Commit Graph

5168 Commits

Author SHA1 Message Date
Anders Kaseorg 2163cb7770 popovers: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-10 16:50:48 -07:00
Anders Kaseorg 0006f4a90c audible_notifications: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-10 16:50:07 -07:00
Aman Agrawal 577a384845 overlays: Extract modal methods in separate file. 2023-10-10 16:43:57 -07:00
Aman Agrawal 63c1c9a37a overlays: Extract enable / disable scrolling to a util module. 2023-10-10 16:43:57 -07:00
Anders Kaseorg 325b308ed5 about_zulip: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-10 13:20:31 -07:00
Anders Kaseorg 881da05cd3 stream_settings_ui: Extract stream_settings_components module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-10 12:09:15 -07:00
Anders Kaseorg 1d43a4cccb stream_edit: Extract toggler to new stream_edit_toggler module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 23:19:59 -07:00
Anders Kaseorg 3cac29a8e1 settings_org: Extract settings_components module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 17:26:49 -07:00
Anders Kaseorg 8f564749bb dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 14:16:23 -07:00
Anders Kaseorg 835ee69c80 docs: Fix grammar errors found by mwic.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 13:24:09 -07:00
Anders Kaseorg 5327bcc5ac user_group_settings_ui: Merge into user_group_edit.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-09 10:58:50 -07:00
Anders Kaseorg 27991bd5b0 topic_zoom: Merge into stream_list.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 19:43:55 -07:00
Anders Kaseorg 564e91f3a8 narrow: Cut import of hashchange.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 19:41:59 -07:00
Anders Kaseorg ba1895cb1c notifications: Rename to desktop_notifications.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 16:22:40 -07:00
Anders Kaseorg fcaf1fe7d5 notifications: Split out audible_notifications module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 16:22:40 -07:00
Anders Kaseorg 6ef08873d8 notifications: Split out compose_notifications module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 16:22:40 -07:00
Anders Kaseorg db20fd12e0 notifications: Split out message_notifications module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 16:22:40 -07:00
Anders Kaseorg 971a003180 compose_actions: Extract compose_reply module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 09:07:43 -07:00
Anders Kaseorg 9c70f92514 reload: Move initialize to new reload_setup module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 08:34:39 -07:00
Anders Kaseorg c4d338a6ab drafts: Extract drafts_overlay_ui module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-06 08:30:31 -07:00
Anders Kaseorg d5064fc7b2 narrow: Extract narrow_title module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-05 16:26:45 -07:00
Anders Kaseorg e8a2a5ce36 compose: Move initialize to new compose_setup module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-05 14:42:19 -07:00
Anders Kaseorg 6e725f0d17 compose: Move call link insertion to new compose_call_ui module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-05 14:42:19 -07:00
Anders Kaseorg ac8436d46c resize: Move handler to new resize_handler module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-05 09:26:59 -07:00
Alex Vandiver 89f824c769 update-prod-static: Only run generate_landing_page_images if necessary.
The vast majority of deployments do not need landing page assets
generated every deploy, which takes more than 15s.  This also removes
them from built tarballs, which also do not need them.
2023-10-05 09:04:33 -07:00
Alex Vandiver 369eea27ba provision: Tweak comment to not just mention static assets. 2023-10-05 09:04:33 -07:00
Aman Agrawal 75826d8409 handlebars: Move popover handlebars to a new popovers folder.
Organize related handlebars in a new folder together.
2023-10-05 08:19:49 -07:00
Aman Agrawal 3415a6898c user_card_popover: Rename `_title` suffix to `_avatar`. 2023-10-05 08:19:49 -07:00
Mateusz Mandera f71e2c8247 support: Add basic support endpoint for remote servers. 2023-10-04 16:55:47 -07:00
Aman Agrawal 9388db83dd update-prod-static: Generate landing page when updating prod instance. 2023-10-04 15:54:57 -07:00
Aman Agrawal a6fbf570cd provision_inner: Add a reminder to check for production needs.
This script is not run in production. Help developers remind
that.
2023-10-04 15:54:57 -07:00
Anders Kaseorg b4878d4f0b stream_edit: Move set_stream_property to new stream_settings_api module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-04 13:04:50 -07:00
Prakhar Pratyush 28fb5ea24d settings: Add UI for automatically follow and unmute topics settings.
This commit adds two drop-down settings in 'SETTINGS / NOTIFICATIONS'
and 'SETTINGS / DEFAULT USER SETTINGS'.

