Commit Graph

182 Commits

Author SHA1 Message Date
Tim Abbott e6f460f511 auth: Replace user_email_is_unique validator.
As we migrate to allow reuse of the same email with multiple realms,
we need to replace the old "no email reuse" validators.  Because
stealing the email for a system bot would be problematic, we still ban
doing so.

This commit only affects the realm creation logic, not registering an
account in an existing realm.
2017-11-28 16:23:10 -08:00
Umair Khan 1acdfef13c two_factor: Disable prefix in OurAuthenticationForm.
In two factor authentication every step adds a unique prefix to the fields,
due to this the name of the form fields differs from the HTML fields. If
we do not do this we will have to change the name in the HTML, which
will cause the change in tests.
2017-11-28 15:27:44 -08:00
Vishnu Ks 610eb557b8 backend: Make password reset form support multi realm membership. 2017-11-26 15:35:25 -08:00
Tim Abbott f6e57fd514 forms: Remove unnecessary OurAuthenticationForm logic.
This is checked for in the caller of OurAuthenticationForm, which
meant this code was never run.  But it is worth having an assertion
here to catch any possible regressions.
2017-11-21 20:14:12 -08:00
Tim Abbott 719d6c49df forms: Stop using get_user_profile_by_email in OurAuthenticationForm.
Structurally, the main change here is replacing the `clean_username`
function, which would get called when one accessed
self.cleaned_data['username'] with code in the main `clean` function.

This is important because only in `clean` do we have access to the
`realm` object.

Since I recently added full test coverage on this form, we know each
of the major cases have a test; the error messages are unchanged.
2017-11-21 20:14:12 -08:00
Tim Abbott 3bfb19b5f3 Convert EmailAuthBackend and LDAPAuthBackend to accept a realm. 2017-11-21 18:23:50 -08:00
Rishi Gupta 27babcf92b portico: Update error message for deactivated user.
The installation admin is not the right person to get support requests from
deactivated users, regardless of the situation.

Also updates the wording to be a bit more concise.
2017-11-20 13:40:51 -08:00
Tim Abbott 0667a62244 password reset: Simplify password reset form logic.
Now that we're generating the URL inside the Python code, we can clean
up the context logic.
2017-11-20 10:40:33 -08:00
Vishnu Ks 9c50819dd6 email: Add reset button to password reset email. 2017-11-20 10:35:03 -08:00
Tim Abbott c8edbae21c password reset: Fix error message for invalid realm.
This is a lot cleaner than the previous model.

Basically rewritten by Vishnu Ks to actually work :).
2017-11-20 10:34:55 -08:00
Umair Khan 95ba3e7cbb password_reset: Send email unconditionally.
This was basically rewritten by tabbott, because the code is a lot
cleaner after just rewriting the ZulipPasswordResetForm code to no
longer copy the model of the original Django version.

Fixes #4733.
2017-11-20 10:32:40 -08:00
Tim Abbott cd95c09fca forms: Use an AssertionError for unexpected DNS errors. 2017-11-17 17:25:56 -08:00
rht c4fcff7178 refactor: Replace super(.*self) with Python 3-specific super().
We change all the instances except for the `test_helpers.py`
TimeTrackingCursor monkey-patching, which actually needs to specify
the base class.
2017-10-30 14:30:25 -07:00
Greg Price c9457d4af0 subdomains: Refactor check_subdomain to a clearer interface.
Now that every call site of check_subdomain produces its second
argument in exactly the same way, push that shared bit of logic
into a new wrapper for check_subdomain.

Also give that new function a name that says more specifically what
it's checking -- which I think is easier to articulate for this
interface than for that of check_subdomain.
2017-10-26 10:29:17 -07:00
Greg Price 7c467a8f01 subdomains: Fix one backward call site of check_subdomain.
This should be a pure refactor: the only asymmetry in the behavior
of `check_subdomain` between its two arguments is if one of them
is None, and in this case we have a non-nullable model field on
one side and the return value from `get_subdomain` on the other.

