4a6eafd6bf
Provide the static access control link for the 404 page
...
(imported from commit 3915ff409e1026c35a6d976ed5eea51ba679e0c3)
2012-10-30 11:01:36 -04:00
f0c2421f00
Customize the 404 error page Nginx serves for missing static content
...
(imported from commit 70fc821f9ae29b8a902c48ce57e39273c90f57ff)
2012-10-30 11:00:10 -04:00
7267ba9cd2
Fix test for /accounts/logout
...
(imported from commit 256929fc4d462832358c31c99bd470a23ffaba29)
2012-10-30 00:18:01 -04:00
c99f995782
Update comment in debug.js
...
(imported from commit c23c67331c6433e11e9131f75edce9be52d3ecff)
2012-10-29 23:21:00 -04:00
0fcf1db00a
Fix tracebacks sending messages nobody will receive.
...
(imported from commit afe3d7465f105015f7fa8247ab3cba7476b89fc2)
2012-10-29 19:17:26 -04:00
e8225973ba
Make subscriptions page look a little nicer.
...
(imported from commit 86c77b6bf6ef673b39e85a7a5555847fce7707b6)
2012-10-29 18:26:34 -04:00
bdb0ac73a3
Manually validate before send
...
Validation was happening, but was not preventing sending. We now
just manually call the validation function in compose.finish()
instead of relying on jquery.form's beforeSubmit option.
(imported from commit e094832bf8948f4c6f58cc0d0923bf0fd09db4b1)
2012-10-29 17:39:22 -04:00
696a04743a
Factor reload-related functionality into reload.js module
...
(imported from commit ef533f3416e8b406a03d28f67b45ca59523cef8e)
2012-10-29 17:38:44 -04:00
af09279483
Check for empty stream/subject names.
...
(imported from commit 208be288f903e8a040ed9e1de243315df0d9adae)
2012-10-29 17:36:01 -04:00
44b332693e
Fix the fact that new auto-created MIT users are active.
...
(imported from commit 577f1a0165a56fc3cc1ed6f0a54f6c5f31345cc7)
2012-10-29 17:30:06 -04:00
5dad59e864
Implement MIT signups.
...
Here we introduce a new manage.py command, activate_mit, which takes a
number of usernames and sends out emails to the users with instructions on
how to activate their accounts.
(imported from commit f14401b55f915698e83ff27b86434f53e64685f3)
2012-10-29 16:59:37 -04:00
26133f6bbd
Temporarily disable find.
...
(imported from commit 22d62547206481015d5d0501a01c65e82dd59d6f)
2012-10-29 16:10:28 -04:00
3c3877f1b5
Have Esc dismiss userinfo popover.
...
It's possible that the three places we can kill a popover
(body click, Esc, clicking on a new one) should be
refactored to use the same code.
(imported from commit ba7eab480fd2258abfb469c8f1155f29bc63f7f6)
2012-10-29 15:49:40 -04:00
0e03a7acc8
views.home: Use @login_required
...
We can't use reverse() due to what amounts to a module import cycle.
(imported from commit 8a2904648173bc3e4ff2079d33320417b28518d3)
2012-10-29 15:41:28 -04:00
5353f5b3b0
Rename NOT_LOGGED_IN_REDIRECT -> HOME_NOT_LOGGED_IN
...
If we have other pages that require login, we might want them to redirect to
the login form. But the root of the site should take you to /accounts/home --
but only after we launch the product.
(imported from commit b5d10e1c908f1ffe1ee68c2689691ca66c896786)
2012-10-29 15:41:28 -04:00
c6e64291c1
Use full name in popovers.
...
(imported from commit e6463ef9331ad9c4defebf827ddef52312d21ddd)
2012-10-29 15:02:25 -04:00
06fa574f29
Give popovers variable widths.
...
(imported from commit 3f38e8a35add3f7f5566d5712b4421f8e2e44776)
2012-10-29 15:02:25 -04:00
8510f4e207
tests: Add a mocked session object for tornado tests.
...
(imported from commit 0431d4cbb2233b7136367ad33f04ed2cc219add2)
2012-10-29 14:54:18 -04:00
6c39bf5cbd
Cut out duplicated code between clear_database and populate_db.
...
(imported from commit 4bb44c20d2f0477d8a3db72788f82b0cf8572b2d)
2012-10-29 14:54:18 -04:00
9caf205ed9
Fix missing tables when clearing databases.
...
(imported from commit 950839216af8366b87564fb310cb1ac47711ae02)
2012-10-29 14:54:18 -04:00
6632bac97d
Show userinfo popup if you click on email address.
