Commit Graph

35155 Commits

Author SHA1 Message Date
Dinesh 3de646d2cf auth: Improve GitHub auth with multiple verified emails.
The previous model for GitHub authentication was as follows:

* If the user has only one verified email address, we'll generally just log them in to that account
* If the user has multiple verified email addresses, we will always
  prompt them to pick which one to use, with the one registered as
  "primary" in GitHub listed at the top.

This change fixes the situation for users going through a "login" flow
(not registration) where exactly one of the emails has an account in
the Zulip oragnization -- they should just be logged in.

Fixes part of #12638.
2020-03-22 17:31:01 -07:00
Dinesh 5888d7c0f5 auth: Change how config error URLs are configured.
URLs for config errors were configured seperately for each error
which is better handled by having error name as argument in URL.
A new view `config_error_view` is added containing context for
each error that returns `config_error` page with the relevant
context.
Also fixed tests and some views in `auth.py` to be consistent with
changes.
2020-03-22 17:15:18 -07:00
Tim Abbott f644f5fc2c css: Change emoji size within text to 20x20px.
We've often gotten the complaint that Zulip's emoji are a bit too big;
this should address the worst consequences of that (line-wrapping
being off with large emoji present) while still making it possible to
easily see what a given emoji is.

The right place to change this is in rendered_markdown.scss, not the
main emoji definition in zulip.scss, as the latter is also used in
places like the emoji picker where a larger size is valuable.

Closes #12731, an older PR that did this with slightly different
parameters (and without a comment).
2020-03-22 15:09:49 -07:00
Siddharth Varshney 5a1b27bf32 css: Merge `.help .sidebar h2` in portico.scss. 2020-03-22 12:48:51 -07:00
Siddharth Varshney 0c8b7161df css: Merge `.help .sidebar h1` in portico.scss. 2020-03-22 12:48:49 -07:00
SiddharthVarshney b9eda45c0b css: Merge `body` in portico.scss. 2020-03-22 12:47:53 -07:00
Siddharth Varshney 962684f189 ui: replace all mute icons from eye/eye-slash with bell/bell-slash.
eye/eye-slash icon is generally used for toggling hiding actions and we are using that same icon for mute action which can be a bit confusing
2020-03-22 12:31:48 -07:00
Dinesh dacca3a593 tests: Add `test-js-with-puppeteer` similar to `test-js-with-casper`.
Note that there are no puppeteer tests yet; this is just preparatory
infrastructure.
2020-03-22 11:42:14 -07:00
Dinesh 9e65f3f354 provision: Add provision support for puppeteer. 2020-03-22 11:42:14 -07:00
Steve Howell a041d9e4aa minor: Clean up lstrip() for help article titles.
Saying `foo.lstrip('# ')` does more than just remove
a '# ' prefix.  It removes any combination of '#' and
spaces.

We now make the intention slightly more clear.

We would strip these as you'd expect:

    # foo
    ## foo
    ### foo

but for this we now only strip the first "#":

    # # # # # foo
2020-03-22 11:32:29 -07:00
Steve Howell edf1b1e5e8 minor: Fix buggy lstrip() call in integrations dev panel.
Thanks to @minusworld for catching this--see #14264, which
points out that lstrip() doesn't do what your intuition
might tell you it does.

Now we properly remove the "HTTP_" prefix.

It's not clear to me why we need these prefixes for Django
purposes in the fixtures, but I didn't want to go down
the rabbit hole of fixing those.

