Commit Graph

44565 Commits

Author SHA1 Message Date
Mateusz Mandera 8ad7520180 ldap: Support alternative attrs to userAccountControl.
Fixes #17456.

The main tricky part has to do with what values the attribute should
have. LDAP defines a Boolean as
Boolean = "TRUE" / "FALSE"
so ideally we'd always see exactly those values. However,
although the issue is now marked as resolved, the discussion in
https://pagure.io/freeipa/issue/1259 shows how this may not always be
respected - meaning it makes sense for us to be more liberal in
interpreting these values.
2021-09-16 13:29:13 -07:00
Mateusz Mandera b32450f98e docs: Remove mentions of some ldap features being added in 2.0.
2.0 is old enough that explicitly mentioning when these features were
implemented isn't particularly useful and adds clutter.
2021-09-16 13:29:13 -07:00
Tim Abbott 0ff3bbd35c i18n: Update translation data from Transifex. 2021-09-16 13:18:19 -07:00
Tim Abbott 687c4b9d66 css: Improve EDITED styling for non-English languages.
In some non-English languages, including Russian, the translation of
EDITED does not properly fit.  The best solution is probably something
bigger or having translators abbreviate this string, but it's worth at
least this minimal change to fix extremely ugly overlap behavior for
this widget.

Actual CSS written by Greg Price.
2021-09-16 13:18:19 -07:00
Sahil Batra 3242a61894 user_groups: Hide system user groups from UI.
We do not have any system user groups as of
now, but this commit is just a prep commit
to prevent any change in user-facing pages
to avoid confusion till this feature is
completed.

This change was initially made in 6117c38,
but it was reverted in 1543775a due to merge
conflicts with the typescript migration of
user_groups.js.
2021-09-16 13:11:03 -07:00
Alya Abbott 310b8736af user docs: Add a bunch of "getting started" content. 2021-09-16 11:41:43 -07:00
Tim Abbott 1b760d9fb5 compose: Clarify subscribe-other-user button label.
This change was inspired by the problem of translators needing to
translate "Subscribe" to languages that use different forms depending
on the identity of the noun being subscribed.  In most places in the
app, a button with that as the entire label should be translated in
the "subscribe myself" form; but in this one it should be "subscribe
someone else".

Thinking about this, the current label is a bit misleading in English
for someone who ignores the error message text and just reads the
button, so the best fix is to just change the string, which of course
also makes things unambiguous for translators as well.
2021-09-16 11:09:53 -07:00
Gilbert Bishop-White 28932ba8ee test_signup: Refactor test_signup_without_full_name to use verify_signup.
The test now uses submit_reg_form_for_user, meaning a blank
full_name is posted to /accounts/register/ rather than the
parameter being excluded.

Fixes part of #7564
2021-09-16 10:51:01 -07:00
Gilbert Bishop-White 330d1385d9 test_signup: Refactor test_signup_without_password to use verify_signup.
I had to pass stop_after_reg_form=True, as the call to get_user in
verify_signup fails. I am not sure whether this is the expected
behavior. Also this causes the test to use submit_reg_form_for_user,
meaning a blank password is posted to /accounts/register/ rather than
no password.

Fixes part of #7564
2021-09-16 10:51:01 -07:00
Gilbert Bishop-White a632fc0e10 test_signup: Refactor test_signup_invalid_name to use verify_signup.
Extend `signup` helper function to enable it's use, and add additional
checks from  `test_signup_invalid_name`

Fixes part of #7564
2021-09-16 10:51:01 -07:00
Mateusz Mandera 63162210c1 test_signup: Fix the fetching of UserProfile in verify_signup.
get_user_by_delivery_email should be used, given that the email variable
is the realm email address that the account is being created with, not
the .email field which can be a dummy address based on org settings.
2021-09-16 10:51:01 -07:00
Mateusz Mandera 99ade3f535 test_signup: Fix asserted redirect Location in verify_signup.
The expected Location should depend on the realm.
2021-09-16 10:51:01 -07:00
Mateusz Mandera 05fe62c96c docs: Adjust phrasing of "From your desktop, click on the gear...".
We actually mean the main Zulip UI here, so "from your desktop" sounds
potentially misleading; reodering the phrasing makes the meaning
unambiguous.
2021-09-16 10:47:56 -07:00
Alya Abbott 9df8fbde48 user docs: Document message notification email custom batching.
Also adjust the label slightly for better readability.

