Tim Abbott
0fcf1db00a
Fix tracebacks sending messages nobody will receive.
...
(imported from commit afe3d7465f105015f7fa8247ab3cba7476b89fc2)
2012-10-29 19:17:26 -04:00
Tim Abbott
af09279483
Check for empty stream/subject names.
...
(imported from commit 208be288f903e8a040ed9e1de243315df0d9adae)
2012-10-29 17:36:01 -04:00
Tim Abbott
44b332693e
Fix the fact that new auto-created MIT users are active.
...
(imported from commit 577f1a0165a56fc3cc1ed6f0a54f6c5f31345cc7)
2012-10-29 17:30:06 -04:00
Luke Faraone
5dad59e864
Implement MIT signups.
...
Here we introduce a new manage.py command, activate_mit, which takes a
number of usernames and sends out emails to the users with instructions on
how to activate their accounts.
(imported from commit f14401b55f915698e83ff27b86434f53e64685f3)
2012-10-29 16:59:37 -04:00
Keegan McAllister
0e03a7acc8
views.home: Use @login_required
...
We can't use reverse() due to what amounts to a module import cycle.
(imported from commit 8a2904648173bc3e4ff2079d33320417b28518d3)
2012-10-29 15:41:28 -04:00
Keegan McAllister
5353f5b3b0
Rename NOT_LOGGED_IN_REDIRECT -> HOME_NOT_LOGGED_IN
...
If we have other pages that require login, we might want them to redirect to
the login form. But the root of the site should take you to /accounts/home --
but only after we launch the product.
(imported from commit b5d10e1c908f1ffe1ee68c2689691ca66c896786)
2012-10-29 15:41:28 -04:00
Zev Benjamin
2723a54088
Disable pointer sync for alpha rollout
...
(imported from commit 50a41e49e9b4a7db0b07ee7705d51c3a2abdff35)
2012-10-29 14:18:08 -04:00
Zev Benjamin
5413f74a7e
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
This commit differs from 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe in
that it uses request.POST.get("foo") instead of request.POST["foo"].
For some reason the latter triggers CSRF errors.
(imported from commit b2a4a7322d16dbf241cd6eef146621c79d84cafc)
2012-10-26 17:17:09 -04:00
Zev Benjamin
b36f1702fc
Revert "Allow API users to update the pointer and receive pointer updates"
...
This reverts commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe.
It seems to have broken API users.
(imported from commit 2f861ebc016076547092421f87dbcac00a65e2f6)
2012-10-26 16:19:57 -04:00
Zev Benjamin
a4fd478e3d
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
(imported from commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe)
2012-10-26 16:06:41 -04:00
Zev Benjamin
ec389c5c83
Non-asynchronous API calls only take two arguments
...
(imported from commit 39f21892e38b0f8c2369d77ffcfb077f1006863e)
2012-10-26 11:53:01 -04:00
Zev Benjamin
8a66d52228
Expose get_old_messages to API
...
(imported from commit d3b86a049440c54b52d96c27f8925a73496eaffe)
2012-10-26 10:42:11 -04:00
Zev Benjamin
ec9e0a4b9f
Have get_updates include an "update_types" array in its response
...
This is similar to the previous "reason_empty" variable, but captures
why we've returned from the call even when there are updates and all
the reasons if there are multiple. For now, it's useful for debugging.
(imported from commit fd8d9e859660e51b57178d066b184f831b71a0b6)
2012-10-25 18:12:11 -04:00
Zev Benjamin
a9583f6889
Fix get_updates missing messages between calls
...
(imported from commit 2b84df2a35a9a006b8548904ebf145a351a2e92b)
2012-10-25 18:11:23 -04:00
Tim Abbott
f2c6347471
Return to failing clients immediately the first time.
...
(imported from commit b29df3165030ffd95dfe89b6471aeb74c06b6126)
2012-10-25 17:53:30 -04:00
Waseem Daher
44547e4e36
Properly check stream/subject lengths.
...
(imported from commit 1432266d8db1122f561e9e2f997071a19fb0f190)
2012-10-25 17:07:32 -04:00
Waseem Daher
c894bab738
Compute a user's realm from the verified email address, not a user-passed field.
...
(imported from commit 5c220a7b9e4b137b5c98b286e409004318565137)
2012-10-25 16:50:00 -04:00
Tim Abbott
0c54fab1e2
Check for too-long stream/subject names.
...
(imported from commit 6d37dff9af7e471e1e6a1ba77a9500bf5bb4ba7d)
2012-10-25 16:04:47 -04:00
Tim Abbott
7c8bde5d90
Add log/restore for fullnames and passwords.
...
(imported from commit 048ca3c86b9f077fcbccd5df4a509191a545da4c)
2012-10-25 15:52:26 -04:00
Zev Benjamin
cf1d35fd62
Remove unused variable
...
(imported from commit 0636d51527ea9cac8b1ba5490bf5836cd4e79269)
2012-10-25 15:45:14 -04:00
Zev Benjamin
451a041919
Remove the ability to fetch old messages via get_updates
...
Clients should use get_old_messages, instead.
(imported from commit 67847ef67d8ad4bf4af3f6082f85f0c76a41944c)
2012-10-25 15:31:27 -04:00
Keegan McAllister
eef027560a
Remove unused imports
...
(imported from commit eb576627ff72e57fee0e3a4c357f51ad74cd6c86)
2012-10-25 15:22:18 -04:00
Keegan McAllister
9629e7111b
already_sent_mirrored_message: Reduce code duplication
...
and eliminate extremely long lines.
(imported from commit 29a08b1757c1bb3af1f82222fd7150db05f86034)
2012-10-25 15:22:18 -04:00
Zev Benjamin
c4189d1029
Add get_old_messages json call
...
This new call only allows fetching of existing messages. The idea is
to remove this functionality from get_updates to simplify the backend
code.
(imported from commit 1345db2f1707e208e7c0bd08b7d444932c68b6a2)
2012-10-25 12:10:44 -04:00
Zev Benjamin
07263f3a0e
Rearrange functions
...
(imported from commit 814f2acbf574bf1eeb32e23ab28e76fc94f877ce)
2012-10-25 11:26:53 -04:00
Keegan McAllister
ab34200648
Make sure that Markdown rendering really happened, if requested.
