Jessica McKellar
9077d51d54
For now, allow all characters in stream names.
...
We've had multiple requests from MIT zephyr users to allow
non-alphanumeric stream names, and we haven't decided what we want to
allow, so for now allow everything.
Note that the web client and mirror script limit stream names to 30
characters, which is our database limit.
(imported from commit 2acb5ee04e5ee7c40031ac831e12d09d04bbb2e6)
2012-11-07 15:12:03 -05:00
Zev Benjamin
b5cd40723f
Start long-polling immediately in get_updates if the user has no messages
...
(imported from commit 02f883c58513f3bb705b248320cd9cfb7abd6417)
2012-11-06 16:40:52 -05:00
Zev Benjamin
8464e45507
Set the response status to 400 in send_with_safety_check if there was an error
...
(imported from commit 11fd082bb88be271b268d60cc797318386c9d778)
2012-11-06 16:40:52 -05:00
Jessica McKellar
15ca35e961
views: remove unused imports.
...
(imported from commit 1c44a1b23bb020b82bae99a75a12218c3e708e26)
2012-11-05 10:32:42 -05:00
Tim Abbott
1993ee403d
Remove @asynchronous on notify_foo views.
...
(imported from commit 79e3f99450deb3efa0c4154465a692ef01306ce4)
2012-11-02 20:55:31 -04:00
Tim Abbott
517c8e298a
Remove now-unnecessary check for 'time' in json_send_message.
...
(imported from commit aa177e13c16a43a5914227142a4e2589e2bd92bb)
2012-11-02 20:55:31 -04:00
Keegan McAllister
2b1ecd1ad8
Fix name of login_required_api_view in comment
...
(imported from commit e278256da19c3abd4ee05bd6c4318a482a25cee0)
2012-11-02 14:57:38 -04:00
Zev Benjamin
6178cd830a
Return the error if return_messages_immediately returns an error response
...
We previously started long-polling.
(imported from commit 5860e484c63088ed34226f39f5aeb74e3ed43f91)
2012-11-01 16:02:28 -04:00
Tim Abbott
7c3a189c03
Combine api_subscribe and json_add_subscriptions.
...
(imported from commit 1a5df7c88beb2c27a048b1880136b9c7cb4451b2)
2012-11-01 13:05:52 -04:00
Tim Abbott
7e0cbd1c8b
Change json_add_subscription to use the same interface as api_subscribe.
...
(imported from commit 9b9eb0284ad262ce9701ef81162d954544435d52)
2012-11-01 13:05:52 -04:00
Tim Abbott
01bf0868a9
Rename new_subscription argument to streams.
...
(imported from commit 8024f47564fe580734d5e452f5092520870003a7)
2012-11-01 13:05:52 -04:00
Tim Abbott
22bb5a5830
Fix longpolling on messages to nobody.
...
This is what caused our server to hang when receiving certain messages
over the last couple days. It was introduced by me making in the
assumption that doing the same thing we did after validate_notify
failed was a correct way to immediately return from
notify_new_message, which it was not. The code of validate_notify
actually finished the handler in the event that validation failed,
which isn't "correct", but did not manifest in a visible problem.
The correct way to trigger an immediate response from a tornado view
is to just return the value, not call handler.finish() and then return
None.
Similarly, the correct way to trigger longpolling from a tornado view
is to either return None (or equivalently, / drop off the end of the
function) or return a generator.
(imported from commit 5b931248b4650fc88d5d68f5936a95f19e097af9)
2012-10-31 16:35:30 -04:00
Tim Abbott
b33c0c4eee
Send the stripped stream name to add_subscriptions_backend.
...
(imported from commit c3bbb9bd200629020fe7e60d42644beaab30bff5)
2012-10-31 14:06:35 -04:00
Tim Abbott
e48bdfe847
Use json_success for api_fetch_api_key.
...
(imported from commit 395d992fa634f5304f8a44f38f0251109c1a0810)
2012-10-30 16:59:18 -04:00
Tim Abbott
c00e37c106
Use json_error rather than HttpResponseBadRequest and friends.
...
(imported from commit a9f6df2e561218db46f4ade86bac1ecd87b6ca78)
2012-10-30 16:59:18 -04:00
Tim Abbott
9fa2f0d4f8
Use @require_post for login_required_json_view.
...
(imported from commit e7efea5f016b1b44a0a3deba024e3df828006cfa)
2012-10-30 16:59:18 -04:00
Tim Abbott
4e9df28c12
send_message: Don't create streams automatically on send.
...
(imported from commit 7be1b72c5fdf9a21167d2be3948cf1febf8da8ed)
2012-10-30 15:02:45 -04:00
Luke Faraone
1d6a5741e0
Previously conditionals used the wrong case to reference request.POST.
