Commit Graph

19094 Commits

Author SHA1 Message Date
Anders Kaseorg 3ec58fd3d5 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-20 18:16:27 -07:00
Anders Kaseorg 71ca928ec9 ruff: Fix SIM115 Use a context manager for opening files.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-20 18:16:27 -07:00
Anders Kaseorg 10271fb850 ruff: Fix SIM910 Use `.get(key)` instead of `.get(key, None)`.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-20 18:16:27 -07:00
Prakhar Pratyush eaee5763d6 realm_export: Add realm_export_consent feature to API.
Fixes part of #31201.
2024-10-18 14:08:20 -07:00
PieterCK c9375fb5ee storage: Hash system bots avatar files.
This commit makes sure system bots avatar files are hashed when served
as static files. This way, requests for these avatar files will be
served with long-lived caching headers by our nginx (see #22275).

We don't need to worry about stale caches for these files because they
will only be used by system bots.

Fixes #31458.
2024-10-17 15:47:40 -07:00
Tim Abbott 46db52dc96 avatar: Use fixed avatars for system bots.
This makes a Zulip server more isolated than relying on gravatar, and
avoids complex logistics if in the future we move system bots to live
inside individual realms.

Co-authored-by: PieterCK <pieterceka123@gmail.com>
2024-10-17 15:47:17 -07:00
Sahil Batra e5043b991a user_groups: Add API support to add subgroups during group creation.
This commit adds support to add subgroups to a group while
creating it.

User can add the subgroups to group irrespective of permissions
like user can add members during creating it.
2024-10-17 14:27:21 -07:00
Sahil Batra 1e818c4708 user_groups: Allow updating subgroups and members using same endpoint.
`POST /user_groups/{user_group_id}/members` now allows updating
subgroups as well.
2024-10-17 14:27:21 -07:00
Sahil Batra 47a611f989 user_groups: Check permission when adding subgroups.
This commit updates code to allow users with permission
to add members to add subgroups as well. And only users
with permission to manage the group can remove subgroups.

Also updated tests to check permissions in separate tests
and removed them from the existing test.
2024-10-17 14:27:21 -07:00
Sahil Batra 30e0c72919 test_user_groups: Remove incorrect comment.
The comment about non-admins and non-moderators who are not
member of the group cannot update subgroups of that group
is not correct since there is no such restriction now after
c9d527603. The test passes because the member user is not
part of can_manage_group or can_manage_all_groups.
2024-10-17 14:27:21 -07:00
Tim Abbott 010410c849 rocketchat: Validate custom emoji before larger data sets.
This is a data set that's relatively likely to have weird failures,
and also likely to be fairly small.
2024-10-17 12:25:18 -07:00
Tim Abbott 6e4da50577 rocketchat: Complete metadata verification before importing uploads.
This is not the best factored version of this, but it saves effort
changing the tests, and importantly should make failures involving
metadata only take a couple seconds rather than first doing a giant
BSON read before learning about them.
2024-10-17 12:25:18 -07:00
Tim Abbott 79b6f43d0e rocketchat: Move bson_code_options to a global variable.
This will make it a lot easier to only read files in when we actually
need them.
2024-10-17 12:25:18 -07:00
Tim Abbott c4f5cd6552 migrations: Fix unnecessary loop in 0602. 2024-10-17 11:21:56 -07:00
Vector73 68dc914b6e users: Refactor `has_permission` function.
Refactored `has_permission` function to programmatically check if the `policy_name`
is a group-based setting.
2024-10-16 14:26:20 -07:00
Vector73 8d341d1af9 settings: Remove `move_messages_between_streams_policy` setting.
Removed `move_messages_between_streams_policy` property, as the permission
to move messages between channels is now controlled by
`can_move_messages_between_channels_group` setting.
2024-10-16 14:26:20 -07:00
Vector73 1be0cb1b75 settings: Add `can_move_messages_between_channels_group` realm setting.
Added `can_move_messages_between_channels_group` realm setting to replace
`move_messages_between_streams_policy`.
2024-10-16 14:26:18 -07:00
Harsh c1ec39f3ba invites: Extract helpers for accessing invites by ID.
This adds `access_invite_by_id` to retrieve the preregistration user
for email invites by id, and a parallel function for multi-user invites.
2024-10-16 14:06:32 -07:00
Prakhar Pratyush ed18175ce7 migration: Add migration to mark 'intro_resolve_topic' as read.
This commit adds a migration to mark the 'intro_resolve_topic'
modal as shown for users who have edited/moved a message previously.
2024-10-16 13:47:12 -07:00
Sahil Batra f24f1bfd14 user_groups: Refactor code to check permission for updating groups.
Users with permission to manage the group have all the permissions
including joining/leaving the group, adding others group which also
have a separate setting to control them.