...
This is a security issue because it's where we escape HTML.
(imported from commit 10dea1899eb6d7e0e40128ae1a4787abad38fa73)
2012-10-24 15:43:46 -04:00
Keegan McAllister
734411369b
format_updates_response: Default to apply_markdown=True
...
It's the safer default to prevent introducing XSS holes. And in our current
code, we always provide this parameter.
(imported from commit 73897f5315ba54a5d3fa95dd19efb9d20c081a8a)
2012-10-24 15:32:12 -04:00
Keegan McAllister
e8dfb41f70
Return messages from return_messages_immediately, rather than calling handler.finish
...
(imported from commit 0da3356c6712614cf1816d330b891e8f6d13bac7)
2012-10-24 15:32:10 -04:00
Tim Abbott
75d150efc7
Fix being unable to send messages with a trailing comma in recipients list.
...
(imported from commit 5c075c4aa1da8c2a153b33ed4d061fac88de48e7)
2012-10-24 14:25:55 -04:00
Zev Benjamin
8a39292b5d
Fix bouncy pointer from pointer updates
...
The previous code path was buggy. We now do separate pointer update
checking for the cases where get_updates returns immediately vs. when
it returns from a callback.
(imported from commit f236a80cd0b94bc097dbd17f113d7a9d27368025)
2012-10-23 16:39:04 -04:00
Zev Benjamin
5ee6982a7e
Use a different format function when we don't respond to a get_updates immediately
...
For now, the new function, format_delayed_updates_response, just
calls format_updates_response.
(imported from commit dd332125fe0d47cb3990373f74e85e64604f58a3)
2012-10-23 16:39:04 -04:00
Zev Benjamin
c8dd5229ed
Rename updater_session to pointer_updater
...
(imported from commit 7646b8e636393d64ef07d0251f8c83beecf114aa)
2012-10-23 16:39:04 -04:00
Zev Benjamin
6c4b56517f
Revert "Temporarily disable pointer sync"
...
This reverts commit 7d8f673559ca6359923aa0bdd48edebe0955e921.
(imported from commit 32f7ad925cc4df72220a191602487620a9970f43)
2012-10-23 16:39:04 -04:00
Zev Benjamin
ce3ea9f019
Temporarily disable pointer sync
...
(imported from commit 74e6bb347e0b8c01b6450914a50448b78b9749c9)
2012-10-23 15:24:00 -04:00
Luke Faraone
a139f8b6b2
Fix incorrect references to userprofile in the API
...
(imported from commit 77c062b54c545185aee28189726f61a874a1fe77)
2012-10-23 12:05:56 -04:00
Tim Abbott
fdeab96b4c
Add a default client name for the API.
...
(imported from commit a14b2f8bd9ff604c5f522c85842d296be38d33e6)
2012-10-23 10:54:36 -04:00
Tim Abbott
846469c39c
[schema]: Rename userprofile to user_profile.
...
(imported from commit adfb6152b7ec32557e3465d961695eb870506d5a)
2012-10-22 18:55:45 -04:00
Tim Abbott
93616039bc
Use the new client data model to deduplicate mirroring.
...
(imported from commit 6ac38534aea11b1e7f8f332e76251f9501f9ab3e)
2012-10-22 18:31:36 -04:00
Tim Abbott
1b1d5cb577
Fix all mirrored stream messages appearing to be from me.
...
(imported from commit 777f98a564d3f169d3c69fcda980ce5993910d88)
2012-10-22 17:59:21 -04:00
Tim Abbott
bce793005d
Fix mirroring of personals.
...
(imported from commit 91ae9e6bb20389a708bd6b1945c898b98b96ee4a)
2012-10-22 17:21:07 -04:00
Zev Benjamin
f817bf6144
Pass the session that updated the pointer from Django to Tornado
...
This allows us to check whether the session that updated the pointer
is the same as a session that is doing a long poll to avoid sending
new pointer information when that information is coming from the same
session.
We still return from the long poll early, though, which is sub-optimal.
(imported from commit 7d4be0956f112eacefb7d198ea929957cd2b05e3)
2012-10-22 17:16:47 -04:00
Tim Abbott
d17db6687c
Improve validation of zephyr mirror data.
...
(imported from commit 9ebc43d17d1f4040da2deff271ba7e158908a29b)
2012-10-22 17:08:09 -04:00
Zev Benjamin
732ca19729
Synchronize the pointer across sessions
...
The client may now optionally send its current pointer during
get_updates and the server will return the latest pointer if it
differs and was updated more recently by a different session.
(imported from commit e43b377d7dfb52f83cefb0b1003863d5407caf80)
2012-10-22 16:44:57 -04:00
Zev Benjamin
66d7678423
Add UserProfile callback for pointer updates
...
(imported from commit bfa9c15d82f092a1810cfcee1a88e1e292bc4cb8)
2012-10-22 16:06:38 -04:00
Zev Benjamin
2a4c3b5bff
Abstract the callbacks table in preparation for more kinds of callbacks
...
(imported from commit 695d5bceb4657ef25ba5983212082ee0c76b9d33)
2012-10-22 16:06:38 -04:00
Zev Benjamin
7ac0625e39
Add model field indicating which session most recently modified the pointer
...
(imported from commit 819ab358d9fa6f22ad8ccee56fe723ea7711ebc5)
2012-10-22 16:06:38 -04:00
Tim Abbott
b353fd4abd
Use sending_client to check whether messages are mirrored.
...
(imported from commit 6202739e21dfb308ed551656a8a0cdf7311972f7)
2012-10-22 14:52:08 -04:00
Keegan McAllister
7cf8f842f7
Allow in stream names any character classified by Unicode as alphanumeric
...
Also correct a comment.
(imported from commit 5c03032b90dbaf38d880651004733e4399b422ee)
2012-10-22 12:58:39 -04:00
Jessica McKellar
f5f3ffc6a9
Expose an API method for updating the pointer.
...
(imported from commit 66d49c149e0bbc60e82a5967b77aff69629b09e7)
2012-10-21 13:33:14 -04:00
Jessica McKellar
0fb836538d
Add an API request for getting profile (specifically pointer) data.
