Commit Graph

10 Commits

Author SHA1 Message Date
Steve Howell 313f73258d Allow admins to delete private streams (backend only).
This is the backend piece.  Getting the UI right here is a bit
more complicated here, but this allows admins to use the API
to delete streams.
2017-08-27 19:08:04 -07:00
Tim Abbott a6a3915dd7 messages: Move is_public_stream out of views code.
The main purpose of this change is to minimize access to get_stream in
views code.
2017-08-15 10:06:26 -07:00
Vaida Plankyte 0352ad517b streams.py: Use the singular 'they' pronoun. 2017-07-05 09:27:44 -07:00
Aditya Bansal 6ad22f4092 pep8: Add compliance with rule E261 to streams.py. 2017-05-07 23:21:50 -07:00
Akash Kothawale 4c2bfae83e get_stream: Throw DoesNotExist if stream is not found.
This makes get_stream match get_realm, get_user_profile_by_email,
etc., in interface, and is more convenient for mypy annotations
because `get_stream` now doesn't return an Optional[Stream].
2017-03-23 15:42:00 -07:00
Tim Abbott 1bbf0f9a98 streams: Consider stream name validation logic. 2017-01-29 22:07:14 -08:00
Tim Abbott 884aa2b184 streams: Eliminate last use of get_stream in views. 2017-01-29 22:07:14 -08:00
Tim Abbott bc2f23383e streams: Move list_to_streams to lib. 2017-01-29 20:26:59 -08:00
Tim Abbott 02f5ef1d23 streams: Move filter_stream_authorization to lib. 2017-01-29 20:26:59 -08:00
Tim Abbott 0af34ee710 streams: Add zerver/lib/streams.py library for security checks.
The goal of this library is to make it a lot easier to prevent bugs
like CVE-2017-0881 by having all of our views logic for fetching a
stream go through a couple carefully tested code paths.
2017-01-29 20:26:58 -08:00