Commit Graph

4865 Commits

Author SHA1 Message Date
Aman Agrawal 62d721e859 docs: Remove HipChat migration guide.
As of Feb 15th 2019, Hipchat Cloud and Stride
have reached End Of Life and are no longer
supported by Atlassian. Since it is almost 2 years
now we can remove the migration guides.
2020-12-23 15:43:13 +05:30
Mateusz Mandera 160cc5120a api: Require can_create_users permission to create users via API.
Allowing any admins to create arbitrary users is not ideal because it
can lead to abuse issues.  We should require something stronger that
requires the server operator's approval and thus we add a new
can_create_users permission.
2020-12-21 13:20:21 -08:00
Tim Abbott d513bb4aa6 help: Fix Gitter docs to encourage making users owners. 2020-12-17 18:45:05 -08:00
sushant52 9393371a94 docs: Add auth backend configuration is optional.
Tweaked by tabbott to use slightly clearer language.
2020-12-17 18:11:28 -08:00
Vishnu KS 023a33dc49 support: Disable adding discount for fixed price plans.
Discount is applied relative to the price per license of our normal
plans. For fixed price plans, the concept of discount doesn't make
any sense since we manually assign a price for the entire realm
irrespective of the number of users in the realm.
2020-12-17 17:09:20 -08:00
Vishnu KS dd5bcb97e8 support: Allow user look up through full name search. 2020-12-17 17:07:28 -08:00
Siddharth Asthana daac7536f3 accounts/deactivated: Show deactivated_redirect url if present
If a user visits a realm which has been deactivated and it's
deactivated_redirect field is set, we should have a message telling the
user that the realm has moved to the deactivated_redirect url.
2020-12-14 21:04:52 -08:00
shanukun 82a262018a dev_tools: Fix dev-secrets.conf path.
At /devtools 'Connecting to the local PostgreSQL database',
path for `dev-secrets.conf` should zulip/zproject/dev-secrets.conf
instead of zulip/zerver/dev-secrets.conf.
2020-12-08 18:11:14 -08:00
Anders Kaseorg c4d805a82c api docs: Use --data-urlencode in send-message curl example.
Commit 13c11ec5f3 (#16699) already fixed
the generated curl examples, but missed this, which is the only
hard-coded one.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-12-07 17:00:05 -08:00
Siddharth Asthana 6f962c1815 support: Add ability to change subdomain of realms. 2020-12-06 00:48:10 -08:00
Siddharth Asthana 37e158b9ba support: Rename message -> success_message. 2020-12-06 00:48:10 -08:00
rht 4911bc3c4d docs: Recommend Matterbridge for integration with IRC/Matrix/Slack. 2020-12-01 14:12:05 -08:00
Tim Abbott 3b5ea2dbad docs: Remove broken Gitter help center link.
Gitter's help center seems to no longer be on the Internet.
2020-11-18 13:02:07 -08:00
Tim Abbott a6744646e4 help: Clarify how deactivating an account interacts with organizations. 2020-11-18 12:51:39 -08:00
Abhishek Yadav 4d458eeb49
left_sidebar: Add data-placement to settings icon to prevent flickering.
Changing the position of tooltip using data-placement=bottom fixes this flickering artifact.

Fixes: #16676
2020-11-16 17:22:18 -08:00
Vishnu KS d6743da139 docs test: Verify zulip/zulip file and directory links locally. 2020-11-05 10:07:43 -08:00
Vishnu KS 2a17dd61aa docs: Link session length and idle timeouts to GitHub search.
The line number was outdated and was linking to totally unrelated
section. I think the best way to handle this case would be to
link directly to search.
2020-11-05 10:07:43 -08:00
shanukun be39672026 api_docs: Document the /fetch-api-key endpoint.
With tweaks by tabbott to document addition details.

Fixes: #16408.
2020-11-02 16:45:42 -08:00
Tim Abbott cba7425cdc docs: Clean up email testing docs a bit more. 2020-10-30 12:15:27 -07:00
Vishnu KS ff754ee528 emails: Pass help link as variable in password reset email. 2020-10-30 11:50:30 -07:00
Vishnu KS 0eec12ad8b emails: Pass reset link as variable in notify new login email. 2020-10-30 11:50:30 -07:00
Vishnu KS 0853c866a9 emails: Use link tag macro for realm uri in password reset email. 2020-10-30 11:50:30 -07:00
Vishnu KS e53008410a emails: Use email tag macro for email in password reset email. 2020-10-30 11:50:30 -07:00
Vishnu KS 1c08ea8134 emails: Use trans tag for ladap username in followup day 1 email. 2020-10-30 11:50:30 -07:00
Vishnu KS abc5fb6cea emails: Use email tag macro for email in followup day1 email. 2020-10-30 11:50:30 -07:00
Vishnu KS df882d1563 emails: Use link tag macro for realm_uri in followup day1 email. 2020-10-30 11:50:30 -07:00
Vishnu KS cb6ab43ba2 emails: Use link tag macro for realm_uri in realm reactivation email. 2020-10-30 11:50:30 -07:00
Vishnu KS 36b00b6b96 emails: Use email tag macro for old and new emails in confirm new email. 2020-10-30 11:50:30 -07:00
Vishnu KS c06d8f9e45 emails: Use link tag macro for realm_uri in confirm new email. 2020-10-30 11:50:30 -07:00
Vishnu KS 4b784f8869 emails: Use macros for link tags in new login email. 2020-10-30 11:50:30 -07:00
Vishnu KS 8abf6897cb emails: Use macros for email tags in realm reactivation email. 2020-10-30 11:50:30 -07:00
Vishnu KS 01a92abf12 emails: Use macros for email tags in notify new login email. 2020-10-30 11:50:30 -07:00
Vishnu KS 3bac784590 emails: Use macros for email tags in notify change in email. 2020-10-30 11:50:30 -07:00
Vishnu KS 689c636e29 emails: Use macros for email tags in confirm registration email. 2020-10-30 11:50:30 -07:00
Vishnu KS 0d56f3d73e emails: Use macros for email tags in verify new email. 2020-10-30 11:50:30 -07:00
Vishnu KS 2caee3d68c emails: Use macros for email tags in invitation reminder email. 2020-10-30 11:50:30 -07:00
Vishnu KS eb008fc864 emails: Use macros for email tags in invitation email. 2020-10-30 11:50:30 -07:00
Tim Abbott 5fb667cf9e templates: Make sure users know deletion is for everyone.
Implements a proposal I suggested in #16426.
2020-10-29 17:25:40 -07:00
Tim Abbott 5bfafae764 docs: Improve linking of documentation around message deletion.
This should help users confirm their understanding of how deletion
works in Zulip starting from the actual deletion UI.
2020-10-29 17:12:49 -07:00
sahil839 5d79dff00b docs: Extract help doc for wildcard mention policy.
This commit moves the wildcard mentions documentation to a top-level page.

Edited by tabbott to deduplicate with the existing docs, and add cross-links.
2020-10-29 15:29:52 -07:00
Alex Vandiver abb8b2166f docs: Fix name of realm rename function. 2020-10-26 12:48:56 -07:00
Steve Howell 0e7e4f1ad3 api feature level: Bump level for peer_add/peer_remove. 2020-10-26 07:18:08 -04:00
Alex Vandiver e3dacdadae help: Gitter imports do not use a token to fetch latest data.
This is a copy/paste error from the Slack import.
2020-10-23 16:47:28 -07:00
Anders Kaseorg 72d6ff3c3b docs: Fix more capitalization issues.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-23 11:46:55 -07:00
sahil839 1d5aa2e514 settings_org: Add frontend to change wildcard_mention_policy.
We add dropdown for wildcard_mention_policy in organization
permissions page.
2020-10-22 15:00:27 -07:00
Mateusz Mandera ec8fcf3a04 docs: Fix duplication in apple-error.md config error page.
SOCIAL_AUTH_APPLE_TEAM was repeated twice.
2020-10-22 12:07:46 -07:00
akshatdalton 1abae8baaa docs: Update guidelines to URL-encode stream name or topic name.
Updated create-bot-construct-url-indented.md file with
guidelines on how to URL-encode stream name and topic
name. The hyperlink added will solve the issue for those
who use emoji in stream name or topic name.

Tweaked by tabbott to edit the copy and update the non-indented
version as well.

Fixes #16430.
2020-10-21 11:14:42 -07:00
Tim Abbott 2ba76c8289 docs: Merge Zoom and BBB configuration pages. 2020-10-18 15:10:23 -07:00
strifel 1ed1614c9d docs: Add more specific Big Blue Button documentation. 2020-10-18 15:03:16 -07:00
the-rdt 03005dacdb preview_message_area: Use simplebar scrollbar.
Add `data-simplebar` attribrute to `preview_message_area` div in
`templates/zerver/app/compose.html`.

This will cause preview_message_area div to use simplebar scrollbar
instead of normal scrollbar.

Fixes #16468.
2020-10-18 14:35:16 -07:00
Aman Agrawal 8297121050 Revert "login: Fix alignment of error message in login form."
This reverts commit 6fe82620df.

Reverted since this misaligns other forms which use the same
class.
2020-10-18 14:06:20 -07:00
Anders Kaseorg dd48dbd912 docs: Add spaces to “check out”, “log in”, “set up”, “sign up” as verbs.
“Checkout”, “login”, “setup”, and “signup” are nouns, not verbs.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-13 15:47:13 -07:00
shanukun 537051e4f1 api docs: Fix JavaScript example for /streams api endpoint.
This commit fixes the JavaScript tab in 'Usage example'
for 'Get all streams' that currently shows python code.
2020-10-11 23:12:33 -07:00
Anders Kaseorg f0ae2a88f2 activity: Show server time rather than browser time.
This gets rid of an inline <script> that was blocking #16451.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-08 19:17:35 -07:00
Aman Agrawal 6fe82620df login: Fix alignment of error message in login form. 2020-10-07 16:18:54 -07:00
Tim Abbott 914862f8cd docs: Fix text for requesting an integration. 2020-10-01 17:29:17 -07:00
sahil839 78b98d8067 realm: Add wildcard_mention_policy setting.
We add a new wildcard_mention_policy setting to handle wildcard
mentions in large streams, with a wide range of policies available to
organizations.