...
Mobile clients need it.
We are going to need to sit down and think about how much power we
want to give our API users, though. For example, should they even get
to know about your absolute pointer value (maybe they should only be
able to make requests relative to your pointer), or be able to request
very old ranges of messages?
(imported from commit 1680655f0d9a670bc0da0ddb92fbbd5cf851d3dd)
2012-10-20 21:59:59 -04:00
Tim Abbott
7b3b4362dd
[schema] Add a Client model keeping track of the sending client.
...
(imported from commit 31a430b1de14ce973addafd5d13ace049a8f8091)
2012-10-20 18:41:54 -04:00
Tim Abbott
1fcb4c0576
Fix error handling for removing subscriptions.
...
(imported from commit b95a706ed9499e96c4ff27ca583ed10dab674736)
2012-10-20 18:26:21 -04:00
Tim Abbott
56dab6cb26
Log changes to subscriptions and replay them in populate_db.
...
(imported from commit d3055eb44326bdc59a6bc96d00b5b0bc6da86059)
2012-10-20 18:26:21 -04:00
Tim Abbott
a8ee0ecc69
Fix bug allowing subscribing to a stream twice.
...
(imported from commit c49b7c8ec49fd71bb1e1f1226d9e126d4d0987df)
2012-10-20 10:15:12 -04:00
Keegan McAllister
0d05557ffc
notify_new_message: Allow request to have come from IPv6 localhost
...
(imported from commit ef477ced6695f866f8d265d980f8401670b3c95c)
2012-10-19 22:34:46 -04:00
Keegan McAllister
86b4da9d83
Put a new user's pointer at the bottom
...
(imported from commit 65ae2483d6bcfb96cc97bdb689d8174737bde5b0)
2012-10-19 20:44:09 -04:00
Tim Abbott
e434fa141e
Use .objects.create and .objects.get_or_create.
...
This eliminates a bunch of unnecessary code and also fixes a bunch of
places where we were improperly not using transactions.
(imported from commit f194ae9226f9229fc56a0b1b21615534f486ea0c)
2012-10-19 17:42:14 -04:00
Keegan McAllister
5b13f9192f
Load more messages when the user presses the "Load more messages" button
...
(imported from commit 060e6f67b13fd67b56f80f913eb6b835860a8115)
2012-10-19 17:13:14 -04:00
Keegan McAllister
7693695fc0
Tell the client why we are returning an empty list of messages
...
(imported from commit cc17ed2d8389f6be1170081e70c1d8a7f0556ac3)
2012-10-19 17:13:13 -04:00
Keegan McAllister
c67e7035aa
Limit the number of old messages the client requests
...
(imported from commit 6bff6aa0b48d46b98aa68c6e29eb569cf41f4989)
2012-10-19 17:13:08 -04:00
Zev Benjamin
ab382040c1
Make get_updates reload_pending request parameter an integer
...
This fixes a bug where the server wasn't returning from get_updates
immediately when the client needed a reload.
(imported from commit 1d854eb1c7061f468d091e103f10074f4c7231d8)
2012-10-19 15:53:05 -04:00
Tim Abbott
79fbb23356
Return a max_message_id when returning no messages.
...
This is needed for an API client to setup a nonblocking subscription.
(imported from commit d978c28994c5e3af4312ffba32c4040e8314c247)
2012-10-19 11:37:20 -04:00
Tim Abbott
d49d675128
Fix mit_sync_bots for personals only.
...
(imported from commit 9fd7ac87d2cdc32413edefbde8870bbe59b67380)
2012-10-18 11:14:03 -04:00
Tim Abbott
e303b7dcbd
Fix syncing messages from Humbug back to MIT.
...
(imported from commit ff32c8c0824afda0805bd5ec9ec87b7ce999bcca)
2012-10-18 10:57:18 -04:00
Tim Abbott
1d55c06ede
Move mit_sync_table code into the correct process.
...
(imported from commit bc40f865f94d7b39db5e49eba09370c3fa53dc6f)
2012-10-17 22:35:02 -04:00
Keegan McAllister
b9e9938197
create_user_if_needed: Use proper initial passwords
...
(imported from commit 009208ac64548dd6f8773ccc7738ab0c391d816a)
2012-10-17 21:08:59 -04:00
Keegan McAllister
4f56362e0f
Change formatting of notify_new_message request
...
The requests library doesn't encode repeated key form data reliably.
(imported from commit 3cc9f5379c299a57f69bb5b7ff3b85f0c066269f)
2012-10-17 18:24:15 -04:00
Keegan McAllister
91209f9304
Get initial server generation from first get_updates result
...
Embedding this in index.html won't work anymore, because the Django FastCGI and
the Tornado servers might have been started at different times.
(imported from commit 187909d0593449cf2989857671f9ca526723e451)
2012-10-17 18:24:15 -04:00
Keegan McAllister
a545876d56
Rename notify_waiting_clients -> notify_new_message
...
We might have other URLs for other notifications.
(imported from commit 4c1c5fe2f039816fef4c268f34692ca4f19d81e8)
2012-10-17 18:23:01 -04:00
Keegan McAllister
5e70b5a291
Split off the Tornado code into a separate process
...
(imported from commit 95dbd0f438cdba06d6e6c6c539a2a3d49c577cfd)
2012-10-17 18:23:01 -04:00
Zev Benjamin
2ade66bf3e
Remove stale comment
...
(imported from commit c880fc2f543e3f0cdfd531c968a1e77249c04f4c)
2012-10-17 18:17:43 -04:00
Tim Abbott
bff0046c51
Fix client continuously calling get_updates when a reload is pending.
...
(imported from commit 2c29c8b892e7843f4d75178cc683bf48f7a5cdf5)
2012-10-17 17:46:07 -04:00
Waseem Daher
49a8677517
Remove 'timezone' from the settings page.
...
We weren't doing anything with it anyway, so...
(imported from commit ad927f3d2ce5b9bd219d6f36a021542812486aef)
2012-10-17 17:26:55 -04:00
Waseem Daher
d9715825b1
Remove 'short_name' from the settings page (but not the db).
...
For now, we're not using this, so let's expunge the user-facing
references to it.