...
(imported from commit ae3c1e5983520e945193c02561ebebf26ebb488a)
2012-10-29 14:40:04 -04:00
2723a54088
Disable pointer sync for alpha rollout
...
(imported from commit 50a41e49e9b4a7db0b07ee7705d51c3a2abdff35)
2012-10-29 14:18:08 -04:00
e5d89cb377
Make context menu a little bit smarter/clearer.
...
Don't, e.g., show "start a huddle with me" when you're
already in a huddle with me.
(imported from commit 58a646ebcf7ab7f0b2bcc901e9e081cce782ee46)
2012-10-29 14:17:27 -04:00
bc4447f9f8
Prevent compose box from popping back up inappropriately on reload
...
We weren't listing to compose finish events during reload previously,
which meant that finishing a message was not handled in the same way
as canceling a message.
(imported from commit 4f2576121a8b5354c94348bc2896a2db8c4be000)
2012-10-29 13:58:40 -04:00
cee3f87585
Use compose.finish() instead of manually calling ajaxSubmit() in multiple places
...
(imported from commit 3bbe4a03171d9eace413b576ae2c7ccf99141bf1)
2012-10-29 13:58:40 -04:00
e93c1ab87c
Switch from Open Sans to Droid Sans
...
We found a number of characters that look bad in Open Sans.
(imported from commit f8e7926f002b2de7f0d8bab255d212fac1cf6115)
2012-10-29 13:02:31 -04:00
7912b2abbe
Fix find bug causing a search to skip over the first result.
...
This would only happen when you hit enter directly, instead of using
the search up / down buttons.
(imported from commit 90301f64b3f24e91c103342bd6a7f1b3e61f8928)
2012-10-29 12:33:53 -04:00
cfc2601451
Include timestamps in find-able content.
...
(imported from commit a084a2d1c90b5f51049768ecd608d34ddd390a7b)
2012-10-29 12:25:48 -04:00
9689887cbd
Copy the csrf_exempt attribute in @asynchronous
...
Needed for @csrf_exempt to work.
(imported from commit 563ab11b0d26262511e9a6d9cc2735b0b835a391)
2012-10-27 17:56:18 -04:00
da252e8499
runtornado: Abort view processing if request or view middleware returns a response
...
This is the behavior specified by Django. Since this was broken before,
our CSRF protection had no effect on Tornado views other than printing
a warning message :(
(imported from commit 7975d3c9b6c18915f917ac2da4592a55f6b6a658)
2012-10-27 17:28:07 -04:00
d71b9594fe
Configure nginx for the new server
...
(imported from commit d073276912ea844e75fd710689f152fd7a2213c7)
2012-10-27 11:38:15 -04:00
36f4ce0c0b
Properly defer send_pointer_update setTimeout
...
(imported from commit 02a9c648eb420c8aebe84386cbb708bec96ca2e7)
2012-10-26 22:48:21 -04:00
92acd7bd1c
match_on_visible_text: Return boolean directly, without a conditional
...
(imported from commit b38800d074ab3e1dd557e49ef5a6cd7adfd677a3)
2012-10-26 22:21:41 -04:00
c32b0a1a22
Remove dodgy use of $( array ).last()
...
Per the docs, these are only meant to be used on arrays of DOM elements.
jQuery might one day assign a different meaning to arrays of strings,
and then we could have some security issues or weird breakage.
(imported from commit 545eee1e9c6955556d5c4bda30cd6db0dce19c60)
2012-10-26 22:21:30 -04:00
5c4fe1d521
Simplify tab click handler
...
We don't need to get the tab link href twice.
(imported from commit 4b437924c88074e706536b143af493804612746f)
2012-10-26 21:45:05 -04:00
6d0cebb6c2
Simplify update_floating_recipient_bar
...
The transformation here is
$($('foo')[0]) -> $('foo:first')
(imported from commit 79ea257c9935eea01c5a2f7afb171045692eff01)
2012-10-26 21:38:39 -04:00
582cb799dd
Get rid of the selected_message_class global
...
Instead we infer this from narrow.active(), with the ability to override during
the narrowing procedure.
(imported from commit fab9c6861f19aedf0ee8af094c1ef4e8a0a73d80)
2012-10-26 21:05:04 -04:00
6e63ac926e
Add rows.get_table()
...
This checks against the table name whitelist before building the jQuery query.