To test:

    got to http://YOUR-DEV_SERVER/devtools/integrations/
    select "bitbucket3" for the integration.
    select "diagnostics_ping.json" for the fixture.
    see "X_EVENT_KEY" in "Custom HTTP Headers"

Fixes #14264
2020-03-22 11:32:29 -07:00
Ryan Rehman f764108cc7 docs: Update link to Handlebars Block Helpers.
This also removes an unused link.
2020-03-22 11:29:27 -07:00
Steve Howell 9c027e76bb search/hash_util: Parse negated searches properly.
Fixes #14254

You can test this on dev:

    * do "-stream:Verona" in the search bar (the minus
      sign negates the search here)
    * reload the browser

You should see the same search (all streams besides Verona).
2020-03-22 11:29:02 -07:00
Steve Howell 778d457bf7 Avoid blueslip error for empty streams.
We simplify the code for deciding whether
we show a subscribe button or not, and in
doing so avoid a blueslip error where we
were passing `undefined` into `get_sub()`.
2020-03-22 11:29:02 -07:00
shubhamgupta2956 304b538b33 css: Reorder ".support-search-button". 2020-03-22 11:24:44 -07:00
shubhamgupta2956 9823226a49 css: Use SCSS nesting for ".table-striped". 2020-03-22 11:24:44 -07:00
Tim Abbott d65fbfb3db casper: Fix buggy waiting logic in 08-edit.
Apparently, this test was not allowing the browser to run between the
keypress to start edit and checking to see if message_edit_content appeared.

I'm not sure if this is what has been causing recent flakes, but it
was definitely wrong Casper code.
2020-03-22 11:17:26 -07:00
Steve Howell 4888a2c7f9 node tests: Remove module-pattern info in docs.
The example here wasn't useful or accurate any
more.
2020-03-22 10:56:32 -07:00
Steve Howell 5b853cb2e5 node tests: Fix typo for directory in docs. 2020-03-22 10:56:32 -07:00
Steve Howell 79380175f9 tests: Avoid using `global.people`.
There is no reason to specify `global.` any
more.
2020-03-22 10:55:11 -07:00
Steve Howell f0c99b42ec Rename people.add_in_realm to people.add().
We had this API:

    people.add_in_realm = full-fledged user
    people.add = not necessarily in realm

Now the API is this:

    people.add = full-fledged user
    people._add_user = internal API for cross-realm bots
        and deactivated users

I think in most of our tests the distinction between
people.add() and people.add_in_realm() was just an
accident of history and didn't reflect any real intention.

And if I had to guess the intention in 99% of the cases,
folks probably thought they were just creating ordinary,
active users in the current realm.

In places where the distinction was obviously important
(because a test failed), I deactivated the user via
`people.deactivate`.

For the 'basics' test in the people test suite, I clean
up the test setup for Isaac.  Before this commit I was
adding him first as a non-realm user then as a full-fledged
user, but this was contrived and confusing, and we
didn't really need it for test coverage purposes.
2020-03-22 10:55:11 -07:00
Steve Howell 25d2e2e122 Rename get_realm_persons() to get_realm_users().
The function's name was misleading, since it includes
any bots in your realm.
2020-03-22 10:55:11 -07:00
Steve Howell 7ac5d0602b minor: Rename function to get_active_humans().
Saying `human_persons` is a bit redundant (although
kind of an artifact of our legacy use of `person`
when we really mean `user`.)
2020-03-22 10:55:11 -07:00
Steve Howell 26daeeb358 minor: Optimize get_active_human_persons().
This is used in a few settings panels.  We
optimize it by avoiding creating an intermediate
list of all users.
2020-03-22 10:55:11 -07:00
Steve Howell 156ff33d22 stream edit: Extract stream_data.potential_subscribers().
We want to move more logic to stream_data to facilitate
testing.

Both before and after this commit, we essentially build a
new list of users for typeahead, but now the new list
excludes subscribed users.  We can do even better than
this in a follow-up commit.
2020-03-22 10:55:11 -07:00
Steve Howell 7088d09094 presence/people: Use people.get_active_human_count().
Before this commit, presence used get_realm_count()
to determine whether a realm was "small" (and thus
should show all human users in the buddy list, even
humans that had not been active in a while).

The `get_realm_count` function--despite a very wrong,
misleading comment--was including bots in its count.

The new function truly counts only active humans
(and no bots).