The new settings lie in a new section named "Topic notifications",
just below the "Noification triggers" section.

Label: "Automatically follow topics"
Options: "Topics I participate in", "Topics I send a message to",
"Topics I start", and "Never".

Label: "Automatically unmute topics in muted streams"
Options: "Topics I participate in", "Topics I send a message to",
"Topics I start", and "Never".

Fixes #25914.
2023-10-04 13:04:29 -07:00
Prakhar Pratyush 58568a60d6 settings: Add automatically follow and unmute topics policy settings.
This commit adds two user settings, named
* `automatically_follow_topics_policy`
* `automatically_unmute_topics_in_muted_streams_policy`

The settings control the user's preference on which topics they
will automatically 'follow' or 'unmute in muted streams'.

The policies offer four options:
1. Topics I participate in
2. Topics I send a message to
3. Topics I start
4. Never (default)

There is no support for configuring the settings through the UI yet.
2023-10-04 13:04:29 -07:00
Anders Kaseorg ac38aaad21 scheduled_messages: Move UI to new scheduled_messages_ui module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 17:56:43 -07:00
Anders Kaseorg d4a93aa05a popover_menus: Extract compose_popovers module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 11:58:29 -07:00
Anders Kaseorg d01db0f5a0 popover_menus: Extract left_sidebar_navigation_area_popovers module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 11:58:29 -07:00
Anders Kaseorg dd6676f16e popover_menus: Extract user_topic_popover menus.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 11:58:29 -07:00
Anders Kaseorg 825fb8cef5 popover_menus: Extract topic_popover module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 11:58:29 -07:00
Anders Kaseorg 16e2a32c4c popover_menus: Extract message_actions_popover module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 11:58:29 -07:00
Anders Kaseorg 26e34a163e popover_menus: Extract scheduled_messages_popover module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 11:58:22 -07:00
Eeshan Garg f3465dea08 demo-orgs: Add UI for converting to permanent organization.
Adds warning banner to the organization settings overlay/tabs
for demo organizations. For owners, clicking on the link in the
banner opens a modal to convert the demo organization into a
permanent organization.

For admins that are not owners, clicking on the link will go
to the help center article on demo organizations.

Non-admin users will not see the warning banner.

The modal for converting a demo organization requires the owner
to have set their email address. Once the owner's email address
is set, then the organization can be made permanent by changing
the subdomain of the organization. The deletion date for the
demo organization will be removed as part of updating the
subdomain.

The organization owner must also have updated the organization
type to be any value other than unsepecified to convert the
demo organization to a permanent organization. The modal's
submit button will be disabled if that is the value for the
organization type in the form. The demo organizations created
in the dev environment now have their organization type set to
unspecified on creation.

This is a part of #19523.

Co-authored by: Lauryn Menard <lauryn@zulip.com>
2023-10-03 09:11:41 -07:00
Lauryn Menard 6ad3ec0891 check-schemas: Add list of deprecated events in OpenAPI documentation.
In commit 268f858f3, we removed the "realm_filters" event from the
schemas that we test in `zerver/lib/event_schemas.py`, but the event
is still documented (as deprecated) in the api/get-events doc.