(imported from commit b296f117cdd2707aeb626328f8b0f9e00c723d59)
2012-10-26 21:03:52 -04:00
138721ebbb
ui.js: Wrap an extremely long line
...
(imported from commit e8bef501249cc11655780ab87c425c91e2ad4db5)
2012-10-26 20:41:08 -04:00
19d4631e6f
search.js: Call .each on the jQuery match rather than $ itself
...
(imported from commit cff239b483a8ef1a7997a1430f40a7fda11739b1)
2012-10-26 20:41:08 -04:00
a0eea37fd4
search.js: Wrap extremely long line
...
(imported from commit c5b76e2da4ebb8322b5a69bf0679fa7700bb7bd1)
2012-10-26 20:41:08 -04:00
58ca5b3e24
Harden rows.get against bad input
...
(imported from commit af0283323089f6ed4edb4cb732fe1cc821fb5dd5)
2012-10-26 20:41:08 -04:00
3ebee51ce0
rows.js: Use full module pattern
...
(imported from commit 770741958798317401e918a7b8331cfc2f73bf77)
2012-10-26 20:41:08 -04:00
6bd2087d89
zephyr.js: Combine get_huddle_recipient{,_names}
...
(imported from commit dcb4c32250f4ff3a3cf32d999d6469916b17b06e)
2012-10-26 20:31:52 -04:00
5413f74a7e
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
This commit differs from 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe in
that it uses request.POST.get("foo") instead of request.POST["foo"].
For some reason the latter triggers CSRF errors.
(imported from commit b2a4a7322d16dbf241cd6eef146621c79d84cafc)
2012-10-26 17:17:09 -04:00
b36f1702fc
Revert "Allow API users to update the pointer and receive pointer updates"
...
This reverts commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe.
It seems to have broken API users.
(imported from commit 2f861ebc016076547092421f87dbcac00a65e2f6)
2012-10-26 16:19:57 -04:00
faa7565a75
Clean up duplicated code in setup.js
...
(imported from commit 86566f194497b618dff0be6ea2bc829204d03366)
2012-10-26 16:08:18 -04:00
80ef222a60
Get the CSRF token from the DOM rather than a cookie
...
This simplifies the code, and lets us set the CSRF cookie as HttpOnly, which
adds a little bit of security.
(imported from commit 9d5923a1acf19bd27e6e1d55cf627049526de245)
2012-10-26 16:08:18 -04:00
a4fd478e3d
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
(imported from commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe)
2012-10-26 16:06:41 -04:00
22e6a8ac1d
Revert "Hide additional search buttons when not in use."
...
This reverts commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f. For
some reason this introduces some buggy behavior, and if anything I
should debug it more locally first.
(imported from commit 182193e6bb466a5668c2bb64e41712a793fa7ca2)
2012-10-26 15:41:38 -04:00
b0406ee1d2
update_floating_recipient_bar: Don't loop infinitely if no message selected.
...
(imported from commit a75cfd41ed8a8ce5256d1caa29f6c5bc0689e7d2)
2012-10-26 15:10:30 -04:00
9274437eb5
Hide additional search buttons when not in use.
...
(imported from commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f)
2012-10-26 14:55:42 -04:00
44a6a2b8a4
Have search bar always take on color of main area.
...
(imported from commit 85f6db17ca2fd616e4c7b63a98b80332cbddc1c0)
2012-10-26 14:31:05 -04:00
e365b94a27
Restyle searchbox to look more consistent/bootstrappy.
...
(imported from commit 2d381fb6ea7f27846d583e27dda0fd1a6df77fab)
2012-10-26 14:31:05 -04:00
92593b7cc8
Add basic up/down search functionality, including across narrows.
...
(imported from commit c82acad95e97733b87d65287c685caf7533a774e)
2012-10-26 14:31:05 -04:00
74a75eea0c
Add search bar and buttons above narrowbar.
...
(imported from commit 7def7d5824714a44c65d6a8e6699b2d8cda31418)
2012-10-26 14:29:30 -04:00
14388baf4b
Add jQuery highlight plugin, for use by search.
...
(imported from commit b596d0435db11f0369e2e6903714e2e1346b006b)
2012-10-26 14:29:30 -04:00
652c524777
Try loading older messages after user is idle
...
(imported from commit bb3c39f9b5a9b7befb353647af75001ec168fc8d)
2012-10-26 13:31:14 -04:00
807303a325
jquery.idle: don't allow the active handler to fire as a result of the user going idle
...
(imported from commit 28793228e50449b096dfe999a8cd17b7fa9e347e)
2012-10-26 13:31:14 -04:00
ec389c5c83
Non-asynchronous API calls only take two arguments
...
