This replaces the two custom Google authentication backends originally
written in 2012 with using the shared python-social-auth codebase that
we already use for the GitHub authentication backend. These are:
* GoogleMobileOauth2Backend, the ancient code path for mobile
authentication last used by the EOL original Zulip Android app.
* The `finish_google_oauth2` code path in zerver/views/auth.py, which
was the webapp (and modern mobile app) Google authentication code
path.
This change doesn't fix any known bugs; its main benefit is that we
get to remove hundreds of lines of security-sensitive semi-duplicated
code, replacing it with a widely trusted, high quality third-party
library.
We implement 3 changes:
1. Partial Stream Typeahead
In addition to regular stream completion, we do partial completion
of stream typeahead on pressing '>'. We use our custom addition to
typeahead.js: this.trigger_selection to start topic_list typeahead.
Implements: `#stream na|` (press >) => `#**stream name>|`.
2. Topic Jump Typeahead
'topic_jump' typeahead moves the cursor from just ahead of a
completed stream-mention to just after the end of the mention
text and is triggered by typing '>' after the stream mention.
This typeahead merely uses the regex matching and event hooks of
the typeahead library instead of displaying any text completions.
Implements: `#**stream name** >|` => `#**stream name>|`.
3. Topic List Typeahead
'topic_list' typeahead shows the list of recent topics of a stream
and if your current text doesn't match one of them, also shows you
the current query text, allowing you to create mentions for topics
that do not exist yet.
Implements: `#**stream name>someth|` => `#**stream name>something** |`.
At the end of this commit, we support the following mechanisms to
complete the stream-topic mention:
1. Type "#denmar|".
2. Press Enter to get "#**Denmark** |".
3. Press > to get "#**Denmark>|".
4. Type topic name and press enter.
OR
1. Type "#denmar|".
2. Type > to get "#**Denmark>|".
3. Type topic name and press enter.
Both result in the final inserted syntax: "#**Denmark>topic name**".
Documentation is still pending.
Fixes#4836.
We add support for triggering typeahead_completion on custom keyup events
in addition to Tab and Enter. The function `this.trigger_selection` takes
the keyup event as its argument and has the same `this` context as the other
typeahead functions.
This is being added to support partial completion of stream typeahead to
directly start the topic_list typeahead.
We add support for automatically selecting the currently highlighted
option in a typeahead without rendering the typeahead or the user
pressing 'enter'. The function `this.automated` can use available
data such as this.completing and this.token to determine if we should
automate selection or not.
This is being added to support the topic_jump mechanism.
If we complete a typeahead with an invalid stream name in composebox,
we would get 'compose_stream is undefined' error while running the
checks to prevent accidentally mentioning private streams.
We can safely early-return from this function and let the 'send'
event handler show the error to the user.
In this refactor, we extract two functions in unread.js. Which one to
use depends on whether res has already been fetched or not.
This also adds node tests to maintain coverage of unread.js.
Tweaked by tabbott for cleaner variable names and tests.
When we add Plus, the first sentence should change to "Available on Zulip
Standard and Plus".
I copied the styling of .tip out of expediency, but it's also possible that
long term we'll want only 1 tip-like box styling.
The hover styling is a bit random, but I tried to copy other hover styles I
found in settings.scss.
Note that this renames .upgrade_realm_plan_type_suggestion to .upgrade-tip.
Border and text color applied by specific classes such as sea-green
were nullified by the previous selector; this commit restores the coloring
for these buttons.
Given that all links are now modals triggered by JS, the anchor links are
just invalid HTML that have no purpose. This commit refactors the HTML to
eliminate them by adding the Bootstrap-native btn-link class to maintain
styling. Fixes part of #6126.
This change is long overdue. After implementing this much more robust
system and deploying it on chat.zulip.org, we hesitated to make
load_server_counts the default behavior in master, because of data
anomalies present for many existing users (basically messages far back
in their history that they had never read, on streams they believed
themselves caught up on), which would have been confusing for many
users.