We set the default to the safe option for preventing accidental spam:
only stream administrators being able to use wildcard mentions in
large streams.
2020-10-01 12:18:03 -07:00
Anders Kaseorg 57cb95af9f docs: Show simple POSIX shell quoting in send-message documentation.
This reverts commit 5275d49f05
(effectively), which created more problems than it solves.  #8484 is
not a bug: a newline can be included literally with no escaping within
POSIX quotes.  Meanwhile, $"" is a bashism, and not even the correct
bashism: it translates strings using the LC_MESSAGES catalog.  If the
user wants to do something complicated, they can consult the
documentation for their shell.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-30 17:31:55 -07:00
Vishnu KS 510efbc1a8 support: Add option to change billing method. 2020-09-28 15:37:49 -07:00
Vishnu KS 3e438538b4 support: Add support for downgrading realm. 2020-09-28 15:37:49 -07:00
Gittenburg b245e1e49a compose: Display Formatting button as "Help".
The Formatting button that opens our Markdown help popover previously
had an "A" as its icon (the Font Awesome icon for font). This commit
changes the link to spell out "Help" to make it more discoverable.
2020-09-25 16:47:44 -07:00
Gittenburg 0c6df114f6 compose: Reorder message action buttons.
Now that they are tab accessible, we should order them by importance.
Previously the order was:

1. Add emoji
2. Formatting
3. Attach files
4. Add video call
5. Preview
6. Drafts

This commit changes the order to:

1. Attach files
2. Preview
3. Add video call
4. Add emoji
5. Drafts
6. Formatting

The "Add emoji" button is moved back because emojis can be more
conveniently entered using the typeahead triggered with ":" or the
emoticon conversions.
2020-09-25 16:47:43 -07:00
Dinesh 043146fa83 reset_password: Change reset password page heading. 2020-09-25 16:24:18 -07:00
Dinesh 232eb8b7cf auth: Render config error page on configuration error.
We previously used to to redirect to config error page with
a different URL. This commit renders config error in the same
URL where configuration error is encountered. This way when
conifguration error is fixed the user can refresh to continue
normally or go back to login page from the link provided to
choose any other backend auth.

Also moved those URLs to dev_urls.py so that they can be easily
accessed to work on styling etc.

In tests, removed some of the asserts checking status code to be 200
as the function `assert_in_success_response` does that check.
2020-09-25 16:16:17 -07:00
Vishnu KS a888e65ea4 i18n: Don't include email tags in translation strings. 2020-09-25 15:53:26 -07:00
Vishnu KS 2d2ea9af6e i18n: Tag confirmation templates for translation. 2020-09-25 15:53:26 -07:00
Anders Kaseorg faf600e9f5 urls: Remove unused URL names and shorten others.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-22 10:46:28 -07:00
Sumanth V Rao 2b9f7916c5 api: Document markdown changes for code blocks and bump API_FEATURE_LEVEL. 2020-09-18 17:15:47 -07:00
Aman Agrawal 2bc3924672 move_topic_to_stream: Allow moving to/between/from private streams.
Fixes #16284.

Most of the work for this was done when we implemented correct
behavior for guest users, since they treat public streams like private
streams anyway.

The general method involves moving the messages to the new stream with
special care of UserMessage.

We delete UserMessages for subs who are losing access to the message.
For private streams with protected history, we also create UserMessage
elements for users who are not present in the old stream, since that's
important for those users to access the moved messages.
2020-09-14 15:00:55 -07:00
Kaustubh Nair acf31f8934 docs: Add community_topic_editing_limit_seconds value to docs.
This was added to the response in e242ddc. Specifying the value
makes sure that the user does not have to dig in the commit history.
2020-09-11 15:48:08 -07:00
Alex Vandiver d04db7c5fe webhooks: Remove repetitive argument to UnsupportedWebhookEventType.
The name of the webhook can be added by the webhook decorator.
2020-09-10 17:47:21 -07:00
Alex Vandiver cf6ebb9c8d webhooks: Rename api_key_only_webhook_view to webhook_view.
There are no other types of webhook views; this is more concise.
2020-09-10 17:47:21 -07:00
Alex Vandiver 9ea9752e0e webhooks: Rename UnexpectedWebhookEventType to UnsupportedWebhookEventType.
Any exception is an "unexpected event", which means talking about
having an "unexpected event logger" or "unexpected event exception" is
confusing.  As the error message in `exceptions.py` already explains,
this is about an _unsupported_ event type.

This also switches the path that these exceptions are written to,
accordingly.
2020-09-10 17:47:21 -07:00
Alex Vandiver 8016769613 webhooks: Move UnexpectedWebhookEventType into zerver.lib.exceptions.
8e10ab282a moved UnexpectedWebhookEventType into
`zerver.lib.exceptions`, but left the import into
`zserver.lib.webhooks.common` so that webhooks could continue to
import the exception from there.

This clutters things and adds complexity; there is no compelling
reason that the exception's source of truth should not move alongside
all other exceptions.
2020-09-10 17:47:21 -07:00
Tim Abbott 7b62d31c32 invite: Set tabindex for 'Generate invite link'. 2020-09-04 13:03:27 -07:00
gr455 a8511bc710 docs: Add alt text to images
Add alt text to images in docs roughly stating the contents of the
image.
2020-09-04 12:56:07 -07:00
Anders Kaseorg edaed497ed lint: Remove unused ignorelongline and lint:ignore comments.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:00:44 -07:00
Tim Abbott 5a4aa7e744 templates: Remove strangely toned text from 404 page. 2020-08-31 16:47:20 -07:00
shanukun abada91250 templates: Extend templates/404.html to support a 405 error message.
Fixes: #16164.
2020-08-31 16:43:46 -07:00
Aman Agrawal 6062db765b hello: Don't override bootstrap.js by fetching from CDN.
third/bootstrap/js/bootstrap.js is now reset at v2.3.2, so it
doesn't make sense to be fetch the same version again from CDN.
2020-08-31 14:01:11 -07:00
sahil839 fbae1685d6 openapi: Fix examples in response for deactivating user endpoints.
This commit fixes examples in "400" response for deactivating user
endpoints to have msg as "Cannot deactivate the last organization
owner" instead of "Cannot deactivate the last organization
administrator".

We had already removed the restriction on deactivating last admin
and added it for last owner, while adding owner role.
2020-08-30 17:12:57 -07:00
Tim Abbott d3b62b9f2d api: Further clean up outgoing webhook docs. 2020-08-28 16:47:16 -07:00
orientor 12efa41ed6 api_docs: Add response details to outgoing webhooks documentation.
Improve OpenAPI documentation of /zulip-outgoing-webhook by moving
data and making appropriate additions from its couterpart in the
/outgoing-webhook docs. Then remove the redundant documentation
from the doc and add command to render OpenAPI documetation. Also
add a test to outgoing_webhooks_interface.py to ensure that OpenAPI
documentation is correct.

Fixes #16203.
2020-08-28 16:47:10 -07:00
Kartik Srivastava 0b77525814 api docs: Document POST /user_groups/{group_id}/members endpoint. 2020-08-26 15:40:19 -07:00
Kartik Srivastava 7677ba2d2b api docs: Rename 'group_id' to 'user_group_id'.
This renames 'group_id' to 'user_group_id' in the api docs to remove
the naming mismatch between the url config and the docs and eventually
remove the 'user_groups' endpoints from 'pending_endpoints' in
test_openapi.py.
2020-08-26 15:40:19 -07:00
Kartik Srivastava 190701a062 api docs: Document POST /realm/profile_fields api endpoint. 2020-08-26 12:48:16 -07:00
Kartik Srivastava b74bf64c9d api docs: Document PATCH /realm/profile_fields endpoint. 2020-08-26 12:48:16 -07:00
Kartik Srivastava f8d6b9755a api docs: Document GET /realm/profile_fields endpoint. 2020-08-26 12:48:16 -07:00
Tim Abbott f39a90b808 help: Clean up documentation for Jitsi link. 2020-08-26 12:31:52 -07:00
Vishnu KS 963ecc3e87 plans: Mention the request sponsorship feature.
Tweaked by tabbott to provide a better link.
2020-08-24 18:31:48 -07:00
Vishnu KS d3c7277f77 billing: Show sponsorship message for organization on STANDARD_FREE.
Fixes #16180
2020-08-24 18:25:01 -07:00
orientor 372e010dbb events: Add `op` field to `update_message_flags` events.
`update_message_flags` events used `operation` instead of `op`, the
latter being the standard field used in other events. So add `op`
field to `update_message_flags` and mark `operation` as deprecated,
so that it can be removed later.
2020-08-24 12:42:03 -07:00
Steve Howell ef5de173fe webhook docs: Avoid misleading `get_body` references.
For most cases you don't need to override `get_body`,
and for non-trivial cases, there's really no set pattern.

(It would be nice if we didn't default to json extensions
and just forced folks to be explicit about file extensions,
which would remove a whole class of `get_body` overrides.)
2020-08-24 12:34:46 -07:00
Steve Howell 2fdf966d9f webhook tests: Rename helper to send_webhook_payload.
Not all webhook payloads are json, so send_json_payload was a
bit misleading.

In passing I also remove "bytes" from the Union type for
"payload" parameter.
2020-08-24 12:34:46 -07:00
Steve Howell 388053db6b webhook tests: Rename main helper to check_webhook.
Almost all webhook tests use this helper, except a few
webhooks that write to private streams.

Being concise is important here, and the name
`self.send_and_test_stream_message` always confused
me, since it sounds you're sending a stream message,
and it leaves out the webhook piece.

We should consider renaming `send_and_test_private_message`
to something like `check_webhook_private`, but I couldn't
decide on a great name, and it's very rarely used.  So
for now I just made sure the docstrings of the two
sibling functions reference each other.
2020-08-24 12:34:46 -07:00
Priyansh Garg ba119a2f20
help: Fix typo in change-organization-url. 2020-08-24 12:22:17 -07:00
Sumana Harihareswara 47fe7b7d13 docs: Capitalize proper noun.
Signed-off-by: Sumana Harihareswara <sh@changeset.nyc>
2020-08-18 11:16:22 -04:00
sahil839 f046c9c58a streams: Add role field to Subscription objects passed to clients.
This commit adds "role" field to the Subscription objects passed to
clients.  This is important preparation for being able to work on the
frontend for this feature.
2020-08-14 16:33:11 -07:00
shanukun 5c6d42c6a5 navbar_alerts: Change HTML ordering for obvious tab order.
Fixes #16079.
2020-08-14 15:59:44 -07:00
shanukun aa6f2b1310 navbar_alerts: Fix navbar alerts inaccessibility.
Part of #16079.
2020-08-14 15:57:48 -07:00
Gittenburg 2545703b58 compose: Add role=button to message control buttons.
Fixes #9143. Part of #15910.
2020-08-14 15:49:14 -07:00
Gittenburg 05e792ec1a compose: Move send button after textarea in DOM.
This restores the Tab + Enter shortcut to send.

We are floating the send button to the right so that it still looks like
before. Instead of moving the button we could have also given every
message control button a tabindex, but these would be cumbersome to
maintain.

Tweaked by tabbott to add a comment recording the reasoning behind
the somewhat unusual CSS here.

Part of #15910.
2020-08-14 15:48:49 -07:00
Gittenburg 3b0694693b compose: Make message control buttons accessible.
Previously the emoji picker, the formatting help, the button to attach
files, the video call button, the Drafts button and the Press Enter to
send checkbox were all inaccessible from the keyboard.

