Commit Graph

952 Commits

Author SHA1 Message Date
hollywoodno 75d9630258 Add notifications on new logins to Zulip.
This adds helpful email notifications for users who just logged into a
Zulip server, as a security protection against accounts being hacked.

Text tweaked by tabbott.

Fixes #2182.
2017-03-25 16:50:52 -07:00
Umair Khan f7860bca48 backends.py: Don't pass mutable default arguments.
Values of mutable default arguments are shared across all function
invocations. See
https://pythonconquerstheuniverse.wordpress.com/2012/02/15/mutable-default-arguments/
for further details.
2017-03-24 10:59:32 -07:00
Tim Abbott 3617ebfd41 api: Rename get_old_messages to get_messages in the backend.
Fixes #1315.
2017-03-23 23:52:44 -07:00
Umair Khan 2dc2a6b705 github: Redirect to login page if invalid email. 2017-03-23 17:12:58 -07:00
Umair Khan 30c1e2245e github: Add docstrings to functions.
Docstring added to:
* auth_complete
* do_auth
2017-03-23 17:12:58 -07:00
Umair Khan 029a4e5696 backends.py: Update comment in process_do_auth. 2017-03-23 17:12:58 -07:00
Tim Abbott 06492738b5 dev: Expose coverage and built documentation to web.
This makes it much more convenient for developers to access coverage
and built developer documentation.
2017-03-23 13:10:06 -07:00
Tim Abbott d39b2e116b settings: Disable password strength checking in development. 2017-03-22 13:14:20 -07:00
sinwar 397e9c109e auth: Separate development login from main login page.
This allows us to enable EmailAuthBackend by default in development
without cluttering the development login experience.

Fixes #3652.
2017-03-22 12:54:30 -07:00
Raghav Jajodia 9707c74f33 message_edit: Added copy to clipboard button.
A copy-to-clipboard button is added over message-edit textarea.
Closes #3239.
2017-03-22 11:00:18 -07:00
Steve Howell 4fb8339954 Extract typing_events.js. 2017-03-22 07:29:42 -07:00
Steve Howell 642be6ad18 Revamp state tracking for outbound typing indicators.
This change moves most of the logic related to starting and
stopping outbound typing indicators to a new module called
typing_status.js that is heavily unit tested.

While this was in some sense a rewrite, the logic was mostly
inspired by the existing code.

This change does fix one known bug, which is that when we
were changing recipients before (while typing was active), we
were not stopping and starting typing indicators.  This was
a fairly minor bug, since usually users leave the compose
box to change recipients, and we would do stop/start under
that scenario.  Now we also handle the case where the user
does not leave the compose box to change recipients.
2017-03-22 07:01:20 -07:00
Steve Howell 67a2094ed1 Add typing_data.js, which can track users who are typing.
(A subsequent commit will actually integrate this into the app.)
2017-03-21 17:24:40 -07:00
Yago González 34a9e1ae11 markdown: Add TeX typesetting support.
Co-authored-by: Reid Barton <rwbarton@gmail.com>

Fixes #2056.
2017-03-21 16:40:00 -07:00
adnrs96 a91012bd70 Move thirdparty-fonts.css from static/styles to static/third. 2017-03-21 13:40:05 -07:00
Tim Abbott 5b0ff2a69a mypy: Fix some strict-optional related issues. 2017-03-19 22:26:25 -07:00
Steve Howell fd856d728c Extract message_util.js 2017-03-19 21:03:45 -07:00
Steve Howell 8d3d70984d Extract message_events.js. 2017-03-19 21:03:45 -07:00
Steve Howell 1114c8bf62 Extract message_fetch.js. 2017-03-19 21:03:45 -07:00
wangjames 12eeb27442 js dependencies: Extract ui_state.js.
The function home_tab_obscured used to be in the ui_state
namespace via a shim, but now we have an actual module for
it.
2017-03-19 14:11:50 -07:00
Steve Howell d026344b37 Extract js/ui_util.js. 2017-03-19 11:05:45 -07:00
Steve Howell 1d7d6869c9 Extract stream_events.js 2017-03-19 10:56:09 -07:00
Steve Howell cfd1e8cbc3 Extract stream_muting.js. 2017-03-19 10:56:09 -07:00
Steve Howell ab34b5ee9f Extract ui_init.js. 2017-03-19 10:56:09 -07:00
Rishi Gupta 19d8d16126 js dependencies: Split hash_util.js from hashchange.js. 2017-03-18 20:40:34 -07:00
Steve Howell 35d38d62f3 Add shim.js w/narrow_state global. 2017-03-18 15:52:50 -07:00
Tim Abbott f67e9a7e5e CSS: Rename #overlay to #lightbox_overlay. 2017-03-18 13:54:11 -07:00
Tim Abbott ed90879602 js: Extract lightbox.js from ui.js. 2017-03-18 13:54:11 -07:00
Steve Howell a51caceea5 refactor: Extract unread_ops.js
This module mostly contains the mark_* functions that
update the server with info about unread counts.
2017-03-18 10:35:52 -07:00
Arpith Siromoney e073220e21 Add typing notifications front end.
Send typing notification events when user types in the compose box.
Listen for these events and display a notification.

