Commit Graph

47795 Commits

Author SHA1 Message Date
Mateusz Mandera 39d8a81e51 registration: Tie PreregistrationUser to the original MultiUseInvite.
Fixes #21266.

We want to tie the prereg_user to the MultiUseInvite directly rather
than to the MultiUserInvite's confirmation object, because the latter is
not possible. This is because the flow is that after going through the
multiuse invite link, the PreregistrationUser is created together with a
Confirmation object, creating a confirmation link (via
create_confirmation_link) to which then the user is redirected to finish
account creation. This means that the PreregistrationUser is already
tied to a Confirmation, so that attribute is occupied.
2022-07-22 17:08:44 -07:00
yogesh sirsat 5697c047fc settings_bots: Display "Deactivate bot" button inside bot edit modal.
Fixes: #22482
2022-07-22 16:57:40 -07:00
yogesh sirsat 34c01d80cb settings_bots: Display "Manage bot" modal from bots profile summary.
Fixes part of: #22482
2022-07-22 16:57:40 -07:00
yogesh sirsat fcd49871eb profile_summary: Clarify "Bot" user in bot profile summary.
A bot is technically a special case of a user, in terms of how they're
stored in the database at least, but for end users, we avoid referring
to them that way.

Fixes part of: #22482
2022-07-22 16:57:40 -07:00
Anders Kaseorg 2039aed821 openapi: Move endpoint URL to generator.
A standard OpenAPI document has no reason to redundantly include this
information in description fields, as standard generators already
display it.

This uniformly moves the URL above the description, which seems fine.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-22 16:41:55 -07:00
Anders Kaseorg 8942d11a72 openapi: Simplify other render functions.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-22 16:41:55 -07:00
Anders Kaseorg 946a0565c6 openapi: Fuse generate_api_title with generate_api_description.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-22 16:41:55 -07:00
Ganesh Pawar e16e7630e6 minor: Add `z-index` to `message_time` class.
This fixes the issue of the timestamp in a message not
being clickable at smaller widths.
2022-07-22 16:39:53 -07:00
Alex Tereschenko eb5fc54859 settings_org: Adjust var/function names after moving to settings_checkbox.
After moving to settings_checkbox in Authentication Methods UI,
mentions of "table" in the related JS variable/function names
are no longer meaningful and may be confusing. Change them to "list".
2022-07-22 16:38:47 -07:00
Alex Tereschenko 9142aab8ba settings_org: Use settings_checkbox in Authentication Methods UI.
Per review feedback in #21002, replace HTML table with a series
of settings_checkbox components for Authentication Methods UI.

Fixes #21001.
2022-07-22 16:38:47 -07:00
Zixuan James Li 8ae838c5c8 users: Remove default values for add_service.
These default values are unused by the callers and incompatible with the
`Service` model.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-07-22 16:34:32 -07:00
Zixuan James Li ebfd2b25b1 user_status: Add UserInfoDict.
The shared fields of `RawUserInfoDict` and `UserInfoDict` could have
been reused if they both require all keys or none. This is unfortunately
not the case, because subclassing does not override `__total__`.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-07-22 16:31:18 -07:00
Zixuan James Li e347005a0a integrations: Use TestHttpResponse to type send_webhook_fixture_message.
Since we in fact are using the django test client to generate a response
here, the return type should be `TestHttpResponse` instead.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-07-22 16:30:04 -07:00
Zixuan James Li 0dfec6b132 templates: Use Dict instead of Mapping for the context parameter.
According to the Django documentation, `Template.render` expects a
`dict`.

See also: https://docs.djangoproject.com/en/4.0/topics/templates/#django.template.backends.base.Template.render.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-07-22 16:29:14 -07:00
Zixuan James Li e950b94ab5 test_urls: Remove legacy get_callback_string.
`_callback_str` was removed in Django in 1.10, and other logic relevant
to that particular attribute was removed in
32849b80ad, but not to its entirety. It
does not make sense to fall back to `_callback_str`. The
`get_callback_string` helper is no longer needed.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-07-22 16:22:47 -07:00
Aman Agrawal 768d7630af footer: Reduce links for self-hosted installations on signup pages.
On registration and login pages on self-hosted Zulip servers,
it is not helpful and confusing to show the full navigation footer
for the Zulip website. Instead, we should show a minimal footer.

