Commit Graph

28739 Commits

Author SHA1 Message Date
Rishi Gupta 280eef715e portico: Use sentence-casing for headings on /security. 2018-11-01 11:59:50 -07:00
Rishi Gupta 515bb0e066 portico: Advertise /security in a few places. 2018-11-01 11:59:50 -07:00
Rishi Gupta 04acb624b6 portico: Add background image to /why-zulip hero. 2018-11-01 11:59:50 -07:00
Rishi Gupta de12facdc6 portico: Add background image to /security hero.
Also restructures the HTML to be more similar to other pages that have a
background image for their hero.
2018-11-01 11:59:50 -07:00
Rishi Gupta 2718bf27e7 portico: Fix spacing for logged-in dropdown in nav bar. 2018-11-01 10:41:30 -07:00
Tim Abbott 4c55de4b58 hipchat import: Don't require the output directory to already exist.
This fixes a common exception one might see when trying to use the
HipChat importer for the first time.
2018-11-01 10:09:19 -07:00
Tim Abbott d54af3cb5b hipchat import: Handle deactivated users without an email address.
We saw this in a recent HipChat import data set.
2018-11-01 10:09:19 -07:00
Puneeth Chaganti 19990b06e9 vagrant: Use id -g for finding a user's group.
On OSX, the user id and group id don't match.  So while the previous
code was always wrong, it produced incorrect output there.  We can fix
this by replacing `whoami` with `id -g` for finding the current user's
group ID.
2018-11-01 10:08:08 -07:00
Marco Burstein 1490653e42 tests: Test the compose buttons in stream and private narrows.
Also add a test for the `narrow.is_in_private_narrow` function used by
the mobile compose popover.
2018-10-31 16:59:53 -07:00
Tim Abbott 8673b4f4a6 compose: Use a more reasonable plus sign for opening send menu.
This icon styling definitely still doesn't look great, but it's an
improvement over what we had before.
2018-10-31 16:59:16 -07:00
Marco Burstein 502e9fe8a6 compose: Open the mobile compose popover when the `+` button is pressed.
The `+` button will only be displayed on mobile devices.
2018-10-31 16:47:48 -07:00
Marco Burstein 05b486182d compose: Create the mobile compose popover.
When a user clicks the compose `+` button, create a popover at the
bottom right of the screen including buttons for opening a new stream
message or a new private message.
2018-10-31 16:47:48 -07:00
Marco Burstein 9249d08a96 compose: Create the mobile compose `+` button.
Use CSS to display a `+` button on mobile but keep the more verbose
buttons on desktop. In the future, this button will be used to display
a popop for a new message.
2018-10-31 16:47:48 -07:00
Tim Abbott 48810f43be queue_processors: Remove unnecessary spammy logging output.
This logging statement was incorrectly not removed before merging
5cec566cb9.
2018-10-31 16:31:35 -07:00
Tim Abbott ff2b496067 error_notify: Stringify QUERY_STRING values directly.
Apparently, the QUERY_STRING property of the report object wasn't
actually a string; since we only care about its string representation,
we should just stringify it.
2018-10-31 16:30:38 -07:00
Tim Abbott 10ac671cd4 middleware: Fix logging of query counts in websockets requests.
Apparently, we weren't resetting the query counters inside the
websockets codebase, resulting in broken log results like this:

SOCKET  403   2ms (db: 1ms/2q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   5ms (db: 2ms/3q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   2ms (db: 3ms/4q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   2ms (db: 3ms/5q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   2ms (db: 4ms/6q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   2ms (db: 5ms/7q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   2ms (db: 5ms/8q) /socket/auth [transport=websocket] (unknown via ?)
SOCKET  403   3ms (db: 6ms/9q) /socket/auth [transport=websocket] (unknown via ?)

The correct fix for this is to call reset_queries at the start of each
endpoint within the websockets system.  As it turns out, we're already
calling record_request_start_data there, and in fact should be calling
`reset_queries` in all code paths that use that function (the other
code paths, in zerver/middleware.py, do it manually with
connection.connection.queries = []).