...
(imported from commit 2624def3745c3b26114ee1a1a9a20288e078b243)
2012-10-30 13:29:40 -04:00
Luke Faraone
9f61e27218
Fix broken conditionals in get_old_messages_backend.
...
(imported from commit 13b934cdd2805d45efff18f7ce485b3e17e11c1a)
2012-10-30 13:24:02 -04:00
Tim Abbott
0fcf1db00a
Fix tracebacks sending messages nobody will receive.
...
(imported from commit afe3d7465f105015f7fa8247ab3cba7476b89fc2)
2012-10-29 19:17:26 -04:00
Tim Abbott
af09279483
Check for empty stream/subject names.
...
(imported from commit 208be288f903e8a040ed9e1de243315df0d9adae)
2012-10-29 17:36:01 -04:00
Tim Abbott
44b332693e
Fix the fact that new auto-created MIT users are active.
...
(imported from commit 577f1a0165a56fc3cc1ed6f0a54f6c5f31345cc7)
2012-10-29 17:30:06 -04:00
Luke Faraone
5dad59e864
Implement MIT signups.
...
Here we introduce a new manage.py command, activate_mit, which takes a
number of usernames and sends out emails to the users with instructions on
how to activate their accounts.
(imported from commit f14401b55f915698e83ff27b86434f53e64685f3)
2012-10-29 16:59:37 -04:00
Keegan McAllister
0e03a7acc8
views.home: Use @login_required
...
We can't use reverse() due to what amounts to a module import cycle.
(imported from commit 8a2904648173bc3e4ff2079d33320417b28518d3)
2012-10-29 15:41:28 -04:00
Keegan McAllister
5353f5b3b0
Rename NOT_LOGGED_IN_REDIRECT -> HOME_NOT_LOGGED_IN
...
If we have other pages that require login, we might want them to redirect to
the login form. But the root of the site should take you to /accounts/home --
but only after we launch the product.
(imported from commit b5d10e1c908f1ffe1ee68c2689691ca66c896786)
2012-10-29 15:41:28 -04:00
Zev Benjamin
2723a54088
Disable pointer sync for alpha rollout
...
(imported from commit 50a41e49e9b4a7db0b07ee7705d51c3a2abdff35)
2012-10-29 14:18:08 -04:00
Zev Benjamin
5413f74a7e
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
This commit differs from 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe in
that it uses request.POST.get("foo") instead of request.POST["foo"].
For some reason the latter triggers CSRF errors.
(imported from commit b2a4a7322d16dbf241cd6eef146621c79d84cafc)
2012-10-26 17:17:09 -04:00
Zev Benjamin
b36f1702fc
Revert "Allow API users to update the pointer and receive pointer updates"
...
This reverts commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe.
It seems to have broken API users.
(imported from commit 2f861ebc016076547092421f87dbcac00a65e2f6)
2012-10-26 16:19:57 -04:00
Zev Benjamin
a4fd478e3d
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
(imported from commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe)
2012-10-26 16:06:41 -04:00
Zev Benjamin
ec389c5c83
Non-asynchronous API calls only take two arguments
...
(imported from commit 39f21892e38b0f8c2369d77ffcfb077f1006863e)
2012-10-26 11:53:01 -04:00
Zev Benjamin
8a66d52228
Expose get_old_messages to API
...
(imported from commit d3b86a049440c54b52d96c27f8925a73496eaffe)
2012-10-26 10:42:11 -04:00
Zev Benjamin
ec9e0a4b9f
Have get_updates include an "update_types" array in its response
...
This is similar to the previous "reason_empty" variable, but captures
why we've returned from the call even when there are updates and all
the reasons if there are multiple. For now, it's useful for debugging.
(imported from commit fd8d9e859660e51b57178d066b184f831b71a0b6)
2012-10-25 18:12:11 -04:00
Zev Benjamin
a9583f6889
Fix get_updates missing messages between calls
...
(imported from commit 2b84df2a35a9a006b8548904ebf145a351a2e92b)
2012-10-25 18:11:23 -04:00
Tim Abbott
f2c6347471
Return to failing clients immediately the first time.
...
(imported from commit b29df3165030ffd95dfe89b6471aeb74c06b6126)
2012-10-25 17:53:30 -04:00
Waseem Daher
44547e4e36
Properly check stream/subject lengths.
...
(imported from commit 1432266d8db1122f561e9e2f997071a19fb0f190)
2012-10-25 17:07:32 -04:00
Waseem Daher
c894bab738
Compute a user's realm from the verified email address, not a user-passed field.
...