With these swapped, this call site now matches all other
`check_subdomain` call sites in having the second argument come as
the subdomain of some user's realm.
2017-10-26 10:29:17 -07:00
Greg Price f10e66eff2 subdomains: Simplify a funny call site of get_subdomain.
The type of get_subdomain's parameter is non-Optional, and
in fact if passed an argument of None it would promptly
blow up.  So this `getattr` can't be serving any purpose.
2017-10-26 10:29:17 -07:00
Tim Abbott d69c39cad1 ldap: Prevent useless password resets when email auth is not enabled.
While the passwords wouldn't do anything without email auth enabled
anyway, it's probably better not to have users be able to go through
the flow.
2017-10-24 12:07:43 -07:00
Tim Abbott b590cd6c8f password-reset: Remove unnecessary template arguments.
We set these directly in the `send_email` function anyway.
2017-10-24 12:07:43 -07:00
Tim Abbott 47d14d32d4 password-reset: Remove unused domain/site_name fields.
Since we're now customizing this form, we don't need these.
2017-10-24 12:07:43 -07:00
Umair Khan 7ecada62ff password-reset: Copy the entire save() from Django.
We're going to end up deleting most of this in the next few commits;
the main goal here is to make it easy to code-review whether we're
breaking anything in replacing the built-in Django form's logic.
2017-10-24 12:07:14 -07:00
Tim Abbott 145817d1e0 forms: Pass the realm into authenticate in OurAuthenticationForm.
Historically, we'd just use the default Django version of this
function.  However, since we did the big subdomains migration, it's
now the case that we have to pass in the subdomain to authenticate
(i.e. there's no longer a fallback to just looking up the user by
email).

This fixes a problem with user creation in an LDAP realm, because
previously, the user creation flow would just pass in the username and
password (after validating the subdomain).
2017-10-23 12:36:09 -07:00
Tim Abbott 85917a7269 subdomains: Improve support for using the root domain.
This modifies the realm creation form to (1) support a
realm_in_root_domain flag and (2) clearly check whether the root
domain is available inside check_subdomain_available before trying to
create a realm with it; this should avoid IntegrityErrors.
2017-10-18 23:38:55 -07:00
Tim Abbott 0bfcf2da41 subdomains: Don't compute realm_subdomain if not needed.
We were doing an unnecessary database query on every user registration
checking the availability of the user's subdomain, when in fact this
is only required for realm creation.
2017-10-18 23:05:15 -07:00
Vishnu Ks 07438b2f2c forms: Save realm_creation setting on RegistrationForm.
This will be useful for making the checking behavior depend on the
status of this form.
2017-10-18 22:40:20 -07:00
Tim Abbott 1ab2ca5986 subdomains: Extract zerver.lib.subdomains library.
These never really belonged with the rest of zerver.lib.utils.py, and
having a separate library makes it easier to enforce full test
coverage.
2017-10-18 22:27:48 -07:00
Tim Abbott 7445493fb3 forms: Extract check_subdomain_available.
This should make it easier to call this check from other code paths.
2017-10-03 17:44:46 -07:00
Tim Abbott 1d72629dc4 subdomains: Hardcode REALMS_HAVE_SUBDOMAINS=True. 2017-10-02 16:42:43 -07:00
Tim Abbott e6f8032972 subdomains: Remove get_unique_open_realm code paths.
Since we no longer support !REALMS_HAVE_SUBDOMAINS in production,
these no longer make sense.
2017-10-02 16:32:10 -07:00
Rishi Gupta 0335d8dca7 authentication: Update error message for deactivated user. 2017-09-29 12:32:46 -07:00
rht 2949d1c1e8 zerver: Remove the rest of absolute_import. 2017-09-27 10:02:39 -07:00
Vishnu Ks b4fedaa765 backend: Add support for multiuse user invite link. 2017-09-22 07:56:53 -07:00
Tim Abbott 2aab6e0f49 forms: Replace is_inactive with more comprehensive check.
While we're at it, we clean up the old confusing error messages.
2017-08-24 23:16:31 -07:00
Umair Khan 5d0ac49f12 registration: Password should be required in form.
Password field should be optional only when password auth backend is not
enabled or when password is not required as in Google or GitHub
registration.
2017-08-09 13:44:57 -07:00
Greg Price e18baff32c JsonableError: Rename message from `error` to `msg`.
The whole thing is an error, so "message" is a more apt word for the
error message specifically.  We abbreviate that as `msg` in the actual
HTTP responses and in the signatures of `json_error` and friends, so
do the same here.
2017-07-24 16:41:22 -07:00
Jack Zhang e915321f89 registration: Remove organization type selection in realm creation. 2017-07-21 13:09:06 -07:00
Rishi Gupta 3d24d12ba1 emails: Change reset password emails to use to_user_id. 2017-07-16 16:56:39 -07:00
Rishi Gupta 154d37afd2 emails: Add to_user_id argument to send_email.
Both the queue processor and ScheduledJob emails need to sometimes pass a
to_user_id and sometimes pass a to_email, and it's more convenient to just
have one function that they can call that can handle either.

