms_of_service_version": settings.TERMS_OF_SERVICE_VERSION,
home: Simplify and comment terms of service notice implementation.
2022-01-28 22:45:56 +01:00
# HTML template used when agreeing to terms of service the
# first time, e.g. after data import.
"first_time_terms_of_service_message_template": None,
accounts: Allow user to change email visibility during first login. We now allow users to change email address visibility setting on the "Terms of service" page during first login. This page is not shown for users creating account using normal registration process, but is useful for imported users and users created through API, LDAP, SCIM and management commands.
2023-04-24 16:51:02 +02:00
"first_time_login": first_time_login,
"default_email_address_visibility": default_email_address_visibility,
"email_address_visibility_options_dict": UserProfile.EMAIL_ADDRESS_VISIBILITY_ID_TO_NAME_MAP,
"email_address_visibility_admins_only": UserProfile.EMAIL_ADDRESS_VISIBILITY_ADMINS,
"email_address_visibility_moderators": UserProfile.EMAIL_ADDRESS_VISIBILITY_MODERATORS,
"email_address_visibility_nobody": UserProfile.EMAIL_ADDRESS_VISIBILITY_NOBODY,
home: Simplify and comment terms of service notice implementation.
2022-01-28 22:45:56 +01:00
}
terms: Rename and tweak FIRST_TIME_TERMS_OF_SERVICE_TEMPLATE. We do s/TOS/TERMS_OF_SERVICE/ on the name, and while we're at it, remove the assumed zerver/ namespace for the template, which isn't correct -- Zulip Cloud related content should be in the corporate/ directory.
2021-12-10 20:16:42 +01:00
if (
users: Set tos_version to -1 for users who have not logged-in yet. We now set tos_version to "-1" for imported users and the ones created using API or using other methods like LDAP, SCIM and management commands. This value will help us to allow users to change email address visibility setting during first login.
2023-05-08 09:17:57 +02:00
request.user.tos_version == UserProfile.TOS_VERSION_BEFORE_FIRST_LOGIN
terms: Rename and tweak FIRST_TIME_TERMS_OF_SERVICE_TEMPLATE. We do s/TOS/TERMS_OF_SERVICE/ on the name, and while we're at it, remove the assumed zerver/ namespace for the template, which isn't correct -- Zulip Cloud related content should be in the corporate/ directory.
2021-12-10 20:16:42 +01:00
and settings.FIRST_TIME_TERMS_OF_SERVICE_TEMPLATE is not None
):
requirements: Upgrade Python requirements. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-01-29 00:32:21 +01:00
context["first_time_terms_of_service_message_template"] = (
settings.FIRST_TIME_TERMS_OF_SERVICE_TEMPLATE
)
home: Simplify and comment terms of service notice implementation.
2022-01-28 22:45:56 +01:00
home: Change render_to_response to render. Related to #4093
2017-03-16 14:14:31 +01:00
return render(
request,
python: Normalize quotes with Black. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:20:45 +01:00
"zerver/accounts_accept_terms.html",
home: Simplify and comment terms of service notice implementation.
2022-01-28 22:45:56 +01:00
context,
home: Change render_to_response to render. Related to #4093
2017-03-16 14:14:31 +01:00
)
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
def detect_narrowed_window(
ruff: Fix UP007 Use `X | Y` for type annotations. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-07-12 02:30:23 +02:00
request: HttpRequest, user_profile: UserProfile | None
) -> tuple[list[NarrowTerm], Stream | None, str | None]:
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
"""This function implements Zulip's support for a mini Zulip window
that just handles messages from a single narrow"""
home: Allow logged out user through home. We allow user to load webapp without log-in. This is only be enabled for developed purposes now. Production setups will see no changes.
2020-09-27 06:49:16 +02:00
if user_profile is None:
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
return [], None, None
ruff: Fix UP006 Use `list` instead of `List` for type annotation. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-07-12 02:30:17 +02:00
narrow: list[NarrowTerm] = []
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
narrow_stream = None
views: Rename *topic local variables to *topic_name. This is preparatory work towards adding a Topic model. We plan to use the local variable name as 'topic' for the Topic model objects. Currently, we use *topic as the local variable name for topic names. We rename local variables of the form *topic to *topic_name so that we don't need to think about type collisions in individual code paths where we might want to talk about both Topic objects and strings for the topic name.
