Adds a check for changing an existing guest user's role before
calling do_update_user in the case that a realm has a current
paid plan with manual license management.
In addition to checking for available licenses in the current
billing period when adding or inviting new non-guest users, for
manual billing, we also verify that the number of licenses set
for the next billing period will be enough when adding/inviting
new users.
Realms that are exempt from license number checks do not have
this restriction applied.
Admins are notified via group direct message when a user fails
to register due to this restriction.
Prep commit for expanding these checks for the number of licenses
set for the next billing period (renewal licenses) and for changing
guest users' roles.
In the billing portal UI for manual license management, limit
decreasing the number of licenses for the next billing period to
be less than the currently used licenses. If the customer is exempt
from license number checks, then this limit is not applied.
Also, visually highlight manual license management errors so that
the billing admin is aware of potential issues.
As of these changes, current licenses can be under the seat count
when a guest user is changed to a non-guest user. And next billing
period licenses can be under the seat cout when a user joins with a
currently available, purchased license after a billing admin has
decreased the number of licenses set for the next billing period.
For plans where we're enforcing correct manual license management,
before we create the renewal entry for the licenses ledger at the
end of a billing cycle, we should check that the current count of
billed licenses is not higher than what the renewal license count
would be.
Co-authored-by: Aman Agrawal <amanagr@zulip.com>
This allows any event handlers that are attached to textarea
like typeahead to handle the keypress and stop propagation if
they successfully handle it.
This fixes a bug where message edit form gets saved on enter keypress
instead of selecting the active item in the message edit typeahead.
Introduced in 0696e234bd.
If do_delete_messages (and friends) are called for a massive number of
messages, the giant list of message ids is passed to Postgres even
though chunk_size makes all but the first chunk_size of message ids
useless.
In the 2024 redesigned button configurations, the compose buttons
become outliers. This retains their previous style inherited from
.button, allowing that base component class to move forward.
Previously, for big orgs, we hid all offline users in the buddy list to cut down
its size. But this can be weird for small channels where you might want to see
who's in the channel. This commit makes a tweak to show offline users in big
orgs for channels of size <= 50.
Aside of what's generally explained in the code comment, this is
motivated by the specific situation of import of Slack Connect channels.
These channels contain users who are "external collaborators" and
limited to a single channel in Slack. We don't have more sophisticated
handling of their import, which would map this concept 1-to-1 in Zulip -
but we create them as inactive dummy users, meaning they have to go
through signup before their account is usable.
The issue is that their imported UserProfile.role is set to Member and
when they register, the UserProfile gets reactivated with that role
unchanged. However, if e.g. the user is signing up after they received
an invitation from the admin, they should get the role that was
configured on the invite. In particular important if the user is meant
to still be "limited" and thus the admin invites them as a guest - they
definitely don't want the user to get a full Member account because of
this weird interaction between import and registration.
Note that even though we no longer trigger message selection
events from within the rerender calls with their different `opts`,
it doesn't effect the scroll position and selected id since
the events are triggered synchronously and the final message
selection event call has the opts of the initial caller.
Replace the XHRUpload plugin for Uppy with the Tus plugin, to make use
of the new tusd endpoint. This allows for resumable files, as well as
files which are larger than comfortably fit in memory (the source of
the old 25MB limit).
MAX_FILE_UPLOAD_SIZE is still applied, but can safely be raised above
25MB.
Fixes: #9391.
Co-authored-by: Brijmohan Siyag <brijsiyag@gmail.com>
Currently, it handles two hook types: 'pre-create' (to verify that the
user is authenticated and the file size is within the limit) and
'pre-finish' (which creates an attachment row).
No secret is shared between Django and tusd for authentication of the
hooks endpoints, because none is necessary -- tusd forwards the
end-user's credentials, and the hook checks them like it would any
end-user request. An end-user gaining access to the endpoint would be
able to do no more harm than via tusd or the normal file upload API.
Regardless, the previous commit has restricted access to the endpoint
at the nginx layer.
Co-authored-by: Brijmohan Siyag <brijsiyag@gmail.com>
This commit increases the contrast for "This user has been deactivated"
text in user popover and "This group has been deactivated" text in
group popover in both light and dark mode by making the opacity 1 as
this is important information and should be clearly visible.
The text color and opacity matches with the role text shown in user
popover.
Earlier, mostly in non-English languages, the tooltip labels would
force the tooltip hotkey hints to wrap. This commit adds the
`white-space: nowrap` property to ensure that the hotkey hint texts
are forced to be in a single line.
This UI enables the user to set can_manage_group setting to a
combination of users and groups, replacing the old dropdown UI
which just allowed setting user to a single system group.
Fixes part of #28808.
This commit adds code to show typeahead for group setting
pill container. We add a separate function as we only
want to show groups and users in the typeahead and the
options are also sorted in a different order compared
to other typeaheads.
Though we can use query_matches_name for groups as we do not allow
system groups in the composebox typeahead and the other groups have
same display_name and name values, but still would be better for
consistency.
And with this change, query_matches_name function is only used for
streams, so updated that accordingly.
Instead of showing the actual names like "role:everyone",
"role:moderators", etc. for system groups, we show
"Everyone", "Moderators", etc. for system user group in
pills, typeaheads and popovers.
Though system groups are not shown in typeahead as of
this commit, we update the typeahead code as well to
not conside "role:" prefix while matching with the
query as we would soon show system groups in typeahead
when we would add new UI for group-based settings.
Previously, only "role:everyone" group was shown as
"Everyone" in popover and pills but for other system
groups their original names for shown and this commit
changes that behavior to be same for all system groups.
The original display_name field for
settings_config.system_user_groups_list objects, which
was used for dropdown widgets, is also renamed so that
we can use display_name field for the names to be used
in other places.