2013-12-12 18:36:32 +01:00
|
|
|
|
2016-05-25 15:02:02 +02:00
|
|
|
from django.utils.translation import ugettext as _
|
2017-04-15 04:03:56 +02:00
|
|
|
from django.utils.timezone import now as timezone_now
|
2013-12-12 18:36:32 +01:00
|
|
|
from django.conf import settings
|
|
|
|
from django.core import validators
|
|
|
|
from django.core.exceptions import ValidationError
|
|
|
|
from django.db import connection
|
2016-06-06 00:32:39 +02:00
|
|
|
from django.http import HttpRequest, HttpResponse
|
2017-10-31 19:03:12 +01:00
|
|
|
from typing import Dict, List, Set, Text, Any, Callable, Iterable, \
|
2018-01-04 18:41:34 +01:00
|
|
|
Optional, Tuple, Union, Sequence
|
2017-07-21 02:17:28 +02:00
|
|
|
from zerver.lib.exceptions import JsonableError, ErrorCode
|
2017-02-20 00:19:29 +01:00
|
|
|
from zerver.lib.html_diff import highlight_html_differences
|
2017-11-04 00:59:22 +01:00
|
|
|
from zerver.decorator import has_request_variables, \
|
2017-07-21 02:17:28 +02:00
|
|
|
REQ, to_non_negative_int
|
2013-11-26 00:41:24 +01:00
|
|
|
from django.utils.html import escape as escape_html
|
2013-12-12 18:36:32 +01:00
|
|
|
from zerver.lib import bugdown
|
|
|
|
from zerver.lib.actions import recipient_for_emails, do_update_message_flags, \
|
|
|
|
compute_mit_user_fullname, compute_irc_user_fullname, compute_jabber_user_fullname, \
|
|
|
|
create_mirror_user_if_needed, check_send_message, do_update_message, \
|
2017-08-04 20:26:38 +02:00
|
|
|
extract_recipients, truncate_body, render_incoming_message, do_delete_message, \
|
2018-01-04 18:41:34 +01:00
|
|
|
do_mark_all_as_read, do_mark_stream_messages_as_read, \
|
|
|
|
get_user_info_for_message_updates, check_schedule_message
|
2016-10-27 12:06:44 +02:00
|
|
|
from zerver.lib.queue import queue_json_publish
|
2016-10-04 15:52:26 +02:00
|
|
|
from zerver.lib.message import (
|
2016-10-12 02:14:08 +02:00
|
|
|
access_message,
|
2017-11-07 17:36:29 +01:00
|
|
|
messages_for_ids,
|
2016-11-07 20:40:40 +01:00
|
|
|
render_markdown,
|
2018-01-02 18:33:28 +01:00
|
|
|
get_first_visible_message_id,
|
2016-10-04 15:52:26 +02:00
|
|
|
)
|
2013-12-12 18:36:32 +01:00
|
|
|
from zerver.lib.response import json_success, json_error
|
2016-07-19 08:12:35 +02:00
|
|
|
from zerver.lib.sqlalchemy_utils import get_sqlalchemy_connection
|
2017-08-15 19:28:32 +02:00
|
|
|
from zerver.lib.streams import access_stream_by_id, is_public_stream_by_name
|
2018-01-04 18:41:34 +01:00
|
|
|
from zerver.lib.timestamp import datetime_to_timestamp, convert_to_UTC
|
|
|
|
from zerver.lib.timezone import get_timezone
|
2017-08-29 17:16:53 +02:00
|
|
|
from zerver.lib.topic_mutes import exclude_topic_mutes
|
2013-12-12 18:36:32 +01:00
|
|
|
from zerver.lib.utils import statsd
|
2014-02-14 15:48:42 +01:00
|
|
|
from zerver.lib.validator import \
|
|
|
|
check_list, check_int, check_dict, check_string, check_bool
|
2018-01-04 18:41:34 +01:00
|
|
|
from zerver.models import Message, UserProfile, Stream, Subscription, Client,\
|
2017-10-28 21:31:21 +02:00
|
|
|
Realm, RealmDomain, Recipient, UserMessage, bulk_get_recipients, get_personal_recipient, \
|
2017-11-07 18:40:39 +01:00
|
|
|
get_stream, email_to_domain, get_realm, get_active_streams, \
|
2017-10-28 20:26:11 +02:00
|
|
|
get_user_including_cross_realm, get_stream_recipient
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2013-12-10 23:32:29 +01:00
|
|
|
from sqlalchemy import func
|
|
|
|
from sqlalchemy.sql import select, join, column, literal_column, literal, and_, \
|
2017-02-22 22:13:57 +01:00
|
|
|
or_, not_, union_all, alias, Selectable, Select, ColumnElement, table
|
2013-12-10 23:32:29 +01:00
|
|
|
|
2018-01-04 18:41:34 +01:00
|
|
|
from dateutil.parser import parse as dateparser
|
2013-12-12 18:36:32 +01:00
|
|
|
import re
|
|
|
|
import ujson
|
2016-06-21 21:34:41 +02:00
|
|
|
import datetime
|
2016-06-24 02:26:09 +02:00
|
|
|
|
2017-02-23 05:50:15 +01:00
|
|
|
LARGER_THAN_MAX_MESSAGE_ID = 10000000000000000
|
|
|
|
|
2016-04-21 21:47:01 +02:00
|
|
|
class BadNarrowOperator(JsonableError):
|
2017-07-21 02:17:28 +02:00
|
|
|
code = ErrorCode.BAD_NARROW
|
|
|
|
data_fields = ['desc']
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def __init__(self, desc: str) -> None:
|
2017-07-21 02:17:28 +02:00
|
|
|
self.desc = desc # type: str
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-07-21 02:17:28 +02:00
|
|
|
@staticmethod
|
2017-11-27 09:28:57 +01:00
|
|
|
def msg_format() -> str:
|
2017-07-21 02:17:28 +02:00
|
|
|
return _('Invalid narrow operator: {desc}')
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-09 11:45:56 +01:00
|
|
|
# TODO: Should be Select, but sqlalchemy stubs are busted
|
|
|
|
Query = Any
|
|
|
|
|
|
|
|
# TODO: should be Callable[[ColumnElement], ColumnElement], but sqlalchemy stubs are busted
|
|
|
|
ConditionTransform = Any
|
2016-09-12 02:09:24 +02:00
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
# When you add a new operator to this, also update zerver/lib/narrow.py
|
2017-11-05 11:53:59 +01:00
|
|
|
class NarrowBuilder:
|
2017-06-30 01:46:57 +02:00
|
|
|
'''
|
|
|
|
Build up a SQLAlchemy query to find messages matching a narrow.
|
|
|
|
'''
|
|
|
|
|
|
|
|
# This class has an important security invariant:
|
|
|
|
#
|
|
|
|
# None of these methods ever *add* messages to a query's result.
|
|
|
|
#
|
|
|
|
# That is, the `add_term` method, and its helpers the `by_*` methods,
|
|
|
|
# are passed a Query object representing a query for messages; they may
|
|
|
|
# call some methods on it, and then they return a resulting Query
|
|
|
|
# object. Things these methods may do to the queries they handle
|
|
|
|
# include
|
|
|
|
# * add conditions to filter out rows (i.e., messages), with `query.where`
|
|
|
|
# * add columns for more information on the same message, with `query.column`
|
|
|
|
# * add a join for more information on the same message
|
|
|
|
#
|
|
|
|
# Things they may not do include
|
|
|
|
# * anything that would pull in additional rows, or information on
|
|
|
|
# other messages.
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def __init__(self, user_profile: UserProfile, msg_id_column: str) -> None:
|
2013-12-12 18:36:32 +01:00
|
|
|
self.user_profile = user_profile
|
2013-12-10 23:32:29 +01:00
|
|
|
self.msg_id_column = msg_id_column
|
2017-07-18 23:03:17 +02:00
|
|
|
self.user_realm = user_profile.realm
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def add_term(self, query: Query, term: Dict[str, Any]) -> Query:
|
2017-06-30 01:46:57 +02:00
|
|
|
"""
|
|
|
|
Extend the given query to one narrowed by the given term, and return the result.
|
|
|
|
|
|
|
|
This method satisfies an important security property: the returned
|
|
|
|
query never includes a message that the given query didn't. In
|
|
|
|
particular, if the given query will only find messages that a given
|
|
|
|
user can legitimately see, then so will the returned query.
|
|
|
|
"""
|
|
|
|
# To maintain the security property, we hold all the `by_*`
|
|
|
|
# methods to the same criterion. See the class's block comment
|
|
|
|
# for details.
|
2016-09-12 02:09:24 +02:00
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
# We have to be careful here because we're letting users call a method
|
|
|
|
# by name! The prefix 'by_' prevents it from colliding with builtin
|
|
|
|
# Python __magic__ stuff.
|
2014-02-10 21:45:53 +01:00
|
|
|
operator = term['operator']
|
|
|
|
operand = term['operand']
|
2014-02-11 21:36:59 +01:00
|
|
|
|
2014-02-12 19:09:11 +01:00
|
|
|
negated = term.get('negated', False)
|
2014-02-11 21:36:59 +01:00
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
method_name = 'by_' + operator.replace('-', '_')
|
|
|
|
method = getattr(self, method_name, None)
|
|
|
|
if method is None:
|
|
|
|
raise BadNarrowOperator('unknown operator ' + operator)
|
|
|
|
|
2014-02-12 19:09:11 +01:00
|
|
|
if negated:
|
|
|
|
maybe_negate = not_
|
|
|
|
else:
|
|
|
|
maybe_negate = lambda cond: cond
|
|
|
|
|
|
|
|
return method(query, operand, maybe_negate)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_has(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2014-03-05 18:41:01 +01:00
|
|
|
if operand not in ['attachment', 'image', 'link']:
|
|
|
|
raise BadNarrowOperator("unknown 'has' operand " + operand)
|
|
|
|
col_name = 'has_' + operand
|
|
|
|
cond = column(col_name)
|
|
|
|
return query.where(maybe_negate(cond))
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_in(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2014-02-27 23:57:16 +01:00
|
|
|
if operand == 'home':
|
|
|
|
conditions = exclude_muting_conditions(self.user_profile, [])
|
|
|
|
return query.where(and_(*conditions))
|
|
|
|
elif operand == 'all':
|
|
|
|
return query
|
|
|
|
|
|
|
|
raise BadNarrowOperator("unknown 'in' operand " + operand)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_is(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2013-12-12 18:36:32 +01:00
|
|
|
if operand == 'private':
|
2017-06-30 01:46:57 +02:00
|
|
|
# The `.select_from` method extends the query with a join.
|
2017-02-22 22:13:57 +01:00
|
|
|
query = query.select_from(join(query.froms[0], table("zerver_recipient"),
|
2013-12-10 23:32:29 +01:00
|
|
|
column("recipient_id") ==
|
|
|
|
literal_column("zerver_recipient.id")))
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = or_(column("type") == Recipient.PERSONAL,
|
|
|
|
column("type") == Recipient.HUDDLE)
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
elif operand == 'starred':
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = column("flags").op("&")(UserMessage.flags.starred.mask) != 0
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2017-06-19 03:21:48 +02:00
|
|
|
elif operand == 'unread':
|
|
|
|
cond = column("flags").op("&")(UserMessage.flags.read.mask) == 0
|
|
|
|
return query.where(maybe_negate(cond))
|
2017-08-16 15:20:11 +02:00
|
|
|
elif operand == 'mentioned':
|
|
|
|
cond1 = column("flags").op("&")(UserMessage.flags.mentioned.mask) != 0
|
|
|
|
cond2 = column("flags").op("&")(UserMessage.flags.wildcard_mentioned.mask) != 0
|
|
|
|
cond = or_(cond1, cond2)
|
|
|
|
return query.where(maybe_negate(cond))
|
|
|
|
elif operand == 'alerted':
|
|
|
|
cond = column("flags").op("&")(UserMessage.flags.has_alert_word.mask) != 0
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
raise BadNarrowOperator("unknown 'is' operand " + operand)
|
|
|
|
|
2014-01-07 22:15:22 +01:00
|
|
|
_alphanum = frozenset(
|
|
|
|
'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def _pg_re_escape(self, pattern: Text) -> Text:
|
2014-01-07 22:15:22 +01:00
|
|
|
"""
|
|
|
|
Escape user input to place in a regex
|
|
|
|
|
|
|
|
Python's re.escape escapes unicode characters in a way which postgres
|
2017-11-04 05:23:22 +01:00
|
|
|
fails on, '\u03bb' to '\\\u03bb'. This function will correctly escape
|
|
|
|
them for postgres, '\u03bb' to '\\u03bb'.