(imported from commit 90a8dcdc77d0a991bef3e319e6971327639d1f4e)
2012-10-17 17:26:06 -04:00
Tim Abbott
758bbe6fc9
Rename api_fetch_key to api_fetch_api_key to match json methods.
...
(imported from commit ed1c33f5017426dd38882c06ac38343451edb94b)
2012-10-17 17:13:33 -04:00
Tim Abbott
ae3e24458c
Add a UI for requesting your API key.
...
(imported from commit 07c40caf73f3b6c1c502a6c8e18109532dd28cc3)
2012-10-17 17:09:46 -04:00
Luke Faraone
716badc2c6
Don't reference GET if we now require post.
...
(imported from commit b78b62e81b4064f53c1a83a68e0b7e67a08230b5)
2012-10-17 16:52:30 -04:00
Luke Faraone
6c3a328426
API key fetching should happen over POST, not GET.
...
(imported from commit 351d0035a55f49f00693081584d882c1aef7dd01)
2012-10-17 16:36:49 -04:00
Luke Faraone
12bad46740
Introduce API method to return a user's API key by logging in.
...
This makes it easier for mobile clients to use the API by enabling them to
present the user with a familiar username / password prompt, rather than
by asking them for their API key.
(imported from commit 6ed06cfe86f87e7aef54a4be7835fb7bf8d7f209)
2012-10-17 15:33:05 -04:00
Tim Abbott
7237b4a73e
Fix sending to a stream with a space in its name.
...
Previously if you tried to send to "a b", we actually ended up trying
to send to "a%20b", since we were url-encoding the stream name and
then not properly decoding it.
(imported from commit 307d2999bd309e47fc654ae4422ab4372edde064)
2012-10-17 14:06:00 -04:00
Keegan McAllister
81f0d61c3b
Factor out Gravatar hash calculation
...
(imported from commit 29872722fb4856773d98fc987a1e2d6eb99ad8b2)
2012-10-17 01:09:16 -04:00
Tim Abbott
539c3abbab
@asynchronous needs to be the outer wrapper.
...
(imported from commit 24b8f157d600e69276178d609820d3f0dfb685a7)
2012-10-16 17:10:15 -04:00
Tim Abbott
6642a65269
Convert last few json views to use the json_success api.
...
(imported from commit 7a617ec7e7c8607e8ba87e7a9b8599a83b91666c)
2012-10-16 16:54:41 -04:00
Tim Abbott
8388353859
Clean up the decorators code for the API.
...
(imported from commit b3fd6cfa475f021e35043148ad9a38633d9bddfe)
2012-10-16 16:38:42 -04:00
Tim Abbott
a859c10017
Don't redirect to a login page when responding to json messages.
...
Also update tests to actually check all our URLs.
(imported from commit 86de2027d140da6118e2f2f60c1c86511b16c141)
2012-10-16 16:38:39 -04:00
Tim Abbott
3e994c16b7
Rename/reorganize our urls to be more consistent.
...
(imported from commit ca3cc7ccd5d7da83a9c60968527378ee1118648e)
2012-10-16 15:56:06 -04:00
Zev Benjamin
103bf321b4
Have client and server exchange a server generation number
...
This will allow the client to detect when the server has restarted.
(imported from commit 89e75916719d967beb2520be6263f79f897d9ec1)
2012-10-16 15:30:09 -04:00
Keegan McAllister
8819bdc0fc
Hide most of the navbar on the deployed app
...
(imported from commit 3b055588f7de805bf1b038f1bc6c03837eda010a)
2012-10-15 18:44:36 -04:00
Keegan McAllister
5141cd7ab9
Make a setting for where we redirect home for not logged in users
...
(imported from commit 95bae4e52d8a8a34c001975e8d3547db5ba256a2)
2012-10-15 18:44:36 -04:00
Tim Abbott
bcc895b95b
Avoid expensive queries to check whether the user has any messages.
...
(imported from commit 035ec44db7a2f61b1c04e80feebe9af1a214505c)
2012-10-15 17:10:55 -04:00
Keegan McAllister
ab9832092d
Remove an unnecessary @require_post
...
(imported from commit c8a43e696dbcfa4cdb494f286e6f0b989d328bd9)
2012-10-15 17:05:37 -04:00
Tim Abbott
917a06d5cf
Use select_related for the get_updates queries.
...
(imported from commit 403a5906f9619fb1d6dc10e57ebcaab7e8f00f16)
2012-10-15 11:54:12 -04:00
Tim Abbott
7ebc720347
performance: Use select_related when computing autocomplete lists.
...
(imported from commit fde08787998179451e6684a101c80aaafca917f6)
2012-10-15 11:39:10 -04:00
Zev Benjamin
88009b4854
Auto-complete huddle names based on full name.
...
This also makes the people_list a list of objects containing the person's full name and email.
(imported from commit cff9b3de8cab0c9b2690ffa60d65d666302b989f)
2012-10-12 11:35:45 -04:00
Zev Benjamin
7a305c1882
Add more information to error message
...
(imported from commit 0917d5c2ed1b156603ce53aaec88ecbe26f5f39c)
2012-10-12 11:34:42 -04:00
Tim Abbott
afee537a95
Don't allow users to subscribe to too-long stream names.
...
Also check for invalid characters when subscribing via the API.
(imported from commit c4730ecb360607c4da264cb1c4b2f9daa2cef293)
2012-10-12 10:48:41 -04:00
Tim Abbott
091bc48926
api_subscribe: Check for too-long stream names.
...
(imported from commit 20d94eafeb333a9bc09b6b20093e13fd1b241ea8)
2012-10-12 10:45:53 -04:00
Tim Abbott
fc99d2983a
Add an API call to subscribe to a list of streams.
...
(imported from commit 0a5d46d5f54fb4c8ebfad8c9adb777c0b4938dfa)
2012-10-11 16:20:45 -04:00
Keegan McAllister
0a0bd31407
Remove unused strip_html
...
(imported from commit 21747b9b5cbbe7b1935905fc9254f4de64db20aa)
2012-10-11 15:01:54 -04:00
Keegan McAllister
2c3d7d6116
HTML-escape messages on output
...
