Commit Graph

1988 Commits

Author SHA1 Message Date
Rishi Gupta b0d325b8c5 emails: Change send_future_email to accept a to_user_id.
Also changes digest emails to use a to_user_id instead of a to_email.
2017-07-16 16:56:39 -07:00
neiljp (Neil Pilgrim) 8611a2cafa tidying: Combine multiple 'import typing' lines onto one line. 2017-07-16 16:43:21 -07:00
Harshit Bansal 45bc220796 notifications: Fix relative stream links in missed message emails.
Fixes: #5310.
2017-07-16 20:51:08 +00:00
Durga Akhil Mundroy 146dfa6f0b org-permissions: Add allow_edit_history organiztion setting.
This new setting controls whether or not users are allowed to see the
edit history in a Zulip organization.  It controls access through 2
key mechanisms:

* For long-ago edited messages, get_messages removes the edit history
  content from messages it sends to clients.

* For newly edited messages, clients are responsible for checking the
  setting and not saving the edit history data.  Since the webapp was
  the only client displaying it before this change, this just required
  some changes in message_events.js.

Significantly modified by tabbott to fix some logic bugs and add a
test.
2017-07-16 10:10:06 -07:00
James Rowan 21b5536353 emails: Update subject lines of emails. 2017-07-14 15:20:04 -07:00
Vaida Plankyte 28ea174ed9 backend: Implement high contrast mode display setting. 2017-07-14 14:53:24 -07:00
Steve Howell 475eb21a5e Revert commits related to client_message_id.
I pushed a bunch of commits that attempted to introduce
the concept of `client_message_id` into our server, as
part of cleaning up our codepaths related to messages you
sent (both for the locally echoed case and for the host
case).

When we deployed this, we had some strange failures involving
double-echoed messages and issues advancing the pointer that appeared
related to #5779.  We didn't get to the bottom of exactly why the PR
caused havoc, but I decided there was a cleaner approach, anyway.
2017-07-14 12:13:35 -07:00
Steve Howell 8fbb55df85 Introduce client_message_id on the server.
We are deprecating local_id/local_message_id on the Python server.
Instead of the server knowing about the client's implementation of
local id, with the message id = 9999.01 scheme, we just send the
server an opaque id to send back to us.

This commit changes the name from local_id -> client_message_id,
but it doesn't change the actual values passed yet.

The goal for client_key in future commits will be to:
    * Have it for all messages, not just locally rendered messages
    * Not have it overlap with server-side message ids.

The history behind local_id having numbers like 9999.01 is that
they are actually interim message ids and the numerical value is
used for rendering the message list when we do client-side rendering.
2017-07-13 23:42:27 -04:00
Jack Zhang 6e2f90c8c9 Improve /integrations page load time.
Prior to this commit, 7 megabytes of images (through 253 individual requests)
were heavily slowing down the initial load. With this commit, we load only the
logos (60 or so images).

Documentation and images for the individual integration sub-pages is requested
separately using the /integrations/doc/ endpoint, which returns HTML.
2017-07-13 20:37:09 -07:00
James Rowan 71bc40d829 emails: Update subject for invitation emails. 2017-07-13 18:47:21 -07:00
James Rowan 88b8d98d34 emails: Update subject for missed message emails. 2017-07-13 18:47:17 -07:00
James Rowan 92c2d93ea3 tests: Enforce new custom sender names and addresses. 2017-07-13 14:50:36 -07:00
Vishnu Ks 098569ccb4 test_classes: Use get_user in unsubscribe_from_stream. 2017-07-13 14:13:03 -07:00
Vishnu Ks 99e78cbead test_classes: Use get_user in get_streams function. 2017-07-13 14:13:03 -07:00
Vishnu Ks 466c3f92f9 test_subs: Replace iago@zulip.com with self.example_email('iago'). 2017-07-13 14:13:03 -07:00
Sarah db3539438c test_events: Simplify testing code for bool user settings.
Use bool_change if the user_display setting property_type is bool, so that no additional code needs to be added to test_events for new boolean user display settings.
2017-07-13 14:07:54 -07:00
Cory Lynch 8afdb06e2a search: Add test case for searching for a link.
Fixes #2038
2017-07-13 09:23:34 -07:00
Tim Abbott 6a914c83ef docs: Fix indentation of DocPageTest. 2017-07-12 16:28:38 -07:00
Aditya Bansal 6100d43339 test_subs/test_users: Fix breaking tests due to regressions. 2017-07-13 01:56:26 +05:30
Tim Abbott 5acc7506ac test_users: Fix GetProfileTest to test its original purpose.
This test accidentally got refactored to use some test suite library
functions that ended up somewhat defeating its purpose.
2017-07-12 13:03:38 -07:00
Vishnu Ks 63586480a5 test_subs: Replace hamlet@zulip.com with self.example_email('hamlet'). 2017-07-12 12:49:12 -07:00
Vishnu Ks 6e133cc77a test_subs: Eliminate redundant class variable realm.
The SubscriptionAPITest class variables `realm` and `test_realm` stores
the same information and are redundant. I have eliminated all occurances
of self.realm and replaced with self.test_realm.
2017-07-13 00:45:24 +05:30
Vishnu Ks ed0423784d test_realm_emoji: Replace get_user_profile_by_email.
Replace with get_user.
2017-07-13 00:45:24 +05:30
Vishnu Ks ba4ea7dd8a notifications.py: Replace get_user_profile_by_email.
Replace with get_user.
2017-07-13 00:45:24 +05:30
Aditya Bansal 84e53f960d pep8: Add compliance with rule E261 to tests/test_upload.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal 1b5e3190e3 pep8: Add compliance with rule E261 to tests/test_subs.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal 2643a40176 pep8: Add compliance with rule E261 to tests/test_signup.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal 59b26e582a pep8: Add compliance with rule E261 to tests/test_realm.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal 0970d29ec1 pep8: Add compliance with rule E261 to tests/test_narrow.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal ce70ded488 pep8: Add compliance with rule E261 to tests/test_messages.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal 8c233198f8 pep8: Add compliance with rule E261 to tests/test_events.py. 2017-07-11 15:17:32 -07:00
Aditya Bansal ee97ea1356 pep8: Add compliance with rule E261 to tests/test_bugdown.py. 2017-07-11 15:17:32 -07:00
Harshit Bansal e926f72bea notifications: Fix broken rendering of realm emoji in missed message emails.
We were using relative URLs for realm emojis in missed message emails.
Since the email server is not same as the Zulip server and doesn't
have the realm emoji files, they were rendered as broken images. This
commit fixes them to use absolute URL.

Fixes: #5692.
2017-07-08 10:54:06 -07:00
Rishi Gupta b3654c7b7e confirmation: Remove vestiges of the MitUser table.
The MitUser table was removed in df525ad.

confirm_mituser.html could have been accessed through the last few lines of
confirmation/views.py:
    templates.insert(0, 'confirmation/confirm_%s.html'
                     % (obj._meta.model_name,))

The commit message on df525ad suggests there was another way
confirm_mituser.html could have been called, but I don't currently see
evidence for it in the code.
2017-07-07 18:53:00 -07:00
Rishi Gupta 8fed9eeb75 confirmation: Make host a required argument in get_link_for_object.
Removes some lines of test from test_email_change.py. The relevant code path
was never utilized by the code itself, just by the tests.
2017-07-07 18:53:00 -07:00
Vishnu Ks 8954c0c726 management: Use Realm.objects.get instead of get_realm.
The Realm.DoesNotExist exception will never be raised if we pass a
string_id as in that case zerver.models.get_realm function would be
used for fetching. realm.zerver.models.get_realm uses filter query
so the exception will not be raised even if there are no realm which
matches the query.

Tests added by tabbott.
2017-07-07 15:02:12 -07:00
Vaida d5517bae36 Delete the old zulip.com "referrals" system.
This system hasn't been in active use for several years, and had some 
problems with it's design.  So it makes sense to just remove it to declutter
the codebase.