|
2014-01-07 22:15:22 +01:00
|
|
|
"""
|
|
|
|
s = list(pattern)
|
|
|
|
for i, c in enumerate(s):
|
|
|
|
if c not in self._alphanum:
|
2017-04-26 01:28:22 +02:00
|
|
|
if ord(c) >= 128:
|
2014-01-07 22:15:22 +01:00
|
|
|
# convert the character to hex postgres regex will take
|
|
|
|
# \uXXXX
|
|
|
|
s[i] = '\\u{:0>4x}'.format(ord(c))
|
|
|
|
else:
|
|
|
|
s[i] = '\\' + c
|
|
|
|
return ''.join(s)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_stream(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2017-03-23 07:22:28 +01:00
|
|
|
try:
|
2017-08-15 18:58:29 +02:00
|
|
|
# Because you can see your own message history for
|
|
|
|
# private streams you are no longer subscribed to, we
|
|
|
|
# need get_stream, not access_stream, here.
|
2017-03-23 07:22:28 +01:00
|
|
|
stream = get_stream(operand, self.user_profile.realm)
|
|
|
|
except Stream.DoesNotExist:
|
2013-12-12 18:36:32 +01:00
|
|
|
raise BadNarrowOperator('unknown stream ' + operand)
|
|
|
|
|
2016-07-27 01:45:29 +02:00
|
|
|
if self.user_profile.realm.is_zephyr_mirror_realm:
|
2017-06-30 02:24:05 +02:00
|
|
|
# MIT users expect narrowing to "social" to also show messages to
|
|
|
|
# /^(un)*social(.d)*$/ (unsocial, ununsocial, social.d, ...).
|
|
|
|
|
|
|
|
# In `ok_to_include_history`, we assume that a non-negated
|
|
|
|
# `stream` term for a public stream will limit the query to
|
|
|
|
# that specific stream. So it would be a bug to hit this
|
|
|
|
# codepath after relying on this term there. But all streams in
|
|
|
|
# a Zephyr realm are private, so that doesn't happen.
|
|
|
|
assert(not stream.is_public())
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
m = re.search(r'^(?:un)*(.+?)(?:\.d)*$', stream.name, re.IGNORECASE)
|
2017-02-23 01:06:04 +01:00
|
|
|
# Since the regex has a `.+` in it and "" is invalid as a
|
|
|
|
# stream name, this will always match
|
|
|
|
assert(m is not None)
|
|
|
|
base_stream_name = m.group(1)
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2014-01-24 23:30:53 +01:00
|
|
|
matching_streams = get_active_streams(self.user_profile.realm).filter(
|
|
|
|
name__iregex=r'^(un)*%s(\.d)*$' % (self._pg_re_escape(base_stream_name),))
|
2013-12-12 18:36:32 +01:00
|
|
|
matching_stream_ids = [matching_stream.id for matching_stream in matching_streams]
|
2016-01-25 01:27:18 +01:00
|
|
|
recipients_map = bulk_get_recipients(Recipient.STREAM, matching_stream_ids)
|
|
|
|
cond = column("recipient_id").in_([recipient.id for recipient in recipients_map.values()])
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-10-28 20:26:11 +02:00
|
|
|
recipient = get_stream_recipient(stream.id)
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = column("recipient_id") == recipient.id
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_topic(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2016-07-27 01:45:29 +02:00
|
|
|
if self.user_profile.realm.is_zephyr_mirror_realm:
|
2013-12-12 18:36:32 +01:00
|
|
|
# MIT users expect narrowing to topic "foo" to also show messages to /^foo(.d)*$/
|
|
|
|
# (foo, foo.d, foo.d.d, etc)
|
|
|
|
m = re.search(r'^(.*?)(?:\.d)*$', operand, re.IGNORECASE)
|
2017-02-23 01:06:04 +01:00
|
|
|
# Since the regex has a `.*` in it, this will always match
|
|
|
|
assert(m is not None)
|
|
|
|
base_topic = m.group(1)
|
2013-12-12 18:36:32 +01:00
|
|
|
|
|
|
|
# Additionally, MIT users expect the empty instance and
|
|
|
|
# instance "personal" to be the same.
|
|
|
|
if base_topic in ('', 'personal', '(instance "")'):
|
2017-02-22 21:23:22 +01:00
|
|
|
cond = or_(
|
|
|
|
func.upper(column("subject")) == func.upper(literal("")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(".d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(".d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(".d.d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(".d.d.d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal("personal")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal("personal.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal("personal.d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal("personal.d.d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal("personal.d.d.d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal('(instance "")')),
|
|
|
|
func.upper(column("subject")) == func.upper(literal('(instance "").d')),
|
|
|
|
func.upper(column("subject")) == func.upper(literal('(instance "").d.d')),
|
|
|
|
func.upper(column("subject")) == func.upper(literal('(instance "").d.d.d')),
|
|
|
|
func.upper(column("subject")) == func.upper(literal('(instance "").d.d.d.d')),
|
|
|
|
)
|
2013-12-12 18:36:32 +01:00
|
|
|
else:
|
2017-02-22 21:23:22 +01:00
|
|
|
# We limit `.d` counts, since postgres has much better
|
|
|
|
# query planning for this than they do for a regular
|
|
|
|
# expression (which would sometimes table scan).
|
|
|
|
cond = or_(
|
|
|
|
func.upper(column("subject")) == func.upper(literal(base_topic)),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(base_topic + ".d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(base_topic + ".d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(base_topic + ".d.d.d")),
|
|
|
|
func.upper(column("subject")) == func.upper(literal(base_topic + ".d.d.d.d")),
|
|
|
|
)
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = func.upper(column("subject")) == func.upper(literal(operand))
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_sender(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2013-12-12 18:36:32 +01:00
|
|
|
try:
|
2017-07-18 23:25:39 +02:00
|
|
|
sender = get_user_including_cross_realm(operand, self.user_realm)
|
2013-12-12 18:36:32 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
|
|
|
raise BadNarrowOperator('unknown user ' + operand)
|
|
|
|
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = column("sender_id") == literal(sender.id)
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_near(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2013-12-10 23:32:29 +01:00
|
|
|
return query
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_id(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = self.msg_id_column == literal(operand)
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_pm_with(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2013-12-12 18:36:32 +01:00
|
|
|
if ',' in operand:
|
|
|
|
# Huddle
|
|
|
|
try:
|
2017-06-19 09:13:29 +02:00
|
|
|
# Ignore our own email if it is in this list
|
|
|
|
emails = [e.strip() for e in operand.split(',') if e.strip() != self.user_profile.email]
|
2013-12-12 18:36:32 +01:00
|
|
|
recipient = recipient_for_emails(emails, False,
|
2016-12-03 00:04:17 +01:00
|
|
|
self.user_profile, self.user_profile)
|
2013-12-12 18:36:32 +01:00
|
|
|
except ValidationError:
|
|
|
|
raise BadNarrowOperator('unknown recipient ' + operand)
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = column("recipient_id") == recipient.id
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
else:
|
|
|
|
# Personal message
|
2017-10-28 21:31:21 +02:00
|
|
|
self_recipient = get_personal_recipient(self.user_profile.id)
|
2013-12-12 18:36:32 +01:00
|
|
|
if operand == self.user_profile.email:
|
|
|
|
# Personals with self
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = and_(column("sender_id") == self.user_profile.id,
|
|
|
|
column("recipient_id") == self_recipient.id)
