2019-02-02 23:53:22 +01:00
|
|
|
from typing import Any, Dict, Optional
|
2016-07-26 23:16:20 +02:00
|
|
|
from django.http import HttpRequest, HttpResponse
|
2018-11-12 14:15:49 +01:00
|
|
|
from django.shortcuts import render
|
2016-08-04 17:32:41 +02:00
|
|
|
from django.utils.translation import ugettext as _
|
2018-01-25 19:08:40 +01:00
|
|
|
from django.core.exceptions import ValidationError
|
|
|
|
from django.views.decorators.http import require_GET
|
|
|
|
|
2016-11-30 10:42:58 +01:00
|
|
|
from zerver.decorator import require_realm_admin, to_non_negative_int, to_not_negative_int_or_none
|
2016-07-26 23:16:20 +02:00
|
|
|
from zerver.lib.actions import (
|
|
|
|
do_set_realm_message_editing,
|
2017-11-26 09:12:10 +01:00
|
|
|
do_set_realm_message_deleting,
|
2017-03-21 18:08:40 +01:00
|
|
|
do_set_realm_authentication_methods,
|
2017-06-09 20:50:38 +02:00
|
|
|
do_set_realm_notifications_stream,
|
2017-10-20 16:55:04 +02:00
|
|
|
do_set_realm_signup_notifications_stream,
|
2017-03-21 18:08:40 +01:00
|
|
|
do_set_realm_property,
|
2018-01-30 14:58:50 +01:00
|
|
|
do_deactivate_realm,
|
2018-11-12 14:15:49 +01:00
|
|
|
do_reactivate_realm,
|
2016-07-26 23:16:20 +02:00
|
|
|
)
|
2016-08-04 17:32:41 +02:00
|
|
|
from zerver.lib.i18n import get_available_language_codes
|
|
|
|
from zerver.lib.request import has_request_variables, REQ, JsonableError
|
2016-07-26 23:16:20 +02:00
|
|
|
from zerver.lib.response import json_success, json_error
|
2017-06-09 20:50:38 +02:00
|
|
|
from zerver.lib.validator import check_string, check_dict, check_bool, check_int
|
|
|
|
from zerver.lib.streams import access_stream_by_id
|
2018-04-23 14:51:30 +02:00
|
|
|
from zerver.lib.domains import validate_domain
|
2018-12-28 20:45:54 +01:00
|
|
|
from zerver.lib.video_calls import request_zoom_video_call_url
|
2017-08-23 07:03:19 +02:00
|
|
|
from zerver.models import Realm, UserProfile
|
2018-01-25 19:08:40 +01:00
|
|
|
from zerver.forms import check_subdomain_available as check_subdomain
|
2018-11-12 14:15:49 +01:00
|
|
|
from confirmation.models import get_object_from_key, Confirmation, ConfirmationKeyException
|
2017-03-21 18:08:40 +01:00
|
|
|
|
2016-07-26 23:16:20 +02:00
|
|
|
@require_realm_admin
|
|
|
|
@has_request_variables
|
2017-12-06 12:25:18 +01:00
|
|
|
def update_realm(
|
|
|
|
request: HttpRequest, user_profile: UserProfile,
|
|
|
|
name: Optional[str]=REQ(validator=check_string, default=None),
|
|
|
|
description: Optional[str]=REQ(validator=check_string, default=None),
|
2018-07-27 23:26:29 +02:00
|
|
|
emails_restricted_to_domains: Optional[bool]=REQ(validator=check_bool, default=None),
|
2018-03-05 20:19:07 +01:00
|
|
|
disallow_disposable_email_addresses: Optional[bool]=REQ(validator=check_bool, default=None),
|
2017-12-06 12:25:18 +01:00
|
|
|
invite_required: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
invite_by_admins_only: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
name_changes_disabled: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
email_changes_disabled: Optional[bool]=REQ(validator=check_bool, default=None),
|
2019-04-23 04:51:04 +02:00
|
|
|
avatar_changes_disabled: Optional[bool]=REQ(validator=check_bool, default=None),
|
2017-12-06 12:25:18 +01:00
|
|
|
inline_image_preview: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
inline_url_embed_preview: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
add_emoji_by_admins_only: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
allow_message_deleting: Optional[bool]=REQ(validator=check_bool, default=None),