(imported from commit 39f21892e38b0f8c2369d77ffcfb077f1006863e)
2012-10-26 11:53:01 -04:00
6ed1d38743
Show persistent pointer on narrow again
...
(imported from commit c871ec931ffad4bc692a908e687bb21c6cb2e7e9)
2012-10-26 11:44:28 -04:00
9c838c44a1
Scroll to the correct message when narrowing
...
(imported from commit c6f11f3315f1d168b85f80ab524f322b399f5a85)
2012-10-26 11:44:28 -04:00
8a66d52228
Expose get_old_messages to API
...
(imported from commit d3b86a049440c54b52d96c27f8925a73496eaffe)
2012-10-26 10:42:11 -04:00
ec9e0a4b9f
Have get_updates include an "update_types" array in its response
...
This is similar to the previous "reason_empty" variable, but captures
why we've returned from the call even when there are updates and all
the reasons if there are multiple. For now, it's useful for debugging.
(imported from commit fd8d9e859660e51b57178d066b184f831b71a0b6)
2012-10-25 18:12:11 -04:00
51a39fdb0a
Remove unused variable
...
(imported from commit 5a2a100aa3d9a577cde2517be3d9bacc2147fa7e)
2012-10-25 18:11:23 -04:00
1c904e8607
Only start get_updates call after we've gotten all old messages
...
(imported from commit 8af46008a3abcdacb59e6223f38742a94a87b125)
2012-10-25 18:11:23 -04:00
a9583f6889
Fix get_updates missing messages between calls
...
(imported from commit 2b84df2a35a9a006b8548904ebf145a351a2e92b)
2012-10-25 18:11:23 -04:00
f2c6347471
Return to failing clients immediately the first time.
...
(imported from commit b29df3165030ffd95dfe89b6471aeb74c06b6126)
2012-10-25 17:53:30 -04:00
44547e4e36
Properly check stream/subject lengths.
...
(imported from commit 1432266d8db1122f561e9e2f997071a19fb0f190)
2012-10-25 17:07:32 -04:00
98d7116ee8
Delete some dead code in signup workflow.
...
(imported from commit d07fffd4c0efdaaf4a233c1dbc9d09bc5ec03ad3)
2012-10-25 16:59:37 -04:00
c894bab738
Compute a user's realm from the verified email address, not a user-passed field.
...
(imported from commit 5c220a7b9e4b137b5c98b286e409004318565137)
2012-10-25 16:50:00 -04:00
29d94b60b6
Add an "I agree to the terms of use" checkbox inside signup workflow.
...
(imported from commit 6d3320e71e189f4577da464fade9c8f7f5838f78)
2012-10-25 16:05:28 -04:00
0c54fab1e2
Check for too-long stream/subject names.
...
(imported from commit 6d37dff9af7e471e1e6a1ba77a9500bf5bb4ba7d)
2012-10-25 16:04:47 -04:00
7c8bde5d90
Add log/restore for fullnames and passwords.
...
(imported from commit 048ca3c86b9f077fcbccd5df4a509191a545da4c)
2012-10-25 15:52:26 -04:00
a798e14d86
Remove more unused code related to get_updates not returning old messages
...
(imported from commit d2cc795634c46d8a595ed15c093cfbfc113e6d10)
2012-10-25 15:48:35 -04:00
47eeae0d36
Restore the "load more messages" button disappearing when there are no more
...
(imported from commit 4f46d49c88d9d0dadefe3e770868b6844dc80d64)
2012-10-25 15:45:14 -04:00
cf1d35fd62
Remove unused variable
...
(imported from commit 0636d51527ea9cac8b1ba5490bf5836cd4e79269)
2012-10-25 15:45:14 -04:00
1d4f339eae
bugdown: Hide alphanumeric characters in exception logs, for privacy
...
(imported from commit 39481494b7910307f56e566035c1b464c83d196e)
2012-10-25 15:40:01 -04:00
451a041919
Remove the ability to fetch old messages via get_updates
...
Clients should use get_old_messages, instead.
(imported from commit 67847ef67d8ad4bf4af3f6082f85f0c76a41944c)
2012-10-25 15:31:27 -04:00
eef027560a
Remove unused imports
...
(imported from commit eb576627ff72e57fee0e3a4c357f51ad74cd6c86)
2012-10-25 15:22:18 -04:00
9629e7111b
already_sent_mirrored_message: Reduce code duplication
...
and eliminate extremely long lines.
