Commit Graph

22222 Commits

Author SHA1 Message Date
Tim Abbott 10dc9ecc92 i18n: Update translation strings for 1.7 release. 2017-10-25 09:20:29 -07:00
Tim Abbott 9cc561e442 docs: Update changelog with a few last entries for the 1.7 release. 2017-10-24 16:45:00 -07:00
Cynthia Lin 0f2a05e081 integrations: Remove link underline from back arrow icon.
Fixes #7137.
2017-10-24 16:38:59 -07:00
Tim Abbott b1301cdfec node_tests: Restore 100% coverage on people.js. 2017-10-24 16:24:03 -07:00
Steve Howell 74081ff2d5 Add assert() on stream_topic in get_recipient_info(). 2017-10-24 16:02:33 -07:00
Tim Abbott 11eba1173c popovers: Don't show bots as deactivated in user popovers.
Apparently this is a bug that slipped in when we started showing
normal users as deactivated in the user popovers: all bot users were
treated that way as well.

We'll want to do #7153 as a follow-up to get things fully working how
we want them.
2017-10-24 15:59:51 -07:00
Steve Howell 6ed2a9b9f2 refactor: Rename user_ids -> message_to_user_ids.
This renaming sets the stage for the next change (and passes
all tests).
2017-10-24 14:32:17 -07:00
Steve Howell 420ca5a470 tests: Test out-of-stream mentions. 2017-10-24 14:31:58 -07:00
Tim Abbott 6b1eb647e4 nginx: Fix bugs in new nginx configuration checks. 2017-10-24 14:29:36 -07:00
Tim Abbott 4439dbf781 log_into_subdomain: Fix realm creation on servers using an IP address.
While it's totally fine to put a leading '.' before the cookie domain
for normal hostnames and browsers will just strip them, if you're
using an IP address, it doesn't work, because .127.0.0.1 (for example)
is just invalid, and the cookie won't be set.

This fixes an issue where after installing with an IP address, realm
creation would end with being stuck at a blank page for
/accounts/login/subdomain/.
2017-10-24 14:13:31 -07:00
Tim Abbott 730c77c7df docs: Document scripts/setup/generate-self-signed-certs.
And more generally clean up our non-LetsEncrypt SSL docs.

This should make it a bit easier to setup a Zulip server.
2017-10-24 13:48:14 -07:00
Tim Abbott 1b653409f4 install: Provide a nicer error message for bad nginx configuration.
This also covers missing SSL configuration errors nicely.
2017-10-24 13:39:39 -07:00
Tim Abbott d8a873a571 filter: Improve group-pm-with descriptions.
This makes it a bit clearer what this actually does.
2017-10-24 13:19:24 -07:00
Tim Abbott 3ee53d5de3 auth: Don't offer password reset links when useless.
If an organization doesn't have the EmailAuthBackend (which allows
password auth) enabled, then our password reset form doesn't do
anything, so we should hide it in the UI.
2017-10-24 12:07:43 -07:00
Tim Abbott d69c39cad1 ldap: Prevent useless password resets when email auth is not enabled.
While the passwords wouldn't do anything without email auth enabled
anyway, it's probably better not to have users be able to go through
the flow.
2017-10-24 12:07:43 -07:00
Tim Abbott b590cd6c8f password-reset: Remove unnecessary template arguments.
We set these directly in the `send_email` function anyway.
2017-10-24 12:07:43 -07:00
Tim Abbott 47d14d32d4 password-reset: Remove unused domain/site_name fields.
Since we're now customizing this form, we don't need these.
2017-10-24 12:07:43 -07:00
Umair Khan 7ecada62ff password-reset: Copy the entire save() from Django.
We're going to end up deleting most of this in the next few commits;
the main goal here is to make it easy to code-review whether we're
breaking anything in replacing the built-in Django form's logic.
2017-10-24 12:07:14 -07:00
Tim Abbott 89b97e7480 python3: Fix REMOTE_USER Apache configuration for Python 3.
We were previously still installing the Python 2 version of mod_wsgi,
which of course doesn't work and can't use the Zulip virtualenv.
2017-10-24 11:48:14 -07:00
Tim Abbott d91e49b681 settings: Fix whitespace in new LDAP settings code. 2017-10-24 11:47:01 -07:00
Tim Abbott b81bde3a90 ldap: Prevent creating accounts with Zulip/EmailAuthBackend passwords.
While our recent changing to hide /register means we don't need a nice
pretty error message here, eventually we'll want to clean up the error
message.