2024-01-13 14:02:59 +01:00
narrow_topic_name = request.GET.get("topic")
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
typing: Add none-checks for miscellaneous cases. Signed-off-by: Zixuan James Li <359101898@qq.com>
2022-05-31 01:32:29 +02:00
if "stream" in request.GET:
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
try:
zerver: Update comments with "private message" or "PM". Updates comments/doc-strings that use "private message" or "PM" in files in the `/zerver` directory to instead use "direct message".
2023-06-19 16:42:11 +02:00
# TODO: We should support stream IDs and direct messages here as well.
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
narrow_stream_name = request.GET.get("stream")
typing: Add none-checks for miscellaneous cases. Signed-off-by: Zixuan James Li <359101898@qq.com>
2022-05-31 01:32:29 +02:00
assert narrow_stream_name is not None
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
(narrow_stream, ignored_sub) = access_stream_by_name(user_profile, narrow_stream_name)
narrow: Pass modern narrow to do_events_register. We now upstream the conversion of legacy tuples into the callers of do_events_register. For the codepath that builds the home view, this allows for cleaner code in the caller. For the /register endpoint, we have to do the conversion, but that isn't super ugly, as that's an appropriate place to deal with legacy formats and clean them up. We do have to have do_events_register downgrade the format back to tuples to pass them into request_event_queue, because I don't want to change any serialization formats. The conversion is quite simple, and it has test coverage.
2023-06-30 00:50:04 +02:00
narrow = [NarrowTerm(operator="stream", operand=narrow_stream.name)]
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
except Exception:
logging.warning("Invalid narrow requested, ignoring", extra=dict(request=request))
views: Rename *topic local variables to *topic_name. This is preparatory work towards adding a Topic model. We plan to use the local variable name as 'topic' for the Topic model objects. Currently, we use *topic as the local variable name for topic names. We rename local variables of the form *topic to *topic_name so that we don't need to think about type collisions in individual code paths where we might want to talk about both Topic objects and strings for the topic name.
2024-01-13 14:02:59 +01:00
if narrow_stream is not None and narrow_topic_name is not None:
narrow.append(NarrowTerm(operator="topic", operand=narrow_topic_name))
return narrow, narrow_stream, narrow_topic_name
home: Extract handling of narrow windows to a function.
2019-09-14 01:53:42 +02:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
ruff: Fix UP007 Use `X | Y` for type annotations. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-07-12 02:30:23 +02:00
def update_last_reminder(user_profile: UserProfile | None) -> None:
home: Extract updates to last_reminder to a function.
2019-09-14 01:56:29 +02:00
"""Reset our don't-spam-users-with-email counter since the
user has since logged in
"""
home: Allow logged out user through home. We allow user to load webapp without log-in. This is only be enabled for developed purposes now. Production setups will see no changes.
2020-09-27 06:49:16 +02:00
if user_profile is None:
home: Extract updates to last_reminder to a function.
2019-09-14 01:56:29 +02:00
return
if user_profile.last_reminder is not None: # nocoverage
# TODO: Look into the history of last_reminder; we may have
# eliminated that as a useful concept for non-bot users.
user_profile.last_reminder = None
user_profile.save(update_fields=["last_reminder"])
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
zerver/views: Use Python 3 syntax for typing. Edited by tabbott to remove state.py and streams.py, because of problems with the original PR's changes, and wrap some long lines.
2017-11-27 09:28:57 +01:00
def home(request: HttpRequest) -> HttpResponse:
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
subdomain = get_subdomain(request)
realm: Add option to enable/disable spectator login. We restrict access of messages from web public streams if anonymous login is disabled via `enable_spectator_access`. Display of `Anonymous login` button is now controlled by the value of `enable_spectator_access`. Admins can toggle `enable_spectator_access` via org settings in UI.