This does break the Tab + Enter workflow for sending messages, which is
fixed in the next commit by moving the Send button to be the first
element after the textarea.

Part of #15910.
2020-08-14 15:46:50 -07:00
Tim Abbott b494b16791 meta tags: Use open graph titles/descriptions.
Apparently, we were incorrectly using constants for title/description
rather than the nice non-constant values from og:title and
og:description in our meta tags.
2020-08-14 10:58:18 -07:00
Tim Abbott 201df3432d help: Document Full Members more extensively.
Also reorder the Billing Administrator feature to not interrupt the
owner/admin/member/guest sequence, and add some important cross-links.
2020-08-13 16:42:12 -07:00
Kartik Srivastava 63173d5554 api: Return 'user_id' in 'POST /users' response.
This adds 'user_id' to the simple success response for 'POST /users'
api endpoint, to make it convenient for API clients to get details
about users they just created.  Appropriate changes have been made in
the docs and test_users.py.

Fixes #16072.
2020-08-11 16:40:12 -07:00
Anders Kaseorg 6dea085187 docs: Correct “login” as a verb to “log in”.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:53 -07:00
Anders Kaseorg fb2e56e3c9 docs: Fix capitalization of keyboard keys.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:53 -07:00
Anders Kaseorg c155403884 docs: Fix various capitalization errors.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:25:52 -07:00
Anders Kaseorg 768f9f93cd docs: Capitalize Markdown consistently.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:23:06 -07:00
Anders Kaseorg 60a25b2721 docs: Fix spelling errors caught by codespell.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-11 10:23:06 -07:00
Anders Kaseorg e789a8bb20 stylelint: Enable no-vendor-prefix rules.
Our vendor prefixes are generated by autoprefixer.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-07 15:17:20 -07:00
Anders Kaseorg 483445e3d3 styles: Remove unit from 0 lengths.
Generated by stylelint --fix.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-06 11:34:44 -07:00
Anders Kaseorg ca2dc639c4 styles: Enable most stylelint-config-standard rules.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-04 16:34:19 -07:00
Anders Kaseorg c6ed5c81de styles: Format CSS with Prettier.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-08-04 16:34:19 -07:00
Vishnu KS e736bc3ec6 sponsorship: Ensure that all the fields are filled in form. 2020-07-31 10:36:53 -07:00
YashRE42 b4891a5841 navbar: Rename tab_bar to message_view_header.
Prior to commit eb4a2b9d4e the center
area of the navbar was based on a structure that appended crumbs or
"tabs" as <li>s, forming a tab_bar and a tab_list.

However, in eb4a2b9d4e we apply a new
style and structure to the navbar which lets go of the convention of
tabs. Hence, we'd like to purge the tab_bar and tab_list labels from
our code base.

We purged tab_list in 1267caf5009118875f47fdafe312880af08024e1.

This commit purges tab_bar, it includes:
- A blanket search and replace of tab_bar with message_view_header.
- Splitting a single line comment in
  tab_bar.js / message_view_header.js.
- The renaming of tab_bar.js to message_view_header.js.
- The renaming of tab_bar.hbs to message_view_header.hbs.
- A blanket search and replace of tab_data with
  message_view_header_data.
- Replacing the single occurrence of tabbar with message_view_header
  (it was within a comment.)
2020-07-30 16:23:13 -07:00
Vinit Singh 9c317b0495 compose: Replace hrefs with "tabindex=0" for all buttons.
For all buttons in the compose box, `href="#"` is replaced
by "tabindex=0" so that the buttons are still focusable.

This change also fixes a bug that caused the Formatting
button to redirect to All messages.
2020-07-30 15:12:55 -07:00
Anders Kaseorg 7ee974729b docs: Replace Digital Ocean with DigitalOcean.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-30 11:30:43 -07:00
Gittenburg 2d8ed545d4 docs: Set <title> to article title.
Previously the title for all pages of the user and API documentation was
just "Zulip", which does not only bad for UX but also for accessibility.

We were already extracting the title from the Markdown for the og:title
tag, so we just need to set the <title> tag.

Since our documentation fetches pages with Ajax if you have JavaScript
enabled, we also need to save the titles in the article cache.

Part of #15948.
2020-07-29 11:40:39 -07:00
Dinesh 4afce5d94d apple_auth: Change BUNDLE_ID setting to APP_ID everywhere.
The apple developer webapp consistently refers this App ID. So,
this clears any confusion that can occur.

Since python social auth only requires us to include App ID in
_AUDIENCE(a list), we do that in computed settings making it easier for
server admin and we make it much clear by having it set to
APP_ID instead of BUNDLE_ID.
2020-07-28 17:12:49 -07:00
Dinesh 782970d9f9 apple_auth: Change where private key is stored.
Changes to a better name apple-auth-key.p8 and removes the extra
directory apple.
2020-07-28 17:12:49 -07:00
Priyansh Garg c752f955de registration: Improve registration form.
Improved markup of help-text.
Showing Email as plain-text instead of disabled input.
Changed page heading to 'Create your organization' in realm creation form
and 'Create your account' in normal signup form.
Grouped org settings and user settings with fieldsets.
Reduced space between Password field and Password strength bar.

Also, updated the corresponding test cases.

Partially Fixes: #15750.
2020-07-28 17:07:25 -07:00
Aman Agrawal b34d46e00b css: Rename #home id to #message_feed_container. 2020-07-28 16:33:32 -07:00
Gittenburg 87d8a54b91 help: Stop collapsing sidebar sections.
Three reasons:

1. The sliding was disorienting.
2. The collapsing disallowed searching for other pages with Ctrl+F.
3. The collapsing mechanism wasn't accessible (not usable with the
   keyboard / no ARIA tags).

Tweaked by tabbott to center the left sidebar on the selected page.

Part of #15948.
2020-07-28 16:28:58 -07:00
Tim Abbott 3252dfaa72 api: Document API change for Stream.date_created. 2020-07-27 17:10:59 -07:00
Tim Abbott 282927003f features: Remove inaccurate accessibility claim.
I'm not sure how this got added; it seems to have happened in a visual
redesign of the /features page.  Certainly the claim should only have
been added after the work it described was done, and it has not.
2020-07-27 16:41:42 -07:00
Sumanth V Rao 3e80cbdeb8 docs/update-message: Add missing editing permission condition.
The comments within update_message_backend function of views/message_edit.py
indicates 4 types of permissions which all edit a message. The 4th of these
indicates that a message is editable if the realm allows topic edits. This
was previously missing from the docs and is now added.
2020-07-27 16:33:36 -07:00
Anders Kaseorg d2520cd7e0 js: Replace underscore with lodash and remove it from globals.
Tweaked by tabbott to bump PROVISION_VERSION.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-26 16:12:06 -07:00
Vishnu KS 5b0b1efb15 support: Add functionality to approve sponsorship requests.
This should make it much easier to process these requests.
2020-07-24 17:55:38 -07:00
Vishnu KS d3834f8b9a emails: Simplify requested by line in sponsorship email. 2020-07-24 17:39:46 -07:00
Vishnu KS 6b9c22b211 support: Add a header for scrub realm section. 2020-07-24 17:37:41 -07:00
Vishnu KS 1a1396d07e support: Show customer plan details in support page. 2020-07-24 17:37:41 -07:00
Tim Abbott ec9c272165 help: Document process for changing organization URL. 2020-07-24 16:12:56 -07:00
Gittenburg 2922e2cbb1 compose: Use aria-label instead of aria-hidden.
aria-hidden hides something from the accessiblity tree,
it shouldn't be used for interactive elements.
2020-07-24 15:31:26 -07:00
Vinit Singh 96f579287a i18n: Tag markdown_help text for translation. 2020-07-24 10:54:34 -07:00
Vishnu KS 3ec64b6092 team: Include users without an associated GitHub profile.
Including anon=1 in API requests will retrieve all contributors
of the repo. If there is no asscoiated GitHub account present for
the commits then the email and name of the author mentioned in
commit messages is returned.
2020-07-24 10:51:47 -07:00
Vishnu KS cb01a7f599 billing: Restrict access to billing page to realm owners and billing admins. 2020-07-22 16:57:49 -07:00
Tim Abbott c83df88aeb help: Improve documentation for Gitter import. 2020-07-22 16:08:48 -07:00
Gittenburg 45e19dd6b9 emoji: Rename :slight_smile: to 😄.
Zulip converts :) to the 1F642 Unicode emoji and promotes the same emoji
in the popular section of the emoji picker.

Previously Zulip has labeled 1F642 as "slight smile". While that name
conforms to the Unicode standard (which describes the code point as
SLIGHTLY SMILING FACE), it didn't match our use case of the emoji.

If a user types :) or selects the first smile in the emoji picker they
probably mean to express a regular "smile" and not a "slight smile",
which raises the question why they are only smiling slightly.

This commit relabels 1F642 as 😄 and our previous 😄 263A as
:smiling_face:. Note that 263A looks different in our three supported
emoji sets, so it is not suited to be our "default smile".

This change does not require a migration since our emoji system stores
both unicode points and names and handles name changes transparently.
2020-07-21 16:49:54 -07:00
SiddharthVarshney a179648f0b compose: Change style of `Press Enter to send` checkbox.
This checkbox style will now be more consistent
with checkboxes used in settings modal.
2020-07-21 13:27:21 -07:00
Alex Vandiver b5f7008728 docs: Document how the desktop application handles certificates.
Zulip Desktop version 5.3.0 only supported adding custom certificates
inside the application.  Starting in version 5.4.0, it also supports
reading from the system certificate store; in the next release (likely
5.5.0) the support for the internal store will be removed.

Document the change, and add explicit instructions on how to add
certificates into the system store on each of the operating systems.

Co-authored-by: Manav Mehta <tmanavmehta@gmail.com>
2020-07-17 23:46:38 -07:00
Steve Howell c60f4236a9 api: Do not require short_name to create user.
When you post to /json/users, we no longer
require or look at the short_name parameter,
since we don't use it in any meaningful way.

An upcoming commit will eliminate it from the
database.
2020-07-17 11:15:15 -07:00
Steve Howell b375581f58 api: Remove (sender_)short_name from message APIs. 2020-07-17 11:15:14 -07:00
Tim Abbott d74664a603 Release Zulip Server 3.0. 2020-07-16 02:13:43 -07:00
Anders Kaseorg c2f9db4602 logo: Update Zulip logo.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-16 01:37:08 -07:00
Anders Kaseorg c080b4da06 favicon: Remove ancient browser workarounds.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-07-15 20:56:58 -07:00
Vishnu KS 788b6a47e8 email_log: Show reply_to address if present. 2020-07-14 00:36:31 -07:00
Tim Abbott 9badb1583d api docs: Clean up a few entries in API changelog. 2020-07-14 00:17:24 -07:00
Tim Abbott 64490b8744 api docs: Remove message_retention_days from unstable features.
This was stabilized in feature level 17.
2020-07-13 17:52:21 -07:00
SiddharthVarshney 476808128c help: Replace chevron with ellipsis.
Update help docs where chevron was previously
mentioned for message controls menu icon.
2020-07-13 16:12:26 -07:00
YashRE42 9046fc1032 navbar: Extract tab_bar anchor out of the search divs.
Prior to commit eb4a2b9d4e the center
area of the navbar was based on a structure that appended crumbs or
"tabs" as <li>s, forming a tab_bar and a tab_list.