Fixes #5655.
2017-07-07 14:59:18 -07:00
Vishnu Ks 92e7255217 page_params: Include password min length and quality.
The change password form http://localhost:9991/#settings/your-account
don't have data-min-length and data-min-quality attributes. The
account_settings.handlebar which has the change password form is
rendered client side. So we have to pass the value of min length
and quality in page params to set the data-min-length and
data-min-quality attributes.
2017-07-07 14:48:06 -07:00
Tim Abbott 982667acf5 management: Add new library for specifying realms.
This new library is intended to make it easy for management commands
to access a realm or a user in a realm without having to duplicate any
of the annoying parsing/extraction code.
2017-07-07 13:57:57 -07:00
Tim Abbott 05c190a97c Fix new-login emails for iOS not identifying OS correctly.
Previously, we were only checking for common strings in iOS browsers,
not for the explicit string that we use with the Zulip app.
2017-07-07 13:34:25 -07:00
neiljp (Neil Pilgrim) f1a8148242 mypy: Set remote_username parameter to Optional[Text] based on a test. 2017-07-07 10:56:33 -07:00
neiljp (Neil Pilgrim) a84d7b8581 mypy: Specify type of 'user_profile = None' as Optional[UserProfile]. 2017-07-07 10:56:33 -07:00
neiljp (Neil Pilgrim) 0958298d88 mypy: Add missing type parameter in test_upload.py:create_user. 2017-07-07 10:56:33 -07:00
neiljp (Neil Pilgrim) db0b985e82 mypy: Use specific kwargs types. 2017-07-07 10:56:33 -07:00
Vishnu Ks 9067890120 urls: Use POST for zerver.views.user_settings.set_avatar_backend.
The set_avatar_backend is changed from PUT to POST becuase this
is not idempotent.
2017-07-07 10:31:43 -07:00
Vishnu Ks df5df76961 urls: Use POST for zerver.views.realm_emoji.upload_emoji.
The upload_emoji endpoint is changed from PUT to POST because
this endpoint is not idempotent.
2017-07-07 10:31:43 -07:00
Vishnu Ks cf2dec539f urls: Use POST for zerver.views.realm_icon.upload_icon.
This upload_icon endpoint is changed from PUT to POST becuase
this endpoint is not idempotent.
2017-07-07 10:31:43 -07:00
Tim Abbott 0606ba88df push_notifications: Verify that token types are valid.
We only have two types of push notification tokens, so we should
validate that in the bouncer code path.
2017-07-07 10:28:36 -07:00
Tim Abbott eaa33cce73 push_notifications: Validate format of APNS tokens.
This fixes a bug where we would previously not validate the format of
APNS tokens before writing them to the database, which could lead to
exceptions in the push notifications system if a buggy mobile app
submitted invalid format tokens.
2017-07-07 10:28:36 -07:00
Jack Zhang 37a80d5cc4 portico: Redesign and rewrite /integrations text headings. 2017-07-06 15:28:50 -07:00
Steve Howell 155f3d42c8 test: Fix test_i18n.test_json_error().
The refer_friend endpoint is about to be deprecated, so we
test with invite_users instead, and I tried to make the
dummy value returned by the mocked gettext function a little
more clear.
2017-07-06 11:30:55 -04:00
Umair Khan 638b32542d auth: Don't show deactivation notice to mirror dummies. 2017-07-05 23:50:53 -07:00
Rishi Gupta 1291ac9eff emails: Groundwork to personalize reply-to name of missed message emails. 2017-07-05 15:33:01 -07:00
James Rowan 388cef900e tests: Enforce that activation emails come from NOREPLY address. 2017-07-05 15:19:00 -07:00
Harshit Bansal 3c9705ce98 actions.py: Instead of deleting a realm emoji just deactivate it.
Instead of removing an emoji from the database, just mark them as
deactivated so that they can't be used further but can be rendered
properly in reactions and messages.

Fixes: #4750.
2017-07-05 13:00:15 -07:00
James Rowan d88e7308bf emails: Add a FromAddress class to control access to certain settings emails.
No change in behavior.

Also makes the first step towards converting all uses of
settings.ZULIP_ADMINISTRATOR and settings.NOREPLY_EMAIL_ADDRESS to
FromAddress.*.

Once everything is converted, it will be easier to ensure that future
development doesn't break backwards compatibility with the old style of
settings emails.
2017-07-04 14:25:01 -07:00
James Rowan 368bd66d8b emails: Refactor send_email functions to take both a sender name and address.
This will allow for customized senders for emails, e.g. 'Zulip Digest' for
digest emails and 'Zulip Missed Messages' for missed message emails.

Also:
* Converts the sender name to always be "Zulip", if the from_email used to
  be settings.NOREPLY_EMAIL_ADDRESS or settings.ZULIP_ADMINISTRATOR.

* Changes the default value of settings.NOREPLY_EMAIL_ADDRESS in the
  prod_setting_template to no longer have a display name. The only use of
  that display name was in the email pathway.
2017-07-04 14:25:01 -07:00
Rishi Gupta a8af0b6d91 email_mirror: Change missed message noreply to not have a display name.
It's better to see "noreply@..." when replying to a message that you can't
reply to than "Zulip".
2017-07-04 14:25:01 -07:00
Tim Abbott c2ee259987 settings: Simplify testing code for bool realm settings.
Now, when we add a new realm setting with the bool type, we don't need
to edit the tests at all.
2017-07-04 14:23:05 -07:00
Franziska von der Goltz 98847937f4 realm: add mandatory topic setting on org level.
Lets organizations require users to specify a topic the discussion.

Fixes: #5164.
2017-07-04 14:09:21 -07:00
Aditya Bansal caa8a3f7fc Make test_google_oauth2_token_failure() work without internet. 2017-07-04 12:45:27 -07:00
Tim Abbott 59d2eae946 signals: Fix browser reporting for new Electron logins.
Previously, we were checking for "Zulip" entries in User-Agent strings
at the very end of the list, not the beginning.  A Zulip User-Agent
should have priority, since it includes the User-Agent strings for a
lot of other browsers, and also it will always be the most specific
value.
2017-07-03 10:12:20 -07:00
Harshit Bansal 4cb8ac100a emoji: Fix the title and alt text for unicode emojis.
Unicode emojis when rendered should display canonical short name.
Similarly, the alt text should be of the format `:<short_name>:`.
For both of these we currently display the actual unicode symbol.
As some systems don't have the fonts necessary for displaying them
properly, they are rendered as empty square blocks. This commit also
ensures that the markup generated for emoji generated by canonical
name and by an unicode emoji is same.

Fixes: #5555.
2017-07-01 11:14:24 -07:00
Rishi Gupta b55dce197d actions.py: Clear ScheduledJobs of users in do_deactivate_{user,realm}. 2017-07-01 08:44:47 -07:00
Pweaver (Paul Weaver) 2c10e7c0db Change from and noreply emails to use EXTERNAL_HOST domain.
This eliminates another mandatory setting from what one needs to
configure to setup a Zulip server.
2017-07-01 08:09:25 -07:00
Rishi Gupta 36cd122905 models: Change default org_type to CORPORATE.
Once we implement org_type-specific features, it'll be easy to change a
corporate realm to a community realm, but hard to go the other way. The main
difference (the main thing that makes migrating from a community realm to a
corporate realm hard) is that you'd have to make everyone sign another terms
of service.
2017-06-29 15:14:58 -07:00
vaibhav 7f9b4d3a94 Outgoing Webhook System: Add usage of Interfaces in DoRestCall. 2017-06-28 11:11:21 -04:00
Yago González 2f4091b38d api: Fix caps in JSON validation error message. 2017-06-27 08:33:56 -04:00
Umair Khan acf0aad4a2 signals.py: Bring coverage to 100%. 2017-06-26 16:14:14 -07:00
Umair Khan 6357737978 get_device_browser: Fix Opera detection.
Starting from version 15, Opera uses 'OPR/' in its user agent string.
We need to move Opera detection before Chrome detection because
Opera's user agent string satisfies Chrome conditions as well.
Ref: https://dev.opera.com/blog/opera-user-agent-strings-opera-15-and-beyond/
2017-06-26 16:14:14 -07:00
Umair Khan 14402b0b97 get_device_browser: Move Edge detection to the top.
The user agent strings of Edge satisfy Chrome condition as well.
Ref: https://msdn.microsoft.com/en-us/library/hh869301(v=vs.85).aspx
2017-06-26 16:14:14 -07:00
Umair Khan dc78a7888f login_or_register_remote_user: Send login emails for mobile.
Fixes #5389
2017-06-26 16:14:14 -07:00
Umair Khan 34a91be9a2 api_fetch_api_key: Send new login emails for mobile. 2017-06-26 16:14:14 -07:00
Umair Khan 7e43cd5624 get_device_browser: Fix browser string for mobile.
Now get_device_browser() returns 'Zulip' for 'ZulipAndroid' and
'ZulipMobile'.
2017-06-26 16:14:14 -07:00
Umair Khan b9c69004e4 google_oauth2_test: Pass headers in all requests.
Currently we only pass headers in the first client_get call but
sometimes the effective request which reaches the view is through
a later call to the client_get in this function. Due to which
headers are not passed.
2017-06-26 16:14:14 -07:00
Vishnu Ks 00668c7bbd registration.py: Send pms from welcome-bot on user creation. 2017-06-25 11:23:45 -04:00
Vishnu Ks 9b7585a436 bots: Make welcome-bot cross realm. 2017-06-25 11:23:45 -04:00
Greg Price c9e35c459a landing: Write up why open source projects should use Zulip
This isn't very slick, but it should get the main points down,
and it's past time we got something like this up.  Definitely
needs in the future another pass at the text, and also some images
(screenshots, etc.) and styling.
2017-06-22 16:26:50 -07:00
Sarah 205d523ab2 test_events: Refactor to use do_set_user_display_settings_test.
Remove individual setting tests and replace with
test_set_user_display_settings.
2017-06-22 08:00:56 -04:00
sinwar 8ff2e5a22b requirements: Upgrade moto to latest version.
Fixes #5454
2017-06-21 19:05:50 -04:00
James Rowan 19ffb84ac2 Make notification email for new login give browser and os.
notify_new_login.subject: include browser and os in subject line.
test_new_users: test for subject line to include browser/os.
2017-06-21 14:36:41 -04:00
Umair Khan a4afca7b73 ldap: Don't authenticate if realm is None.
Fixes #5431
2017-06-21 10:14:34 -04:00
Umair Khan 005037830c test_auth_backends: Fix indentation. 2017-06-21 10:14:34 -04:00
Sampriti Panda 5dc053d6fb bots: Add validation to add_bot_backend to prevent empty short names
Fixes #5487
2017-06-21 10:11:08 -04:00
Umair Khan 4f223c19d8 sign-in: Show proper error for deactivated user.
Show a clear error message when a user tries to sign in with
a deactivated account.

