Commit Graph

35441 Commits

Author SHA1 Message Date
Mateusz Mandera e86cfbdbd7 rate_limiter: Store data in request._ratelimits_applied list.
The information used to be stored in a request._ratelimit dict, but
there's no need for that, and a list is a simpler structure, so this
allows us to simplify the plumbing somewhat.
2020-04-08 10:29:18 -07:00
Mateusz Mandera 9911c6a0f0 rate_limiter: Put secs_to_freedom as message when raising RateLimited.
That's the value that matters to the code that catches the exception,
and this change allows simplifying the plumbing somewhat, and gets rid
of the get_rate_limit_result_from_request function.
2020-04-08 10:29:18 -07:00
Steve Howell e64059de79 node tests: Remove most test_log length assertions.
For all the places where we just make zero or one
blueslip call, asserting for length is either
unnecessary or overkill.
2020-04-08 11:37:27 -04:00
Steve Howell 9943a07e8c node tests: Improve handling of blueslip.fatal().
We now use `assert.throws()` to test that we're
properly calling `blueslip.fatal`.

In order to not break line coverage here, we have
to remove an unreachable `return` in `stream_data.js`.

Usually we test `fatal` for line coverage reasons.
Most places where we use `blueslip.fatal` fall in
these categories:

    * the code is theoretically unreachable, but
      we have `blueslip.fatal` for defensive reasons

    * we have some upstream bug that we should just
      fix

    * the code should recover gracefully and just
      use blueslip.errors()

It's possible that we should eliminate `blueslip.fatal`
from our API and just throw errors when really important
invariants get broken.  This will make it more obvious
to somebody reading the code that we're not going to
continue after the call, and `blueslip` already knows
how to catch exceptions and report them.
2020-04-08 11:37:27 -04:00
majordwarf 8ea3bfb927 todo_list: Fix list item indexing in race condition.
The todo_widget was using the using a counter to store the key value of
every task. This would cause assiging multiple tasks the same key value
in a race condition. To avoid this we make "sender_id" a part of the key
along with the counter.

Also the `key` now not being a integer value, we can't use it to find the
index of the task using it. Thus, a function is made that will find the
index of task whose key is sent by the user to strike.
2020-04-08 06:56:21 -04:00
Steve Howell b8ef841867 drafts: Fade the "Draft saved" a little more slowly.
300ms is a pretty short amount of time
2020-04-07 20:58:42 -07:00
Wyatt Hoodes 13f86f35d9 zcommand: Add `/fluid-width` and `/fixed-width` slash commands. 2020-04-07 20:54:34 -07:00
Wyatt Hoodes 5cf8ddf630 typeahead: Add day and night mode slash command typeaheads. 2020-04-07 20:54:34 -07:00
Wyatt Hoodes 4d6755a807 zcommand.py: Clean up backend logic.
This commit contains a few clean ups:

* In order to scale better for adding multiple commands,
the message formatting and setting switch logic was
extracted to its own function.

* The command lists were removed, as the frontend parses
the slash command from the compose box, and only sends
a single command to the backend for any given command
alias typed.

* The `switch_command` logic was removed because, given
the aforementioned fact, the index of the command will
always be the same. Thus the switch command will always
be the same.

* Switched to using early returns as opposed to nested
conditionals.  Along with removing single use variable
declarations.
2020-04-07 20:54:34 -07:00
Tim Abbott 0599273cfa bitbucket: Fix support for pushes that update a tag.
Previously, we threw an exception if created/closed were both unset;
apparently that can happen when pushing an update to a tag.
2020-04-07 17:00:20 -07:00
Vishnu KS abad5365fa tools: Move duplicate_commits.json file to tools directory.
This is a prep commit for generating /team page data
using cron job. zerver/tests directory is not present in
production installation. So moving the file from the directory
tests to tools.
2020-04-07 16:06:29 -07:00
Tim Abbott 7990676583 message edit: Add frontend support for stream-change events.
This is part of #6427, adding support for live-updating the Zulip UI
to move messages to a new topic.

As noted in the comments, there is still a bug to be fixed here
involving guest users, but the overall implementation is pretty well
tested manually (which is how we test most message-edit UI work since
there's so much complexity involved).

Co-Authored-By: Wbert Adrián Castro Vera <wbertc@gmail.com>
2020-04-07 14:20:08 -07:00
Tim Abbott 843345dfee message_edit: Add backend for moving a topic to another stream.
This commit reuses the existing infrastructure for moving a topic
within a stream to add support for moving topics from one stream to
another.

