This is purely cosmetic, and just puts some similar functions
together in a way that JS lint won't complain about calling a
function before it was defined.
(imported from commit 8a5a81ae5b7ca7dbaa60147ae4f32f50b1cbbf3a)
To apply this to your system, run:
python manage.py update_permissions
A rebuilt database will already have the correct permission defined.
(imported from commit 5b826b940257e14b3e9e44f9c32b20ed0183dedf)
This creates the required model fields to use the Django permissions
framework or various other third-party frameworks.
To apply this commit, run:
python manage.py migrate zephyr
(imported from commit a14fa7552c5389522d15edecedfd8a34418bb23d)
save it. This fixes the "Humbug note:" error on old messages that
do not have rendered_content in the DB.
(imported from commit f4664d712fc40e4af9eb12eae74f37d100499def)
This would have made reactivations hard, and doesn't really buy us much
additional security.
During deactivation, all a user's current sessions are deactivated and
they are marked as not active. This prevents them from logging in via
the web UI, and makes their API key unusable.
Randomizing their password is probably gratuitious, especially as we
start to allow authorized end-users to deactivate others.
(imported from commit c63d23816da0452a1df821f2fa6c1db2761733da)
Prior to this commit, populate_db would crash if you had ever deactivated
a user in your development instance's message log.
(imported from commit 227b2c0226a46ef5680443d3dbf62a13ce961e64)
This reduces roundtrips hopefully and will provide a friendlier error
message than what would otherwise be produced by Django.
(imported from commit 034aeef00043e3bf059583770f6c08c4f73ceeb5)
Previously we rested on the safety of randomised API keys to ensure that
deactivated users could not use the product. Here, we add an explicit check
to prevent that.
(imported from commit e32f355fb35b898d43503b96efb291f795aac881)
Deleted in 064c159, but it's still used. For some reason, nginx still
serves it on staging and prod despite it being deleted from git.
(imported from commit 11d6d29f974caca6c75d36f273674d3084ad9182)
Fixes the JS traceback "'null' is not an object" introduced in b67e52d.
Testing: Receive a message when narrowed to a different subject, with
the window focused.
(imported from commit 54b9e7924a2bf66ba5cc9799fc3687a084496465)
Fixes the JS traceback "Selected message id not in MessageList"
introduced by b67e52d
Testing:
* Narrow to a subject and send a PM
* Narrow to a PM recipient and send a stream message
* Narrow to a subject and send a stream message to a different subject
(imported from commit 1171c3f97813dc7db891042906762be8afb2a1b5)
This reverts commit f8fbf70c8502370a78159e24f3cf9589fb9d384f, since
we're waiting on some Firefox and no-hover fixes.
(imported from commit 6b13f5bb9d907303ab311afd7da584bc06538c91)
(The dead code made sense in the very early phases of sketching out
the feature, but it's no longer executed.)
(imported from commit 464145f227ddb25f0554bbbade0b0e3e0e399bc3)