As part of our effort to change the data model away from each user
having a single API key, we're eliminating the couple requests that
were made from Django to Tornado (as part of a /register or home
request) where we used the user's API key grabbed from the database
for authentication.
Instead, we use the (already existing) internal_notify_view
authentication mechanism, which uses the SHARED_SECRET setting for
security, for these requests, and just fetch the user object using
get_user_profile_by_id directly.
Tweaked by Yago to include the new /api/v1/events/internal endpoint in
the exempt_patterns list in test_helpers, since it's an endpoint we call
through Tornado. Also added a couple missing return type annotations.
This is sort of a temporary fix to bring the state back to how it
was in commit: ef4337edcb. However,
long-term we will need to fix our local echo feature to do merging
of names just like we do on backend.
This is a preparatory refactor for adding
UserProfile.can_subscribe_other_users.
Although there existed a test for limiting users from creating
streams at `test_subs.test_user_settings_for_adding_streams`,
it did not test the logic inside can_add_streams, tests have
been added to solve that issue.
This package is important in order to avoid scary-looking errors
whenever we upgrade the dependencies in thumbor.txt (where
virtualenv-clone isn't installed in the venv, and then gets installed
by the code we just added a TODO comment to.
We don't need to get sorted streams in the "source"
function for typeahead, since we sort them later,
and we don't need to recalculate values.
This preserves the behavior that we include
unsubscribed streams in the typeahead, which is
probably intentional.
This pulls the essential bucketing/sorting logic out
of filter_table().
The diff isn't quite as clean as I'd like, but some
of the code that got added back to filter_table() can be
eliminated in the future. Basically, all the stuff
related to hidden ids can just be zapped if we go
to an approach of just re-building the DOM cleanly
whenever our filters change.
We replace two calls to stream_matches_query() with
a single call to triage_stream(), which prevents us
from doing the same is-subscribed checks twice.
We probably should have done this a while ago, even
though these functions are pretty tiny. The goal here
is to make it easier to have more consistent search
semantics.
Our first use case is subs.js. In this case we
are able to decouple a bit of generic string
matching from the subs-specific code.
We move some data code from subs.js to stream_data.js.
It's not clear we have been using the optimal sort for
dealing with locales, but this change preserves the
current behavior. The only subtle change here is that
we look up subs using a Dict now instead of a plain
JS object.
Bunch of bug fixes.
* Allow non-ascii chars in namedtuple fields (regression
introduced fixing ticket #211).
* Fixed adaptation of arrays of arrays of nulls (ticket #325).
* Fixed building on Solaris 11 and derivatives such as
SmartOS and illumos (ticket #677).
* Maybe fixed building on MSYS2 (as reported in ticket #658).
* Allow string subclasses in connection and other places (ticket #679).
* Don’t raise an exception closing an unused named cursor (ticket #716).
* Wheel package compiled against PostgreSQL 10.4 libpq and OpenSSL 1.0.2o.
Some minor changes.
* Clean up handling for description file - pull in content
from this file into setup()
* Allows the nightly build to fail
* Add Trove version classifiers to make it explicit what
is supported
* Add python_requires to help pip
* Drop support for EOL Python 2.6 and 3.3