Split from the original full-feature commit so that we can merge just
the backend, which is finished, at this time.

This is a large part of #6427.

The feature is incomplete, in that we don't have real-time update of
the frontend to handle the event, documentation, etc., but this commit
is a good mergable checkpoint that we can do further work on top of.
We also still ideally would have a test_events test for the backend,
but I'm willing to leave that for follow-up work.

This appears to have switched to tabbott as the author during commit
squashing sometime ago, but this commit is certainly:

Co-Authored-By: Wbert Adrián Castro Vera <wbertc@gmail.com>
2020-04-07 14:19:19 -07:00
sahil839 38abe57083 tests: Fix test in test_subs.py.
This commit corrects the test_change_stream_policy_requires_realm_admin
by setting the date_joined of user in the tests itself.

test_non_admin is added to avoid duplication of code.

Code is added for checking success on changing stream_post_policy
by admins.
2020-04-07 14:18:58 -07:00
Steve Howell 64e200a903 drafts: Avoid accidental draft deletions.
We no longer delete existing drafts if you happen
to clear the text in your compose box for a message
that was restored from an existing draft.  This
prevents folks from losing drafts when they accidentally
delete selected text.

There are still two ways to delete a draft:

    * send the message (obviously not always desirable)
    * use the drafts UI (with `d` as a shortcut to bring it up)

See https://chat.zulip.org/#narrow/stream/9-issues/topic/lost.20draft
for more discussion.
2020-04-07 13:07:38 -07:00
YashRE42 8abae999d9 portico: Align vertical height of submit buttons with inputs. 2020-04-07 10:31:19 -07:00
YashRE42 c695d68c8d portico: Refactor input scss.
This commit modifies the padding and margin of the input selector so
that is uses sane values such as 25ps top margin, 5px bottom margin
and 10px top and bottom padding rather than trying to make uneven
values balance each other out. (old values are 25px top margin, 4px
bottom margin, 9px top padding, 11px bottom padding)
2020-04-07 10:31:19 -07:00
Greg Price 4d17abee82 tools: Use require_clean_work_tree everywhere.
As described in the commit that added this function, this fixes one
quite annoying bug and one at least in-principle bug:

 * On Windows, the simple version (lacking `git update-index
   --refresh`) routinely gives false positives, making the tools
   that rely on it basically unusable.

 * If you have uncommitted changes in the index but manage to have
   the worktree nevevertheless match HEAD, the simple version will
   give a false negative and we'd blow away those changes.
2020-04-06 17:52:10 -07:00
Greg Price daf357aaab tools: Give `require_clean_work_tree` our nice UI touches.
Notably, print the details of what's modified.
2020-04-06 17:52:10 -07:00
Greg Price 43ca39c87d tools: Modernize require_clean_work_tree a bit.
Use `local`.  Also `set -u`-compatible `${2-}`, and normalize
formatting of `if .. then`.
2020-04-06 17:52:10 -07:00
Greg Price 73acca76ba tools: Add a require_clean_work_tree function, from Git upstream.
This is verbatim from Git upstream, at an older version.  (The one
change since then is to add localization for the messages like "You
have unstaged changes" -- which complicates the code, is important and
worth it for Git itself, but for our tools we can do without.)

This function will replace our use of `git diff-index --quiet HEAD`
in several scripts.  The key differences in behavior are:

 * The `git update-index --refresh`.  Without this, on Windows
   apparently `git diff-index` routinely (but not all the time!)
   reports that tons of files have changed.  See report:
     https://chat.zulip.org/#narrow/stream/9-issues/topic/.2E.2Ftools.2Ffetch-pull-request.20issue/near/834435

 * Instead of one command comparing the worktree to HEAD, we
   separately compare the worktree to the index and the index to
   HEAD, and abort if either diff is nonempty.  This one is obvious,
   but rather an edge case (it matters only if you've managed to
   make the worktree and HEAD agree while the index has some
   changes), and the extra code is annoying if written out in every
   script that needs it.  But that's what a subroutine is for. :-)

We'll make a few tweaks before actually switching to use this.
2020-04-06 17:52:10 -07:00
Greg Price fc0b99cd62 tools: Apply `set -x` to just the interesting parts of *-pull-request.
The Git commands we're invoking to do the real work are useful to
print, for transparency to see what's happening and that there's no
magic here.

