Switches from Django's default error page to Zulip standard error
template. Also updates template for 405 error code to not use the 404
art.
Fixes#25626.
It is possible to have multiple topic / stream terms if user
is searching or if the URL is malformed. So, we should check
if the user is in a proper topic narrow before showing
typing notifications.
This fixes the error of topic being undefined due to there
being multiple topic terms in narrow when trying to display
notifications.
Under heavy request load, it is possible for the conntrack kernel
table to fill up (by default, 256k connections). This leads to DNS
requests failing because they cannot make a new conntrack entry.
Allow all port-53 UDP traffic in and out without connection tracking.
This means that unbound port-53 traffic is no longer filtered out by
the on-host firewall -- but it is already filtered out at the border
firewall, so this does not change the external network posture.
`systemd-resolve` also only binds to 127.0.0.53 on the loopback
interface, so there is no server to attack on inbound port 53.
fcf096c52e removed the callsite which would have notified this
contact. Note that the source config file was presumably installed via the
python-zulip-api package.
By default, `SELECT FOR UPDATE` will also lock any rows which are
`JOIN`ed into the selected rows; in the case of UserMessage rows, this
can mean arbitrary Message rows.
Since the messages themselves are not being changed, it is not
necessary to lock them -- and doing so may lead to deadlocks, in the
case that the UserMessage row is locked for update before the Message,
and some other request has already taken a read lock on the Message
and is blocked on the UserMessage write lock.
Change `select_for_update_query` to explicitly only lock UserMessage.
Previously, when the compose bar was open with any DM recipient,
and the organization wide setting to disallow DM is toggled, then
the DM not allowed banner is not displayed on the compose until
it is reopened.
This is fixed by changing the server event dispatch of
private_message_policy from noop to a method to check for
the compose's posting policy status, and display the banner.
Fixes#27774
Earlier, a new banner would be showed for each mention of the same
private stream in the compose box. This commit fixes that by checking
if the private stream warning banners already shown include the private
stream just mentioned, and if so, not showing a new banner.
This implementation is in line with the one for warnings for mentions of
users not subscribed to the current stream.
Fixes: #26914.
If localstorage has `annual` schedule set, upgrade page for
free trial will show annual schedule. We fix it was overriding
the schedule if it was set to be fixed to a value by us.
For self hosted basic plan, we need to allow customers to subscribe
without purchasing 10 licenses and also we need to allow customer
take fully use the available discount so that if the add more
users in the future, the full discount was already applied.
To fix above, we set minimum user count to the least number
of licenses we require for the charge to be positive after applying
the complete discount.
149bea8309 added a separate config file
for smokescreen (which is necessary because it can be installed
separately) but failed ot notice that `zulip.template.erb` already had
a config line for it. This leads to failures starting the logrotate
service:
```
logrotate[4158688]: error: zulip:1 duplicate log entry for /var/log/zulip/smokescreen.log
logrotate[4158688]: error: found error in file zulip, skipping
```
Remove the duplicate line.
Fixed an issue in the linkifier and custom profile tables where
dragging darker rows color changes in the background.
Following a CZO discussion on using alpha values in HSL,
I implemented a fix using the CSS color-mix property. This approach
mixes the original color with var(--color-background-modal) in
sRGB mode, effectively eliminating the use of alpha and preventing
color leaks. For more context, see the CZO discussion:
[https://chat.zulip.org/#narrow/stream/6-frontend/topic/alphas.20in.20color.20definitions].
Fixes#26480.
As part of the process of moving from stream names to ids, we now only
pass the stream id in compose args to `compose_actions.start()`.
For when we still need the stream name, and have access to the compose
args, we compute it from the id exactly where needed, to localise the
instances of stream names.
Updates title and main description to follow the general style
of the API endpoint documentation.
Updates `token` description to clarify suggested mobile client
behavior.
Adds a set of excluded endpoints for the test of generated curl
examples in the API documentation.
Currently, only the `api/test-notify` endpoint is excluded since
there would need to be a push notification bouncer set up to test
that generated curl example.