So we can clean up the code in a way that reduces risk for similar
future issues and fix this logging bug with this simple refactor.
2018-10-31 16:22:17 -07:00
Yashashvi Dave c635d5476d message view: Hide subscribe button for guest users.
Guest users can't subscribe themselves to streams, so we shouldn't
display the subscription button at end of stream message view.

Fixes part of #10749.
2018-10-31 15:47:01 -07:00
Yashashvi Dave e489923d52 stream settings: Hide subscription button in case of guest user.
Guest users can't subscribe themselves to any stream, so we hide the
"Subscribe" button. Previously, it was showing Subscribe button after
a guest user unsubscribed from a stream.

Fixes part of #10749.
2018-10-31 15:46:34 -07:00
Yashashvi Dave 9e6834015a settings: Don't show 'Your bots' tab to guest users.
Fixes part of #10749
2018-10-31 15:45:17 -07:00
Yashashvi Dave 4f37127ba9 /json/users/: Add user profile data variable to update values.
This commit adds user profile data variable in `/json/users/`
api view. This allows user to update user profile data
along with user's name and type.
2018-10-31 15:36:44 -07:00
Yashashvi Dave 4ceb4b607f zerver/lib/users.py: Extract func `validate_user_custom_profile_data`.
Extract function `validate_user_custom_profile_data` to validate
user's custom profile field values according to field type.
2018-10-31 15:36:44 -07:00
Shikhar Vaish 5ffca5e388 settings: Warn if server is unable to deliver mobile push notifications.
The "notification settings" page previously advertised support for
mobile push notifications via checkboxes, even if the server hadn't
yet been registered for push notifications.  This was a frequent
source of onboarding pain for new Zulip organizations.

We fix this by providing a clear warning and disabling the relevant
inputs on the settings pages.

Modified significantly by tabbott to correct some tricky logic errors
as well as some copy-paste bugs.

Fixes #10331.
2018-10-31 13:18:17 -07:00
Tim Abbott f5c3a4aea7 requirements: Update Django to 1.11.16. 2018-10-31 12:12:25 -07:00
Tim Abbott 275b1db32d requirements: Upgrade lxml to 4.2.5. 2018-10-31 12:12:24 -07:00
Tim Abbott 2f36211fde docs: Document need to enable Universe repository on Ubuntu. 2018-10-31 11:53:24 -07:00
Tim Abbott d9887759b4 plans: Fix broken link from FAQ to import docs and add tests. 2018-10-31 11:44:21 -07:00
Tim Abbott 27f0a30768 casper: Remove overly-specific test for whether body is well-formed.
This test started failing recently; the apparent cause is that
sometimes, zerver/lib/generate_test_data.py generates messages
containing bulleted lists, and those don't end with a `</p>` tag since
they end with `</ul>` instead; the result is that this test failed
nondeterministically in CI.

There isn't really a useful version of this check to do that would
cover that case (as well as the entire message body being a bulleted
list), so we just remove the check; I don't think it's ever caught any
actual bugs.
2018-10-31 10:46:26 -07:00
Tim Abbott bc8059d462 i18n: Sync translation data from transifex. 2018-10-31 10:31:36 -07:00
Tim Abbott deb29749c2 people: Add a CSS class to label guest users.
This doesn't do anything yet, since we still need to add the actual
CSS, but it should make it easy for someone to just do the design
work.
2018-10-31 10:15:49 -07:00
Jack Zhang 3d6a745047 notifications: Show stream names for private stream messages.
Fixes #10745.

Use get_display_recipient to get stream names, and remove the
references to message.stream_name in push_notifications.py which were
added in 97571a203, as the actual stream names were being retrived
only for Message objects associated with public streams.
2018-10-30 20:03:48 -07:00
Rishi Gupta 33d6baa529 portico: Add security doc to /security. 2018-10-30 19:52:24 -07:00
Tim Abbott dc7d44a245 puppet: Don't run calculate-first-visible-message-id on most systems.
This should only be run on systems that are running zilencer, because
the cron job is part of the zilencer project.
2018-10-30 11:40:24 -07:00
Rishi Gupta ef8113556a settings: Update dropdown in user roles modal. 2018-10-30 10:48:06 -07:00
Rishi Gupta 37e00dce78 settings: Update organization permission strings to reflect guests. 2018-10-30 10:48:06 -07:00
Rishi Gupta 3ea34b3b7c user docs: Update docs to reflect new guests feature. 2018-10-30 10:48:06 -07:00
Vishnu Ks b527c3c4ef billing: Make mock_stripe handle StripeErrors. 2018-10-30 09:55:13 -07:00
Vishnu Ks be162d5428 billing: Disable fixture generation in setUp function.
This means you'll need access to our Stripe API key to add new fixtures.

