Commit Graph

269 Commits

Author SHA1 Message Date
Tim Abbott 7d63928fe1 test_signup: Update deactivate realm tests for subdomains.
We add a new test to make sure we cover the potential race condition
with the realm being deactivated after starting the registration
process.
2017-10-01 23:52:08 -07:00
rht 1e87a4b68c zerver/tests: Remove absolute_import. 2017-09-27 10:00:39 -07:00
Vishnu Ks f58c87917e emails: Log emails that are queued or sent in dev environment.
Tweaked by tabbott to add some comments and clarify the code.
2017-09-26 15:02:47 -07:00
Tim Abbott 0d2d9fc30d test_signup: Add checks for messages sent on invited user signup.
Previously, we didn't have a test that verified that these notices
were sent.
2017-09-25 13:58:41 -07:00
Tim Abbott 5159151e5f test_signup: Remove unnecessary realm_name/realm_subdomain arguments.
These arguments are only intended to be used for realm creation, and
they make the code more confusing.

We need to make a few changes after doing this, because some tests
were relying on these extra arguments causing the form to not submit
for their error handling.

We don't apply these changes to the LDAP tests, since fixing those
seems complicated.
2017-09-25 06:45:56 -07:00
Tim Abbott 163da73d2d test_signup: Hardcode REALMS_HAVE_SUBDOMAINS for mirror dummy tests.
This also fixes the fact that this code path was randomly setting a
bunch of fields only used in realm creation in the registration form.
2017-09-25 06:14:38 -07:00
Vishnu Ks b4fedaa765 backend: Add support for multiuse user invite link. 2017-09-22 07:56:53 -07:00
Rishi Gupta 6ec3595b77 emails: Change enqueue_welcome_emails to take a user rather than user_id. 2017-09-22 06:20:33 -07:00
Rishi Gupta a7c8770f97 emails: Move enqueue_welcome_emails outside of signups queue.
The only thing this queue should do is sign you up for the newsletter, since
it is only populated if newsletter_data is not None.
2017-09-22 06:20:33 -07:00
Tim Abbott 7554958316 test_signup: Add a test for invite emails being cleared. 2017-09-21 06:15:11 -07:00
Tim Abbott f706f657c0 signup: Fix invitation emails not being cleared properly.
Previously, invitation reminder emails were only being cleared after a
successful signup if newsletter_data was available, since that was the
circumstance in which we were calling the relevant queue processor
code.  Now, we (1) clear them when a human user finishes signing up
and (2) correctly clear them using the 'address' field of
ScheduleEmail, not user_id.
2017-09-21 06:15:11 -07:00
Steve Howell 7159f34bed Avoid getting realm emoji unless there is emoji syntax. 2017-09-15 01:09:08 -07:00
Steve Howell 8a941d03ae Avoid querying streams unless there are stream links. 2017-09-15 01:09:08 -07:00
Steve Howell c3032a7fe8 Avoid looking up emails when rendering messages.
We now fetch email -> id mappings for messages ONLY if
it potentially uses the !avatar(foo@example.com) syntax.
2017-09-15 01:09:08 -07:00
Steve Howell d723be125a Optimize get_recipient_info() for sending messages.
This commit makes get_recipient_info() faster by never creating
Django ORM objects.  We use the ORM to create a values query
instead, and then we iterate over the rows to create various
collections of ids.

In order to avoid lots of code duplication, this commit unifies
how we query UserProfile for PMs and streams.  Prior to this
commit we were getting "wide" UserProfile objects out of
our memcached cache.  Now we just go to the database with our
list of userids.  The new approach at worst adds one hop to the
database for PMs, which aren't really a performance bottleneck
(compared to streams).  And the new approach actually saves a
hop when both partners aren't in cache (plus we don't pay the
penalty of hitting the cache itself).

The performance improvement here is easy to measure for messages
to streams with many users, even with all the other activity
that goes on inside do_send_messages().  I took test_performance()
in test_messages.py, set num_extra_users to 3000, and consistently
measured a ~20% speedup in do_send_messages().

