Commit Graph

8290 Commits

Author SHA1 Message Date
Vector73 4e89b4a88c settings: Add `can_invite_users_group` realm setting.
Added `can_invite_users_group` realm setting to replace
`invite_to_realm_policy`.
2024-11-20 13:35:05 -08:00
jitendra-ky ca14366e38 import: Replace generic Exception with CommandError.
This change improves error handling in `do_import_realm` by replacing
the use of a generic Exception with CommandError. The updated approach
provides clearer, user-friendly error messages when there is a version
mismatch between the exported data and the Zulip server.

Fixes #32292.
2024-11-18 18:35:14 -08:00
Tim Abbott 18246ebd9f i18n: Update translation data from Transifex. 2024-11-18 16:12:31 -08:00
Sahil Batra d5a391a56b streams: Optmize code to send events on creating stream.
This commit updates code to effectively compute the setting
values when creating stream object to be sent in stream creation
events.
2024-11-18 11:55:19 -08:00
Sahil Batra b20c24c09d streams: Compute object only when needed.
This commit updates code to compute the values for group permission
settings in send_stream_creation_events_for_previously_inaccessible_streams
only when we need to send the events. This helps us in avoiding
unnecessary DB queries.
2024-11-18 11:55:19 -08:00
Shubham Padia b6ebf143cc streams: Backend changes to support anonymous groups.
can_remove_subscribers_group setting can now be set to
anonymous user groups.

Co-authored-by: Sahil Batra <sahil@zulip.com>
2024-11-16 17:11:08 -08:00
Sahil Batra b78ca79ccf user_groups: Define AnonymousSettingGroupDict in types.py.
AnonymousSettingGroupDict is now defined in types.py instead
of user_groups.py to avoid import cycles in future commits.
2024-11-15 16:36:37 -08:00
whilstsomebody 8356a9d9e4
narrow_filter: Add negation support for in:home narrow filter.
The in:home narrow filter is used to filter messages that appear
in the home view, i.e., messages that are not muted. Conversely,
`-in:home` should filter messages that are not in the home view,
i.e., muted messages. However, `-in:home` did not work as expected
because this filter lacked negation support, unlike similar code
paths.

This commit adds negation support for the in:home filter.

For more information, see:
<https://chat.zulip.org/#narrow/channel/378-api-design/topic/mark.20muted-topic.20messages.20as.20read/near/1980534>.
2024-11-14 15:10:01 -08:00
Anders Kaseorg 687f1b1651 tests: Rename the Node tests to *.cjs.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-11-13 09:18:56 -08:00
Anders Kaseorg b3f18b805d ruff: Enable B008 function-call-in-default-argument.
https://docs.astral.sh/ruff/rules/function-call-in-default-argument/

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-11-10 22:43:55 -08:00
Mateusz Mandera 1f21b7437c test_import_export: Don't hard-code ZULIP_VERSION in fixtures.
Otherwise, these tests fail if ZULIP_VERSION is different locally from
what's hard-coded. Use a placeholder instead and replace dynamically in
a helper function.
2024-11-10 19:12:39 -08:00
PieterCK 0d7199b22e data_import: Add migration status file to converted exports.
This commit updates all third-party importer tools (Slack, Mattermost,
and Rocket Chat) in the `zerver/data_import` directory to also output a
migration_status.json file in their output tarball.

This is required because all importable tarball will be checked for
migration compatibility during import.

Fixes #28443.
2024-11-08 15:52:45 -08:00
PieterCK a9838d8089 import: Verify exported realm's migration compatibility.
When transferring a realm to a server that has a different set of
applied migrations (different Zulip versions), there is a chance that
the imported data formats appear to be compatible but data invariants
could still be violated.

This commit adds an assertion during the import process to verify
that both the exported realm and the importing server have matching
Zulip versions and have a compatible set of migrations.
2024-11-08 15:52:45 -08:00
PieterCK 40bcb4b42b export: Add migration status file to export tarball.
This commit updates the export process to write the migration status of
the realm as a JSON file to be included in the export tarball.

This is a preparatory step for adding an assertion to ensure that the
importing and exporting realms have a compatible set of applied
migrations.
2024-11-08 15:52:45 -08:00
Mateusz Mandera a669fece3a email_mirror: Check that email gateway bot can send to the channel.
Otherwise this leads to an uncaught exception when the check happens
later in `check_message`.
2024-11-08 13:13:15 -08:00
Prakhar Pratyush 0e67e4f1a1 compose_views: Add `savepoint=False` to avoid creating savepoints.
'compose_views' is used inside an outer db transaction created in
'update_user_group_backend'.

