Commit Graph

311 Commits

Author SHA1 Message Date
Tomasz Kolek db7ea8b484 Move getting client to api_key_only_webhook_view.
This decreases the amount of convention developers need to understand
in order to write a new webhook integration.
2016-05-13 12:22:38 -07:00
Tim Abbott 92bec8cfea Merge Zulip 1.3.12 security release. 2016-05-10 11:32:26 -07:00
Tim Abbott 85c64c9f93 zulip_login_required: Add checks for active users and realms.
Like the recent change blocking JSON endpoints for deactivated users
and users in deactivated realms, this change is a hardening
improvement.  Those users should be unable to get an active session
anyway, but if somehow one is leaked, this means they won't be able to
access any user data.
2016-05-10 09:50:57 -07:00
Tim Abbott 76814f37a3 decorators: Block access to JSON endpoints for deactivated users.
While in theory users should be unable to get a valid session in order
to access these endpoints in the first place, this provides an extra
layer of hardering to prevent a deactivated user with a session from
accessing data via the old-style JSON API.
2016-05-10 09:50:57 -07:00
Tim Abbott b31ac1eca9 Fix users in deactivated realms sending webhook messages.
In a deactivated realm, webhooks would still successfully send
messages, since there was no check for whether the realm was active in
api_key_only_webhook_view.
2016-05-10 09:50:48 -07:00
Tim Abbott 3cde06ea33 Add support for setting HTTP status codes in JsonableError. 2016-05-10 09:50:48 -07:00
Tomasz Kolek c2de38239e Add payload validation to has_request_variables and REQ tasks.
[with tweaks by tabbott]
2016-05-07 11:54:09 -07:00
Tim Abbott e6cfd917a5 Fix settings.RATE_LIMITING=False for webhooks.
We were incorrectly applying the rate limiting rules to webhooks even
if rate limiting was disabled (as in the test suite), causing test
failures when the total number of webhook tests in Zulip got too high.
2016-04-27 13:17:28 -07:00
Tim Abbott ae047f8551 Fix slightly ugly login page URL of /login?next=/. 2016-04-21 14:59:39 -07:00
Tim Abbott 8a278cbe3a Switch to using a Zulip version of @login_required.
Currently the code is the unmodified Django upstream implementation;
this commit is preparation for modifying it.
2016-04-21 14:59:39 -07:00
Tim Abbott 49799440a4 Replace use of django-guardian with fields on UserProfile.
As documented in https://github.com/zulip/zulip/issues/441, Guardian
has quite poor performance, and in fact almost 50% of the time spent
running the Zulip backend test suite on my laptop was inside Guardian.

As part of this migration, we also clean up the old API_SUPER_USERS
variable used to mark EMAIL_GATEWAY_BOT as an API super user; now that
permission is managed entirely via the database.

When rebasing past this commit, developers will need to do a
`manage.py migrate` in order to apply the migration changes before the
server will run again.

We can't yet remove Guardian from INSTALLED_APPS, requirements.txt,
etc. in this release, because otherwise the reverse migration won't
work.

