Commit Graph

4052 Commits

Author SHA1 Message Date
Vishnu Ks 0dccebbe39 docs: Make update-message use curl example system. 2019-10-15 15:40:44 -07:00
Vishnu KS 9bc3594f75 docs: Make get-raw-message use curl example system. 2019-10-15 15:40:44 -07:00
Rafid Aslam 718b70ec8b Rename `not_subscribed key` to `not_removed` in users/me/subscriptions.
Rename `not_subscibed_key` to `not_removed` in
`users/me/subscriptions` DELETE response.

Fixes #13277.
2019-10-13 10:30:34 +07:00
Vishnu KS 1585ad7bf4 mattermost: Add support for exporting DMs and huddles. 2019-10-10 16:37:03 -07:00
Mateusz Mandera 4dc3ed36c3 auth: Add initial SAML authentication support.
There are a few outstanding issues that we expect to resolve beforce
including this in a release, but this is good checkpoint to merge.

This PR is a collaboration with Tim Abbott.

Fixes #716.
2019-10-10 15:44:34 -07:00
Tim Abbott 1767044c90 docs: Extend moderation guidelines with search advice.
The search query for all messages sent by a given user in all public
streams is pretty useful for moderation of spam purposes.
2019-10-10 14:47:53 -07:00
Vinit Singh 01b19291e7 search: Advertise the ability to search shared history.
When a user performs a search that might contain historical public
streams messages that the user has access to (but doesn't because
we're searching the user's own personal history), we add a notice
above the first search result to let the user know that not all
messages may have been searched.

Fixes #12036.
2019-10-09 15:12:52 -07:00
Tim Abbott bf088519a7 api: Add avatar URL to the GET /profile endpoint.
This endpoint is legacy in a lot of ways, but it seems reasonable that
it should have these data.
2019-09-27 12:07:03 -07:00
Anders Kaseorg dea6889956 templates: Make the Loading… message more robust.
Don’t hide it until both CSS and JS have loaded.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-20 10:34:44 -07:00
Anders Kaseorg 46e562f990 bootstrap: Change tooltip html default to false.
Bootstrap v2.2.0^2~40^2~6 changes this default to false, so this is a
prerequisite to upgrading Bootstrap, and it’s also safer.

This closes an HTML injection path via user full names in the emoji
reaction tooltip.  It doesn’t appear to be exploitable for cross-site
scripting because we disallow `>` in full names, and the code happens
to be written such that the next `>` is in a different parser
invocation.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-19 20:53:10 -07:00
Anders Kaseorg fbc2de157e templates: Move page_params to a <div> at the bottom of <body>.
In a gigantic realm where we send several MB of `page_params`, it’s
slightly better to have the rest of the `<body>` available to the
browser earlier, so it can show the “Loading…” spinner and start
fetching subresources.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-19 12:38:10 -07:00
Mateusz Mandera 935702b6ec auth: Rename any_oauth_backend_enabled to any_social_backend_enabled.
any_oauth_backend_enabled is all about whether we will have extra
buttons on the login/register pages for logging in with some non-native
backends (like Github, Google etc.). And this isn't about specifically
oauth backends, but generally "social" backends - that may not rely
specifically rely on Oauth. This will have more concrete relevance when
SAML authentication is added - which will be a "social" backend,
requiring an additional button, but not Oauth-based.
2019-09-19 12:35:27 -07:00
Rishi Gupta 2646d70cbd emails: Add realm name to footer of missed message emails.
Missed message emails for mentions come from streams and possibly orgs you
don't normally get missed message emails for, so they can be hard to place.
2019-09-17 17:45:59 -07:00
Anders Kaseorg fe7d814e8d team: Move contributors_list into page_params.
This sidesteps tricky escaping issues, and will make it easier to
build a strict Content-Security-Policy.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Anders Kaseorg 7494f1600c templates: Move page_params from an inline script to the <body> dataset.
This sidesteps tricky escaping issues, and will make it easier to
build a strict Content-Security-Policy.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Anders Kaseorg f1ecd3c18b templates: Defer all script execution.
This allows parsing and resource loading to continue in parallel with
script fetching.  It also means we don’t need to concern ourselves
with explicitly waiting for the DOM to become ready.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Anders Kaseorg 9b38bcc2a6 templates: Abstract render_bundle behind a Jinja2 macro.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-17 16:06:33 -07:00
Tim Abbott 68f6f622a7 open source: Add a more complete "why zulip" explanation.
Also contains a lot of edits from Rishi, including to the content
around Zulip's features and what to highlight there.
2019-09-17 12:40:38 -07:00
Tim Abbott 5452c0b4ac open source: Document some recent and upcoming features. 2019-09-17 12:03:20 -07:00
Alexandra Ciobica 8828ef72fe portico: Add hover styling to `Atlassian migration guide` on /hello.
I changed the element to be  a `p` instead of `div` because the styling
for `a`s inside paragraphs is already there and the element should
anyway be a paragraph.