This commit also eliminates fetching of emails.  We probably
could have done that in a prior commit, but in this commit it
is very explicit that we don't need it.  While removing email
from the query is a no-brainer, it actually had a negigible
impact on performance.  Almost all the savings here comes from
not create UserProfile objects.
2017-09-12 04:22:55 -07:00
Steve Howell f5edeb01ae Calculate idle users more efficiently when sending messages.
Usually a small minority of users are eligible to receive missed
message emails or mobile notifications.

We now filter users first before hitting UserPresence to find idle
users.  We also simply check for the existence of recent activity
rather than borrowing the more complicated data structures that we
use for the buddy list.
2017-09-07 06:59:44 -07:00
Rishi Gupta c1997e759c password_reset: Change email to be appropriate for obtaining first password.
The situation if, for instance, the user signed up via google auth, and now
needs a password to get their API key.
2017-08-28 20:39:53 -07:00
Tim Abbott 50f5560bd1 accounts: Standardize URL for find_account.
This changes it to match the /accounts/ URL style for all of our other
auth code path endpoints.
2017-08-28 14:36:59 -07:00
Tim Abbott ac0d90e533 portico: Rename 'find_my_team' to 'find_account'. 2017-08-28 14:29:29 -07:00
Umair Khan ecfafc05c0 registration: Use already_registered to show error.
Use this new variable to determine if the user already exists while
doing registration. While doing login through GitHub if we press
*Go back to login*, we pass email using email variable. As a result,
the login page starts showing the "User already exists error" if we
don't change the variable.
2017-08-28 07:02:11 -07:00
Tim Abbott f48bad2734 test_signup: Remove now-unnecessary mocking of subdomain. 2017-08-26 13:45:27 -07:00
Tim Abbott 9c85ccf70f test_signup: Use HostRequestMock.
PostRequestMock is less useful and going to break soon.
2017-08-26 13:45:27 -07:00
Umair Khan 9720d3a986 accounts_register: Use redirect_to_deactivation_notice. 2017-08-25 00:09:06 -07:00
Umair Khan 43c40f6144 Add tests for deactivation notice. 2017-08-25 00:09:06 -07:00
Tim Abbott e2ae096035 test_signup: Fix coverage of remaining find_my_team code. 2017-08-24 23:30:46 -07:00
Tim Abbott 59aae22f99 registration: Fix find_my_team handling of unusual users. 2017-08-24 23:17:08 -07:00
Tim Abbott ca7075a0a8 test_signup: Clean up find_my_team test suite. 2017-08-24 23:17:08 -07:00
Tim Abbott eb720485c5 tests: Add and use new self.subscribe.
This new method cleans up the API for subscribing to something from a
test case.
2017-08-24 21:37:57 -07:00
Tim Abbott 60105fe38a registration: Remove accounts_home_with_realm_str.
This was the old mechanism for logging into a specific realm on a
server with more than one not using REALMS_HAVE_SUBDOMAINS.
2017-08-24 20:44:52 -07:00
Tim Abbott 3d4893d906 settings: Rename SUBDOMAINS_HOMEPAGE to ROOT_DOMAIN_LANDING_PAGE.
This new setting name is a lot more readable.
2017-08-24 19:32:16 -07:00
Tim Abbott 8b0c0c33b5 login: Fix logging for login/register actions.
Previously, Zulip's server logs would not show which user or client
was involved in login or user registration actions, which made
debugging more annoying than it needed to be.
2017-08-24 16:29:27 -07:00
Tim Abbott 8a65fdce49 subdomains: Fix over-aggressive redirect to find_my_team.
If the root domain is a valid subdomain, we don't want to redirect
everyone away from it.
2017-08-23 20:07:17 -07:00
Steve Howell 54edecd510 Replace adddressee.for_email() with for_user_profile().
This requires us to change not just the immediate caller, but
also some of their callers, to pass user_profile objects around
instead of emails.
2017-08-22 10:42:15 -07:00
Steve Howell e12da79732 create_realm: Redirect to a nice error page for SMTP errors.
Fixes #3850
2017-08-21 15:39:26 -07:00
Steve Howell 99e08fe49a accounts_home: Redirect to nice error page for SMTP errors. 2017-08-21 15:39:26 -07:00
Tim Abbott 353a61b1d8 test_signup: Clean up re-fetching of user objects. 2017-08-15 12:52:23 -07:00
Tim Abbott 1d10941712 register: Don't display field to enter password unless needed.
This should significantly improve the user experience for new users
signing up with GitHub/Google auth.  It comes complete with tests for
the various cases.  Further work may be needed for LDAP to not prompt
for a password, however.