(imported from commit 5c220a7b9e4b137b5c98b286e409004318565137)
2012-10-25 16:50:00 -04:00
Tim Abbott
0c54fab1e2
Check for too-long stream/subject names.
...
(imported from commit 6d37dff9af7e471e1e6a1ba77a9500bf5bb4ba7d)
2012-10-25 16:04:47 -04:00
Tim Abbott
7c8bde5d90
Add log/restore for fullnames and passwords.
...
(imported from commit 048ca3c86b9f077fcbccd5df4a509191a545da4c)
2012-10-25 15:52:26 -04:00
Zev Benjamin
cf1d35fd62
Remove unused variable
...
(imported from commit 0636d51527ea9cac8b1ba5490bf5836cd4e79269)
2012-10-25 15:45:14 -04:00
Zev Benjamin
451a041919
Remove the ability to fetch old messages via get_updates
...
Clients should use get_old_messages, instead.
(imported from commit 67847ef67d8ad4bf4af3f6082f85f0c76a41944c)
2012-10-25 15:31:27 -04:00
Keegan McAllister
eef027560a
Remove unused imports
...
(imported from commit eb576627ff72e57fee0e3a4c357f51ad74cd6c86)
2012-10-25 15:22:18 -04:00
Keegan McAllister
9629e7111b
already_sent_mirrored_message: Reduce code duplication
...
and eliminate extremely long lines.
(imported from commit 29a08b1757c1bb3af1f82222fd7150db05f86034)
2012-10-25 15:22:18 -04:00
Zev Benjamin
c4189d1029
Add get_old_messages json call
...
This new call only allows fetching of existing messages. The idea is
to remove this functionality from get_updates to simplify the backend
code.
(imported from commit 1345db2f1707e208e7c0bd08b7d444932c68b6a2)
2012-10-25 12:10:44 -04:00
Zev Benjamin
07263f3a0e
Rearrange functions
...
(imported from commit 814f2acbf574bf1eeb32e23ab28e76fc94f877ce)
2012-10-25 11:26:53 -04:00
Keegan McAllister
ab34200648
Make sure that Markdown rendering really happened, if requested.
...
This is a security issue because it's where we escape HTML.
(imported from commit 10dea1899eb6d7e0e40128ae1a4787abad38fa73)
2012-10-24 15:43:46 -04:00
Keegan McAllister
734411369b
format_updates_response: Default to apply_markdown=True
...
It's the safer default to prevent introducing XSS holes. And in our current
code, we always provide this parameter.
(imported from commit 73897f5315ba54a5d3fa95dd19efb9d20c081a8a)
2012-10-24 15:32:12 -04:00
Keegan McAllister
e8dfb41f70
Return messages from return_messages_immediately, rather than calling handler.finish
...
(imported from commit 0da3356c6712614cf1816d330b891e8f6d13bac7)
2012-10-24 15:32:10 -04:00
Tim Abbott
75d150efc7
Fix being unable to send messages with a trailing comma in recipients list.
...
(imported from commit 5c075c4aa1da8c2a153b33ed4d061fac88de48e7)
2012-10-24 14:25:55 -04:00
Zev Benjamin
8a39292b5d
Fix bouncy pointer from pointer updates
...
The previous code path was buggy. We now do separate pointer update
checking for the cases where get_updates returns immediately vs. when
it returns from a callback.
(imported from commit f236a80cd0b94bc097dbd17f113d7a9d27368025)
2012-10-23 16:39:04 -04:00
Zev Benjamin
5ee6982a7e
Use a different format function when we don't respond to a get_updates immediately
...
For now, the new function, format_delayed_updates_response, just
calls format_updates_response.
(imported from commit dd332125fe0d47cb3990373f74e85e64604f58a3)
2012-10-23 16:39:04 -04:00
Zev Benjamin
c8dd5229ed
Rename updater_session to pointer_updater
...
(imported from commit 7646b8e636393d64ef07d0251f8c83beecf114aa)
2012-10-23 16:39:04 -04:00
Zev Benjamin
6c4b56517f
Revert "Temporarily disable pointer sync"
...
This reverts commit 7d8f673559ca6359923aa0bdd48edebe0955e921.
(imported from commit 32f7ad925cc4df72220a191602487620a9970f43)
2012-10-23 16:39:04 -04:00
Zev Benjamin
ce3ea9f019
Temporarily disable pointer sync
...
(imported from commit 74e6bb347e0b8c01b6450914a50448b78b9749c9)
2012-10-23 15:24:00 -04:00
Luke Faraone
a139f8b6b2
Fix incorrect references to userprofile in the API
...
(imported from commit 77c062b54c545185aee28189726f61a874a1fe77)
2012-10-23 12:05:56 -04:00
Tim Abbott
fdeab96b4c
Add a default client name for the API.