Fixes #4757
2017-06-20 11:38:58 -04:00
Harshit Bansal dfbf8b8086 bugdown: Remove shortname mention syntax.
We used shortnames for mentioning users before we had autocomplete
feature. Since we now have autocomplete typeahead, this syntax is
no more useful and just causes problems. This commit removes the
shortname mention syntax.

Fixes: #4189.
2017-06-19 16:57:59 -04:00
Jack Zhang af3b7d4c98 message-edit: Patch html tags after edits on new lines. 2017-06-19 16:43:11 -04:00
vaibhav 33c0c00cd6 Outgoing webhook System: first Iteration of outgoing webhook UI. 2017-06-19 16:05:54 -04:00
Aditya Bansal f32c1892ff preview.py: Fix error raised on uploading file with unicode filename. 2017-06-19 14:58:44 -04:00
Cory Lynch 552c39a036 fenced_code.py: Improve test coverage for special chars. 2017-06-19 06:53:25 -04:00
Cory Lynch b4419528f7 Update narrow.py, messages.py to support is:unread. 2017-06-19 06:51:13 -04:00
vaibhav 42af09663d validators: Add check_url validator.
This just uses Django's existing validator, and reformats its
interface to work with has_request_variables.
2017-06-15 15:03:26 -07:00
Tim Abbott 93ea4128ac auth: Require the realm_name field in RegistrationForm.
Previously, the only required field in RegistrationForm was the full
name (and possibly ToS, depending on settings).  This meant that if
LDAP was configured, realm creation would break, because the form
would be valid the first time one landed on it, before the user even
filled it out!

The correct fix is to make the extra fields required in
RegistrationForm in the event that we're doing realm creation.

It's possible that a cleaner fix would be to use a subclass.

With a test from Umair Waheed Khan.

Fixes #5387.
2017-06-15 11:04:25 -07:00
Abhijeet Kaur af7e08acb0 bots: Add UI to view bot types of existing bots in "Your bots".
Tweaked by tabbott for more standard internationalization.
2017-06-15 10:08:31 -07:00
kunall17 d8310724b6 Use absolute URLs in GCM push notifications.
This will eventually allow us to simplify the logic required for the
mobile apps processing GCM notifications.
2017-06-15 03:56:59 -07:00
Harshit Bansal 7950f82f27 realm_emoji: Make sure that a deactivated realm emoji can't be used.
A deactivated realm emoji should neither be accepted further as a
reaction nor its further occurences in a message be rendered as an
emoji. However, all the old occurences should continue to render
normally.
2017-06-15 02:59:57 -07:00
Tim Abbott 1043cd7a2b docs: Fix tests for error pages.
Without the trailing /, these return a 30x error.
2017-06-14 21:21:36 -07:00
Cory Lynch 78de70688e dev: Add URL to preview error 404/5xx pages. 2017-06-14 21:18:45 -07:00
Cory Lynch cb4dadfdcd tools: Create /devtools page for useful dev URLs.
Fixes #5179.
2017-06-14 20:17:56 -07:00
Umair Khan 399973167c testing: Add testing framework for Tornado. 2017-06-13 15:04:04 -07:00
Rishi Gupta dbac262509 hotspots: Change hotspots to have a name and a description. 2017-06-13 12:59:33 -07:00
Aditya Ramesh a77aa79da9 emails: Add html versions of emails that do not have them.
Fixes #4691.
2017-06-12 23:02:28 -07:00
Rishi Gupta 9a02739008 emails: Remove invitation_mit. 2017-06-12 23:02:28 -07:00
Rishi Gupta 3332ebaf22 emails: Remove confirmation_registration_mit.
Not enough new Zephyr signups to justify the carrying cost :(.
2017-06-12 23:02:28 -07:00
Rishi Gupta 215568aae2 actions.py: Remove transaction.atomic from do_start_email_change_process.
Don't think it's necessary?
2017-06-12 23:02:28 -07:00
Steve Howell 1ba7d1ec68 Clean up var names in test_user_getting_add_peer_event(). 2017-06-10 10:43:57 -07:00
Rishi Gupta 1d702d13a4 emails: Replace context variable zulip_support with support_email. 2017-06-10 01:35:03 -07:00
Rishi Gupta 15b967fc3e emails: Move support_email into a common context. 2017-06-10 01:25:44 -07:00
Rishi Gupta 056489c247 emails: Move verbose_support_offers into a common context.
Server settings should just be added to the context in build_email, so that
the individual email pathways (and later, the email testing framework)
doesn't have to worry about it.
2017-06-10 01:16:03 -07:00
Rishi Gupta 7fae8fb53d test_emails: Make fixture values more helpful for visual review.
Also fixes the fact that we were pulling assets from chat.zulip.org.
2017-06-09 23:34:24 -07:00
Tim Abbott 2514ee4294 test_docs: Add test coverage for new /emails/ endpoint. 2017-06-09 16:25:39 -07:00
Akhil 4986027126 org-settings: Add backend for notifications stream.
Realm.notifications_stream is not a boolean, Text or integer field, and
thus doesn't fit into the do_set_realm_property framework. Added function
to update it in actions.py. Altered the view, realm.py, to accept
stream-id. Also, notifications stream can be disabled by sending a
negative id.
2017-06-09 16:03:52 -07:00
Steve Howell 96db97d4f7 minor: Sort imports in test_events.py. 2017-06-09 13:10:43 -05:00
Jack Zhang 98a785bb25 message_edit: Replace highlighting replaced text with delete / insert.
Rationale: For the more off-to-the-side edit history view, changes
are easier to digest by highlighting deleted content in red followed
immediately by added and changed content in green.

TODO: Toggle for showing the edited messages without highlighting;
deleted content would not be shown in this view.
2017-06-07 11:06:15 -07:00
Tim Abbott 4efdf85f62 bots: Add test for invalid bot type. 2017-06-06 21:16:27 -07:00
Abhijeet Kaur 60ff82ed7c bots: Add UI for creating different types of bot.
Add 'Type of bot' option for bots by adding dropdown option in
settings->"Your bots".  For now, this allows creating incoming webhook
bots in addition to default bots.

This will enable users to add a bot as an incoming webhook
(in addition to add full-featured bots).

With various minor tweaks and cleanups by tabbott.

Fixes #2186.
2017-06-06 21:11:22 -07:00
Greg Price 04b363f3a2 apps: Redirect /apps -> zulipchat.com/apps, except on upstream itself.
This page describes software the user will get from upstream for
their own devices, independent of what's on the server they're
using.  So it should live in a place maintained together with
that other software, rather than be distributed and versioned
with the server.

The use of ZILENCER_ENABLED to tell the difference is rather a hack
but is currently how we do this in the small handful of similar
spots; see #5245.

Fixes #5234.
2017-06-06 11:21:20 -07:00
Tim Abbott d2079cbb2e streams: Fix leaking private streams after last user is removed.
When the last user on a private stream is removed, the stream is no
longer possible to administer, and thus should be marked as
deactivated, so that default streams entries are removed and it no
longer appears in the UI as a non-administerable broken stream.
2017-06-04 10:40:41 -07:00
Aditya Bansal 25bb21238f pep8: Add compliance with rule E261 test_unread.py. 2017-06-04 15:07:39 +05:30
Aditya Bansal bf1e3a0125 pep8: Add compliance with rule E261 test_logging_handlers.py. 2017-06-04 15:07:26 +05:30
Aditya Bansal 4410b5889a pep8: Add compliance with rule E261 test_auth_backends.py. 2017-06-04 15:06:52 +05:30
Tommy Ip 8d6af030c0 bugdown: Fix modal_link.
The `data-toggle` property prevented the new style of overlay modals
from launching, and regardless, isn't a future-proof options for how
this should work.
2017-06-03 18:41:19 -07:00
Tim Abbott 1549f8773e portico: Always display org info when a server has only 1 realm.
Previously, we were incorrectly using the get_unique_open_realm
function to determine whether we're in the (common) single-realm
server case and should just display an org-info-enabled login form on
the homepage.

Now, we use a slightly different function extracted from
get_unique_open_realm that doesn't check whether the realm is
invite-only.

Fixes #4841.
2017-06-02 15:00:22 -07:00
Tim Abbott 1f48fa2767 invite: Fix invite_by_admins_only to be enforced in backend.
This is CVE-2017-0896.

Apparently, this setting never actually was wired up to anything other
than hiding the UI widget.

Huge thanks to Ibram Marzouk from the HackerOne community for finding
this security bug.
2017-06-01 17:24:29 -07:00
Tim Abbott 73f8653da6 test_messages: Increase time allowed for bulk send.
This fixes an occasional test flake we've been seeing recently.
2017-06-01 00:00:36 -07:00
Aditya Bansal a0faf3364a pep8: Add compliance with rule E261 test_reactions.py. 2017-05-31 17:07:15 -07:00
Aditya Bansal 7bb669ccb4 pep8: Add compliance with rule E261 test_email_mirror.py. 2017-05-31 17:07:15 -07:00
Umair Khan 5d794d08dd test_bulk_message_fetching: Add debug code.
This test fails on self.assertTrue(delay < 0.001 * num_ids, error_msg)
randomly. This commit adds debug code to see what the real values of
paramters are.
2017-05-31 09:27:30 -07:00
Umair Khan 71f97b7bcb testing: Invalidate cache before counting queries.
To get accurate count of the queries, we should make sure that
caches don't come into play. If we count queries while caches are
filled, we will get a lower count. Caches are not supposed to be
persistent, so our test can also fail if cache is invalidated
during the course of the unit test.