Fixes #441.
2016-04-20 21:51:52 -07:00
Tim Abbott be96cf809d Move Zulip backend tests to zerver.tests. 2016-04-11 22:16:09 -07:00
Ashish a12006d86f Replace /json/update_active_status with REST style route. 2016-04-11 21:38:23 -07:00
Tim Abbott 9abd332c07 Add type: ignore for mock.Mock() monkey-patching. 2016-04-03 15:40:24 -07:00
Tim Abbott 6c999927ac Add type: ignore for csrf_exempt decorator. 2016-04-03 15:40:23 -07:00
Tim Abbott 32f8f85f8b Add PEP-484 type annotations to zerver/*.py. 2016-04-03 15:40:23 -07:00
Tim Abbott 757e89260e Migrate use of StringIO to Python 2+3 compatible six.moves.cStringIO.
And add a check for additional usage of the original StringIO module.
2016-01-26 21:09:43 -08:00
Tim Abbott 607eedfc25 Apply Python 3 futurize transform libmodernize.fixes.fix_zip. 2015-11-01 09:35:06 -08:00
Tim Abbott 7e63842003 Apply Python 3 futurize transform libfuturize.fixes.fix_raise. 2015-11-01 09:26:16 -08:00
Tim Abbott 5ce6a3c8f9 Apply Python 3 futurize transform lib2to3.fixes.fix_funcattrs. 2015-11-01 08:09:54 -08:00
Tim Abbott 8c34c40924 Apply Python 3 futurize transform lib2to3.fixes.fix_except. 2015-11-01 08:08:33 -08:00
Tim Abbott 83a653efce Change semantics of ZULIP_COM to include ZULIP_COM_STAGING machines.
(imported from commit 2e84c756b4ac41c13d619ab6ceb99e347d1f48cb)
2015-08-21 10:41:14 -07:00
Tim Abbott a8261dd6ac Remove Deployment initialization from Development.
(imported from commit 4596fcf480c10c88496cd6506edb0a6e702d823c)
2015-08-21 10:40:57 -07:00
David Roe edf7e732a2 ENTERPRISE => VOYAGER.
(imported from commit 4f8080b9f506a87ca40bef32e39de5218cba916a)
2015-08-21 10:33:35 -07:00
Zev Benjamin 7411ce9092 Fix Github webhook exclude_* options.
We were expecting Github to send us the string "true" when the exclude_* options
were set.  However, we were actually getting "1" when an option was set and the
empty string when unset.  So we were always setting the options to False.

(imported from commit 067ba60b0b0404aebc6eda9487b1201fc2764243)
2014-10-06 15:27:53 -07:00
Steve Howell 24c23c2290 Remove unused json_to_bool().
(imported from commit 72f0db5f623ae9a06ffad2882bcad0e74ceaf884)
2014-03-12 21:15:17 -04:00
Luke Faraone 9ea3198ddf Reject API key usage by users from deactivated realms
(imported from commit f1c791943f62bdde841ebb6975daef60e5a19174)
2014-03-11 15:11:52 -04:00
Steve Howell 8bae4d746d Remove unused json_to_list function.
(imported from commit 9da59ee4edd3c569f798710267db5400b9abdb30)
2014-02-18 14:24:04 -05:00
Steve Howell ebce82b136 Eliminate json_to_dict and use check_dict instead.
All usages of json_to_dict were replaced with the check_dict
validator.  The check_dict validations can eventually be
extended to validate the keys and values of incoming data,
but now we just use check_dict([]) in all the places where
we had json_to_dict, which means we aren't checking for any
specific keys; we are just making sure it's a dictionary.

(imported from commit fc5add9a7ef149dfac2a9a6d9a153799c4c0c24d)
2014-02-18 13:02:08 -05:00
Steve Howell 5b920a5226 Do not mask JsonableErrors from REQ converters.
(imported from commit 8a104c38be4401851953eea95ac0d71a93e5484c)
2014-02-11 11:58:35 -05:00
acrefoot d8b15f4202 Improve Backend for Github integration
Refactor github webhook to handle multiple payload verions
split github fixtures into v1 and v2 versions

Group together all realm-specific logic. When v2 becomes available, we can
ask someone in each org to make the changes via the Github Hook configuration, and
slowly remove the special cases.

TODO: when our pull request for github-services gets merged, the integrations page
should say to look for Zulip instead of Humbug

(imported from commit 4790a730010b37186640f9996291afa6e8f96c2b)
2014-01-22 16:44:34 -05:00
Steve Howell 7d23bffa42 Replace "ios" with "ZulipiOS" in process_client().
(imported from commit 72b4f5ded6dbb86fe67884d6fe8da1ee2146c4c5)
2014-01-10 21:38:58 -05:00
Steve Howell 17adab9a5d DRY up process_client() by extracting get_client_name().
Avoid repeating request.client = get_client(foo) 5 times, and
decouple the logic for determining the client name from how
we represent the client as an ORM object and piggyback it on the
Django request.

(imported from commit efdf81cbaf9599a5606da18e06d7ffe9b88aaf6f)
2014-01-10 21:38:58 -05:00
Steve Howell d043c373b4 Refactor process_client() to avoid double negative.
The "else" branch used to execute when it was not the case
case that HTTP_USER_AGENT was not in request.META.  Now
it's more readable.