Fixes #7047.
2017-10-24 11:21:49 -07:00
Tim Abbott 914e6a38fe registration: Extract login_and_go_to_home.
This new function extractions the bit of logic we use after creating a
new user account to log them in and send them to the home page,
without emailing the user about their new login.
2017-10-24 11:21:49 -07:00
Tim Abbott 8a588ba23d ldap: Default REGISTER_LINK_DISABLED=False when using LDAP backend.
This should help prevent confusion where new users find themselves on
the LDAP login form and click "register" because they know they don't
have an account.  Whereas in fact, their account will be auto-created
if they just login, so there's no need for them to access it.
2017-10-24 11:21:49 -07:00
Alexis La Porte e7f932aa87 docs: Fix a typo in text of user doc for allow image/link previews.
Fixes #7144
2017-10-24 09:48:45 -07:00
Tim Abbott bc3569f6ab actions: Move user activate/reactivate closer to creation.
This is just to create greater locality of this batch of code in the file.
2017-10-24 09:05:55 -07:00
Tim Abbott 70d509196d backends: Call send_initial_pms on other user creation paths.
This fixes a problem we've seen where LDAP users were not getting this
part of the onboarding process, and a similar problem for human users
created via the API.

Ideally, we would have put these fixes in process_new_human_user, but
that would cause import loop problems.
2017-10-24 09:03:53 -07:00
Tim Abbott 716c525389 backends: Sort imports. 2017-10-24 08:59:39 -07:00
rht 5755f475f4 upgrade: Add "must be run as root" check.
The logic and text is based on scripts/lib/upgrade-zulip.
2017-10-23 23:01:54 -07:00
rht dcb46afa90 upgrade: Remove an extraneous `sudo` prefix.
Because scripts/upgrade-zulip-from-git must be run from root anyway.
2017-10-23 23:01:46 -07:00
Umair Khan 19ccff060a i18n: Extract language options from tracked locales.
Now we use 'git ls-files' to get the list of locales that we actually
track. Previously we were using os.listdir to get the contents of the
static/locale directory. This could also return locales which were
present in the directory but are not supported by us, e.g. zh_CN.
2017-10-23 22:58:44 -07:00
Tim Abbott 1978455287 subs: Fix exception with streams overlay open but no active stream.
Previously, if you had the streams overlay open (but no active stream
clicked) while another user edited your subscriptions state, we'd
throw an exception handle the get_events call, because the code for
rerendering the subscribers list didn't consider the possibility that
there was no active stream.
2017-10-23 22:56:14 -07:00
Tim Abbott 9d0e1a2e0c subs: Don't try to update stream settings UI when closed.
The recent fixes we made to make stream settings update properly when
doing live updates were great, but they would throw an exception if
the stream settings overlay wasn't open.  This fixes that by adding
the appropriate check.
2017-10-23 22:44:27 -07:00
Tim Abbott bdc7772bab subs: Fix bug with invalid access to stream IDs.
`sub.id` isn't a valid field; it's `sub.stream_id`.
2017-10-23 22:44:05 -07:00
Brock Whittaker 4b45878946 notifications: If "Notification" is undefined, just return "denied".
We do not want the code to lead to a path where it will attempt to
display native notifications if the “Notification” object doesn’t
exist, as this likely means that the device does not support OS
notifications.
2017-10-23 21:29:42 -07:00
Tim Abbott ad165a6f8f settings: Remove remaining DEPLOYMENT_ROLE_* code remnants.
These should have been removed when we removed Zilencer.
2017-10-23 21:15:03 -07:00
Tim Abbott 7fd7e054e1 docs: Fix broken link in changelog on ReadTheDocs. 2017-10-23 17:43:21 -07:00
Tim Abbott 8a32f012bf docs: Highlight notes on apt upgrades for perf. 2017-10-23 17:41:25 -07:00
Tim Abbott a174455ae1 docs: Document API super user bots a bit more in security model docs. 2017-10-23 17:37:38 -07:00
Steve Howell b851020b1e Excluded topic-muted users from stream push notifications.
Fixes #7059
2017-10-23 17:26:15 -07:00
Steve Howell 78b1a8442b Add StreamTopicTarget.user_ids_muting_topic(). 2017-10-23 17:26:15 -07:00
Steve Howell 0164cfdf5c migrations: Index MutedTopic on stream/topic.
This index lets us quickly find all users who may be muting
a topic, which useful when we send messages out.
2017-10-23 17:26:15 -07:00
Steve Howell 0263c857b3 tests: Add test_stream_recipient_info(). 2017-10-23 17:26:15 -07:00
darshanime 6078f648cb settings: use None for memcached cache timeout.
This is a cleaner approach than the old "really big number" strategy.
2017-10-23 16:34:43 -07:00
Tim Abbott a57f577650 i18n: Update translations files. 2017-10-23 16:18:16 -07:00
Greg Price 6c19bc9f1d onboarding: Revise text in prompt to enable desktop notifications.
Making the same point (that you can configure the notifications in
settings) at both steps felt pushy.  I think the first prompt is
actually best kept to a minimum of words, so leave that one with
just the ask.