So, it makes sense to just check managing permissions first in
access_user_group_for_update and then check the specific permission.
There is no behavioral change in this commit, it only changes the
order of checking permissions.
2024-10-16 09:40:07 -07:00
Sahil Batra 3d65a8f78a user_groups: Fix permissions for joining the group.
We want to allow the user, who can add others to group, to
join the group as well irrespective of can_join_group setting.

Previously, the permission to add others (or say anyone) was
controlled by can_manage_group setting, but now it is controlled
by can_add_members_group setting. This commit fixes the code to
use can_add_members_group setting to check permission for joining
the group.

This commit also improves the tests for checking permission to
join the group such that different settings are tested in isolation.
2024-10-16 09:40:07 -07:00
PieterCK 6289a551aa data_import: Add email validation to third-party data converters.
This commit makes the third-party data converters check for invalid user
emails. If it finds any, it’ll raise an Exception and show an error
message with all the bad emails listed out.

Fixes: #31783
2024-10-15 16:04:43 -07:00
Tim Abbott 7e7113ad84 groups: Enable group-settings value on groups in production.
The main change is redefining ALLOW_GROUP_VALUED_SETTINGS to not
control code, but instead to instead control the configuration for
whether settings that have not been converted to use our modern UI
patterns should require system groups.

Fundamentally, it's the same for the realm/stream group-valued
settings, which don't have the new UI patterns yet.

We remove the visual hiding of the "can manage group" setting, which
was hidden only due to transitions being incomplete.
2024-10-15 15:58:54 -07:00
Tim Abbott b4ae76be65 upload: Improve error messages when uploads limited by plan.
To make the tests work, we ensure that MAX_FILE_UPLOAD_SIZE is
enforced even in the plans case.
2024-10-15 13:30:29 -07:00
Alya Abbott b8dd409d71 help: Update exports documentation.
Document in-app exports with user consent.
2024-10-15 10:15:34 -07:00
Mateusz Mandera 3ccd53ce20 custom_profile_fields: Make transaction no longer durable.
Fixes ##31935.

do_update_user_custom_profile_data_if_change can't be durable as it's
invoked within `sync_ldap_user_data`, which is already in
transaction.atomic.

This change requires a few additional tweaks to untangle other related
transactions. The top level view functions up the codepath now use
durable=True. check_remove_custom_profile_field_value is called inside
do_update_user, so it no longer can be durable and should be switched to
savepoint=False. In turn, its remaining caller - the view
remove_user_custom_profile_data - gets switched to durable=True.
2024-10-14 16:30:46 -07:00
Shubham Padia bf46747735 user_groups: Check can_leave_group when removing members. 2024-10-14 11:44:27 -07:00
Shubham Padia 060156fca4 user_groups: Add can_leave_group setting for user group.
This field will be used to control permission for who can
leave a user group.
2024-10-14 11:44:27 -07:00
Vector73 6bc8651d22 settings: Remove `add_custom_emoji_policy` setting.
Removed `add_custom_emoji_policy` setting as the permission to
add custom emoji is now controlled by `can_add_custom_emoji_group`
setting.
2024-10-13 16:09:04 -07:00
Vector73 f733ab112c settings: Add `can_add_custom_emoji_group` realm setting.
Added `can_add_custom_emoji_group` setting to replace `add_custom_emoji_policy`.
2024-10-13 16:09:04 -07:00
Anders Kaseorg ff97788b6e health: Disable RabbitMQ check if not USING_RABBITMQ.
Fixes a spurious error that’s logged and ignored during the Puppeteer
tests, introduced by commit eef65d7e30
(#31438).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-13 11:42:49 -07:00
Prakhar Pratyush 3314c89288 realm: Add maximum file size upload restriction.
This commit adds a restriction to the maximum file size
that can be uploaded to a realm based on its plan_type.
2024-10-11 17:16:48 -07:00
Prakhar Pratyush 808acc9e47 events: Migrate plan_type & upload_quota to update_dict event format.
'realm_upload_quota_mib` is updated when `plan_type` changes.

Earlier, we were including 'upload_quota' to update
`realm_upload_quota_mib` in extra_data field of 'realm op: update'
event format when property='plan_type'.

This commit migrate those two parameters to `realm op: update_dict`
event format.

* None of the clients processes these fields, so no compatibility
  code required.
* Renamed `upload_quota` to `upload_quota_mib` as it better aligns
  with our goal to encode units in the client-facing API names.
  Also, it helps to avoid extra code to update 'realm_upload_quota_mib`
  in web client, web client simply aligns with
  'realm["realm_" + key] = value'.
2024-10-11 17:16:48 -07:00
Prakhar Pratyush 417d74e032 api-docs: Maintain sorted order for properties in realm/update_dict.
Few of the properties in the data field of 'realm/update_dict'
event format were no longer in sorted order (by alphabet).

This commit rearranges them to maintain the order.
2024-10-11 17:16:48 -07:00
Prakhar Pratyush 276648ef87 realm_settings: Remove 'enable_spectator_access' from update_fields.
In 'do_change_realm_plan_type' function we use 'do_set_realm_property'
to set 'enable_spectator_access' to False.