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
|
|
|
# Personals with other user; include both directions.
|
|
|
|
try:
|
2017-07-18 23:29:50 +02:00
|
|
|
narrow_profile = get_user_including_cross_realm(operand, self.user_realm)
|
2013-12-12 18:36:32 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
|
|
|
raise BadNarrowOperator('unknown user ' + operand)
|
|
|
|
|
2017-10-28 21:31:21 +02:00
|
|
|
narrow_recipient = get_personal_recipient(narrow_profile.id)
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = or_(and_(column("sender_id") == narrow_profile.id,
|
|
|
|
column("recipient_id") == self_recipient.id),
|
|
|
|
and_(column("sender_id") == self.user_profile.id,
|
|
|
|
column("recipient_id") == narrow_recipient.id))
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-10 23:32:29 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_group_pm_with(self, query: Query, operand: str,
|
|
|
|
maybe_negate: ConditionTransform) -> Query:
|
2017-03-23 23:35:37 +01:00
|
|
|
try:
|
2017-07-18 23:30:51 +02:00
|
|
|
narrow_profile = get_user_including_cross_realm(operand, self.user_realm)
|
2017-03-23 23:35:37 +01:00
|
|
|
except UserProfile.DoesNotExist:
|
|
|
|
raise BadNarrowOperator('unknown user ' + operand)
|
|
|
|
|
|
|
|
self_recipient_ids = [
|
|
|
|
recipient_tuple['recipient_id'] for recipient_tuple
|
|
|
|
in Subscription.objects.filter(
|
|
|
|
user_profile=self.user_profile,
|
|
|
|
recipient__type=Recipient.HUDDLE
|
|
|
|
).values("recipient_id")]
|
|
|
|
narrow_recipient_ids = [
|
|
|
|
recipient_tuple['recipient_id'] for recipient_tuple
|
|
|
|
in Subscription.objects.filter(
|
|
|
|
user_profile=narrow_profile,
|
|
|
|
recipient__type=Recipient.HUDDLE
|
|
|
|
).values("recipient_id")]
|
|
|
|
|
|
|
|
recipient_ids = set(self_recipient_ids) & set(narrow_recipient_ids)
|
|
|
|
cond = column("recipient_id").in_(recipient_ids)
|
|
|
|
return query.where(maybe_negate(cond))
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def by_search(self, query: Query, operand: str, maybe_negate: ConditionTransform) -> Query:
|
2016-04-24 17:08:51 +02:00
|
|
|
if settings.USING_PGROONGA:
|
|
|
|
return self._by_search_pgroonga(query, operand, maybe_negate)
|
|
|
|
else:
|
|
|
|
return self._by_search_tsearch(query, operand, maybe_negate)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def _by_search_pgroonga(self, query: Query, operand: str,
|
|
|
|
maybe_negate: ConditionTransform) -> Query:
|
2017-03-31 03:03:55 +02:00
|
|
|
match_positions_character = func.pgroonga.match_positions_character
|
2016-04-24 17:08:51 +02:00
|
|
|
query_extract_keywords = func.pgroonga.query_extract_keywords
|
|
|
|
keywords = query_extract_keywords(operand)
|
2017-03-31 03:03:55 +02:00
|
|
|
query = query.column(match_positions_character(column("rendered_content"),
|
|
|
|
keywords).label("content_matches"))
|
|
|
|
query = query.column(match_positions_character(column("subject"),
|
|
|
|
keywords).label("subject_matches"))
|
2016-04-24 17:08:51 +02:00
|
|
|
condition = column("search_pgroonga").op("@@")(operand)
|
|
|
|
return query.where(maybe_negate(condition))
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def _by_search_tsearch(self, query: Query, operand: str,
|
|
|
|
maybe_negate: ConditionTransform) -> Query:
|
2013-12-10 23:32:29 +01:00
|
|
|
tsquery = func.plainto_tsquery(literal("zulip.english_us_search"), literal(operand))
|
|
|
|
ts_locs_array = func.ts_match_locs_array
|
|
|
|
query = query.column(ts_locs_array(literal("zulip.english_us_search"),
|
|
|
|
column("rendered_content"),
|
|
|
|
tsquery).label("content_matches"))
|
2013-12-02 20:29:57 +01:00
|
|
|
# We HTML-escape the subject in Postgres to avoid doing a server round-trip
|
2013-12-10 23:32:29 +01:00
|
|
|
query = query.column(ts_locs_array(literal("zulip.english_us_search"),
|
|
|
|
func.escape_html(column("subject")),
|
|
|
|
tsquery).label("subject_matches"))
|
2013-12-02 20:29:57 +01:00
|
|
|
|
|
|
|
# Do quoted string matching. We really want phrase
|
|
|
|
# search here so we can ignore punctuation and do
|
|
|
|
# stemming, but there isn't a standard phrase search
|
|
|
|
# mechanism in Postgres
|
|
|
|
for term in re.findall('"[^"]+"|\S+', operand):
|
|
|
|
if term[0] == '"' and term[-1] == '"':
|
|
|
|
term = term[1:-1]
|
2013-12-10 23:32:29 +01:00
|
|
|
term = '%' + connection.ops.prep_for_like_query(term) + '%'
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = or_(column("content").ilike(term),
|
|
|
|
column("subject").ilike(term))
|
2014-02-12 19:09:11 +01:00
|
|
|
query = query.where(maybe_negate(cond))
|
2013-12-02 20:29:57 +01:00
|
|
|
|
2014-02-11 23:33:24 +01:00
|
|
|
cond = column("search_tsvector").op("@@")(tsquery)
|
2014-02-12 19:09:11 +01:00
|
|
|
return query.where(maybe_negate(cond))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-10-31 13:00:37 +01:00
|
|
|
# The offsets we get from PGroonga are counted in characters
|
|
|
|
# whereas the offsets from tsearch_extras are in bytes, so we
|
|
|
|
# have to account for both cases in the logic below.
|
2017-11-27 09:28:57 +01:00
|
|
|
def highlight_string(text: Text, locs: Iterable[Tuple[int, int]]) -> Text:
|
2017-11-04 05:23:22 +01:00
|
|
|
highlight_start = '<span class="highlight">'
|
|
|
|
highlight_stop = '</span>'
|
2013-11-26 00:41:24 +01:00
|
|
|
pos = 0
|
2017-10-31 19:03:12 +01:00
|
|
|
result = ''
|
2017-04-06 15:59:56 +02:00
|
|
|
in_tag = False
|
2017-10-31 19:03:12 +01:00
|
|
|
|
|
|
|
text_utf8 = text.encode('utf8')
|
|
|
|
|
2013-11-26 00:41:24 +01:00
|
|
|
for loc in locs:
|
|
|
|
(offset, length) = loc
|
2017-10-31 19:03:12 +01:00
|
|
|
|
|
|
|
# These indexes are in byte space for tsearch,
|
|
|
|
# and they are in string space for pgroonga.
|
|
|
|
prefix_start = pos
|
|
|
|
prefix_end = offset
|
|
|
|
match_start = offset
|
|
|
|
match_end = offset + length
|
|
|
|
|
|
|
|
if settings.USING_PGROONGA:
|
|
|
|
prefix = text[prefix_start:prefix_end]
|
|
|
|
match = text[match_start:match_end]
|
|
|
|
else:
|
|
|
|
prefix = text_utf8[prefix_start:prefix_end].decode()
|
|
|
|
match = text_utf8[match_start:match_end].decode()
|
|
|
|
|
|
|
|
for character in (prefix + match):
|
|
|
|
if character == '<':
|
2017-04-06 15:59:56 +02:00
|
|
|
in_tag = True
|
2017-10-31 19:03:12 +01:00
|
|
|
elif character == '>':
|
2017-04-06 15:59:56 +02:00
|
|
|
in_tag = False
|
|
|
|
if in_tag:
|
2017-10-31 19:03:12 +01:00
|
|
|
result += prefix
|
|
|
|
result += match
|
2017-04-06 15:59:56 +02:00
|
|
|
else:
|
2017-10-31 19:03:12 +01:00
|
|
|
result += prefix
|
2017-04-06 15:59:56 +02:00
|
|
|
result += highlight_start
|
2017-10-31 19:03:12 +01:00
|
|
|
result += match
|
2017-04-06 15:59:56 +02:00
|
|
|
result += highlight_stop
|
2017-10-31 19:03:12 +01:00
|
|
|
pos = match_end
|
|
|
|
|
|
|
|
if settings.USING_PGROONGA:
|
|
|
|
final_frag = text[pos:]
|
|
|
|
else:
|
|
|
|
final_frag = text_utf8[pos:].decode()
|
|
|
|
|
|
|
|
result += final_frag
|
2016-08-25 08:00:52 +02:00
|
|
|
return result
|
2013-11-26 00:41:24 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def get_search_fields(rendered_content: Text, subject: Text, content_matches: Iterable[Tuple[int, int]],
|
|
|
|
subject_matches: Iterable[Tuple[int, int]]) -> Dict[str, Text]:
|
2013-12-10 23:32:29 +01:00
|
|
|
return dict(match_content=highlight_string(rendered_content, content_matches),
|
|
|
|
match_subject=highlight_string(escape_html(subject), subject_matches))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def narrow_parameter(json: str) -> Optional[List[Dict[str, Any]]]:
|
2016-07-30 01:27:56 +02:00
|
|
|
|
2014-02-10 21:45:53 +01:00
|
|
|
data = ujson.loads(json)
|
|
|
|
if not isinstance(data, list):
|
|
|
|
raise ValueError("argument is not a list")
|
2017-03-19 01:46:35 +01:00
|
|
|
if len(data) == 0:
|
|
|
|
# The "empty narrow" should be None, and not []
|
|
|
|
return None
|
2014-02-10 21:45:53 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def convert_term(elem: Union[Dict[str, Any], List[str]]) -> Dict[str, Any]:
|
2016-09-12 02:09:24 +02:00
|
|
|
|
2014-02-11 00:31:26 +01:00
|
|
|
# We have to support a legacy tuple format.
|
|
|
|
if isinstance(elem, list):
|
2017-01-24 05:50:04 +01:00
|
|
|
if (len(elem) != 2 or
|
|
|
|
any(not isinstance(x, str) and not isinstance(x, Text)
|
|
|
|
for x in elem)):
|
2014-02-11 00:31:26 +01:00
|
|
|
raise ValueError("element is not a string pair")
|
|
|
|
return dict(operator=elem[0], operand=elem[1])
|
|
|
|
|
|
|
|
if isinstance(elem, dict):
|
|
|
|
validator = check_dict([
|
|
|
|
('operator', check_string),
|
|
|
|
('operand', check_string),
|
|
|
|
])
|
|
|
|
|
|
|
|
error = validator('elem', elem)
|
|
|
|
if error:
|
|
|
|
raise JsonableError(error)
|
|
|
|
|
|
|
|
# whitelist the fields we care about for now
|
2014-02-11 21:36:59 +01:00
|
|
|
return dict(
|
|
|
|
operator=elem['operator'],
|
|
|
|
operand=elem['operand'],
|
|
|
|
negated=elem.get('negated', False),
|
|
|
|
)
|
2014-02-11 00:31:26 +01:00
|
|
|
|
|
|
|
raise ValueError("element is not a dictionary")
|
2014-02-10 21:45:53 +01:00
|
|
|
|
2015-11-01 17:14:53 +01:00
|
|
|
return list(map(convert_term, data))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def ok_to_include_history(narrow: Optional[Iterable[Dict[str, Any]]], realm: Realm) -> bool:
|
2016-07-30 01:27:56 +02:00
|
|
|
|
2014-02-13 16:24:06 +01:00
|
|
|
# There are occasions where we need to find Message rows that
|
|
|
|
# have no corresponding UserMessage row, because the user is
|
|
|
|
# reading a public stream that might include messages that
|
|
|
|
# were sent while the user was not subscribed, but which they are
|
|
|
|
# allowed to see. We have to be very careful about constructing
|
|
|
|
# queries in those situations, so this function should return True
|
|
|
|
# only if we are 100% sure that we're gonna add a clause to the
|
|
|
|
# query that narrows to a particular public stream on the user's realm.
|
|
|
|
# If we screw this up, then we can get into a nasty situation of
|
|
|
|
# polluting our narrow results with messages from other realms.
|
2013-12-12 18:36:32 +01:00
|
|
|
include_history = False
|
|
|
|
if narrow is not None:
|
2014-02-10 21:45:53 +01:00
|
|
|
for term in narrow:
|
2014-02-13 18:53:51 +01:00
|
|
|
if term['operator'] == "stream" and not term.get('negated', False):
|
2017-08-15 18:58:29 +02:00
|
|
|
if is_public_stream_by_name(term['operand'], realm):
