Commit Graph

213 Commits

Author SHA1 Message Date
Mateusz Mandera d5db254ca8 CVE-2021-3967: Only regenerate the API key by authing with the old key. 2022-02-25 14:00:52 -08:00
Ganesh Pawar f43d3b9986 change_email: Migrate modal to dialog_widget. 2022-01-21 16:12:34 -08:00
Ganesh Pawar 79bdd8bdb6 api_key_modal: Update the modal config for `on_show`.
This is needed since 291aaf373f changed
the interface for modal event handlers.
2022-01-21 16:12:34 -08:00
Sahil Batra 98ec1acb35 settings: Make banner asking to confirm new email sticky.
We make the banner, mentioning the user to confirm new email
after changing the email through settings, sticky and it
disappears either on reload or after confirming the new email.

Fixes #20686.
2022-01-05 14:42:23 -08:00
Sahil Batra c20f5a9866 dialog_widget: Add a new optional parameter validate_input.
This commit extends dialog_widget class by adding a new
optional paramter validate_input which will be a function
to validate the inputs in the dialog and will be called
before showing the spinner and calling the on_click function.

Currently, the password change modal uses this paramter to
validate that the old and new password inputs must not be
empty. Since the spinner will not be initiated in the case
where form is invalid, we need not hide the spinner after
showing the error and thus we can simplify the code to use
ui_report.error to show the error messages of empty fields.
2021-11-29 13:28:52 -08:00
Sahil Batra aebbbcd03d settings: Show error in change password modal if input is empty.
We show "Please enter your password" error inside the modal
if the "Old password" input is empty and "Please choose a new
password" error if the "New password" input is empty and do
not send a request to server.

Fixes #19901.
2021-11-26 22:07:50 -08:00
Sahil Batra 4e43239825 settings_account: Remove value of non-existing element.
There is no element with id as "confirm_password". This
line was added in 2ca0fb412, but there was no such element
at that point of time also.
2021-11-26 22:07:50 -08:00
Ganesh Pawar a7badd726f api_key_modal: Migrate modal to Micromodal. 2021-11-23 15:43:38 -08:00
Ganesh Pawar f5fbf5f0e0 change_password: Migrate modal to dialog_widget. 2021-11-23 15:41:54 -08:00
Ganesh Pawar 6a07a90499 dialog_widget: Remove the `fade` parameter.
A user wouldn't differentiate between a "normal" modal and a "settings"
modal. If one shows up instantly, one would expect all the others to do
the same. The difference between Bootstrap fade and non-fade is pretty
noticeable (300 ms for fading).

This is a prep commit for the Micromodal migration which will have 120ms
as the animation time which wouldn't feel slow.
2021-10-26 18:20:17 -07:00
Ganesh Pawar e6e601077f dialog_widget: Append dialog_widget to the body element.
We attach the DOM for the modal to the body element
to avoid style interference from other elements and having to choose
a separate parent element for every single dialog_widget.
2021-10-26 18:20:17 -07:00
Ganesh Pawar fe7a1c0722 dialog_widget: Extract out `close_modal()`. 2021-10-22 16:08:26 -07:00
Dinesh 6d2b8f5ca9 user_settings: Add settings to configure sending typing notifications.
Note: These are not functional in enabling/disabling sending of
typing notifications with this commit.