2021-10-03 14:16:07 +02:00
# If settings.ROOT_DOMAIN_LANDING_PAGE and this is the root
# domain, send the user the landing page.
home: Only serve landing page at root domain on corporate servers.
2022-08-17 19:06:07 +02:00
if (
settings.ROOT_DOMAIN_LANDING_PAGE
and subdomain == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN
and settings.CORPORATE_ENABLED
):
portico: Move to corporate folder. Since the URLs that use these function are present in corporate/urls, this file belongs in the corporate folder.
2022-08-17 19:24:10 +02:00
from corporate.views.portico import hello_view
realm: Add option to enable/disable spectator login. We restrict access of messages from web public streams if anonymous login is disabled via `enable_spectator_access`. Display of `Anonymous login` button is now controlled by the value of `enable_spectator_access`. Admins can toggle `enable_spectator_access` via org settings in UI.
2021-10-03 14:16:07 +02:00
return hello_view(request)
home: Redirect https://auth.zuliphostname/ to https://zuliphostname/. It is confusing for folks directing accessing the page to get a "Organization does not exist" message.
2024-01-11 23:56:31 +01:00
if subdomain == settings.SOCIAL_AUTH_SUBDOMAIN:
return redirect(settings.ROOT_DOMAIN_URI)
home: Redirect https://selfhosting.zuliphostname/ to /serverlogin/. This is a reasonable default page to render for that hostname, and less confusing than "Organization does not exist."
2024-01-11 23:57:38 +01:00
elif subdomain == settings.SELF_HOSTING_MANAGEMENT_SUBDOMAIN:
return redirect(reverse("remote_billing_legacy_server_login"))
home: For web public realms, skip login for spectators. To provide a smoother experience of accessing a web public stream, we don't ask user to login unless user directly requests a `/login` URL. Fixes #21690.
2022-04-19 11:47:26 +02:00
realm = get_realm_from_request(request)
if realm is None:
portico: Improve message for deactivated, invalid and moved orgs.
2024-05-11 01:21:38 +02:00
context = {
"current_url": request.get_host(),
}
return render(request, "zerver/invalid_realm.html", status=404, context=context)
home: For web public realms, skip login for spectators. To provide a smoother experience of accessing a web public stream, we don't ask user to login unless user directly requests a `/login` URL. Fixes #21690.
2022-04-19 11:47:26 +02:00
if realm.allow_web_public_streams_access():
realm: Add option to enable/disable spectator login. We restrict access of messages from web public streams if anonymous login is disabled via `enable_spectator_access`. Display of `Anonymous login` button is now controlled by the value of `enable_spectator_access`. Admins can toggle `enable_spectator_access` via org settings in UI.
2021-10-03 14:16:07 +02:00
return web_public_view(home_real)(request)
return zulip_login_required(home_real)(request)
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
zerver/views: Use Python 3 syntax for typing. Edited by tabbott to remove state.py and streams.py, because of problems with the original PR's changes, and wrap some long lines.
2017-11-27 09:28:57 +01:00
def home_real(request: HttpRequest) -> HttpResponse:
compatibility: Add more strict desktop app blocking. This allows us to block use of the desktop app with insecure versions (we simply fail to load the Zulip webapp at all, instead rendering an error page). For now we block only versions that are known to be both insecure and not auto-updating, but we can easily adjust these parameters in the future.
2020-03-25 02:00:28 +01:00
# Before we do any real work, check if the app is banned.
django: Use HttpRequest.headers. Fixes #14769. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-05-12 06:54:12 +02:00
client_user_agent = request.headers.get("User-Agent", "")
compatibility: Add more strict desktop app blocking. This allows us to block use of the desktop app with insecure versions (we simply fail to load the Zulip webapp at all, instead rendering an error page). For now we block only versions that are known to be both insecure and not auto-updating, but we can easily adjust these parameters in the future.
2020-03-25 02:00:28 +01:00
(insecure_desktop_app, banned_desktop_app, auto_update_broken) = is_outdated_desktop_app(
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
client_user_agent
)
compatibility: Add more strict desktop app blocking. This allows us to block use of the desktop app with insecure versions (we simply fail to load the Zulip webapp at all, instead rendering an error page). For now we block only versions that are known to be both insecure and not auto-updating, but we can easily adjust these parameters in the future.