However, because the mobile apps have been using this data set for a
long time, we've likely cleared out the anomalies from active users'
data set. And for older users, they're going to come back to
approximately infinite unread messages anyway, so the data anomalies
are unlikely to be important.
Fixes#7096.
When user name changes are disabled and the disabled name change info icon
shows, trailing whitespace gets linkified because of the link's
inline-block property. Use Handlebars whitespace omission syntax to
eliminate this behavior.
This icon should only show when the user is not an admin and either the
realm or server settings have disabled name changes. Previously the icon
always showed for admin users.
The count_span element is parented by a .selectable_sidebar_block element
which is parented by the li element that the class is supposed to be added
to. Thus, use the parents() jQuery method for locating the li parent so
that the class gets added to the correct element.
This commit adds a new setting to the user's notification settings that
will change the behaviour of the unread count in the title bar and
desktop application.
When enabled, the title bar will show the count of unread private messages
and mentions. When disabled, the title bar will act as before, showing
the total number of unread messages.
Fixes#1736.
The proposed fix in #11662 was effectively a workaround for some
already bad logic. What we actually want to do is described in the
updated function comment (from the spec in #5914), and requires an
additionl case that was not present in the original implementation
(which effectively assumed a collapsed message was condensible).
Also add some documentation.
Fixes#11662.
The approach taken here is basically use user IDs in operator that
support it when sending the request for fetching the messages
(see comments in code for more details).
Combined with work in the desktop app, this makes it possible for the
desktop app to clearly indicate to other users whether the current
user is active on the system and thus would see a desktop
notification, not just whether they are active in the current Zulip
window.
Essentially rewritten by tabbott to add unit tests and consider the
desktop app data authoritative.
We were doing the seemingly innocent
.toggle(version_info.show_instructions) to show the instructions if
and only if show_instructions was true. However, our data structures
that should have been false didn't set a value, and `.toggle` with no
arguments just flips the state, rather than unconditionally hiding.
We added custom event handlers on anchor tags to show transitions
when switching between pages, a behaviour we have since removes in
commit a0dacea811.
Our approach didn't respect the target attribute for links and other
defaults that browsers offer with links.
We can now safely remove the event handler and restore the default
behavior of anchor tags.
We had several patches to spectrum, but the only essential one
(0ea770fc18) had already been fixed upstream,
and another was just handling jQuery deprecation warnings for not yet removed features.
See #12749 for details.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Add new custom profile field type, External account.
External account field links user's social media
profile with account. e.g. GitHub, Twitter, etc.
Fixes part of #12302
Chrome generates these to report things like “ResizeObserver loop
limit exceeded” (which is harmless).
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Fixes the click targets for the four links in the top left side bar
(All messages, Private messages, Mentions and Starred messages).
The click target now cover the whole row for these links.
Fixes#12449
Not all our errors actually happen in the contexts we were
wrapping (e.g. `setTimeout` and `_.throttle`). Also this fixes the
neat Firefox inspector feature that shows you where your event
handlers for a given DOM element actually live.
Using this "semi-modern" browser event means that Safari 9 and older
and IE10 and older may not have our browser error reporting active;
that seems fine giving the vanishing market share of those browsers.
https://blog.sentry.io/2016/01/04/client-javascript-reporting-window-onerror
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
The comment that jQuery “doesn’t have” this was nonsense: jQuery
supports every event the browser does.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
After migration to an ES6 module, `suppress_unread_counts` would no
longer be mutable from outside the module.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
After migration to an ES6 module, `messages_read_in_narrow` would no
longer be mutable from outside the module.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
After migration to an ES6 module, `suppress_scroll_pointer_update`
would no longer be mutable from outside the module.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
After migration to an ES6 module, `server_furthest_read` would no
longer be mutable from outside the module.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
After migration to an ES6 module, `recenter_pointer_on_display` would
no longer be mutable from outside the module.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
After migration to an ES6 module, `last_movement_direction` would no
longer be mutable from outside the module.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
The -2px list margin was almost but not exactly cancelling the 3px
paragraph margin, resulting in a line spacing exactly 1px taller than
the normal line spacing.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
This fixes (or at least reduces) a problem with inline `code blocks`
causing extra uneven vertical space below their line. The absolute
line-height was being measured relative to the lower midline of the
smaller font-size in the code blocks.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
The function activity.process_loaded_messages(messages) would be called
from message_events.js, this would call people.huddle_string with the
same message object, it was expected that this would return a list of
ids but the message.display_recipient attribute which was being sent
here used a "user_id" field instead of an "id" field.