|
2017-11-26 09:12:10 +01:00
|
|
|
message_content_delete_limit_seconds: Optional[int]=REQ(converter=to_non_negative_int, default=None),
|
2017-12-06 12:25:18 +01:00
|
|
|
allow_message_editing: Optional[bool]=REQ(validator=check_bool, default=None),
|
2017-12-03 00:50:48 +01:00
|
|
|
allow_community_topic_editing: Optional[bool]=REQ(validator=check_bool, default=None),
|
2017-12-06 12:25:18 +01:00
|
|
|
mandatory_topics: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
message_content_edit_limit_seconds: Optional[int]=REQ(converter=to_non_negative_int, default=None),
|
|
|
|
allow_edit_history: Optional[bool]=REQ(validator=check_bool, default=None),
|
|
|
|
default_language: Optional[str]=REQ(validator=check_string, default=None),
|
|
|
|
waiting_period_threshold: Optional[int]=REQ(converter=to_non_negative_int, default=None),
|
|
|
|
authentication_methods: Optional[Dict[Any, Any]]=REQ(validator=check_dict([]), default=None),
|
|
|
|
notifications_stream_id: Optional[int]=REQ(validator=check_int, default=None),
|
|
|
|
signup_notifications_stream_id: Optional[int]=REQ(validator=check_int, default=None),
|
2018-02-18 09:34:54 +01:00
|
|
|
message_retention_days: Optional[int]=REQ(converter=to_not_negative_int_or_none, default=None),
|
2018-01-29 16:10:54 +01:00
|
|
|
send_welcome_emails: Optional[bool]=REQ(validator=check_bool, default=None),
|
2019-04-06 06:34:49 +02:00
|
|
|
digest_emails_enabled: Optional[bool]=REQ(validator=check_bool, default=None),
|
2019-01-14 14:04:08 +01:00
|
|
|
message_content_allowed_in_email_notifications:
|
|
|
|
Optional[bool]=REQ(validator=check_bool, default=None),
|
2018-03-30 22:38:16 +02:00
|
|
|
bot_creation_policy: Optional[int]=REQ(converter=to_not_negative_int_or_none, default=None),
|
2019-05-06 16:34:31 +02:00
|
|
|
create_stream_policy: Optional[int]=REQ(validator=check_int, default=None),
|
2019-04-08 19:23:00 +02:00
|
|
|
invite_to_stream_policy: Optional[int]=REQ(validator=check_int, default=None),
|
2018-12-07 00:48:06 +01:00
|
|
|
email_address_visibility: Optional[int]=REQ(converter=to_not_negative_int_or_none, default=None),
|
2018-03-30 22:38:16 +02:00
|
|
|
default_twenty_four_hour_time: Optional[bool]=REQ(validator=check_bool, default=None),
|
2019-05-10 10:32:47 +02:00
|
|
|
video_chat_provider: Optional[int]=REQ(validator=check_int, default=None),
|
2018-12-07 00:48:06 +01:00
|
|
|
google_hangouts_domain: Optional[str]=REQ(validator=check_string, default=None),
|
2018-12-28 20:45:54 +01:00
|
|
|
zoom_user_id: Optional[str]=REQ(validator=check_string, default=None),
|
|
|
|
zoom_api_key: Optional[str]=REQ(validator=check_string, default=None),
|
|
|
|
zoom_api_secret: Optional[str]=REQ(validator=check_string, default=None),
|
2019-03-31 12:13:42 +02:00
|
|
|
digest_weekday: Optional[int]=REQ(validator=check_int, default=None),
|
2017-12-06 12:25:18 +01:00
|
|
|
) -> HttpResponse:
|
2017-04-16 17:30:49 +02:00
|
|
|
realm = user_profile.realm
|
|
|
|
|
|
|
|
# Additional validation/error checking beyond types go here, so
|
|
|
|
# the entire request can succeed or fail atomically.
|
2016-08-04 17:32:41 +02:00
|
|
|
if default_language is not None and default_language not in get_available_language_codes():
|
2019-04-20 03:49:03 +02:00
|
|
|
raise JsonableError(_("Invalid language '%s'") % (default_language,))
|
2017-05-11 22:52:14 +02:00
|
|
|
if description is not None and len(description) > 1000:
|
2018-03-17 00:47:55 +01:00
|
|
|
return json_error(_("Organization description is too long."))