Updates `tools/check_schemas` to not print a warning for an event
schema in the OpenAPI documentation if it's include in the list of
deprecated events list.
2023-10-03 09:05:22 -07:00
Anders Kaseorg 5efbece30a stream_color: Extract update_stream_color to new module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 08:15:21 -07:00
Anders Kaseorg 0efd9f7bdd settings_users: Extract user sort comparators to new user_sort module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 08:14:51 -07:00
Anders Kaseorg 30ae936793 settings_invites: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-03 08:14:11 -07:00
Aman Agrawal 75a1a74adf hello: Redesign page.
Fixes #24082
2023-10-02 22:30:03 -07:00
Tim Abbott 7a97ceab86 popovers: Extract add_stream_options_popover.js. 2023-10-02 19:17:08 -07:00
Anders Kaseorg 91e656398d settings_muted_users: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-02 19:15:03 -07:00
Anders Kaseorg c5c5b18ab4 settings_exports: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-02 17:49:36 -07:00
Anders Kaseorg e459b83c06 pm_list_dom: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-02 17:48:39 -07:00
Anders Kaseorg 819a91aec7 alert_words_ui: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-02 17:46:22 -07:00
Anders Kaseorg 457544e0d2 message_scroll: Move state flags to new module message_scroll_state.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-02 17:37:56 -07:00
Anders Kaseorg 919381e5e7 copied_tooltip: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-02 15:36:23 -07:00
Anders Kaseorg 60f324518b Revert "provision: enabling automatic activation of zulip-py3-venv at the lunch of shell only for dedicated containers."
This reverts commit ba4c45aa90.

The tests it used don’t make sense.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-10-01 12:10:56 -07:00
Mateusz Mandera 0e4532f8e7 semgrep: Add rule to specify tick kwarg on time_machine.travel() calls.
Letting the clock tick without a reason introduces the
possibility of nondeterministic test failures depending on the execution
time. The default value when not specified is tick=True, which makes it
easy to miss.
The rule doesn't prohibit setting tick=True, as perhaps there will be
tests wanting to use that feature on purpose, but such a test should
explicitly set it to make the intent clear.
2023-10-01 09:28:42 -07:00
Sudip Bose ba4c45aa90 provision: enabling automatic activation of zulip-py3-venv at the lunch of shell only for dedicated containers.
Refactor tools/lib/provision_inner to conditionally write activation commands to user's bash profile based on the host machine type. Automatic activation now skipped for native linux containers.
Fixes #15029
2023-10-01 08:43:14 -07:00
Hardik Dharmani bae28dfe64 message_list_hover: Extract module for hover/unhover logic.
Remove the various message-hover related functions from ui_init.js and
put them in a new module.
2023-09-28 18:07:26 -07:00
Anders Kaseorg f4768b0030 lint: Fix semgrep scanning of extensionless Python scripts.
Semgrep 0.118.0 changed the default of --scan-unknown-extensions to
false.  It also seems that it no longer respects --lang (or never
did), so rename the config file to reflect that it only includes
Python rules, to make it clear that additional languages will require
separate config files.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-28 14:19:50 -07:00
Aman Agrawal 820b564072 right_sidebar_ui: Rename to sidebar_ui. 2023-09-28 08:41:03 -07:00
Sahil Batra 1de3a9f4a3 bots: Extract code for showing integration url modal in new file.
This commit creates a new file integration_url_modal.js which
now contains the code for showing integration url modal.

Since show_generate_integration_url_modal is used in multiple
places, this change helps us in avoiding import cycles.
2023-09-26 09:15:20 -07:00
Sahil Batra f3c17b8d4f users: Extract code for showing deactivation modal in new file.
This commit creates a new file user_deactivation_ui.js which
now contains the code for showing deactivation modal for user
and bots.