...
(imported from commit a14b2f8bd9ff604c5f522c85842d296be38d33e6)
2012-10-23 10:54:36 -04:00
Tim Abbott
846469c39c
[schema]: Rename userprofile to user_profile.
...
(imported from commit adfb6152b7ec32557e3465d961695eb870506d5a)
2012-10-22 18:55:45 -04:00
Tim Abbott
93616039bc
Use the new client data model to deduplicate mirroring.
...
(imported from commit 6ac38534aea11b1e7f8f332e76251f9501f9ab3e)
2012-10-22 18:31:36 -04:00
Tim Abbott
1b1d5cb577
Fix all mirrored stream messages appearing to be from me.
...
(imported from commit 777f98a564d3f169d3c69fcda980ce5993910d88)
2012-10-22 17:59:21 -04:00
Tim Abbott
bce793005d
Fix mirroring of personals.
...
(imported from commit 91ae9e6bb20389a708bd6b1945c898b98b96ee4a)
2012-10-22 17:21:07 -04:00
Zev Benjamin
f817bf6144
Pass the session that updated the pointer from Django to Tornado
...
This allows us to check whether the session that updated the pointer
is the same as a session that is doing a long poll to avoid sending
new pointer information when that information is coming from the same
session.
We still return from the long poll early, though, which is sub-optimal.
(imported from commit 7d4be0956f112eacefb7d198ea929957cd2b05e3)
2012-10-22 17:16:47 -04:00
Tim Abbott
d17db6687c
Improve validation of zephyr mirror data.
...
(imported from commit 9ebc43d17d1f4040da2deff271ba7e158908a29b)
2012-10-22 17:08:09 -04:00
Zev Benjamin
732ca19729
Synchronize the pointer across sessions
...
The client may now optionally send its current pointer during
get_updates and the server will return the latest pointer if it
differs and was updated more recently by a different session.
(imported from commit e43b377d7dfb52f83cefb0b1003863d5407caf80)
2012-10-22 16:44:57 -04:00
Zev Benjamin
66d7678423
Add UserProfile callback for pointer updates
...
(imported from commit bfa9c15d82f092a1810cfcee1a88e1e292bc4cb8)
2012-10-22 16:06:38 -04:00
Zev Benjamin
2a4c3b5bff
Abstract the callbacks table in preparation for more kinds of callbacks
...
(imported from commit 695d5bceb4657ef25ba5983212082ee0c76b9d33)
2012-10-22 16:06:38 -04:00
Zev Benjamin
7ac0625e39
Add model field indicating which session most recently modified the pointer
...
(imported from commit 819ab358d9fa6f22ad8ccee56fe723ea7711ebc5)
2012-10-22 16:06:38 -04:00
Tim Abbott
b353fd4abd
Use sending_client to check whether messages are mirrored.
...
(imported from commit 6202739e21dfb308ed551656a8a0cdf7311972f7)
2012-10-22 14:52:08 -04:00
Keegan McAllister
7cf8f842f7
Allow in stream names any character classified by Unicode as alphanumeric
...
Also correct a comment.
(imported from commit 5c03032b90dbaf38d880651004733e4399b422ee)
2012-10-22 12:58:39 -04:00
Jessica McKellar
f5f3ffc6a9
Expose an API method for updating the pointer.
...
(imported from commit 66d49c149e0bbc60e82a5967b77aff69629b09e7)
2012-10-21 13:33:14 -04:00
Jessica McKellar
0fb836538d
Add an API request for getting profile (specifically pointer) data.
...
Mobile clients need it.
We are going to need to sit down and think about how much power we
want to give our API users, though. For example, should they even get
to know about your absolute pointer value (maybe they should only be
able to make requests relative to your pointer), or be able to request
very old ranges of messages?
(imported from commit 1680655f0d9a670bc0da0ddb92fbbd5cf851d3dd)
2012-10-20 21:59:59 -04:00
Tim Abbott
7b3b4362dd
[schema] Add a Client model keeping track of the sending client.
...
(imported from commit 31a430b1de14ce973addafd5d13ace049a8f8091)
2012-10-20 18:41:54 -04:00
Tim Abbott
1fcb4c0576
Fix error handling for removing subscriptions.
...
(imported from commit b95a706ed9499e96c4ff27ca583ed10dab674736)
2012-10-20 18:26:21 -04:00
Tim Abbott
56dab6cb26
Log changes to subscriptions and replay them in populate_db.
...
(imported from commit d3055eb44326bdc59a6bc96d00b5b0bc6da86059)
2012-10-20 18:26:21 -04:00
Tim Abbott
a8ee0ecc69
Fix bug allowing subscribing to a stream twice.