Fixes: #12503.
06f3cb2b78 added some styling to make the
embed previews prettier, and in particular added a bottom fading gradient to
make the embed description text fade out slowly, when it is out of bounds.
The fading used an ::after pseudo-element which had 100% height of the
`.data-container` which contained the title and the description of the
preview. This pseudo-element got overlaid on the title and made it
un-clickable.
This commit retains the visual appearance of the fade, while reducing the
height of the ::after pseudo element, so that it never gets overlaid on the
title, keeping it clickable always.
We don’t need a hacked copy anymore. We run the installed version out
of node_modules in development, and a Webpack-bundled version of that
in production.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
It seems like the de facto standard ES polyfill library these days,
and we already depend on it through simplebar.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Moving bootstrap-typeahead from bundles/commons.js to bundles/app.js
and csrf.js from bundles/app.js to bundles/commons.js makes
bundles/commons.js equivalent to the "common" bundle, so we can
replace the latter with the former.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
The minimal syntactic sugar it might provide isn’t worth the
unexpected side effects (including side effects on third party
modules).
For now, we allow zrequire to emulate the previous syntax in the Node
test suite, even though stealing part of the NPM namespace is
confusing.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Historically, the logic that was extracted into set_layout_width only
did something on non-macOS platforms, where sbwidth != 0
(i.e. scrollbars have nonzero width).
However, with the addition of the fluid layout width option, that
function does something if either sbwidth != 0 OR fluid_layout_width
is enabled. At that point, we should just call that function
unconditionally.
As of commit cff40c557b (#9300), these
files are no longer served directly to the browser. Disentangle them
from the static asset pipeline so we can refactor it without worrying
about them.
This has the side effect of eliminating the accidental duplication of
translation data via hash-naming in our release tarballs.
This reverts commit b546391f0b (#1148).
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Commit 02413f9a1b introduced a bug
where any code reaching `if(operators('search')` would be executed,
which caused inputs where we didn't have the search operator to
throw an error when we do not find a search operan later.
At least one affected cases was narrowing to an empty topic.
These names were incorrect, as they made it sound like this feature
was about the browser window being focused, whereas they are in fact
about whether the user has accessed the browser window.
Fix the .get_suggestions and .get_suggestions_legacy
to correctly handle search terms in group PM and treat
it as search term by not concatenating it at end of pm-with
email list operand.
We reuse the link regexes we use elsewhere inn markdown
for parsing links in topic names and add a button to open
them in new tabs similar to our behavior with linkifiers
in topic names.
Fixes#12391.
Pasting a generated password into the password box triggers neither a
change event (until the password box is unfocused) nor a keyup event.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
It appears not to have been useful and makes it marginally harder to
reason about how module resolution works. Paths to static content in
node_modules should be resolved through Webpack instead.
(This node_modules symlink was originally created in the pre-webpack world
where all of our static asset paths were based in static/.)
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Modified heavily by punchagan to correctly handle narrowing to huddles, and
for `group-pm-with` narrows. Also, fixed broken tests in the original PR.
Closes#5876
Right now we have buttons for "New conversation" and "New private message"
in different views, but both buttons do the same thing.
The current state is confusing for new users, since there is already a lot
of terminology one needs to learn in order to understand the Zulip
conversation model. It's very plausible a user would think a "conversation"
is something different from a "private message" or a "topic".