(imported from commit f199fddf887ffbd22ebac76448accb4c48b64a24)
2012-10-11 15:01:54 -04:00
Keegan McAllister
3fadaae574
Don't escape message metadata as it enters the system
...
(imported from commit b98deb3dcdc389b079055a06ffafaf138bc79c70)
2012-10-11 15:01:54 -04:00
Keegan McAllister
c06aa1a3da
Don't escape user metadata as it enters the system
...
We believe that our output escaping is sufficient.
(imported from commit 4c9d4d79682ef5689bc1eec12a3bbcc34de013a4)
2012-10-11 15:01:54 -04:00
Keegan McAllister
7137787984
Escape variables interpolated into <script> within index.html
...
Django's escapejs prevents breaking out with an embedded </script> tag.
It only works on bare string contents, not JSON-ish lists and such. So we
generate stream_list and people_list with template loops now.
(imported from commit 07fe4bebaa3fa11bc479b4378b8989560ce77f6f)
2012-10-11 15:01:54 -04:00
Tim Abbott
83f494b1a4
Add API queries to show public streams and the user's subscriptions.
...
(imported from commit 5f24e35a9bdd1e40406e2acb0c3713a6517d139b)
2012-10-11 14:43:23 -04:00
Keegan McAllister
9811bd5f8a
Get UserProfile by email with a join, not two queries
...
(imported from commit 0698ebb88615cea54196181aeabe869ec466dbc1)
2012-10-11 14:05:53 -04:00
Tim Abbott
676e650a08
Fix mit_sync_bot bug causing constant API requests.
...
(imported from commit dfa845b98a7e22ee69a9589b8b98ac5a49077793)
2012-10-11 13:00:50 -04:00
Keegan McAllister
5a7ff70c11
Remove obsolete views
...
This functionality is part of the home view now.
(imported from commit 5f0327eb62840bf98af49566e6f3c0b86ca43b8d)
2012-10-11 11:23:22 -04:00
Keegan McAllister
48ec15c46d
Don't duplicate realm query when registering
...
(imported from commit b1e3b7144f564c5b2fc23fbf548bf0672deb2932)
2012-10-11 11:08:52 -04:00
Tim Abbott
ac3f4393ff
Rename instance to subject.
...
(imported from commit 6b4693da03f106448c137cf81cf9801cac44f2b8)
2012-10-10 18:01:39 -04:00
Tim Abbott
08e832e093
Change send_message to accept a stream, not a class.
...
(imported from commit 0f58de2502bec227f5f33e44692d03f2f28d6f63)
2012-10-10 17:48:17 -04:00
Tim Abbott
6dc913766d
Rename 'classes' to 'streams'.
...
(imported from commit 8ad6791f39d49e90a2828b6af86d039ba5ca5abc)
2012-10-10 17:47:13 -04:00
Tim Abbott
493a428cb2
Rename zephyr_class=>stream for local variables in views.py.
...
(imported from commit 9ea782e0c132f4ab3ca86cd37ff584d0a2308dea)
2012-10-10 17:47:13 -04:00
Tim Abbott
003efb84b4
Rename get_class to get_stream.
...
(imported from commit 4d393f9fcd46847c54c7e0b6b7add219e8e07fe6)
2012-10-10 17:47:13 -04:00
Tim Abbott
4006e4b1ea
Rename class_exists to stream_exists.
...
(imported from commit 416bd1f4c513216d45913e306f6c8eaa542f3539)
2012-10-10 17:47:13 -04:00
Tim Abbott
39cde772eb
Rename valid_class_name to valid_stream_name.
...
(imported from commit 980135772f5050514b41130b0f1948aee3a3a4e5)
2012-10-10 17:47:13 -04:00
Tim Abbott
44e9e4cebf
Rename Recipient.CLASS to Recipient.STREAM.
...
(imported from commit a530194163f7260c73921137fa1ff671f14516f6)
2012-10-10 17:47:13 -04:00
Tim Abbott
1fc4780a81
Rename create_class_if_needed to create_stream_if_needed.
...
(imported from commit 1bbc792332981723d3d29b24ad03811d62ced5f1)
2012-10-10 17:47:13 -04:00
Tim Abbott
8daff2e05e
Rename ZephyrClass to Stream.
...
(imported from commit ae51b7a9e03f322dfe2dfccd250cbfc23adfe32e)
2012-10-10 17:47:12 -04:00
Keegan McAllister
8aa4e8c5f1
URLencode email in URL instead of HTML escaping it
...
HTML escaping makes absolutely no sense here. The other occurrence was already
removed in 55fff703924ef28060f0b91af3a6f06a1a636197 .
(imported from commit 3b7569dee381f6db290fc1527553802883e89ed7)
2012-10-10 17:24:49 -04:00
Luke Faraone
c2117a58e1
Don't use strip_html on passwords.
...
(imported from commit 2ecea072f545b5902b33bdc8e621871919cbbed6)
2012-10-10 15:16:23 -04:00
Keegan McAllister
26906777c1
Use 'reverse' when redirecting from home, for consistency
...
(imported from commit badd2a78cbe9d0007c7c8f515613761e68f01096)
2012-10-09 17:15:35 -04:00
Tim Abbott
6a7ce4cfe8
Comment out instance validation until we figure out what we want.
...
(imported from commit a1c22f9744f28635c67602a682bdb00cba0037ae)
2012-10-04 18:11:12 -04:00
Tim Abbott
12ea2895ea
Add a json_success style result to updates responses.
...
(imported from commit 6492f98f1e1f5b7622caa2f3427ae60bdfd3df0e)
2012-10-04 16:38:44 -04:00
Tim Abbott
27fdb10cbd
Return clean invalid user errors using the API.
...
(imported from commit 2f1687cbe8797ce42e66b340e87400720acd4054)
2012-10-04 16:38:44 -04:00
Tim Abbott
615e520c00
Add '.' to the list of valid class name characters.
...
(imported from commit 1d6c000434776b0b63f47bb514345746ed18bab9)
2012-10-04 15:17:12 -04:00
Tim Abbott
251177e8cf
Add a server-side check that class/instance names are valid.
...
(imported from commit 4534239e57b08b4d01d2caa68134e205ce6c225a)
2012-10-04 14:48:01 -04:00
Tim Abbott
2a79ff0cc8
Rename 'zephyrs' => 'messages' when formatting a message list to send to clients.
