Commit Graph

41444 Commits

Author SHA1 Message Date
Alya Abbott 12a439b8bd docs: Clarify language selection for new translators.
It looks like folks are accidentally generating requests for new
country-specific languages when they sign up. This change clarifies
the instructions so that we avoid these requests.
2021-04-02 20:27:21 -07:00
Palash Singh Raghuwanshi 7c43f1e2f7 static: Fix setting gear to be not active when app loads.
From the commit history, this typo has always been there; because it
had the same priority as the `opacity: 0.5` for that element,
it can be nondeterministic whether the bug appeared.

Fixes #17476.
2021-04-02 18:15:00 -07:00
Mateusz Mandera d5871f1005 streams: Allow admins to fetch private streams via the get streams API.
We send a list of all private streams to realm admins in
fetch_initial_state since 73c30774cb
anyway and this API code just didn't catch up.
2021-04-02 16:27:50 -07:00
Anders Kaseorg ceb7e2d2bd Revert "markdown: Add support to shorten GitHub links."
This reverts commit 9c6d8d9d81 (#16916).

This feature has known bugs, and also wants some design changes to
make it customizable like linkifiers, so we’re retargeting this to
post-4.x.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-02 15:52:34 -07:00
Alex Vandiver 4f6fc728cd tornado: Explicitly mark requests as varying by cookie.
The Session middleware only adds `Vary: cookie` if it sees an access
to the from inside of it.  Because we are effectively, from the Django
session middleware's point of view, returning the static content of
`request.saved_response` and never accessing the session, it does not
set `Vary: cookie` on longpoll requests.

Explicitly mark Tornado requests as varying by cookie.
2021-04-02 14:55:22 -07:00
shanukun bcc3bb03fe refactor: Make acting_user a mandatory kwarg for bulk_remove_subscriptions. 2021-04-02 14:44:41 -07:00
shanukun 0bf067b681 refactor: Make acting_user a mandatory kwarg for bulk_add_subscriptions. 2021-04-02 14:44:41 -07:00
shanukun 790085832c refactor: Make acting_user a mandatory kwarg for ensure_stream. 2021-04-02 14:44:41 -07:00
shanukun c39ffe8811 refactor: Make acting_user a mandatory kwarg for do_deactivate_stream. 2021-04-02 14:44:41 -07:00
shanukun f442e9fb03 refactor: Make acting_user a mandatory kwarg for do_scrub_realm. 2021-04-02 14:44:41 -07:00
shanukun 4b00e5da72 refactor: Make acting_user a mandatory kwarg for do_deactivate_realm. 2021-04-02 14:44:41 -07:00
shanukun 626cf52723 refactor: Make acting_user a mandatory kwarg for do_set_realm_signup_notifications_stream. 2021-04-02 14:44:41 -07:00
shanukun 00d998b955 refactor: Make acting_user a mandatory kwarg for do_set_realm_notifications_stream. 2021-04-02 14:44:41 -07:00
Aman Agrawal 0267ba54b2 filter: Return false for invalid filters.
For filter values which don't exist or are invalid in some
way, we return false to show user that there are no messages
in the filter user is trying to render. Our previous behaviour
was to show all the messages and ignore the filter which
isn't good.
2021-04-01 21:53:22 -07:00
PIG208 8002c4ff10 python: Use the correct typing for update_message_backend.
This is likely a typo introduced in e2c14724d9.
2021-04-01 17:49:28 -07:00
WookieMonkeys 1b6f68bb59 stream: Add entropy to deactivated streams.
Adding an additional `!` to the stream name each time a stream is
deactivated, to a maximum of 21 times, effectively limits number of
times a stream with a given name can be deactivated.  This is unlikely
to come up in common usage, but may be confusing when testing.

Change what we prepend to deactivated stream names to something with
more entropy than just `!`, by instead prepending a substring of hash
of the stream's ID.  `!`s.  Using 128 bits of the hash means that it
will require more than 10^18th renames to have a 1% chance of collision.

Because too-long stream names are also truncated at 60 characters,
having this entropy in the beginning of the name also helps address
potential issues from stream names that differed only in, e.g. the
60th character.

