Fix login popup on cross-realm authenticated content previews

We were serving 401s on /user_uploads when the user wasn't authenticated (due to
it being a REST endpoint).  This was causing a login popup to display instead of
just a broken image preview.

(imported from commit 62640f5bd59eb3b86ab5aae5923ccfa742459805)

zerver/views/__init__.py

@@ -1446,12 +1446,14 @@ def json_upload_file(request, user_profile):
     uri = upload_message_image_through_web_client(request, user_file, user_profile)
     return json_success({'uri': uri})
 
+@login_required(login_url = settings.HOME_NOT_LOGGED_IN)
 @has_request_variables
-def get_uploaded_file(request, user_profile, realm_id, filename,
+def get_uploaded_file(request, realm_id, filename,
                       redir=REQ(validator=check_bool, default=True)):
     if settings.LOCAL_UPLOADS_DIR is not None:
         return HttpResponseForbidden() # Should have been served by nginx
 
+    user_profile = request.user
     url_path = "%s/%s" % (realm_id, filename)
 
     if realm_id == "unk":

zproject/urls.py

@@ -163,8 +163,7 @@ urlpatterns += patterns('zerver.views',
     url(r'^api/v1/external/freshdesk$',     'webhooks.api_freshdesk_webhook'),
     url(r'^api/v1/external/zendesk$',       'webhooks.api_zendesk_webhook'),
 
-    url(r'^user_uploads/(?P<realm_id>(\d*|unk))/(?P<filename>.*)', 'rest_dispatch',
+    url(r'^user_uploads/(?P<realm_id>(\d*|unk))/(?P<filename>.*)', 'get_uploaded_file'),
-        {'GET': 'get_uploaded_file'}),
 )
 
 # JSON format views used by the redesigned API, accept basic auth username:password.