`transaction.atomic()` block in 'compose_views' resulted in
savepoint creation.

This commit adds `savepoint=False` to avoid that.
2024-11-05 17:58:47 -08:00
PieterCK 7fc9fc32d1 avatars: Split email-based and user ID-based avatar endpoints.
Separate `avatars/<email_or_id>/medium?` endpoints into distinct
endpoints for email-based and user ID-based access. This change aligns
avatar endpoints with Zulip’s existing API path conventions (e.g., the
`users/` endpoint).
2024-11-05 09:06:17 -08:00
Prakhar Pratyush 9a40319bfc management: Add option to reset all the active realms to a level.
This commit adds a --reset-level optional argument to
send_zulip_update_announcements management command to
reset all the active realms to a given level.
2024-11-05 08:51:06 -08:00
Kislay Udbhav Verma 000cc7bcde markdown: Add support for a pretty syntax for message links.
Links to zulip messages can now be written as
`#**channel_name > topic_name @ message_id**.`
The `message_id` is replaced with `💬` in the rendered
message.

Fixes part of #31920
2024-11-04 13:44:40 -08:00
Harsh 858fdeee39 import: Add function to normalize messages to import.
This adds `normalize_body_for_import` to normalize messages from
third-party importers by removing NUL bytes and also updates import
test files data to test this.

Fixes #31930.
2024-11-04 12:22:30 -08:00
Prakhar Pratyush c4f74f470d remote_server_post_analytics: Add durable=True to outermost transaction.
This commit adds 'durable=True' to the outermost transaction
in 'remote_server_post_analytics'.

It also adds 'savepoint=False' to inner transaction.atomic
decorator to avoid creating savepoint.

This is as a part of our plan to explicitly mark all the
transaction.atomic decorators with either 'savepoint=False' or
'durable=True' as required.

* 'savepoint=True' is used in special cases.
2024-11-01 16:41:15 -07:00
Aditya Kumar Kasaudhan d1ff871523 webhooks: Support filtering GitHub activity from private repositories.
Currently, the GitHub webhook sends activity from both public and private
repositories, which could lead to unintended disclosure of sensitive
information from private repositories.

This commit introduces a ignore_private_repositories parameter to the
webhook URL. When set to true, the webhook ignore processing activity from
private repositories, ensuring that such activities are not posted to
Zulip streams. By default, if the parameter is omitted or set to false,
activities from both public and private repositories are processed
normally. This provides users with the flexibility to control the
visibility of private repository activities without altering the default
behavior.

More importantly, this introduces a cleaner mechanism for individual
incoming webhooks to declare support for settings not common to all
webhook integrations.

Fixes #31638.
2024-10-31 10:40:28 -07:00
Prakhar Pratyush fdf90f7ad1 create_user: Handle integrity error when importing settings.
During account creation when a user opted to import settings
from an existing account, the "Mark visibility_policy_banner as
read" step was raising integrity error.

It is because 'copy_onboarding_steps' is already executed earlier
in the 'do_create_user' codeflow. If the source profile had already
marked 'visibility_policy_banner' as read, we were facing integrity
error.

This commit fixes the bug.
2024-10-31 09:55:01 -07:00
Anders Kaseorg 42e1517255 email_notifications: Prevent html2text from mangling Unicode.
html2text mangles Unicode by default, with a --unicode-snob option to
disable it.  If I have to get called a “snob” for wanting to correctly
support non-English languages, then uh, I’ll take one for the team.

https://github.com/Alir3z4/html2text/blob/2024.2.26/html2text/config.py#L111-L150

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-30 09:49:23 -07:00
PieterCK fc50736f4e slack_data_import: Fix incorrect hyperlink conversion.
Currently, Slack messages containing hyperlinks
(e.g.,<http://foo.com|Foo!>) are converted like
normal links. This commit reformats Slack
hyperlinks into Zulip-friendly markdown
(e.g., [Foo!](http://foo.com)).