Because we were overcounting users before this change,
we should technically adjust `BIG_REALM_COUNT` down
by some amount to reflect our original intention there
on the parameter.  I'm leaving it alone for now, though,
since we've improved the performance of the buddy list
over time, and it's probably fine if a few "big" realms
get re-classified as small realms (and show more users)
by virtue of this change.

(Also note that this cutoff value only affects the
"normal" view of the buddy list; both small realms
and large realms will show long-inactive users if you
do searches.)

Fixes #14215
2020-03-22 10:55:11 -07:00
Steve Howell 456f6578de minor: Remove obsolete comments about IIFEs. 2020-03-21 17:59:40 -04:00
Steve Howell 4f98e31853 node tests: Add note about general.js to docs. 2020-03-21 17:59:40 -04:00
YashRE42 254cc96420 navbar: Extract navbar border into outer div.
This is a prep commit for the new navbar, since the new navbar switches
between a search bar and stream descriptions, it's easier to have the
border defined in an outer div. Due to the way the changesets is
generated, this may seem like a large diff, however, the only change to
navbar.html is to add an opening div with the ".top-navbar-border" class
and a corrseponding closing div to wrap around "#search_box" and
"#search_box_legacy". Apart from this, a few styles have been edited in
zulip.scss and night_mode.scss.
2020-03-20 14:53:43 -07:00
YashRE42 a89aea4116 templates: Extract navbar_alerts to seperate file.
This is a prep-commit for the new navbar style, seperating
navbar_alerts.html from navbar.html in order to make the structure and
styles of navbar.html  easier to tweak.
These templates have very little to do with each other to begin with
appart from the fact that they are both rendered at the top of the app.
2020-03-20 14:48:28 -07:00
YashRE42 b0b427cf24 navbar: Drop unused classes from navbar template.
The class "searchbox-rightmargin" was only referenced in this file and
has hence been removed in this commit.
2020-03-20 14:48:28 -07:00
Tim Abbott fcd0a116b4 docs: Clarify how to test API endpoints. 2020-03-20 14:09:37 -07:00
Steve Howell 8c1244d0b4 tests: Kill off find_one() helper.
This was only recently added.  Using tuple
assignment raises the same errors, so the
indirection probably isn't worth it.
2020-03-20 13:40:20 -07:00
Steve Howell b5cba4aafe test_narrow: Use tuple unpacking to get messages.
This is a bit more rigorous than just
dereferencing the first element of
a list comprehension, as it will give a
ValueError if more matches are found than
the test was expecting.
2020-03-20 13:40:20 -07:00
Steve Howell ef772ee12f bot events: Prevent duplicate add-bot notifications.
We don't need `do_create_user` to send a partial
event here for bots.  The only caller to `do_create_user`
that actually creates bots (apart from some tests that
just need data setup) is `add_bot_backend`, which
sends the more complete event including bot "extras"
like service info.

The modified event tests show the simplification
here (2 events instead of 3).

Also, the bot tests now use tuple unpacking, which
will force a ValueError if we duplicate events
again.
2020-03-20 13:40:19 -07:00
Mateusz Mandera f9db77c400 docs: Updated links to python-social-auth docs.
The URL seems to have changed.
2020-03-20 08:54:37 -04:00
shubhamgupta2956 338bd0e6e2 css: css: Use SCSS nesting for '.zoom-in' in left-sidebar.scss 2020-03-19 16:47:36 -07:00
shubhamgupta2956 7b38d4473c css: Use SCSS nesting for '#add-stream-link' in left-sidebar.scss 2020-03-19 16:47:35 -07:00
shubhamgupta2956 b08e0cf86e css: Use SCSS nesting for '#topics_header' in left-sidebar.scss 2020-03-19 16:47:34 -07:00
shubhamgupta2956 e81ff6bdee css: Use SCSS nesting for '.narrows_panel' in left-sidebar.scss 2020-03-19 16:47:32 -07:00
shubhamgupta2956 d99b0cf7f5 css: Use SCSS nesting for '.hashtag' in left-sidebar.scss 2020-03-19 16:47:28 -07:00
Steve Howell eb9a252ec9 populate_db, tests: Restrict emails in zulip realm.
We now restrict emails on the zulip realm, and now
`email` and `delivery_email` will be different for
users.