Fixes part of #12853.
2019-09-17 11:59:22 -07:00
Anders Kaseorg 366dce5d52 confirm_preregistrationuser: Uninline script.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-16 17:23:20 -07:00
Anders Kaseorg ed63042480 templates: Replace focusing scripts with autofocus attribute.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-09-16 17:23:20 -07:00
Tim Abbott 6f6c761d80 docs: Further expand documentation on using IDs in narrows.
These docs had a number of typos, and also didn't fully clarify how to
handle lists of integers for `pm-with`.

Also makes some tweaks to the user docs to make this clearer as well.

Fixes #13167.
2019-09-16 17:17:03 -07:00
Rohitt Vashishtha b3df3f2e22 docs/botserver: Document running custom bot modules.
This documents the feature added in
https://github.com/zulip/python-zulip-api/pull/523.
2019-09-03 13:28:01 -07:00
Tim Abbott 73c9450d8a docs: Expand documentation on using IDs in narrows. 2019-08-29 16:17:09 -07:00
Rohitt Vashishtha 6fe99171c3 docs/botserver: Add basic troubleshooting help.
It could be a non trivial task ensuring that the Zulip server can
access the Botserver. These steps examine some of those cases.
2019-08-28 16:08:34 -07:00
Rohitt Vashishtha 7f3ee1b6b1 docs: Fix typo: Heroko -> Heroku. 2019-08-28 15:59:03 -07:00
Rohitt Vashishtha 16227ed23a docs/botserver: Explain how the botserver works.
Understanding the basic model can help people troubleshoot any
errors easily.
2019-08-28 15:59:03 -07:00
Tim Abbott 3999a2db4d api: Document using `pip3 install` for zulip_bots(erver).
We dropped Python 2 support for these a while ago.
2019-08-23 15:51:06 -07:00
Rishi Gupta e058558a52 emails: Send invitation reminder email two days before expiry.
Hopefully this does a better job of spurring people to action, and also
suggests a self-service fix if they don't (i.e. contacting the person that
invited them).
2019-08-23 12:53:11 -07:00
Rishi Gupta 36e0043ed7 emails: Fix typo in invitation.source.html. 2019-08-23 12:53:11 -07:00
Mohit Gupta e5482adec0 search: Add streams:public to search entire history of public streams.
Add ability to search entire message history of all public streams at
once. It includes all subscibed, non subscribed public streams messages
and even historical public stream messages sent before user had joined
an organization or stream.