Refactored the privacy settings update to keep the code less
duplicated along with making the addition of new settings easier.
2021-10-07 17:39:21 -07:00
Dinesh bb3953e02c Remove `$("#user_presence_enabled").val(page_params.presence_enabled);`.
This isn't necessary as `settings_checkbox.hbs` template used
for presence enabled setting in `account_settings.hbs` takes
care of checking/unchecking this checkbox.
2021-10-07 16:39:51 -07:00
Aman Agrawal cc8cb5432e channel: Simplify password change tracking.
Move the password tracking variables from setup to channel module.
Track password_change requests in channel.
Directly use xhr object to store `password_changes` information.
Tests modified to accomodote this change by converting strings to
objects.
2021-10-05 10:23:43 -07:00
Sahil Batra 28b20e4440 settings: Use id of the container to find status element.
This commit changes the code to use container id in the
selector of the status element of presence_enabled setting
such that the correct element is selected because we will
add another element with same class in the realm-level
presence_enabled setting.
2021-09-21 14:39:13 -07:00
Sahil Batra 9c17e7019d settings: Add 'user_' prefix to presence_enabled setting element.
This commit adds 'user_' prefix to presence_enabled setting
element such that we can have unique ids when we add a realm-level
setting for this.
2021-08-20 07:50:51 -07:00
Sahil Batra 998d710275 frontend: Add new user_settings module for user's settings.
We add a new user_settings module similar to page_params
module in frontend and use it to access user's personal
settings instead of page_params.
2021-08-01 15:30:17 -07:00
Ganesh Pawar b9aed2df19 change_email_modal: Remove duplicate id attribute.
This also naturally fixes the bug where the change_email_modal wouldn't
show the old email in the input box.
2021-07-26 16:37:15 -07:00
sahil839 b5b7862571 settings: Use '/settings' endpoint for changing notification settings.
We have merged the '/settings/display' and 'settings/notifications'
endpoints to '/settings' in backend. This commit updates the frontend
code to '/settings' endpoint for updating notification settings
instead of '/settings/notifications' endpoint.
2021-07-19 21:14:33 -07:00
sahil839 bbee0fdf6f settings: Use '/settings' endpoint for changing display settings.
We have merged the '/settings/display' and 'settings/notifications'
endpoints to '/settings' in backend. This commit updates the
frontend code to '/settings' endpoint for updating display settings
instead of '/settings/display' endpoint.
2021-07-19 21:14:33 -07:00
sahil839 dff374a48b frontend: Remove html_submit_button paramter passed to dialog_widget.
We used html_submit_button to pass text to be present in the modal
submit button. There are only two possible options as of now -
"Confirm" and "Save changes" and the correct one can be determined
using is_confirm_modal parameter. So, we remove this paramter for
now and we can add it later if we have more type of modals using
this widget.
2021-07-14 13:02:25 -07:00
sahil839 ec3c5547ff frontend: Add dialog_widget module and refactor confirm_dialog.
This commit adds a new dialog_widget.js file containing most
of the code of confirm_dialog.js with some minor changes and
changes confirm_dialog to be a wrapper around dialog_widget.js.
We pass 'is_confim_dialog' as true in dialog_widget for a
confirm_dialog modal. This commit also renames confirm_dialog.hbs
and confirm_dialog_heading.hbs to dialog_widget.js,
dialog_widget.hbs and dialog_widget_heading.hbs respectively.
2021-07-14 12:58:00 -07:00
sahil839 c87c4f92ee confirm_dialog: Rename variables and classes used in templates.
This commit renames the variables, functions used in confirm_dialog.js
and classes and ids used in confirm_dialog.hbs.

This change is made so that we can easily migrate edit_fields_modal to
use this same code with some more changes.

We will change the file names and correspondingly import variables in
the next commit.
2021-07-14 12:21:24 -07:00
sahil839 055d7113f2 confirm_dialog: Rename html_yes_button to html_submit_button.
This commit renames the html_yes_button parameter of confirm
dialog widget to html_submit_button and also all the related
variables in confirm_dialog.js.
This will help in keeping a general name when deduplicating
the code for confirm_dialog and edit_fields_modal.
2021-07-06 15:15:50 -07:00
sahil839 7eb183fdf7 settings: Move presence-enabled setting to 'Account & privacy'.
The presence setting is more suited in 'Account & privacy'
section as it is not related to notifications in anyway
and resembles privacy of user by allowing user to hide
his status of being online.
2021-07-05 14:27:56 -07:00
sahil839 b94d6c1a20 settings: Move timezone setting from display settings to profile.
The user timezone is only used for user's profile, so we can
move this setting to the Profile panel of settings and this
will also help us in covering some space when there are no
custom profile fields for the organization.
2021-06-30 16:56:03 -07:00
sahil839 bb816e1998 settings: Separate "Your account" section in two different sections.
We separate "Your account" section to two different sections -
"Profile" section for user name, custom profile fields, and avatar
and "Account & Security" section for email, password, role, api-key
and deactivating button.

Another important change here is that the modal for changing name
is removed and now the name has a simple input text box and it
behaves similar to inputs for custom-profile-fields.

Fixes #18848.
2021-06-30 16:56:03 -07:00
sahil839 efa19597bb settings: Show tooltip if avatar changes are disabled.
We show a tooltip besides "Profile picture" heading
to the users who cannot change their avatar explaining
that the avatar changes are disabled in organization.
2021-06-30 15:33:54 +05:30
sahil839 a537ecc587 settings: Fix live update of user-avatar upload widget.
We add disabled prop on buttons only and we add the css for
buttons (and some specific class elements) when disabled as
'cursor: not-allowed' or 'pointer-events: none' which means
the user cannot use these buttons when disabled.

This is not the case for the avatar widget as we use a div
element there and not button and neither those specific
classes which has appropriate styles defined.

We use the avatar image block in two ways - for showing image
and as a clickable target (which is actually a div element)
for uploading, so instead of adding 'disabled' prop we are
hiding (adding display: none) the div such that it is not
visible on hover and also cannot be clicked.
2021-06-30 15:00:51 +05:30
sahil839 e0fc6df2b4 settings: Fix live update of email change button.
This commit fixes a bug of not enabling/disabling
the email-change button when email_changes_disabled
setting is changed. Bug was because of using wrong
selector.
2021-06-28 22:14:55 -07:00
sahil839 c32a036449 settings: Remove unnecessary code.
The class "name_change_container" is used in the custom
profile fields form.

