Commit Graph

39135 Commits

Author SHA1 Message Date
Alex Vandiver 660c2e5383 tests: Add a mock to verify that queue_json_publish is valid JSON.
See also #16121.  However, that does not address the tests that
stub out the call to queue_json_publish itself.
2020-09-03 17:34:31 -07:00
Alex Vandiver 3d24571cad sentry: Send user identifiers, but strip PII.
By default, the Django Sentry integration provides the email address
and username of pulled from the auth layer.  This is potentially PII,
and not data that we wish to store.  Enable sending user data at all,
by setting `send_default_pii=True`, but strip the username and
email (which are the same, in Zulip) before sending.  Users will be
identified in Sentry only by their IP address, user ID, realm, and
role.
2020-09-03 17:32:16 -07:00
Alex Vandiver 012113c542 models: Force the translated role into a translated string.
The return type of `ugettext_lazy('...')` (aliased as `_`) is a
promise, which is only forced into a string when it is dealt with in
string context.  This `django.utils.functional.lazy.__proxy__` object
is not entirely transparent, however -- it cannot be serialized by
`orjson`, and `isinstance(x, str) == False`, which can lead to
surprising action-at-a-distance.

In the two places which will serialize the role value (either into
Zulip's own error reporting queue, or Sentry's), force the return
value.  Failure to do this results in errors being dropped
mostly-silently, as they cannot be serialized and enqueued by the
error reporter logger, which has no recourse but to just log a
warning; see previous commit.

When we do this forcing, explicitly override the language to be the
realm default.  Failure to provide this override would translate the
role into the role in the language of the _request_, yielding varying
results.
2020-09-03 17:26:54 -07:00
Alex Vandiver 2f350c614b sentry: Capture exceptions that happen during AdminNotifyHandler.
AdminNotifyHandler is used to notify admins of errors; it is a
critical piece of logic.  Failures in reporting errors will compound,
since its `except Exception` clauses cannot generate logging at the
`error` or `exception` level, as that would be recursive.  It must
settle for logging at the `warning` level, and hope that admins are
vigilant to the logging there.

Increase the chances of being notified of failures in this logger, by
bubbling up those exceptions to Sentry, which is an orthogonal
reporting stack.
2020-09-03 17:26:54 -07:00
Anders Kaseorg 9edcafb7a0 setup_venv: Add missing comma in COMMON_YUM_VENV_DEPENDENCIES.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 17:25:54 -07:00
Anders Kaseorg 9e66d80861 circleci: Replace process substitution with pipe to close a race.
Bash process substitution does not wait for the substituted process.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:19:49 -07:00
Anders Kaseorg bb5a963086 soft_deactivate_users: Elide default=[] for users argument.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg ddcf8dd8bc create_user: Use None as default for --password, --password-file.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg 37028d5abf zulip-export: Specify --stream argument as required.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg a50fae89e2 python: Elide type=str from argparse arguments.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg fbfd4b399d python: Elide action="store" for argparse arguments.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg 1f2ac1962f python: Elide default=None for argparse arguments.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg 3c5b39da9c python: Elide nargs for argparse flag arguments.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Anders Kaseorg b4597a8ca8 python: Elide default for store_{true,false} argparse arguments.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 16:17:14 -07:00
Aman Agrawal d9431a5e66 exceptions: Raise InvalidSubdomainError when realm is invalid.
When user requests for a realm that doesn't exists, we raise
a InvalidSubdomainError.

This reduces our effort at repeatedly ensuring realm is valid
in request in web-public queries.
2020-09-03 10:45:14 -07:00
Steve Howell dad0073331 trello webhook: Ignore copyCard actions.
See https://github.com/zulip/zulip/issues/16185,
which encourages folks to fill in for these
missing actions.
2020-09-03 10:44:39 -07:00
Steve Howell 5bff66b450 github webhook: Always send messages for team edits.
If there are unsupported keys, we still log an error,
but we now also send a message to the stream.  (This
is a good tradeoff for the github webhook, since users
can just turn off notifications if they find it spammy.
Also, we intend to support "repository" soon.)

