2020-06-11 00:54:34 +02:00
|
|
|
import logging
|
2020-09-05 04:02:13 +02:00
|
|
|
import secrets
|
2021-06-27 13:25:55 +02:00
|
|
|
from typing import List, Optional, Tuple
|
2017-01-07 21:19:52 +01:00
|
|
|
|
|
|
|
from django.conf import settings
|
2021-09-20 08:05:40 +02:00
|
|
|
from django.http import HttpRequest, HttpResponse
|
2017-03-16 14:14:31 +01:00
|
|
|
from django.shortcuts import redirect, render
|
2017-01-07 21:19:52 +01:00
|
|
|
from django.utils.cache import patch_cache_control
|
|
|
|
|
2020-10-02 00:00:28 +02:00
|
|
|
from zerver.context_processors import get_valid_realm_from_request
|
2021-10-03 14:16:07 +02:00
|
|
|
from zerver.decorator import web_public_view, zulip_login_required
|
2017-01-07 21:19:52 +01:00
|
|
|
from zerver.forms import ToSForm
|
2020-06-11 00:54:34 +02:00
|
|
|
from zerver.lib.actions import do_change_tos_version, realm_user_count
|
2021-06-04 10:19:50 +02:00
|
|
|
from zerver.lib.compatibility import is_outdated_desktop_app, is_unsupported_browser
|
2021-06-14 12:38:43 +02:00
|
|
|
from zerver.lib.home import build_page_params_for_home_page_load, get_user_permission_info
|
2021-08-21 19:24:20 +02:00
|
|
|
from zerver.lib.request import RequestNotes
|
2017-01-30 03:11:00 +01:00
|
|
|
from zerver.lib.streams import access_stream_by_name
|
2017-10-19 07:21:57 +02:00
|
|
|
from zerver.lib.subdomains import get_subdomain
|
2020-09-05 04:02:13 +02:00
|
|
|
from zerver.lib.utils import statsd
|
2020-07-18 20:33:28 +02:00
|
|
|
from zerver.models import PreregistrationUser, Realm, Stream, UserProfile
|
2020-10-07 07:10:02 +02:00
|
|
|
from zerver.views.auth import get_safe_redirect_to
|
2020-05-08 06:37:58 +02:00
|
|
|
from zerver.views.portico import hello_view
|
2017-01-07 21:19:52 +01:00
|
|
|
|
|
|
|
|
2019-09-14 01:38:28 +02:00
|
|
|
def need_accept_tos(user_profile: Optional[UserProfile]) -> bool:
|
2020-09-27 06:49:16 +02:00
|
|
|
if user_profile is None:
|
2019-09-14 01:38:28 +02:00
|
|
|
return False
|
|
|
|
|
|
|
|
if settings.TERMS_OF_SERVICE is None: # nocoverage
|
|
|
|
return False
|
|
|
|
|
2021-12-07 02:23:24 +01:00
|
|
|
if settings.TERMS_OF_SERVICE_VERSION is None:
|
2019-09-14 01:38:28 +02:00
|
|
|
return False
|
|
|
|
|
2021-12-07 02:23:24 +01:00
|
|
|
return int(settings.TERMS_OF_SERVICE_VERSION.split(".")[0]) > user_profile.major_tos_version()
|
2019-09-14 01:38:28 +02:00
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
2017-01-07 21:19:52 +01:00
|
|
|
@zulip_login_required
|
2017-11-27 09:28:57 +01:00
|
|
|
def accounts_accept_terms(request: HttpRequest) -> HttpResponse:
|
2021-07-24 20:37:35 +02:00
|
|
|
assert request.user.is_authenticated
|
|
|
|
|
2017-01-07 21:19:52 +01:00
|
|
|
if request.method == "POST":
|
|
|
|
form = ToSForm(request.POST)
|
|
|
|
if form.is_valid():
|
2021-12-07 02:23:24 +01:00
|
|
|
do_change_tos_version(request.user, settings.TERMS_OF_SERVICE_VERSION)
|
2017-01-07 21:19:52 +01:00
|
|
|
return redirect(home)
|
|
|
|
else:
|
|
|
|
form = ToSForm()
|
|
|
|
|
2020-04-16 20:44:51 +02:00
|
|
|
email = request.user.delivery_email
|
2017-01-07 21:19:52 +01:00
|
|
|
special_message_template = None
|
|
|
|
if request.user.tos_version is None and settings.FIRST_TIME_TOS_TEMPLATE is not None:
|
2021-02-12 08:20:45 +01:00
|
|
|
special_message_template = "zerver/" + settings.FIRST_TIME_TOS_TEMPLATE
|
2017-03-16 14:14:31 +01:00
|
|
|
return render(
|
|
|
|
request,
|
2021-02-12 08:20:45 +01:00
|
|
|
"zerver/accounts_accept_terms.html",