However, in eb4a2b9d4e we apply a new
style and structure to the navbar which lets go of the convention of
tabs. Hence, we'd like to purge the tab_bar and tab_list labels from
our code base. This commit pushes us towards that goal.

Previously, this element was part of both searchbox and
searchbox_legacy of which, only one would render based on the flag on
search pills. This wasn't great because:
* it made it likely that someone would change only one of the two and
  unintentionally introduce regressions.
* it meant that search_icon selectors within the searchbox would mess
  with the search_icon elements within the tab_bar, leading us to rely
  on messy CSS overriding.

Since there doesn't seem to be a strong reason to have this be the way
it previously was, this commit extracts "#tab_bar".

It's worth keeping in mind that we use the "#tab_bar" element as an
anchor to append the #tab_list onto.
2020-07-13 15:39:36 -07:00
rht 6b0e354c74 IRC integration: Clarify the doc of requirements.txt installation. 2020-07-13 12:34:20 -07:00
rht 0325d6d18d IRC integration: Update doc to include a cd to the IRC dir. 2020-07-13 12:34:20 -07:00
Tim Abbott 56addb6139 docs: Fix is_home_view type in API changelog. 2020-07-10 00:08:32 -07:00
Gittenburg 5bb10036b5 emoji_picker: Allow selecting multiple while holding Shift.
We detect shift with event.shiftKey so we need to pass the event around.

Fixes #8465.
2020-07-08 13:25:49 -07:00
Rohitt Vashishtha 912e372c4e markdown: Remove !avatar() and !gravatar() syntax.
This particular commit has been a long time coming. For reference,
!avatar(email) was an undocumented syntax that simply rendered an
inline 50px avatar for a user in a message, essentially allowing
you to create a user pill like:

`!avatar(alice@example.com) Alice: hey!`

---

Reimplementation

If we decide to reimplement this or a similar feature in the future,
we could use something like `<avatar:userid>` syntax which is more
in line with creating links in markdown. Even then, it would not be
a good idea to add this instead of supporting inline images directly.

Since any usecases of such a syntax are in automation, we do not need
to make it userfriendly and something like the following is a better
implementation that doesn't need a custom syntax:

`![avatar for Alice](/avatar/1234?s=50) Alice: hey!`

---

History

We initially added this syntax back in 2012 and it was 'deprecated'
from the get go. Here's what the original commit had to say about
the new syntax:

> We'll use this internally for the commit bot.  We might eventually
> disable it for external users.

We eventually did start using this for our github integrations in 2013
but since then, those integrations have been neglected in favor of
our GitHub webhooks which do not use this syntax.

When we copied `!gravatar` to add the `!avatar` syntax, we also noted
that we want to deprecate the `!gravatar` syntax entirely - in 2013!

Since then, we haven't advertised either of these syntaxes anywhere
in our docs, and the only two places where this syntax remains is
our game bots that could easily do without these, and the git commit
integration that we have deprecated anyway.

We do not have any evidence of someone asking about this syntax on
chat.zulip.org when developing an integration and rightfully so- only
the people who work on Zulip (and specifically, markdown) are likely
to stumble upon it and try it out.

This is also the only peice of code due to which we had to look up
emails -> userid mapping in our backend markdown. By removing this,
we entirely remove the backend markdown's dependency on user emails
to render messages.

---

Relevant commits:

- Oct 2012, Initial commit        c31462c278
- Nov 2013, Update commit bot     968c393826
- Nov 2013, Add avatar syntax     761c0a0266
- Sep 2017, Avoid email use       c3032a7fe8
- Apr 2019, Remove from webhook   674fcfcce1
2020-07-07 10:39:44 -07:00
sahil839 7079897119 docs: Add steps for configuring message retention policy in the docs.
This commits adds the steps for configuring message retention policy
for an organization and for individual streams in message retention
policy docs.

Fixes #15495.
2020-07-06 18:55:02 -07:00
Rohitt Vashishtha 3d0a5d28f2 timestamp: Update docs to advertise new syntax and other time formats. 2020-07-06 15:53:56 -07:00
Kartik Srivastava b32e851458 js_examples: Migrate and test get_streams example.
Fixes #15496.
2020-07-01 17:23:30 -07:00
Kartik Srivastava 87787efa81 js_examples: Migrate and test get_events example.
This also adds "queue_id" to the response parameters and in the example
for GET /events in zulip.yaml.
2020-07-01 17:23:30 -07:00
Vishnu KS 4c6350fa4b billing: Add option to request a sponsorship in /upgrade. 2020-07-01 16:45:38 -07:00
Aman Agrawal d2a6d0dfda recent_topics: Move launch button to top left sidebar.
Make dispaly `a` tag a block to so that it is clickable on
anywhere in the button space.
2020-06-29 22:21:23 -07:00
Aman Agrawal f7caab11b4 devtools: Document process to connect to local PostgreSQL database. 2020-06-29 12:31:20 -07:00
Aman Agrawal e56910e22d keyboard_shortcuts: Add hotkeys for recent topics. 2020-06-28 15:03:54 -07:00
Steve Howell 69be97e365 pointer: Remove pointer from API and page_params.
There is still some miscellaneous cleanup that
has to happen for things like analytics queries
and dead code in node tests, but this should
remove the main use of pointers in the backend.

(We will also still need to drop the DB field.)
2020-06-27 16:44:38 -07:00
sahil839 6eb8442a59 invites: Send user_id of the referrer instead of email in invites dict.
We send user_id of the referrer instead of email in the invites dict.
Sending user_ids is more robust, as those are an immutable reference
to a user, rather than something that can change with time.

Updates to the webapp UI to display the inviters for more convenient
inspection will come in a future commit.
2020-06-26 16:57:50 -07:00
orientor f188708b20 attachments: Change data type and make variable names more accurate.
Change variable `name` to `date_sent` as `name` actually stores
the date sent. Also change the data types of `name` and `create_time`
to integer. As they actually have empty decimal value.
2020-06-26 14:39:18 -07:00
Tim Abbott 6412ea6413 api docs: Document changes in API topic encoding. 2020-06-25 14:44:04 -07:00
Tim Abbott 0ecdc663b9 api docs: Correct errors in the stream creation documentation.
* Reordered the settings relevant without stream creation to the top.
* Removed useless/misleading defaults for optional parameters.
* Clarified description of the announce and authorization_errors_fatal settings.
* Clarified that `invite_only` only applies for stream creation.
  (It's annoying to do so for its friends because they are including
   common description content and OpenAPI doesn't have a way to have
   extra content in a place you included something)

Fixes #14705.
2020-06-25 14:34:10 -07:00
Tim Abbott 827a6800e7 emails: Remove useless target=_blank in new login emails.
Email providers will add this attribute before showing HTML emails to
users in any case.
2020-06-25 12:12:46 -07:00
Tim Abbott e46bbf18eb docs: Change next planned major release to 3.0.
After some discussion, everyone seems to agree that 3.0 is the more
appropriate version number for our next major release.  This updates
our documentation to reflect that we'll be using 3.0 as our next major
release.
2020-06-24 16:27:27 -07:00
Kartik Srivastava 3b8ee2a30f js_examples: Migrate and test update_message example. 2020-06-23 14:42:03 -07:00
Kartik Srivastava 8a00b1f1aa js_examples: Migrate and test update_message_flags example. 2020-06-23 14:42:03 -07:00
Kartik Srivastava cc4086e98a js_examples: Migrate and test remove_subscriptions example. 2020-06-23 14:35:08 -07:00
Kartik Srivastava db303ccaef js_examples: Migrate and test add_subscriptions example. 2020-06-23 14:35:08 -07:00
Kartik Srivastava cf6e1de0de js_examples: Migrate and test set_typing_status example. 2020-06-23 14:35:08 -07:00
Kartik Srivastava a1f6540cec js_examples: Migrate and test render_message example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 5a4d31825c js_examples: Migrate and test register_queue example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 4aec4cbfae js_examples: Migrate and test get_users example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 69a7d7fd30 js_examples: Migrate and test get_subscriptions example.
Also, `send_message` example is altered to send a message to the
stream 'social' to avoid getting a "first_message_id: null"
in the response for `get_subscriptions` example, that caused
`validate_against_openapi_schema` to throw an error.
2020-06-23 14:35:07 -07:00
Kartik Srivastava cc7671e602 js_examples: Migrate and test get_stream_topics example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 2c5815edbb js_examples: Migrate and test get_stream_id example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 63127d4990 js_examples: Migrate and test get_own_user example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 4615519d77 js_examples: Migrate and test get_messages example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava 57e27ff7db js_examples: Migrate and test delete_queue example. 2020-06-23 14:35:07 -07:00
Kartik Srivastava f96c86ad63 js_examples: Migrate and test get_custom_emoji example. 2020-06-23 14:35:07 -07:00
Felix a389c7390d calls: Add Big Blue Button as a Video Call Provider.
Big Blue Button needs an API secret so communication to creating a
room has to be done server side.

Fixes #14763.
2020-06-22 16:19:07 -07:00
sahil839 3498287b8c invite: Add docs link next to the user-role dropdown label in invite modal.
This commit adds link to 'roles and permissions' docs next to the
label of user role dropdown in invite modal.
2020-06-21 09:41:46 -07:00
MariaGkoulta b10f156250 settings: Add automatic theme detection feature.
With this implementation of the feature of the automatic theme
detection, we make the following changes in the backend, frontend and
documentation.

This replaces the previous night_mode boolean with an enum, with the
default value being to use the prefers-color-scheme feature of the
operating system to determine which theme to use.

Fixes: #14451.

Co-authored-by: @kPerikou <44238834+kPerikou@users.noreply.github.com>
2020-06-21 01:09:01 -07:00
sahil839 63389b3bd3 invite: Add option to invite user as an organization owner.
We can now invite new users as realm owners. We restrict only
owners to invite new users as owners both for single invite
and multiuse invite link. Also, only owners can revoke or resend
owner invitations.
2020-06-20 23:04:59 -07:00
arpit551 0c6488b284 analytics: Added frontend for messages read over time graph.
The chart added is similar to the messages sent over time chart.

Fixes #15167
2020-06-20 16:52:33 -07:00
SiddharthVarshney e763d30f18 help: Update help docs for ellipsis.
Update help docs where chevron was previously
mentioned for sidebar manu icons.