2020-03-25 02:00:28 +01:00
if banned_desktop_app:
return render(
request,
portico_error_pages: Collect zerver error pages into a folder. Tested `link_does_not_exist.html`, `404.html` and `unsupported_browser` pages render correctly.
2024-06-05 06:51:07 +02:00
"zerver/portico_error_pages/insecure_desktop_app.html",
compatibility: Add more strict desktop app blocking. This allows us to block use of the desktop app with insecure versions (we simply fail to load the Zulip webapp at all, instead rendering an error page). For now we block only versions that are known to be both insecure and not auto-updating, but we can easily adjust these parameters in the future.
2020-03-25 02:00:28 +01:00
context={
"auto_update_broken": auto_update_broken,
python: Use trailing commas consistently. Automatically generated by the following script, based on the output of lint with flake8-comma: import re import sys last_filename = None last_row = None lines = [] for msg in sys.stdin: m = re.match( r"\x1b\[35mflake8 \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg ) if m: filename, row_str, col_str, err = m.groups() row, col = int(row_str), int(col_str) if filename == last_filename: assert last_row != row else: if last_filename is not None: with open(last_filename, "w") as f: f.writelines(lines) with open(filename) as f: lines = f.readlines() last_filename = filename last_row = row line = lines[row - 1] if err in ["C812", "C815"]: lines[row - 1] = line[: col - 1] + "," + line[col - 1 :] elif err in ["C819"]: assert line[col - 2] == "," lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ") if last_filename is not None: with open(last_filename, "w") as f: f.writelines(lines) Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 05:23:40 +02:00
},
compatibility: Add more strict desktop app blocking. This allows us to block use of the desktop app with insecure versions (we simply fail to load the Zulip webapp at all, instead rendering an error page). For now we block only versions that are known to be both insecure and not auto-updating, but we can easily adjust these parameters in the future.
2020-03-25 02:00:28 +01:00
)
browser_support: Drop support for Internet Explorer. Internet Explorer does not support `position: sticky` which improves floating recipient bar behavior during scrolling which is one of the issues blocking PR #9910. IE also does not support some features that modern browsers support hence may not super well. This commit adds an error page that'll be displayed when a user logs in from Internet Explorer. Also, a test is added.
2020-04-20 14:00:03 +02:00
(unsupported_browser, browser_name) = is_unsupported_browser(client_user_agent)
if unsupported_browser:
return render(
request,
portico_error_pages: Collect zerver error pages into a folder. Tested `link_does_not_exist.html`, `404.html` and `unsupported_browser` pages render correctly.
2024-06-05 06:51:07 +02:00
"zerver/portico_error_pages/unsupported_browser.html",
browser_support: Drop support for Internet Explorer. Internet Explorer does not support `position: sticky` which improves floating recipient bar behavior during scrolling which is one of the issues blocking PR #9910. IE also does not support some features that modern browsers support hence may not super well. This commit adds an error page that'll be displayed when a user logs in from Internet Explorer. Also, a test is added.
2020-04-20 14:00:03 +02:00
context={
"browser_name": browser_name,
python: Use trailing commas consistently. Automatically generated by the following script, based on the output of lint with flake8-comma: import re import sys last_filename = None last_row = None lines = [] for msg in sys.stdin: m = re.match( r"\x1b\[35mflake8 \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg ) if m: filename, row_str, col_str, err = m.groups() row, col = int(row_str), int(col_str) if filename == last_filename: assert last_row != row else: if last_filename is not None: with open(last_filename, "w") as f: f.writelines(lines) with open(filename) as f: lines = f.readlines() last_filename = filename last_row = row line = lines[row - 1] if err in ["C812", "C815"]: lines[row - 1] = line[: col - 1] + "," + line[col - 1 :] elif err in ["C819"]: assert line[col - 2] == "," lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ") if last_filename is not None: with open(last_filename, "w") as f: f.writelines(lines) Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 05:23:40 +02:00
},
browser_support: Drop support for Internet Explorer. Internet Explorer does not support `position: sticky` which improves floating recipient bar behavior during scrolling which is one of the issues blocking PR #9910. IE also does not support some features that modern browsers support hence may not super well. This commit adds an error page that'll be displayed when a user logs in from Internet Explorer. Also, a test is added.