|
2013-12-12 18:36:32 +01:00
|
|
|
include_history = True
|
2014-01-14 22:53:28 +01:00
|
|
|
# Disable historical messages if the user is narrowing on anything
|
|
|
|
# that's a property on the UserMessage table. There cannot be
|
|
|
|
# historical messages in these cases anyway.
|
2014-02-10 21:45:53 +01:00
|
|
|
for term in narrow:
|
|
|
|
if term['operator'] == "is":
|
2013-12-12 18:36:32 +01:00
|
|
|
include_history = False
|
|
|
|
|
2014-02-13 16:24:06 +01:00
|
|
|
return include_history
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def get_stream_name_from_narrow(narrow: Optional[Iterable[Dict[str, Any]]]) -> Optional[Text]:
|
2017-03-19 01:46:35 +01:00
|
|
|
if narrow is not None:
|
|
|
|
for term in narrow:
|
|
|
|
if term['operator'] == 'stream':
|
|
|
|
return term['operand'].lower()
|
2014-02-25 15:41:32 +01:00
|
|
|
return None
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def exclude_muting_conditions(user_profile: UserProfile,
|
|
|
|
narrow: Optional[Iterable[Dict[str, Any]]]) -> List[Selectable]:
|
2014-02-25 22:22:35 +01:00
|
|
|
conditions = []
|
2014-02-25 15:41:32 +01:00
|
|
|
stream_name = get_stream_name_from_narrow(narrow)
|
2014-02-25 22:22:35 +01:00
|
|
|
|
2017-09-17 20:19:12 +02:00
|
|
|
stream_id = None
|
|
|
|
if stream_name is not None:
|
|
|
|
try:
|
|
|
|
# Note that this code works around a lint rule that
|
|
|
|
# says we should use access_stream_by_name to get the
|
|
|
|
# stream. It is okay here, because we are only using
|
|
|
|
# the stream id to exclude data, not to include results.
|
|
|
|
stream_id = get_stream(stream_name, user_profile.realm).id
|
|
|
|
except Stream.DoesNotExist:
|
|
|
|
pass
|
|
|
|
|
|
|
|
if stream_id is None:
|
2014-02-25 22:22:35 +01:00
|
|
|
rows = Subscription.objects.filter(
|
|
|
|
user_profile=user_profile,
|
|
|
|
active=True,
|
|
|
|
in_home_view=False,
|
|
|
|
recipient__type=Recipient.STREAM
|
|
|
|
).values('recipient_id')
|
2015-11-01 17:14:53 +01:00
|
|
|
muted_recipient_ids = [row['recipient_id'] for row in rows]
|
2017-02-22 23:43:22 +01:00
|
|
|
if len(muted_recipient_ids) > 0:
|
|
|
|
# Only add the condition if we have muted streams to simplify/avoid warnings.
|
|
|
|
condition = not_(column("recipient_id").in_(muted_recipient_ids))
|
|
|
|
conditions.append(condition)
|
2014-02-25 22:22:35 +01:00
|
|
|
|
2017-09-17 20:19:12 +02:00
|
|
|
conditions = exclude_topic_mutes(conditions, user_profile, stream_id)
|
2014-02-24 23:00:58 +01:00
|
|
|
|
2014-02-25 22:22:35 +01:00
|
|
|
return conditions
|
2014-02-24 23:00:58 +01:00
|
|
|
|
2014-02-13 16:24:06 +01:00
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def get_messages_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
anchor: int=REQ(converter=int),
|
|
|
|
num_before: int=REQ(converter=to_non_negative_int),
|
|
|
|
num_after: int=REQ(converter=to_non_negative_int),
|
|
|
|
narrow: Optional[List[Dict[str, Any]]]=REQ('narrow', converter=narrow_parameter,
|
|
|
|
default=None),
|
|
|
|
use_first_unread_anchor: bool=REQ(validator=check_bool, default=False),
|
|
|
|
client_gravatar: bool=REQ(validator=check_bool, default=False),
|
|
|
|
apply_markdown: bool=REQ(validator=check_bool, default=True)) -> HttpResponse:
|
2014-02-13 16:24:06 +01:00
|
|
|
include_history = ok_to_include_history(narrow, user_profile.realm)
|
|
|
|
|
2014-01-31 20:19:12 +01:00
|
|
|
if include_history and not use_first_unread_anchor:
|
2017-06-30 02:24:05 +02:00
|
|
|
# The initial query in this case doesn't use `zerver_usermessage`,
|
|
|
|
# and isn't yet limited to messages the user is entitled to see!
|
|
|
|
#
|
|
|
|
# This is OK only because we've made sure this is a narrow that
|
|
|
|
# will cause us to limit the query appropriately later.
|
|
|
|
# See `ok_to_include_history` for details.
|
2017-02-22 22:13:57 +01:00
|
|
|
query = select([column("id").label("message_id")], None, table("zerver_message"))
|
2013-12-10 23:32:29 +01:00
|
|
|
inner_msg_id_col = literal_column("zerver_message.id")
|
2017-03-21 05:16:40 +01:00
|
|
|
elif narrow is None and not use_first_unread_anchor:
|
2017-06-30 02:24:05 +02:00
|
|
|
# This is limited to messages the user received, as recorded in `zerver_usermessage`.
|
2013-12-12 22:50:49 +01:00
|
|
|
query = select([column("message_id"), column("flags")],
|
|
|
|
column("user_profile_id") == literal(user_profile.id),
|
2017-02-22 22:13:57 +01:00
|
|
|
table("zerver_usermessage"))
|
2013-12-12 22:50:49 +01:00
|
|
|
inner_msg_id_col = column("message_id")
|
2013-12-12 18:36:32 +01:00
|
|
|
else:
|
2017-06-30 02:24:05 +02:00
|
|
|
# This is limited to messages the user received, as recorded in `zerver_usermessage`.
|
2013-12-12 22:50:49 +01:00
|
|
|
# TODO: Don't do this join if we're not doing a search
|
|
|
|
query = select([column("message_id"), column("flags")],
|
2013-12-10 23:32:29 +01:00
|
|
|
column("user_profile_id") == literal(user_profile.id),
|
2017-02-22 22:13:57 +01:00
|
|
|
join(table("zerver_usermessage"), table("zerver_message"),
|
2013-12-10 23:32:29 +01:00
|
|
|
literal_column("zerver_usermessage.message_id") ==
|
|
|
|
literal_column("zerver_message.id")))
|
|
|
|
inner_msg_id_col = column("message_id")
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2018-01-02 18:33:28 +01:00
|
|
|
first_visible_message_id = get_first_visible_message_id(user_profile.realm)
|
2018-03-13 00:17:07 +01:00
|
|
|
if first_visible_message_id > 0:
|
|
|
|
query = query.where(inner_msg_id_col >= first_visible_message_id)
|
2018-01-02 18:33:28 +01:00
|
|
|
|
2013-12-12 22:50:49 +01:00
|
|
|
is_search = False
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
if narrow is not None:
|
2013-12-12 22:50:49 +01:00
|
|
|
# Add some metadata to our logging data for narrows
|
2013-12-12 18:36:32 +01:00
|
|
|
verbose_operators = []
|
2014-02-10 21:45:53 +01:00
|
|
|
for term in narrow:
|
|
|
|
if term['operator'] == "is":
|
|
|
|
verbose_operators.append("is:" + term['operand'])
|
2013-12-12 18:36:32 +01:00
|
|
|
else:
|
2014-02-10 21:45:53 +01:00
|
|
|
verbose_operators.append(term['operator'])
|
2013-12-12 18:36:32 +01:00
|
|
|
request._log_data['extra'] = "[%s]" % (",".join(verbose_operators),)
|
|
|
|
|
2013-12-12 22:50:49 +01:00
|
|
|
# Build the query for the narrow
|
2014-02-27 20:09:59 +01:00
|
|
|
builder = NarrowBuilder(user_profile, inner_msg_id_col)
|
2017-08-03 06:55:58 +02:00
|
|
|
search_term = {} # type: Dict[str, Any]
|
2014-02-10 21:45:53 +01:00
|
|
|
for term in narrow:
|
2017-01-16 16:53:20 +01:00
|
|
|
if term['operator'] == 'search':
|
|
|
|
if not is_search:
|
|
|
|
search_term = term
|
2017-02-22 22:13:57 +01:00
|
|
|
query = query.column(column("subject")).column(column("rendered_content"))
|
2017-01-16 16:53:20 +01:00
|
|
|
is_search = True
|
|
|
|
else:
|
|
|
|
# Join the search operators if there are multiple of them
|
|
|
|
search_term['operand'] += ' ' + term['operand']
|
|
|
|
else:
|
|
|
|
query = builder.add_term(query, term)
|
|
|
|
if is_search:
|
|
|
|
query = builder.add_term(query, search_term)
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2014-01-31 20:19:12 +01:00
|
|
|
sa_conn = get_sqlalchemy_connection()
|
2018-03-13 01:07:12 +01:00
|
|
|
|
|
|
|
anchored_to_right = False # till we know better
|
|
|
|
|
2014-01-31 20:19:12 +01:00
|
|
|
if use_first_unread_anchor:
|
2014-02-12 22:09:34 +01:00
|
|
|
condition = column("flags").op("&")(UserMessage.flags.read.mask) == 0
|
|
|
|
|
|
|
|
# We exclude messages on muted topics when finding the first unread
|
|
|
|
# message in this narrow
|
2014-02-25 15:41:32 +01:00
|
|
|
muting_conditions = exclude_muting_conditions(user_profile, narrow)
|
2014-02-24 23:00:58 +01:00
|
|
|
if muting_conditions:
|
|
|
|
condition = and_(condition, *muting_conditions)
|
2014-02-12 22:09:34 +01:00
|
|
|
|
2017-03-19 01:46:39 +01:00
|
|
|
# The mobile app uses narrow=[] and use_first_unread_anchor=True to
|
|
|
|
# determine what messages to show when you first load the app.
|
|
|
|
# Unfortunately, this means that if you have a years-old unread
|
|
|
|
# message, the mobile app could get stuck in the past.
|
|
|
|
#
|
|
|
|
# To fix this, we enforce that the "first unread anchor" must be on or
|
|
|
|
# after the user's current pointer location. Since the pointer
|
|
|
|
# location refers to the latest the user has read in the home view,
|
|
|
|
# we'll only apply this logic in the home view (ie, when narrow is
|
|
|
|
# empty).
|
|
|
|
if not narrow:
|
|
|
|
pointer_condition = inner_msg_id_col >= user_profile.pointer
|
|
|
|
condition = and_(condition, pointer_condition)
|
|
|
|
|
2014-02-12 22:09:34 +01:00
|
|
|
first_unread_query = query.where(condition)
|
2014-01-31 20:19:12 +01:00
|
|
|
first_unread_query = first_unread_query.order_by(inner_msg_id_col.asc()).limit(1)
|
|
|
|
first_unread_result = list(sa_conn.execute(first_unread_query).fetchall())
|
|
|
|
if len(first_unread_result) > 0:
|
|
|
|
anchor = first_unread_result[0][0]
|
|
|
|
else:
|
2018-03-12 20:33:00 +01:00
|
|
|
# Set values that will be used to short circuit the after_query
|
|
|
|
# altogether and avoid needless conditions in the before_query.
|
2018-03-13 01:07:12 +01:00
|
|
|
anchored_to_right = True
|
|
|
|
num_after = None
|
|
|
|
|
|
|
|
# We only use LARGER_THAN_MAX_MESSAGE_ID for an edge case hack
|
|
|
|
# where num_before and num_after are 0, and it produces a query
|
|
|
|
# that returns zero results.
|
2017-02-23 05:50:15 +01:00
|
|
|
anchor = LARGER_THAN_MAX_MESSAGE_ID
|
2014-01-31 20:19:12 +01:00
|
|
|
|
2018-03-13 01:07:12 +01:00
|
|
|
anchored_to_left = (anchor == 0)
|
|
|
|
|
2018-03-13 14:29:39 +01:00
|
|
|
query = limit_query_to_range(
|
|
|
|
query=query,
|
|
|
|
num_before=num_before,
|
|
|
|
num_after=num_after,
|
|
|
|
anchor=anchor,
|
|
|
|
anchored_to_left=anchored_to_left,
|
|
|
|
anchored_to_right=anchored_to_right,
|
|
|
|
narrow=narrow,
|
|
|
|
id_col=inner_msg_id_col,
|
|
|
|
)
|
2017-02-22 23:39:40 +01:00
|
|
|
|
2013-12-12 22:50:49 +01:00
|
|
|
main_query = alias(query)
|
|
|
|
query = select(main_query.c, None, main_query).order_by(column("message_id").asc())
|
2014-01-08 18:01:35 +01:00
|
|
|
# This is a hack to tag the query we use for testing
|
2017-03-24 07:51:46 +01:00
|
|
|
query = query.prefix_with("/* get_messages */")
|
2018-03-14 12:38:04 +01:00
|
|
|
rows = list(sa_conn.execute(query).fetchall())
|
2013-12-12 18:36:32 +01:00
|
|
|
|
|
|
|
# The following is a little messy, but ensures that the code paths
|
|
|
|
# are similar regardless of the value of include_history. The
|
|
|
|
# 'user_messages' dictionary maps each message to the user's
|
|
|
|
# UserMessage object for that message, which we will attach to the
|
|
|
|
# rendered message dict before returning it. We attempt to
|
2016-03-31 03:39:51 +02:00
|
|
|
# bulk-fetch rendered message dicts from remote cache using the
|
2013-12-12 18:36:32 +01:00
|
|
|
# 'messages' list.
|
2017-05-17 22:12:14 +02:00
|
|
|
message_ids = [] # type: List[int]
|
|
|
|
user_message_flags = {} # type: Dict[int, List[str]]
|
2013-12-12 22:50:49 +01:00
|
|
|
if include_history:
|
2018-03-14 12:38:04 +01:00
|
|
|
message_ids = [row[0] for row in rows]
|
2013-12-10 23:32:29 +01:00
|
|
|
|
|
|
|
# TODO: This could be done with an outer join instead of two queries
|
2017-11-07 16:18:42 +01:00
|
|
|
um_rows = UserMessage.objects.filter(user_profile=user_profile,
|
|
|
|
message__id__in=message_ids)
|
|
|
|
user_message_flags = {um.message_id: um.flags_list() for um in um_rows}
|
|
|
|
|
2017-11-07 17:12:27 +01:00
|
|
|
for message_id in message_ids:
|
|
|
|
if message_id not in user_message_flags:
|
2013-12-10 23:32:29 +01:00
|
|
|
user_message_flags[message_id] = ["read", "historical"]
|
2013-12-12 18:36:32 +01:00
|
|
|
else:
|
2018-03-14 12:38:04 +01:00
|
|
|
for row in rows:
|
2013-12-10 23:32:29 +01:00
|
|
|
message_id = row[0]
|
|
|
|
flags = row[1]
|
2017-11-07 18:40:39 +01:00
|
|
|
user_message_flags[message_id] = UserMessage.flags_list_for_flags(flags)
|
2013-12-10 23:32:29 +01:00
|
|
|
message_ids.append(message_id)
|
|
|
|
|
2017-11-07 17:12:27 +01:00
|
|
|
search_fields = dict() # type: Dict[int, Dict[str, Text]]
|
|
|
|
if is_search:
|
2018-03-14 12:38:04 +01:00
|
|
|
for row in rows:
|
2017-11-07 17:12:27 +01:00
|
|
|
message_id = row[0]
|
|
|
|
(subject, rendered_content, content_matches, subject_matches) = row[-4:]
|
2017-11-16 22:38:04 +01:00
|
|
|
|
|
|
|
try:
|
|
|
|
search_fields[message_id] = get_search_fields(rendered_content, subject,
|
|
|
|
content_matches, subject_matches)
|
|
|
|
except UnicodeDecodeError as err: # nocoverage
|
|
|
|
# No coverage for this block since it should be
|
|
|
|
# impossible, and we plan to remove it once we've
|
|
|
|
# debugged the case that makes it happen.
|
|
|
|
raise Exception(str(err), message_id, search_term)
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-07 17:36:29 +01:00
|
|
|
message_list = messages_for_ids(
|
|
|
|
message_ids=message_ids,
|
|
|
|
user_message_flags=user_message_flags,
|
|
|
|
search_fields=search_fields,
|
|
|
|
apply_markdown=apply_markdown,
|
|
|
|
client_gravatar=client_gravatar,
|
|
|
|
allow_edit_history=user_profile.realm.allow_edit_history,
|
|
|
|
)
|
2017-10-10 09:22:21 +02:00
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
statsd.incr('loaded_old_messages', len(message_list))
|
|
|
|
ret = {'messages': message_list,
|
|
|
|
"result": "success",
|
|
|
|
"msg": ""}
|
2018-02-14 04:44:41 +01:00
|
|
|
if use_first_unread_anchor:
|
|
|
|
ret['anchor'] = anchor
|
2013-12-12 18:36:32 +01:00
|
|
|
return json_success(ret)
|
|
|
|
|
2018-03-13 14:29:39 +01:00
|
|
|
def limit_query_to_range(query: Query,
|
|
|
|
num_before: int,
|
|
|
|
num_after: int,
|
|
|
|
anchor: int,
|
|
|
|
anchored_to_left: bool,
|
|
|
|
anchored_to_right: bool,
|
|
|
|
narrow: Any,
|
|
|
|
id_col: ColumnElement) -> Query:
|
|
|
|
'''
|
|
|
|
This code is actually generic enough that we could move it to a
|
|
|
|
library, but our only caller for now is message search.
|
|
|
|
'''
|
|
|
|
need_before_query = (not anchored_to_left) and (num_before > 0)
|
|
|
|
need_after_query = (not anchored_to_right) and (num_after > 0)
|
|
|
|
|
|
|
|
need_both_sides = need_before_query and need_after_query
|
|
|
|
|
|
|
|
# We add 1 to the number of messages requested if no narrow was
|
|
|
|
# specified to ensure that the resulting list always contains the
|
|
|
|
# anchor row. If a narrow was specified, the anchor row
|
|
|
|
# might not match the narrow anyway.
|
|
|
|
if narrow is None:
|
|
|
|
if need_after_query:
|
|
|
|
num_after += 1
|
|
|
|
elif need_before_query:
|
|
|
|
num_before += 1
|
|
|
|
|
|
|
|
if need_both_sides:
|
|
|
|
before_anchor = anchor - 1
|
|
|
|
elif need_before_query:
|
|
|
|
before_anchor = anchor
|
|
|
|
|
|
|
|
if need_before_query:
|
|
|
|
before_query = query
|
|
|
|
|
|
|
|
if not anchored_to_right:
|
|
|
|
before_query = before_query.where(id_col <= before_anchor)
|
|
|
|
|
|
|
|
before_query = before_query.order_by(id_col.desc()).limit(num_before)
|
|
|
|
|
|
|
|
if need_after_query:
|
|
|
|
after_query = query
|
|
|
|
|
|
|
|
if not anchored_to_left:
|
|
|
|
after_query = after_query.where(id_col >= anchor)
|
|
|
|
|
|
|
|
after_query = after_query.order_by(id_col.asc()).limit(num_after)
|
|
|
|
|
|
|
|
if need_both_sides:
|
|
|
|
query = union_all(before_query.self_group(), after_query.self_group())
|
|
|
|
elif need_before_query:
|
|
|
|
query = before_query
|
|
|
|
elif need_after_query:
|
|
|
|
query = after_query
|
|
|
|
else:
|
|
|
|
# If we don't have either a before_query or after_query, it's because
|
|
|
|
# some combination of num_before/num_after/anchor are zero or
|
|
|
|
# use_first_unread_anchor logic found no unread messages.
|
|
|
|
#
|
|
|
|
# The most likely reason is somebody is doing an id search, so searching
|
|
|
|
# for something like `message_id = 42` is exactly what we want. In other
|
|
|
|
# cases, which could possibly be buggy API clients, at least we will
|
|
|
|
# return at most one row here.
|
|
|
|
query = query.where(id_col == anchor)
|
|
|
|
|
|
|
|
return query
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def update_message_flags(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
messages: List[int]=REQ(validator=check_list(check_int)),
|
|
|
|
operation: Text=REQ('op'), flag: Text=REQ()) -> HttpResponse:
|
2017-08-04 23:06:23 +02:00
|
|
|
|
2017-08-06 15:00:08 +02:00
|
|
|
count = do_update_message_flags(user_profile, operation, flag, messages)
|
2016-07-13 03:16:42 +02:00
|
|
|
|
2017-08-06 15:00:08 +02:00
|
|
|
target_count_str = str(len(messages))
|
|
|
|
log_data_str = "[%s %s/%s] actually %s" % (operation, flag, target_count_str, count)
|
2016-07-13 03:16:42 +02:00
|
|
|
request._log_data["extra"] = log_data_str
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
return json_success({'result': 'success',
|
|
|
|
'messages': messages,
|
|
|
|
'msg': ''})
|
|
|
|
|
2017-08-04 20:26:38 +02:00
|
|
|
@has_request_variables
|
2017-11-27 09:28:57 +01:00
|
|
|
def mark_all_as_read(request: HttpRequest, user_profile: UserProfile) -> HttpResponse:
|
2017-08-04 20:26:38 +02:00
|
|
|
count = do_mark_all_as_read(user_profile)
|
|
|
|
|
|
|
|
log_data_str = "[%s updated]" % (count,)
|
|
|
|
request._log_data["extra"] = log_data_str
|
|
|
|
|
|
|
|
return json_success({'result': 'success',
|
|
|
|
'msg': ''})
|
|
|
|
|
2017-08-08 16:11:45 +02:00
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def mark_stream_as_read(request: HttpRequest,
|
|
|
|
user_profile: UserProfile,
|
|
|
|
stream_id: int=REQ(validator=check_int)) -> HttpResponse:
|
2017-08-15 19:34:15 +02:00
|
|
|
stream, recipient, sub = access_stream_by_id(user_profile, stream_id)
|
2017-08-08 16:11:45 +02:00
|
|
|
count = do_mark_stream_messages_as_read(user_profile, stream)
|
2017-08-06 15:00:08 +02:00
|
|
|
|
2017-08-08 16:11:45 +02:00
|
|
|
log_data_str = "[%s updated]" % (count,)
|
|
|
|
request._log_data["extra"] = log_data_str
|
|
|
|
|
|
|
|
return json_success({'result': 'success',
|
|
|
|
'msg': ''})
|
|
|
|
|
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def mark_topic_as_read(request: HttpRequest,
|
|
|
|
user_profile: UserProfile,
|
|
|
|
stream_id: int=REQ(validator=check_int),
|
|
|
|
topic_name: Text=REQ()) -> HttpResponse:
|
2017-08-15 19:28:32 +02:00
|
|
|
stream, recipient, sub = access_stream_by_id(user_profile, stream_id)
|
2017-08-04 23:06:23 +02:00
|
|
|
|
|
|
|
if topic_name:
|
|
|
|
topic_exists = UserMessage.objects.filter(user_profile=user_profile,
|
2017-08-15 19:28:32 +02:00
|
|
|
message__recipient=recipient,
|
2017-08-04 23:06:23 +02:00
|
|
|
message__subject__iexact=topic_name).exists()
|
|
|
|
if not topic_exists:
|
|
|
|
raise JsonableError(_('No such topic \'%s\'') % (topic_name,))
|
|
|
|
|
2017-08-06 15:00:08 +02:00
|
|
|
count = do_mark_stream_messages_as_read(user_profile, stream, topic_name)
|
2017-08-04 23:06:23 +02:00
|
|
|
|
2017-08-08 16:11:45 +02:00
|
|
|
log_data_str = "[%s updated]" % (count,)
|
2017-08-04 23:06:23 +02:00
|
|
|
request._log_data["extra"] = log_data_str
|
|
|
|
|
|
|
|
return json_success({'result': 'success',
|
|
|
|
'msg': ''})
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def create_mirrored_message_users(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
recipients: Iterable[Text]) -> Tuple[bool, Optional[UserProfile]]:
|
2013-12-12 18:36:32 +01:00
|
|
|
if "sender" not in request.POST:
|
|
|
|
return (False, None)
|
|
|
|
|
|
|
|
sender_email = request.POST["sender"].strip().lower()
|
|
|
|
referenced_users = set([sender_email])
|
|
|
|
if request.POST['type'] == 'private':
|
|
|
|
for email in recipients:
|
|
|
|
referenced_users.add(email.lower())
|
|
|
|
|
|
|
|
if request.client.name == "zephyr_mirror":
|
2014-03-05 17:54:37 +01:00
|
|
|
user_check = same_realm_zephyr_user
|
2013-12-12 18:36:32 +01:00
|
|
|
fullname_function = compute_mit_user_fullname
|
|
|
|
elif request.client.name == "irc_mirror":
|
|
|
|
user_check = same_realm_irc_user
|
|
|
|
fullname_function = compute_irc_user_fullname
|
2014-02-28 20:53:54 +01:00
|
|
|
elif request.client.name in ("jabber_mirror", "JabberMirror"):
|
2014-03-05 17:51:35 +01:00
|
|
|
user_check = same_realm_jabber_user
|
2013-12-12 18:36:32 +01:00
|
|
|
fullname_function = compute_jabber_user_fullname
|
|
|
|
else:
|
|
|
|
# Unrecognized mirroring client
|
|
|
|
return (False, None)
|
|
|
|
|
|
|
|
for email in referenced_users:
|
|
|
|
# Check that all referenced users are in our realm:
|
|
|
|
if not user_check(user_profile, email):
|
|
|
|
return (False, None)