Since confirm_deactivation and confirm_bot_deactivation functions
are used in multiple places, this change helps us in avoiding
import cycles.
2023-09-26 09:15:20 -07:00
Aman Agrawal e0ff125116 views: Write a common show and hide function.
Fixes #26688
2023-09-25 13:16:25 -07:00
Sahil Batra c7cbdd3741 custom_fields: Extract some code in custom_profile_fields_ui.js.
This commit moves initialize_custom_pronouns_type_fields,
initialize_custom_user_type_fields, initialize_custom_date_type_fields
and append_custom_profile_fields functions to the new file
custom_profile_fields_ui.js from settings_account.js since
they are used for both showing custom profile fields in
"Profile" settings panel and "Edit user" form shown in
user profile modal. This change also helps us in avoiding
import cycles.
2023-09-25 13:14:49 -07:00
Tim Abbott c379d0bad6 right_sidebar_ui: Extract new module.
This UI is not actually a popover, and so there is no need for it to
live in popovers.js.
2023-09-25 06:29:47 -07:00
Aman Agrawal bdf6b210b8 copied_tooltip: Remove tippyjs import cycle by extracting it.
Moving show_copied_confirmation to a new library breaks the
dependency cycle of popover_menus and tippyjs.
2023-09-24 15:16:27 -07:00
Anders Kaseorg d6884399b2 invite: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-22 17:10:51 -07:00
Anders Kaseorg 35568ec4d6 flatpickr: Convert module to TypeScript.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-22 17:08:17 -07:00
YashRE42 cb04ae1f95 search: Redesign search box.
Fixes #21798.
2023-09-21 08:58:31 -07:00
Anders Kaseorg acd0c5568a corporate: Remove Twitter third-party JavaScript and branding.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-21 08:53:37 -07:00
Daniil Fadeev d96110590b playground_links: Migrate popover to Tippy.
Fixes part of #23632.
2023-09-15 12:25:26 -07:00
Daniil Fadeev d89cd1e241 user_card_popover: Rename Handlebars templates.
List of renamed templates:
`user_info_popover_content` -> `user_card_popover_content`
`user_info_popover_manage_menu` -> `user_card_popover_manage_menu`
`user_info_popover_title` -> `user_card_popover_title`
2023-09-15 12:24:00 -07:00
Anders Kaseorg 28597365da python: Delete superfluous parens.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-13 13:40:19 -07:00
evykassirer a0df603aa7 puppeteer: Allow reruns in interactive mode when tests succeed.
We already allowed reruns for failing tests, and this adds
the ability to rerun tests that succeeded as well, which is
helpful for debugging flaky tests.
2023-09-13 12:46:22 -07:00
Anders Kaseorg 2665a3ce2b python: Elide unnecessary list wrappers.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-13 12:41:23 -07:00
Daniil Fadeev c5f6c00a81 popovers: Extract user info popovers into their own module.
The intent behind this commit is to tidy up how we handle user info
popovers. The first step is to move everything related to them into
its own module. This commit should not have any functional changes.
2023-09-13 11:49:08 -07:00
Aman Agrawal 6ef0753a51 inbox: Add new narrow. 2023-09-12 09:20:33 -07:00
Anders Kaseorg 6988622fe8 ruff: Enable B023 Function definition does not bind loop variable.
Python’s loop scoping is misdesigned, resulting in a very common
gotcha for functions that close over loop variables [1].  The general
problem is so bad that even the Go developers plan to break
compatibility in order to fix the same design mistake in their
language [2].

Enable the Ruff rule function-uses-loop-variable (B023) [3], which
conservatively prohibits functions from binding loop variables at all.

[1] https://docs.python-guide.org/writing/gotchas/#late-binding-closures
[2] https://go.dev/s/loopvar-design
[3] https://beta.ruff.rs/docs/rules/function-uses-loop-variable/

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-11 18:03:45 -07:00
Anders Kaseorg cf4791264c python: Replace functools.partial with type-safe returns.curry.partial.
The type annotation for functools.partial uses unchecked Any for all
the function parameters (both early and late).  returns.curry.partial
uses a mypy plugin to check the parameters safely.

https://returns.readthedocs.io/en/latest/pages/curry.html

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-11 18:03:45 -07:00
Alex Vandiver b94402152d models: Always search Messages with a realm_id or id limit.
Unless there is a limit on `id`, always provide a `realm_id` limit as
well.  We also notate which index is expected to be used in each
query.
2023-09-11 15:00:37 -07:00
Alex Vandiver 067de6f948 coverage: Skip zerver.lib.migrate coverage.
It is only covered when we run migration tests, which we are not
guaranteed to always be able to do.
2023-09-11 15:00:37 -07:00
Alex Vandiver d6745209f2 django: Use .exists() instead of .count() when possible. 2023-09-11 15:00:37 -07:00
Lalit Kumar Singh 5f74b9051e ts: Migrate `user_topics.js` to typescript. 2023-09-11 10:57:38 -07:00
Daniil Fadeev 7777c55b22 popovers: Extract `user_group_popover` into separate module.
This is a preparatory commit before we migrate `user_group_popover`
from Bootstrap to Tippy library.

The previous implementation was weirdly sharing the logic around
`current_message_info_popover_elem` with the user info popovers based
on a message; very likely an unfortunate latent bug caused by
copy/paste.