Also removes the now redundant send_email_to_user.
2017-07-16 16:56:39 -07:00
James Rowan 69f3ca7870 emails: Make password reset emails come from 'Zulip Account Security.' 2017-07-13 14:50:36 -07:00
Umair Khan 638b32542d auth: Don't show deactivation notice to mirror dummies. 2017-07-05 23:50:53 -07:00
Rishi Gupta a26703109e settings: Change all uses of ZULIP_ADMINISTRATOR to FromAddress.SUPPORT.
Make it less likely that further development will break compatibility with
ZULIP_ADMINISTRATORs of the form "name <email>".

Note that the suggested value for this setting has been
'zulip-admin@example.com' for a while, so hopefully this commit causes no
change for most installations.
2017-07-05 15:33:01 -07:00
Rishi Gupta 364415bba4 password reset flow: Use default noreply email address. 2017-07-04 14:25:01 -07:00
Rishi Gupta 36cd122905 models: Change default org_type to CORPORATE.
Once we implement org_type-specific features, it'll be easy to change a
corporate realm to a community realm, but hard to go the other way. The main
difference (the main thing that makes migrating from a community realm to a
corporate realm hard) is that you'd have to make everyone sign another terms
of service.
2017-06-29 15:14:58 -07:00
Vishnu Ks 61744a7a2a forms.py: Replace hardcoded UserProfile.MAX_NAME_LENGTH in RegistrationForm. 2017-06-22 12:45:46 -07:00
Umair Khan 4f223c19d8 sign-in: Show proper error for deactivated user.
Show a clear error message when a user tries to sign in with
a deactivated account.

Fixes #4757
2017-06-20 11:38:58 -04:00
Tim Abbott 93ea4128ac auth: Require the realm_name field in RegistrationForm.
Previously, the only required field in RegistrationForm was the full
name (and possibly ToS, depending on settings).  This meant that if
LDAP was configured, realm creation would break, because the form
would be valid the first time one landed on it, before the user even
filled it out!

The correct fix is to make the extra fields required in
RegistrationForm in the event that we're doing realm creation.

It's possible that a cleaner fix would be to use a subclass.

With a test from Umair Waheed Khan.

Fixes #5387.
2017-06-15 11:04:25 -07:00
Tim Abbott 57d26c1a66 auth: Add realm_creation parameter to RegistrationForm. 2017-06-15 11:04:25 -07:00
Umair Khan 2e1ccabb88 forms.py: Add the dynamic field in __init__
If we add the field like this, we can control its existence in tests.
In other case, since classes are compiled once, even if we set
TERMS_OF_SERVICE to False in tests, terms field would still continue
to exist in the form class.
2017-06-15 10:14:55 -07:00
Rishi Gupta 769c5ab105 emails: Send password reset emails through zerver.lib.send_email.
Previously, the password reset email behaved differently from all the other
email Zulip sends.
2017-06-06 23:22:22 -07:00
Umair Khan 556264f3d7 reset_password: Modify password reset email if email is in wrong realm.
This fixes a confusing issue where a user might try resetting the
password for an email account that in part of a different Zulip
organization.

Is a useful early step towards making Zulip support reusing an email
in multiple realms.