This commit solves the problem with Stream cache. This cache comes
into play when we use `get_stream` function. If cache is valid,
we will not issue queries to Stream and Recipient table. I think
the problem was one of those rare occasions when the Stream cache
got invalidated during the course of the test, due to which query
count was increased by 2. After this commit, we intentially invalidate
the Stream cache.
2017-05-30 17:28:41 +05:00
K.Kanakhin 2434f2d96c messages: Add support for admins deleting messages.
This makes it possible for Zulip administrators to delete messages.
This is primarily intended for use in deleting early test messages,
but it can solve other problems as well.

Later we'll want to play with the permissions model for this, but for
now, the goal is just to integrate the feature.

Note that it saves the deleted messages for some time using the same
approach as Zulip's message retention policy feature.

Fixes #135.
2017-05-29 21:59:38 -07:00
Harshit Bansal 298e23b447 realm_emoji.py: Allow an user to delete an emoji uploaded by them.
If a realm is configured to allow any user to upload an emoji,
then, an emoji author must be allowed to delete an emoji uploaded
by them.
2017-05-29 20:21:25 -07:00
vaibhav 9cf9837f12 webhooks: Add outgoing webhook bot user to development database. 2017-05-29 16:01:23 -07:00
Tim Abbott 4893779001 test_events: Avoid coverage errors in LogEventsTest. 2017-05-29 15:26:33 -07:00
Maxim Averin a4c3f571db Switch change_tos_version to use RealmAuditLog. 2017-05-29 15:24:01 -07:00
Maxim Averin 685fb16c39 Switch change_full_name to use RealmAuditLog.
This requires adding an `acting_user` parameter to the
`do_change_bot_owner` function.
2017-05-29 15:22:08 -07:00
Steve Howell 1f4e1ece3a Fix flaky time-based test.
For testing waiting period thresholds, we need to
explicitly set date_joined for Hamlet to be now.
2017-05-29 11:54:06 -06:00
Ron Shafii 8cc1f13d24 test: Add test_notify_realm_of_new_user. 2017-05-28 19:14:52 -07:00
Ethan Estrada 91e6f00d57 Test that `log_event` auto creates missing log dir. 2017-05-28 18:24:00 -07:00
Ethan Estrada a11c578d57 Test for early return when "LOG_EVENT_DIR" is `None`. 2017-05-28 18:21:50 -07:00
Reid Barton ccb4c5c26f bots: Move zephyr-related files to api/integrations/zephyr/. 2017-05-26 15:07:02 -07:00
Tim Abbott f5373c46f2 lint: Fix trailing newlines in outgoing webhook tests. 2017-05-25 16:28:11 -07:00
Elliott Jin 4907f24603 bots: Add additional service bot tests. 2017-05-25 15:00:51 -07:00
Elliott Jin af49a23013 bots: Generalize service bot tests to also test embedded bots. 2017-05-25 15:00:51 -07:00
Elliott Jin cd8c77bf91 bots: Clean up order and naming of service bot tests. 2017-05-25 15:00:51 -07:00
Elliott Jin 49adeee8c8 bots: Move service bot tests into separate file. 2017-05-25 15:00:51 -07:00
Vishnu Ks bb98e35aa0 Replace othello@zulip.com with example_email('othello'). 2017-05-24 19:37:36 -07:00
Vishnu Ks 52d2d6c4fa Replace prospero@zulip.com with example_email('prospero'). 2017-05-24 19:37:36 -07:00
Vishnu Ks c4db3b7d1c Replace cordelia@zulip.com with example_email('cordelia'). 2017-05-24 19:37:36 -07:00
Vishnu Ks 961b35d52e Replace iago@zulip.com with example_email('iago'). 2017-05-24 19:37:36 -07:00
Vishnu Ks 5230eaef1c Replace hamlet@zulip.com with example_email('hamlet'). 2017-05-24 19:37:36 -07:00
Vishnu Ks b65f692fcf Make LoginEmailValidatorTestCase use ZulipTestCase instead of TestCase. 2017-05-24 19:23:48 -07:00
Tim Abbott 6aaca44e17 tests: Fix str/Text mypy issues in various tests. 2017-05-24 15:19:38 -07:00
Andrew Archer 6c3f89af1c tests: Remove get_user_profile_by_email from numerous tests. 2017-05-24 15:19:20 -07:00
Rick Chern e53d1c3885 tests: Remove get_user_profile_by_email from most tests. 2017-05-24 13:05:19 -07:00
Vishnu Ks 4403d179df tests: Replace mit_user().email with mit_email(). 2017-05-24 12:44:43 -07:00
Tim Abbott e5f5e5c69f tests: Remove unnecessary maxDiff settings.
Now that ZulipTestCase does this, we don't need it in all these
individual test modules.
2017-05-24 12:43:28 -07:00
umkay ccc70445d6 mypy: Fix strict-optional errors for test files.
Fix mypy --strict-optional errors in zerver/tests
2017-05-24 12:43:28 -07:00
Tim Abbott 17328a7557 tests: Fix incorrect use of get_realm_by_email_domain. 2017-05-24 12:43:28 -07:00
Tim Abbott 895d4a795b mypy: Fix a missing type annotation. 2017-05-24 12:14:13 -07:00
Umair Khan 9a04fef71b testing: Reset active language.
After running translation tests, we should reset the active
language to isolate the change
2017-05-24 11:35:17 -07:00
Umair Khan ebb9bd1a6a testing: Avoid class variables to enforce isolation.
Class variables are shared between all instances and as a result
changes made by one instance are leaked to other instances.
2017-05-24 11:35:12 -07:00
Yago González c0f2036435 api: Handle unregistered users in dev_fetch_api_key.
Fixes #4851.
2017-05-24 09:39:44 -07:00
Andrew Archer 67cf4c4fb4 test_alert_words: Remove use of get_user_profile_by_email. 2017-05-23 22:14:10 -07:00
kb0rg eb2d0ebd09 Add test for do_deactivate_realm exit if deactivated.
Rename existing test_do_deactivate_realm to indicate test purpose
is to confirm user realm cache clears when a realm is deactivated.
2017-05-23 21:38:07 -07:00
kb0rg e672ec62c1 Add test for encode_email_address with empty Gateway. 2017-05-23 21:38:07 -07:00
kb0rg d625cca2f8 minor: Rename test class -> TestEmptyGatewaySetting. 2017-05-23 21:38:07 -07:00
vaibhav f94c321567 Outgoing Webhook System: Add support for personal message triggers. 2017-05-23 21:35:09 -07:00
Lech Kaiel 6b49e667ef tests: Replaced @zulip.com references with self.example_ functions.
This cleans up the excessive use of @zulip.com emails in the tests.
2017-05-23 20:59:50 -07:00
ron-s e5d4e0f0eb Test: Add test_notify_of_new_user_internally. 2017-05-23 20:27:37 -07:00
Steve Howell 036f66aba3 Add test_get_avatar_url_with_user_profile_lookup test. 2017-05-23 18:35:45 -07:00
Vishnu Ks b5c4a95ef1 test_bots.py: Use example_email instead of using the emails directly. 2017-05-23 18:31:43 -07:00
Vishnu Ks dbdc0220b9 test_presence.py: Remove unused get_user_profile_by_email import. 2017-05-23 18:31:43 -07:00
Vishnu Ks 2b36df6b8f test_sessions.py: Use helpers instead of get_user_profile_by_email. 2017-05-23 15:27:21 -07:00
Vishnu Ks dafa89d52b test_outgoing_webhook_system.py: Replace get_user_profile_by_email with example_user. 2017-05-23 15:27:21 -07:00
Vishnu Ks 075b0cae70 test_bugdown.py: Remove unused get_user_profile_by_email import. 2017-05-23 15:27:21 -07:00
Vishnu Ks 7950f5242a test_unread.py: Replace get_user_profile_by_email with get_user. 2017-05-23 15:27:21 -07:00
Tim Abbott a833fa39b8 test_messages: Fix tests failing due to error message change. 2017-05-23 15:27:21 -07:00
Matt Long 19363b2b77 notification_settings: Refactor notification preference settings.
Previously, all notification preference setting had a dedicated test
and setter. Now, all are handled through a modular function using the
property_types framework.
2017-05-23 14:47:46 -07:00
Rick Chern 70d68f7e71 Refactoring: Replace get_user_profile_by_email() in lib/upload.py 2017-05-23 12:37:49 -07:00
Steve Howell 484f32646b Rename file to test_new_users.py.
The old file name of test_send_login_emails was
overly specific, and we want to add some tests
related to other parts of the signup process.
2017-05-23 12:34:44 -07:00
vaibhav 287aaa21b6 Outgoing Webhook System: Add outgoing webhook queue worker. 2017-05-23 08:21:08 -07:00
vaibhav 53a8b2ac87 Outgoing Webhook System: Add DoRestCall and helper functions 2017-05-23 08:19:16 -07:00
Vishnu Ks 820dc9dd9a Replace espuser@mit.edu with mit_user('espuser'). 2017-05-22 19:02:42 -07:00
Vishnu Ks 99fc0e9e62 Replace starnine@mit.edu with mit_user('starnine'). 2017-05-22 19:02:42 -07:00
Vishnu Ks c680c5f1e8 Replace sipbtest@mit.edu with mit_user('sipbtest'). 2017-05-22 19:02:42 -07:00
Vishnu Ks 05951074be Make MITNameTest use ZulipTestCase instead of TestCase. 2017-05-22 19:02:42 -07:00
Lukasz Prasol 5eaccc550a rate_limit: Make retry-after data machine-readable.
Fixes #4831.
2017-05-22 17:35:12 -07:00
umkay 510b7a0489 mypy: Add ignore type for dynamically added field on LogRecord.
mypy will error because of the attribute "request" on the LogRecord
object. Since this field is added in our tests dynamically and is not
on the base object, for now we will ignore the type.
2017-05-22 14:38:39 -07:00
Tim Abbott 040067b2a2 invite: Remove obsolete bulk_invite_users endpoint. 2017-05-17 17:30:15 -07:00
Aditya Bansal 57bc847874 pep8: Add compliance with rule E261 to test_urls.py. 2017-05-18 03:00:32 +05:30
Umair Khan 38ecc35cd9 push_notifications: Catch IOError while pushing to GCM. 2017-05-17 12:14:32 -07:00
Umair Khan 7e8f4ca4e8 push_notifications: Include GCM in end-to-end test. 2017-05-17 08:09:19 -07:00
Tim Abbott cab908b664 api: Move notifications_stream into the register_ret API.
While we're at it, we at least fix the API to use a stream ID, not a
stream name, to refer to the notifications stream.
2017-05-16 18:57:14 -07:00
Tim Abbott 9d63a5ab3a push_notification: Delete obsolete DBX_IOS_APP_ID code.
I'm not sure that this was ever actually used, but it's definitely
just clutter for Zulip today.
2017-05-16 12:26:55 -07:00
Umair Khan fa5c66c439 push_notifications: Add num_push_devices_for_user tests. 2017-05-16 12:26:55 -07:00
Umair Khan 88f5d29e19 push_notifications: Add send_to_push_bouncer tests. 2017-05-16 12:26:55 -07:00
Umair Khan af27ad607a push_notifications: Add handle_push_notification tests. 2017-05-16 12:26:55 -07:00
Umair Khan 8a6498f55d push_notifications: Create BouncerTestCase.
Adds bounce_request method to simulate a bounce.
2017-05-16 12:26:55 -07:00
Umair Khan 5907877038 push_notifications: Add test for send_notifications_to_bouncer. 2017-05-16 12:26:55 -07:00
Umair Khan fab4249893 push_notifications: Add get_gcm_payload tests. 2017-05-16 12:26:55 -07:00
Umair Khan 136a950041 push_notifications: Add test for APNs payload. 2017-05-16 12:26:55 -07:00
Umair Khan 47d0f7d996 push_notifications: Add tests for get_alert_from_message. 2017-05-16 12:26:55 -07:00
Umair Khan df0d29aaff push_notifications: Add response_listener tests. 2017-05-16 12:26:55 -07:00
Steve Howell e6cc0ffcdd Eliminate PMs to non-subscribers when creating streams.
This should make stream creation relatively fast again, since we
will no longer send O(N) PMs out to tell folks the stream was
created.
2017-05-16 10:43:27 -07:00
Steve Howell bbd8c1c49b Do not send PMs to subscribers when creating streams.
When we create a stream, we usually send a welcome message on the
stream itself as well as an announcement on the announcement stream,
but we no longer PM the individual users.  Hopefully this will be
more pleasant for users (less spammy), and it also will make creating a
stream a lot faster.

