Commit Graph

55429 Commits

Author SHA1 Message Date
Sahil Batra 49470af46e setting: Allow changing "can_access_all_users_group" setting in prod.
We now allow changing "can_access_all_users_group" setting in
production.
2023-12-10 15:20:07 -08:00
Sahil Batra b2b36ff37b settings: Update the label for can_access_all_users_group setting. 2023-12-10 15:20:07 -08:00
Sahil Batra d1b60f322c user_groups: Enable "#groups" UI in production.
We previously restricted "#groups" UI to development server
only due to it not being completed.
2023-12-10 15:20:07 -08:00
Sahil Batra 9fd5ed27fe user_groups: Fix live-update of data when renaming groups.
The "user_group_name_dict" value for the old group name key
was not deleted and this led to a bug where the stream creation
UI was incorrectly showing about a user group already existing
with the old group name.

Fixes #28108.
2023-12-10 15:20:07 -08:00
Aman Agrawal ce56e19d1c stripe: Separate activation of free trial for remote realm/server.
Add a separate setting to only enable free trial for remote
realm / server.
2023-12-10 15:18:01 -08:00
Aman Agrawal ccd60bc7e2 settings: Use original FREE_TRIAL_DAYS for cloud free trials.
* Renamed FREE_TRIAL_DAYS to CLOUD_FREE_TRIAL_DAYS.
* Used `cloud_free_trial_days` to get free trial days secret.
2023-12-10 15:18:01 -08:00
Aman Agrawal 34704daee7 stripe: Use a function to get free trial days. 2023-12-10 15:18:01 -08:00
Tim Abbott 367afbb5be mailmap: Deduplicate and update a few contributors. 2023-12-09 18:01:27 -08:00
Sahil Batra 198568522a message: Do not include details of inaccessible users in message data.
This commit adds code to not include original details of senders like
name, email and avatar url in the message objects sent through events
and in the response of endpoint used to fetch messages.

This is the last major commit for the project to add support for
limiting guest access to an entire organization.

Fixes #10970.
2023-12-09 17:23:16 -08:00
Tim Abbott 22d59f1132 typing notifications: Increase various time constants.
See https://chat.zulip.org/#narrow/stream/6-frontend/topic/typing.20notifications.20efficiency/near/1664991.

As detailed in that discussion,
`TYPING_STARTED_EXPIRY_PERIOD_MILLISECONDS` and
`TYPING_STARTED_WAIT_PERIOD_MILLISECONDS` are coupled constants, and
the impact of them being large is mainly that if a user closes their
computer or loses network in the middle of typing something (not
exactly a common occasion), then the client will suggest they kept on
typing longer than they in fact did.

There's a substantial decrease in resources consumed by this feature
associated with raising `TYPING_STARTED_WAIT_PERIOD_MILLISECONDS`, so
that at least seems worth doing.

Meanwhile, because TYPING_STOPPED_WAIT_PERIOD_MILLISECONDS measures
how long we should wait before deciding to stop suggesting a user is
still typing if they were previously typing a message but paused doing
so without closing the compose box (example causes being stepping away
from the computer, tabbing to go look something up, or just thinking
for a bit).

On the one hand, even the original 5 seconds is a fairly long time to
pause to think without touching the keyboard; on the other hand,
sitting with text you've written in the compose box is likely still a
quite high intent-to-send-soon state. Increasing this to 12 seconds
seems like a reasonable balance between being too trigger-happy here
here and avoiding someone who left their computer appearing like they
are still typing for a long time afterwards.
2023-12-09 17:05:59 -08:00
Sahil Batra 72aa4b256d message: Do not allow guest to mention inaccessible users. 2023-12-09 16:59:38 -08:00
Tim Abbott ac441b77fa users: Add get_inaccessible_user_ids helper. 2023-12-09 16:59:38 -08:00
Sahil Batra 7e12674e8c static: Make unknown user avatar work on mobile.
Clients like mobile add "-medium.png" to the url to get the
medium avatar if the avatar_url field of user object is set
to some string other than the gravatar URL.

This commit adds a symlink to offer the unknown user avatar at
unknown-user-avatar-medium.png as well so that mobile clients
can correctly render the medium avatars for inaccessible users.