Sending notifications: Notifications are throttled, so that start
notifications are sent every 10 seconds of active typing, and stop
notifications are sent 5 seconds after active typing stops or when the
compose box is closed.

Displaying notifications:
When a typing notification is received, if the current narrow is private
messages or is: pm-with and the user is not the sender,
"Othello is typing..." is displayed underneath the last message. This notification is
removed after 15 seconds. If another notification is received during this period, the
expiration is extended. When a stop notification is received the notification is removed.

Internally, a list of users currently typing is maintained for each
conversation (in a dict). When an event is received the list (for the appropriate
conversation) is updated and the notifications template is re-rendered
based on the narrow information. This template is also re-rendered when
the narrow changes.

Significantly modified by tabbott for clarity.

Fixes #150.
2017-03-17 20:45:07 -07:00
Tim Abbott 25488b550f casper: Fix issues with server autoreloading on save.
This fixes an issue where if you saved a Python file (even just
changing whitespace) while casper tests were running, the Tornado
server being used would restart, triggering a confusing error like
this:

ReferenceError: Can't find variable: $
Traceback:
  undefined:2
  :4
Suite explicitly interrupted without any message given.
2017-03-17 20:45:07 -07:00
Umair Khan 4442703011 jinja2: No need for custom render_to_response.
Django 1.10 has changed the implementation of this function to
match our custom implementation; in addition to this, we prefer
render().

Fixes #1914 via #4093.
2017-03-17 13:57:34 -07:00
kunall17 a908bb1898 Implemented API routes for muting/unmuting a topic 2017-03-15 16:19:00 -07:00
Brock Whittaker b0e5aeb313 Consolidate JavaScript modal closing in modals.js.
This consolidates all actions to close modals into modals.js and
triggers the correct cleaning/collapsing function dependent on what the
data-overlay attribute is labeled as.

It also ensures these all have an e.stopPropagation().

Fixes #4029.
2017-03-15 12:27:44 -07:00
K.Kanakhin f77c5fc086 settings: Extend `DATA_UPLOAD_MAX_MEMORY_SIZE` from default value.
- In django 1.10 was added `DATA_UPLOAD_MAX_MEMORY_SIZE` parameter,
  which controls max size of uploading files. By default it is 2.5MB.
2017-03-15 12:15:27 -07:00
Umair Khan 0d296afa54 github: Return '' when name is None. 2017-03-15 11:11:09 -07:00
Umair Khan e44e58f6d5 logging: Skip log records originated in site packages.
This fixes the huge exception we get in our logs from django.template
logger. This exception is a known bug in Django, see
https://code.djangoproject.com/ticket/26886

Fixes #3974
2017-03-15 11:07:31 -07:00
Rishi Gupta 4627ff1b4b zproject: Change comments to refer to Realm.string_id instead of domain. 2017-03-14 17:17:42 -07:00
Tim Abbott 5e39ccd642 js: Rename viewport.js to message_viewport.js.
This fixes the mobile web experience for Chrome on iOS.