The boring shell stuff like `remote=${2:-"upstream"}` is not so
helpful, and nor is the rather arcane and in any case read-only
command `git diff-index --quiet HEAD`.  Those only add noise that
obscures the interesting parts.  So, move the `set -x` down to when
we're done with the boring preparatory stuff and ready to perform
the commands that do the work.
2020-04-06 17:52:10 -07:00
Ryan Rehman 4ac633d432 left sidebar: Fix exceptions when updating sub data.
If the subscription data was changed from the left sidebar,
we previously would attempt to display the savings indicator
in the stream edit page which wasn't rendered yet. The bug was
introduced in commit 39577b58ba.

This approach is used to harden the codepath against bugs by
keeping the expectOne check in `settings_ui.do_settings_change`
function.

Fixes #14467.
2020-04-06 16:26:33 -07:00
Katerina Perikou 3a07febc20
night mode: Fix how "x" is displayed on "You have nothing to send!".
Enhance visibility of "x" to dismiss the dialog box of "You have nothing
to send!" message.

To achieve this:
Added class 'compose-send-status-close' with new color attribute in
file night_mode.scss.

Fixes: #14459

Co-authored-by: @MariaGkoulta <43913366+MariaGkoulta@users.noreply.github.com>
2020-04-06 16:21:05 -07:00
Steve Howell b788f18630 left sidebar: Fix topic list disappearing during pins.
When we redraw the left sidebar, we need to tell the
topic list to clear its data structures (and do other
stuff like hiding its popover), since we are clearing
its parent container.

The commit f0e18b3b3e
introduced this regression in late January 2020.
That commit made topic_list use a vdom to avoid
unnecessary updates.  Before that, topic_list did
a lot of brute-force redraws, which covered up the
fact that we weren't having stream_list telling it
when the rug was being pulled out from under it.

The boundary between stream_list and topic_list
has always been kind of complicated code, since
topic lists get embedded into the stream list.

The main interactions, though, are basically:

    * topic_zoom.clear_topics() - you're leaving
        a narrow that may or may not be zoomed

    * topic_list.clear() - you're about to redraw
        stream items in the unzoomed stream list

    * topic_list.rebuild(stream_li, stream_id) -
        you're building or updating a topic list
        for the newly active stream

Fixes #14465
2020-04-06 16:19:43 -07:00
Steve Howell 1409639424 topic list: Rename remove_expanded_topics() to clear().
The name clear() is more concise and captures the notion
that we're not just clearing the DOM, we're clearing our
internal data structures.
2020-04-06 16:19:43 -07:00
Steve Howell e47ece6d2d tests: Remove unnecessary stubs for stream_list test. 2020-04-06 16:19:43 -07:00
Steve Howell 0ebc5e8e73 minor: Update stream_list comment. 2020-04-06 16:19:43 -07:00
Pranav 939223426b settings ui: Hide btns to modify organization profile pic for nonadmins.
Users are unable to modify organization's profile picture, but
disabled buttons for the same are being shown to the user on the
organization profile settings page. This commit removes those
buttons. The file realm-logo-widget.hbs renders those buttons only
if the user is an admin and realm_logo.js has been updated to allow
operations(like click) on the buttons only to admins.
2020-04-06 15:36:02 -07:00
Pranav d91d32adfc settings ui: Hide buttons to add/delete organization logo for nonadmins.
Users are unable to modify organization's logos, but disabled
buttons for the same are being shown to the user on the organization
settings page. This commit removes those buttons. The file
realm-logo-widget.hbs renders those buttons only if the user is an
admin and realm_logo.js has been updated to allow operations
(like click) on the buttons only to admins.
2020-04-06 15:36:02 -07:00
stableapple ffc32ef795 home: Improve wording for "results from your personal history".
Folks found the "personal" part confusing.

Fixes #13851.
2020-04-06 15:30:51 -07:00
Puneeth Chaganti 6f2d0c0288 message_list: More descriptive names for {show,hide}_topic_edit.
Clarify that the functions show and hide the topic edit in the recipient
row, and do not apply to the message edit rows.
2020-04-06 10:57:29 -07:00
Puneeth Chaganti cd64d2dd27 message_list: Hide topic edit pencil icon in the edit mode.
The pencil icon incorrectly appeared after it was clicked to switch to the
topic edit mode. 51a8873579 seems to have
introduced this bug.