Fixes: #4557.
2017-04-24 21:58:29 -07:00
Tim Abbott 1cfebdcb84 forms: Fix minor pep-8 lint error. 2017-04-20 11:39:19 -07:00
Umair Khan 8fee31f7ff forms.py: Include email in the error messages. 2017-04-20 11:07:01 -07:00
Umair Khan 1d9113d326 forms.py: Use .format() for string formatting. 2017-04-20 10:28:05 -07:00
Umair Khan d0f907f9da Make FindMyTeamForm strings translatable. 2017-04-18 15:13:25 -07:00
Bao Chau 9b6e648acb registration: Fetch length limits from the backend's actual sizes.
This makes these more likely to remain accurate over time.

Fixes #4211.
2017-03-25 20:10:12 -07:00
Rishi Gupta 8fecd454aa forms.py: Remove unused function get_registration_string(domain). 2017-03-14 17:17:42 -07:00
Maxim Averin fc35982b87 zerver: Replace log_event with RealmAuditLog in do_change_password.
This replaces the ancient file logging approach for the auditable
password change event with the database audit log.
2017-03-13 22:07:14 -07:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
Tim Abbott 84b18f865a users: Verify full names explicitly in account registration.
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Rishi Gupta 2b0a7fd0ba Rename models.get_realm_by_string_id to get_realm.
Finishes the refactoring started in c1bbd8d. The goal of the refactoring is
to change the argument to get_realm from a Realm.domain to a
Realm.string_id. The steps were

* Add a new function, get_realm_by_string_id.

* Change all calls to get_realm to use get_realm_by_string_id instead.

* Remove get_realm.

* (This commit) Rename get_realm_by_string_id to get_realm.

Part of a larger migration to remove the Realm.domain field entirely.
2017-01-04 17:12:23 -08:00
Umair Khan f208813ea3 Add Find My Team feature. 2017-01-03 21:33:42 -08:00
Juan Verhook cfa9c2eaf2 mypy: Update zerver directory to use Text 2016-12-29 09:12:15 -08:00
Rishi Gupta 717afcb408 Remove calls to get_realm in preparation for its deprecation.
Also removes two calls to email_to_domain.
2016-12-26 17:53:32 -08:00
Rishi Gupta 1ce9a8a458 Remove confusing comments in HomepageForm and RealmCreationForm. 2016-12-26 17:49:58 -08:00
Rishi Gupta ddf480136c Remove unused domain argument from RealmCreationForm. 2016-12-26 17:49:58 -08:00
Rishi Gupta ec658d038d Refactor HomepageForm to use a Realm instead of a string_id. 2016-12-26 17:49:58 -08:00
Rishi Gupta ea634cb982 forms: Refactor HomepageForm to be more pythonic. 2016-12-26 17:49:58 -08:00
Rishi Gupta a87e653c32 Refactor models.completely_open to take a Realm instead of a domain. 2016-12-26 17:49:58 -08:00
bulat22101 adebc75740 pep8: Fix E502 violations 2016-12-03 10:56:36 -08:00
Bickio e009383460 pep8: Fix E231. 2016-11-30 19:59:25 -08:00
Rishi Gupta 5681ee90fa models.py: Rename split_email_to_domain to email_to_domain.
In order to better match models.email_to_username.
2016-11-11 15:26:51 -08:00
Rishi Gupta c1713c9659 Prevent code from using email domain to determine realm when subdomains.
Also removes the intermediate step of going through Realm.domain in the
non-subdomains case. Part of a larger project to remove Realm.domain
entirely.
2016-11-11 15:26:51 -08:00
Rishi Gupta b114690bd5 forms.HomepageForm: Rename subdomain to string_id.
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta 38f1ab325c forms.HomepageForm: No longer take a domain argument.
domain was unused. No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta ff2fe0cf92 forms.HomepageForm: Improve error messages.
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta d1acc54b2f forms.HomepageForm: Stop users from signing up for realms they can't join.
We do this check in accounts_register as well, but might as well tell the
user now not to get their hopes up.
2016-11-09 16:31:48 -08:00
Rishi Gupta 82b60ad29e forms.HomepageForm: Disallow mit mailing lists from open mirroring realms.
I'm guessing the old behavior was unintended, rather than policy.
2016-11-09 16:31:48 -08:00
Rishi Gupta 78dee73511 forms.HomepageForm: Consolidate check for open realm.
Does change/fix behavior in various corner cases when the domain passed in
to HomepageForm and subdomain passed in to HomepageForm correspond to
different realms.
2016-11-09 16:31:48 -08:00
Rishi Gupta 01526677c4 forms.HomepageForm: Use string_id to determine intended signup realm.
If the user comes in to HomepageForm with a set subdomain, use that to
determine the signup realm instead of the email address.