Apparently, Chrome-on-iOS silently has a `viewport` module that
overrides and user-defined module by that name, causing all of our
code that accesses the viewport module to not work on that platform.
We fix this by renaming it.
2017-03-10 14:59:59 -08:00
Amy Liu e5ab3123af Migrate json/set_muted_topics to muting/topics. 2017-03-09 20:52:29 -08:00
Amy Liu 9500c88e32 Migrate legacy url json/bulk_invite_users to invite/bulk_invite. 2017-03-09 20:51:03 -08:00
Tim Abbott 84eb427c63 lint: Fix settings.py linewrapping. 2017-03-08 01:15:24 -08:00
Brock Whittaker 3b55519b11 Redesign "/features/" page in portico.
This redesigns the features page to incorporate the new landing nav,
CSS animations, and general styling of the product page set.
2017-03-07 23:25:39 -08:00
K.Kanakhin 1cb0f8dc41 Add size limit for uploading user avatars and realm icons.
- Add settings parameter for max realm icon size.
- Add settings parameter for max user avatar size.
- Add checking file size to avatar and icon
  uploading views.
- Transfer file size limit parameter to frontend.
- Add tests.
2017-03-07 22:13:01 -08:00
K.Kanakhin 173f34b7aa user-presence: Add `offline` status to aggregated info.
- Add `OFFLINE_THRESHOLD_SECS` settings parameter
  to handle offline period.
- Set aggregated status to offline if user's status
  haven't changed for `OFFLINE_THRESHOLD_SECS` period.
- Add test for offline aggregated status.
2017-03-07 20:09:53 -08:00
Umair Khan 1f60baba6b Handle social auth exception in auth_complete.
In case of an exception, we log it and return None which results in a
redirect to the login page.
2017-03-07 19:46:40 -08:00
Raghav Jajodia d52e08a25c analytics: Add a "Last updated" to the bottom of the stats page.
Fixes #3857.
2017-03-07 16:02:27 -08:00
Tim Abbott dcb14ec58e jinja2: Fix mypy confusion caused by weird six import. 2017-03-06 22:24:07 -08:00
Tim Abbott e1c1f96f9e zilencer: Eliminate submit_feedback indirection. 2017-03-06 00:01:57 -08:00
Tim Abbott 9a08ef5545 zilencer: Remove FEEDBACK_TARGET forwarding logic.
This feature hardcoded zulip.com, and never really made much sense
("feedback" should generally go to the local server administrator, not
to the Zulip development community).
2017-03-06 00:01:57 -08:00
Steve Howell 8e2e406404 refactor: Extract stream_popover.js.
This module handles the popovers in the stream list--one for
stream actions and another for topic-specific actions.

The extraction was mostly straightforward, but I did move some
of the code related to the color picker to be more consistent
with how I organized the other click handlers.
2017-03-05 15:44:43 -08:00
Rafid Aslam 33129059f4 deps: Upgrade and move `handlebars` from `static/third` to `npm`.
- Remove `handlebars.runtime.js` from static/third and fetch it from npm
- Upgrade `handlebars` to 3.0.3.

I change the test since there is a patch about line, written in
handlebars'
v2.0.0-beta.1 release note:
"Lines containing only block statements and whitespace are now removed."

Fixes part of #1709.
2017-03-04 21:49:02 -08:00
Tim Abbott bd0d6bb9d2 docs: Add discussion of VFL to front-end-build-process.md.
Also, link to this from various Python files where relevant.
2017-03-04 21:14:17 -08:00
Tim Abbott 899b59e9d6 dev_settings: Fix linter error in recent mypy work. 2017-03-04 15:34:09 -08:00
Tim Abbott 75e81253f2 mypy: Work around several new mypy bugs in 0.501. 2017-03-04 15:33:39 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
Rishi Gupta 66371009e2 Set settings.TIME_ZONE to UTC.
If there are weird time-based regressions in the next couple of days, it's
probably due to this.
2017-03-03 19:00:02 -08:00
Rishi Gupta 28d3af0965 Fix several new errors caught by mypy 0.501.
Clear out a bunch of easy to review errors, so we can focus on the more
complicated ones.
2017-03-03 14:12:52 -08:00
hackerkid b7a6826fda Add support for getting medium size profile images. 2017-03-01 09:57:30 -08:00
Igor Tokarev 31dff09efa Support email changes for !avatar syntax.
Significantly modified by tabbott to avoid calling
get_user_profile_by_email in bugdown, and have 100% test coverage of
the views code.

Fixes #2041.
2017-02-28 21:56:04 -08:00
Umair Khan 802de53ede backend: Handle GitHub authentication failure.
In case of AuthFailed exception return None.
2017-02-28 09:55:37 -08:00
K.Kanakhin 257bb40698 realm-icon: Add realm icon feature.
- Add realm icon fields to realm model.
- Add migration for new realm model's field.
- Add views for icon uploading and deleting.
- Add routes for realm icons views.
- Add JS widget for realm icon upload setting.
- Add realm icon upload to administration
  organization setting.
- Add tests for realm icons.