The name of custom profile field should not be affected
by this setting.

Also confirmed the behavior by testing on master itself,
that these fields are not hidden actually due to this
code being in settings_account itself.

We can also remove the class "name_change_container" as
there is no use of this class elsewhere.
2021-06-28 22:14:49 -07:00
sahil839 5504741239 settings: Remove intentional waiting time in deactivate account request.
The waiting time of 5000ms was probably added for testing UI of
spinner in 2f99e6b7b2 and was missed in review. This commit removes
the waiting time and now the user is deactivated almost instantly when
the button is clicked.
2021-06-25 16:36:41 -07:00
m-e-l-u-h-a-n 777f784e07 popovers: Extract user_profile_modal functions in separate module.
We had a lot of functions and click handlers that were only
involved with user profile modal and were not related to
popovers logic in any way. So we extract these functions
into a separate module `user_profile.js`.
2021-06-23 17:43:08 -07:00
sahil839 4df22564f4 settings: Use confirm_dialog for deactivating own account modal.
This refactor changes two things - position of the modal, as it
is moved up by some amount because of using confirm_dialog and
also loading spinner of confirm_dialog widget is used.
2021-06-23 08:05:25 -07:00
Ganesh Pawar fe147757c9 refactor: Migrate Bootstrap modal calls to `overlay` calls.
In d0f8515b50, it was noticed that
Bootstrap's `hide` and `show` calls can cause race conditions.
So, migrate to our `overlay` calls to handle Bootstrap modals.
2021-06-10 12:16:23 -07:00
Ganesh Pawar 66d8375bfa settings_account: Remove redundant `hide_user_profile()` call.
"hidden.bs.modal" event is triggered once a modal is hidden.
Calling `hide_user_profile` once it's hidden doesn't make sense.
2021-06-08 18:07:52 -07:00
m-e-l-u-h-a-n 0080daa5a3 minor: Specify types of pills while initializing pill typeahead.
In options that we pass to pill_typeahead.set_up we
specify if we want typeahead to support stream or
user_group pills, and use users as source by default.

Using users for source by default, can have unnecessary
suggestions in typeaheads where only user_groups or streams
are needed.

So to solve that, we specify if we want users pill in the input.
This is then utilized in further commits, to clean up hacky code
that deals with intializing source for typeahead.
2021-05-25 08:01:05 -07:00
Anders Kaseorg bf056c8990 js: Extract password_quality module; remove zxcvbn from globals.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-24 13:08:52 -07:00
Tim Abbott 78c7d749d9 passwords: Set title/aria-label attributes dynamically.
This allows us to use different "Show password" and "Hide password"
for these labels, which is more consistent with how other products
implement this.

It also lets us delete N duplicate copies of these strings in the HTML.
2021-04-23 15:01:37 -07:00
Tim Abbott 1d575007a3 settings: Improve error message for password change.
The "Save failed" standard text is appropriate for many of our
settings, but for changing one's password, we can go with just the
"Wrong password" part provided by the server.
2021-04-23 15:01:37 -07:00
Gaurav Pandey e80ddfe4e6 settings: Add show password feature to forms in settings modal.
Fixes part of #17301.
2021-04-23 15:01:37 -07:00
Anders Kaseorg a397d51670 ui_report: Convert messages to FormatJS.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-13 17:41:10 -07:00
Anders Kaseorg 073ec04335 settings_account: Convert error messages to FormatJS.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-13 17:41:10 -07:00
sahil839 f73d101854 stream: Use 'hidden.bs.modal' event for enabling mouse background events.
We now unconditionally enable backgroung events when 'hidden.bs.modal'
event is triggered on closing of modal. We do not need to handle them
separateley for closing modal by close_modal, data-dismiss or escape.
We handle this by single handler for modals in settings and subscription
overlay.

Fixes #16688.
2021-03-30 17:02:46 -07:00
tushar912 2cf51139cf custom profile fields: Rename "CHOICE" to "SELECT" in frontend.
This requires a small backend change to the label.
2021-03-26 11:49:11 -07:00
Anders Kaseorg a05899f1b5 js: Convert static/js/csrf.js to ES6 module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-03-26 10:17:56 -07:00
Anders Kaseorg 38ffd47b90 js: Convert static/js/page_params.js to ES6 module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-03-26 10:17:56 -07:00
Anders Kaseorg bb1b2048bd js: Convert static/js/i18n.js to ES6 module.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-03-26 10:17:56 -07:00
Steve Howell ec46827ebd refactor: Move user_can_change_* to settings_data.
This simplifies our dependency graph and puts easily
testable functions into a module where we enforce
100% coverage.

All the code was moved verbatim.
2021-03-21 17:07:41 -07:00