Commit Graph

1371 Commits

Author SHA1 Message Date
Maxim Averin 73a1dd63d5 analytics: Refactor legacy 'zulip_internal' decorator.
Rename 'zulip_internal' decorator to 'require_server_admin', add
documentation for 'server_admin', explaining how to give permission
for ./activity page.

Fixes: #1463.
2017-04-22 11:42:02 -07:00
Michael 854d70e7c6 test_events: Verify format of event dicts precisely.
This is basically just using the new check_dict_only everywhere, with
a few exceptions:
* New self.check_events_dict automatically adds the id field to avoid
  duplicating it ~80 times.
* Set log=False for many of the testing action functions to remove the
  timestamp field from their returned event dictionaries, since it's
  not needed and is the result of a deprecated log_event function.

Wasn't sure if the subscription_field list in do_test_subscribe_events
could contain optional arguments, so I left the call to check_dict on
along with a TODO.

Fixes: #1370.
2017-04-22 11:22:41 -07:00
Aditya Bansal bdcddd35d0 tests: Add wrapper for client.logout in ZulipTestCase.
In this commit we add a logout wrapper so as to enable developers
to just do self.logout instead of doing a post request at API
endpoint for logout. This is achieved by adding a wrapper function
for the Django's client.logout contained in TestCase. We add this
by extending ZulipTestCase to have a logout function.
2017-04-21 21:45:55 -07:00
Umair Khan 8b88cfc84b redirect_and_log_into_subdomain: Handle is_signup. 2017-04-20 11:11:54 -07:00
Umair Khan 4ab783134e testing: Move unsign_subdomain_cookie to test_helpers.
We'll be using it in other files soon.
2017-04-20 11:10:56 -07:00
Umair Khan 8fee31f7ff forms.py: Include email in the error messages. 2017-04-20 11:07:01 -07:00
Tim Abbott 55bea73035 Revert "github: Call the appropriate authenticate."
This reverts commit ab260731a9.

The overridden authenticate method was buggy.
2017-04-19 10:06:00 -07:00
Tim Abbott cddee49e75 Add support infrastructure for push notification bouncer service.
This is an incomplete cleaned-up continuation of Lisa Neigut's push
notification bouncer work.  It supports registration and
deregistration of individual push tokens with a central push
notification bouncer server.

It still is missing a few things before we can complete this effort:
* A registration form for server admins to configure their server for
  this service, with tests.
* Code (and tests) for actually bouncing the notifications.
2017-04-18 23:03:06 -07:00
Umair Khan 8f5dfffe39 testing: Fix test_update_invalid_value.
This test was using hardcoded field id which made it order dependent.
2017-04-18 21:46:14 -07:00
Jacob Hurwitz 8343d80873 Fix mobile home view returning messages older than the pointer.
In cases where old unread messages in the home view might have been
leaked (either due to bugs or unusual muting interactions), it's
theoretically possible for the first unread message in the home view
to be far older than the pointer.

Since the Zulip mobile app is loading messages following the
use_first_unread logic, we need to plug this gap.

Probably a longer-term solution will involve changing how
update_message_flags works to automatically advance the pointer, but
this change should make it possible for the mobile apps to
consistently use the `use_first_unread` mechanism for fetching the
latest home view messages.

With tweaks to the tests by tabbott.

Fixes zulip/zulip-mobile#422.
2017-04-18 21:39:24 -07:00
Tim Abbott a543b3cacd attachment: Clarify and test logic for invalid uploads. 2017-04-18 21:27:29 -07:00
Tim Abbott 568b59291b attachment: Improve rules for managing attachment ownership.
The previous logic was that anyone with a link to a file could send it
to other users, but only the owner could make a file realm-public.
This had some confusing corner cases.

The new logic is much simpler:
* Only the file's owner/uploader can include a file in a message for
  the first time.
* Anyone with access to read a file can share it with others by
  including it in messages they send.
* Once a file has been sent to a public stream, any user in the realm
  can access it.
2017-04-18 21:27:29 -07:00
Aditya Bansal 08e4a67fa5 tests: Fix occasionally breaking tests.
In this commit we fix the occasionally breaking tests for
test_home.HomeTest.test_bad_narrow which were the result of
us patching global settings in test_upload to add some new emails
to CROSS_REALM_BOT_EMAILS and not rolling back.
2017-04-18 19:44:12 -07:00
Abhijeet Kaur 5e55fe992d backend: Add ability to search by group private message thread.
This doesn't yet contain the frontend or documentation for this
feature.