This change should make it more likely to catch
errors where we leak delivery emails or use the
wrong field for lookups.
2020-03-19 16:21:31 -07:00
Steve Howell f647587675 bulk_create: Handle realms that hide delivery emails. 2020-03-19 16:04:05 -07:00
Steve Howell ecbbc3e365 performance: Simplify bulk_create_users().
We were going back to the database to get all
the users in the realm, when we had them right
there already.  I believe this is a legacy
of us running on a very old version of Django
(back in early days), where `bulk_create`
didn't give you back ids in a nice way.

In the interim we added the `RealmAuditLog`
code, which does take advantage of the
existing profiles (and proves we can rely
on them).

But meanwhile we were still
doing a query to get all N users in the
realm.  With `selected_related`!

To be fair, bulk_create_users() is by
its very nature a pretty infrequent
operation.  This change is more motivated
by code cleanup.

Now we just loop through user_ids for
the Recipient/Subscriber foreign key rows.

I also removed some fairly convoluted code mapping
emails to user_ids and just work in user_id
space.
2020-03-19 16:04:05 -07:00
Steve Howell 1306239c16 tests: Use email/delivery_email more explicitly.
We try to use the correct variation of `email`
or `delivery_email`, even though in some
databases they are the same.

(To find the differences, I temporarily hacked
populate_db to use different values for email
and delivery_email, and reduced email visibility
in the zulip realm to admins only.)

In places where we want the "normal" realm
behavior of showing emails (and having `email`
be the same as `delivery_email`), we use
the new `reset_emails_in_zulip_realm` helper.

A couple random things:

    - I fixed any error messages that were leaking
      the wrong email

    - a test that claimed to rely on the order
      of emails no longer does (we sort user_ids
      instead)

    - we now use user_ids in some place where we used
      to use emails

    - for IRC mirrors I just punted and used
      `reset_emails_in_zulip_realm` in most places

    - for MIT-related tests, I didn't fix email
      vs. delivery_email unless it was obvious

I also explicitly reset the realm to a "normal"
realm for a couple tests that I frankly just didn't
have the energy to debug.  (Also, we do want some
coverage on the normal case, even though it is
"easier" for tests to pass if you mix up `email`
and `delivery_email`.)

In particular, I just reset data for the analytics
and corporate tests.
2020-03-19 16:04:03 -07:00
Steve Howell b1f8141200 tests: Prevent false positives for duplicate signups.
We specifically give the existing user different
delivery_email and email addresses, to prevent false
positives during the test that checks that users
signing up with an already-existing email get
an error message.

(We also rename the test.)
2020-03-19 14:32:18 -07:00
Steve Howell d71111f3dc presence api: Use email to look up presence.
We don't want to use delivery_email to look up
presence on email-restricted realms.
2020-03-19 14:32:18 -07:00
orientor 5cfdfbe6b1 docs: Fix wrong file address the Matrix Integration docs.
The matrix integration folder in python-zulip-api changed its name
from matrix to bridge_with_matrix but this was not reflected in
the docs. Change the docs accordingly.

Solves issue #545 in the python-zulip-api directory.
2020-03-19 11:35:37 -07:00
vaibhavrajsingh2001 03393631bd design: Simplebar usage in some modals.
The simplebar is the default scrollbar throughout majority of Zulip but
it was missing in "Keyboard shortcuts", "Message formatting" and "Search
operators" modals. Added simplebar in the 3 modals.
2020-03-19 11:34:17 -07:00
Anders Kaseorg 07bca27fbc styles: Exempt visibility from overlay show transition.
This fixes a failure to give focus to a newly shown overlay.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-19 11:23:40 -07:00