Co-authored-by: Tim Abbott <tabbott@zulip.com>
2021-09-15 17:39:51 -07:00
Vishnu KS 8729e658b7 templates: Deduplicate the pricing model. 2021-09-15 17:38:50 -07:00
Vishnu KS 392b2900cf plans: Redirect to /upgrade when clicked on buy standard from root.
Currently we used to redirect to /new when the user click on buy
standard from the root domain. Instead we redirect to /upgrade page.
The /upgrade page redirect would ask user to enter the subdomain
of their organization and would then redirect them to /upgrade
page of their organization.
2021-09-15 17:38:50 -07:00
Priyank Patel 397821660f ts: Convert sub_store module to TypeScript.
We also upgrade @babel/preset-typescript to the latest version to
get support for constant enums.
2021-09-15 17:19:39 -07:00
Priyank Patel 0d91472c64 ts: Convert timerender module to TypeScript. 2021-09-15 17:19:39 -07:00
Tim Abbott 1543775ac6 user_groups: Temporarily remove is_system_group check.
This effectively reverts 6117c3824a,
which merge conflicted with the typescript migration on this file, and
this commit is easier to undo.
2021-09-15 17:19:21 -07:00
Priyank Patel 9de3b2f4fd ts: Convert user_groups module to TypeScript. 2021-09-15 16:53:17 -07:00
Priyank Patel 3e6141d03f user_groups: Remove suppress_errors support for get_user_group_from_id. 2021-09-15 16:52:35 -07:00
evykassirer 251436f835 stream settings: Add whitespace before disabled attribute.
Fixes #19641. There was no whitespace between the 'checked' and 'disabled'
attribute, leading to muted checked checkboxes being neither checked nor
disabled (since `checkeddisabled='disabled'` didn't do anything).
This bug was introduced in 747e797.

This change adds a new line before the disabled template code, so that both
the checked and disabled attributes are added properly.

Tested manually to ensure the following cases didn't change when reopening
the stream settings view:

* unchecked disabled checkboxes
* checked enabled checkboxes
* checked disabled checkboxes
2021-09-15 12:29:46 -07:00
Tim Abbott 9c623a1b3e settings: Add periods to end of bot permissions strings.
This improves consistency with how all of our other settings tip
elements are written.
2021-09-15 09:59:20 -07:00
Sahil Batra 06f46cc146 settings: Add live update code for realm-level defaults settings.
This commit adds code for live-updating the realm-level default
settings page which contains only display settings as of now.

This commit also adds realm_user_settings_defaults object to
zpage_params so that we can write the tests.
2021-09-15 09:56:33 -07:00
Sahil Batra 96d6bf28db settings: Add UI for realm-level defaults of display settings.
This commit adds a new module settings_defaults.js which calls
the functions in settings_display passing appropriate container
element and settings object as parameters.
We also add one more parameter for_realm_settings to some of the
functions in settings_dislay to differentiate between the user
and realm-level settings.
2021-09-15 09:56:32 -07:00
Sahil Batra a440c93030 settings: Add realm_user_settings_defaults module. 2021-09-15 09:50:31 -07:00
Sahil Batra 6bae097bf1 settings: Refactor settings_display.js code.
This commit refactors the code in settings_display.js
by modifying the functions to receive the container
element and settings object as parameter such that
we can use the same functions for realm-level
settings by passing appropriate container element
and settings object.

This change is needed as settings_display will be
used as a common module for user settings and realm
level settings.