...
(imported from commit bfbb556f2444aca8277f54c363eccb678b6bf2dc)
2012-10-04 14:42:38 -04:00
Tim Abbott
8c11aeb7ee
Rename zephyr_backend => send_message_backend.
...
(imported from commit 78eb5884777a6631dd6a6a82c21295ee8ee49c11)
2012-10-04 14:38:07 -04:00
Tim Abbott
7991e6e281
Replace 'zephyr' => 'message' in code internal to views.py.
...
(imported from commit 92d7bc82bd8f6edae1e59cab3e0bd8b7d035775e)
2012-10-04 14:38:07 -04:00
Luke Faraone
d8b678c75d
Emails with plus signs no longer are rendered with spaces in /accounts/login
...
(imported from commit 55fff703924ef28060f0b91af3a6f06a1a636197)
2012-10-04 14:27:49 -04:00
Tim Abbott
1ab81cff92
[schema] Rename Zephyr => Message in the schema.
...
(imported from commit 4f402f150c45d2097d6b16943935e6e370b4f8d8)
2012-10-03 18:14:15 -04:00
Tim Abbott
ed8042da73
Fix bug where starnine@mit.edu always gets added to zephyr-forwarded huddles.
...
(imported from commit 3ab930ed8ad6ce917b33483bd5af3cf27452f6da)
2012-10-03 17:55:14 -04:00
Tim Abbott
83ceba0a2d
Remove old /api/get_updates view.
...
(imported from commit 5a33a61bfb4b3aa40e28c356f5b4048db775b901)
2012-10-03 16:58:31 -04:00
Tim Abbott
9223f7932c
Convert zephyr_mirror humbug sending to use the API.
...
(imported from commit 948a12a1dca903c47b7427248688f2079c7eecdb)
2012-10-03 16:50:29 -04:00
Tim Abbott
40ae6080ee
Wide the deduplication windows for catching huddles to 10 seconds.
...
(imported from commit 0d05ef03a08d285bc4d9967553c25448104586a7)
2012-10-03 13:51:38 -04:00
Tim Abbott
01bc4aaf28
Remove 'zephyr' from invalid message type error.
...
(imported from commit 360ffc5bfbb12f65af83093ee5a83ac7caa5c464)
2012-10-03 12:30:39 -04:00
Tim Abbott
7acfb5c71c
Rename /zephyr/ to /send_message/.
...
(imported from commit 41c2ff67cfc514e53aff8648c36f545526e324ed)
2012-10-03 12:30:37 -04:00
Tim Abbott
828e0d4afb
Rename forge_zephyr to forge_message.
...
(imported from commit aa2dc6e24a9c1bd6be09bfa26241663ae143cef9)
2012-10-03 12:27:34 -04:00
Tim Abbott
cca5f7b76a
Rename do_send_zephyr to do_send_message.
...
(imported from commit df4dc741bf00a197ca5ab39373bc9a3eda379684)
2012-10-03 12:27:34 -04:00
Tim Abbott
d2884ba456
Make connection errors disappear more efficiently.
...
Previously, connection errors would stick around after a problem with
the server until (1) the server was fixed and (2) we later received a
message. This code change eliminates condition (2) by having the
server return immediately with no messages in the event that the
client has accumulated a large number of errors.
(imported from commit 6a9b08e534db6daea0041a71556ef5b708e935ed)
2012-10-02 17:46:06 -04:00
Tim Abbott
e79805847b
Rename the 'new_zephyr' argument to the more descriptive 'content'.
...
(imported from commit b47e2c4823bbfbf2f94cbafb24ed5d78dfbe841b)
2012-10-02 17:29:55 -04:00
Jessica McKellar
f54d1d16cc
views: remove unused variables and imports.
...
(imported from commit 9f421867caac561556e47ce79528432fe1b3b2dc)
2012-10-02 17:17:27 -04:00
Tim Abbott
5a5b5de650
Rename /api/v1/get_updates to /api/v1/get_messages.
...
(imported from commit f856637158cf9fda64ba333b532a5941de8fcbab)
2012-10-02 16:29:34 -04:00
Tim Abbott
18a3888373
[schema] Add an API for sending/receiving messages.
...
(imported from commit 209d525dc5892fc4c392a8ced1588c838cbb17c4)
2012-10-02 15:49:25 -04:00
Jessica McKellar
33ad7817a4
Require that the first character of a class be a number or letter.
...
(imported from commit a4d1c23f784107198045aee7cec1f53ab5114762)
2012-10-02 15:16:26 -04:00
Jessica McKellar
ec36170511
Fix buggy class name validation regex.
...
A-z != A-Z. The former permits problematic characters like "\".
(imported from commit 2bcda8683e630eaa6cbc3a2b9d0bda7a8448a8fa)
2012-10-02 15:16:26 -04:00
Jessica McKellar
588db5b4c5
Make class names case-insensitive.
...
(imported from commit e76e50156ca8dab1f7b3124351997e75ef08e521)
2012-10-02 15:16:26 -04:00
Luke Faraone
0c47459733
Also escape &s.
...
(imported from commit 8a76089492b0e7f7ff2635e7091485db2d7292c4)
2012-10-02 15:11:55 -04:00
Jessica McKellar
8727b1667c
Check if a class name is valid when checking for existence.
...
(imported from commit f4de50b52c851058b736033d447ea7fa6777a3d4)
2012-10-01 15:36:10 -04:00
Luke Faraone
aca5cef3eb
Redirect to login when attempting to resignup with a used email address.
...
(imported from commit d58a5dda9a0af409a6ee57cfcd30be45020352d2)
2012-10-01 10:45:58 -04:00
Luke Faraone
50dfbf7a1b
Implement confirmation for new user signups.
...
We add a few templates for django-confirmation. We define a
"PreregistrationForm" which is validated by accounts_home, which then
generates a confirmation object and emails the user. This required creating
a new table for a PreregistrationUser with an email and status (confirmed)
field.
The register function now no longer accepts a "email" field in the form
and deals only with confirmation IDs to determine the email used to sign
up a user.