(imported from commit ea0664e89d8b3d94cd1c0f8667047461b149ba41)
2014-01-10 21:38:58 -05:00
Leo Franchi c7836626ea Accept a pass-through local_id option in send_message
(imported from commit 3f7b8e862a92d8a11b68da9ff23f711b6b25b5e2)
2014-01-07 17:33:34 -05:00
Tim Abbott e77b34ed82 api: Extract client strings from UserAgent.
(imported from commit 22468dd0eb06bb52ed7273f3067ae3e2461ee0a5)
2013-12-19 17:20:43 -05:00
Steve Howell bfb54b5a4d Add validator support to REQ and has_request_variables.
Validators are similar to converters, but they don't have
to parse JSON, and they are told the name of the request
variable to help format error messages.

(imported from commit 3c33e301892519c67e70675006d5686d9f013353)
2013-12-13 18:19:10 -05:00
Tim Abbott c89c3443a8 Support api_key as well as api-key in authenticated_api_view.
All of our other API arguments use "_" as the delimiter, so we're
migrating this to do that as well (except for the legacy send_message
usage, which we're just hoping will eventually shrink to nothing).

(imported from commit 40964cc08e0f94ba439a61e4f68ed500f74a554f)
2013-12-13 15:09:36 -05:00
Tim Abbott 08ac439d0f Improve comments for remaining legacy API endpoints.
(imported from commit 923b30b4c2a8e724ce8262e9eaeb69887572fd4b)
2013-12-12 10:31:05 -05:00
Tim Abbott cd45cdd451 Add a decorator for checking whether a user is a realm administrator.
(imported from commit 8ba2c54ccd0a92e8c7ab8f1a8873e581f6cadd51)
2013-12-10 13:21:31 -05:00
Tim Abbott f7ac58bab5 Revert "Add user_activity_test worker that does nothing."
Now that we've debugged the memory leak, I don't think we need this
anymore.

This reverts commit 1bdc7ee2f72bdebb1cdc94601247834a434614d6.

Conflicts:

	puppet/zulip/files/cron.d/rabbitmq-numconsumers
	puppet/zulip/files/supervisor/conf.d/zulip.conf

(imported from commit ff87f2aebcbc71013fa7a05aedb24e2dcad82ae6)
2013-12-04 10:27:45 -05:00
Tim Abbott c0e951f843 Add user_activity_test worker that does nothing.
This should help us debug the source of our memory leak problems.

(imported from commit 1bdc7ee2f72bdebb1cdc94601247834a434614d6)
2013-11-22 11:24:48 -05:00
Luke Faraone fafa14db9a Patch out references to zilencer so the app runs without it on ENTERPRISE
(imported from commit bd4fe1ff47e1b4dc9038f800ee8aa2980bd00fdf)
2013-11-12 18:43:06 -05:00
Zev Benjamin 24ee4a5d57 socket: Build a real Request object to send through our full stack, including middleware
One quirk here is that the Request object is built in the
message_sender worker, not Tornado.  This means that the request time
only counts time taken for the actual sending and does not account
for socket overhead.  For this reason, I've left the fake logging in
for now so we can compare the two times.

(imported from commit b0c60a3017527a328cadf11ba68166e59cf23ddf)
2013-11-12 15:24:29 -05:00
Tim Abbott 2a77cecc7a Remove several unnecessary TODO notes.
(imported from commit 1292d048d63c056af69f62352cf8cab283ef5792)
2013-11-04 11:51:18 -05:00
Steve Howell 6382c417cf Improve zulip_internal decorator.
I added the @wraps decorator, and I point request._query at the
function name to override the URL, since some of the internal
URLs have realm names and domain names in them.  I basically
prefer the function names in most cases, so I just made this
automatic for zulip_internal functions, rather than having to
remember to address URL-vs.-function-name for every new endpoint.

(imported from commit 5583607f395be4dfae0bac31e1cdbffdf51fb3e8)
2013-11-01 13:43:38 -04:00
Luke Faraone 81d7dd1fda [schema] Support for authenticating Deployments via the API.
Here we introduce a new Django app, zilencer. The intent is to not have
this app enabled on LOCALSERVER instances, and for it to grow to include
all the functionality we want to have in our central server that isn't
relevant for local deployments.

Currently we have to modify functions in zerver/* to match; in the
future, it would be cool to have the relevant shared code broken out
into a separate library.