Fixes #21776
2022-07-22 15:46:42 -07:00
sayamsamal bfc1901289 user_profile_modal: Move profile avatar to the top on smaller screens.
Moving the profile avatar to the top on smaller screen sizes adds to
the general responsiveness of the profile modal.
2022-07-22 15:28:05 -07:00
sayamsamal a5088db6f1 user_profile_modal: Fix long values flowing under the profile avatar.
When some value is very long as in the case of a long email address,
the text used to flow and hide under the profile avatar. We want the
values to be seen at all times, even if they need to be broken into
multiple lines.
2022-07-22 15:28:05 -07:00
sayamsamal d810c285e3 user_profile_modal: Move user status to right and add status icon.
The user status appears out of place among the profile fields and thus
placing it under the avatar avoids any discontinuity between the profile
fields. This also adds the status icon beside the user status.
2022-07-22 15:28:05 -07:00
sayamsamal aebff0fd61 user_profile_modal: Move avatar in full profile to the right.
The placement of the avatar on the right makes the full profile modal
UI consistent with Settings > Profile UI. This also helps the custom
profile fields appear more in line with the default profile fields.

Fixes #21805
2022-07-22 15:28:05 -07:00
sayamsamal 867af1f7f2 user_profile_modal: Move the "User ID" field below the "Email" field.
This makes the Full Profile layout consistent with the Manage User
layout. Also, since both email id and user id are used to identify a
user, they should be placed together.
2022-07-22 15:28:05 -07:00
sayamsamal 2854eacc7f user_profile_modal: Fix label alignment for non-English languages.
This fixes the issue in which the lengthy labels would either overflow
or affect the alignment of the profile fields.
2022-07-22 15:28:05 -07:00
David Rosa 6e66d63e62 help-docs: Document "Status and availability" mobile features.
Adds step-by-step instructions for mobile app users.
2022-07-22 14:21:21 -07:00
David Rosa a533495399 help-docs: Add macro for self actions menu instructions.
Replaces instructions with macro for reusability.

Adds Desktop/Web tab in preparation for mobile documentation.

Improves wording of a couple of sentences.
2022-07-22 14:21:21 -07:00
Christopher Chong a8217c51de integrations: Update harbor for new payload format. 2022-07-22 11:44:22 -07:00
Noble Mittal 76bff6e1ac
docs: Fix typo in hashchange-system.md.
Fixes a missing close parenthesis.
2022-07-22 11:15:16 -07:00
Anders Kaseorg a2f43beef4 commit-message-lint: Take release branches into account.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-22 10:39:05 -07:00
Matt Keller 9ce900f2b4 version: Update version after 5.5 release. 2022-07-21 19:30:30 -07:00
Matt Keller 44e93613fb tools: Add executable bit to release tool. 2022-07-21 19:08:10 -07:00
Anders Kaseorg 751b2a03e5 CVE-2022-31168: Fix authorization check for changing bot roles.
Due to an incorrect authorization check in Zulip Server 5.4 and
earlier, a member of an organization could craft an API call that
grants organization administrator privileges to one of their bots.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-21 17:59:09 -07:00
Lauryn Menard ad2ca0e668 tests: Remove `FORWARD_ADDRESS_CONFIG_FILE` created in test.
Previously if `test_forward_address_details` failed, the file
created when setting the `forward_address` may not have been
removed, which would then cause an `EmailNotDeliveredException`
to be raised when then creating a new user in the dev environment.

Wraps the test in a try block, with a finally block for the call
to remove the file.
2022-07-21 15:25:11 -07:00
Mateusz Mandera f787ddc7d2 get_object_from_key: Make mark_object_used an obligatory kwarg. 2022-07-21 15:18:15 -07:00
Tim Abbott dcc03a453a confirmation: Tighten logic around the mark_object_used parameter. 2022-07-21 15:18:15 -07:00
Tim Abbott 495671cca0 confirmation: Rename confusing activate_object parameter. 2022-07-21 15:17:37 -07:00
Mateusz Mandera fa7700df11 confirmation: Rename STATUS_ACTIVE to STATUS_USED.
That's much more descriptive of what that value actually means about the
Confirmation objects.
2022-07-21 15:17:37 -07:00
Mateusz Mandera 0ffdc96301 support: Adjust "has been clicked" phrasing about confirmation links.
The "clicked" phrasing is not accurate, because e.g. if a user did click
their invitation link but didn't submit the registration form, the
support page will still claim about the link "has never been clicked".