We still send notifications when we add subscribers to an existing
stream.
2017-05-16 08:58:17 -07:00
Steve Howell e2732dabf3 Send welcome messages as part of /create_realm flow.
We now pre-populate the streams in DEFAULT_NEW_REALM_STREAMS
(social/general/zulip, unless somebody changes settings.py) with
welcome messages.  This makes the streams appear to be active
right away, and it also gives the Zulip realm less of a
blank-slate feeling when you create it.

This change only affects the normal web-based create-realm flow.
It doesn't impact the management commands for creating realms
or setting default streams.
2017-05-15 20:38:08 -07:00
Tim Abbott 97abaae9af home: Remove now-unnecessary page_params_core_fields duplication.
Also, we update the documentation to make the overall system a bit
clearer.

Fixes #4628.
2017-05-13 22:58:18 -07:00
Tim Abbott acb3c1e7ff test_templates: Fix errors from compare.html template. 2017-05-13 14:57:06 -07:00
Tim Abbott 51978d0f89 tests: Fix failing login tests.
Apparently I missed these when updating
4d2bb0dec8.
2017-05-13 13:05:15 -07:00
Tim Abbott 4d2bb0dec8 templates: Clean up visuals for account-not-found SSO flow.
Also, clarify that the account that isn't found is your Zulip account,
not a GitHub/Google Oauth account.
2017-05-13 12:46:05 -07:00
Tim Abbott 72abd4f12d mentions: Fix subject line and sender for missed-message mentions.
This fixes 2 issues:
* The term "@-mentioned" is simplified to "mentioned".
* We would incorrectly list other people who sent context messages as
  among the people who mentioned you.
2017-05-12 13:50:25 -07:00
James Rowan 0facaa0797 Changes sender and subject lines for missed message emails.
Now, in the event of messages between two other members of a huddle,
the missed message emails are threaded in "Group PMs with name1 and
name2" and not in separate threads by sender.

Also, now the order of recipients in get_display_recipient consistent
with the order of names that appears in the list of personal messages
on the left sidebar.

Fixes most of #4553.
2017-05-12 13:29:43 -07:00
Tim Abbott 13a37f74a1 users: Ban names shorter than 3 characters.
The empty string is not a reasonable name.
2017-05-11 19:21:51 -07:00
Cory Lynch 68e5898a07 emoji.py: Add restriction that realm emoji must be lowercase.
Raises error if emoji name has an uppercase letter in it.
2017-05-11 19:10:21 -07:00
Tim Abbott 223624be25 settings: Add support for longer, markdown-powered realm descriptions.
This makes it possible to create much prettier login pages.

Further work on styling may be necessary.
2017-05-11 13:59:46 -07:00
Umair Khan dc2a9a4c5b github: Add sign up button on registration page. 2017-05-10 17:49:08 -07:00
Umair Khan d56db0a3b4 auth.py: Add confirmation handlers for signup.
These handlers will kick into action when is_signup is False. In case
the account exists, the user will be logged in, otherwise, user will
be asked if they want to proceed to registration.
2017-05-10 17:20:34 -07:00
Tim Abbott e8eaec0a18 mypy: Fix various errors caught by removing cache_with_key. 2017-05-10 14:37:20 -07:00
Tim Abbott a0a50d410c test_docs: Add tests to ensure all integrations present. 2017-05-10 11:30:32 -07:00
Tim Abbott 232592cc9f test_sessions: Extends tests to reach 100% coverage of sessions.py.
Fixes #3980.
2017-05-10 10:12:21 -07:00
andrewallen00 53f1f75fcb Add tests for zerver/lib/sessions.py. 2017-05-10 10:12:14 -07:00
Tim Abbott 9f7236eec1 message: Remove unused old gravatar_hash field from message dicts.
This was deprecated and replaced some 4 years ago.
2017-05-09 22:33:27 -07:00
Tim Abbott bd3e338c35 templates: Fix URL coverage for new files. 2017-05-09 18:42:24 -07:00
Tim Abbott fc24a56fc5 test_docs: Fix expected text in /hello page. 2017-05-09 17:23:38 -07:00
Tim Abbott df6dba9673 test_home: Fix expected text in /hello page. 2017-05-09 16:59:33 -07:00
Tim Abbott 2d97db3518 streams: Add endpoint for modifying properties of a single stream.
This is likely to be the more common endpoint for API clients like the
mobile apps to interact with when modifying streams.
2017-05-09 13:42:34 -07:00
kunall17 e087bc24f8 streams: Migrate stream property changes to new REST endpoint.
This is one of the last major endpoints that were still done in the
pre-REST style.

While we're at it, we change the endpoint to expect a stream ID, not a
stream name.
2017-05-09 13:39:23 -07:00
Rohitt Vashishtha 0414ac6df5 bugdown: Convert GitHub image-preview urls to image urls.
This makes inline image previews work for links to image files' pages
on GitHub.

Fixes #4658.
2017-05-09 11:22:37 -07:00
Steve Howell b609911656 Remove unused get_user_profile_by_email() imports. 2017-05-08 11:57:38 -07:00
Steve Howell 3b2a3601c1 tests: Add ZulipTestCase.notification_bot(). 2017-05-08 11:57:38 -07:00
Steve Howell 3a031f6814 test: Use example_user() in more places.
This commit replaces calls to get_user_profile_by_email() with
calls to self.example_user() by introducing a local variable.
2017-05-08 11:57:38 -07:00
Steve Howell 7f9057ba99 tests: Use example_user() in more places. 2017-05-08 11:57:38 -07:00
Steve Howell 6bc8424c71 Use self.example_user() in more places.
This fixes most cases where we were assigning a user to
the var email and then calling get_user_profile_by_email with
that var.