To address that, we need to add dedicated functions like
get_user_group_popover_items to avoid breaking keyboard navigation
with this extraction.
2023-09-11 10:26:50 -07:00
Lalit Kumar Singh c47a18eb2b ts: Migrate `realm_logo` to TypeScript. 2023-09-09 18:30:43 -07:00
Lalit Kumar Singh b8e0850aa1 ts: Migrate `realm_icon` to TypeScript. 2023-09-09 18:30:43 -07:00
Aman Agrawal 1305fe74b6 test-js-with-node: Remove deleted dropdown-list-widget module.
Fixes #25741
2023-09-09 18:22:25 -07:00
Anders Kaseorg 31b5879242 docs: Remove obsolete mentions of reStructuredText.
Commit b53e676860 (#19600) removed the
last of our reST.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-09 01:56:16 -07:00
Anders Kaseorg 964cc182a4 sync-translations: Normalize translations to NFC.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-08 17:51:47 -07:00
Lalit Kumar Singh affdffdda5 ts: Migrate `settings_emoji.js` to TypeScript. 2023-09-08 13:09:34 -07:00
Lalit Kumar Singh 5c2ba6c8fa ts: Migrate `avatar.js` module to TypeScript. 2023-09-08 13:09:12 -07:00
Zixuan James Li c336bf0398 api: Avoid programming errors due to nested Annotated types.
We want to reject ambiguous type annotations that set ApiParamConfig
inside a Union. If a parameter is Optional and has a default of None, we
prefer Annotated[Optional[T], ...] over Optional[Annotated[T, ...]].

This implements a check that detects Optional[Annotated[T, ...]] and
raise an assertion error if ApiParamConfig is in the annotation. It also
checks if the type annotation contains any ApiParamConfig objects that
are ignored, which can happen if the Annotated type is nested inside
another type like List, Union, etc.

Note that because
param: Annotated[Optional[T], ...] = None
and
param: Optional[Annotated[Optional[T], ...]] = None
are equivalent in runtime prior to Python 3.11, there is no way for us
to distinguish the two. So we cannot detect that in runtime.
See also: https://github.com/python/cpython/issues/90353
2023-09-08 08:20:17 -07:00
Zixuan James Li f4caf9dd79 api: Add new typed_endpoint decorators.
The goal of typed_endpoint is to replicate most features supported by
has_request_variables, and to improve on top of it. There are some
unresolved issues that we don't plan to work on currently. For example,
typed_endpoint does not support ignored_parameters_supported for 400
responses, and it does not run validators on path-only arguments.

Unlike has_request_variables, typed_endpoint supports error handling by
processing validation errors from Pydantic.

Most features supported by has_request_variables are supported by
typed_endpoint in various ways.

To define a function, use a syntax like this with Annotated if there is
any metadata you want to associate with a parameter, do note that
parameters that are not keyword-only are ignored from the request:
```
@typed_endpoint
def view(
    request: HttpRequest,
    user_profile: UserProfile,
    *,
    foo: Annotated[int, ApiParamConfig(path_only=True)],
    bar: Json[int],
    other: Annotated[
        Json[int],
        ApiParamConfig(
            whence="lorem",
            documentation_status=NTENTIONALLY_UNDOCUMENTED
        )
    ] = 10,
) -> HttpResponse:
    ....
```

There are also some shorthands for the commonly used annotated types,
which are encouraged when applicable for better readability and less
typing:
```
WebhookPayload = Annotated[Json[T], ApiParamConfig(argument_type_is_body=True)]
PathOnly = Annotated[T, ApiParamConfig(path_only=True)]
```

Then the view function above can be rewritten as:
```
@typed_endpoint
def view(
    request: HttpRequest,
    user_profile: UserProfile,
    *,
    foo: PathOnly[int],
    bar: Json[int],
    other: Annotated[
        Json[int],
        ApiParamConfig(
            whence="lorem",
            documentation_status=INTENTIONALLY_UNDOCUMENTED
        )
    ] = 10,
) -> HttpResponse:
    ....
```