...
(imported from commit c49b7c8ec49fd71bb1e1f1226d9e126d4d0987df)
2012-10-20 10:15:12 -04:00
Keegan McAllister
0d05557ffc
notify_new_message: Allow request to have come from IPv6 localhost
...
(imported from commit ef477ced6695f866f8d265d980f8401670b3c95c)
2012-10-19 22:34:46 -04:00
Keegan McAllister
86b4da9d83
Put a new user's pointer at the bottom
...
(imported from commit 65ae2483d6bcfb96cc97bdb689d8174737bde5b0)
2012-10-19 20:44:09 -04:00
Tim Abbott
e434fa141e
Use .objects.create and .objects.get_or_create.
...
This eliminates a bunch of unnecessary code and also fixes a bunch of
places where we were improperly not using transactions.
(imported from commit f194ae9226f9229fc56a0b1b21615534f486ea0c)
2012-10-19 17:42:14 -04:00
Keegan McAllister
5b13f9192f
Load more messages when the user presses the "Load more messages" button
...
(imported from commit 060e6f67b13fd67b56f80f913eb6b835860a8115)
2012-10-19 17:13:14 -04:00
Keegan McAllister
7693695fc0
Tell the client why we are returning an empty list of messages
...
(imported from commit cc17ed2d8389f6be1170081e70c1d8a7f0556ac3)
2012-10-19 17:13:13 -04:00
Keegan McAllister
c67e7035aa
Limit the number of old messages the client requests
...
(imported from commit 6bff6aa0b48d46b98aa68c6e29eb569cf41f4989)
2012-10-19 17:13:08 -04:00
Zev Benjamin
ab382040c1
Make get_updates reload_pending request parameter an integer
...
This fixes a bug where the server wasn't returning from get_updates
immediately when the client needed a reload.
(imported from commit 1d854eb1c7061f468d091e103f10074f4c7231d8)
2012-10-19 15:53:05 -04:00
Tim Abbott
79fbb23356
Return a max_message_id when returning no messages.
...
This is needed for an API client to setup a nonblocking subscription.
(imported from commit d978c28994c5e3af4312ffba32c4040e8314c247)
2012-10-19 11:37:20 -04:00
Tim Abbott
d49d675128
Fix mit_sync_bots for personals only.
...
(imported from commit 9fd7ac87d2cdc32413edefbde8870bbe59b67380)
2012-10-18 11:14:03 -04:00
Tim Abbott
e303b7dcbd
Fix syncing messages from Humbug back to MIT.
...
(imported from commit ff32c8c0824afda0805bd5ec9ec87b7ce999bcca)
2012-10-18 10:57:18 -04:00
Tim Abbott
1d55c06ede
Move mit_sync_table code into the correct process.
...
(imported from commit bc40f865f94d7b39db5e49eba09370c3fa53dc6f)
2012-10-17 22:35:02 -04:00
Keegan McAllister
b9e9938197
create_user_if_needed: Use proper initial passwords
...
(imported from commit 009208ac64548dd6f8773ccc7738ab0c391d816a)
2012-10-17 21:08:59 -04:00
Keegan McAllister
4f56362e0f
Change formatting of notify_new_message request
...
The requests library doesn't encode repeated key form data reliably.
(imported from commit 3cc9f5379c299a57f69bb5b7ff3b85f0c066269f)
2012-10-17 18:24:15 -04:00
Keegan McAllister
91209f9304
Get initial server generation from first get_updates result
...
Embedding this in index.html won't work anymore, because the Django FastCGI and
the Tornado servers might have been started at different times.
(imported from commit 187909d0593449cf2989857671f9ca526723e451)
2012-10-17 18:24:15 -04:00
Keegan McAllister
a545876d56
Rename notify_waiting_clients -> notify_new_message
...
We might have other URLs for other notifications.
(imported from commit 4c1c5fe2f039816fef4c268f34692ca4f19d81e8)
2012-10-17 18:23:01 -04:00
Keegan McAllister
5e70b5a291
Split off the Tornado code into a separate process
...
(imported from commit 95dbd0f438cdba06d6e6c6c539a2a3d49c577cfd)
2012-10-17 18:23:01 -04:00
Zev Benjamin
2ade66bf3e
Remove stale comment
...
(imported from commit c880fc2f543e3f0cdfd531c968a1e77249c04f4c)
2012-10-17 18:17:43 -04:00
Tim Abbott
bff0046c51
Fix client continuously calling get_updates when a reload is pending.
...
(imported from commit 2c29c8b892e7843f4d75178cc683bf48f7a5cdf5)
2012-10-17 17:46:07 -04:00
Waseem Daher
49a8677517
Remove 'timezone' from the settings page.