The UI does not allow you to send a message to a stream you're not
subscribed to, even if the API does.
And since it's clear any member of the organization can join and then send,
there's no real harm in giving the simpler explanation.
Now that we have a system for storing HTTP headers for each integration, we
should fix the send_all button. Previously, it used the same user entered
custom HTTP header (from the GUI) for all of the fixtures, but now we
automatically determine the header with the new system instead.
With the help of `check_property_changed` function now we collect the data
whose values are changed from the current one. Currently this optimizes
only for those elements whose values are collected by
`populate_data_for_request` function i.e. it doesn't optimize data
collected by `get_complete_data_for_subsection`.
This is preliminary commit which moves `populate_data_for_request` function
down after the definition of all functions with which it will interact in
the future.
This is a preliminary commit which refactors `populate_data_for_request`
function, now this function traverse on all "property elements" of a given
subsection, but get the data only of those properties which have
`setting-widget-type` data attribute. Therefore, it doesn't change the
functionality of this function and overall changes don't make any
difference. In upcoming commits, we're going to use `input_elem` as an
argument to `check_property_changed` function, so that only those elements
whose values are changed are sent to the backend.
This moves `get_subsection_property_elements` out from the local context of
`settings_org.build_page` function, as it was unnecessarily initialized at
the time of page setup.
This fixes the mis-alphabetized `fluid_layout_width` at few places in
the codebase, along with that it also fixes sorting order of
`property_types` dictionary in models.py and few model fields of
`UserProfile` model class.
This concerns the part where the message viewport is scrolled in
order to keep the message content and edit box textarea at the same
vertical position.
Earlier calculations involved use of `.message_top_line`. Similar
adjustments can be made using only the message_content (which also
makes the calculation simpler).
These elements include:
* Stream description in the subscription overlay
* sidebar and
* stream settings
* Custom profile fields with rendered MD content
This commit disables "Mobile notifications" if `push_notifications` are not
enabled. It also adds a tooltip explaining why this is disabled.
Fixes#12208
If stream setting is disabled, setting-checkbox can not be
clicked. Although, it does allow to change value by clicking
on setting label.
This commit fixes above bug and disable click handler on
setting-label for disabled stream settings.
Add `name` attribute to stream settings `input` elements
and change `id` attribute corresponding to name.
`name` attribute stores value of settings name which is
stored in frontend data sets.
Change element ids of `is_muted` and `pin_to_top` settings,
to macth with the pattern of other stream settings.
This is preparatory refactor to support removing code duplication in
the stream settings templates.
Some search queries always return empty because of how we handle search,
this adds text that ensures users trying bad searches realize that they
are doing so.
Adding the element for the invite link would cause the modal footer to
shift upwards, in nightmode this caused the stream list to appear
beneath the footer as the footer background was transparent. This commit
replaces that styling with a solid equivalent color.
This fixes a bug where the default fade-in animation of bootstrap tool
tips caused the tool tip over the keyboard-icon to change shape slightly
while fading away.
Fixes#11766.
Previously, our Github authentication backend just used the user's
primary email address associated with GitHub, which was a reasonable
default, but quite annoying for users who have several email addresses
associated with their GitHub account.
We fix this, by adding a new screen where users can select which of
their (verified) GitHub email addresses to use for authentication.
This is implemented using the "partial" feature of the
python-social-auth pipeline system.
Each email is displayed as a button. Clicking on that button chooses
the email. The email value is stored in a hidden input above the
button. The `primary_email` is displayed on top followed by
`verified_non_primary_emails`. Backend name is also passed as
`backend` to the template, which in our case is GitHub.
Fixes#9876.
Now that we store HTTP headers in a way that is easy to retreive
by specifying the integration name and fixture name, we should
use it to pre-load the "Custom HTTP Headers" field in the
integrations dev panel.
This fixes an issue where one could end up with a `(` in the markdown
syntax for a link after copy-pasting this, which doesn't work in
markdown.