This is a bit of an experiment to see how this plays
in the field:

    * will customers notice the change?
    * will Sentry reports look any different?
2020-09-03 10:44:39 -07:00
Steve Howell c6b9a23c17 github webhooks: Fix message for unsupported team payloads.
The main thing fixed here is that we weren't turning
on our keys into a list.  And then I refined the message
a bit more, including sorting the keys.

I also avoid the unnecessary "else".
2020-09-03 10:44:39 -07:00
Steve Howell 8785790a27 github tests: Add test_team_edited_error_handling.
This doesn't test much interesting yet, but it
will soon.
2020-09-03 10:44:39 -07:00
Steve Howell cc2dbefc60 mypy: Use better types for EVENT_FUNCTION_MAPPER.
The EVENT_FUNCTION_MAPPER maps a string event name
to a function handler.  Before this we circumvented
mypy checks with a call to get_body_function_based_on_type,
which specified Any as the type of our event function.

Now the types are rigorous.

This change was impossible without the recent commit
to introduce the Helper class.
2020-09-03 10:44:39 -07:00
Steve Howell 4de2b78c25 github refactor: Add Helper class.
The Helper class will soon grow, but the immediate
problem it solves is the need to jankily inspect
the parameters of our get_*_body function.

Most of the changes were handled by an ad hoc
munge.py script.

The substantive changes were adding the Helper
class and passing it in.

And then the linter discovered a place where
the optional include_title parameter wasn't used
(which is one of the reasons to avoid the janky
inspect-signature technique).

As a side note, none of the include_title parameters
needed a default value of False, as we always passed
in an explicit value.

We test cover both sides of include_title, which
you can verify by hard coding it to either True or
False (and seeing the relevant failures), although I
suspect most individual codepaths
only test one value, based on whether "topic" is in
the fixture or not.

Finally, I know Helper is not a great name, but I
intend to evolve the class a bit before deciding
whether a more descriptive name is helpful here.
(For example, an upcoming commit will add a
log_unexpected helper method.)
2020-09-03 10:44:39 -07:00
Steve Howell ead7cbea40 github refactor: Handle header_event explicitly.
We get the header_event one level up the call
stack now, too.

It's somewhat annoying that we have our own
concept of "event" here, instead of just returning
our event handlers directly, or just calling them
directly, but it's a bit non-trivial to fix that
right away.

In passing, I remove the strange OR for "ping",
which is already a key in EVENT_FUNCTION_MAPPER.
2020-09-03 10:44:39 -07:00
Steve Howell 0d9b1817f9 github refactor: Use early-exit idiom.
We also comment a bit more explicitly about the
None case.
2020-09-03 10:44:39 -07:00
Steve Howell 5c916135c9 github webhooks: Avoid string interpolation.
We know the event explicitly here.
2020-09-03 10:44:39 -07:00
Steve Howell 425db931a8 github webhook: Explicitly ignore team actions. 2020-09-03 10:44:39 -07:00
Steve Howell 294fd59983 github webhook: Ignore more pull_request actions.
See https://github.com/zulip/zulip/issues/16258 for
possible follow up here.

We now ignore the following two new pull_request
actions (as well as the three existing ones
from before):

    approved
    converted_to_draft

As the issue above indicates, we may want to actually
support "approved" if we can find somebody to work
on the webhook.  (And then the issue goes a little
broader than what changed here.)
2020-09-03 10:44:39 -07:00
Steve Howell 5dea85a186 github tests: Extract test_ignored_pull_request_actions.
We consolidate the tests and remove the fixtures, which
just have a lot of noisy fields that we ignore.  Also,
pull_request__request_review_removed was named improperly.
2020-09-03 10:44:39 -07:00
Steve Howell 4c2787c35f github tests: Add test_ignored_events. 2020-09-03 10:44:39 -07:00
Steve Howell 040bf82122 github webhook: Remove unused exception class. 2020-09-03 10:44:39 -07:00
Steve Howell 3634fe903b decorator test: Dedent some assertions.
These assertions didn't need to be nested
in the with blocks.
2020-09-03 10:44:39 -07:00
Steve Howell e91e21c9e7 webhook logger: Add summary field.
Before this the only way we took advantage
of the summary from UnexpectedWebhookEventType
was by looking at exc_info().