Fixes #17016.
2021-04-01 17:16:35 -07:00
aryanshridhar f19c7a2f69 emoticon_translation: Update comment for precise object length. 2021-04-01 16:52:32 -07:00
yashika 0fc3aa3a11 muting: Make topic muted notifications clearer.
The popup that appears when you mute a topic is a bit hard to read,
since nothing makes the topic and stream names jump out from the rest
of the paragraph.  Fix this by using bold around the stream/topic and
also cutting a bunch of unnecessary verbiage.

Tweaked by tabbott to further simplify the language.
2021-04-01 16:25:12 -07:00
Zeeshan 811eff1a03 api-docs: Fix table in update_message_flags to use proper html.
The Available flags table in update_message_flags.md was using
markdown for certain content inside HTML, which resulted in the
table not being rendered properly.
This commit fixes the table to use proper HTML for content rendering
instead of markdown, since the table was written in markdown's HTML
syntax.
2021-04-01 15:26:25 -07:00
Anders Kaseorg 0868641ea4 Revert "static: Make alert-box available for portico pages."
This reverts commit a00f5dd90e (#17801).

That commit introduced a regression in the portico pages as described
in commit 85b3157b47.  Since that fix
introduced a regression of its own, we need to revert both commits for
now.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-01 15:25:23 -07:00
Anders Kaseorg 6a877890b8 Revert "css: Fix webapp alert styling incorrectly applying to portico."
This reverts commit 85b3157b47.

This broke the × button on Blueslip alert boxes, because @extend does
not work across different PostCSS compilation units.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-01 15:25:23 -07:00
Anders Kaseorg 2595fa88a0 setup: Use the number of completed password changes for race detection.
The start time of the last password change was the wrong time to use,
because we could start a password change, start another request,
finish the password change, and then observe that the other request
failed due to the password change.

We could use the end time, but a counter is more robust to
sub-millisecond race conditions.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-04-01 13:49:02 -07:00
Tim Abbott b8eb3d676a recent topics: Clarify label for filter box.
* We shouldn't use "Search" when we mean "Filter".  Filter is correct
  here, since we are just showing a subset of what's otherwise shown,
  and won't find anything that's older (or whatever).
* The stream/topic wording was unnecessary; the things we're filtering
  are topics (E.g. "Filter users" might look at name/email, and is the
  right label, not "Filter name/email").
2021-04-01 13:27:30 -07:00
Tim Abbott 68be06deda docs: Clean up installer troubleshooting help guide.
* Remove references to the defunct zulip-help Google Group.
* Mention how to create a code block.
* Use nicer markdown syntax for links.
2021-04-01 12:10:30 -07:00
Tim Abbott 80abc3f829 mailmap: Document Alya's old email address. 2021-04-01 11:24:03 -07:00
Tim Abbott 0723ba4cc4 sanity_check: Improve output for manual installation.
We should still display the `source` advice when not in Vagrant or a
Droplet, since that's an important hint for anyone using local
installation on Linux.

We move the "If you are using Vagrant..." text a bit after to
highlight things nicely for folks who are running tools outside
Vagrant.

Also tighten text to avoid line-wrapping on an 80 character console.
2021-04-01 10:54:56 -07:00
Tim Abbott c768f7ae63 docs: Clean up Git guide article on working copies.
* repo => repository for more standard language.
* Delete 3 repeats of explaining the origin/upstream/local.
* Add some links.
* Update `git pull` language for rebase changes.
2021-04-01 10:16:29 -07:00
Tim Abbott 08116a17b0 typing: Move to parameter validation to view code. 2021-04-01 08:30:47 -07:00
Tim Abbott 2a8e9db8f1 typing: Remove obsolete block comment.
The legacy feature described here was removed in
d5cc29755e.
2021-04-01 08:13:23 -07:00
Dinesh ddca602123 typing_notifications: Do op validation in view function.
Instead of validating `op` value later, this commit does that
in `REQ`.