Modified by tabbott to rename the parameter and line-wrap the query
code.
2017-04-18 15:50:27 -07:00
Umair Khan cf3b6c6ca9 profile: Support custom profile data.
Implements backend for #1760.
2017-04-18 15:20:59 -07:00
Kouhei Sutou 2f09866364 message: Support highlight in link tag.
textsearch based full text search doesn't match text in link tag but
PGroonga based full text search can match text in link tag.

Without this change, highlighting text in link tag generates broken
HTML.
2017-04-18 13:15:48 -07:00
Tim Abbott cbc731963f decorator: Add support for Django internal_notify_view. 2017-04-18 09:59:07 -07:00
Umair Khan d699172d06 authenticate_remote_user: Properly handle None email. 2017-04-18 09:33:03 -07:00
Tim Abbott cf2897d758 test_home: Fix test_handlebars_compile_error mock request.
Using a MagicMock for the request caused weird problems with invalid
input in the context processors.
2017-04-17 22:15:46 -07:00
Umair Khan ab260731a9 github: Call the appropriate authenticate.
This commit makes sure that GitHubAuthBackend will only authenticate
using its own authenticate method. This is done by adding a new
Python Social Auth strategy which instead of calling authenticate
method of Django, calls the authenticate of the backend directly.

The problem this commit solves is that while authenticating through
GitHub backend, we were ending up getting authenticated through
ZulipDummyBackend. This might happen because the default strategy used
by Python Social Auth calls the authenticate method of Django which
iterates over all the backends and tries the authenticate methods
which match with the function arguments. The new strategy this commit
adds calls the authenticate method of GitHub backend directly which
makes sense because we already know that we want to authenticate with
GithHub.

The actual problem of why we are ending up on ZulipDummyBackend is
still a mystery because the function arguments passed to its
authenticate method are different. It shouldn't be called.
2017-04-17 21:03:08 -07:00
Sampriti Panda 0e3d694df8 bugdown: Use queue for processing of links in image previews.
Earlier, a stack was being used to go through the message and search
for links.  Because of this, in some cases the images were added to
the preview in reverse.  Using a queue will keep the image previews in
the same order as they appeared in the message.

Fixes #4453.
2017-04-17 20:48:16 -07:00
Tim Abbott 0c8575e2dc user_settings: Disable bot access to several endpoints.
These settings have no effect on bots, so this change is mostly about
just avoiding confusion.
2017-04-16 13:14:59 -07:00
Rishi Gupta e14c940ecc decorator: Add human_users_only decorator.
Applies it to presence.update_active_status_backend as an example of usage.
2017-04-16 12:51:23 -07:00
Tim Abbott 9400689f86 presence: Remove use of timezone.now(). 2017-04-16 12:32:57 -07:00
hackerkid b2504084ab Replace timezone.now with timezone_now. 2017-04-16 12:28:56 -07:00
hackerkid 55c3d12078 Replace timezone.utc with timezone_utc. 2017-04-16 12:28:56 -07:00
Rishi Gupta b5482d51b1 presence.py: Change bot-related error messages to match each other. 2017-04-14 14:34:17 -07:00
Rishi Gupta bbddbdeb25 presence.py: Enforce bots cannot use update_active_status_backend.
We need to keep the UserActivity table clean now that we're using it to
compute 15day actives in analytics.
2017-04-14 14:34:17 -07:00
hackerkid bf3b2ac673 Include timezone in user_dict fields.
Tweaked by tabbott to avoid adding timezone to bot dicts, since bots
don't need a timezone.
2017-04-14 10:33:55 -07:00
Tim Abbott a417fd3c0b MessageDictTest: Fix nondeterministic query counts.
This fixes an issue with a nondeterministic number of database queries
being used in fetching bulk messages from the database.  The source of
the problem was that we were fetching _all_ messages, not just the 600
that had been created by the test, and thus if the set of streams
present in messages in the test fixtures (which is random) changes,
the number of streams used (and thus number of queries) would change.
2017-04-14 09:55:27 -07:00
Umair Khan 519dcdb750 api_dev_fetch_api_key: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
Umair Khan 80b019629c remote_user_sso: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
Umair Khan 93aa478efb api_fetch_api_key: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."