|
2017-08-23 07:03:19 +02:00
|
|
|
if name is not None and len(name) > Realm.MAX_REALM_NAME_LENGTH:
|
2018-03-17 00:47:55 +01:00
|
|
|
return json_error(_("Organization name is too long."))
|
2017-04-16 17:30:49 +02:00
|
|
|
if authentication_methods is not None and True not in list(authentication_methods.values()):
|
2017-07-25 02:28:33 +02:00
|
|
|
return json_error(_("At least one authentication method must be enabled."))
|
2019-05-10 10:32:47 +02:00
|
|
|
if (video_chat_provider is not None and
|
|
|
|
video_chat_provider not in set(p['id'] for p in Realm.VIDEO_CHAT_PROVIDERS.values())):
|
|
|
|
return json_error(_("Invalid video chat provider {}").format(video_chat_provider))
|
2019-05-09 09:54:38 +02:00
|
|
|
if video_chat_provider == Realm.VIDEO_CHAT_PROVIDERS['google_hangouts']['id']:
|
2018-04-23 14:51:30 +02:00
|
|
|
try:
|
|
|
|
validate_domain(google_hangouts_domain)
|
|
|
|
except ValidationError as e:
|
|
|
|
return json_error(_('Invalid domain: {}').format(e.messages[0]))
|
2019-05-09 09:54:38 +02:00
|
|
|
if video_chat_provider == Realm.VIDEO_CHAT_PROVIDERS['zoom']['id']:
|
2019-03-01 00:12:40 +01:00
|
|
|
if not zoom_api_secret:
|
|
|
|
# Use the saved Zoom API secret if a new value isn't being sent
|
|
|
|
zoom_api_secret = user_profile.realm.zoom_api_secret
|
2018-12-28 20:45:54 +01:00
|
|
|
if not zoom_user_id:
|
2019-02-28 00:13:57 +01:00
|
|
|
return json_error(_('User ID cannot be empty'))
|
2018-12-28 20:45:54 +01:00
|
|
|
if not zoom_api_key:
|
2019-02-28 00:13:57 +01:00
|
|
|
return json_error(_('API key cannot be empty'))
|
2018-12-28 20:45:54 +01:00
|
|
|
if not zoom_api_secret:
|
2019-02-28 00:13:57 +01:00
|
|
|
return json_error(_('API secret cannot be empty'))
|
2019-03-01 00:12:40 +01:00
|
|
|
# If any of the Zoom settings have changed, validate the Zoom credentials.
|
|
|
|
#
|
2018-12-28 20:45:54 +01:00
|
|
|
# Technically, we could call some other API endpoint that
|
|
|
|
# doesn't create a video call link, but this is a nicer
|
|
|
|
# end-to-end test, since it verifies that the Zoom API user's
|
|
|
|
# scopes includes the ability to create video calls, which is
|
|
|
|
# the only capabiility we use.
|
2019-03-01 00:12:40 +01:00
|
|
|
if ((zoom_user_id != realm.zoom_user_id or
|
|
|
|
zoom_api_key != realm.zoom_api_key or
|
|
|
|
zoom_api_secret != realm.zoom_api_secret) and
|
|
|
|
not request_zoom_video_call_url(zoom_user_id, zoom_api_key, zoom_api_secret)):
|
2018-12-28 20:45:54 +01:00
|
|
|
return json_error(_('Invalid credentials for the %(third_party_service)s API.') % dict(
|
|
|
|
third_party_service="Zoom"))
|
2017-04-16 17:30:49 +02:00
|
|
|
|
2018-12-07 00:48:06 +01:00
|
|
|
# Additional validation of enum-style values
|
2018-01-29 16:10:54 +01:00
|
|
|
if bot_creation_policy is not None and bot_creation_policy not in Realm.BOT_CREATION_POLICY_TYPES:
|
|
|
|
return json_error(_("Invalid bot creation policy"))
|
2018-12-07 00:48:06 +01:00
|
|
|
if email_address_visibility is not None and \
|
|
|
|
email_address_visibility not in Realm.EMAIL_ADDRESS_VISIBILITY_TYPES:
|
|
|
|
return json_error(_("Invalid email address visibility policy"))