|
|
|
|
|
|
|
|
# Create users for the referenced users, if needed.
|
|
|
|
for email in referenced_users:
|
|
|
|
create_mirror_user_if_needed(user_profile.realm, email, fullname_function)
|
|
|
|
|
2017-07-18 23:31:27 +02:00
|
|
|
sender = get_user_including_cross_realm(sender_email, user_profile.realm)
|
2013-12-12 18:36:32 +01:00
|
|
|
return (True, sender)
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def same_realm_zephyr_user(user_profile: UserProfile, email: Text) -> bool:
|
2016-07-27 01:45:29 +02:00
|
|
|
#
|
|
|
|
# Are the sender and recipient both addresses in the same Zephyr
|
|
|
|
# mirroring realm? We have to handle this specially, inferring
|
|
|
|
# the domain from the e-mail address, because the recipient may
|
|
|
|
# not existing in Zulip and we may need to make a stub Zephyr
|
|
|
|
# mirroring user on the fly.
|
2013-12-12 18:36:32 +01:00
|
|
|
try:
|
|
|
|
validators.validate_email(email)
|
|
|
|
except ValidationError:
|
|
|
|
return False
|
|
|
|
|
2016-11-11 21:13:30 +01:00
|
|
|
domain = email_to_domain(email)
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-03-31 16:20:07 +02:00
|
|
|
# Assumes allow_subdomains=False for all RealmDomain's corresponding to
|
2017-01-21 08:19:03 +01:00
|
|
|
# these realms.
|
2016-11-09 02:40:54 +01:00
|
|
|
return user_profile.realm.is_zephyr_mirror_realm and \
|
2017-03-31 16:20:07 +02:00
|
|
|
RealmDomain.objects.filter(realm=user_profile.realm, domain=domain).exists()
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def same_realm_irc_user(user_profile: UserProfile, email: Text) -> bool:
|
2013-12-12 18:36:32 +01:00
|
|
|
# Check whether the target email address is an IRC user in the
|
|
|
|
# same realm as user_profile, i.e. if the domain were example.com,
|
|
|
|
# the IRC user would need to be username@irc.example.com
|
|
|
|
try:
|
|
|
|
validators.validate_email(email)
|
|
|
|
except ValidationError:
|
|
|
|
return False
|
|
|
|
|
2016-11-11 21:13:30 +01:00
|
|
|
domain = email_to_domain(email).replace("irc.", "")
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-03-31 16:20:07 +02:00
|
|
|
# Assumes allow_subdomains=False for all RealmDomain's corresponding to
|
2017-01-21 08:19:03 +01:00
|
|
|
# these realms.
|
2017-03-31 16:20:07 +02:00
|
|
|
return RealmDomain.objects.filter(realm=user_profile.realm, domain=domain).exists()
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def same_realm_jabber_user(user_profile: UserProfile, email: Text) -> bool:
|
2013-12-12 18:36:32 +01:00
|
|
|
try:
|
|
|
|
validators.validate_email(email)
|
|
|
|
except ValidationError:
|
|
|
|
return False
|
|
|
|
|
2016-11-11 05:50:34 +01:00
|
|
|
# If your Jabber users have a different email domain than the
|
|
|
|
# Zulip users, this is where you would do any translation.
|
2016-11-11 21:13:30 +01:00
|
|
|
domain = email_to_domain(email)
|
2016-11-09 02:40:54 +01:00
|
|
|
|
2017-03-31 16:20:07 +02:00
|
|
|
# Assumes allow_subdomains=False for all RealmDomain's corresponding to
|
2017-01-21 08:19:03 +01:00
|
|
|
# these realms.
|
2017-03-31 16:20:07 +02:00
|
|
|
return RealmDomain.objects.filter(realm=user_profile.realm, domain=domain).exists()
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2018-01-04 18:41:34 +01:00
|
|
|
def handle_deferred_message(sender: UserProfile, client: Client,
|
|
|
|
message_type_name: Text, message_to: Sequence[Text],
|
|
|
|
topic_name: Optional[Text],
|
2018-01-12 12:38:45 +01:00
|
|
|
message_content: Text, delivery_type: Text,
|
2018-01-04 18:41:34 +01:00
|
|
|
defer_until: Text, tz_guess: Text,
|
|
|
|
forwarder_user_profile: UserProfile,
|
|
|
|
realm: Optional[Realm]) -> HttpResponse:
|
|
|
|
deliver_at = None
|
|
|
|
local_tz = 'UTC'
|
|
|
|
if tz_guess:
|
|
|
|
local_tz = tz_guess
|
|
|
|
elif sender.timezone:
|
|
|
|
local_tz = sender.timezone
|
|
|
|
try:
|
|
|
|
deliver_at = dateparser(defer_until)
|
|
|
|
except ValueError:
|
|
|
|
return json_error(_("Invalid timestamp for scheduling message."))
|
|
|
|
|
|
|
|
deliver_at_usertz = deliver_at
|
|
|
|
if deliver_at_usertz.tzinfo is None:
|
|
|
|
user_tz = get_timezone(local_tz)
|
|
|
|
# Since mypy is not able to recognize localize and normalize as attributes of tzinfo we use ignore.
|
|
|
|
deliver_at_usertz = user_tz.normalize(user_tz.localize(deliver_at)) # type: ignore # Reason in comment on previous line.
|
|
|
|
deliver_at = convert_to_UTC(deliver_at_usertz)
|
|
|
|
|
|
|
|
if deliver_at <= timezone_now():
|
|
|
|
return json_error(_("Invalid timestamp for scheduling message. Choose a time in future."))
|
|
|
|
|
|
|
|
check_schedule_message(sender, client, message_type_name, message_to,
|
2018-01-12 12:38:45 +01:00
|
|
|
topic_name, message_content, delivery_type,
|
2018-01-04 18:41:34 +01:00
|
|
|
deliver_at, realm=realm,
|
|
|
|
forwarder_user_profile=forwarder_user_profile)
|
|
|
|
return json_success({"deliver_at": str(deliver_at_usertz)})
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
# We do not @require_login for send_message_backend, since it is used
|
|
|
|
# both from the API and the web service. Code calling
|
|
|
|
# send_message_backend should either check the API key or check that
|
|
|
|
# the user is logged in.
|
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def send_message_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
message_type_name: Text=REQ('type'),
|
|
|
|
message_to: List[Text]=REQ('to', converter=extract_recipients, default=[]),
|
|
|
|
forged: bool=REQ(default=False),
|
2017-12-24 02:49:21 +01:00
|
|
|
topic_name: Optional[Text]= REQ('subject',
|
|
|
|
converter=lambda x: x.strip(), default=None),
|
2017-12-03 18:46:27 +01:00
|
|
|
message_content: Text=REQ('content'),
|
|
|
|
realm_str: Optional[Text]=REQ('realm_str', default=None),
|
|
|
|
local_id: Optional[Text]=REQ(default=None),
|
2018-01-04 18:41:34 +01:00
|
|
|
queue_id: Optional[Text]=REQ(default=None),
|
2018-01-12 12:38:45 +01:00
|
|
|
delivery_type: Optional[Text]=REQ('delivery_type', default='send_now'),
|
2018-01-04 18:41:34 +01:00
|
|
|
defer_until: Optional[Text]=REQ('deliver_at', default=None),
|
|
|
|
tz_guess: Optional[Text]=REQ('tz_guess', default=None)) -> HttpResponse:
|
2013-12-12 18:36:32 +01:00
|
|
|
client = request.client
|
2016-02-08 03:59:38 +01:00
|
|
|
is_super_user = request.user.is_api_super_user
|
2013-12-12 18:36:32 +01:00
|
|
|
if forged and not is_super_user:
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("User not authorized for this query"))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
|
|
|
realm = None
|
2017-01-03 06:57:03 +01:00
|
|
|
if realm_str and realm_str != user_profile.realm.string_id:
|
2013-12-12 18:36:32 +01:00
|
|
|
if not is_super_user:
|
|
|
|
# The email gateway bot needs to be able to send messages in
|
|
|
|
# any realm.
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("User not authorized for this query"))
|
2017-01-04 05:30:48 +01:00
|
|
|
realm = get_realm(realm_str)
|
2013-12-12 18:36:32 +01:00
|
|
|
if not realm:
|
2018-03-08 01:53:24 +01:00
|
|
|
return json_error(_("Unknown organization '%s'") % (realm_str,))
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2014-02-28 20:53:54 +01:00
|
|
|
if client.name in ["zephyr_mirror", "irc_mirror", "jabber_mirror", "JabberMirror"]:
|
2013-12-12 18:36:32 +01:00
|
|
|
# Here's how security works for mirroring:
|
|
|
|
#
|
|
|
|
# For private messages, the message must be (1) both sent and
|
|
|
|
# received exclusively by users in your realm, and (2)
|
|
|
|
# received by the forwarding user.
|
|
|
|
#
|
|
|
|
# For stream messages, the message must be (1) being forwarded
|
|
|
|
# by an API superuser for your realm and (2) being sent to a
|
2017-11-25 09:52:04 +01:00
|
|
|
# mirrored stream.
|
2013-12-12 18:36:32 +01:00
|
|
|
#
|
|
|
|
# The security checks are split between the below code
|
|
|
|
# (especially create_mirrored_message_users which checks the
|
|
|
|
# same-realm constraint) and recipient_for_emails (which
|
|
|
|
# checks that PMs are received by the forwarding user)
|
|
|
|
if "sender" not in request.POST:
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("Missing sender"))
|
2013-12-12 18:36:32 +01:00
|
|
|
if message_type_name != "private" and not is_super_user:
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("User not authorized for this query"))
|
2013-12-12 18:36:32 +01:00
|
|
|
(valid_input, mirror_sender) = \
|
|
|
|
create_mirrored_message_users(request, user_profile, message_to)
|
|
|
|
if not valid_input:
|
2016-05-25 15:02:02 +02:00
|
|
|
return json_error(_("Invalid mirrored message"))
|
2016-07-27 01:45:29 +02:00
|
|
|
if client.name == "zephyr_mirror" and not user_profile.realm.is_zephyr_mirror_realm:
|
2018-03-08 01:53:24 +01:00
|
|
|
return json_error(_("Zephyr mirroring is not allowed in this organization"))
|
2013-12-12 18:36:32 +01:00
|
|
|
sender = mirror_sender
|
|
|
|
else:
|
|
|
|
sender = user_profile
|
|
|
|
|
2018-01-12 12:38:45 +01:00
|
|
|
if (delivery_type == 'send_later' or delivery_type == 'remind') and defer_until is None:
|
|
|
|
return json_error(_("Missing deliver_at in a request for delayed message delivery"))
|
|
|
|
|
2018-02-19 06:03:27 +01:00
|
|
|
if (delivery_type == 'send_later' or delivery_type == 'remind') and defer_until is not None:
|
2018-01-04 18:41:34 +01:00
|
|
|
return handle_deferred_message(sender, client, message_type_name,
|
|
|
|
message_to, topic_name, message_content,
|
2018-01-12 12:38:45 +01:00
|
|
|
delivery_type, defer_until, tz_guess,
|
2018-01-04 18:41:34 +01:00
|
|
|
forwarder_user_profile=user_profile,
|
|
|
|
realm=realm)
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
ret = check_send_message(sender, client, message_type_name, message_to,
|
2017-10-27 14:53:28 +02:00
|
|
|
topic_name, message_content, forged=forged,
|
2013-12-12 18:36:32 +01:00
|
|
|
forged_timestamp = request.POST.get('time'),
|
|
|
|
forwarder_user_profile=user_profile, realm=realm,
|
2017-07-14 19:30:23 +02:00
|
|
|
local_id=local_id, sender_queue_id=queue_id)
|
2013-12-12 18:36:32 +01:00
|
|
|
return json_success({"id": ret})
|
|
|
|
|
2017-11-27 09:28:57 +01:00
|
|
|
def fill_edit_history_entries(message_history: List[Dict[str, Any]], message: Message) -> None:
|
2017-02-20 00:19:29 +01:00
|
|
|
"""This fills out the message edit history entries from the database,
|
|
|
|
which are designed to have the minimum data possible, to instead
|
|
|
|
have the current topic + content as of that time, plus data on
|
|
|
|
whatever changed. This makes it much simpler to do future
|
|
|
|
processing.
|
|
|
|
|
|
|
|
Note that this mutates what is passed to it, which is sorta a bad pattern.
|
|
|
|
"""
|
|
|
|
prev_content = message.content
|
|
|
|
prev_rendered_content = message.rendered_content
|
|
|
|
prev_topic = message.subject
|
2017-02-20 01:44:12 +01:00
|
|
|
assert(datetime_to_timestamp(message.last_edit_time) == message_history[0]['timestamp'])
|
|
|
|
|
2017-02-20 00:19:29 +01:00
|
|
|
for entry in message_history:
|
|
|
|
entry['topic'] = prev_topic
|
|
|
|
if 'prev_subject' in entry:
|
|
|
|
# We replace use of 'subject' with 'topic' for downstream simplicity
|
|
|
|
prev_topic = entry['prev_subject']
|
|
|
|
entry['prev_topic'] = prev_topic
|
|
|
|
del entry['prev_subject']
|
|
|
|
|
|
|
|
entry['content'] = prev_content
|
|
|
|
entry['rendered_content'] = prev_rendered_content
|
|
|
|
if 'prev_content' in entry:
|
|
|
|
del entry['prev_rendered_content_version']
|
|
|
|
prev_content = entry['prev_content']
|
|
|
|
prev_rendered_content = entry['prev_rendered_content']
|
|
|
|
entry['content_html_diff'] = highlight_html_differences(
|
|
|
|
prev_rendered_content,
|
2017-10-12 08:38:02 +02:00
|
|
|
entry['rendered_content'],
|
|
|
|
message.id)
|
2017-02-20 00:19:29 +01:00
|
|
|
|
2017-02-20 01:44:12 +01:00
|
|
|
message_history.append(dict(
|
|
|
|
topic = prev_topic,
|
|
|
|
content = prev_content,
|
|
|
|
rendered_content = prev_rendered_content,
|
|
|
|
timestamp = datetime_to_timestamp(message.pub_date),
|
|
|
|
user_id = message.sender_id,
|
|
|
|
))
|
2017-02-20 00:19:29 +01:00
|
|
|
|
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def get_message_edit_history(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
message_id: int=REQ(converter=to_non_negative_int)) -> HttpResponse:
|
2017-07-16 11:00:44 +02:00
|
|
|
if not user_profile.realm.allow_edit_history:
|
|
|
|
return json_error(_("Message edit history is disabled in this organization"))
|
2017-02-20 00:19:29 +01:00
|
|
|
message, ignored_user_message = access_message(user_profile, message_id)
|
|
|
|
|
|
|
|
# Extract the message edit history from the message
|
|
|
|
message_edit_history = ujson.loads(message.edit_history)
|
|
|
|
|
|
|
|
# Fill in all the extra data that will make it usable
|
|
|
|
fill_edit_history_entries(message_edit_history, message)
|
2017-02-20 01:46:07 +01:00
|
|
|
return json_success({"message_history": reversed(message_edit_history)})
|
2017-02-20 00:19:29 +01:00
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def update_message_backend(request: HttpRequest, user_profile: UserMessage,
|
|
|
|
message_id: int=REQ(converter=to_non_negative_int),
|
|
|
|
subject: Optional[Text]=REQ(default=None),
|
|
|
|
propagate_mode: Optional[str]=REQ(default="change_one"),
|
|
|
|
content: Optional[Text]=REQ(default=None)) -> HttpResponse:
|
2016-06-21 21:34:41 +02:00
|
|
|
if not user_profile.realm.allow_message_editing:
|
2017-05-23 22:02:43 +02:00
|
|
|
return json_error(_("Your organization has turned off message editing"))
|
2016-07-11 03:01:03 +02:00
|
|
|
|
2017-02-23 00:24:11 +01:00
|
|
|
message, ignored_user_message = access_message(user_profile, message_id)
|
2016-06-21 21:34:41 +02:00
|
|
|
|
|
|
|
# You only have permission to edit a message if:
|
2017-03-13 14:42:03 +01:00
|
|
|
# you change this value also change those two parameters in message_edit.js.
|
2016-06-21 21:34:41 +02:00
|
|
|
# 1. You sent it, OR:
|
|
|
|
# 2. This is a topic-only edit for a (no topic) message, OR:
|
|
|
|
# 3. This is a topic-only edit and you are an admin.
|
|
|
|
if message.sender == user_profile:
|
|
|
|
pass
|
2016-07-16 18:01:25 +02:00
|
|
|
elif (content is None) and ((message.topic_name() == "(no topic)") or
|
2016-06-21 21:34:41 +02:00
|
|
|
user_profile.is_realm_admin):
|
|
|
|
pass
|
|
|
|
else:
|
|
|
|
raise JsonableError(_("You don't have permission to edit this message"))
|
|
|
|
|
|
|
|
# If there is a change to the content, check that it hasn't been too long
|
|
|
|
# Allow an extra 20 seconds since we potentially allow editing 15 seconds
|
|
|
|
# past the limit, and in case there are network issues, etc. The 15 comes
|
|
|
|
# from (min_seconds_to_edit + seconds_left_buffer) in message_edit.js; if
|
|
|
|
# you change this value also change those two parameters in message_edit.js.
|
|
|
|
edit_limit_buffer = 20
|
2016-07-17 19:40:54 +02:00
|
|
|
if content is not None and user_profile.realm.message_content_edit_limit_seconds > 0:
|
|
|
|
deadline_seconds = user_profile.realm.message_content_edit_limit_seconds + edit_limit_buffer
|
2017-04-15 04:03:56 +02:00
|
|
|
if (timezone_now() - message.pub_date) > datetime.timedelta(seconds=deadline_seconds):
|
2016-07-17 19:40:54 +02:00
|
|
|
raise JsonableError(_("The time limit for editing this message has past"))
|
2016-06-21 21:34:41 +02:00
|
|
|
|
2016-07-11 03:01:03 +02:00
|
|
|
if subject is None and content is None:
|
|
|
|
return json_error(_("Nothing to change"))
|
2016-07-11 02:52:06 +02:00
|
|
|
if subject is not None:
|
|
|
|
subject = subject.strip()
|
|
|
|
if subject == "":
|
|
|
|
raise JsonableError(_("Topic can't be empty"))
|
2016-06-21 21:34:41 +02:00
|
|
|
rendered_content = None
|
2016-12-25 00:44:26 +01:00
|
|
|
links_for_embed = set() # type: Set[Text]
|
Notify offline users about edited stream messages.
We now do push notifications and missed message emails
for offline users who are subscribed to the stream for
a message that has been edited, but we short circuit
the offline-notification logic for any user who presumably
would have already received a notification on the original
message.
This effectively boils down to sending notifications to newly
mentioned users. The motivating use case here is that you
forget to mention somebody in a message, and then you edit
the message to mention the person. If they are offline, they
will now get pushed notifications and missed message emails,
with some minor caveats.
We try to mostly use the same techniques here as the
send-message code path, and we share common code with the
send-message path once we get to the Tornado layer and call
maybe_enqueue_notifications.
The major places where we differ are in a function called
maybe_enqueue_notifications_for_message_update, and the top
of that function short circuits a bunch of cases where we
can mostly assume that the original message had an offline
notification.
We can expect a couple changes in the future:
* Requirements may change here, and it might make sense
to send offline notifications on the update side even
in circumstances where the original message had a
notification.
* We may track more notifications in a DB model, which
may simplify our short-circuit logic.
In the view/action layer, we already had two separate codepaths
for send-message and update-message, but this mostly echoes
what the send-message path does in terms of collecting data
about recipients.
2017-10-03 16:25:12 +02:00
|
|
|
prior_mention_user_ids = set() # type: Set[int]
|
|
|
|
mention_user_ids = set() # type: Set[int]
|
2016-07-11 02:58:23 +02:00
|
|
|
if content is not None:
|
|
|
|
content = content.strip()
|
|
|
|
if content == "":
|
2016-11-09 22:16:12 +01:00
|
|
|
content = "(deleted)"
|
2016-06-21 21:34:41 +02:00
|
|
|
content = truncate_body(content)
|
2016-09-14 21:58:44 +02:00
|
|
|
|
2017-09-27 15:06:03 +02:00
|
|
|
user_info = get_user_info_for_message_updates(message.id)
|
Notify offline users about edited stream messages.