We also rename the default_language_name variable in
settings_display to user_default_language_name as we
would add a separate variable for realm-level setting
in future.
2021-09-15 09:50:31 -07:00
Sahil Batra e127cde3c1 settings: Make separate object for display settings labels.
This object will also be used for labels of realm-level
default of display settings.
2021-09-15 09:50:31 -07:00
Tim Abbott 39c897a2b0 help: Rename about-streams-and-topics to streams-and-topics.
This better matches the title of the page and more generally our
conventions around naming /help/ articles.  We include a redirect
because this is referenced from Welcome Bot messages, and we
definitely don't want those links to break.
2021-09-15 09:48:36 -07:00
Sahil Batra 6e169be933 settings: Fix the sticky behavior of saving indicator.
We want the saving indicator to be sticky in the cases
where we ask user to reload after changing settings.
This used to work correctly before 9e08c6db93, as
'if(remove_after)' returned false if remove_after was
null, but the condition was changed in 9e08c6db93
to 'if(remove_after !== undefined)' and thus the
condition returned true when remove_after was null.
This commit change the remove_after value to undefined
for sticky cases.
2021-09-15 09:47:08 -07:00
Alex Vandiver 8c72959951 push_notifications: Handle empty rendered_messages.
This parallels fe25517295, but for mobile notifications.  It also
adds a test, which verifies that such content does not crash either
mobile or email notifications.
2021-09-15 09:45:38 -07:00
Alex Vandiver 039b869ca5 email_notifications: Fix inline-ing of image-URL-only messages.
fe25517295 adjusted the email_notifications codepath to use
`lxml.html.fragment_fromstring` method when parsing
`rendered_content`, but left the tests using a helper which called
`fromstring`.

Switching the tests to match the code as run reveals a bug -- using
`drop_tree` on all `message_inline_image` classes now _does_ remove
all of a top-level image-URL-only message.  Previously, such messages
were "safe" from the block that calls `drop_tree` only by dint of
`drop_tree` being a silent no-op for the root element.  When parsed
using `fragment_fromstring`, they are no longer the root, and as such
an empty message results.

Reorder relative_to_full_url to check for only one `message_inline_image`
within the top `<div>`, and only run the `drop_tree` path in the
alternate case.  Tests must be adjusted for their output now including
one more layer of `<div>`.
2021-09-15 09:45:38 -07:00
Mateusz Mandera 0e8735aeea saml: Link to python3-saml docs above the security config dict. 2021-09-15 09:44:16 -07:00
Mateusz Mandera 4c9792b6a3 saml: Set requestedAuthnContext to False in prod_settings_template.
AuthnContextClassRef tells the IdP what forms of authentication the user
should use on the IdP's server for us to be okay with it. I don't think
there's a reason for us to enforce anything here and it should be up to
the IdP's configuration to handle authentication how it wants.

The default AuthnContextClassRef only allows PasswordProtectedTransport,
causing the IdP to e.g. reject authentication with Yubikey in AzureAD
SAML - which can be confusing for folks setting up SAML and is just not
necessary.
2021-09-15 09:44:16 -07:00
Anders Kaseorg 79b88b79bb webpack: Upgrade to Webpack 5.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-14 17:02:03 -07:00
Mateusz Mandera c460351898 auth: Add logging of successful attempts to social codepath.
The previous commit introduced logging of attempts for username+password
backends. For completeness, we should log, in the same format,
successful attempts via social auth backends.
2021-09-14 15:39:41 -07:00
Mateusz Mandera a4e77d514b auth: Log details of authentication attempts.
These details are useful to log. This only makes sense for some auth
backends, namely email and ldap backends, because other backends are
"external" in the sense that they happen at some external provider's
server (Google, SAML IdP etc.) so the failure also happens there and we
don't get useful information about what happened.
2021-09-14 15:39:41 -07:00
Mateusz Mandera 5d54cd1041 tests: Use a HttpRequest object in assert_login_failure.
Our convention is to always have authenticate() called with a request
object. We need to be consistent with that in tests too, to avoid test
failures resulting from breaking that assumption.
We modify assert_login_failure to call client.login() in the same way as
the other similar helpers - with a properly initialized HttpRequest
instance.
2021-09-14 15:39:41 -07:00
Tim Abbott e7c62c4190 stream_data: Rephrase descriptions of stream permissons.
The previous phrasing used incorrect terminology (E.g. "stream
members", not "stream subscribers", which is really confusing given
that we have a "member" role which is also relevant in this text).
2021-09-14 11:29:32 -07:00
Aman Agrawal 7c8e19758a stream_data: Add web_public as a stream privacy mode.
Show web_public descriptions for web public streams.