|
|
|
|
|
2017-04-16 17:30:49 +02:00
|
|
|
# The user of `locals()` here is a bit of a code smell, but it's
|
|
|
|
# restricted to the elements present in realm.property_types.
|
|
|
|
#
|
|
|
|
# TODO: It should be possible to deduplicate this function up
|
|
|
|
# further by some more advanced usage of the
|
|
|
|
# `REQ/has_request_variables` extraction.
|
|
|
|
req_vars = {k: v for k, v in list(locals().items()) if k in realm.property_types}
|
2017-05-17 22:13:14 +02:00
|
|
|
data = {} # type: Dict[str, Any]
|
2017-04-16 17:30:49 +02:00
|
|
|
|
|
|
|
for k, v in list(req_vars.items()):
|
2017-04-19 05:49:53 +02:00
|
|
|
if v is not None and getattr(realm, k) != v:
|
2017-04-16 17:30:49 +02:00
|
|
|
do_set_realm_property(realm, k, v)
|
2018-04-24 03:47:28 +02:00
|
|
|
if isinstance(v, str):
|
2017-04-16 17:30:49 +02:00
|
|
|
data[k] = 'updated'
|
|
|
|
else:
|
|
|
|
data[k] = v
|
|
|
|
|
|
|
|
# The following realm properties do not fit the pattern above
|
2017-04-19 05:49:53 +02:00
|
|
|
# authentication_methods is not supported by the do_set_realm_property
|
|
|
|
# framework because of its bitfield.
|
2017-11-05 03:14:28 +01:00
|
|
|
if authentication_methods is not None and (realm.authentication_methods_dict() !=
|
|
|
|
authentication_methods):
|
2017-04-16 17:30:49 +02:00
|
|
|
do_set_realm_authentication_methods(realm, authentication_methods)
|
2016-11-02 21:51:56 +01:00
|
|
|
data['authentication_methods'] = authentication_methods
|
2017-04-19 05:49:53 +02:00
|
|
|
# The message_editing settings are coupled to each other, and thus don't fit
|
|
|
|
# into the do_set_realm_property framework.
|
2017-12-03 00:50:48 +01:00
|
|
|
if ((allow_message_editing is not None and realm.allow_message_editing != allow_message_editing) or
|
|
|
|
(message_content_edit_limit_seconds is not None and
|
|
|
|
realm.message_content_edit_limit_seconds != message_content_edit_limit_seconds) or
|
|
|
|
(allow_community_topic_editing is not None and
|
|
|
|
realm.allow_community_topic_editing != allow_community_topic_editing)):
|
2016-07-26 23:16:20 +02:00
|
|
|
if allow_message_editing is None:
|
|
|
|
allow_message_editing = realm.allow_message_editing
|
|
|
|
if message_content_edit_limit_seconds is None:
|
|
|
|
message_content_edit_limit_seconds = realm.message_content_edit_limit_seconds
|
2017-12-03 00:50:48 +01:00
|
|
|
if allow_community_topic_editing is None:
|
|
|
|
allow_community_topic_editing = realm.allow_community_topic_editing
|
2017-11-05 03:14:28 +01:00
|
|
|
do_set_realm_message_editing(realm, allow_message_editing,
|
2017-12-03 00:50:48 +01:00
|
|
|
message_content_edit_limit_seconds,
|
|
|
|
allow_community_topic_editing)
|
2016-07-26 23:16:20 +02:00
|
|
|
data['allow_message_editing'] = allow_message_editing
|
|
|
|
data['message_content_edit_limit_seconds'] = message_content_edit_limit_seconds
|
2017-12-03 00:50:48 +01:00
|
|
|
data['allow_community_topic_editing'] = allow_community_topic_editing
|
2017-11-26 09:12:10 +01:00
|
|
|
|
|
|
|
if (message_content_delete_limit_seconds is not None and
|
|
|
|
realm.message_content_delete_limit_seconds != message_content_delete_limit_seconds):
|
|
|
|
do_set_realm_message_deleting(realm, message_content_delete_limit_seconds)
|
|
|
|
data['message_content_delete_limit_seconds'] = message_content_delete_limit_seconds