Will be undone eventually, but having this in place will make it easier to
finish the mock.patch to mock_stripe migration.
2018-10-30 09:33:02 -07:00
Rishi Gupta d3b6b4e885 settings: Remove extra column from table in bot-list-admin. 2018-10-29 23:16:45 -07:00
zegervdv 6dd2218c50 provision: Pass proxy settings through sudo via environment.
This makes provision not fail when installing node behind a proxy.

See #10505 for details.
2018-10-29 13:30:45 -07:00
Steve Howell 30c493ed24 slack import: Generate message_id/reaction_id with NEXT_ID.
This avoids the need to pass tuples of ints around, which
is pretty brittle.
2018-10-29 13:24:50 -07:00
Steve Howell 2f58eb1057 slack import: Extract process_message_files().
This is mostly an extraction, but it does change the
way we calculate `content`.  We append the markdown
links from ALL files to any content that came in the
message itself.

Separating this out also allows us to add more
test coverage for the extracted code.
2018-10-29 13:24:50 -07:00
Steve Howell 00f822a26a conversion: Generate attachment_ids with helpers. 2018-10-29 13:24:50 -07:00
Steve Howell 5cb60f7bea conversions: Use subscriber_map for Slack/Gitter.
We now use subscriber_map for building UserMessage
rows in Slack/Gitter conversions.

This is mostly designed to simplify the code, rather
than having to scan the entire subscribers for each
message.

I am guessing this will improve performance for most
conversions.  We sort small lists on every message,
in order to be deterministic, but the sorting cost
is probably more than offset by avoiding the O(N)
scans across all subscriptions.  Also, it's probably
negligible in the grand scheme of things, compared
to JSON parsing, file I/O, etc.

This commits also fixes some typos with mentioned_users_id ->
mentioned_user_ids and cleans up a test a bit as well.
2018-10-29 13:24:50 -07:00
Steve Howell adb458a5df refactor: Use build_user_message for Slack/Gitter.
We now have all three third party
conversions (Gitter/Slack/Hipchat)
go through build_user_message().

Hipchat was already using this helper.

We also avoid callers having to pass in
an id to build_user_message().
2018-10-29 13:24:50 -07:00
Steve Howell 5194701787 conversions: Use NEXT_ID for usermessage_id.
This is mostly complicated due to the way that the
Slack import passes around tuples of ids to maintain
four different parallel sequences.
2018-10-29 13:24:50 -07:00
Steve Howell e90f47a530 minor: Remove unused param for get_message_url(). 2018-10-29 12:57:15 -07:00
Steve Howell fd62e71737 Clean up URLs sent by outgoing webhooks.
When you send a message to a bot that wants
to talk via an outgoing webhook, and there's
an error (e.g. server is down), we send a
message to the bot's owner that links to the
message that triggered the error.

The code to produce those links was out of
date.

Now we move the important code to the
`url_encoding.py` library and fix the PM
links to use the more modern style (user_ids
instead of emails).  We also replace "subject"
with "topic" in the stream urls.
2018-10-29 12:57:15 -07:00
Steve Howell 706821e259 minor: Change error to warning for missing user ids.
We want to avoid `blueslip.error` in cases where
the root cause could just be bad data that is
human-entered.

There are a few callers here who **should** be
sending good data all the time, but hopefully
they either have good test coverage, other
obvious failure symptoms, or, ideally, just
do what the user would mostly expect in the
face of bad data.
2018-10-29 12:57:15 -07:00
neiljp (Neil Pilgrim) c3cd3e94c1 mypy: Add Optional & check in zproject/backends.py; remove from mypy.ini. 2018-10-29 12:53:16 -07:00
neiljp (Neil Pilgrim) 482383b6f7 mypy: Add Optional to tornado/descriptors.py; remove from mypy.ini. 2018-10-29 12:53:16 -07:00