Now we just explicitly add it to the log
message, which also sets us up to call
log_exception_to_webhook_logger directly
with some sort of "summary" info
when we don't actually want a real
exception (for example, we might want to
report anomalous webhook data but still
continue the transaction).

A minor change in passing is that I move
the payload parameter lexically.
2020-09-03 10:44:39 -07:00
Anders Kaseorg 3b257d10df tools: Delete tagmessages script.
It was broken by commit aaedec1fdb which
moved it to tools/i18n without adjusting its relative path references,
and it contains a sketchy injectable os.system call that I’d like to
remove.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 10:35:51 -07:00
Anders Kaseorg 5a1104f1b8 update-zuliprc-api-field: Add missing shell quoting.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 10:34:27 -07:00
Anders Kaseorg d751e0cece puppet: Don’t install netcat.
It’s been unused since commit 0af22dad18
(#13239).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-03 10:33:47 -07:00
Steve Howell 81b6583d28 node tests: Show coverage link when we regress coverage.
In 6653e19e3a we added
the convenient line to tell folks about the coverage
report.  But if we failed coverage checks, we didn't
show the link.

Arguably we should just always show this, even if
tests fail, but that can also be potentially confusing.
2020-09-03 07:57:58 -04:00
Steve Howell dc1795a3da node tests: Find files in Python.
The code to run single files was added
in c15695e514,
and it's just kinda strange code.

We already do a lot of file logic in Python
to check for line-coverage, so it's easier
to just have all the logic in Python.

This adds a new feature--you can now specify
the actual file:

    ./tools/test-js-with-node frontend_tests/node_tests/people.js

(This is helpful if you just want to use
shell autocomplete.)

Another minor change is that if you specify
individual files, we won't sort them.  This is
important when you're trying to hunt down test
leaks.

Finally, we have a nicer message if we can't find
the file.
2020-09-03 07:57:58 -04:00
Steve Howell e9bbfbc624 node tests: Clean up nyc arguments.
nyc was added in 29f04511c0

All the stuff after "&&" was actually passed to
node, because we didn't use shell=True, so the
"nyc report" command didn't run, and the ugly
finder.js code just skipped over all the final tokens.
2020-09-03 07:57:58 -04:00
Anders Kaseorg b84260014a populate_analytics_db: Replace intermediate list with generator.
Followup to commit ab120a03bc (#16265).

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 19:34:48 -07:00
Anders Kaseorg d9860d40a6 dependencies: Upgrade JavaScript dependencies.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 19:34:37 -07:00
Aman Agrawal 66a1037f06 test: Use variable instead of hard coded value. 2020-09-02 17:58:19 -07:00
Anders Kaseorg 0682d5c0f3 provision: Convert "".format to Python 3.6 f-strings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 17:27:14 -07:00
Anders Kaseorg 424b441bb1 provision: Check for old Ubuntu or Python before starting Python.
This unblocks us from being able to use Python 3.6 syntax in
provision.py and its dependencies.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 17:27:14 -07:00
Anders Kaseorg c1618c16c1 eslint: Enable import/no-cycle.
Also remove import/no-unresolved, which is already implied by
plugin:import/errors.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 13:14:39 -07:00
Anders Kaseorg c5a904fb05 django_api, test_classes: Use Python 3 form of super().
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:31:46 -07:00
Anders Kaseorg 691f8f8e47 test_hash_reqs: Use mock from unittest.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:26:12 -07:00
Anders Kaseorg 02725d32dd python: Rewrite list() as [].
Suggested by the flake8-comprehensions plugin.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:15:41 -07:00
Anders Kaseorg a276eefcfe python: Rewrite dict() as {}.
Suggested by the flake8-comprehensions plugin.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:15:41 -07:00
Anders Kaseorg a610bd19a1 python: Simplify away various unnecessary lists and list comprehensions.
Loosely inspired by the flake8-comprehensions plugin.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:15:41 -07:00
Anders Kaseorg 9048f79e53 test_stripe: Simplify with iterable unpacking.
Issue suggested by the flake8-comprehensions plugin, although the
solution is simpler.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:15:41 -07:00
Anders Kaseorg 0e5e6d0890 email_notifications: Convert list() of generator to comprehensions.
Suggested by the flake8-comprehensions plugin.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-09-02 11:15:41 -07:00