Part of #32165.
2024-10-30 09:48:32 -07:00
Vector73 1ba1408b01 settings: Remove `edit_topic_policy` setting.
Removed `edit_topic_policy` property, as the permission
to move messages between topcis is now controlled by
`can_move_messages_between_topics_group` setting.
2024-10-29 16:27:04 -07:00
Vector73 ed5638ec3c settings: Add `can_move_messages_between_topics_group` realm setting.
Added `can_move_messages_between_topics_group` realm setting to replace
`edit_topic_policy`.
2024-10-29 16:27:04 -07:00
sanchi-t c73038edea streams: Restrict access to archived streams. 2024-10-25 16:06:43 -07:00
Sanchit Sharma 795b2ba14e do_deactivate_stream: Remove unnecessary mutations.
Streams should not be marked as private, and subscribers
of the deactivated stream should not be removed.

Update the confirmation message when archiving a stream.
2024-10-25 16:06:42 -07:00
sanchi-t af7ebde9e4 subscription: Include archived channels in streams list.
`is_archived` field is added to the stream and types.

Include a new `archived_channeels` client capability, to allow clients
to access data on archived channels, without breaking
backwards-compatibility for existing clients that don't know how to
handle these.

Also, included `exclude_archived` parameter to `/get-streams`,
which defaults to `true` as basic clients may not be interested
in archived streams.
2024-10-25 16:06:40 -07:00
sanchi-t c6fc25e5df do_deactivate_stream: Do not rename streams during archiving.
Functions related to archived streams are also updated.
2024-10-25 15:56:04 -07:00
Shubham Padia fe9952eab5 groups: Rename test to state that it checks allow_system_group.
We also remove the default group check which is already being checked in
do_set_realm_permission_group_setting_to_anonymous_groups_test.
2024-10-24 14:42:21 -07:00
Shubham Padia 1f0906aef7 groups: Remove list specifying group settings with new API format.
All the groups are now following the new API format, making the list
redundant.
2024-10-24 14:42:21 -07:00
Shubham Padia 9f9d5b2f98 groups: Accept anonymous groups for can_access_all_users_group.
On the frontend, the selection is still a dropdown of system groups but
on the API level, we have started accepting anonymous groups similar to
other settings
We've kept require system groups true for now until we switch to group
picker on the frontend.
2024-10-24 14:42:19 -07:00
Shubham Padia ceb0197c1b groups: Accept anonymous groups for create_multiuse_invite_group.
On the frontend, the selection is still a dropdown of system groups but
on the API level, we have started accepting anonymous groups similar to
other settings.
We've kept require system groups true for now until we switch to group
picker on the frontend.
2024-10-24 14:41:09 -07:00
Mateusz Mandera 481ef24b53 auth: Tweak invalid credentials error message.
We decided this is the better string to use.
2024-10-24 14:35:31 -07:00
Mateusz Mandera da4443f392 thumbnail: Make thumbnailing work with data import.
We didn't have thumbnailing for images coming from data import and this
commit adds the functionality.

There are a few fundamental issues that the implementation needs to
solve.

1. The images come from an untrusted source and therefore we don't want
   to just pass them through to thumbnailing without checking. For that
   reason, we cannot just import ImageAttachment rows from the export
   data, even for zulip=>zulip imports.
   The right way to process images is to pass them to maybe_thumbail(),
   which runs libvips_check_image() on them to verify we're okay with
   thumbnailing, creates ImageAttachment rows for them and sends them
   to the thumbnailing queue worker. This approach lets us handle both
   zulip=>zulip and 3rd party=>zulip imports in the same way,

2. There is a somewhat circular dependency between the Message,
   Attachment and ImageAttachment import process:

- ImageAttachments would ideally be created after importing
  Attachments, but they need to already exist at the time of Message
  import. Otherwise, the markdown processor doesn't know it has to add
  HTML for image previews to messages that reference images. This would
  mean that messages imported from 3rd party tools don't get image
  previews.
- Attachments only get created after Message import however, due to the
  many-to-many relationship between Message and Attachment.

This is solved by fixing up some data of Attachments pre-emptively, such
as the path_ids. This gives us the necessary information for creating
ImageAttachments before importing Messages.