(This was fixed mostly with a script.)
2017-05-08 11:57:38 -07:00
Steve Howell 942db9b6c5 tests: Added ZulipTestCase.example_user() function.
The example_user() function is specifically designed for
AARON, hamlet, cordelia, and friends, and it allows a concise
way of using their built-in user profiles. Eventually, the
widespread use of example_user() should help us with refactorings
such as moving the tests users out of the "zulip.com" realm
and deprecating get_user_profile_by_email.
2017-05-08 11:57:38 -07:00
Aditya Bansal b48f07ebc0 pep8: Add compliance with rule E261 to test_users.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal feb332920c pep8: Add compliance with rule E261 to test_typing.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal 191fead5a3 pep8: Add compliance with rule E261 to test_type_debug.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal fcb1e4d4f1 pep8: Add compliance with rule E261 to test_report.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal 2b1c6f7749 pep8: Add compliance with rule E261 to test_queue_worker.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal fd4ac33073 pep8: Add compliance with rule E261 to test_push_notifications.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal 0478a9d7f3 pep8: Add compliance with rule E261 to test_export.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal 7f5f4a511a pep8: Add compliance with rule E261 to test_decorators.py. 2017-05-07 23:21:50 -07:00
Aditya Bansal ce2790aae2 pep8: Add compliance with rule E261 to test_bots.py. 2017-05-07 23:21:50 -07:00
Umair Khan b8afd249e4 testing: Make test_hit_ratelimits deterministic.
On slower systems or virtual environments, when you are running
tests in parallel mode, sometimes the time taken to send messages
in this test exceeds 1 second which resets the limit.
2017-05-06 17:28:16 +05:00
Rishi Gupta 962b56efbd settings: Change example NOREPLY_EMAIL_ADDRESS to have a display name.
We used to use constructions like
from_email = "Zulip <%s>" % (settings.NOREPLY_EMAIL_ADDRESS,)
but no longer do. All references to settings.NOREPLY_EMAIL_ADDRESS in the
codebase now do not append a display name.
2017-05-05 14:38:25 -07:00
Rishi Gupta 8321bd3f92 notifications: Refactor missed message queue to use send_email.
This commit also changes the sender from "Zulip <NOREPLY_EMAIL_ADDRESS>" to
NOREPLY_EMAIL_ADDRESS when it is not set explicitly.
2017-05-05 14:38:25 -07:00
Rishi Gupta 6a8ed81439 send_email: Remove tags argument from send_future_email.
The tags argument was only being used by the Mandrill pathway, which is no
longer around.
2017-05-05 14:38:25 -07:00
Rishi Gupta 6b9f25a58a Remove duplicated code between send_future_email and send_email pathway.
Note that this change restricts the context for any template that uses
send_future_email to be jsonable.
2017-05-05 14:38:25 -07:00
Rishi Gupta 72ee5e5159 email: Make context for invitation_reminder template jsonable.
We are about to change send_future_email in a way that will require all
callers to use jsonable context.
2017-05-05 14:38:25 -07:00
Rishi Gupta 68c172192b email.py: Change recipients argument of send_future_email to to_email. 2017-05-05 14:38:25 -07:00
Rishi Gupta 0d4c1b0467 notifications: Move send_future_email to zerver/lib/send_email.py. 2017-05-05 14:38:25 -07:00
Rishi Gupta d70e09b41d notifications: Change sender arg of send_future_email to from_email.
This commit is a step towards the goal of replacing most of the
send_future_email pathway with a call to send_email.

Note that this commit changes the default value of sender from "Zulip
<NOREPLY_EMAIL_ADDRESS>" to "NOREPLY_EMAIL_ADDRESS". NOREPLY_EMAIL_ADDRESS
will soon be changed to have the Zulip in front.
2017-05-05 14:38:25 -07:00
Rishi Gupta 7741e099fc notifications.py: Merge send_local_email_template_with_delay into callers.
Note that the correctness of this commit relies on the fact that
send_future_email also sets the sender to settings.NOREPLY_EMAIL_ADDRESS by
default (in the body of the function).
2017-05-05 14:20:32 -07:00
Rishi Gupta a413b0dbad notifications: Change send_future_email to take a template_prefix.
Also reorders the arguments a bit to better match
zerver.lib.send_email.send_email.
2017-05-05 14:20:32 -07:00
Rishi Gupta cf38fd156b digest.py: Merge send_digest_email into its callers.
Most of the functionality of send_digest_email is being standardized in
zerver.lib.notifications.send_future_email.
2017-05-05 14:20:32 -07:00
Rishi Gupta 55a7aa4f9d test_signup: Add dnslookup patch for mirror_dummy_user registration test.
Fixes regression introduced in 326f9a85. The test indirectly makes a call to
email_is_not_mit_mailing_list, which then calls
DNS.dnslookup("%s.pobox.ns.athena.mit.edu" % username, DNS.Type.TXT).
2017-05-05 14:20:32 -07:00
Rohitt Vashishtha a2c1e10986 bugdown: Add domain-name to relative image-url in open graph data.
fixes #4608.
2017-05-04 16:54:10 -07:00
hackerkid af612a7e1d Extend test_user_default_language to include timezone test.
This renames the function to test_user_default_language_and_timezone.
2017-05-04 16:37:00 -07:00
Rishi Gupta 26ac344b19 email: Move and rename invitation_reminder_email templates. 2017-05-03 23:26:14 -07:00
Rishi Gupta 975d5bd8c0 email: Move and rename notify_change_in_email templates. 2017-05-03 20:54:40 -07:00
Rishi Gupta 4e779c3e6f email: Move and rename mituser_invite_email templates. 2017-05-03 20:54:40 -07:00
Rishi Gupta aa21012783 email: Move and rename mituser_confirmation_email templates. 2017-05-03 20:54:40 -07:00
Rishi Gupta 235abe0b72 email: Move and rename emailchangestatus_confirmation_email templates. 2017-05-03 20:54:40 -07:00
Rishi Gupta 0a32d9efa3 email: Fix filenames of notify_change_in_email templates. 2017-05-03 20:54:40 -07:00
Rishi Gupta 326f9a8506 email: Fix zephyr mirror registration email not working with subdomains.
If a user is trying to register for a mit zephyr mirroring realm, we send
them a specific registration email with a link to a few more instructions.

There is only one server that we know about that has such a realm, and that
server uses subdomains. This commit changes the logic to work in the
subdomains case, rather than in the non-subdomains case (though see next
para).

Note that the current check is deceptive, and is not actually correct in the
non-subdomains case. The prereg user has a realm only in the atypical case
of someone registering via the special URL for completely-open realms.

To do this correctly in the non-subdomains case, we would need to copy a
bunch of the logic from the beginning of accounts_register to figure out
which realm the user is signing up for, so that we can check if that realm
is a zephyr mirroring realm. Given how complicated the registration code is
already, I think it is probably not worth it at the moment. This commit also
removes the partial (deceptive) check, since I think it does more harm than
good.
2017-05-03 20:52:24 -07:00
Rishi Gupta 4027adb6cc email: Fix naming of mituser_invite_email files. 2017-05-03 19:34:58 -07:00
Rishi Gupta e89c5e4129 email: Fix naming of mituser_confirmation_email files.
I suspect this was actually just broken, and sending a confirmation email to
someone in a zephyr realm wouldn't have worked.
2017-05-03 19:34:58 -07:00
Rishi Gupta 4f20fdc572 user_settings: Update change-email confirmation message. 2017-05-03 19:34:58 -07:00
Tim Abbott c7ba9a2ae5 templates: Remove old Zulip, Inc. privacy policy.
This isn't useful for anything anymore, especially now since we have a
sysadmin-configurable PRIVACY_POLICY settings.
2017-05-03 17:59:53 -07:00
Tim Abbott 51260b7536 auth: Add new route to get server settings.
Specifically, this makes easily available to the desktop and mobile
apps data on the server's configuration, including important details
like the realm icon, name, and description.

It deprecates /api/v1/get_auth_backends.
2017-05-03 16:40:14 -07:00
Eeshan Garg e87e246fcb zerver/decorator: Set request.client in api_key_only_webhook_view.
Previously, api_key_only_webhook_view passed 3 positional arguments
(request, user_profile, and client) into a function. However, most
of our other auth decorators only pass 2 positional arguments. For
the sake of consistency, we now make api_key_only_webhook_view set
request.client and pass only request and user_profile as positional
arguments.
2017-05-01 23:44:07 -07:00
sinwar 5c3cb79747 streams: Ban null character from stream name.
This is a better solution to the problem of how _pg_re_escape should
handle the null character.  There's really no good reason to have a
null character in a stream name.
2017-05-01 23:43:01 -07:00
Rohitt Vashishtha 47eb19331d ux: Display error on login/registration if no auth backends are enabled.
Also makes a small tweak to CSS to ensure the styling is consistent on
the two pages.