There are some intentional restrictions:
- A single parameter cannot have more than one ApiParamConfig
- Path-only parameters cannot have default values
- argument_type_is_body is incompatible with whence
- Arguments of name "request", "user_profile", "args", and "kwargs" and
  etc. are ignored by typed_endpoint.
- positional-only arguments are not supported by typed_endpoint. Only
  keyword-only parameters are expected to be parsed from the request.
- Pydantic's strict mode is always enabled, because we don't want to
  coerce input parsed from JSON into other types unnecessarily.
- Using strict mode all the time also means that we should always use
  Json[int] instead of int, because it is only possible for the request
  to have data of type str, and a type annotation of int will always
  reject such data.

typed_endpoint's handling of ignored_parameters_unsupported is mostly
identical to that of has_request_variables.
2023-09-08 08:20:17 -07:00
evykassirer 3c16541eb4 recent: Rename recent_topics_util. 2023-09-08 07:36:33 -07:00
evykassirer f8db06569f recent: Rename recent_topics_ui. 2023-09-08 07:36:33 -07:00
Lalit Kumar Singh 9a6f7f0ead ts: Migrate `attachments_ui.js` to typescript. 2023-09-07 17:54:48 -07:00
Alex Vandiver 5d3ce8b2d4 puppet: Update dependencies. 2023-09-06 09:20:06 -07:00
Anders Kaseorg 81bd63cb46 ruff: Fix PIE808 Unnecessary `start` argument in `range`.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-09-01 14:57:01 -07:00
Lalit Kumar Singh 4f3a971e64 ts: Migrate `channel.js` module to TypeScript. 2023-08-28 09:19:07 -07:00
Zixuan James Li a081428ad2 user_groups: Make locks required for updating user group memberships.
**Background**

User groups are expected to comply with the DAG constraint for the
many-to-many inter-group membership. The check for this constraint has
to be performed recursively so that we can find all direct and indirect
subgroups of the user group to be added.

This kind of check is vulnerable to phantom reads which is possible at
the default read committed isolation level because we cannot guarantee
that the check is still valid when we are adding the subgroups to the
user group.

**Solution**

To avoid having another transaction concurrently update one of the
to-be-subgroup after the recursive check is done, and before the subgroup
is added, we use SELECT FOR UPDATE to lock the user group rows.

The lock needs to be acquired before a group membership change is about
to occur before any check has been conducted.

Suppose that we are adding subgroup B to supergroup A, the locking protocol
is specified as follows:

1. Acquire a lock for B and all its direct and indirect subgroups.
2. Acquire a lock for A.

For the removal of user groups, we acquire a lock for the user group to
be removed with all its direct and indirect subgroups. This is the special
case A=B, which is still complaint with the protocol.

**Error handling**

We currently rely on Postgres' deadlock detection to abort transactions
and show an error for the users. In the future, we might need some
recovery mechanism or at least better error handling.

**Notes**

An important note is that we need to reuse the recursive CTE query that
finds the direct and indirect subgroups when applying the lock on the
rows. And the lock needs to be acquired the same way for the addition and
removal of direct subgroups.

User membership change (as opposed to user group membership) is not
affected. Read-only queries aren't either. The locks only protect
critical regions where the user group dependency graph might violate
the DAG constraint, where users are not participating.

**Testing**

We implement a transaction test case targeting some typical scenarios
when an internal server error is expected to happen (this means that the
user group view makes the correct decision to abort the transaction when
something goes wrong with locks).

To achieve this, we add a development view intended only for unit tests.
It has a global BARRIER that can be shared across threads, so that we
can synchronize them to consistently reproduce certain potential race
conditions prevented by the database locks.

The transaction test case lanuches pairs of threads initiating possibly
conflicting requests at the same time. The tests are set up such that exactly N
of them are expected to succeed with a certain error message (while we don't
know each one).

**Security notes**

get_recursive_subgroups_for_groups will no longer fetch user groups from
other realms. As a result, trying to add/remove a subgroup from another
realm results in a UserGroup not found error response.

We also implement subgroup-specific checks in has_user_group_access to
keep permission managing in a single place. Do note that the API
currently don't have a way to violate that check because we are only
checking the realm ID now.
2023-08-24 17:21:08 -07:00