Fixes #886.
2017-08-09 13:44:57 -07:00
Rishi Gupta 251bd3e577 registration.py: Remove first_in_realm from accounts_register.
The parent commit implies first_in_realm == realm_creation.
2017-08-05 10:17:14 -07:00
Vaida Plankyte 02d65a67af frontend: Edit confirm_continue_registration.html to be clearer.
Fixes #5707.
2017-08-02 08:51:25 -07:00
Rishi Gupta a51d8d4251 realm creation: Change initial realm messages and streams. 2017-08-01 22:38:22 -07:00
Tim Abbott ed10ce70d4 invites: Migrate to non-legacy API format.
This has the side effect of making it possible for a bot user to
invite users with its API key, which seems useful.
2017-07-31 13:08:06 -07:00
Jack Zhang e915321f89 registration: Remove organization type selection in realm creation. 2017-07-21 13:09:06 -07:00
Rishi Gupta 0f4b71b766 confirmation: Liberate get_link_for_object from ConfirmationManager. 2017-07-17 23:18:47 -07:00
Aditya Bansal f2d6194ae1 actions: Start logging subscription activities in RealmAuditLog. 2017-07-17 17:23:41 -07:00
Rishi Gupta ea8c1c3cad emails: Use ScheduledEmail.user in send_future_email. 2017-07-17 16:05:38 -07:00
Rishi Gupta aa845e7f60 models: Replace ScheduledJob with ScheduledEmail.
ScheduledJob was written for much more generality than it ended up being
used for. Currently it is used by send_future_email, and nothing
else. Tailoring the model to emails in particular will make it easier to do
things like selectively clear emails when people unsubscribe from particular
email types, or seamlessly handle using the same email on multiple realms.
2017-07-17 16:05:38 -07:00
Rishi Gupta 898269bbac email: Change send_email to raise exception on failure.
More in line with how we do error handling in the rest of Zulip.
2017-07-16 16:56:39 -07:00
Rishi Gupta f1aaf4cc33 emails: Remove the display_email function.
No longer needed, since this now only appears in build_email.
2017-07-16 16:56:39 -07:00
Rishi Gupta eacdb0b302 emails: Change welcome emails to use to_user_id. 2017-07-16 16:56:39 -07:00
Rishi Gupta b0d325b8c5 emails: Change send_future_email to accept a to_user_id.
Also changes digest emails to use a to_user_id instead of a to_email.
2017-07-16 16:56:39 -07:00
neiljp (Neil Pilgrim) 8611a2cafa tidying: Combine multiple 'import typing' lines onto one line. 2017-07-16 16:43:21 -07:00
James Rowan 92c2d93ea3 tests: Enforce new custom sender names and addresses. 2017-07-13 14:50:36 -07:00
Vishnu Ks ba4ea7dd8a notifications.py: Replace get_user_profile_by_email.
Replace with get_user.
2017-07-13 00:45:24 +05:30
Aditya Bansal 2643a40176 pep8: Add compliance with rule E261 to tests/test_signup.py. 2017-07-11 15:17:32 -07:00
Rishi Gupta 8fed9eeb75 confirmation: Make host a required argument in get_link_for_object.
Removes some lines of test from test_email_change.py. The relevant code path
was never utilized by the code itself, just by the tests.
2017-07-07 18:53:00 -07:00
Vaida d5517bae36 Delete the old zulip.com "referrals" system.
This system hasn't been in active use for several years, and had some 
problems with it's design.  So it makes sense to just remove it to declutter
the codebase.