(imported from commit 4fcde04530aa7ad4de84579668daee7290b424ac)
2012-10-01 10:45:58 -04:00
Keegan McAllister
5556bdd0a1
Put the type conversions back into return_messages_immediately
...
This had broken the check 'if last == -1'
(imported from commit 2154dbda696d72ea14c841f43511846a87e4ba0d)
2012-10-01 10:14:47 -04:00
Tim Abbott
85da33c4ee
Fix return_messages_immediately.
...
If the relevant keys don't exist, Django returns a
MultiValueDictKeyError, which wasn't one of the ones we had exceptions
for. This was breaking the API.
(imported from commit 1c1394006afcbdbee9465ad8c8c667ed5de5a346)
2012-09-28 21:08:39 -04:00
Keegan McAllister
25eeaabe47
On load, send a range around the pointer, then fill in later, then earlier
...
This still doesn't handle collapsing entirely correctly for the backfilled
messages.
(imported from commit d1fa3e2249968208e735454c27b8cab20bb78d3f)
2012-09-28 19:40:45 -04:00
Keegan McAllister
c65a387c1e
Factor out the determination of which messages to send immediately
...
(imported from commit 31c688986e4d8f923913083f36dea9c79a4c36ce)
2012-09-28 18:37:12 -04:00
Keegan McAllister
a8ec5c533f
Move the code for new messages immediately available into views.py
...
(imported from commit 4cfa0ead850b1a37a21ec7945b477e12681c5830)
2012-09-28 18:37:12 -04:00
Keegan McAllister
946c901e05
Factor the formatting of the updates response out of get_updates_backend
...
(imported from commit eb6a09363d671630afa7dea4ff23518c2a90fb97)
2012-09-28 18:37:12 -04:00
Keegan McAllister
e9f70c1efb
Track the first received message
...
We don't use this information, yet.
(imported from commit 24a9466823f3e7a287027969d3841c7638954e76)
2012-09-28 18:37:11 -04:00
Tim Abbott
8b87ba04ef
Fix apply_markdown option in new get_updates_api function.
...
(imported from commit 971010fff6408d691c5942c5a651c58413c2c091)
2012-09-27 17:39:28 -04:00
Tim Abbott
ccee128d61
New prototype zephyr mirroring system with bidirectional support.
...
(imported from commit cfb95ae8d0a241e7c068106e561dc18e16461596)
2012-09-27 17:33:21 -04:00
Tim Abbott
f7b8d371cd
Make the last_received parameter optional.
...
(imported from commit 001806356286cac85f79f521a48c09686d6f6bb6)
2012-09-27 16:42:15 -04:00
Keegan McAllister
3429e77178
Don't display the "Loading..." indicator if the user has no messages
...
(imported from commit a050218ccde3b82c570a9373cbab5e3fb22abcde)
2012-09-27 16:15:10 -04:00
Keegan McAllister
4e846f9059
Change the home page back to the register form, but go to login on log out.
...
This reverts commit 5c21c3b44ebc69377177ceb50b43dfd560f0b4d1.
(imported from commit ef983386ee11cbe3a75a7f0555f81ac71240c4c0)
2012-09-27 15:54:33 -04:00
Keegan McAllister
20240d869c
Rename get_updates_longpoll to get_updates
...
(imported from commit 15635904584b324bdfa1414caea12c3bc4ce54c8)
2012-09-27 15:46:36 -04:00
Tim Abbott
1a5c18b12c
Redirect not logged in users to the login page, not the signup page.
...
(imported from commit 5c21c3b44ebc69377177ceb50b43dfd560f0b4d1)
2012-09-27 15:01:30 -04:00
Tim Abbott
6394a54db7
Clean up the forge_zephyr workflow.
...
(imported from commit c559cfde267bc537cf554705a9750dcfe76f88ce)
2012-09-27 15:01:30 -04:00
Tim Abbott
8ffd91a6ee
Move new user/class creation into their own functions.
...
(imported from commit 192533c4e2bc55a26e7ea70a32e7d1f64d2ed8c3)
2012-09-27 15:01:30 -04:00
Luke Faraone
94fbb8b6c1
Remove references to HASH_SALT / MD5_SALT in the settings page.
...
(imported from commit a474454ce5aa8d11a6a0bcc0f0828b54f5dea81f)
2012-09-26 17:36:25 -04:00
Keegan McAllister
21d76b3398
Don't send instance_list in index.html
...
It gets populated from the zephyrs we receive in the initial get_updates_longpoll.
(imported from commit 83c773d211ea323233a986ccf12fd797236c08a5)
2012-09-26 17:11:00 -04:00
Keegan McAllister
12e458df80
Get initial messages from get_updates_longpoll
...
(imported from commit 2bb9c51409735abe23bad758338b13121aea4c99)
2012-09-26 17:10:59 -04:00
Luke Faraone
05e64f904d
Use .cleaned_data rather than sanitising identifiers twice.
...
(imported from commit c691e010f94e623706167a91ccfd505fae02f609)
2012-09-26 16:42:10 -04:00
Luke Faraone
ae6cfee818
Implement a new login redesign per Waseem. Be a little cute about it.
...
Split off some content previously placed into base back into index.html.
Move content previously localised in accounts_home to a new content_base
for use in the non-app version of the site.
We wrote up some copy and styled it according to taste.
In our new signup form, we no longer collect a short name and instead
extrapolate from the email.
(imported from commit cd734b13a4bda7f304129379524c4cc96b77b24b)
2012-09-26 16:42:10 -04:00
Tim Abbott
c8220ee057
Don't store the post-markdown HTML in our database content column.
...
(imported from commit bb81e84acc04ea0930be1026149618fbb60174fd)
2012-09-26 14:51:14 -04:00
Tim Abbott
f929593263
Don't try to use in-memory storage on model objects.
...
It doesn't work.
(imported from commit d5f95c345061e63b12fa12f2a0219f8e3b2e0380)
2012-09-26 10:44:47 -04:00
Keegan McAllister
4b19511423
Fetch instance list using a join rather than querying every recipient
...
(imported from commit d2de941083485f11ea8222451fb32bafe42987f6)
2012-09-25 19:26:06 -04:00
Keegan McAllister
c123b5225e
Fetch Zephyrs from UserMessage using a join rather than one by one
...