Add css for `i.zulip-icon` to position icon
properly.
2020-06-20 16:47:43 -07:00
akashaviator 03325bd615 api docs: Document GET /messages/matches_narrow endpoint.
With extensive tweaks from tabbott to provide clear explanations for
the features.
2020-06-19 15:28:10 -07:00
Steve Howell 00e60c0c91 events: Use stream_id for peer_add/peer_remove.
Two things were broken here:
    * we were using name(s) instead of id(s)
    * we were always sending lists that only
      had one element

Now we just send "stream_id" instead of "subscriptions".

If anything, we should start sending a list of users
instead of a list of streams.  For example, see
the code below:

    if peer_user_ids:
        for new_user_id in new_user_ids:
            event = dict(type="subscription", op="peer_add",
                         stream_id=stream.id,
                         user_id=new_user_id)
            send_event(realm, event, peer_user_ids)

Note that this only affects the webapp, as mobile/ZT
don't use this.
2020-06-19 14:48:42 -07:00
orientor 1505f77ca3 openapi: Parse {!api-admin-only.md!} in OpenAPI markdown extension.
Currently, the OpenAPI extension for rendering description in docs
cannot parse {!api-admin-only.md!}. Edit order of markdown extensions
in app_filters.py so that rendering of OpenAPI elements takes place
before substitution of files using `include`.
2020-06-19 11:04:46 -07:00
Tim Abbott 87cca3a234 api docs: Fix more broken URLs in changelog. 2020-06-18 23:09:06 -07:00
Tim Abbott 8db89ae3d0 api docs: Fix links broken by recent merge. 2020-06-18 22:55:08 -07:00
Tim Abbott bfc30e4214 api docs: Improve headings and organization for endpoints.
Mostly, this is a change in ordering to make more sense, but we also
fix several names that were clearly confusing.

We restore the convention that each endpoint has the same title at the
top of the page as what we have in the sidebar menu, which appears to
have been violated in many recent updates to API documentation.
2020-06-18 22:38:05 -07:00
Tim Abbott 9173f32a10 api docs: Fix formatting in changelog.
The CSS changes prevent our API docs markdown processor from
preserving line breaks within inline code block content.
2020-06-18 22:38:05 -07:00
orientor d8ef853545 openapi: Make api-docs filename match with operationIds.
api docs filenames are basically the operationId of their endpoint
in zulip.yaml with `_` replaced by `-`. But some operationIds have
changed, so change the affected filenames. Make changes in other
files accordingly.
2020-06-18 22:38:05 -07:00
Hashir Sarwar 5200598a31 events: Don't send avatar URLs of long term idle users.
This adds a new client_capability that clients such as the mobile apps
can use to avoid unreasonable network bandwidth consumed sending
avatar URLs in organizations with 10,000s of users.

Clients don't strictly need this data, as they can always use the
/avatar/{user_id} endpoint to fetch the avatar if desired.

This will be more efficient especially for realms with
10,000+ users because the avatar URLs would increase the
payload size significantly and cost us more bandwidth.

Fixes #15287.
2020-06-18 21:35:16 -07:00
Vishnu KS cde4486f8c billing: Support switching from monthly to annual plan. 2020-06-18 17:34:03 -07:00
Siddharth Varshney bbb07aed38 portico: Add hint text for invite only realm on /login.
Fixes: #10542

This will make obvious for users what to do when they are not able to login.

Test added by hackerkid.
2020-06-18 17:23:11 -07:00
Tim Abbott f3767b909c docs: Update documentation for retention policy UI.
This still needs a follow-up PR to use our standard systems for
explaining how to access these features.
2020-06-18 17:17:09 -07:00
sahil839 c488a35f10 streams: Add API for changing stream-level message_retention_days.
This commit adds backend support for setting message_retention_days
while creating streams and updating it for an existing stream. We only
allow organization owners to set/update it for a stream.

'message_retention_days' field for a stream existed previously also, but
there was no way to set it while creating streams or update it for an
exisiting streams using any endpoint.
2020-06-18 17:00:15 -07:00
Vishnu KS 98cd52cc3e billing: Mention how the licenses are managed in /billing. 2020-06-18 16:30:48 -07:00
Tim Abbott 1094e533bf docs: Document change in time mention markup. 2020-06-18 14:21:21 -07:00
Dinesh 0445311430 auth: Make apple log in and sign up buttons consistent with others. 2020-06-18 13:06:10 -07:00
Tim Abbott f8ea5f3769 pointer: Remove pointer from GET /users/me.
This cleans up a bit of mess in the Zulip API.
2020-06-18 12:55:59 -07:00
orientor 817ee5c6b2 openapi_docs: Replace `argument` with `parameter`.
The term `parameter` is a better word than `argument` for data passed
to an API endpoint; this is why OpenAPI uses in their terminology.
Replace `argument` with `parameter` in the API docs to improve their
readability.

Fixes #15435.
2020-06-18 09:18:27 -07:00
akashaviator ce571048b9 openapi: Document GET /attachments endpoint. 2020-06-17 18:35:44 -07:00
Tim Abbott a2767e8c50 CVE-2020-14194: Use noopener/noreferrer for external links.
We fixed the main issue of this form in CVE-2020-9444, but the audit
done at that time only included links found in rendered_markdown; this
change completes our audit for links with target=_blank anywhere in
the codebase.
2020-06-16 23:35:39 -07:00
Tim Abbott 4fff858aa2 templates: Fix missing quoting of attributes in HTML templates.
This fixes a bundle of issues where we were missing "" around
attributes coming from variables.  In most cases, the variables were
integers or fixed constants from the Zulip codebase (E.g. the name of
an installed integration), but in at least one case it was
user-provided data that could potentially have security impact.
2020-06-16 23:35:39 -07:00
Clara Dantas ddbde66af5 realm: Remove Google Hangouts integration.
Google  has removed the Google Hangouts brand, thus we are removing
them as video chat provider option.
This commit removes Google Hangouts integration and make a migration
that sets all realms that are using Hangouts as their video chat
provider to the default, jitsi.

With changes by tabbott to improve the overall video call documentation.

Fixes: #15298.
2020-06-16 17:02:27 -07:00
Tim Abbott b0d1386fbb api changelog: Document recent major markdown features. 2020-06-16 16:44:39 -07:00
Rohitt Vashishtha bda2e1c5a7 markdown-timestamp: Document the syntax in /help pages.
We add a separate page to advertise this feature for communities
with people in multiple timezones.
2020-06-16 16:44:39 -07:00
Sara Gulotta 1cb040647b markdown: Add support for spoilers.
This adds support for a "spoiler" syntax in Zulip's markdown, which
can be used to hide content that one doesn't want to be immediately
visible without a click.

We use our own spoiler block syntax inspired by Zulip's existing quote
and math block markdown extensions, rather than requiring a token on
every line, as is present in some other markdown spoiler
implementations.

Fixes #5802.

Co-authored-by: Dylan Nugent <dylnuge@gmail.com>
2020-06-16 16:14:10 -07:00
sahil839 791e5de5de api: Remove is_old_stream property from the stream objects.
This commit removes is_old_stream property from the stream objects
returned by the API. This property was unnecessary and is essentially
equivalent to 'stream_weekly_traffic != null'.

We compute sub.is_old_stream in stream_data.update_calculated_fields
in frontend code and it is used to check whether we have a non-null
stream_weekly_traffic or not.

Fixes #15181.
2020-06-16 10:26:33 -07:00
Dinesh 8fea2d448a docs: Mention apple in various places listing authentication methods. 2020-06-15 18:06:24 -07:00
Aman Agrawal cda7b2f539 deletion: Add support for bulk message deletion events.
This is designed to have no user-facing change unless the client
declares bulk_message_deletion in its client_capabilities.

Clients that do so will receive a single bulk event for bulk deletions
of messages within a single conversation (topic or PM thread).

Backend implementation of #15285.
2020-06-14 22:34:00 -07:00
sahil839 18429cfd29 realm: Allow only owners to set message retention policy for a realm.
This commits adds restriction on admins to set message retention policy.
We now only allow only organization owners to set message retention
policy.

Dropdown for changing retention policy is disabled in UI for admins also.
2020-06-14 21:23:53 -07:00
sahil839 87e72ac8e2 realm: Allow only owners to configure auth methods for a realm.
This commit adds the restriction on configuring auth methods for
admins. We now allow only owners to configure the auth methods
for realm.
2020-06-14 21:23:51 -07:00
SiddharthVarshney 177ec5b2d5 sidebars: Replace chevron with ellipsis-v icon from the sidebars.
The chevron sometime can be confused as an icon for expanding the
stream topics especially for the new users.

This commit replaces the confusing chevron icon from the stream-sidebar,
topic-list, user-presence-row, all-messages and starred-messages with
ellipsis-v icon(vertical three dots).

Fixes: #7115
2020-06-14 20:57:43 -07:00
Aman Agrawal 4aeb02f73d stream_header_colorblock: Create resuable css class.
stream-selection-header-colorblock css class can now be used
to reproduce stream header color block everywhere.
2020-06-13 15:38:40 -07:00
Vishnu KS bc57d9b611 i18n: Don't hardcode zulip.com URLs in translation tags. 2020-06-11 11:09:42 -07:00
Kartik Srivastava 8c39ddfd28 api: Add GET /users/{user_id}/subscription/{stream_id} endpoint.
This new endpoint returns a 'user' dictionary which, as of now,
contains a single key 'is_subscribed' with a boolean value that
represents whether the user with the given 'user_id' is subscribed
to the stream with the given 'stream_id'.

Fixes #14966.
2020-06-10 17:59:14 -07:00
Steve Howell d5cc29755e typing: Accept only user_ids in typing endpoint.
The only clients that should use the typing
indicators endpoint are our internal clients,
and they should send a JSON-formatted list
of user_ids.

We now enforce this, which removes some
complexity surrounding legacy ways of sending
users, such as emails and comma-delimited
strings of user_ids.

There may be a very tiny number of mobile
clients that still use the old emails API.

This won't have any user-facing effect on
the mobile users themselves, but if you type
a message to your friend on an old mobile
app, the friend will no longer see typing
indicators.

Also, the mobile team may see some errors
in their Sentry logs from the server rejecting
posts from the old mobile clients.

The error messages we report here are a bit
more generic, since we now just use REQ
to do validation with this code:

    validator=check_list(check_int)

This also allows us to remove a test hack
related to the API documentation.  (We changed
the docs to reflect the modern API in an
earlier commit, but the tests couldn't be
fixed while we still had the more complex
semantics for the "to" parameter.)
2020-06-10 17:50:32 -07:00
sahil839 81c28c1d3e realm: Allow only organization owners to deactivate a realm.
We now allow only organization owners to deactivate a realm.