2020-04-20 14:00:03 +02:00
)
compatibility: Add more strict desktop app blocking. This allows us to block use of the desktop app with insecure versions (we simply fail to load the Zulip webapp at all, instead rendering an error page). For now we block only versions that are known to be both insecure and not auto-updating, but we can easily adjust these parameters in the future.
2020-03-25 02:00:28 +01:00
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
# We need to modify the session object every two weeks or it will expire.
# This line makes reloading the page a sufficient action to keep the
# session alive.
request.session.modified = True
home: Extract terms of service check to a function.
2019-09-14 01:38:28 +02:00
if request.user.is_authenticated:
user_profile = request.user
home: Pass realm to build_page_params_for_home_page_load. This is preparation for this needing to be a separate parameter from the user.
2020-10-02 00:00:28 +02:00
realm = user_profile.realm
home: Allow logged out user through home. We allow user to load webapp without log-in. This is only be enabled for developed purposes now. Production setups will see no changes.
2020-09-27 06:49:16 +02:00
else:
home: Pass realm to build_page_params_for_home_page_load. This is preparation for this needing to be a separate parameter from the user.
2020-10-02 00:00:28 +02:00
realm = get_valid_realm_from_request(request)
home: For web public realms, skip login for spectators. To provide a smoother experience of accessing a web public stream, we don't ask user to login unless user directly requests a `/login` URL. Fixes #21690.
2022-04-19 11:47:26 +02:00
# We load the spectator experience. We fall through to the shared code
auth: Add login buttons for web public access. For users who are not logged in and for those who don't have 'prefers_web_public_view' set in session, we redirect them to the default login page where they can choose to login as spectator or authenticated user.
2020-10-07 07:10:02 +02:00
# for loading the application, with user_profile=None encoding
# that we're a spectator, not a logged-in user.
user_profile = None
refactor: Move code up higher in home view. The two pieces of code here don't need to be intermingled with the bigger task of building page_params.
2020-07-18 19:00:04 +02:00
update_last_reminder(user_profile)
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
# If a user hasn't signed the current Terms of Service, send them there
home: Extract terms of service check to a function.
2019-09-14 01:38:28 +02:00
if need_accept_tos(user_profile):
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
return accounts_accept_terms(request)
views: Rename *topic local variables to *topic_name. This is preparatory work towards adding a Topic model. We plan to use the local variable name as 'topic' for the Topic model objects. Currently, we use *topic as the local variable name for topic names. We rename local variables of the form *topic to *topic_name so that we don't need to think about type collisions in individual code paths where we might want to talk about both Topic objects and strings for the topic name.
2024-01-13 14:02:59 +01:00
narrow, narrow_stream, narrow_topic_name = detect_narrowed_window(request, user_profile)
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
refactor: Extract build_page_params_for_home_page_load.
2020-07-18 20:33:28 +02:00
queue_id, page_params = build_page_params_for_home_page_load(
request=request,
user_profile=user_profile,
home: Pass realm to build_page_params_for_home_page_load. This is preparation for this needing to be a separate parameter from the user.
2020-10-02 00:00:28 +02:00
realm=realm,
refactor: Extract build_page_params_for_home_page_load.
2020-07-18 20:33:28 +02:00
insecure_desktop_app=insecure_desktop_app,
narrow=narrow,
narrow_stream=narrow_stream,
views: Rename *topic local variables to *topic_name. This is preparatory work towards adding a Topic model. We plan to use the local variable name as 'topic' for the Topic model objects. Currently, we use *topic as the local variable name for topic names. We rename local variables of the form *topic to *topic_name so that we don't need to think about type collisions in individual code paths where we might want to talk about both Topic objects and strings for the topic name.