...
We weren't doing anything with it anyway, so...
(imported from commit ad927f3d2ce5b9bd219d6f36a021542812486aef)
2012-10-17 17:26:55 -04:00
Waseem Daher
d9715825b1
Remove 'short_name' from the settings page (but not the db).
...
For now, we're not using this, so let's expunge the user-facing
references to it.
(imported from commit 90a8dcdc77d0a991bef3e319e6971327639d1f4e)
2012-10-17 17:26:06 -04:00
Tim Abbott
758bbe6fc9
Rename api_fetch_key to api_fetch_api_key to match json methods.
...
(imported from commit ed1c33f5017426dd38882c06ac38343451edb94b)
2012-10-17 17:13:33 -04:00
Tim Abbott
ae3e24458c
Add a UI for requesting your API key.
...
(imported from commit 07c40caf73f3b6c1c502a6c8e18109532dd28cc3)
2012-10-17 17:09:46 -04:00
Luke Faraone
716badc2c6
Don't reference GET if we now require post.
...
(imported from commit b78b62e81b4064f53c1a83a68e0b7e67a08230b5)
2012-10-17 16:52:30 -04:00
Luke Faraone
6c3a328426
API key fetching should happen over POST, not GET.
...
(imported from commit 351d0035a55f49f00693081584d882c1aef7dd01)
2012-10-17 16:36:49 -04:00
Luke Faraone
12bad46740
Introduce API method to return a user's API key by logging in.
...
This makes it easier for mobile clients to use the API by enabling them to
present the user with a familiar username / password prompt, rather than
by asking them for their API key.
(imported from commit 6ed06cfe86f87e7aef54a4be7835fb7bf8d7f209)
2012-10-17 15:33:05 -04:00
Tim Abbott
7237b4a73e
Fix sending to a stream with a space in its name.
...
Previously if you tried to send to "a b", we actually ended up trying
to send to "a%20b", since we were url-encoding the stream name and
then not properly decoding it.
(imported from commit 307d2999bd309e47fc654ae4422ab4372edde064)
2012-10-17 14:06:00 -04:00
Keegan McAllister
81f0d61c3b
Factor out Gravatar hash calculation
...
(imported from commit 29872722fb4856773d98fc987a1e2d6eb99ad8b2)
2012-10-17 01:09:16 -04:00
Tim Abbott
539c3abbab
@asynchronous needs to be the outer wrapper.
...
(imported from commit 24b8f157d600e69276178d609820d3f0dfb685a7)
2012-10-16 17:10:15 -04:00
Tim Abbott
6642a65269
Convert last few json views to use the json_success api.
...
(imported from commit 7a617ec7e7c8607e8ba87e7a9b8599a83b91666c)
2012-10-16 16:54:41 -04:00
Tim Abbott
8388353859
Clean up the decorators code for the API.
...
(imported from commit b3fd6cfa475f021e35043148ad9a38633d9bddfe)
2012-10-16 16:38:42 -04:00
Tim Abbott
a859c10017
Don't redirect to a login page when responding to json messages.
...
Also update tests to actually check all our URLs.
(imported from commit 86de2027d140da6118e2f2f60c1c86511b16c141)
2012-10-16 16:38:39 -04:00
Tim Abbott
3e994c16b7
Rename/reorganize our urls to be more consistent.
...
(imported from commit ca3cc7ccd5d7da83a9c60968527378ee1118648e)
2012-10-16 15:56:06 -04:00
Zev Benjamin
103bf321b4
Have client and server exchange a server generation number
...
This will allow the client to detect when the server has restarted.
(imported from commit 89e75916719d967beb2520be6263f79f897d9ec1)
2012-10-16 15:30:09 -04:00
Keegan McAllister
8819bdc0fc
Hide most of the navbar on the deployed app
...
(imported from commit 3b055588f7de805bf1b038f1bc6c03837eda010a)
2012-10-15 18:44:36 -04:00
Keegan McAllister
5141cd7ab9
Make a setting for where we redirect home for not logged in users
...
(imported from commit 95bae4e52d8a8a34c001975e8d3547db5ba256a2)
2012-10-15 18:44:36 -04:00
Tim Abbott
bcc895b95b
Avoid expensive queries to check whether the user has any messages.
...
(imported from commit 035ec44db7a2f61b1c04e80feebe9af1a214505c)
2012-10-15 17:10:55 -04:00
Keegan McAllister
ab9832092d
Remove an unnecessary @require_post
...
(imported from commit c8a43e696dbcfa4cdb494f286e6f0b989d328bd9)
2012-10-15 17:05:37 -04:00
Tim Abbott
917a06d5cf
Use select_related for the get_updates queries.