Fixes #28071.
2023-12-09 16:59:38 -08:00
Anders Kaseorg cf16ddd4d6 tornado: Fix autoreload for Tornado 6.4 changes.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-09 14:24:45 -08:00
Aman Agrawal a1fa969693 populate_billing_realms: Add temporary fix for MissingDataError.
We need to add proper logs here, which can probably be copied from
test_current_count_for_billed_licenses.
2023-12-09 12:50:05 -08:00
Aman Agrawal 3ff14dc018 gear_menu_popover: Rename billing to plan management for remote billing. 2023-12-09 12:50:05 -08:00
Aman Agrawal ec86114330 stripe: Fix discounts for legacy server with upgrade scheduled.
We simply apply discount to both the plans.

Since the discount is saved in `customer.default_discount` it
will applied now to any future plans as well, even if customer
downgrades and the upgrades again.
2023-12-09 12:50:05 -08:00
Aman Agrawal 121e5ad3dc stripe: Extract function to get next plan for legacy customers. 2023-12-09 12:50:05 -08:00
Aman Agrawal e44f3d448d stripe: Use `next_plan` instead of `new_plan` for legacy upgrades. 2023-12-09 12:50:05 -08:00
Aman Agrawal 5d3eafcdd4 support: Fix error on discount applied on legacy server.
This is for legacy server **not** scheduled for an upgrade.
2023-12-09 12:50:05 -08:00
Aman Agrawal dca7e654ca billing: Enforce min license for plan on upgrade and billing page. 2023-12-09 12:50:05 -08:00
Aman Agrawal 67d4e8456d models: Fix upgrade scheduled legacy org error on support page.
Add `SWITCH_PLAN_TIER_AT_PLAN_END`'s text so that it can render.

We still need to fix applying a discount to them.
2023-12-09 12:50:05 -08:00
Tim Abbott 01c3c4dd4b template_parser: Handle else/elif with whitespace control. 2023-12-09 12:50:05 -08:00
Anders Kaseorg f86becfc94 remote_server: Send API feature level along with Zulip version.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-09 12:01:22 -08:00
Anders Kaseorg 0400614a48 remote_server: Serialize analytics requests with Pydantic.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-12-09 12:01:22 -08:00
Mateusz Mandera abdfdeffe4 remote_billing: Implement confirmation flow for legacy servers.
For the last form (with Full Name and ToS consent field), this pretty
shamelessly re-uses and directly renders the
corporate/remote_realm_billing_finalize_login_confirmation.html
template. That's probably good in terms of re-use, but calls for a
clean-up commit that will generalize the name of this template and the
classes/ids in the HTML.
2023-12-08 23:49:10 -08:00
Mateusz Mandera bba02044f5 confirmation: Rename create_confirmation_link realm_creation arg. 2023-12-08 23:49:10 -08:00
Tim Abbott b4b9f29e21 docs: Tweak mobile push notifications privacy text.
The "nothing else" line is accurate at a high level but more ambigious
than I'd like for sensitive documentation -- we're not trying to make
an extreme claim that we've disabled all forms of short-term logging.
2023-12-08 23:37:21 -08:00
David Rosa 91ddcd4e1d help: Tweak stream/group settings instructions for logged in users.
Adds gear menu instructions for how to navigate to "All streams"
and "All groups".
2023-12-08 23:36:24 -08:00
David Rosa 9bb90b7358 help: Update gear menu icons.
- Documents new gear menu icons.
2023-12-08 23:36:24 -08:00
Tim Abbott f355b76024 zilencer: Only accept SYNCED_BILLING_EVENTS.
I expect we would ignore extra events anyway, but this just makes it
easier to reason about how the system works.
2023-12-08 23:12:29 -08:00
Karl Stolley 9f98e572f1 message_list: Suppress reaction button tooltip with picker open. 2023-12-08 15:58:49 -08:00
Karl Stolley 8f74d4529e message_list: Add separate handler, longer delay on reaction button. 2023-12-08 15:58:49 -08:00
Sayam Samal c2dec1e152 visibility_policy_popover: Set cursor to pointer for the whole option.
The cursor should be a pointer for the whole visibility policy options;
since the whole option is selectable and not just for the anchor tag
within it.
2023-12-08 13:00:12 -08:00
Prakhar Pratyush bf4fdbff12 stripe: Update LicenseLedger for remote realms.
When a remote server uploads statistics, we update the
LicenseLedger using the audit logs uploaded.