(imported from commit 29a08b1757c1bb3af1f82222fd7150db05f86034)
2012-10-25 15:22:18 -04:00
f8540dcdae
Wrap some other extremely long lines
...
(imported from commit e7d55f318c8865ca953bf4520d1b07f7e84a4aeb)
2012-10-25 15:22:18 -04:00
b0462ebef7
Wrap extremely long lines in HTML
...
(imported from commit 4a18013ae001223709d91b7433128f8e75ebf399)
2012-10-25 15:22:18 -04:00
8c4a834206
Add function for activating MIT users.
...
(imported from commit 0de45fc341249332909d5a0ecef4d49918658a1a)
2012-10-25 14:46:58 -04:00
722249a9fc
Use a variable for repeatedly referencing old_message['type'].
...
(imported from commit 1b8e8fef61582dab06ffbb9a9b71c83c2629f0f2)
2012-10-25 14:46:43 -04:00
6e1ec1a2ec
Move our various bots into api/bots/.
...
(imported from commit f5803441b9b84872b942dff8e1c0ad1100788bcd)
2012-10-25 13:53:34 -04:00
c047502840
Use get_old_messages in client instead of get_updates for loading initial messages
...
(imported from commit 169b3720c1fa10606f2351039cac9655bb5165b4)
2012-10-25 12:10:44 -04:00
c4189d1029
Add get_old_messages json call
...
This new call only allows fetching of existing messages. The idea is
to remove this functionality from get_updates to simplify the backend
code.
(imported from commit 1345db2f1707e208e7c0bd08b7d444932c68b6a2)
2012-10-25 12:10:44 -04:00
07263f3a0e
Rearrange functions
...
(imported from commit 814f2acbf574bf1eeb32e23ab28e76fc94f877ce)
2012-10-25 11:26:53 -04:00
22a32c09c4
Add a shortcut to pull up the shortcuts dialog.
...
(imported from commit 0d6d3ba78a06f0eb1ecba8e6a571b79709980cef)
2012-10-24 18:31:44 -04:00
50da6b14d1
Add keyboard shortcuts dialog.
...
(imported from commit 1adb18597739dd71f4739dcf0c2da34c82598bd6)
2012-10-24 18:31:44 -04:00
b5cc259f5b
Set input/textarea font to match the rest of the page
...
(imported from commit 69b7d6399e6db46dc5a4f777395e3cd636427023)
2012-10-24 17:16:43 -04:00
26c97729d4
bugdown: Generate HTML, not XHTML
...
Our pages are declared as HTML5:
<!DOCTYPE html>
The markdown library only supports HTML4, but that's probably closer than XHTML.
(imported from commit c78be9ae9bccf029def8d94d3647b0ccce8b2252)
2012-10-24 16:02:15 -04:00
ab34200648
Make sure that Markdown rendering really happened, if requested.
...
This is a security issue because it's where we escape HTML.
(imported from commit 10dea1899eb6d7e0e40128ae1a4787abad38fa73)
2012-10-24 15:43:46 -04:00
b30b5f396e
to_dict: Include the content type with each message
...
(imported from commit 413ce08029832c6bed2a43f27a1caf809fb962b6)
2012-10-24 15:43:43 -04:00
734411369b
format_updates_response: Default to apply_markdown=True
...
It's the safer default to prevent introducing XSS holes. And in our current
code, we always provide this parameter.
(imported from commit 73897f5315ba54a5d3fa95dd19efb9d20c081a8a)
2012-10-24 15:32:12 -04:00
e8dfb41f70
Return messages from return_messages_immediately, rather than calling handler.finish
...
(imported from commit 0da3356c6712614cf1816d330b891e8f6d13bac7)
2012-10-24 15:32:10 -04:00
7da2ddea8e
Reorganize to[_log]_dict
...
(imported from commit 2f811cf6a42e5b5661679158c0053dd4ebb40dbd)
2012-10-24 15:07:14 -04:00
75d150efc7
Fix being unable to send messages with a trailing comma in recipients list.
...
(imported from commit 5c075c4aa1da8c2a153b33ed4d061fac88de48e7)
2012-10-24 14:25:55 -04:00
9e7e4fda91
Explicitly size Gravatars in message bodies
...
Should make the page jump around less on load.
(imported from commit a4b52a545b84117d149a2d5852ea0ddb71862748)
2012-10-24 01:02:10 -04:00
Keegan McAllister
Tim Abbott
Waseem Daher
Zev Benjamin
Luke Faraone
Jessica McKellar