initialize() is called on every request, and stored the
`RequestHandler` (and thus `HTTPServerRequest`) in a global shared
dict. However, the object is only removed from that structure if the
request was successful. This means that failed requests (such as 405
Method Not Allowed) leaked `RequestHandler`s and
`HTTPServerRequest`s.
Move the cleanup to `on_finish`, which is called at the close of all
requests, async and not, successful or not.
While the Tornado server supports POST requests, those are only used
by internal endpoints. We only support OPTIONS, GET, and DELETE
methods from clients, so filter everything else out at the nginx
level.
We set `Accepts` header on both `OPTIONS` requests and 405 responses,
and the CORS headers on `OPTIONS` requests.
These are not part of the API, and lead to moderately confusing
behaviour -- they block (or not) requested, but of course send no
actual data in the body.
* For free trial, don't show number of licenses for current billing period.
* For free trial scheduled to downgrade, don't show number of
licenses for next billing period.
We now pass empty string as stream name instead of undefined when
passing the narrow operands to make sure we show an invalid narrow
instead of error. We do same thing for drafts.
We also need to add a check to make sure narrow_state.stream_sub
is defined before accessing stream_id field in the code to filter
scheduled messages for a narrow.
This commit adds code to consider inaccessible users as active
for user pills as we do not have any information about whether
they are active or not. We do not want to incorrectly show
"deactivated" for inaccessible users.
This commit adds code to not show typing notifications for inaccessible
users as the user would not have any information even if we show them
as the name shown would be "Unknown user".
We do not allow users to send messages to inaccessible users.
We already do not show them in DM recipient typeahead and this
commit makes sure that an appropriate error is shown if user
somehow creates the pill for inaccessible user by typing the
email.
Inaccessible user names are shown as "Unknown user" in the
reacted users list and tooltip.
This commit removes the call to `is_known_user_id` since we
may have reactions data from inaccessible users. And it is
fine to remove the `is_known_user_id` call anyways, because
it was added to ignore showing reactions from deactivated
users when the client did not have data about them, but now
the client has data about deactivated users.
So we anyways do not expect unknown user IDs in cases
other than inaccessible users for which we have to show
the reactions by showing their name as "Unknown user".
This commit also updates the comment for "is_known_user_id"
function accordingly.
We do not update the name for mention pills of inaccessible users
and keep it same as it was in the message content, and we show
the "Unknown user" popover on clicking the pill.
This commit sets the client capability value to not pass
unknown users data in the webapp and also does some changes
to avoid errors while loading the web-app home page.
This commit only does some basic webapp changes to not show
inaccessible users in sidebar and we would need need more
changes to make the web-app work as expected which will be
done in further commits.
Adds `user.realm.string_id` as the realm name to the base payload
for notifications. Uses this realm name in the body of the alert
in the `apns_data`.
Changes the event string from "test-by-device-token" to "test".
Fixes#28075.
We need to manually process the parameters from request.body
since PATCH parameters are present in body and pass it in
`request.POST` to allow PATCH requests via `update_plan_for..` to
work.