We iterate over the RemoteRealmAuditlog data for the concerned
realm starting from the event_time of the last LicenseLedger
created for that customer and update the ledger based on each event.
2023-12-08 12:58:21 -08:00
Prakhar Pratyush ed9b0d330d stripe: Raise 'MissingDataError' while fetching license count.
If the RemoteRealmAuditLog has stale data, it means the server
stopped or never uploaded data. We raise MissingDataError in such
cases when a user action led to calculating licenses count from
stale data.
2023-12-08 12:58:21 -08:00
Prakhar Pratyush 40621478cb zilencer: Add `get_remote_realm_guest_and_non_guest_count`.
We add a 'get_remote_realm_guest_and_non_guest_count'
function that queries 'RemoteRealmAuditLog' to get
the guest and non_guest count for that remote_realm.

This function is used in 'RemoteRealmBillingSession'
to calculate the current count of billed licenses.
2023-12-08 12:58:21 -08:00
Prakhar Pratyush bd99e37910 stripe: Use get_remote_server_guest...count for billing licenses count.
Use 'get_remote_server_guest_and_non_guest_count' function
for the current count of billing licenses in
RemoteServerBillingSession.
2023-12-08 12:58:21 -08:00
Aman Agrawal 111df40e05 context_processors: Add common context to be used in corporate pages.
Context is only available for functions inside corporate app.
2023-12-08 12:26:12 -08:00
Aman Agrawal c5bfdaaeeb push_notifications: Return after receiving an error. 2023-12-08 12:25:46 -08:00
Aman Agrawal 3d25c7372a stripe: Remove unused context parameter. 2023-12-08 11:24:15 -08:00
Aman Agrawal 12dec4234e billing: Minor adjustments across the billing system.
* Reformat "This is a legacy plan" notice on billing page.
* Add a link to the plan name on upgrade page title.
* Tweak discount style on billing page.
* Add line break to server login page title.
* Match server login page title and tab title.
2023-12-08 11:24:15 -08:00
Aman Agrawal 76d9aff5a6 sponsorship: Allow remote orgs to request a plan type.
Sponsorship and billing pages modified to reflect the correctly
requested sponsorship plan name.
Add a line break before "Contact Zulip support".
2023-12-08 11:24:15 -08:00
Aman Agrawal c49fc8c6fe populate_billing_realms: Delete existing remote realms.
Running script multiple times created multiple `RemoteRealm`
objects resulting in processing error.
2023-12-08 11:24:15 -08:00
Tim Abbott 0f163cedbc corporate: Tighten coverage checks in decorator.py. 2023-12-08 09:48:15 -08:00
Alex Vandiver 579bdc18f8 tornado: Consistently clear handler, via on_finish.
initialize() is called on every request, and stored the
`RequestHandler` (and thus `HTTPServerRequest`) in a global shared
dict.  However, the object is only removed from that structure if the
request was successful.  This means that failed requests (such as 405
Method Not Allowed) leaked `RequestHandler`s and
`HTTPServerRequest`s.

Move the cleanup to `on_finish`, which is called at the close of all
requests, async and not, successful or not.
2023-12-08 09:23:30 -08:00
Alex Vandiver 4989221b9e nginx: Limit the methods that we proxy to Tornado.
While the Tornado server supports POST requests, those are only used
by internal endpoints.  We only support OPTIONS, GET, and DELETE
methods from clients, so filter everything else out at the nginx
level.

We set `Accepts` header on both `OPTIONS` requests and 405 responses,
and the CORS headers on `OPTIONS` requests.
2023-12-08 09:23:30 -08:00
Alex Vandiver 8eccb3af20 tornado: Stop supporting HEAD requests.
These are not part of the API, and lead to moderately confusing
behaviour -- they block (or not) requested, but of course send no
actual data in the body.
2023-12-08 09:23:30 -08:00
Alex Vandiver 875622fe57 tornado: Set an explicit SUPPORTED_METHODS. 2023-12-08 09:23:30 -08:00
Alex Vandiver 0109658238 event_queue: Switch finish_current_handler to early-abort via return. 2023-12-08 09:23:30 -08:00