...
(imported from commit 403a5906f9619fb1d6dc10e57ebcaab7e8f00f16)
2012-10-15 11:54:12 -04:00
Tim Abbott
7ebc720347
performance: Use select_related when computing autocomplete lists.
...
(imported from commit fde08787998179451e6684a101c80aaafca917f6)
2012-10-15 11:39:10 -04:00
Zev Benjamin
88009b4854
Auto-complete huddle names based on full name.
...
This also makes the people_list a list of objects containing the person's full name and email.
(imported from commit cff9b3de8cab0c9b2690ffa60d65d666302b989f)
2012-10-12 11:35:45 -04:00
Zev Benjamin
7a305c1882
Add more information to error message
...
(imported from commit 0917d5c2ed1b156603ce53aaec88ecbe26f5f39c)
2012-10-12 11:34:42 -04:00
Tim Abbott
afee537a95
Don't allow users to subscribe to too-long stream names.
...
Also check for invalid characters when subscribing via the API.
(imported from commit c4730ecb360607c4da264cb1c4b2f9daa2cef293)
2012-10-12 10:48:41 -04:00
Tim Abbott
091bc48926
api_subscribe: Check for too-long stream names.
...
(imported from commit 20d94eafeb333a9bc09b6b20093e13fd1b241ea8)
2012-10-12 10:45:53 -04:00
Tim Abbott
fc99d2983a
Add an API call to subscribe to a list of streams.
...
(imported from commit 0a5d46d5f54fb4c8ebfad8c9adb777c0b4938dfa)
2012-10-11 16:20:45 -04:00
Keegan McAllister
0a0bd31407
Remove unused strip_html
...
(imported from commit 21747b9b5cbbe7b1935905fc9254f4de64db20aa)
2012-10-11 15:01:54 -04:00
Keegan McAllister
2c3d7d6116
HTML-escape messages on output
...
(imported from commit f199fddf887ffbd22ebac76448accb4c48b64a24)
2012-10-11 15:01:54 -04:00
Keegan McAllister
3fadaae574
Don't escape message metadata as it enters the system
...
(imported from commit b98deb3dcdc389b079055a06ffafaf138bc79c70)
2012-10-11 15:01:54 -04:00
Keegan McAllister
c06aa1a3da
Don't escape user metadata as it enters the system
...
We believe that our output escaping is sufficient.
(imported from commit 4c9d4d79682ef5689bc1eec12a3bbcc34de013a4)
2012-10-11 15:01:54 -04:00
Keegan McAllister
7137787984
Escape variables interpolated into <script> within index.html
...
Django's escapejs prevents breaking out with an embedded </script> tag.
It only works on bare string contents, not JSON-ish lists and such. So we
generate stream_list and people_list with template loops now.
(imported from commit 07fe4bebaa3fa11bc479b4378b8989560ce77f6f)
2012-10-11 15:01:54 -04:00
Tim Abbott
83f494b1a4
Add API queries to show public streams and the user's subscriptions.
...
(imported from commit 5f24e35a9bdd1e40406e2acb0c3713a6517d139b)
2012-10-11 14:43:23 -04:00
Keegan McAllister
9811bd5f8a
Get UserProfile by email with a join, not two queries
...
(imported from commit 0698ebb88615cea54196181aeabe869ec466dbc1)
2012-10-11 14:05:53 -04:00
Tim Abbott
676e650a08
Fix mit_sync_bot bug causing constant API requests.
...
(imported from commit dfa845b98a7e22ee69a9589b8b98ac5a49077793)
2012-10-11 13:00:50 -04:00
Keegan McAllister
5a7ff70c11
Remove obsolete views
...
This functionality is part of the home view now.
(imported from commit 5f0327eb62840bf98af49566e6f3c0b86ca43b8d)
2012-10-11 11:23:22 -04:00
Keegan McAllister
48ec15c46d
Don't duplicate realm query when registering
...
(imported from commit b1e3b7144f564c5b2fc23fbf548bf0672deb2932)
2012-10-11 11:08:52 -04:00
Tim Abbott
ac3f4393ff
Rename instance to subject.
...
(imported from commit 6b4693da03f106448c137cf81cf9801cac44f2b8)
2012-10-10 18:01:39 -04:00
Tim Abbott
08e832e093
Change send_message to accept a stream, not a class.
...
(imported from commit 0f58de2502bec227f5f33e44692d03f2f28d6f63)
2012-10-10 17:48:17 -04:00
Tim Abbott
6dc913766d
Rename 'classes' to 'streams'.
...
(imported from commit 8ad6791f39d49e90a2828b6af86d039ba5ca5abc)
2012-10-10 17:47:13 -04:00
Tim Abbott
493a428cb2
Rename zephyr_class=>stream for local variables in views.py.