2024-01-13 14:02:59 +01:00
narrow_topic_name=narrow_topic_name,
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
)
request: Refactor ZulipRequestNotes to RequestNotes. This utilizes the generic `BaseNotes` we added for multipurpose patching. With this migration as an example, we can further support more types of notes to replace the monkey-patching approach we have used throughout the codebase for type safety.
2021-08-21 19:24:20 +02:00
log_data = RequestNotes.get_notes(request).log_data
request: Move log_data from HttpRequest to ZulipRequestNotes.
2021-07-09 10:06:04 +02:00
assert log_data is not None
python: Convert "".format to Python 3.6 f-strings. Generated automatically by pyupgrade. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-08-02 23:36:06 +02:00
log_data["extra"] = f"[{queue_id}]"
i18n: Pass translation data in page_params. This is a preliminary step to make translation_data available as a resource to `i18next.init()`.
2018-05-03 11:08:50 +02:00
python: Use standard secrets module to generate random tokens. There are three functional side effects: • Correct an insignificant but mathematically offensive bias toward repeated characters in generate_api_key introduced in commit 47b4283c4b4c70ecde4d3c8de871c90ee2506d87; its entropy is increased from 190.52864 bits to 190.53428 bits. • Use the base32 alphabet in confirmation.models.generate_key; its entropy is reduced from 124.07820 bits to the documented 120 bits, but now it uses 1 syscall instead of 24. • Use the base32 alphabet in get_bigbluebutton_url; its entropy is reduced from 51.69925 bits to 50 bits, but now it uses 1 syscall instead of 10. (The base32 alphabet is A-Z 2-7. We could probably replace all of these with plain secrets.token_urlsafe, since I expect most callers can handle the full urlsafe_b64 alphabet A-Z a-z 0-9 - _ without problems.) Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-05 04:02:13 +02:00
csp_nonce = secrets.token_hex(24)
refactor: Extract zerver/lib/home.py. The two functions extracted here are mostly copied verbatim, but we use dataclasses to marshal the values back.
2020-07-18 18:13:59 +02:00
user_permission_info = get_user_permission_info(user_profile)
realm_logo: Fix synchronization of realm night logo. The night logo synchronization on the settings page was perfect, but the actual display logic had a few problems: * We were including the realm_logo in context_processors, even though it is only used in home.py. * We used different variable names for the templating in navbar.html than anywhere else the codebase. * The behavior that the night logo would default to the day logo if only one was uploaded was not correctly implemented for the navbar position, either in the synchronization for updates code or the logic in the navbar.html templates.
2019-03-02 18:23:57 +01:00
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
response = render(
request,
python: Normalize quotes with Black. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:20:45 +01:00
"zerver/app/index.html",
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
context={
python: Normalize quotes with Black. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:20:45 +01:00
"user_profile": user_profile,
"page_params": page_params,
"csp_nonce": csp_nonce,
"color_scheme": user_permission_info.color_scheme,
home: Add rel=dns-prefetch to Gravatar and any Zulip avatar host. This hints to the browser that it should start DNS lookups for the host, since it is likely to be necessary. It is a softer form than `rel-preconnect`, which may be unnecessary in these cases, if the client has the resources cached already.
2024-08-02 20:48:42 +02:00
"enable_gravatar": settings.ENABLE_GRAVATAR,
"s3_avatar_public_url_prefix": settings.S3_AVATAR_PUBLIC_URL_PREFIX
if settings.LOCAL_UPLOADS_DIR is None
else "",
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
},
)
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
patch_cache_control(response, no_cache=True, no_store=True, must_revalidate=True)
return response
python: Reformat with Black, except quotes. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-02-12 08:19:30 +01:00
views: Extract zerver/views/home.py. This is a significant piece of the remaining effort required to eliminate the catch-all zerver/views/__init__.py.
2017-01-07 21:19:52 +01:00
@zulip_login_required
zerver/views: Use Python 3 syntax for typing. Edited by tabbott to remove state.py and streams.py, because of problems with the original PR's changes, and wrap some long lines.
2017-11-27 09:28:57 +01:00
def desktop_home(request: HttpRequest) -> HttpResponse:
home: Use already imported redirect shortcut for redirects.
2021-09-20 08:05:40 +02:00
return redirect(home)