Fixes #5655.
2017-07-07 14:59:18 -07:00
neiljp (Neil Pilgrim) f1a8148242 mypy: Set remote_username parameter to Optional[Text] based on a test. 2017-07-07 10:56:33 -07:00
neiljp (Neil Pilgrim) a84d7b8581 mypy: Specify type of 'user_profile = None' as Optional[UserProfile]. 2017-07-07 10:56:33 -07:00
James Rowan 388cef900e tests: Enforce that activation emails come from NOREPLY address. 2017-07-05 15:19:00 -07:00
James Rowan d88e7308bf emails: Add a FromAddress class to control access to certain settings emails.
No change in behavior.

Also makes the first step towards converting all uses of
settings.ZULIP_ADMINISTRATOR and settings.NOREPLY_EMAIL_ADDRESS to
FromAddress.*.

Once everything is converted, it will be easier to ensure that future
development doesn't break backwards compatibility with the old style of
settings emails.
2017-07-04 14:25:01 -07:00
James Rowan 368bd66d8b emails: Refactor send_email functions to take both a sender name and address.
This will allow for customized senders for emails, e.g. 'Zulip Digest' for
digest emails and 'Zulip Missed Messages' for missed message emails.

Also:
* Converts the sender name to always be "Zulip", if the from_email used to
  be settings.NOREPLY_EMAIL_ADDRESS or settings.ZULIP_ADMINISTRATOR.

* Changes the default value of settings.NOREPLY_EMAIL_ADDRESS in the
  prod_setting_template to no longer have a display name. The only use of
  that display name was in the email pathway.
2017-07-04 14:25:01 -07:00
Rishi Gupta 36cd122905 models: Change default org_type to CORPORATE.
Once we implement org_type-specific features, it'll be easy to change a
corporate realm to a community realm, but hard to go the other way. The main
difference (the main thing that makes migrating from a community realm to a
corporate realm hard) is that you'd have to make everyone sign another terms
of service.
2017-06-29 15:14:58 -07:00
Vishnu Ks 00668c7bbd registration.py: Send pms from welcome-bot on user creation. 2017-06-25 11:23:45 -04:00
Tim Abbott 93ea4128ac auth: Require the realm_name field in RegistrationForm.
Previously, the only required field in RegistrationForm was the full
name (and possibly ToS, depending on settings).  This meant that if
LDAP was configured, realm creation would break, because the form
would be valid the first time one landed on it, before the user even
filled it out!

The correct fix is to make the extra fields required in
RegistrationForm in the event that we're doing realm creation.

It's possible that a cleaner fix would be to use a subclass.

With a test from Umair Waheed Khan.

Fixes #5387.
2017-06-15 11:04:25 -07:00
Rishi Gupta 3332ebaf22 emails: Remove confirmation_registration_mit.
Not enough new Zephyr signups to justify the carrying cost :(.
2017-06-12 23:02:28 -07:00
Rishi Gupta 215568aae2 actions.py: Remove transaction.atomic from do_start_email_change_process.
Don't think it's necessary?
2017-06-12 23:02:28 -07:00
Rishi Gupta 15b967fc3e emails: Move support_email into a common context. 2017-06-10 01:25:44 -07:00
Rishi Gupta 056489c247 emails: Move verbose_support_offers into a common context.
Server settings should just be added to the context in build_email, so that
the individual email pathways (and later, the email testing framework)
doesn't have to worry about it.
2017-06-10 01:16:03 -07:00
Tim Abbott 1549f8773e portico: Always display org info when a server has only 1 realm.
Previously, we were incorrectly using the get_unique_open_realm
function to determine whether we're in the (common) single-realm
server case and should just display an org-info-enabled login form on
the homepage.

Now, we use a slightly different function extracted from
get_unique_open_realm that doesn't check whether the realm is
invite-only.

Fixes #4841.
2017-06-02 15:00:22 -07:00
Tim Abbott 1f48fa2767 invite: Fix invite_by_admins_only to be enforced in backend.
This is CVE-2017-0896.