...
(imported from commit 9ea782e0c132f4ab3ca86cd37ff584d0a2308dea)
2012-10-10 17:47:13 -04:00
Tim Abbott
003efb84b4
Rename get_class to get_stream.
...
(imported from commit 4d393f9fcd46847c54c7e0b6b7add219e8e07fe6)
2012-10-10 17:47:13 -04:00
Tim Abbott
4006e4b1ea
Rename class_exists to stream_exists.
...
(imported from commit 416bd1f4c513216d45913e306f6c8eaa542f3539)
2012-10-10 17:47:13 -04:00
Tim Abbott
39cde772eb
Rename valid_class_name to valid_stream_name.
...
(imported from commit 980135772f5050514b41130b0f1948aee3a3a4e5)
2012-10-10 17:47:13 -04:00
Tim Abbott
44e9e4cebf
Rename Recipient.CLASS to Recipient.STREAM.
...
(imported from commit a530194163f7260c73921137fa1ff671f14516f6)
2012-10-10 17:47:13 -04:00
Tim Abbott
1fc4780a81
Rename create_class_if_needed to create_stream_if_needed.
...
(imported from commit 1bbc792332981723d3d29b24ad03811d62ced5f1)
2012-10-10 17:47:13 -04:00
Tim Abbott
8daff2e05e
Rename ZephyrClass to Stream.
...
(imported from commit ae51b7a9e03f322dfe2dfccd250cbfc23adfe32e)
2012-10-10 17:47:12 -04:00
Keegan McAllister
8aa4e8c5f1
URLencode email in URL instead of HTML escaping it
...
HTML escaping makes absolutely no sense here. The other occurrence was already
removed in 55fff703924ef28060f0b91af3a6f06a1a636197 .
(imported from commit 3b7569dee381f6db290fc1527553802883e89ed7)
2012-10-10 17:24:49 -04:00
Luke Faraone
c2117a58e1
Don't use strip_html on passwords.
...
(imported from commit 2ecea072f545b5902b33bdc8e621871919cbbed6)
2012-10-10 15:16:23 -04:00
Keegan McAllister
26906777c1
Use 'reverse' when redirecting from home, for consistency
...
(imported from commit badd2a78cbe9d0007c7c8f515613761e68f01096)
2012-10-09 17:15:35 -04:00
Tim Abbott
6a7ce4cfe8
Comment out instance validation until we figure out what we want.
...
(imported from commit a1c22f9744f28635c67602a682bdb00cba0037ae)
2012-10-04 18:11:12 -04:00
Tim Abbott
12ea2895ea
Add a json_success style result to updates responses.
...
(imported from commit 6492f98f1e1f5b7622caa2f3427ae60bdfd3df0e)
2012-10-04 16:38:44 -04:00
Tim Abbott
27fdb10cbd
Return clean invalid user errors using the API.
...
(imported from commit 2f1687cbe8797ce42e66b340e87400720acd4054)
2012-10-04 16:38:44 -04:00
Tim Abbott
615e520c00
Add '.' to the list of valid class name characters.
...
(imported from commit 1d6c000434776b0b63f47bb514345746ed18bab9)
2012-10-04 15:17:12 -04:00
Tim Abbott
251177e8cf
Add a server-side check that class/instance names are valid.
...
(imported from commit 4534239e57b08b4d01d2caa68134e205ce6c225a)
2012-10-04 14:48:01 -04:00
Tim Abbott
2a79ff0cc8
Rename 'zephyrs' => 'messages' when formatting a message list to send to clients.
...
(imported from commit bfbb556f2444aca8277f54c363eccb678b6bf2dc)
2012-10-04 14:42:38 -04:00
Tim Abbott
8c11aeb7ee
Rename zephyr_backend => send_message_backend.
...
(imported from commit 78eb5884777a6631dd6a6a82c21295ee8ee49c11)
2012-10-04 14:38:07 -04:00
Tim Abbott
7991e6e281
Replace 'zephyr' => 'message' in code internal to views.py.
...
(imported from commit 92d7bc82bd8f6edae1e59cab3e0bd8b7d035775e)
2012-10-04 14:38:07 -04:00
Luke Faraone
d8b678c75d
Emails with plus signs no longer are rendered with spaces in /accounts/login
...
(imported from commit 55fff703924ef28060f0b91af3a6f06a1a636197)
2012-10-04 14:27:49 -04:00
Tim Abbott
1ab81cff92
[schema] Rename Zephyr => Message in the schema.
...
(imported from commit 4f402f150c45d2097d6b16943935e6e370b4f8d8)
2012-10-03 18:14:15 -04:00