There are tactical reasons to remove this assertion.
Basically, the reason it's safe to remove is that it's
been around a long time and we would have seen this
operationally. Also, the check to make sure that the
S3 filename thingy matches the avatar hash is a much
stronger check.
We will soon restore a stronger version of this check
that applies to all of our asset types (emojis/avatars/etc.).
This makes it easier to read the calling code and see
the big picture of how the four asset types are
organized.
I also handle uploads first, to be similar to the local
code.
This code is well tested--you can modify any of the callers
to pass in a wrong value of `object_key` and get a failing
test.
This is likely not the correct long-term fix, but it's an effective
tactical fix for this button. Added a TODO noting the expected
direction for a long term solution.
Fixes#20481.
The comment explains in more detail, but basically we'd skip
exercising a bit of code in the signup code path if there were no
messages in the last week, resulting in the query count not matching.
Before:
$ git log -p -1 88fd399bec | wc
50015 134879 2016086
After:
$ git log -p -1 88fd399bec | wc
1554 6624 229028
$ git log -a -p -1 88fd399bec | wc
50015 134879 2016086
Also add some organization and explanatory comments to this file,
following what we have in zulip-mobile:.gitattributes .
"help" command occurs in the command list in
initial pms or when bot doesn't understand the message. It doesn't
occur when the bot is respoding to the "help" command itself.
Having wantMessagesSigned=True globally means that it's also applied by
python3-saml to regular authentication SAMLResponses - making it require
the response to be signed, which is an issue because a feasible
alternative way that some IdPs (e.g. AzureAD) take by default is to sign
specifically the assertions in the SAMLResponse. This is also secure,
and thus we generally want to accept it.
Without this, the setting of wantMessagesSigned=True globally
in 4105ccdb17 causes a
regression for deployments that have already set up SAML with providers
such as AzureAD, making Zulip stop accepting the SAMLResponses.
Testing that this new logic works is handled by
test_saml_idp_initiated_logout_invalid_signature, which verifies that a
LogoutRequest without signature will be rejected.
It is possible for user to change the width by using
screen rotation after the page has been loaded on mobile.
If only height has changed, it is most likely due to a
virtual keyboard, we don't hide popover in that case.
Fixes#20439
This commit adds code to check whether a user is allowed to use
wildcard mention in a large stream or not while editing a message
based on the realm settings.
Previously this was only checked while sending message, thus user
was easily able to use wildcard mention by first sending a normal
message and then using a wildcard mention by editing it.
In 4792af5682 I reformatted the template in such a way
that the div was no longer empty, and therefore
the :empty pseudoclass was not properly applied to
show the placeholder.
I remove some spurious whitespace and a stray period
in zephyr-mirror, and then for all three I try to
line-wrap/indent in a way that's nicer for humans
and parsers to read.
PostgreSQL 11 and below used a configuration file names
`recovery.conf` to manage replicas and standbys; support for this was
removed in PostgreSQL 12[1], and the configuration parameters were
moved into the main `postgresql.conf`.
Add `zulip.conf` settings for the primary server hostname and
replication username, so that the complete `postgresql.conf`
configuration on PostgreSQL 14 can continue to be managed, even when
replication is enabled. For consistency, also begin writing out the
`recovery.conf` for PostgreSQL 11 and below.
In PostgreSQL 12 configuration and later, the `wal_level =
hot_standby` setting is removed, as `hot_standby` is equivalent to
`replica`, which is the default value[2]. Similarly, the
`hot_standby = on` setting is also the default[3].
Documentation is added for these features, and the commentary on the
"Export and Import" page referencing files under `puppet/zulip_ops/`
is removed, as those files no longer have any replication-specific
configuration.
[1]: https://www.postgresql.org/docs/current/recovery-config.html
[2]: https://www.postgresql.org/docs/12/runtime-config-wal.html#GUC-WAL-LEVEL
[3]: https://www.postgresql.org/docs/12/runtime-config-replication.html#GUC-HOT-STANDBY
These are both unsupported by PostgreSQL itself, as well as by Zulip;
the removal of Ubuntu Xenial and Debian Stretch support in Zulip 3.0
removed the requirement for PostgreSQL 9.6, and the previous versions
date back yet farther.
If a user chooses to not broadcast their presence status to others, we
still show the user as available in their own user sidebar. Instead, one's
own availability should appear the same as it does for other users.
With tweaks from YashRE42: rebasing to use user_settings instead of
page_params, as introduced in the series of commits ending with
8755a76cf6, adding code comments and
moving the redraw call to `server_events_dispatch.js`.
Fixes part of #18846. Further work is required to display the user's own idle
status properly to complete #18846.
Co-authored-by: YashRE42 <33805964+YashRE42@users.noreply.github.com>
Co-authored-by: Ganeshprasad Biradar <biradarganesh25@gmail.com>
Changing realm-level notification batching period setting from UI
was broken after adding the "Custom" option in 4f63378e7f because it
handled only user-level setting code and not realm-level setting.
This commit fixes it.
This commit refactors the set_notification_batching_ui to
use settings_org.change_element_block_display_property function
for toggling the visibility of custom input.
We add id to the email_notification_batching_period_edit_minutes
element such that we can use change_element_block_display_property
function because it requires id of element as an argument.
This commit also removes the value attribute of the custom
input since its value was set undefined in the template
and then was set in set_notification_batching_ui, so there
is no use of keeping the value attribute in templates.
This is a prep commit for fixing the behavior of this element
in realm-level default settings.
Now that we pass in the UserProfile.id in the metadata to Stripe's
PaymentIntent objects, we no longer need to retrieve the user via
delivery_email. It makes more sense to just fetch the user by ID
and then get the latest delivery_email directly.
Note that an update to Stripe's fixtures is not necessary here
since a previous commit already modified the metadata passed to
both stripe.Session/PaymentIntent objects.
Previously, our Stripe webhook event handler code retrieved the
user's email from Stripe using the stripe.Customer.email attribute.
This led to situations such that whenever the email that Stripe had
did not correspond to a UserProfile in Zulip, the payment flow
failed since we couldn't find a UserProfile associated with the
given email.
Now, we pass in the UserProfile.id in the metadata to Stripe's
checkout Session object, so that we can fetch the correct email
in future Stripe requests.
The stream select dropdown's height was clipped by the modal
container which resulted in the dropdown only being displayed
partially. We could either move the dropdown to under `body` or use
`position: fixed` for it be able to show outside parent container.
We go for the later option.