Fixes #8859.
2019-08-22 13:40:49 -07:00
Rishi Gupta df44f0276b help: Update search-for-messages with note about historical messages. 2019-08-22 13:17:06 -07:00
Rishi Gupta 02cfb47315 exports: Update wording on settings page, /help and /features. 2019-08-22 13:17:03 -07:00
Alex Dehnert ea670f3d61 docs: remove duplicate "make" in "Writing Bots". 2019-08-21 14:36:08 -07:00
Hemanth V. Alluri d73a37726d bots: Allow incoming webhook bots to be configured via /bots.
Without disturbing the flow of the existing code for configuring
embedded bots too much, we now use the config_options feature to
allow incoming webhook type bot to be configured via. the "/bots"
endpoint of the API.
2019-08-20 17:00:48 -07:00
Mateusz Mandera 26f7dd09ce display_recipient: Eliminate raw_display_recipient from message dicts.
This was used as a helper to construct the final display_recipient when
fetching messages. With the new mechanism of constructing
display_recipient by fetching appropriate users/streams from the
database and cache, this shouldn't be needed anymore.
2019-08-20 12:22:52 -07:00
Vishnu KS f32382f7b7 emails: Show preheader block only if preheader is present. 2019-08-17 11:32:28 -07:00
Vishnu KS ff6dab6883 emails: Remove preheader block from missed message emails. 2019-08-17 11:26:34 -07:00
Alexandra Ciobica 84e0327d10 integrations: Fix arrangement of left sidebar `back to list` button.
I rearranged the elements of the left sidebar in HTML in order to appear
in the order they are displayed and removed the absolute positioning,
because it was not needed if the elements are arranged correctly. I used
`flex` display to arrange them on column.

I removed the styling that positioned the elements absolutely.

Then I tweaked the margins in order to make the elements look good.

Fixes: #12929
2019-08-15 16:12:15 -07:00
Wyatt Hoodes f623540409 data export: Add UI to trigger data export.
This commit serves as the frontend piece for the "public export"
webapp feature.

Fixes: #11930
2019-08-12 18:21:38 -07:00
meiomorphism 1af72a2745 subscriptions: Avoid sending unneeded subscriber information.
The `users/me/subscriptions` endpoint accidentally started returning
subscriber information for each stream.  This is convenient, but
unnecessarily costly for those clients which either don't need it
(most API apps) or already acquire this information via /register
(including Zulip's apps).

This change removes that data set from the default response.  Clients
which had come to rely on it, or would like to rely on it in future,
may still access it via an additional documented API parameter.

Fixes #12917.
2019-08-09 16:03:21 -07:00
Alexandra Ciobica 4c08a840d0 accounts/go: Change class of bottom text to be consistent.
I changed the class of the two bottom texts to use the same styling as
(`/new` and `/complete/github`)
2019-08-08 11:12:51 -07:00
Alexandra Ciobica 2035850d86 create_realm: Add white box to new organization.
Added the `.white-box` in order to be consistent with (`/accounts/go/`,
`/login`). Changed the class of the text under the white box so all the
text under white box uses the same styling.
2019-08-08 11:12:51 -07:00
Alexandra Ciobica eb6c5e1962 auth: Style the GitHub auth email selection page.
I added the `white-box` as it was in the other similar pages
(`/accounts/go`).

In order to be able to style it better, I removed the buttons and added
`div`s instead, then added click handler for submitting the form.

If the email is associated to a Zulip account, the avatar of the account
is displayed and the text `Log in`, otherwize a `+` sign is
displayed and the text `Create new account`.
2019-08-08 11:12:51 -07:00
Alexandra Ciobica e5e45c9a25 auth: Change page title and add description for the list.
I changed the class of the title in order to use the same styling as the
 other similar pages (like `/accounts/go` or `/login`).

Changed the related test.
2019-08-08 11:12:51 -07:00
Tim Abbott 0db9afe605 api docs: Update link to a currently running requestbin site. 2019-08-08 11:04:16 -07:00
Anders Kaseorg 0962393933 cleanup: Delete trailing newlines.
Delete trailing newlines from all files, except
tools/ci/success-http-headers.txt and tools/setup/dev-motd, where they
are significant, and static/third, where we want to stay close to
upstream.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-06 23:29:11 -07:00
Anders Kaseorg becef760bf cleanup: Delete leading newlines.
Previous cleanups (mostly the removals of Python __future__ imports)
were done in a way that introduced leading newlines.  Delete leading
newlines from all files, except static/assets/zulip-emoji/NOTICE,
which is a verbatim copy of the Apache 2.0 license.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-06 23:29:11 -07:00
Hemanth V. Alluri ac69717604 openapi: Migrate /messages to use the new cURL example system.
Now that we can create cURL examples based on the OpenAPI
documentation. We can begin using simple one line tags in
the documentation instead of manually creating cURL examples.

Fixes part of #12878.
2019-08-05 21:27:24 -07:00