'require_realm_owner' decorator has been added for this purpose.
2020-06-10 17:33:02 -07:00
sahil839 86b52ef7bf users: Owners can only be deactivated by other organization owners.
This commit adds restriction on deactivation of organization owners.
Only owners can deactivate other organization owners.
2020-06-10 17:33:02 -07:00
Tim Abbott 5fd7b519b7 templates: Add missing include file for owner-only.md. 2020-06-10 14:35:18 -07:00
Tim Abbott f0d8f60b66 help: Add basic documentation of organization owners. 2020-06-10 14:07:46 -07:00
sahil839 5cc937f670 events: Add 'is_owner' to page_params and raw_users dict of page_params.
This commit adds 'is_owner' field to page_params and also to the
raw_users dict of page_params.
2020-06-10 14:07:38 -07:00
Tim Abbott 6f159ce5c5 templates: Clean up wording around topic moves.
This switches us to cleaner, simpler labels for moving topics; while
also avoiding claiming that we're only allowing moving topics to other
streams.
2020-06-10 12:12:17 -07:00
Tim Abbott 26083e4b10 popovers: Improve label for choosing colors. 2020-06-10 09:55:51 -07:00
Aman Agrawal 9328dc8437 templates: Show Overlay of Recent Topics.
* Show an empty overlay of recent topics.
* Register click event to open recent topics.
* Launch recent topics on "t" keypress.

This is based on the draft overlay.
2020-06-09 22:08:31 -07:00
Aman Agrawal 56b1b6c067 navbar: Add recent topics button.
This commit is kept separate so that we can easily move the
place where the recent topic button should be finally kept.
2020-06-09 22:08:31 -07:00
Ryan Rehman 3dbd346037 message view: Fix position of `loading_older_messages_indicator`.
For narrows where the `.all-messages-search-caution` or
`.history-limited-box` are visible the indicator is not
aligned with `top-messages-logo`.
Now the indicator is rendered in it's appropriate position
instead of overlapping with the text.
2020-06-09 17:43:57 -07:00
Dinesh dc90d54b08 auth: Add Sign in with Apple support.
This implementation overrides some of PSA's internal backend
functions to handle `state` value with redis as the standard
way doesn't work because of apple sending required details
in the form of POST request.

Includes a mixin test class that'll be useful for testing
Native auth flow.

Thanks to Mateusz Mandera for the idea of using redis and
other important work on this.

Documentation rewritten by tabbott.

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
2020-06-09 17:29:35 -07:00
Tim Abbott e242ddc848 page_params: Add community_topic_editing_limit_seconds.
This was previously hardcoded with agreement between the Zulip backend
and frontend as 86400 seconds (1 day).  Now, it's still hardcoded in
the backend, but arranged in a way where we could add a setting
without any changes to the mobile and terminal apps to update logic.

Fixes #15278.
2020-06-09 14:40:12 -07:00
Tim Abbott c6d68bcf18 loading: Remove first_run_message.
I don't believe it's actually been possible for this to be shown in
Zulip in several years; and we just made it more obviously so
(resulting in a linter error).
2020-06-08 23:03:15 -07:00
Tim Abbott 7b8ba5ebd9 docs: Update most remaining references to zulipchat.com.
In some cases, the cleanest tweak is to replace references to the
domain with Zulip Cloud, the product.
2020-06-08 18:10:45 -07:00
Tim Abbott 95be7dcbab portico: Remove mystery hunt landing page.
This was written by Rishi for a very brief purpose a few years ago,
and it doesn't serve much purpose now other than to be a place we
update in code sweeps.
2020-06-08 18:10:45 -07:00
Tim Abbott 71078adc50 docs: Update URLs to use https://zulip.com.
We're migrating to using the cleaner zulip.com domain, which involves
changing all of our links from ReadTheDocs and other places to point
to the cleaner URL.
2020-06-08 18:10:45 -07:00
Anders Kaseorg b1b34b6f6a dev_login: Move owners to the top.
Since owners have the highest privilege level, it made little sense to
sandwich them between administrators and guests.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 17:26:34 -07:00
Anders Kaseorg 6dc24d303e dev_login: Remove extra next parameter from owners too.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 17:26:34 -07:00
sahil839 7de23b8b5c users: Remove short_name and client_id from get_profile_backend.
This commit removes short_name and client_id fields from the user
objects returned by get_profile_backend because neither of them
had a purpose.

* short_name hasn't been present anywhere else in the Zulip API for
  several years, and isn't set through any coherent algorithm.
* client_id was a forgotten 2013-era predecessor to the queue_id field
  returned by the register_event_queue process.

The combination of these changes gets us close to having `get_profile`
have the exact same format as other endpoints fetching a user object.
2020-06-08 17:01:08 -07:00
sahil839 1f5778bad7 users: Refactor get_profile_backend to be based on format_user_row.
This commit changes get_profile_backend to be based on format_user_row
such that it's a superset of the fields for our other endpoints for
getting data on a user.

To be clear, this does not removes any of the exisiting fields, that
were returned by this endpoint.

This change adds some fields to the User object returned by the
endpoint. API docs are updated accordingly for the added fields.
2020-06-08 16:57:44 -07:00
sahil839 2f7d684a84 slack_import: Map slack owners to zulip realm owners.
Slack owners and primary owners will be mapped to zulip
realm owners on import.

Previously, we mapped the owner and primary owner roles of slack
to realm admins in zulip. As we have added ROLE_REALM_OWNER in
8bbc074, we now map slack owners and primary owners to owners in
zulip.

Tests are modified for checking all the 3 cases-
 - Slack workspace primary owner
 - Slack workspace owner
 - Slack workspace admin

This commit also has docs changes in 'import-from-slack.md'.
2020-06-08 16:22:54 -07:00
Anders Kaseorg 139cb8026f auth: Accept next as POST parameter in POST requests.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 11:07:32 -07:00
Tim Abbott f192d69fea help: Document new message editing feature. 2020-06-05 12:31:32 -07:00
Aman Agrawal a096f34cab move_topic_to_stream: Add option to disable breadcrumb messages.
Option to disable breadcrumb messages were given in both message edit
form and topic edit stream popover.

User now has the option to select which stream to send the notification
of stream edit of a topic via checkboxes in the UI.
2020-06-05 12:28:51 -07:00
Wyatt Hoodes 5fe489c5ae dropdown-menu: Remove caret-down icon and fix alignment.
The alignment on narrow windows is also off.  We fix
this spacing issue while we're at it.
2020-06-05 10:56:33 -07:00
Mateusz Mandera 5f3461ab9e docs: Update OneLogin SAML instructions.
OneLogin has removed the app that these instructions used to rely on.
This app choice should be more stable, as there are other providers
that rely on it in their instructions for setting them up with OneLogin.
Ideally, in the future, we'll get our own app added to OneLogin's app
catalogue, which will simplify the setup process for administrators.
2020-06-05 09:37:16 -07:00
Anders Kaseorg 4d04fa3118 compose: Rewrite Zoom video call integration to use OAuth.
This reimplements our Zoom video call integration to use an OAuth
application.  In addition to providing a cleaner setup experience,
especially on zulipchat.com where the server administrators can have
done the app registration already, it also fixes the limitation of the
previous integration that it could only have one call active at a time
when set up with typical Zoom API keys.

Fixes #11672.

Co-authored-by: Marco Burstein <marco@marco.how>
Co-authored-by: Tim Abbott <tabbott@zulipchat.com>
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2020-06-03 16:39:12 -07:00
Anders Kaseorg 7a53da7526 capitalization: Fix OAuth capitalization.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-06-03 16:39:12 -07:00
Tim Abbott 8d9d36cbc7 api docs: Fix whitespace in changelog articles. 2020-06-03 14:30:32 -07:00
Tim Abbott 999554734c docs: Clarify that linkifiers are Python 3 regular expressions.
Also tone down the "contact support" text; we've fixed most of the
issues that led to folks needing to do that.
2020-06-03 14:05:39 -07:00
sahil839 2187c84ed9 stream: Add support for sending user_id to endpoint when subscribing users.
This commit modifies the backend to accept user ids when subscribing
users to streams.

It also migrates all existing tests to use this API, aside from a
small set of tests for the legacy API.
2020-06-01 15:59:04 -07:00
sahil839 9ef1c5b1a6 users: Add is_owner field to user objects returned by get endpoints.
This commit adds 'is_owner' field to the user object returned by
'/users', 'users/{user_id}', and '/users/me' endpoints.
2020-06-01 15:33:51 -07:00
Sharif Naas cf8c1cb357 docs: Fix typo in status-and-availability.md. 2020-06-01 15:27:48 -07:00
sahil839 bd9e891e1c dev_login: Change dev env login page to show Desdemona as owner.
This commits changes the dev login page to show Desdemona as
owner.
2020-06-01 15:22:44 -07:00
Sharif Naas 5d0a119e7d team: Fix inaccurately specific sentence.
This page lists contributors across several Zulip codebases, not just
the server.
2020-06-01 12:56:56 -07:00
sahil9001 328caf1ad5 api: Simplify format of realm_emoji author data.
There's no reason to send data beyond the user `id` of the uploader,
and reason not to, as the previous model was both awkward when
`author=None` and resulted in unecessary parsing complexity for
clients.

Modified by tabbott to add the frontend changes and API documentation.

Fixes #15115.
2020-05-31 17:44:50 -07:00
sahil839 2ab6767b73 events: Update person dict in event for do_change_user_role to send role.
This commit changes the person dict in event sent by do_change_user_role
to send role instead of is_admin or is_guest.

This makes things much more straightforward for our upcoming primary
owners feature.
2020-05-31 17:22:50 -07:00
orientor 1f982f68d2 api_docs: Change `zulipchat.com` links to relative internal links. 2020-05-29 15:04:50 -07:00
orientor d2ee99a2fd openapi: Add markdown extension for rendering return values in API docs.
Currently response return values have to be written twice, once in
the docs and once in zulip.yaml. Create a markdown extension so
that the return values in api docs are rendered using content from
zulip.yaml
2020-05-29 15:02:56 -07:00
sahil839 9fa60672e6 users: Modify update user API endpoint to accept role as parameter.
This commit changes the update user API endpoint to accept role
as parameter instead of the bool parameters is_guest and is_admin.

User role dropdown in user info modal is also modified to use
"dropdown_options_widget".

Modified by tabbott to document the API change.
2020-05-29 14:29:17 -07:00
Tim Abbott 4d2b1673f8 docs: Replace support@zulipchat.com with support@zulip.com.
The new address is cleaner and shorter.
2020-05-28 08:14:30 +00:00
Mateusz Mandera 501e7c44dc docs: Add instructions for SAML with Okta/OneLogin in /help/.
Tweaked by tabbott to shift how this is organized.
2020-05-28 08:14:30 +00:00
Steve Howell 43e5b2d28b right sidebar: Remove "GROUP PMs" section.
We remove the "GROUP PMs" section that used
to be in the lower right sidebar.