There is no need to again update that field.

This change was included in d2f2fbf6b9.
2024-10-11 17:16:48 -07:00
Lauryn Menard 70ab893d34 urls: Generate narrow links in backend with "channel" operator. 2024-10-11 17:00:23 -07:00
Lauryn Menard 240c4d85ae docs: Update existing links to use "channel" operator. 2024-10-11 17:00:23 -07:00
Tim Abbott 3554afde36 api docs: Document can_manage_all_groups final semantics.
This also does the feature level 305 stamp.
2024-10-11 16:31:18 -07:00
Shubham Padia 2b6df48ebb user_groups: Split update members test into add/remove tests. 2024-10-11 16:31:18 -07:00
Shubham Padia c9d5276031 user_groups: Set can_manage_all_groups to administrator group.
Earlier we use to restrict admins, moderators or members of a group to
manage that group if they were part of the realm wide
`can_manage_all_groups`. We will not do that anymore and even
non-members of a group regardless of role can manage a group if they are
part of `can_manage_all_groups`.

See
https://chat.zulip.org/#narrow/stream/101-design/topic/Group.20add.20members.20dropdown/near/1952902
to check more about the migration plan for which this is the last step.
2024-10-11 16:31:18 -07:00
Shubham Padia 9bbd6a7316 user_groups: Check can_add_members_group when adding members.
Fixes #25942.
Users with permission to manage the group (either on the group level or
realm level) should be able to add members to the group without being
present in can_add_members_group.
2024-10-11 16:31:18 -07:00
Shubham Padia f134662312 user_groups: Check can_add_members_group before adding members.
Removing members will be controlled by `can_manage_group` until we add
`can_remove_members_group` in the future.

Users with permission to manage a group can add members to that group by
default without being present in `can_add_members_group`.
2024-10-11 16:31:18 -07:00
Shubham Padia b305ca14dd user_groups: Add add_can_members_group to user group.
The default value for this field that we wanted to have was that group
itlself. But we are deferring that to later in order to reach the point
of switching over to the groups system sooner. Till then, we will use
`group_creator` as the default. See
https://chat.zulip.org/#narrow/stream/101-design/topic/Group.20add.20members.20dropdown/near/1952904
for more details.

For migration plan details, see
https://chat.zulip.org/#narrow/stream/101-design/topic/Group.20add.20members.20dropdown/near/1952902

The increase in query count from 7 to 9 in the query count test for
creating a user group is because of group_creator being the default for
the new field.
2024-10-11 16:31:18 -07:00
Prakhar Pratyush 55f97cd06f realm_export: Add support to create full data export via /export/realm.
Earlier, only public data export was possible via `POST /export/realm`
endpoint. This commit adds support to create full data export with
member consent via that endpoint.

Also, this adds a 'export_type' parameter to the dictionaries
in `realm_export` event type and `GET /export/realm` response.

Fixes part of #31201.
2024-10-11 13:20:42 -07:00
Sahil Batra 5a55735ecb users: Fetch user groups ordered by ID to send events.
The user groups, fetched to send events when deactivating or
reactivating a user, are ordered by ID so that we can avoid
flaky behavior in tests when verifying event details in
test_do_deactivate_user and test_do_reactivate_user tests in
test_events.py.
2024-10-11 11:20:45 -07:00
Lauryn Menard 517b15dc8d help: Create "Configure send message keys" article.
Document setting the keys that will send a message or create a new
line when composting a message via the compose box and via the
personal settings overlay.

Updates links and redirect from former help center article about
this feature.

Fixes #31620.
2024-10-10 14:33:38 -07:00
Tim Abbott 3001f59d00 api docs: Clarify text about deactivated users and groups.
This should make it easier for client developers to understand
how to correctly implement the updated protocol.
2024-10-10 11:37:44 -07:00
Sahil Batra 4784c71bf9 user_groups: Do not allow updating memberships of deactivated users.
This commit updates backend code to not allow adding deactivated
users to groups including when creating groups and also to not
allow removing deactivated users from groups.
2024-10-10 11:37:44 -07:00
Sahil Batra 320081ccd6 mention: Do not include deactivated users in group mention data.
There is no behavioral changes to deactivated users as we do
not create UserMessage rows or call the notification code path
for deactivated users in a user group mention. But it is better
to not include the deactivated users in fields like
"mention_user_ids", so this commit updates the code to not
include deactivated users in the computed mention data.
2024-10-10 11:37:44 -07:00
Sahil Batra 0b58820294 user_groups: Do not include deactivated users in anonymous group settings.
This commit updates code to not include deactivated users in the
anonymous group settings data sent to clients, where the setting
value is sent as a dict containing members and subgroups of the
anonymous group.
2024-10-10 11:37:44 -07:00