Fixes #3660.
2017-02-26 12:16:07 -08:00
Tim Abbott 20b655016d js: Move admin.js further down the list.
This makes it reasonable for it to depend on libraries like widgets.js.
2017-02-26 12:16:07 -08:00
K.Kanakhin 9ce218154e realm-icon: Move upload widget to separate file.
This makes it possible to use the upload widget in the realm icon
organization settings on frontend.
2017-02-26 12:15:41 -08:00
Umair Khan 5bf83f9e0a change-email: Implement confirmation flow.
This adds to Zulip support for a user changing their own email
address.

It's backed by a huge amount of work by Steve Howell on making email
changes actually work from a UI perspective.

Fixes #734.
2017-02-23 03:15:17 -08:00
Sampriti Panda 1929cc5190 Implement persistent drafts functionality
* Created a drafts modal to display/restore/delete drafts
* Created a Draft model to support storing draft data in localstorage
* Removed existing restore-draft functionality
* Added casper and node tests for drafts functionality

Fixes #1717.
2017-02-23 02:58:23 -08:00
sinwar 483a351d44 Upgrade to argon password hasher.
The Argon2 password hasher is the currently recommended password
hasher for Django.

Fixes #3362.
2017-02-22 23:29:12 -08:00
Tim Abbott cf444203c4 docs: Update email configuration documentation.
Fixes #2958.
2017-02-22 22:26:43 -08:00
Tim Abbott d2f9152c43 settings: Make it possible to override EMAIL_BACKEND.
Fixes #3699.
2017-02-22 22:26:43 -08:00
Tim Abbott 8c1285924e prod_settings_template: Move email configuration up.
This reflects the fact that you definitely need to configure this, but
you don't have to configure any of the auth backends, really.
2017-02-22 22:26:43 -08:00
Tim Abbott 7964408633 prod_settings_template: Move ALLOWED_HOSTS up and clarify. 2017-02-22 22:26:43 -08:00
Tim Abbott 53686fc5ac zproject: Delete config for old Django templates.
This configuration was effectively never used for anything.
2017-02-22 00:01:33 -08:00
Tim Abbott 1cbc86499e events_register: Eliminate unnecessary api_events_register wrapper. 2017-02-20 11:07:09 -08:00
Tim Abbott 515340ed00 Add message edit history backend with tests.
Based on work by Kartik Maji in #1204.

This has a few significant changes from the original version:
* We correctly handle filling in data for topic edits
* Has a complete test suite verifying correctness of the logic
* Currently, it doesn't include a special "start" entry

Things we may want to further change include:
* Adding a special "start" entry.
* Reversing the order of the history data returned for clarity.
2017-02-19 16:13:35 -08:00
Tim Abbott b30fb37037 Fix URL routing for users with email addresses starting with "me".
Our URL routing previously attempting to segment the /users/ endpoint
namespace into /me (affecting yourself) or /username@domain (affecting
other users) by regular expressions incorrectly, specifically in the
case of email addresses starting with `me`.  This prevented various
admin actions like removing a user as an organization administrator.
2017-02-18 15:26:04 -08:00
Tim Abbott 2dc553df0a settings: Fix logging settings for Casper tests.
Previously the casper server.log files basically only had tracebacks;
this should help a lot with debuggability of Casper issues.
2017-02-17 15:18:45 -08:00
Umair Khan 555d5b4dc6 database: Use new name of PostGresql backend. 2017-02-17 12:18:43 -08:00
Feorlen 61d4dbddb8 Set a default value of None for EMAIL_HOST in DEFAULT_SETTINGS.
Fixes #3669
2017-02-17 08:02:03 -08:00
Feorlen 1973360d17 Update comment to suggest Mailgun for EmailAuthBackend SMTP. 2017-02-17 08:02:03 -08:00
paxapy 9a5179c460 Add support for managing and deleting attachments.
Modified substantially by tabbott to fix tons of issues.

Fixes #454.
2017-02-16 23:44:44 -08:00
Umair Khan c49789778c testing: Use LocMemCache for backend testing.
LocMemCache is not compatible with frontend tests so we only use it
for backend tests. To do that we change the cache backend within
`not CASPER_TESTS` if block.
2017-02-14 21:32:13 -08:00
Umair Khan 5440bc81b2 logging: Add django.template logger. 2017-02-14 21:20:43 -08:00
Tim Abbott bb5d81281c mypy: Upgrade to new package name and version 0.571.
Fixes #3448.
2017-02-10 23:53:44 -08:00
Tim Abbott 71af0f7e2e Add endpoint to fetch presence data for a single user.
This is an experimental API subject to its data format being changed.