Most of this is straightforward code removal.

A couple quick notes:

    - The message fetching code now just
      calls `huddle_data.process_loaded_messages`,
      which we still need for search suggestions.
      We removed `activity.process_loaded_messages`.

    - The `huddle_data.process_loaded_messages`
      function no longer needs to return `need_resize`.

    - In `resize.js` we now just calculate
      `res.buddy_list_wrapper_max_height` directly
      from `usable_height`.
2020-05-27 17:57:50 -07:00
SiddharthVarshney 2b9a79bb19 portico: Use green btn for `call-to-action-bottom` button.
This button will now look similar in design as we have on
our /app page.

Fixes: #15077
2020-05-27 16:30:03 -07:00
clarammdantas edcf4f0ea2 invitations: Revoke remaining invitations after user registers.
If a user receives more than one invite to join a
realm, after that user registers, all the remaining
invitations should be revoked, preventing them to be
listed in active invitations on admin panel.
To do this, we added a new prereg_user status,
STATUS_REVOKED.

We also added a confirmation_link_expired_error page
in case the user tries click on a revoked invitaion.
This page has a link to login page.

Fixes: #12629

Co-authored-by: Arunika <arunikayadav42@gmail.com>
2020-05-27 15:37:16 -07:00
Alex Vandiver be2b8827e1 docs: Inter-link documentation mentioning guests.
Make it easier to understand what guests are allowed to do, and how to
make them, by cross-linking the documentation which mentions them.
2020-05-27 13:32:55 -07:00
orientor 4096e0e6b9 openapi_responses: Fix list_subscriptions. 2020-05-27 13:15:51 -07:00
orientor 1b94d30efe openapi_responses: Fix update_stream. 2020-05-27 11:23:14 -07:00
orientor d34a25d4c9 openapi_responses: Fix delete_stream. 2020-05-27 21:29:03 +05:30
Tim Abbott 23f0b3bc45 landing: Fix responsive styling for navbar custom messages.
The previous styling was brittle and ended up breaking in very small
phone-size views with the text overflowing the boundaries of the page.

The right fix is to move those heading outside the portico-header
class, since the CSS for that isn't generally appropriate here.
2020-05-26 22:58:02 -07:00
Tim Abbott 2091b14764 plans: Send users to /new rather than /upgrade if not logged in.
We can't take users to /upgrade if they aren't on the page for a given
realm/organization.
2020-05-26 22:34:28 -07:00
Ryan Rehman c4e59309e4 navbar: Refactor `#searchbox`.
Along with various style fixes for the search pills
enabled case, this de-duplicates the css.
2020-05-26 22:04:36 -07:00
sahil9001 94dfe4bed3 portico: Fix apps page webapp link being useless.
The /apps page webapp link now takes the user to /accounts/go to find
their organization's login page, rather than failing to do anything.

Fixes #14977.
2020-05-26 21:50:31 -07:00
Tim Abbott 368e9572cc billing: Clean up copy on free trial pages.
This fixes some issues with unclear terminology and visual styling in
the pages for the new free trial.

There's probably more we can and should usefully do in the future.
2020-05-26 21:31:07 -07:00
Vishnu KS be831e0085 free trial: Hide free trial message during payment processing. 2020-05-26 17:01:32 -07:00
Vishnu KS 8784539d53 free trial: Send users to /upgrade after realm creation. 2020-05-26 17:01:32 -07:00
Ryan Rehman 77a26d41ae message view: Show indicator while fetching new messages.
We already have a loading indicator for fetching older
messages. Thus it makes sense to implement the same
for displaying newer messages.

We set the display of `bottom-messages-logo` to none,
to prevent displaying two loading indicators during
the initial message load.

Fixes #15060.
2020-05-26 15:21:42 -07:00
Ryan Rehman 9c733b42df minor: Rename loading_more_messages_indicator.
`loading_more_messages_indicator` is renamed to
`loading_older_messages_indicator`.

This is a prep commit to introduce
`loading_newer_messages_indicator`.
2020-05-26 15:21:42 -07:00
YashRE42 669f482b0d icons: Switch from text-o to code-o for view source / edit topics.
This commit replaces fa-file-text-o with fa-file-code-o which is a
better signal for the "view source" action. It also deletes a single
line comment that had suggested the change once we moved into font
awesome 4, which Aditya Bansal <adi.bansal241996@gmail.com> helped
out in doing, first via
91962aa6ab and most recently via
75ae94e459 with several commits in
between.
2020-05-25 16:19:50 -07:00
Vishnu KS ad99bba121 billing: Add emojis to /upgrade page. 2020-05-24 17:35:17 -07:00
Vishnu KS 8b3eb9a846 landing: Add option to show custom navbar message. 2020-05-24 17:34:03 -07:00
Tim Abbott e59a2a23c3 portico: Fix a few issues with /for/research. 2020-05-20 17:57:22 -07:00
Tim Abbott ef1cdf87ce portico: Add first a quote to /for/research.
We'll add more later, at which point we'll need to add the carousel
widget, but this is the first one that came in.
2020-05-20 17:47:01 -07:00
Tim Abbott 39be75e06d portico: Add draft /for/research page.
Currently unlinked as this is pretty rough and needs feedback.
2020-05-20 17:20:27 -07:00
Rohitt Vashishtha 1e4ad0bdfc js-api: Migrate and test send-message example. 2020-05-20 10:18:29 -07:00
Rohitt Vashishtha 203b722624 js-api: Migrate and test create-user example. 2020-05-20 10:18:29 -07:00
Kartik Srivastava 83f975e57e api docs: Document POST /users/{user_id}/reactivate endpoint. 2020-05-19 23:10:50 -07:00
Vishnu Ks 66b1ad7002 billing: User FREE_TRIAL_DAYS instead of FREE_TRIAL_MONTHS. 2020-05-16 14:52:01 -07:00
Tim Abbott 35139ac559 api: Remove email field from realm_user and realm_bot events.
The `email` field for identifying the user being modified in these
events was not used by either the webapp or other official Zulip
clients.  Instead, it was legacy data from before we switched years
ago to sending user_id fields as the correct way to uniquely identify
a user.
2020-05-12 17:46:13 -07:00
Tim Abbott 779daa5374 help: Suggest restarting server during Slack import.
This reduces the risk of folks running into OOM kills when going
through the data import process on servers with a minimal 2GB of RAM.
2020-05-12 13:24:10 -07:00
clarammdantas 7e9024a39c popovers.js: Add version to user avatar request.
When a user changes its avatar image, the user's avatar in popovers
wasn't being correctly updated, because of browser caching of the
avatar image.  We added a version on the request to get the image in
the same format we use elsewhere, so the browser knows when to use the
cached image or to make a new request to the server.

Edited by Tim to preserve/fix sort orders in some tests, and update
zulip_feature_level.

Fixes: #14290
2020-05-12 11:09:01 -07:00
Vishnu KS 8fb1f2af58 billing: Support downgrading plan from /billing page. 2020-05-11 17:20:54 -07:00
Vishnu KS f1b1bf5a0d billing: Add support for Zulip Standard free trial. 2020-05-11 17:20:54 -07:00
Aman Agrawal 7197a7ac68 message_edit: Add support for changing stream of a message.
* This feature is currently only visible to admins.
* Locally echoed messages are also updated.
* Add UI for editing stream if user is admin.
* Show propagate mode selector if either stream or topic changed.
2020-05-11 16:25:47 -07:00
Steve Howell 155f6da8ba bots: Add owner_id to bot-related payloads.
For the below payloads we want `owner_id` instead
of `owner`, which we should deprecate.  (The
`owner` field is actually an email, which is
not a stable key.)

    page_params.realm_bots

    realm_bot/add

    realm_bot/update

IMPORTANT NOTE: Some of the data served in
these payloads is cached with the key
`bot_dicts_in_realm_cache_key`.

For page_params, we get the new field
via `get_owned_bot_dicts`.

For realm_bot/add, we modified
`created_bot_event`.

For realm_bot/update, we modified
`do_change_bot_owner`.

On the JS side, we no longer
look up the bot's owner directly in
`server_events_dispatch` when we get
a realm_bot/update event. Instead, we
delegate that job to `bot_data.js`.
I modified the tests accordingly.
2020-05-11 16:16:58 -07:00
Rohitt Vashishtha e065f51824 docs: Remove duplicate content from deploying-bots.md. 2020-05-11 13:42:22 -07:00
Rohitt Vashishtha 2ad55ef11b slack-import: Update docs to reflect the removal of Slack legacy tokens.
This commit deatails how users can generate the new type of APi tokens
by creating a new slack app with the correct scopes specified.

Fixes #14963.
2020-05-11 13:41:50 -07:00
Tim Abbott a0c2121958 docs: Advertise Slack-compatible webhook a bit.
This should make it discoverable enough that users will try it out and
send us feedback.
2020-05-11 00:07:28 -07:00
Siddharth Varshney d1d012c1c4 desktop-login: Use zulip design styles for desktop-login.
Fixes: #14827
2020-05-10 23:05:19 -07:00
Anders Kaseorg 8cdf2801f7 python: Convert more variable type annotations to Python 3.6 style.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-08 16:42:43 -07:00
Aman Agrawal 898e717b9d register:api: Provide additional fields that can be useful to clients.
Fixes #14166

* Bumped the api version to feature level 4.
See https://github.com/zulip/zulip/issues/14166#issuecomment-598961462
for details about implementation and future steps.
2020-05-08 14:54:54 -07:00
Aman Agrawal 0c2b25cab3 home/page_params: Add suffix `_mib` to clarify the size units.
The docs say "megabytes" or "MB", but client software needs to
know the actual meaning, which is in mebibytes.
2020-05-08 14:54:54 -07:00
Tim Abbott a920544bc3
invite emails: Ensure user-controlled input is always in links.
Popular email clients like Gmail will automatically linkify link-like
content present in an HTML email they receive, even if it doesn't have
links in it.  This made it possible to include what in Gmail will be a
user-controlled link in invitation emails that Zulip sends, which a
spammer/phisher could try to take advantage of to send really bad spam
(the limitation of having the rest of the invitation email HTML there
makes it hard to do something compelling here).

We close this opportunity by structuring our emails to always show the
user's name inside an existing link, so that Gmail won't do new
linkification, and add a test to help ensure we don't remove this
structure in a future design change.