While we generate ImageAttachment rows synchronously, the actual
thumbnailing job is sent to the queue worker. Theoretically, the worker
could be very backlogged and not process the thumbnails anytime soon.
This is fine - if the app is loaded and tries to display a message with
such a not-yet-generated thumbnail, the code in `serve_file` will
generate the thumbnails synchronously on the fly and the user will see
the image preview displayed normally. See:

1b47134d0d/zerver/views/upload.py (L333-L342)
2024-10-24 10:32:51 -07:00
Mateusz Mandera a6b0385229 tests: Extract upload_image helpers from test_markdown_thumbnail.
These are pretty general and can be useful utils for other tests.
2024-10-24 10:32:51 -07:00
Mateusz Mandera af9b44ed02 auth: Fix invalid credentials message in login form.
Email is not case-sensitive. And password is obviously case-sensitive,
so no point mentioning that.
2024-10-24 08:23:16 -07:00
PieterCK 068ab6e11e avatar: Add checks to make sure system bot avatar exists.
This commit introduces an assertion to verify that the avatar file for
system bots exists and findable.

In development, it'll assert that the avatar file exists in the static
directory. This isn't done in production environment to avoid
unnecessary overhead. It helps verify that the protocol to fetch system
bot avatars still works when making changes during development.

In production it'll check if the avatar file exists in the STATIC_ROOT
and return a default avatar png if it doesn't.
2024-10-23 10:35:42 -07:00
PieterCK 516d1ab82b avatar: Ensure system bots' avatar URLs follow convention.
Previously, requesting system bots URLs did not return any -medium.png
variants and SVG file was also used for notification bots' avatar, which
was problematic.

In this commit, the -medium.png variants is added for the avatars of
system bots and zulip-icon-square.svg is also converted into
notification-bot.png for the notification bot. The get_avatar_url method
has been updated to return the "medium" file variants for the system
bots.

Additionally, the system bots' avatar files is moved to a dedicated
directory to simplify the hashing logic for these files. Now, all files
in the "images/static_avatars/" directory will be hashed.
2024-10-23 10:35:42 -07:00
Mateusz Mandera 77e7a2d30f users: Add API endpoint to update_user_backend by real email.
The old endpoint for updating a user worked only via user id. Now we add
a different entry to this functionality, fetching the user by
.delivery_email.

update_user_backend becomes the main function handling all the logic,
invoked by the two endpoints.
2024-10-22 16:36:38 -07:00
Mateusz Mandera 389b851f81 update_user_backend: Allow authorized org owners to change user emails.
This adds a new special UserProfile flag can_change_user_emails(disabled
by default) and the ability for changing the email address of users in
the realm via update_user_backend. This is useful for allowing
organizations to update user emails without needing to set up a SCIM
integration, but since it gives the ability to hijack user accounts, it
needs to be behind this additional permission and can't be just given to
organization owners by default. Analogical to how the
create_user_backend endpoint works.
2024-10-22 16:36:38 -07:00
Sahil Batra 0a77f06163 test_user_groups: Fix comments in group creation tests.
One comment did not mention the correct thing that was
being tested and one comment had a typo.
2024-10-22 10:23:36 -07:00
Anders Kaseorg 3ec58fd3d5 requirements: Upgrade Python requirements.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2024-10-20 18:16:27 -07:00
Prakhar Pratyush eaee5763d6 realm_export: Add realm_export_consent feature to API.
Fixes part of #31201.
2024-10-18 14:08:20 -07:00
Tim Abbott 46db52dc96 avatar: Use fixed avatars for system bots.
This makes a Zulip server more isolated than relying on gravatar, and
avoids complex logistics if in the future we move system bots to live
inside individual realms.

Co-authored-by: PieterCK <pieterceka123@gmail.com>
2024-10-17 15:47:17 -07:00
Sahil Batra e5043b991a user_groups: Add API support to add subgroups during group creation.
This commit adds support to add subgroups to a group while
creating it.

User can add the subgroups to group irrespective of permissions
like user can add members during creating it.
2024-10-17 14:27:21 -07:00
Sahil Batra 1e818c4708 user_groups: Allow updating subgroups and members using same endpoint.
`POST /user_groups/{user_group_id}/members` now allows updating
subgroups as well.
2024-10-17 14:27:21 -07:00
Sahil Batra 47a611f989 user_groups: Check permission when adding subgroups.
This commit updates code to allow users with permission
to add members to add subgroups as well. And only users
with permission to manage the group can remove subgroups.

Also updated tests to check permissions in separate tests
and removed them from the existing test.
2024-10-17 14:27:21 -07:00