"Used" is a better general phrase. If we want to track whether links
have been specifically *clicked*, we'll need to implement that
separately.
2022-07-21 15:17:37 -07:00
Mateusz Mandera cd1e062878 registration: Return proper error page if a registration link is reused.
Before this, a link still couldn't be re-used because it would trip up
exception further down user creation codepaths, but that was still a
bug. check_prereg_key is supposed to correctly validate the key - and
trigger an error page being returned if a key (or for any other reason,
the attached PreregistrationUser object) is reused.

test_validate_email_not_already_in_realm needs to be adjusted, because
it was actually re-using a key.
2022-07-21 15:17:37 -07:00
Mateusz Mandera 328a1fcf13 test_signup: Fix typo in test name. 2022-07-21 15:17:37 -07:00
Tim Abbott 8faa854267 Revert "message_flags: Filter msgs having (or not) the flag before updating."
This reverts commit 40fcf5a633.

This commit triggers bug that we haven't fully tracked down, where web
app clients will continually send `update_message_flags` requests,
that then send out via the events system "0 messages were marked as
read" notices, eventually leading to a load spike.

The Tornado part can likely be fixed by checking if
updated_message_ids is empty, but we need to track down the frontend
bug as well.
2022-07-21 14:29:54 -07:00
evykassirer afab7002bf emoji: Add script to generate emoji_names.py, only with custom names.
This script pulls from our previously custom-written emoji strings
to prepare to fill in the rest from CLDR.

This commit has no user-facing changes.
2022-07-21 13:22:07 -07:00
evykassirer 190c0737a7 emoji: Store customized emoji in file separate from emoji_names.py.
Emoji that we specifically choose names or aliases for will be
stored in this new file so that we can generate emoji_names.py
from the custom names and also CLDR (for the rest).

This new file isn't used for anything yet (no user facing change);
it will be used in future commits.
2022-07-21 13:22:07 -07:00
Anders Kaseorg 443b974b3e python: Apply changes from pyupgrade.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-20 22:33:28 -07:00
Anders Kaseorg 412e90f601 provision: Avoid distutils; keep PROVISION_VERSION as a tuple.
distutils is deprecated in Python 3.10 and will be removed in Python
3.12.  We don’t need a full-powered version parser for this anyway.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-07-20 22:03:30 -07:00
Zixuan James Li 22ebf701aa cache: Use getattr to access _cache.
`_cache` is not an attribute defined on `BaseCache`, but an
implementation detail of django_bmemcache.

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2022-07-20 22:00:05 -07:00
Lauryn Menard beb09cdf38 api-docs: Add warning formatting to important description notes.
Adds warning block formatting around important notes in the
`/get-events` and `/dev-fetch-api-key` endpoint documentation.
2022-07-20 14:36:15 -07:00
Lauryn Menard 6e924125ad api-docs: Remove include links in endpoint descriptions.
Two endpoints had linked markdown files that were used in
their general descriptions to add warning notes with important
information (`/create-user` and `/get-user-groups`).

This moves the warning content to be inline in the endpoint
descriptions so that the important content is in the OpenAPI
documentation and is still formatted to be rendered in a warning
block.

Deletes `can-create-users-only.md` and `api-members-only.md`
since they were only used for these two endpoint descriptions.

Also, cleans up the other instance of a inline warning block in
an endpoint description (`/fetch-api-key`).
2022-07-20 14:36:15 -07:00
Lauryn Menard 8a0070ace7 decorator: Move tornado notify `data` parameter to `REQ` framework.
Instead of using `request.POST` to access the `data` parameter used
in the internal `notify_tornado` path, adds `has_request_variables`
decorator and accesses `data` as a `REQ` parameter.

Expands `test_tornado_endpoint` in `test_event_system.py` for
`data` being a required parameter for this path.
2022-07-20 14:23:05 -07:00
Lauryn Menard 0301941eef email-log: Move `forward_address` to `REQ` framework.
Instead of using `request.POST` to access `forward_address` for
the parameter used in `set_forward_address` in `email_page`, adds
`has_request_variable` decorator and an optional `forward_address`
parameter through the `REQ` framework.

Adds an assertion that `forward_address` is not `None` for `POST`
requests.
2022-07-20 14:22:25 -07:00
Lauryn Menard 8ff948ba47 translation: Translate new user messages to realm's default language.
Previously, automated stream messages for new user signups were not
being translated into the realm's default language for said messages.

Moves `override_language` context manager so that it wraps the
new user message content in `notify_new_user` and topic string in
`send_message_to_signup_notification_stream`.

Fixes #22510.
2022-07-20 12:38:05 -07:00
Alex Vandiver 526a04b4e6 restore-backup: Provide flags to leave settings.py and zulip.conf as-is. 2022-07-20 12:35:51 -07:00