In the second step, try an active pitch.  This could go either way, or
be any number of other messages, but the settings line felt a little
defensive to me, like it was suggesting that our notifications would
be noisy and here's a way you can try to mitigate that.  I think with
our default settings (and in an org with mostly-reasonable humans, but
even a large and busy one) they're actually not at all noisy; and if
we learn of situations where that's not true, we'll work to fix that.
So, try this line instead.

A style note: I chose "your team" here to refer to the people the user
communicates with in their organization.  We consistently say either
"organization" or sometimes "realm" for the concrete thing in the
product that is the whole universe of streams and users, etc., that a
given account lives in; but that feels too formal here.  Conversely,
one reason we don't say "team" for an organization is that it feels
too cozy and small, more appropriate for 8 people who interact every
day than for 80 or 8000 people; but this line is mainly about those
8 people even if the organization has 8000.  There are some examples
of this already in the codebase; see `git grep -w team`.

i18n note: These passages of a couple of connected sentences should
generally be marked for translation as one message, not several
separate ones.  That helps the translator be sure of the context so
they can translate appropriately.  For example, in the second prompt
in this version, there's an implicit "because" relationship between
the two sentences, and in some languages (I'm 90% sure this is true in
Japanese), it would be weird to leave it implicit and the second
sentence should contain the equivalent of "That's because".
2017-10-23 15:16:21 -07:00
Brock Whittaker e304c44c2e integrations: Impose max-width for readability.
This imposes a maximum width constraint on the center block so
that it can maintain readability and keep the content paragraphs
to less than 1000px.

Fixes: #7092.
2017-10-23 14:24:31 -07:00
Brock Whittaker 981e6e6836 settings: Display "Never" over "Invalid Date" for inactive users.
This shows the text "Never" for users who are part of a realm but
have never been active, rather than a more vague JavaScript output
of "Invalid Date" due to the fact that their last presence
evaluates to NaN.
2017-10-23 13:57:11 -07:00
Tim Abbott 145817d1e0 forms: Pass the realm into authenticate in OurAuthenticationForm.
Historically, we'd just use the default Django version of this
function.  However, since we did the big subdomains migration, it's
now the case that we have to pass in the subdomain to authenticate
(i.e. there's no longer a fallback to just looking up the user by
email).

This fixes a problem with user creation in an LDAP realm, because
previously, the user creation flow would just pass in the username and
password (after validating the subdomain).
2017-10-23 12:36:09 -07:00
Tim Abbott 4ecf781ed4 test_signup: Fix LDAP end-to-end tests accidentally using wrong backend.
Apparently, we were accidentally using the EmailAuthBackend in parts
of these tests.
2017-10-23 12:25:47 -07:00
Steve Howell a66409de2e tests: Add FetchQueriesTest.test_queries().
This new test solves the problem that when we
made changes to the page-load codepath in the past,
it's been hard to identify what new code caused
more database queries.  Now you can see query
counts broken out by event type.

This requires a small, harmless change to extract
an `always_want` function in `lib/events.py`.
2017-10-23 11:11:19 -07:00