Fixes#12579.
Using the page_param variable "plan_includes_wide_organization_logo"
disallow users in a realm with a "LIMITED" plan type from uploading
their own wide organization logos and instead suggest that they
upgrade their plan using the page_param variable
"upgrade_text_for_wide_organization_logo" for the suggestion message.
Backend validation for this feature already exists.
This is pre-refactoring commit for notification settings template
deduplication using a loop. This commit refactors notifications
section and reorder labels to match the ordering in the templates.
This commit removes `propagate_stream_notifications_change`
element from notification template, as it is neglected
since commit b553507412.
Commit also removes `end_content` argument from
`settings_checkbox.handlebars` which was only used
for removed property.
The integrations page had css in both `landing-page.scss` and
`portico.scss`. With this commit, the styles are mostly unified into
a single separate file.
Change the display from `block` to `flex` in order to be able to
arrange the elements as wanted. Reset the css of the header elements
only for the description view. Add `font-size: 1.2em` because the font
doesn't need resizing in this case, it needs resizing only when the
title is in the box.
Removed the `padding-bottom` from the `nav` on mobile because it
overlaps the new header and you cannot click the back button from the
integrations.
Fixes: #12365.
We remove the title from `errbot` integration documentation so that
all documentations have the same style. See
https://github.com/zulip/python-zulip-api/pull/515 for a similar
change to integrations where the docs live elsewhere in version control.
We also remove the `margin: 0` from the instruction tip because where
the tip is followed by a list, there is no space between the two; this
change doesn't mess up the other places where the tip is used.
* There is only one word inside the buttons and that too was wrapped
inside `span.text` which was unnecessary. This is removed. All
corresponding properties (font-size) are moved to `.button`.
* Since the only `a` inside image actions are these buttons, all
the properties are transfered to `.button`.
* Similarly, properties for `.icon` are moved to `.button` and it is
also removed from the template.
* Font size was redundant for `.icon`
* display property is moved
* This rule was already invalid since `.download` is used in
templates as `.button.download` and here it was defined as
`.button .download`
* Even if the above was to be corrected, `.download` has position
`static` and hence the top positioning would never have affected
anything.
Also, options are now ordered from most restrictive to least restrictive.
A standard style here will be easier to understand and maintain as we add
more settings here.
This moves all the stylesheets like stats, billing etc. to another
directory called `static/styles/portico/`, matching the directory
structure of our JavaScript.
Rename notification property `enable_stream_sounds` to
`enable_stream_audible_notifications` to match with other
notification property patterns.
Fixes part of #12304
Prior to this commit, we'd put up the green "Enable desktop
notifications" bar on page load AND the first time a desktop
notification worthy message was received, it would attempt to notify,
automatically triggering a browser permission popup (the same one as
clicking the green bar results in).
Now, desktop notifications are not attempted at all until the green
bar is clicked. Additionally Firefox and Webkit browser-specific
checks are made more uniform and done at the same point.
Tested written by YashRE42.
Fixes#11504.
This tests was added to make sure we catch subtle bug related to
comparing new_recipient and current_recipient. When we changed the
recipient to use arrays instead of string to use new user IDs based
api we encoured this bug and out testing suite couldn't detect this.
Long-term, we want this flow to do a full re-authentication, but this
makes the frontend consistent with the backend and fixes a confusing
bug where submitting the form ended up adding a weird `?password=`
thing to the URL, in addition to not working.
Fixes#12200.
See example here: https://jsbin.com/relewizita/edit?html,js,output
Basically the original statement get the first of each input, button
and select element, and then select the first of these in the next
line. We can simply query the first one in one step. The settings
menu have at most 20 of these input elements so performance should
have no impact.
A selector like `$('.elem1 .elem2:first')` selects the first descendant
with class name `.elem2` under `.elem1`. This is the same as saying
`$('.elem1 .elem2').first()`. See example here:
https://jsbin.com/bohehesari/edit?html,js,output