Also helps avoiding duplication of this validation when
stream typing notifications feature is added.
2021-04-01 07:50:02 -07:00
Dinesh 2d40224bb6 api docs: Fix incorrect comment in delete_stream documentation. 2021-04-01 07:49:42 -07:00
Riken Shah 7d64fc9bff puppeteer_tests: Display the number of tests completed after each run. 2021-04-01 07:47:26 -07:00
Riken Shah f6998d6fee puppeteer_tests: Remove sequential numbers from test files.
The only downside of this is that it makes it harder to control the
order of these tests; which isn't that important.  And the structure
of naming each with its test order fundamentally requires renaming
files when adding/deleting tests, so if we want to control the default
test order, we'd be better off doing that by just hardcoding a list in
the test runner code.
2021-04-01 07:46:13 -07:00
YashRE42 e05935a292 narrow_banner: Add test for empty_narrow_multi_private_message case.
This commit also marks narrow_banner.js as having 100% node test
coverage.
2021-04-01 07:38:39 -07:00
YashRE42 a15290429f narrow_banner: Add test for empty_narrow_self_private_message case. 2021-04-01 07:38:39 -07:00
YashRE42 89c89c76bf narrow_banner: Add test case for subbed stream empty narrow msg. 2021-04-01 07:38:39 -07:00
YashRE42 6fe67ef192 narrow_banner: Add test for empty stream operand, empty narrow msg. 2021-04-01 07:38:39 -07:00
YashRE42 df1d52ea15 narrow_banner: Add test case for unknown is: operand empty narrow msg. 2021-04-01 07:38:39 -07:00
YashRE42 01d7e69e41 narrow_banner: Add test for multi-operator empty narrow case. 2021-04-01 07:38:39 -07:00
YashRE42 f1808de5f6 narrow_banner: Add test for hide_empty_narrow_message. 2021-04-01 07:38:39 -07:00
YashRE42 836f39ecbb narrow_banner: Hide all empty narrow messages before each test.
Previously we were liable to have false positives in our tests here
because we did not reset the visible state for these selectors, this
commit adds a helper and relevant calls to it in order to prevent such
false positives.
2021-04-01 07:38:39 -07:00
YashRE42 b3274aa32e narrow_banner: Assert reply button disabled on show empty narrow msg. 2021-04-01 07:38:39 -07:00
YashRE42 dc02d4550f narrow_banner: Refactor first_operand conditionals to use switch/case. 2021-04-01 07:38:39 -07:00
YashRE42 f85f0c4b0b narrow_banner: Refactor empty banner is: operands to use switch/case. 2021-04-01 07:38:39 -07:00
aryanshridhar 00c493a75a dropdown_list_widget: Properly handle reset button text.
There can be several cases when we don't require a reset button
with the dropdown_list_widget.
Hence, Added an abstraction for dropdown_list_widget that
renders the button only if it's corresponding text is passed.
2021-03-31 17:57:56 -07:00
Riken Shah 08212ef74a puppeteer_tests: Remove login test.
This commit deletes the `01-login.ts` test because it was
redundant, We are already checking for log-in in all the
other tests.
2021-03-31 16:55:54 -07:00
Alex Vandiver 0023d561dd ci: Switch to hosting the CI images under Zulip on Dockerhub. 2021-03-31 16:54:34 -07:00
Alex Vandiver 21bafe1e1e tornado: Drop unused command-line flags.
These flags were put in place in the first commit that introduced
Tornado (9afd63692f) with unclear
utility.

Remove them, since they have never been documented, and do not have a
clear need.
2021-03-31 14:19:38 -07:00
Alex Vandiver de46edf966 docs: Remove unused X-Client-IP header from haproxy configuration.
This is unrelated to the X-Real-IP configuration that nginx will add,
and is unused by Zulip.  Remove it, to reduce confusion.
2021-03-31 14:19:38 -07:00
Alex Vandiver 07779ea879 middleware: Do not trust X-Forwarded-For; use X-Real-Ip, set from nginx.
The `X-Forwarded-For` header is a list of proxies' IP addresses; each
proxy appends the remote address of the host it received its request
from to the list, as it passes the request down.  A naïve parsing, as
SetRemoteAddrFromForwardedFor did, would thus interpret the first
address in the list as the client's IP.

However, clients can pass in arbitrary `X-Forwarded-For` headers,
which would allow them to spoof their IP address.  `nginx`'s behavior
is to treat the addresses as untrusted unless they match an allowlist
of known proxies.  By setting `real_ip_recursive on`, it also allows
this behavior to be applied repeatedly, moving from right to left down
the `X-Forwarded-For` list, stopping at the right-most that is
untrusted.

Rather than re-implement this logic in Django, pass the first
untrusted value that `nginx` computer down into Django via `X-Real-Ip`
header.  This allows consistent IP addresses in logs between `nginx`
and Django.

Proxied calls into Tornado (which don't use UWSGI) already passed this
header, as Tornado logging respects it.
2021-03-31 14:19:38 -07:00