|
2021-02-12 08:19:30 +01:00
|
|
|
context={
|
2021-02-12 08:20:45 +01:00
|
|
|
"form": form,
|
|
|
|
"email": email,
|
|
|
|
"special_message_template": special_message_template,
|
2021-02-12 08:19:30 +01:00
|
|
|
},
|
2017-03-16 14:14:31 +01:00
|
|
|
)
|
2017-01-07 21:19:52 +01:00
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
|
|
|
def detect_narrowed_window(
|
|
|
|
request: HttpRequest, user_profile: Optional[UserProfile]
|
|
|
|
) -> Tuple[List[List[str]], Optional[Stream], Optional[str]]:
|
2019-09-14 01:53:42 +02:00
|
|
|
"""This function implements Zulip's support for a mini Zulip window
|
|
|
|
that just handles messages from a single narrow"""
|
2020-09-27 06:49:16 +02:00
|
|
|
if user_profile is None:
|
2019-09-14 01:53:42 +02:00
|
|
|
return [], None, None
|
|
|
|
|
python: Convert assignment type annotations to Python 3.6 style.
This commit was split by tabbott; this piece covers the vast majority
of files in Zulip, but excludes scripts/, tools/, and puppet/ to help
ensure we at least show the right error messages for Xenial systems.
We can likely further refine the remaining pieces with some testing.
Generated by com2ann, with whitespace fixes and various manual fixes
for runtime issues:
- invoiced_through: Optional[LicenseLedger] = models.ForeignKey(
+ invoiced_through: Optional["LicenseLedger"] = models.ForeignKey(
-_apns_client: Optional[APNsClient] = None
+_apns_client: Optional["APNsClient"] = None
- notifications_stream: Optional[Stream] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
- signup_notifications_stream: Optional[Stream] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
+ notifications_stream: Optional["Stream"] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
+ signup_notifications_stream: Optional["Stream"] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
- author: Optional[UserProfile] = models.ForeignKey('UserProfile', blank=True, null=True, on_delete=CASCADE)
+ author: Optional["UserProfile"] = models.ForeignKey('UserProfile', blank=True, null=True, on_delete=CASCADE)
- bot_owner: Optional[UserProfile] = models.ForeignKey('self', null=True, on_delete=models.SET_NULL)
+ bot_owner: Optional["UserProfile"] = models.ForeignKey('self', null=True, on_delete=models.SET_NULL)
- default_sending_stream: Optional[Stream] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
- default_events_register_stream: Optional[Stream] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
+ default_sending_stream: Optional["Stream"] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
+ default_events_register_stream: Optional["Stream"] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
-descriptors_by_handler_id: Dict[int, ClientDescriptor] = {}
+descriptors_by_handler_id: Dict[int, "ClientDescriptor"] = {}
-worker_classes: Dict[str, Type[QueueProcessingWorker]] = {}
-queues: Dict[str, Dict[str, Type[QueueProcessingWorker]]] = {}
+worker_classes: Dict[str, Type["QueueProcessingWorker"]] = {}
+queues: Dict[str, Dict[str, Type["QueueProcessingWorker"]]] = {}
-AUTH_LDAP_REVERSE_EMAIL_SEARCH: Optional[LDAPSearch] = None
+AUTH_LDAP_REVERSE_EMAIL_SEARCH: Optional["LDAPSearch"] = None
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-22 01:09:50 +02:00
|
|
|
narrow: List[List[str]] = []
|
2019-09-14 01:53:42 +02:00
|
|
|
narrow_stream = None
|
|
|
|
narrow_topic = request.GET.get("topic")
|
|
|
|
|
|
|
|
if request.GET.get("stream"):
|
|
|
|
try:
|
|
|
|
# TODO: We should support stream IDs and PMs here as well.
|
|
|
|
narrow_stream_name = request.GET.get("stream")
|
2021-02-12 08:19:30 +01:00
|
|
|
(narrow_stream, ignored_sub) = access_stream_by_name(user_profile, narrow_stream_name)
|
2019-09-14 01:53:42 +02:00
|
|
|
narrow = [["stream", narrow_stream.name]]
|
|
|
|
except Exception:
|
|
|
|
logging.warning("Invalid narrow requested, ignoring", extra=dict(request=request))
|
|
|
|
if narrow_stream is not None and narrow_topic is not None:
|
|
|
|
narrow.append(["topic", narrow_topic])
|
|
|
|
return narrow, narrow_stream, narrow_topic
|
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
2019-09-14 01:56:29 +02:00
|
|
|
def update_last_reminder(user_profile: Optional[UserProfile]) -> None:
|
|
|
|
"""Reset our don't-spam-users-with-email counter since the
|
|
|
|
user has since logged in
|
|
|
|
"""
|
2020-09-27 06:49:16 +02:00
|
|
|
if user_profile is None:
|
2019-09-14 01:56:29 +02:00
|
|
|
return
|
|
|
|
|
|
|
|
if user_profile.last_reminder is not None: # nocoverage
|
|
|
|
# TODO: Look into the history of last_reminder; we may have
|
|
|
|
# eliminated that as a useful concept for non-bot users.
|
|
|
|
user_profile.last_reminder = None
|
|
|
|
user_profile.save(update_fields=["last_reminder"])
|
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def home(request: HttpRequest) -> HttpResponse:
|
2017-01-07 21:19:52 +01:00
|
|
|
subdomain = get_subdomain(request)
|
|
|
|
|
2021-10-03 14:16:07 +02:00
|
|
|
# If settings.ROOT_DOMAIN_LANDING_PAGE and this is the root
|
|
|
|
# domain, send the user the landing page.
|
|
|
|
if settings.ROOT_DOMAIN_LANDING_PAGE and subdomain == Realm.SUBDOMAIN_FOR_ROOT_DOMAIN:
|
|
|
|
return hello_view(request)
|
|
|
|
|
|
|
|
# TODO: The following logic is a bit hard to read. We save a
|
|
|
|
# database query in the common case by avoiding the call to
|
|
|
|
# `get_valid_realm_from_request` if user hasn't requested
|
|
|
|
# web-public access.
|
|
|
|
if (
|
|
|
|
request.POST.get("prefers_web_public_view") == "true"
|
|
|
|
or request.session.get("prefers_web_public_view")
|
|
|
|
) and get_valid_realm_from_request(request).allow_web_public_streams_access():
|
|
|
|
return web_public_view(home_real)(request)
|
|
|
|
return zulip_login_required(home_real)(request)
|
2017-01-07 21:19:52 +01:00
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def home_real(request: HttpRequest) -> HttpResponse:
|
2020-03-25 02:00:28 +01:00
|
|
|
# Before we do any real work, check if the app is banned.
|
2020-04-20 14:00:03 +02:00
|
|
|
client_user_agent = request.META.get("HTTP_USER_AGENT", "")
|
2020-03-25 02:00:28 +01:00
|
|
|
(insecure_desktop_app, banned_desktop_app, auto_update_broken) = is_outdated_desktop_app(
|
2021-02-12 08:19:30 +01:00
|
|
|
client_user_agent
|
|
|
|
)
|
2020-03-25 02:00:28 +01:00
|
|
|
if banned_desktop_app:
|
|
|
|
return render(
|
|
|
|
request,
|
2021-02-12 08:20:45 +01:00
|
|
|
"zerver/insecure_desktop_app.html",
|
2020-03-25 02:00:28 +01:00
|
|
|
context={
|
|
|
|
"auto_update_broken": auto_update_broken,
|
python: Use trailing commas consistently.
Automatically generated by the following script, based on the output
of lint with flake8-comma:
import re
import sys
last_filename = None
last_row = None
lines = []
for msg in sys.stdin:
m = re.match(
r"\x1b\[35mflake8 \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg
)
if m:
filename, row_str, col_str, err = m.groups()
row, col = int(row_str), int(col_str)
if filename == last_filename:
assert last_row != row
else:
if last_filename is not None:
with open(last_filename, "w") as f:
f.writelines(lines)
with open(filename) as f:
lines = f.readlines()
last_filename = filename
last_row = row
line = lines[row - 1]
if err in ["C812", "C815"]:
lines[row - 1] = line[: col - 1] + "," + line[col - 1 :]
elif err in ["C819"]:
assert line[col - 2] == ","
lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ")
if last_filename is not None:
with open(last_filename, "w") as f:
f.writelines(lines)
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 05:23:40 +02:00
|
|
|
},
|
2020-03-25 02:00:28 +01:00
|
|
|
)
|
2020-04-20 14:00:03 +02:00
|
|
|
(unsupported_browser, browser_name) = is_unsupported_browser(client_user_agent)
|
|
|
|
if unsupported_browser:
|
|
|
|
return render(
|
|
|
|
request,
|
2021-02-12 08:20:45 +01:00
|
|
|
"zerver/unsupported_browser.html",
|
2020-04-20 14:00:03 +02:00
|
|
|
context={
|
|
|
|
"browser_name": browser_name,
|
python: Use trailing commas consistently.