(Temporarily limited to development environments, since this feature
is not available yet).
2021-09-14 11:12:47 -07:00
Aman Agrawal 354491d037 models: Add is_web_public property to Realm model.
This will allow us easily know if a realm has web_public
enabled or not.
2021-09-14 10:33:53 -07:00
Aman Agrawal 5a2a787b76 user_passes_test: Extract zulip_redirect_to_login from it.
This function will be re-used to
setup redirect logic in home view.
2021-09-14 10:33:53 -07:00
Aman Agrawal dff4ab0daf spectators: Add comments and assertions on security model.
These tweaks help make reasoning about the spectators security model
easier to understand.
2021-09-14 10:33:14 -07:00
Mateusz Mandera d1d0e484ea docs: Fix Entity ID values in instructions in saml-authentication.md.
The Entity ID for zulipchat.com is `https://zulipchat.com` currently.
Some of these errors happened in the big zulipchat->zulip rename commit
71078adc50, then it was repeated in
10d356d2de and there was also some
confusion when coming up with the instructions for Keycloack in
10d356d2de. Client-ID value in Keycloack
is the expected Issuer for SAMLRequests and thus needs to match our
Entity ID.
2021-09-14 10:23:32 -07:00
Anders Kaseorg 18891a84c3 Vagrantfile: Move inline provision script to a separate file.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-14 10:22:48 -07:00
Anders Kaseorg 19a7e24f1f Vagrantfile: Remove workarounds for ancient Vagrant bugs.
Vagrant 2.2.6 is the earliest version with the Docker usability test
fix, and is also conveniently the version in the Ubuntu 20.04
repository.  Users with older versions will get a friendly error
message from ‘Vagrant.require_version’ (and can install an updated
Vagrant from upstream).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-14 10:15:06 -07:00
Sahil Batra cc65ed103c settings: Use correct object in notification settings template.
In commit 40f4316, we changed the code to pass user settings
with settings_object variable, but this change was missed
during rebasing.
2021-09-14 10:13:44 -07:00
Jonny Tran 87cd743f99
settings_overlay: Change privacy icon to a lock.
This avoids duplication with the `fa-user` for the user's profile, and is also just
more intuitive for account/security settings.

Fixes #19737.
2021-09-14 10:13:16 -07:00
Rohitt Vashishtha 9299ad7843 styles: Remove incorrect css block for datepicker input.
This block didn't work consistently across .night-mode and
.color-scheme-automatic classes, and the default style for
this field already works for the day and night themes both.
2021-09-13 17:12:49 -07:00
Rohitt Vashishtha ddcea9c64b postcss: Cleanly import flatpickr dark theme.
We add postcss-import for night_mode.css only. This plugin inlines
the imports of external files, instead of letting the file go via
our usual webpack toolchain.

We do this so that we can use the postcss-prefixwrap plugin to scope
the third-party CSS properly and use it inside our night-mode class.

Fixes #10607.

[anders@zulip.com: Replace postcss-wrap with postcss-prefixwrap.]

Co-authored-by: Anders Kaseorg <anders@zulip.com>
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-09-13 17:12:49 -07:00