In the non-REALMS_HAVE_SUBDOMAINS case, still allow using the email address
if no subdomain is passed.
2016-11-09 16:31:48 -08:00
Rishi Gupta eddd8fb5fe forms.HomepageForm: Reorder email checks for future edits.
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta 60b5b82b57 forms.py: Merge get_valid_realm into caller.
No change to behavior.
2016-11-09 16:31:48 -08:00
Rishi Gupta bab481efc2 forms.py: Refactor MIT mailing list check into a modern style.
No change to behavior. non_mit_mailing_list never returned False, so it was
never possible to reach the line "Otherwise, the user is an MIT mailing
list, and .."
2016-11-07 22:37:55 -08:00
Rishi Gupta 76c99eaf55 forms.py: Change variable names to be more specific.
No change to behavior.
2016-11-07 22:37:55 -08:00
Rishi Gupta 6544c756d6 forms.py: Reorder imports. 2016-11-05 10:37:15 -07:00
Rishi Gupta 5e6d4da8a8 realm creation flow: Prevent disposable email signups.
Check user's email address against a list of 2000 disposable email
domains. Does not affect the create_realm management command.
2016-11-05 10:37:15 -07:00
Rishi Gupta 2033381d24 realm creation flow: Restrict subdomains one can create via the web flow.
Disallow Realm.string_id's like "streams", "about", and several hundred
others. Also restrict string_id's to be at least 3 characters long, and only
use characters in [a-z0-9-].

Does not restrict realms created by the create_realm.py management command.
2016-11-05 10:37:15 -07:00
Rishi Gupta 4a74301a62 models.py: Replace resolve_subdomain_to_realm with get_realm_by_string_id.
No change in functionality.
2016-11-03 13:59:11 -07:00
Tim Abbott dd008ae559 realm creation flow: Allow signups from all emails.
This (1) removes the check on whether the domain of the email matches
the Realm.domain of an existing realm and (2) avoids setting `realm =
get_realm(domain)` in the realm creation flow, which would cause the
wrong code path to be followed in the event that the domain in a
user's email address happens to match a deactivated realm.
2016-11-03 13:58:52 -07:00
Rishi Gupta 9ef8536cc6 models.Realm: Require Realm.string_id to be non-NULL.
Adds a database migration, adds a new string_id argument to the management
realm creation command, and adds a short name field to the web realm
creation form when REALMS_HAVE_SUBDOMAINS is False.
2016-11-02 22:46:34 -07:00
Rishi Gupta 777fcaa6a0 Add new organization type field to Realm objects.
Adds a new field org_type to Realm.  Defaults for restricted_to_domain
and invite_required are now controlled by org_type at time of realm
creation (see zerver.lib.actions.do_create_realm), rather than at the
database level.  Note that the backend defaults are all
org_type=corporate, since that matches the current assumptions in the
codebase, whereas the frontend default is org_type=community, since if
a user isn't sure they probably want community.

Since we will likely in the future enable/disable various
administrative features based on whether an organization is corporate
or community, we discuss those issues in the realm creation form.
Before we actually implement any such features, we'll want to make
sure users understand what type of organization they are a member of.

Choice of org_type (via radio button) has been added to the realm
creation flow and the realm creation management command, and the
open-realm option removed.

The database defaults have not been changed, which allows our testing code
to work unchanged.

[includes some HTML/CSS work by Brock Whittaker to make it look nice]
2016-10-05 17:01:46 -07:00
hackerkid ea39fb2556 Add option for hosting each realm on its own subdomain.
This adds support for running a Zulip production server with each
realm on its own unique subdomain, e.g. https://realm_name.example.com.