Co-authored-by: Anders Kaseorg <andersk@mit.edu>
2020-05-08 14:02:41 -07:00
Steve Howell ac2d7fef56 docs: Fix recent regression with server-settings.
We just needed a blank line after the "Changes"
paragraph.  Otherwise, the list formatting gets
all messed up.
2020-05-08 06:49:32 -04:00
Tim Abbott d1694564b4 help: Clarify only server administrators can restore deletions. 2020-05-06 15:54:42 -07:00
Mateusz Mandera 8da8b7da41 docs: Fix typo in message-retention-policy.md. 2020-05-06 13:21:00 -07:00
Tim Abbott 6fa74c7ab2 help: Document we just use email for billing. 2020-05-05 16:02:29 -07:00
Vishnu Ks 9a8d0ca9fe docs: Recommend contact page over email wherever possible.
With a few tweaks from tabbott to preserve the enthusiasm for feedback
and de-emphasize twitter as a channel (we give better support
elsewhere).
2020-05-05 15:57:54 -07:00
Tim Abbott b9098a42d4 messages: Allow moving a topic to another stream.
This completes the implementation of support for moving a topic to
another stream by adding a basic UI for it.

Fixes #6427, which was previously the most-upvoted issue request in
Zulip.

There are likely to be a bunch of follow-up UI improvements on top of
this change to fully flesh out the feature.
2020-05-04 10:03:03 -07:00
Tim Abbott 87ddd73dcb help: Add article for how to get support.
This page isn't polished properly and I'm not sure it's the best
decision tree here, but it's definitely better to have this page than
not, and we can always adjust forward.

Fixes #10033.
2020-05-04 09:38:36 -07:00
Tim Abbott f4489c381c docs: Document message retention policies.
We've completed the production performance testing that had been
blocking us from advertising this feature, so we're declaring the
feature implemented by documenting it.

As of this commit, you need to edit fields using `manage.py shell` to
configure it and manually configure the cron job, but those should be
addressed in the next few days.

Fixes #106.
2020-05-03 23:52:04 -07:00
Hashir Sarwar 55a8e7dff2 settings: Offer hiding presence info from other users.
For privacy-minded folks who don't want to leak the
information of whether they're online, this adds an
option to disable sending presence updates to other
users.

The new settings lies in the "Other notification
settings" section of the "Notification settings"
page, under a "Presence" subheading.

Closes #14798.
2020-05-02 15:09:05 -07:00
Dinesh 5c1fe776c3 auth: Extend the template for "choose email" in GitHub auth flow.
This commit extends the template for "choose email" to mention for
users who have unverified emails that they need to verify them before
using them for Zulip authentication.

Also modified `social_auth_test_finish` to assert if all emails
are present in "choose email" screen as we need unverified emails
to be shown to user and verified emails to login/signup.

Fixes #12638 as this was the last task for that issue.
2020-05-02 14:30:31 -07:00
jagansivam28 bbf5a5efed invitation: Make Member to see invitations sent by him/her.
Member of the org can able see list of invitations sent by him/her.
given permission for the member to revoke and resend the invitations
sent by him/her and added tests for test member can revoke and resend
the invitations only sent by him/her.

Fixes #14007.
2020-05-01 17:42:49 -07:00
jagansivam28 fc107d2c24 icon: Change icon for 'Invitations' from 'fa-user' to 'fa-user-plus'. 2020-05-01 17:29:45 -07:00
Anders Kaseorg a552c2e5f9 auth: Use the clipboard instead of zulip:// for desktop auth flow.
This does not rely on the desktop app being able to register for the
zulip:// scheme (which is problematic with, for example, the AppImage
format).

It also is a better interface for managing changes to the system,
since the implementation exists almost entirely in the server/webapp
project.

This provides a smoother user experience, where the user doesn't need
to do the paste step, when combined with
https://github.com/zulip/zulip-desktop/pull/943.

Fixes #13613.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-04-30 16:45:00 -07:00
vaibhavrajsingh2001 6292e96e4b i18n: Add translation tags to missed-message emails.
This fixes missing translation tags in our missed-message emails,
which is surely the most user-facing part of the production that
wasn't internationalized.

Fixes: #14398
2020-04-30 16:11:47 -07:00
Siddharth Varshney de47262518 sidebar: Rename classes for menu icons in sidebars. 2020-04-30 10:56:09 -07:00
vaibhavrajsingh2001 e3e7b0a6dd i18n: Add translation tags to digest emails. 2020-04-29 17:04:48 -07:00
Tim Abbott de22da768d api docs: Fix typo s/emoji_type/reaction_type. 2020-04-29 16:03:05 -07:00
Steve Howell 2c63130195 api: Always return zulip_version/zulip_feature_level.
We no longer make these conditional to simplify writing clients;
there's no cost to including them, and a real cost to not doing so.
2020-04-29 11:58:22 -07:00
Jagan 805ac2475b settings: Redesign edit bot form.
This removes the weird edit-bot sidebar, replacing it with a modal,
matching our edit-user widget (and various similar ones).

Fixes #13644 by removing the buggy code.
2020-04-28 23:08:45 -07:00
Tim Abbott cbe0723199 api docs: Add an API changelog page.
I imagine this can be improved in various ways, but I've initialized
this with all the **Changes** entries recorded in either zulip.yaml or
the rest of the API documentation, and I expect we'll be able to
iterate on this effectively.

It'll also be useful as a record of changes that we should remember to
document the API documentation as we document more endpoints that
currently don't discuss these issues.

While working on this, I fixed various issues where feature levels
could be mentioned or endpoints didn't properly document changes.
2020-04-28 22:23:25 -07:00
Steve Howell cf78cb0d6e templates: Use `<hr>` and `<br>` consistently.
We now prevent these variations:

    * <hr/>
    * <hr />
    * <br/>
    * <br />

We could enforce similar consistency for other void
tags, if we wished, but these two are particularly
prevalent.
2020-04-28 17:05:48 -07:00
orientor 4d8c988ef2 openapi: Use description markdown for rendering endpoint descriptions.
Firstly, change endpoint descriptions in zulip.yaml so that they
match their counterpart in the api docs. Then edit the api docs
so that they use api description markdown extension for displaying
endpoint description.
2020-04-28 12:57:19 -07:00
orientor 64c6bab276 openapi: Create markdown extension for rendering endpoint descriptions.
Add function in openapi.py to access endpoint descriptions written
in zulip.yaml. Use this function for creating a markdown extension
for rendering endpoint descriptions written in zulip.yaml.

We use this extension for a single endpoint to get test coverage.
2020-04-28 12:57:19 -07:00
rebtung f7fbe3419f api: Improve consistency of reactions API.
Previously, the message and event APIs represented the user differently
for the same reaction data. To make this more consistent, I added a
user_id field to the reaction dict for both messages and events. I
updated the front end to use the user_id field rather than the user
dict. Lastly, I updated front end and back end tests that used user
info.

I primarily tested this by running my local Zulip build and
adding/removing reactions from messages.

Fixes #12049.
2020-04-26 10:35:55 -07:00
Dinesh 2735860f01 browser_support: Drop support for Internet Explorer.
Internet Explorer does not support `position: sticky` which improves
floating recipient bar behavior during scrolling which is one of the
issues blocking PR #9910.
IE also does not support some features that modern browsers support
hence may not super well.
This commit adds an error page that'll be displayed when a user logs
in from Internet Explorer. Also, a test is added.
2020-04-23 17:50:28 -07:00
Tim Abbott 703fae8980 send_custom_email: Use a special .gitignored directory.
Previously, the send_custom_email code path leaked files in paths that
were not `.gitignored`, under templates/zerver/emails.

This became problematic when we added automated tests for this code
path, as it meant we leaked these files every time `test-backend` ran.

Fix this by ensuring all the files we generate are in this special
subdirectory.
2020-04-21 16:50:11 -07:00
Hashir Sarwar e3b90a5ec8 api: Add a monotonic integer "feature level" for non-webapp clients.
The purpose is to provide a way for (non-webapp) clients,
like the mobile and terminal apps, to tell whether the
server it's talking to is new enough to support a given
API feature -- in particular a way that

* is finer-grained than release numbers, so that for
features developed after e.g. 2.1.0 we can use them
immediately on servers deployed from master (like
chat.zulip.org and zulipchat.com) without waiting the
months until a 2.2 release;

* is reliable, unlike e.g. looking at the number of
commits since a release;

* doesn't lead to a growing bag of named feature flags
which the server has to go on sending forever.

Tweaked by tabbott to extend the documentation.

Closes #14618.
2020-04-21 13:37:57 -07:00
Tim Abbott 06af152145 api docs: Update GET /users to properly discuss bot_owner_id.
This both documents changes in Zulip 2.2 to change this to
bot_owner_id.
2020-04-18 15:30:28 -07:00
Anders Kaseorg d33abba687 base: Fix jinja2.exceptions.UndefinedError on Python ≥ 3.7.
Python 3.7 changed dict.update to avoid swallowing exceptions when
checking for the keys attribute (https://bugs.python.org/issue31572).
This broke {}.update(jinja2.Undefined()).

Fix it with an explicit default.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-18 05:35:51 -07:00
YashRE42 eb4a2b9d4e navbar: Improve structure & styling for top navbar.
This updates the logged-in top navbar to display the stream/message
name, number of users, and description. It also replaces the search
bar with a search icon that expands into a full-width search bar.

Co-authored-by: Max Nussenbaum <max@maxnuss.com>

Fixes: #164.
Fixes: #5198.
2020-04-17 13:35:44 -07:00
orientor bcb8def308 openapi: Use serialized response codes instead of descriptive ones.
Openapi had descriptive response codes for endpoints with multiple
responses for same response code. But this does not fall in line
with openapi specifications. So change descriptive response codes
like "400_auth" and "400_anauth" to "400_0" and "400_1" for all
such endpoints. Also make the necessary changes in openapi.py so
as to be able to read the schema in such cases and generate example
in such cases.
2020-04-17 11:49:58 -07:00
Vishnu KS a9c1fa25d6 upgrade: Set the default billing period to monthly. 2020-04-17 08:57:15 -07:00
Siddharth Varshney 3e78b3cdc3 help: Add doc for restricting users to change their profile pic.
Fixes part of #14298.
2020-04-16 20:30:30 -07:00
Siddharth Varshney e03176b272 help: Add doc for setting profile picture back to gravatar. 2020-04-16 20:27:52 -07:00
Siddharth Varshney cacf7bb7d4 help: Add docs for who can create and manage user groups.
Part of addressing #14298.
2020-04-16 20:24:01 -07:00
Vishnu KS 3f94195d51 billing: Show appropriate message when not on a paid plan. 2020-04-16 19:28:37 -07:00
vaibhavrajsingh2001 2a212b3300 docs: Add documentation for weekly digest emails.
Added documentation explaining the digest emails feature and how to
disable it, along with a link to the /digest.

Resolves: #14136
2020-04-15 15:38:39 -07:00
Tim Abbott 8f57ec80f6 help: Add KaTeX links explaining how our LaTeX formatting works.
Also improve the headings for it.

Fixes #14568.
2020-04-13 15:55:39 -07:00
Tim Abbott 59937ec9fa scripts: Rename inline-email-css to inline_email_css.py.
This is a preparatory step for making it a module that we can import
and call from other code.
2020-04-10 15:29:47 -07:00