The only backend which can accept a non-email username is LDAP.
So we check if it is enabled before showing the custom message.
2017-04-13 12:48:13 -07:00
Umair Khan ad2114a7a8 validator.py: Create a validator for login email.
This validator raises JsonableError exception.

Fixes: #2748
2017-04-13 12:48:13 -07:00
Tim Abbott b6da9e86d4 test_templates: Fix ToS/Privacy templates. 2017-04-12 14:40:45 -07:00
K.Kanakhin 4891a8d850 Add default response for `terms` and `privacy` endpoints.
- Add setting for `privacy policy` template defining.
- Configure default templates for `privacy policy` and
  `terms of service` pages.
- Add route for privacy page.
- Remove condition for showing `privacy` and `terms` pages.
- Add `privacy_policy` setting to context processor.
- Add documentaion part for `privacy` and `terms` templates
  configuration.
- Add tests.

Fixes #3686.
2017-04-12 14:09:14 -07:00
Tim Abbott 4d42b910cb tests: Refactor test_events for realm properties.
This removes individual tests for realm properties and replaces them
with a generic do_set_realm_property_test function to test each
property in the Realm.property_types attribute.

Addresses part of #3854.
2017-04-12 13:33:10 -07:00
Sarah bf4d33793f tests: Refactor test_realm to fix code duplication.
This replaces individual tests for realm properties with a generic
do_test_realm_update_api function to test each property in the
Realm.property_types attribute.

Addresses part of #3854.
2017-04-12 13:26:53 -07:00
rahuldeve 60803137f2 uploads: Add authorization check before serving files.
This is a remerge of e985b57259 (after
resolving merge conflicts, updating the tests, adding mypy annotations
etc.), which should now be correct, because we've done the necessary
database migration.

The rebase/remerge work was done by Tim Abbott and Aditya Bansal.

This is an important part of #320.
2017-04-07 16:35:28 -07:00
Umair Khan a45f8b463a app_filters.py: Use Django to load template.
This commit allows us to load template using Django in
render_markdown_path.
2017-04-07 15:52:15 -07:00
Tim Abbott d540b2834d test_events: Fix errors with Python 2. 2017-04-06 19:26:42 -07:00
Tim Abbott 06a814f6d5 actions: Deduplicate backend display_settings code. 2017-04-06 15:33:41 -07:00
Tomasz Kolek 5b17622589 docs: Move integrations.html to integrations/index.html.
Add omiting rule for all of integrations docs in test_templates.
2017-04-05 13:19:58 -07:00
Tim Abbott cfe8871dfc test_audit_log: Put all tests in a single test class.
This simplifies the process for adding new tests here a bit.
2017-04-05 12:53:59 -07:00
Maxim Averin 02900ff54a Switch do_change_bot_owner to use RealmAuditLog.
This requires adding an `acting_user` parameter to the
`do_change_bot_owner` function.
2017-04-05 12:50:55 -07:00
Umair Khan be65125d3d Handle unicode characters in email mirror.
Fixes #2328.
2017-04-05 12:18:41 -07:00
Umair Khan 8e87ba439d github: Go to registration if email is invalid. 2017-04-04 18:03:33 -07:00
Umair Khan 3bac73159a backends: Test authenticate() with kwargs.
Django uses arguments to differentiate between different authenticate
 function so it is important to pass arguments in a predictable manner.
 Keyword args will test the name of the argument as well.
2017-04-04 18:03:33 -07:00
Umair Khan 8c3a0126c1 test_auth_backends.py: Add get_username(). 2017-04-04 18:03:33 -07:00
Umair Khan 24dfc49792 test_users: Change assert_max_length to assert_length. 2017-04-04 17:07:34 -07:00