Fixes #4525.
2017-05-01 17:17:37 -07:00
Steve Howell e3edc4d829 Send welcome messages for new streams. 2017-05-01 16:23:38 -07:00
K.Kanakhin f13d6a18eb realm-emoji: Add realm emoji uploading instead url providing.
- Add file_name field to `RealmEmoji` model and migration.
- Add emoji upload supporting to Upload backends.
- Add uploaded file processing to emoji views.
- Use emoji source url as based for display url.
- Change emoji form for image uploading.
- Fix back-end tests.
- Fix front-end tests.
- Add tests for emoji uploading.

Fixes #1134
2017-05-01 14:50:20 -07:00
Tim Abbott 445cf8c680 reactions: Add a test for the Zulip emoji.
This fixes a coverage problem introduced by recent emoji refactoring.

Also, it'll help prevent us from breaking this feature in the future.
2017-04-30 20:16:51 -07:00
Tim Abbott a7efe222ee tests: Use slightly_smiling_face instead of simple_smile.
The latter name is likely to be removed in the near future.
2017-04-30 16:40:58 -07:00
fionabunny 78f2df5649 home.py: move initial_pointer as pointer to register_ret.
This is the last of the fields in page_params that could come from
register_ret but wasn't doing so.
2017-04-28 23:39:14 -07:00
fionabunny d3e7e6542a home.py: move user_profile full_name to register_ret.
Move the user_profile data section down into fetch_initial_state_data
so it entirely pulls from register_ret for #3853.
2017-04-28 23:31:28 -07:00
Tim Abbott df8f4a837c home: Get page_params.enable_desktop_notifications from register_ret. 2017-04-28 23:15:35 -07:00
Tim Abbott c63466cae3 home: Get pm_content_in_desktop_notifications from register_ret. 2017-04-28 22:06:32 -07:00
Tim Abbott 2a16cc1d24 home: Get enable_stream_desktop_notifications from register_ret. 2017-04-28 22:01:46 -07:00
Tim Abbott 2a8a101fe2 home: Get page_params.enable_stream_sounds from register_ret. 2017-04-28 21:56:58 -07:00
Tim Abbott 30db811167 home: Get page_params.enable_sounds from register_ret. 2017-04-28 21:54:05 -07:00
fionabunny 78bcbc79d6 home.py: move people_list as realm_users to register_ret.
Simplify the page_params generation logic #3853
2017-04-28 21:33:33 -07:00
fionabunny 7db8c61aac home.py: move event_queue_id as queue_id to register_ret.
Simplify the page_params generation logic #3853
2017-04-28 21:33:17 -07:00
fionabunny 453fc06686 home.py: move initial_presences as presenses to register_ret.
Simplify the page_params generation logic #3853.
2017-04-28 21:30:29 -07:00
fionabunny 84c4d67916 home.py: move bot_list as realm_bots to register_ret.
Simplify the page_params generation logic #3853
2017-04-28 21:24:44 -07:00
fionabunny a7192f4334 home.py: move neversubbed_info as never_subscribed to register_ret.
Simplify the page_params generation logic #3853
2017-04-28 21:24:44 -07:00
fionabunny 5676eaab50 home.py: move unsubbed_info as unsubscribed to register_ret.
Simplify the page_params generation logic #3853
2017-04-28 21:24:43 -07:00
fionabunny 26d080cf64 home.py: rename subbed_info and move to register_ret. 2017-04-28 21:24:43 -07:00
fionabunny b7c6d46bf9 home.py: move password_auth_enabled as realm_password_auth_enabled.
Part of #3853.
2017-04-28 21:23:48 -07:00
fionabunny 635a05fe80 home.py: move name_changes_disabled as realm_name_changes_disabled.
This appears to have been partially completed prior.  Part of #3853.
2017-04-28 21:12:23 -07:00
fionabunny 70fe2eab60 home.py: move is_zephyr_mirror_realm as realm_is_zephyr_mirror_realm.
Part of #3853.
2017-04-28 21:12:16 -07:00
fionabunny 935ddf3b17 home.py: move show_digest_email as realm_show_digest_email.
Part of #3853.
2017-04-28 21:12:10 -07:00
fionabunny 64041e0da1 home.py: move mandatory_topics as realm_mandatory_topics to register_ret.
Part of #3853.
2017-04-28 21:12:05 -07:00
fionabunny 6d2785c853 home.py: move domains as realm_domains to register_ret.
Part of #3853.
2017-04-28 21:11:56 -07:00
Tim Abbott 8d0f48a71f mypy: Fix duplicate annotation in test_narrow. 2017-04-28 15:47:26 -07:00
Raghav Jajodia 60362a0bec test_narrow: Add test for search operation using email.
Fixes #3074.

(Note the main issue was actually fixed by
2f09866364); this just adds a test.
2017-04-28 15:40:50 -07:00
Neeraj Wahi 90a154e451 Add mobile auth redirect to custom URI scheme (zulip://).
This makes it possible for the Zulip mobile apps to use the normal web
authentication/Oauth flows, so that they can support GitHub, Google,
and other authentication methods we support on the backend, without
needing to write significant custom mobile-app-side code for each
authentication backend.

This PR only provides support for Google auth; a bit more refactoring
would be needed to support this for the GitHub/Social backends.

Modified by tabbott to use the mobile_auth_otp library to protect the
API key.
2017-04-28 11:47:35 -07:00
Tim Abbott 54b899860d auth: Add GitHub to list of reported backends. 2017-04-28 11:47:35 -07:00
Tim Abbott 45b2b25026 mobile: Add mobile one-time-pad library.
We'll need to implement a version of the simple decoding/decryption
logic used by this library in the mobile code as well, but that should
be simple enough.
2017-04-28 11:47:35 -07:00
Tim Abbott ce33368905 GoogleOAuthTest: Include the /accounts/login/google/ step in tests.
This makes our Google auth tests a bit more faithful, in that they now
follow the full Oauth flow, rather than skipping the first step.
2017-04-28 11:47:35 -07:00
Tim Abbott 8b78f22660 GoogleOAuthTest: Refactor parameter encoding. 2017-04-28 11:47:35 -07:00
K.Kanakhin e2cf6102fb test_tornado.py: Add websocket closing to tornado tests.
- Extend tornado tests with closing WebSocket connection
to avoid leakings warnings.
- Mark test_tornado as having 100% coverage.

Fixes #3942.
2017-04-27 12:05:56 -07:00
Tim Abbott 331207a02b create_realm: Fix heading for creating an organization. 2017-04-27 11:12:09 -07:00
Brock Whittaker 7afbc9ddd6 Redesign login and registration pages.
This completes a major redesign of the Zulip login and registration
pages, making them look much more slick and modern.

Major features include:
* Display of the realm name, description and icon on the login page
  and registration pages in the subdomains case.
* Much slicker looking buttons and input fields.
* A new overall style for the exterior of these portico pages.
2017-04-26 18:04:05 -07:00
Tim Abbott 2708062181 events: Add support for fetch_event_types option to events_register.
This new feature makes it possible to request a different set of
initial data from the event_types an API client is subscribing to.

Primarily useful for mobile apps, where bandwidth constraints might
mean one wants to subscribe to events for a broader set of data than
is initially fetched, and plan to fetch the current state in future
requests.
2017-04-26 16:02:40 -07:00
K.Kanakhin 18f2a7428f Fix missing aggregated info in real-time sync race for presence.
- Add aggregated info to real-time updated presence status.
- Update `presence events` test case with adding aggregated
  information to presence event.
- Add test case for updating presence status for user which
  send state from multiple clients.

Fixes #4282.
2017-04-26 13:20:22 -07:00
Tim Abbott c4716aefc7 mypy: Move `type: ignore` check to the line with the error.
Fixes https://travis-ci.org/zulip/zulip/jobs/225841310

I'm pretty sure the fact that I need to do this is a mypy bug.
2017-04-25 23:44:41 -07:00
Tim Abbott cb6373210b logging_handlers: Fix tracebacks being emailed in subject lines.
Some exceptions happening in queue processors were being incorrectly
emailed out in the subject line, rather than the body, of the error
report.
2017-04-25 18:55:11 -07:00
Tim Abbott c0d7e83333 logging: Change missing push notification keys from error to warning.
This is a configuration problem, but it just means a feature is not
enabled, not that attention is required, so it should be a warning,
not an error.
2017-04-25 13:52:36 -07:00
Tim Abbott b6094b8e91 logging_handlers: Fix missing host key in queue errors.
This fixes exceptions thrown when trying to report errors from queue
processors to email.
2017-04-25 13:48:44 -07:00
Maxim Averin 15170b5423 Switch regenerate_api_key to use RealmAuditLog. 2017-04-25 10:23:33 -07:00
Harshit Bansal 07081196f4 backend: Allow to change UserProfile's `emojiset` field via api. 2017-04-24 22:30:07 -07:00
Umair Khan 556264f3d7 reset_password: Modify password reset email if email is in wrong realm.
This fixes a confusing issue where a user might try resetting the
password for an email account that in part of a different Zulip
organization.

Is a useful early step towards making Zulip support reusing an email
in multiple realms.

Fixes: #4557.
2017-04-24 21:58:29 -07:00
K.Kanakhin e3e52e7284 email-mirror: Move postfix email mirror integration to separate script.
This fixes a performance problem where we were previously starting up
a full Django process (~0.7s even on a fast machine) every time a new
email came in, potentially allowing users to accidentally DoS a Zulip
server.  Now, we just post over HTTPS, allowing the existing thread
pool support to do its job.