We now do push notifications and missed message emails
for offline users who are subscribed to the stream for
a message that has been edited, but we short circuit
the offline-notification logic for any user who presumably
would have already received a notification on the original
message.
This effectively boils down to sending notifications to newly
mentioned users. The motivating use case here is that you
forget to mention somebody in a message, and then you edit
the message to mention the person. If they are offline, they
will now get pushed notifications and missed message emails,
with some minor caveats.
We try to mostly use the same techniques here as the
send-message code path, and we share common code with the
send-message path once we get to the Tornado layer and call
maybe_enqueue_notifications.
The major places where we differ are in a function called
maybe_enqueue_notifications_for_message_update, and the top
of that function short circuits a bunch of cases where we
can mostly assume that the original message had an offline
notification.
We can expect a couple changes in the future:
* Requirements may change here, and it might make sense
to send offline notifications on the update side even
in circumstances where the original message had a
notification.
* We may track more notifications in a DB model, which
may simplify our short-circuit logic.
In the view/action layer, we already had two separate codepaths
for send-message and update-message, but this mostly echoes
what the send-message path does in terms of collecting data
about recipients.
2017-10-03 16:25:12 +02:00
|
|
|
prior_mention_user_ids = user_info['mention_user_ids']
|
2017-01-24 02:07:51 +01:00
|
|
|
|
2017-01-22 05:55:30 +01:00
|
|
|
# We render the message using the current user's realm; since
|
|
|
|
# the cross-realm bots never edit messages, this should be
|
|
|
|
# always correct.
|
|
|
|
# Note: If rendering fails, the called code will raise a JsonableError.
|
2016-09-15 00:24:44 +02:00
|
|
|
rendered_content = render_incoming_message(message,
|
2017-01-22 05:55:30 +01:00
|
|
|
content,
|
2017-09-27 15:06:03 +02:00
|
|
|
user_info['message_user_ids'],
|
2017-01-22 05:55:30 +01:00
|
|
|
user_profile.realm)
|
2016-10-27 12:06:44 +02:00
|
|
|
links_for_embed |= message.links_for_preview
|
2016-07-11 03:01:03 +02:00
|
|
|
|
Notify offline users about edited stream messages.
We now do push notifications and missed message emails
for offline users who are subscribed to the stream for
a message that has been edited, but we short circuit
the offline-notification logic for any user who presumably
would have already received a notification on the original
message.
This effectively boils down to sending notifications to newly
mentioned users. The motivating use case here is that you
forget to mention somebody in a message, and then you edit
the message to mention the person. If they are offline, they
will now get pushed notifications and missed message emails,
with some minor caveats.
We try to mostly use the same techniques here as the
send-message code path, and we share common code with the
send-message path once we get to the Tornado layer and call
maybe_enqueue_notifications.
The major places where we differ are in a function called
maybe_enqueue_notifications_for_message_update, and the top
of that function short circuits a bunch of cases where we
can mostly assume that the original message had an offline
notification.
We can expect a couple changes in the future:
* Requirements may change here, and it might make sense
to send offline notifications on the update side even
in circumstances where the original message had a
notification.
* We may track more notifications in a DB model, which
may simplify our short-circuit logic.
In the view/action layer, we already had two separate codepaths
for send-message and update-message, but this mostly echoes
what the send-message path does in terms of collecting data
about recipients.
2017-10-03 16:25:12 +02:00
|
|
|
mention_user_ids = message.mentions_user_ids
|
|
|
|
|
2017-01-24 02:07:12 +01:00
|
|
|
number_changed = do_update_message(user_profile, message, subject,
|
Notify offline users about edited stream messages.
We now do push notifications and missed message emails
for offline users who are subscribed to the stream for
a message that has been edited, but we short circuit
the offline-notification logic for any user who presumably
would have already received a notification on the original
message.
This effectively boils down to sending notifications to newly
mentioned users. The motivating use case here is that you
forget to mention somebody in a message, and then you edit
the message to mention the person. If they are offline, they
will now get pushed notifications and missed message emails,
with some minor caveats.
We try to mostly use the same techniques here as the
send-message code path, and we share common code with the
send-message path once we get to the Tornado layer and call
maybe_enqueue_notifications.
The major places where we differ are in a function called
maybe_enqueue_notifications_for_message_update, and the top
of that function short circuits a bunch of cases where we
can mostly assume that the original message had an offline
notification.
We can expect a couple changes in the future:
* Requirements may change here, and it might make sense
to send offline notifications on the update side even
in circumstances where the original message had a
notification.
* We may track more notifications in a DB model, which
may simplify our short-circuit logic.
In the view/action layer, we already had two separate codepaths
for send-message and update-message, but this mostly echoes
what the send-message path does in terms of collecting data
about recipients.
2017-10-03 16:25:12 +02:00
|
|
|
propagate_mode, content, rendered_content,
|
|
|
|
prior_mention_user_ids,
|
|
|
|
mention_user_ids)
|
|
|
|
|
2017-01-24 02:07:12 +01:00
|
|
|
# Include the number of messages changed in the logs
|
|
|
|
request._log_data['extra'] = "[%s]" % (number_changed,)
|
2017-03-13 14:42:03 +01:00
|
|
|
if links_for_embed and bugdown.url_embed_preview_enabled_for_realm(message):
|
2016-10-27 12:06:44 +02:00
|
|
|
event_data = {
|
|
|
|
'message_id': message.id,
|
|
|
|
'message_content': message.content,
|
2017-02-23 06:20:01 +01:00
|
|
|
# The choice of `user_profile.realm_id` rather than
|
|
|
|
# `sender.realm_id` must match the decision made in the
|
|
|
|
# `render_incoming_message` call earlier in this function.
|
|
|
|
'message_realm_id': user_profile.realm_id,
|
2016-10-27 12:06:44 +02:00
|
|
|
'urls': links_for_embed}
|
2017-11-24 13:18:46 +01:00
|
|
|
queue_json_publish('embed_links', event_data)
|
2013-12-12 18:36:32 +01:00
|
|
|
return json_success()
|
|
|
|
|
2017-05-14 21:14:26 +02:00
|
|
|
|
|
|
|
@has_request_variables
|
2017-11-27 09:28:57 +01:00
|
|
|
def delete_message_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
message_id: int=REQ(converter=to_non_negative_int)) -> HttpResponse:
|
2017-05-14 21:14:26 +02:00
|
|
|
message, ignored_user_message = access_message(user_profile, message_id)
|
2017-11-08 13:40:46 +01:00
|
|
|
is_user_allowed_to_delete_message = user_profile.is_realm_admin or \
|
|
|
|
(message.sender == user_profile and user_profile.realm.allow_message_deleting)
|
|
|
|
if not is_user_allowed_to_delete_message:
|
2017-05-14 21:14:26 +02:00
|
|
|
raise JsonableError(_("You don't have permission to edit this message"))
|
|
|
|
do_delete_message(user_profile, message)
|
|
|
|
return json_success()
|
|
|
|
|
2013-12-12 18:36:32 +01:00
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def json_fetch_raw_message(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
message_id: int=REQ(converter=to_non_negative_int)) -> HttpResponse:
|
2016-10-12 02:14:08 +02:00
|
|
|
(message, user_message) = access_message(user_profile, message_id)
|
2013-12-12 18:36:32 +01:00
|
|
|
return json_success({"raw_content": message.content})
|
|
|
|
|
|
|
|
@has_request_variables
|
2017-11-27 09:28:57 +01:00
|
|
|
def render_message_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
content: Text=REQ()) -> HttpResponse:
|
2016-11-07 20:40:40 +01:00
|
|
|
message = Message()
|
|
|
|
message.sender = user_profile
|
|
|
|
message.content = content
|
|
|
|
message.sending_client = request.client
|
|
|
|
|
2017-01-18 23:19:18 +01:00
|
|
|
rendered_content = render_markdown(message, content, realm=user_profile.realm)
|
2013-12-12 18:36:32 +01:00
|
|
|
return json_success({"rendered": rendered_content})
|
|
|
|
|
|
|
|
@has_request_variables
|
2017-12-03 18:46:27 +01:00
|
|
|
def messages_in_narrow_backend(request: HttpRequest, user_profile: UserProfile,
|
|
|
|
msg_ids: List[int]=REQ(validator=check_list(check_int)),
|
|
|
|
narrow: Optional[List[Dict[str, Any]]]=REQ(converter=narrow_parameter)
|
|
|
|
) -> HttpResponse:
|
2016-07-30 01:27:56 +02:00
|
|
|
|
2018-01-02 18:33:28 +01:00
|
|
|
first_visible_message_id = get_first_visible_message_id(user_profile.realm)
|
|
|
|
msg_ids = [message_id for message_id in msg_ids if message_id >= first_visible_message_id]
|
2017-06-30 02:24:05 +02:00
|
|
|
# This query is limited to messages the user has access to because they
|
|
|
|
# actually received them, as reflected in `zerver_usermessage`.
|
2013-12-10 23:32:29 +01:00
|
|
|
query = select([column("message_id"), column("subject"), column("rendered_content")],
|
|
|
|
and_(column("user_profile_id") == literal(user_profile.id),
|
|
|
|
column("message_id").in_(msg_ids)),
|
2017-02-22 22:13:57 +01:00
|
|
|
join(table("zerver_usermessage"), table("zerver_message"),
|
2013-12-10 23:32:29 +01:00
|
|
|
literal_column("zerver_usermessage.message_id") ==
|
|
|
|
literal_column("zerver_message.id")))
|
|
|
|
|
2014-02-27 20:09:59 +01:00
|
|
|
builder = NarrowBuilder(user_profile, column("message_id"))
|
2017-03-19 01:46:35 +01:00
|
|
|
if narrow is not None:
|
|
|
|
for term in narrow:
|
|
|
|
query = builder.add_term(query, term)
|
2013-12-12 18:36:32 +01:00
|
|
|
|
2013-12-10 23:32:29 +01:00
|
|
|
sa_conn = get_sqlalchemy_connection()
|
|
|
|
query_result = list(sa_conn.execute(query).fetchall())
|
|
|
|
|
|
|
|
search_fields = dict()
|
|
|
|
for row in query_result:
|
2017-08-18 15:50:54 +02:00
|
|
|
message_id = row['message_id']
|
|
|
|
subject = row['subject']
|
|
|
|
rendered_content = row['rendered_content']
|
|
|
|
|
|
|
|
if 'content_matches' in row:
|
|
|
|
content_matches = row['content_matches']
|
|
|
|
subject_matches = row['subject_matches']
|
|
|
|
search_fields[message_id] = get_search_fields(rendered_content, subject,
|
|
|
|
content_matches, subject_matches)
|
|
|
|
else:
|
|
|
|
search_fields[message_id] = dict(
|
|
|
|
match_content=rendered_content,
|
|
|
|
match_subject=subject
|
|
|
|
)
|
2013-12-10 23:32:29 +01:00
|
|
|
|
|
|
|
return json_success({"messages": search_fields})
|