Fixes #3638.
2017-02-10 23:52:56 -08:00
Umair Khan ef0d2a4bb5 logging: Use django.server to filter 200 and 304.
Previously, we were monkey patching the runserver command
in zerver/management/commands/rundjango.py for this.
2017-02-10 15:55:17 -08:00
brockwhittaker 47a3ce2d35 Seperate information overlay CSS into own file.
This takes the information overlay CSS and moves it from zulip.css to
informational-overlays.css to help separate out isolated components.
2017-02-10 15:18:41 -08:00
Harshit Bansal 7d10cbc32b Add RealmAlias.allow_subdomains to model, frontend, and API.
Includes a database migration.

Fixes #1868.
2017-02-08 22:03:27 -08:00
Tim Abbott 84b18f865a users: Verify full names explicitly in account registration.
I believe this completes the project of ensuring that our recent work
on limiting what characters can appears in users' full names covers
the entire codebase.
2017-02-07 20:20:32 -08:00
Rishi Gupta 3c692684a0 analytics: Move stats.js out of portico/.
stats.js is a logged-in view.
2017-02-07 15:35:43 -08:00
Rishi Gupta 27055bdd49 analytics: Use plotly-basic.js instead of plotly.js.
It's 600kb (minified) instead of 1.8mb.
2017-02-06 21:14:24 -08:00
Tim Abbott babb6aaa47 settings: Stop serving zxcvbn from node_modules/.
Now that we have the minified_source_filenames feature, we don't need
to serve zxcvbn from node_modules/ directly to avoid re-minifying it.

Moving this this allows us to stop shipping the (duplicate)
node_modules directory in release tarballs, which will save many
megabytes of unnecessary increase in our release tarball size.
2017-02-06 17:21:34 -08:00
Tim Abbott 12e7be585d i18n: Fix compilemessages processing extra files in production.
In a Zulip production environment, STATIC_ROOT points to the shared
directory that static assets are served from, and so the
compilemessages management command was trying to process every
historical version in there.
2017-02-03 17:17:23 -08:00
Tim Abbott 21f09dcab7 docs: Make it harder to screw up our manage.py commands. 2017-02-03 12:57:50 -08:00
Tim Abbott fa02dfdff4 mobile: Add an endpoint for checking compatibility. 2017-02-03 09:55:34 -08:00
Tim Abbott 70e75508ba settings: Include analytics in default distribution.
This moves the analytics module from being a default-off module that
is somewhat difficult to install to being a default part of the
Zulip distribution (both tarballs and what is enabled by default).
2017-02-02 16:23:24 -08:00
umkay 76f3d02590 analytics: Add cron job to run analytics jobs.
This adds a cron job to update the Zulip analytics counts, complete
with locking etc.

Substantially tweaked by tabbott.
2017-02-01 17:02:46 -08:00
Amy Liu 0a39e354dc analytics: Add graphs of usage statistics on /stats.
This adds a frontend for the analytics system we've had for a few
months, showing several graphs of the data in Zulip.

There's a ton more that we can do with this tooling, but this initial
version is enough to provide users with a pretty good experience.

Fixes #2052.
2017-01-31 22:18:54 -08:00
Tim Abbott eeeffa8704 urls: Review useless stream_exists_backend endpoints.
The actual function was overcomplicated and was designed to check
whether a stream existed by name, not by ID, so there was no value in
having it be used for checking if a stream existed by ID.
2017-01-29 20:26:59 -08:00
Rishi Gupta 6b3abce541 build_emoji: Generate emoji names and codepoints from emoji_map.
Replaces the hardcoded list of emoji_names and unicode_emoji_names in
static/js/emoji.js with a list generated from emoji_map.json, both to get
the list out of version control and so we can start modifying it for our
autocomplete. This does not change the contents of emoji_names. It sorts and
removes duplicates from unicode_emoji_names (causes no change in behavior,
since unicode_emoji_names is only used as if it were a set).
2017-01-28 17:05:32 -08:00
Tim Abbott 0dd5d6cea0 errors: Separate browser error reporting from backend. 2017-01-27 10:27:41 -08:00