This patch includes a ton of important features:
* Configuring the Zulip sesion middleware to issue cookier correctly
  for the subdomains case.
* Throwing an error if the user tries to visit an invalid subdomain.
* Runs a portion of the Casper tests with REALMS_HAVE_SUBDOMAINS
  enabled to test the subdomain signup process.
* Updating our integrations documentation to refer to the current subdomain.
* Enforces that users can only login to the subdomain of their realm
  (but does not restrict the API; that will be tightened in a future commit).

Note that toggling settings.REALMS_HAVE_SUBDOMAINS on a live server is
not supported without manual intervention (the main problem will be
adding "subdomain" values for all the existing realms).

[substantially modified by tabbott as part of merging]
2016-09-27 23:24:14 -07:00
Tim Abbott 7950d3181e zmirror: Fix hardcoding of zulip.com support email address.
We now use support_email == settings.ZULIP_ADMINISTRATOR just like
every other support email address reference.
2016-08-18 18:36:07 -07:00
Tim Abbott f0e495831e forms: Fix check for whether terms of service are enabled. 2016-08-12 11:04:45 -07:00
Rishi Gupta 7910a6e134 Terms of Service: Add ability to update TOS and have users re-sign.
Most directly useful for the migration to zulipchat.com.

Creates a new field in UserProfile to store the tos_version, as well as two
new settings TOS_VERSION and FIRST_TIME_TOS_TEMPLATE. We check for a version
mismatch between what the user has signed and the current
settings.TOS_VERSION whenever the user hits the home page, and redirect them
if needed.

Note that accounts_accept_terms.html and
zerver.views.accounts_accept_terms were unused before this commit
(they date from c327446537)
2016-08-11 23:37:48 -07:00
Tim Abbott ed6c134cf4 Clean up and document clean_email code path. 2016-07-26 20:30:12 -07:00
Tim Abbott c25b077224 settings: Extract settings.SHOW_OSS_ANNOUNCEMENT. 2016-07-19 15:28:41 -07:00
Taranjeet Singh 37ea785b8f zerver/forms.py: Fix line with length greater than 120. 2016-07-18 14:42:39 -07:00
Tim Abbott c25c8d8c98 forms: Wrap some very long lines. 2016-06-25 10:52:03 -07:00
Vishnu Ks ad1c3894d9 Add interface for creating new realms.
This is controlled by settings.OPEN_REALM_CREATION; if that setting is
off, this feature doesn't do anything.
2016-06-17 16:15:28 -07:00
medullaskyline 2855c285b4 Annotate zerver.forms. 2016-06-05 12:02:19 -07:00
Umair Khan 5359e6b0d4 Convert Zulip to use Jinja2 templates.
This results in a substantial performance improvement for all of
Zulip's backend templates.

Changes in templates:
- Change `block.super` to `super()`.
- Remove `load` tag because Jinja2 doesn't support it.
- Use `minified_js()|safe` instead of `{% minified_js %}`.
- Use `compressed_css()|safe` instead of `{% compressed_css %}`.
- `forloop.first` -> `loop.first`.
- Use `{{ csrf_input }}` instead of `{% csrf_token %}`.
- Use `{# ... #}` instead of `{% comment %}`.
- Use `url()` instead of `{% url %}`.
- Use `_()` instead of `{% trans %}` because in Jinja `trans` is a block tag.
- Use `{% trans %}` instead of `{% blocktrans %}`.
- Use `{% raw %}` instead of `{% verbatim %}`.

Changes in tools:
- Check for `trans` block in `check-templates` instead of `blocktrans`

Changes in backend:
- Create custom `render_to_response` function which takes `request` objects
  instead of `RequestContext` object. There are two reasons to do this:
    1. `RequestContext` is not compatible with Jinja2
    2. `RequestContext` in `render_to_response` is deprecated.
- Add Jinja2 related support files in zproject/jinja2 directory. It
  includes a custom backend and a template renderer, compressors for js
  and css and Jinja2 environment handler.
- Enable `slugify` and `pluralize` filters in Jinja2 environment.

Fixes #620.
2016-05-09 09:55:18 -07:00