|
2017-10-20 16:55:04 +02:00
|
|
|
# Realm.notifications_stream and Realm.signup_notifications_stream are not boolean,
|
2018-04-24 03:47:28 +02:00
|
|
|
# str or integer field, and thus doesn't fit into the do_set_realm_property framework.
|
2017-06-09 20:50:38 +02:00
|
|
|
if notifications_stream_id is not None:
|
2017-11-05 03:14:28 +01:00
|
|
|
if realm.notifications_stream is None or (realm.notifications_stream.id !=
|
|
|
|
notifications_stream_id):
|
2017-06-09 20:50:38 +02:00
|
|
|
new_notifications_stream = None
|
|
|
|
if notifications_stream_id >= 0:
|
2017-11-05 03:14:28 +01:00
|
|
|
(new_notifications_stream, recipient, sub) = access_stream_by_id(
|
|
|
|
user_profile, notifications_stream_id)
|
|
|
|
do_set_realm_notifications_stream(realm, new_notifications_stream,
|
|
|
|
notifications_stream_id)
|
2017-06-09 20:50:38 +02:00
|
|
|
data['notifications_stream_id'] = notifications_stream_id
|
|
|
|
|
2017-10-20 16:55:04 +02:00
|
|
|
if signup_notifications_stream_id is not None:
|
|
|
|
if realm.signup_notifications_stream is None or (realm.signup_notifications_stream.id !=
|
|
|
|
signup_notifications_stream_id):
|
|
|
|
new_signup_notifications_stream = None
|
|
|
|
if signup_notifications_stream_id >= 0:
|
|
|
|
(new_signup_notifications_stream, recipient, sub) = access_stream_by_id(
|
|
|
|
user_profile, signup_notifications_stream_id)
|
|
|
|
do_set_realm_signup_notifications_stream(realm, new_signup_notifications_stream,
|
|
|
|
signup_notifications_stream_id)
|
|
|
|
data['signup_notifications_stream_id'] = signup_notifications_stream_id
|
|
|
|
|
2016-07-26 23:16:20 +02:00
|
|
|
return json_success(data)
|
2018-01-30 14:58:50 +01:00
|
|
|
|
|
|
|
@require_realm_admin
|
|
|
|
@has_request_variables
|
2019-05-08 05:59:04 +02:00
|
|
|
def deactivate_realm(request: HttpRequest, user: UserProfile) -> HttpResponse:
|
|
|
|
realm = user.realm
|
|
|
|
do_deactivate_realm(realm, user)
|
2018-01-30 14:58:50 +01:00
|
|
|
return json_success()
|
2018-01-25 19:08:40 +01:00
|
|
|
|
|
|
|
@require_GET
|
2018-04-24 03:47:28 +02:00
|
|
|
def check_subdomain_available(request: HttpRequest, subdomain: str) -> HttpResponse:
|
2018-01-25 19:08:40 +01:00
|
|
|
try:
|
|
|
|
check_subdomain(subdomain)
|
|
|
|
return json_success({"msg": "available"})
|
|
|
|
except ValidationError as e:
|
|
|
|
return json_success({"msg": e.message})
|
2018-11-12 14:15:49 +01:00
|
|
|
|
|
|
|
def realm_reactivation(request: HttpRequest, confirmation_key: str) -> HttpResponse:
|
|
|
|
try:
|
|
|
|
realm = get_object_from_key(confirmation_key, Confirmation.REALM_REACTIVATION)
|
|
|
|
except ConfirmationKeyException:
|
|
|
|
return render(request, 'zerver/realm_reactivation_link_error.html')
|
|
|
|
do_reactivate_realm(realm)
|
|
|
|
context = {"realm": realm}
|
|
|
|
return render(request, 'zerver/realm_reactivation.html', context)
|