Apparently, this setting never actually was wired up to anything other
than hiding the UI widget.

Huge thanks to Ibram Marzouk from the HackerOne community for finding
this security bug.
2017-06-01 17:24:29 -07:00
Vishnu Ks c4db3b7d1c Replace cordelia@zulip.com with example_email('cordelia'). 2017-05-24 19:37:36 -07:00
Vishnu Ks 961b35d52e Replace iago@zulip.com with example_email('iago'). 2017-05-24 19:37:36 -07:00
Vishnu Ks 5230eaef1c Replace hamlet@zulip.com with example_email('hamlet'). 2017-05-24 19:37:36 -07:00
Tim Abbott 6aaca44e17 tests: Fix str/Text mypy issues in various tests. 2017-05-24 15:19:38 -07:00
Rick Chern e53d1c3885 tests: Remove get_user_profile_by_email from most tests. 2017-05-24 13:05:19 -07:00
umkay ccc70445d6 mypy: Fix strict-optional errors for test files.
Fix mypy --strict-optional errors in zerver/tests
2017-05-24 12:43:28 -07:00
Vishnu Ks c680c5f1e8 Replace sipbtest@mit.edu with mit_user('sipbtest'). 2017-05-22 19:02:42 -07:00
Tim Abbott 040067b2a2 invite: Remove obsolete bulk_invite_users endpoint. 2017-05-17 17:30:15 -07:00
Steve Howell e2732dabf3 Send welcome messages as part of /create_realm flow.
We now pre-populate the streams in DEFAULT_NEW_REALM_STREAMS
(social/general/zulip, unless somebody changes settings.py) with
welcome messages.  This makes the streams appear to be active
right away, and it also gives the Zulip realm less of a
blank-slate feeling when you create it.

This change only affects the normal web-based create-realm flow.
It doesn't impact the management commands for creating realms
or setting default streams.
2017-05-15 20:38:08 -07:00
Tim Abbott 51978d0f89 tests: Fix failing login tests.
Apparently I missed these when updating
4d2bb0dec8.
2017-05-13 13:05:15 -07:00
Umair Khan d56db0a3b4 auth.py: Add confirmation handlers for signup.
These handlers will kick into action when is_signup is False. In case
the account exists, the user will be logged in, otherwise, user will
be asked if they want to proceed to registration.
2017-05-10 17:20:34 -07:00
Steve Howell 942db9b6c5 tests: Added ZulipTestCase.example_user() function.
The example_user() function is specifically designed for
AARON, hamlet, cordelia, and friends, and it allows a concise
way of using their built-in user profiles. Eventually, the
widespread use of example_user() should help us with refactorings
such as moving the tests users out of the "zulip.com" realm
and deprecating get_user_profile_by_email.
2017-05-08 11:57:38 -07:00
Rishi Gupta 6a8ed81439 send_email: Remove tags argument from send_future_email.
The tags argument was only being used by the Mandrill pathway, which is no
longer around.
2017-05-05 14:38:25 -07:00
Rishi Gupta 6b9f25a58a Remove duplicated code between send_future_email and send_email pathway.
Note that this change restricts the context for any template that uses
send_future_email to be jsonable.
2017-05-05 14:38:25 -07:00
Rishi Gupta 72ee5e5159 email: Make context for invitation_reminder template jsonable.
We are about to change send_future_email in a way that will require all
callers to use jsonable context.
2017-05-05 14:38:25 -07:00
Rishi Gupta 68c172192b email.py: Change recipients argument of send_future_email to to_email. 2017-05-05 14:38:25 -07:00
Rishi Gupta 0d4c1b0467 notifications: Move send_future_email to zerver/lib/send_email.py. 2017-05-05 14:38:25 -07:00
Rishi Gupta d70e09b41d notifications: Change sender arg of send_future_email to from_email.
This commit is a step towards the goal of replacing most of the
send_future_email pathway with a call to send_email.