Cuts about 4 seconds of load time on the current live site.
(imported from commit 805a9444b7685fef259923b208ad734276a05de3)
2012-09-25 19:21:30 -04:00
Keegan McAllister
9efb63f6b8
Display SQL queries when DEBUG = True and URL like /?show_debug=y
...
(imported from commit dc3efd7aee2975f7d007296ba1ee1f72b262c493)
2012-09-25 18:40:59 -04:00
Tim Abbott
3b817ecc1c
Actually fix deduplication of synced huddle messages.
...
(imported from commit 63e7fbdc89e1271751f73d20f2185a048b56dd60)
2012-09-24 17:38:21 -04:00
Tim Abbott
a3a027f8c7
Another attempt at fixing huddle message deduplication.
...
(imported from commit 3b0a06d7bee7eacbe4eeb8ff6095bdcd5ce17e95)
2012-09-24 16:34:29 -04:00
Tim Abbott
0be4ce05a6
Another attempt at fixing huddle message deduplication.
...
(imported from commit 6d48a3488b5ca0b3fc923386d5edfdd8c002112d)
2012-09-24 16:33:50 -04:00
Tim Abbott
1f6e09834b
Another attempt at fixing huddle message deduplication.
...
(imported from commit 9b271d8bcb4ad902aaf2f21b73fc8536840262df)
2012-09-24 16:33:24 -04:00
Tim Abbott
2a1503fd35
Hopefully fix huddle message deduplication with MIT sync.
...
(imported from commit bccaa67d02e72b1c444d39b019d5bd87800b1441)
2012-09-24 16:30:24 -04:00
Tim Abbott
11e5e8785d
Preparation for syncing messages back to MIT.
...
(imported from commit 551b697366702de93579de259a9bc644be8d66ec)
2012-09-24 14:31:40 -04:00
Waseem Daher
d3bb97a21f
Raise error when subscribing to an already-subscribed-to class.
...
(imported from commit bc946fb99e6982d37fe8403b9ade803c49b30687)
2012-09-21 17:47:58 -04:00
Waseem Daher
f1aa17cf1d
Change some URLs associated with subscriptions.
...
Put all the 'API'-ish URLs in the /json/ namespace so that
/subscriptions and /subscriptions/add, etc. can be real
user-facing URLs if we want them to be.
(imported from commit 1455a32d27e44547ab1874b6289243cb40c85dde)
2012-09-21 17:36:29 -04:00
Tim Abbott
862ade7578
Use the real timestamps when syncing forged zephyrs.
...
(imported from commit e25e4c2656c6f442384c08934be68753f7ee7cb0)
2012-09-21 17:23:15 -04:00
Tim Abbott
1c03419cbf
If other huddle recipients don't exist, make them.
...
(imported from commit 5b9d8faf67657dd2ecca117aef136bc2a03f4abf)
2012-09-21 17:19:58 -04:00
Waseem Daher
230e725446
Allow spaces in classnames.
...
(imported from commit 9ef71240ee5e6e0ed9ca0b50d9461b539538b437)
2012-09-21 17:09:46 -04:00
Tim Abbott
f960c21931
zephyr-mirror: Add support for syncing huddles.
...
(imported from commit 0709ca40c5510ed9dbf28c666cff96609e8d41c2)
2012-09-21 16:44:26 -04:00
Waseem Daher
5a164f19c2
Clean up subscription functions.
...
Now that 'manage_subscriptions' only removes subscriptions,
let's name it that. Also, since both functions now only
act on one subscription at a time, use them in the singular.
(imported from commit 52cfc7b36eb1533da7aec1bc3a6e460151a56da8)
2012-09-21 16:30:29 -04:00
Waseem Daher
a27edbce7d
Restyle subscriptions page.
...
(imported from commit 41339c5af38ae5ea4801fc1e23b7184c277145f3)
2012-09-21 16:04:44 -04:00
Tim Abbott
8be02ce8a3
Fix use of userprofile for user_profile variable in subs code.
...
All of our other views code uses "user_profile" as the local variable
referring to a user_profile object -- best to be consistent about
that. We should also consider renaming Subscription model element.
(imported from commit 770cfad8258f016aef8c78c428e4499f5b12f300)
2012-09-21 14:47:40 -04:00
Tim Abbott
ed46a453ba
Add (mostly unstyled) settings page.
...
(imported from commit 492c5f498c2fec452e6c724555bc4a5a2c4c151a)
2012-09-21 14:47:26 -04:00
Keegan McAllister
85abb3f274
forge_zephyr: Convert email to lowercase
...
This fixes failing User.object.get(email=...)
(imported from commit e0d5097520c6a149031e6881ae25f4c5bb967918)
2012-09-21 14:11:34 -04:00
Keegan McAllister
a68a3e7ab7
Get the just-created user from create_user
...
(imported from commit d709c99cc670aa1b0864c40b8c0d5e52b6c90340)
2012-09-21 14:01:43 -04:00
Keegan McAllister
0638c2aada
forge_zephyr: fetch the just-created user
...
(imported from commit a269f30736f1873e6e4ed7202fcaa16c436299a8)
2012-09-21 13:56:20 -04:00
Keegan McAllister
3cbc56a866
Rename MD5_SALT to HASH_SALT
...
(imported from commit 3112cd805614c3057a9eb8f1b251381f48ab3173)
2012-09-21 13:44:09 -04:00
Tim Abbott
2d6683f896
Deduplicate user creation code.
...
(imported from commit bda76a9a44bd5ed7f0726b527fdb93cec109cbed)
2012-09-21 10:45:00 -04:00
Tim Abbott
135c82717d
Authenticate by email.
...
Approach from http://www.micahcarrick.com/django-email-authentication.html .
(imported from commit 796b8e08d8e1f9769cd3cf8ee61d3724ac3847b7)
2012-09-21 10:34:48 -04:00
Tim Abbott
ee8f28a084
Use email addresses as unique identifiers rather than usernames.
...
Note that this code still assumes one's email address (stripped of
domain) is unique.
(imported from commit e98f96601ad109811978fc00b1165e97d8f7b185)
2012-09-21 09:43:22 -04:00