Automatically generated by the following script, based on the output
of lint with flake8-comma:
import re
import sys
last_filename = None
last_row = None
lines = []
for msg in sys.stdin:
m = re.match(
r"\x1b\[35mflake8 \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg
)
if m:
filename, row_str, col_str, err = m.groups()
row, col = int(row_str), int(col_str)
if filename == last_filename:
assert last_row != row
else:
if last_filename is not None:
with open(last_filename, "w") as f:
f.writelines(lines)
with open(filename) as f:
lines = f.readlines()
last_filename = filename
last_row = row
line = lines[row - 1]
if err in ["C812", "C815"]:
lines[row - 1] = line[: col - 1] + "," + line[col - 1 :]
elif err in ["C819"]:
assert line[col - 2] == ","
lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ")
if last_filename is not None:
with open(last_filename, "w") as f:
f.writelines(lines)
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-10 05:23:40 +02:00
|
|
|
},
|
2020-04-20 14:00:03 +02:00
|
|
|
)
|
2020-03-25 02:00:28 +01:00
|
|
|
|
2017-01-07 21:19:52 +01:00
|
|
|
# We need to modify the session object every two weeks or it will expire.
|
|
|
|
# This line makes reloading the page a sufficient action to keep the
|
|
|
|
# session alive.
|
|
|
|
request.session.modified = True
|
|
|
|
|
2019-09-14 01:38:28 +02:00
|
|
|
if request.user.is_authenticated:
|
|
|
|
user_profile = request.user
|
2020-10-02 00:00:28 +02:00
|
|
|
realm = user_profile.realm
|
2021-11-03 10:34:27 +01:00
|
|
|
|
|
|
|
# User is logged in and hence no longer `prefers_web_public_view`.
|
|
|
|
if "prefers_web_public_view" in request.session.keys():
|
|
|
|
del request.session["prefers_web_public_view"]
|
2020-09-27 06:49:16 +02:00
|
|
|
else:
|
2020-10-02 00:00:28 +02:00
|
|
|
realm = get_valid_realm_from_request(request)
|
2017-01-07 21:19:52 +01:00
|
|
|
|
2020-10-07 07:10:02 +02:00
|
|
|
# TODO: Ideally, we'd open Zulip directly as a spectator if
|
|
|
|
# the URL had clicked a link to content on a web-public
|
|
|
|
# stream. We could maybe do this by parsing `next`, but it's
|
|
|
|
# not super convenient with Zulip's hash-based URL scheme.
|
|
|
|
|
|
|
|
# The "Access without an account" button on the login page
|
|
|
|
# submits a POST to this page with this hidden field set.
|
|
|
|
if request.POST.get("prefers_web_public_view") == "true":
|
|
|
|
request.session["prefers_web_public_view"] = True
|
|
|
|
# We serve a redirect here, rather than serving a page, to
|
|
|
|
# avoid browser "Confirm form resubmission" prompts on reload.
|
|
|
|
redirect_to = get_safe_redirect_to(request.POST.get("next"), realm.uri)
|
|
|
|
return redirect(redirect_to)
|
|
|
|
|
2021-10-03 14:16:07 +02:00
|
|
|
# See the assert in `home` above for why this must be true.
|
|
|
|
assert request.session.get("prefers_web_public_view")