This commit inclues both the migration to create the models as well as a
data migration that (for non-LOCALSERVER) creates a single default
Deployment for zulip.com.

To apply this migration to your system, run:
   ./manage.py migrate zilencer

(imported from commit 86d5497ac120e03fa7f298a9cc08b192d5939b43)
2013-10-25 14:13:30 -04:00
Steve Howell cf0331018a Log client/email in zulip_internal decorator.
(imported from commit 43b7ae75bd5cd3e8a086f82b31507079d999a42b)
2013-10-22 15:03:34 -04:00
Steve Howell 5562f09d99 Add zulip_internal decorator for internal Zulip reports.
(This also ensures that /queries is viewable only from inside
Zulip.)

(imported from commit 697da768889943ab6cea62b3e922cc43afa04759)
2013-10-22 10:15:08 -04:00
acrefoot f8662c16f7 Add Mandrill decorators, credentials, actions
You can queue email for future delivery or send immediately via mandrill now

(imported from commit e6b6d11a2d94fcdeaffab80793e7ba31955b9031)
2013-10-10 19:32:21 -04:00
Steve Howell 35fce47088 Do not embed the API key in webhook error messages
(imported from commit 12d782b1bde2c9f928e509bd6dd0ae9106616ed6)
2013-10-03 14:38:37 -04:00
Steve Howell 97adbedfca Support request._query in update_user_activity().
If request._query is set in the call to update_user_activity(),
we will use that instead of request.META['PATH_INFO'] for
the query field of the UserActivity row we write.

(imported from commit fcee30098e1c7c5cb4195a1e5905fc7b88af804f)
2013-10-03 14:23:02 -04:00
Steve Howell 8a4a069703 Add api_key_only_webhook_view decorator.
This is for webhook API endpoints that only get passed in an api_key,
not an email.  An example would be api_jira_webhook, and some of
the code is borrowed from there.  The rest of the code is from
authenticated_api_view().

(imported from commit b5b2a4ea52f9b317f00357ef3142c76534fabf20)
2013-10-03 14:22:49 -04:00
Zev Benjamin 90ee96d456 Split out presence and activity interval events from user_activity queue
(imported from commit 3c22448491867a9e72659629d5d0faaf12b85b2c)
2013-09-24 20:44:15 -04:00
Zev Benjamin 7d0fd364b2 Remove duplicate call to update_user_activity
(imported from commit e9d2dce02cb6863a3ba66045a7b88bd351fd0c5d)
2013-09-23 11:25:58 -04:00
Scott Feeney a213fb5df2 Comment that authenticated_rest_api_view does Basic auth
(imported from commit 145ea6b0a17ab904c32e23e809410f56448baa72)
2013-09-04 13:19:22 -04:00
Scott Feeney f225c467b0 Strip whitespace from email/key during API auth
Trac #1681

(imported from commit 4c97bfea052d2da7673ba5a9520f7ddc7515d975)
2013-08-27 14:27:28 -04:00
Scott Feeney 141877a06c Give a helpful error if API key is wrong length
Trac #1680

(imported from commit 0a50e7a93b37a5a3e74fb99c97a8917d8fbcc8f9)
2013-08-27 14:27:28 -04:00
Zev Benjamin 2f262b1558 Make @authenticated_rest_api_view imply @csrf_exempt
(imported from commit a90402effe48b184c05bf19f1136e3d63a6f460b)
2013-08-16 14:38:54 -04:00
Tim Abbott d59ba39518 Rename humbug_finish to zulip_finish.
(imported from commit a73ef9302d16a4068c7d050d4882d2eba699488d)
2013-08-07 10:00:08 -04:00
Tim Abbott e111a2f9a5 [manual] Rename Django app from zephyr to zerver.
This needs to be deployed to both staging and prod at the same
off-peak time (and the schema migration run).

At the time it is deployed, we need to make a few changes directly in
the database:

(1) UPDATE django_content_type set app_label='zerver' where app_label='zephyr';
(2) UPDATE south_migrationhistory set app_name='zerver' where app_name='zephyr';

(imported from commit eb3fd719571740189514ef0b884738cb30df1320)
2013-08-06 07:39:36 -04:00