Note that this commit changes the default value of sender from "Zulip
<NOREPLY_EMAIL_ADDRESS>" to "NOREPLY_EMAIL_ADDRESS". NOREPLY_EMAIL_ADDRESS
will soon be changed to have the Zulip in front.
2017-05-05 14:38:25 -07:00
Rishi Gupta 7741e099fc notifications.py: Merge send_local_email_template_with_delay into callers.
Note that the correctness of this commit relies on the fact that
send_future_email also sets the sender to settings.NOREPLY_EMAIL_ADDRESS by
default (in the body of the function).
2017-05-05 14:20:32 -07:00
Rishi Gupta a413b0dbad notifications: Change send_future_email to take a template_prefix.
Also reorders the arguments a bit to better match
zerver.lib.send_email.send_email.
2017-05-05 14:20:32 -07:00
Rishi Gupta cf38fd156b digest.py: Merge send_digest_email into its callers.
Most of the functionality of send_digest_email is being standardized in
zerver.lib.notifications.send_future_email.
2017-05-05 14:20:32 -07:00
Rishi Gupta 55a7aa4f9d test_signup: Add dnslookup patch for mirror_dummy_user registration test.
Fixes regression introduced in 326f9a85. The test indirectly makes a call to
email_is_not_mit_mailing_list, which then calls
DNS.dnslookup("%s.pobox.ns.athena.mit.edu" % username, DNS.Type.TXT).
2017-05-05 14:20:32 -07:00
hackerkid af612a7e1d Extend test_user_default_language to include timezone test.
This renames the function to test_user_default_language_and_timezone.
2017-05-04 16:37:00 -07:00
Rishi Gupta 26ac344b19 email: Move and rename invitation_reminder_email templates. 2017-05-03 23:26:14 -07:00
Rishi Gupta 326f9a8506 email: Fix zephyr mirror registration email not working with subdomains.
If a user is trying to register for a mit zephyr mirroring realm, we send
them a specific registration email with a link to a few more instructions.

There is only one server that we know about that has such a realm, and that
server uses subdomains. This commit changes the logic to work in the
subdomains case, rather than in the non-subdomains case (though see next
para).

Note that the current check is deceptive, and is not actually correct in the
non-subdomains case. The prereg user has a realm only in the atypical case
of someone registering via the special URL for completely-open realms.

To do this correctly in the non-subdomains case, we would need to copy a
bunch of the logic from the beginning of accounts_register to figure out
which realm the user is signing up for, so that we can check if that realm
is a zephyr mirroring realm. Given how complicated the registration code is
already, I think it is probably not worth it at the moment. This commit also
removes the partial (deceptive) check, since I think it does more harm than
good.
2017-05-03 20:52:24 -07:00
Tim Abbott 45b2b25026 mobile: Add mobile one-time-pad library.
We'll need to implement a version of the simple decoding/decryption
logic used by this library in the mobile code as well, but that should
be simple enough.
2017-04-28 11:47:35 -07:00
Brock Whittaker 7afbc9ddd6 Redesign login and registration pages.
This completes a major redesign of the Zulip login and registration
pages, making them look much more slick and modern.

Major features include:
* Display of the realm name, description and icon on the login page
  and registration pages in the subdomains case.
* Much slicker looking buttons and input fields.
* A new overall style for the exterior of these portico pages.
2017-04-26 18:04:05 -07:00
Umair Khan 556264f3d7 reset_password: Modify password reset email if email is in wrong realm.
This fixes a confusing issue where a user might try resetting the
password for an email account that in part of a different Zulip
organization.

Is a useful early step towards making Zulip support reusing an email
in multiple realms.

Fixes: #4557.
2017-04-24 21:58:29 -07:00
Aditya Bansal bdcddd35d0 tests: Add wrapper for client.logout in ZulipTestCase.
In this commit we add a logout wrapper so as to enable developers
to just do self.logout instead of doing a post request at API
endpoint for logout. This is achieved by adding a wrapper function
for the Django's client.logout contained in TestCase. We add this
by extending ZulipTestCase to have a logout function.
2017-04-21 21:45:55 -07:00
Umair Khan 8b88cfc84b redirect_and_log_into_subdomain: Handle is_signup. 2017-04-20 11:11:54 -07:00