- Add script wrapper to communicate postfix pipe with django web server
  over HTTP(S). It uses shared_secret authentication mode.
- Add django view to process messages from email mirror server.
- Clean management command `email-mirror`. Left just functional
  for cron email processing.
- Add routes for new tornado view.
- Change pipe script in master process postfix config template
  based on updated script.
- Add tests.

Tweaked by tabbott to adjust the directory and set better defaults.

Fixes #2421.
2017-04-24 21:24:23 -07:00
Maxim Averin 73a1dd63d5 analytics: Refactor legacy 'zulip_internal' decorator.
Rename 'zulip_internal' decorator to 'require_server_admin', add
documentation for 'server_admin', explaining how to give permission
for ./activity page.

Fixes: #1463.
2017-04-22 11:42:02 -07:00
Michael 854d70e7c6 test_events: Verify format of event dicts precisely.
This is basically just using the new check_dict_only everywhere, with
a few exceptions:
* New self.check_events_dict automatically adds the id field to avoid
  duplicating it ~80 times.
* Set log=False for many of the testing action functions to remove the
  timestamp field from their returned event dictionaries, since it's
  not needed and is the result of a deprecated log_event function.

Wasn't sure if the subscription_field list in do_test_subscribe_events
could contain optional arguments, so I left the call to check_dict on
along with a TODO.

Fixes: #1370.
2017-04-22 11:22:41 -07:00
Aditya Bansal bdcddd35d0 tests: Add wrapper for client.logout in ZulipTestCase.
In this commit we add a logout wrapper so as to enable developers
to just do self.logout instead of doing a post request at API
endpoint for logout. This is achieved by adding a wrapper function
for the Django's client.logout contained in TestCase. We add this
by extending ZulipTestCase to have a logout function.
2017-04-21 21:45:55 -07:00
Umair Khan 8b88cfc84b redirect_and_log_into_subdomain: Handle is_signup. 2017-04-20 11:11:54 -07:00
Umair Khan 4ab783134e testing: Move unsign_subdomain_cookie to test_helpers.
We'll be using it in other files soon.
2017-04-20 11:10:56 -07:00
Umair Khan 8fee31f7ff forms.py: Include email in the error messages. 2017-04-20 11:07:01 -07:00
Tim Abbott 55bea73035 Revert "github: Call the appropriate authenticate."
This reverts commit ab260731a9.

The overridden authenticate method was buggy.
2017-04-19 10:06:00 -07:00
Tim Abbott cddee49e75 Add support infrastructure for push notification bouncer service.
This is an incomplete cleaned-up continuation of Lisa Neigut's push
notification bouncer work.  It supports registration and
deregistration of individual push tokens with a central push
notification bouncer server.

It still is missing a few things before we can complete this effort:
* A registration form for server admins to configure their server for
  this service, with tests.
* Code (and tests) for actually bouncing the notifications.
2017-04-18 23:03:06 -07:00
Umair Khan 8f5dfffe39 testing: Fix test_update_invalid_value.
This test was using hardcoded field id which made it order dependent.
2017-04-18 21:46:14 -07:00
Jacob Hurwitz 8343d80873 Fix mobile home view returning messages older than the pointer.
In cases where old unread messages in the home view might have been
leaked (either due to bugs or unusual muting interactions), it's
theoretically possible for the first unread message in the home view
to be far older than the pointer.

Since the Zulip mobile app is loading messages following the
use_first_unread logic, we need to plug this gap.

Probably a longer-term solution will involve changing how
update_message_flags works to automatically advance the pointer, but
this change should make it possible for the mobile apps to
consistently use the `use_first_unread` mechanism for fetching the
latest home view messages.

With tweaks to the tests by tabbott.

Fixes zulip/zulip-mobile#422.
2017-04-18 21:39:24 -07:00
Tim Abbott a543b3cacd attachment: Clarify and test logic for invalid uploads. 2017-04-18 21:27:29 -07:00
Tim Abbott 568b59291b attachment: Improve rules for managing attachment ownership.
The previous logic was that anyone with a link to a file could send it
to other users, but only the owner could make a file realm-public.
This had some confusing corner cases.

The new logic is much simpler:
* Only the file's owner/uploader can include a file in a message for
  the first time.
* Anyone with access to read a file can share it with others by
  including it in messages they send.
* Once a file has been sent to a public stream, any user in the realm
  can access it.
2017-04-18 21:27:29 -07:00
Aditya Bansal 08e4a67fa5 tests: Fix occasionally breaking tests.
In this commit we fix the occasionally breaking tests for
test_home.HomeTest.test_bad_narrow which were the result of
us patching global settings in test_upload to add some new emails
to CROSS_REALM_BOT_EMAILS and not rolling back.
2017-04-18 19:44:12 -07:00
Abhijeet Kaur 5e55fe992d backend: Add ability to search by group private message thread.
This doesn't yet contain the frontend or documentation for this
feature.

Modified by tabbott to rename the parameter and line-wrap the query
code.
2017-04-18 15:50:27 -07:00
Umair Khan cf3b6c6ca9 profile: Support custom profile data.
Implements backend for #1760.
2017-04-18 15:20:59 -07:00
Kouhei Sutou 2f09866364 message: Support highlight in link tag.
textsearch based full text search doesn't match text in link tag but
PGroonga based full text search can match text in link tag.

Without this change, highlighting text in link tag generates broken
HTML.
2017-04-18 13:15:48 -07:00
Tim Abbott cbc731963f decorator: Add support for Django internal_notify_view. 2017-04-18 09:59:07 -07:00
Umair Khan d699172d06 authenticate_remote_user: Properly handle None email. 2017-04-18 09:33:03 -07:00
Tim Abbott cf2897d758 test_home: Fix test_handlebars_compile_error mock request.
Using a MagicMock for the request caused weird problems with invalid
input in the context processors.
2017-04-17 22:15:46 -07:00
Umair Khan ab260731a9 github: Call the appropriate authenticate.
This commit makes sure that GitHubAuthBackend will only authenticate
using its own authenticate method. This is done by adding a new
Python Social Auth strategy which instead of calling authenticate
method of Django, calls the authenticate of the backend directly.

The problem this commit solves is that while authenticating through
GitHub backend, we were ending up getting authenticated through
ZulipDummyBackend. This might happen because the default strategy used
by Python Social Auth calls the authenticate method of Django which
iterates over all the backends and tries the authenticate methods
which match with the function arguments. The new strategy this commit
adds calls the authenticate method of GitHub backend directly which
makes sense because we already know that we want to authenticate with
GithHub.

The actual problem of why we are ending up on ZulipDummyBackend is
still a mystery because the function arguments passed to its
authenticate method are different. It shouldn't be called.
2017-04-17 21:03:08 -07:00
Sampriti Panda 0e3d694df8 bugdown: Use queue for processing of links in image previews.
Earlier, a stack was being used to go through the message and search
for links.  Because of this, in some cases the images were added to
the preview in reverse.  Using a queue will keep the image previews in
the same order as they appeared in the message.

Fixes #4453.
2017-04-17 20:48:16 -07:00
Tim Abbott 0c8575e2dc user_settings: Disable bot access to several endpoints.
These settings have no effect on bots, so this change is mostly about
just avoiding confusion.
2017-04-16 13:14:59 -07:00
Rishi Gupta e14c940ecc decorator: Add human_users_only decorator.
Applies it to presence.update_active_status_backend as an example of usage.
2017-04-16 12:51:23 -07:00
Tim Abbott 9400689f86 presence: Remove use of timezone.now(). 2017-04-16 12:32:57 -07:00
hackerkid b2504084ab Replace timezone.now with timezone_now. 2017-04-16 12:28:56 -07:00
hackerkid 55c3d12078 Replace timezone.utc with timezone_utc. 2017-04-16 12:28:56 -07:00
Rishi Gupta b5482d51b1 presence.py: Change bot-related error messages to match each other. 2017-04-14 14:34:17 -07:00
Rishi Gupta bbddbdeb25 presence.py: Enforce bots cannot use update_active_status_backend.
We need to keep the UserActivity table clean now that we're using it to
compute 15day actives in analytics.
2017-04-14 14:34:17 -07:00
hackerkid bf3b2ac673 Include timezone in user_dict fields.
Tweaked by tabbott to avoid adding timezone to bot dicts, since bots
don't need a timezone.
2017-04-14 10:33:55 -07:00
Tim Abbott a417fd3c0b MessageDictTest: Fix nondeterministic query counts.
This fixes an issue with a nondeterministic number of database queries
being used in fetching bulk messages from the database.  The source of
the problem was that we were fetching _all_ messages, not just the 600
that had been created by the test, and thus if the set of streams
present in messages in the test fixtures (which is random) changes,
the number of streams used (and thus number of queries) would change.
2017-04-14 09:55:27 -07:00
Umair Khan 519dcdb750 api_dev_fetch_api_key: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
Umair Khan 80b019629c remote_user_sso: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
Umair Khan 93aa478efb api_fetch_api_key: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."

The only backend which can accept a non-email username is LDAP.
So we check if it is enabled before showing the custom message.
2017-04-13 12:48:13 -07:00