|
2020-10-07 07:10:02 +02:00
|
|
|
|
|
|
|
# For users who have selected public access, we load the
|
|
|
|
# spectator experience. We fall through to the shared code
|
|
|
|
# for loading the application, with user_profile=None encoding
|
|
|
|
# that we're a spectator, not a logged-in user.
|
|
|
|
user_profile = None
|
|
|
|
|
2020-07-18 19:00:04 +02:00
|
|
|
update_last_reminder(user_profile)
|
|
|
|
|
2021-02-12 08:20:45 +01:00
|
|
|
statsd.incr("views.home")
|
2020-07-18 19:00:04 +02:00
|
|
|
|
2017-01-07 21:19:52 +01:00
|
|
|
# If a user hasn't signed the current Terms of Service, send them there
|
2019-09-14 01:38:28 +02:00
|
|
|
if need_accept_tos(user_profile):
|
2017-01-07 21:19:52 +01:00
|
|
|
return accounts_accept_terms(request)
|
|
|
|
|
2019-09-14 01:53:42 +02:00
|
|
|
narrow, narrow_stream, narrow_topic = detect_narrowed_window(request, user_profile)
|
2017-01-07 21:19:52 +01:00
|
|
|
|
2019-09-14 02:09:27 +02:00
|
|
|
if user_profile is not None:
|
|
|
|
first_in_realm = realm_user_count(user_profile.realm) == 1
|
|
|
|
# If you are the only person in the realm and you didn't invite
|
|
|
|
# anyone, we'll continue to encourage you to do so on the frontend.
|
|
|
|
prompt_for_invites = (
|
2021-02-12 08:19:30 +01:00
|
|
|
first_in_realm
|
|
|
|
and not PreregistrationUser.objects.filter(referred_by=user_profile).count()
|
2019-09-14 02:09:27 +02:00
|
|
|
)
|
|
|
|
needs_tutorial = user_profile.tutorial_status == UserProfile.TUTORIAL_WAITING
|
2020-02-19 21:59:26 +01:00
|
|
|
|
2020-09-27 06:49:16 +02:00
|
|
|
else:
|
2019-09-14 02:09:27 +02:00
|
|
|
first_in_realm = False
|
|
|
|
prompt_for_invites = False
|
|
|
|
# The current tutorial doesn't super make sense for logged-out users.
|
|
|
|
needs_tutorial = False
|
2017-01-07 21:19:52 +01:00
|
|
|
|
2020-07-18 20:33:28 +02:00
|
|
|
queue_id, page_params = build_page_params_for_home_page_load(
|
|
|
|
request=request,
|
|
|
|
user_profile=user_profile,
|
2020-10-02 00:00:28 +02:00
|
|
|
realm=realm,
|
2020-07-18 20:33:28 +02:00
|
|
|
insecure_desktop_app=insecure_desktop_app,
|
|
|
|
narrow=narrow,
|
|
|
|
narrow_stream=narrow_stream,
|
|
|
|
narrow_topic=narrow_topic,
|
|
|
|
first_in_realm=first_in_realm,
|
|
|
|
prompt_for_invites=prompt_for_invites,
|
|
|
|
needs_tutorial=needs_tutorial,
|
2017-01-07 21:19:52 +01:00
|
|
|
)
|
|
|
|
|
2021-08-21 19:24:20 +02:00
|
|
|
log_data = RequestNotes.get_notes(request).log_data
|
2021-07-09 10:06:04 +02:00
|
|
|
assert log_data is not None
|
2021-08-02 23:36:06 +02:00
|
|
|
log_data["extra"] = f"[{queue_id}]"
|
2018-05-03 11:08:50 +02:00
|
|
|
|
2020-09-05 04:02:13 +02:00
|
|
|
csp_nonce = secrets.token_hex(24)
|
2020-07-18 18:13:59 +02:00
|
|
|
|
|
|
|
user_permission_info = get_user_permission_info(user_profile)
|
2019-03-02 18:23:57 +01:00
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
response = render(
|
|
|
|
request,
|
2021-02-12 08:20:45 +01:00
|
|
|
"zerver/app/index.html",
|
2021-02-12 08:19:30 +01:00
|
|
|
context={
|
2021-02-12 08:20:45 +01:00
|
|
|
"user_profile": user_profile,
|
|
|
|
"page_params": page_params,
|
|
|
|
"csp_nonce": csp_nonce,
|
|
|
|
"color_scheme": user_permission_info.color_scheme,
|
2021-02-12 08:19:30 +01:00
|
|
|
},
|
|
|
|
)
|
2017-01-07 21:19:52 +01:00
|
|
|
patch_cache_control(response, no_cache=True, no_store=True, must_revalidate=True)
|
|
|
|
return response
|
|
|
|
|
2021-02-12 08:19:30 +01:00
|
|
|
|
2017-01-07 21:19:52 +01:00
|
|
|
@zulip_login_required
|
2017-11-27 09:28:57 +01:00
|
|
|
def desktop_home(request: HttpRequest) -> HttpResponse:
|
2021-09-20 08:05:40 +02:00
|
|
|
return redirect(home)
|