Closes #14460
2020-04-06 10:57:29 -07:00
Anders Kaseorg 15d68c40dd nginx: Set X-XSS-Protection: 1; mode=block.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg 79c215626e nginx: Set X-Content-Type-Options: nosniff globally.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg 06e7d4ec19 nginx: Don’t override HSTS, X-Frame-Options with other ‘add_header’s.
The nginx ‘add_header’ directive doesn’t inherit the way you’d
want (https://trac.nginx.org/nginx/ticket/854), so we need to manually
simulate inheritance using ‘include’, like we previously did with
api_headers.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 16:13:53 -07:00
Anders Kaseorg ba16b37f8d circleci: Update venv cache prefix based on thumbor-dev.txt.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Anders Kaseorg bcc040b01c test-locked-requirements: Cache only one copy of each valid hash.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Anders Kaseorg bc6862b949 test-locked-requirements: Check all locked requirements files.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-05 13:45:25 -07:00
Hashir Sarwar c2ba3e20b7 lightbox: Remove inaccurate docstring on lightbox.open(). 2020-04-05 13:13:02 -07:00
Hashir Sarwar 34d24bfdac lightbox: Remove redundant parameter `options` from lightbox.open().
The `options` parameter is not being passed in any call
of `lightbox.open()` and it uses the same option i.e.
`lightbox_canvas` everytime which is now computed inside
`display_image()` directly.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 74ec668e65 lightbox: Rename `original_image` to `$original_image`.
`original_image` is a jQuery object so it should start with
a dollar sign.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 95869974b3 lightbox: Remove redundant conversion of `image` to jQuery object.
`image` passed to lightbox.open() is already a jQuery object,
so we don't need to convert it explicitly. Also, the parameter
is renamed from `image` to `$image`.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 9ffed7afdc lightbox: Parse images' data while rendering `image-list`.
Previously, lightbox.open() was responsible for retrieving
the image data from the DOM, saving it in `asset_map` and
finally displaying the image using that data. This
implementation wasn't correct for image list at bottom of
the lightbox because the `image` parameter passed to
lightbox.open() could contain more than one instances of
the image that had to be opened.

Now, the metadata of all the images in image-list is stored
in the `asset_map` while rendering the `image-list` inside
`render_lightbox_list_images()` and `lightbox.open()` only
looks for the metadata from `asset_map`.

Fixes #14152.
2020-04-05 13:13:02 -07:00
Hashir Sarwar 9a6d83e731 lightbox: Use `$preview_src` as key for `asset_map`.
In case of video embeds, the previous logic used
`data-src-fullsize` or `src` as a key to look
for the metadata of video in `lightbox.open()`,
but while parsing, the key used while storing
the metadata was the video ID.

This doesn't make any sense because video's data
could never be accessed from `asset_map` and we
always needed to lookup the DOM for this.

This commit fixes this by using $img.attr('src')
as a key for `asset_map` for both, images and
videos. Since `src` is the link of preview image
in case of video embeds, it will always uniquely
determine the video ID and we won't loose
anything with the change in how videos handle
things.

Part of #14152.
2020-04-05 13:13:02 -07:00
Tim Abbott 90eda9d9fe lightbox: Convert canvas image element to jQuery object.
The $img variable in this code path was incorrectly tagged as a jQuery
object.
2020-04-05 13:12:22 -07:00
Hashir Sarwar 2a80f4109a lightbox_canvas: Return from sizeCanvas() if parentNode is null.
The value of `canvas.parentNode` in `sizeCanvas()`
appears to be `null` sometimes and it throwed an
exception specially when you switch images from
the images-list quickly.
2020-04-05 13:06:03 -07:00
Mateusz Mandera 8686bbf637 auth: Show a user-facing page when wrong token given to /subdomain/.
This used to show a blank page. Considering that the links remain valid
only for 15 seconds it's important to show something more informative to
the user.
2020-04-05 12:29:09 -07:00
Tim Abbott e27cafd785 settings: Don't use nice REQ syntax for language_codes.
This breaks provisioning because running this as import time would
require language_name_map.json to be generated by `manage.py
compilemessages` before we can run any management commands :(.

We could potentially fix this in the future by changing the generate
language files to be things we commit to the project.
2020-04-03 16:00:47 -07:00
Tim Abbott 5aa6aeb303 typing: Stop using Collection[str].
Apparently, Collection is unavailable in Python 3.5, so we can't use
it.  Reverting to a Union for now.
2020-04-03 15:53:37 -07:00